Yahoo! has lost the plotHere's the reply to that new report.
Thank you for writing to Yahoo! Mail.
Mass distribution of unsolicited email messages, or "spamming", violates the Yahoo! Terms of Service (TOS).
After investigation, we have determined that this email message did not originate from the Yahoo! Mail system. It appears that the sender of this message forged the header information to give the impression that it came from the Yahoo! Mail system.
We take the operation of Yahoo! Mail very seriously. Unfortunately, there is no control over messages sent through other email systems and it's not possible to preempt the misuse of the Yahoo! name in forged headers. While Yahoo! cannot technically prevent its domain from being forged in the headers of an email message, actions have been taken against companies in an effort to prevent further forgery of the Yahoo! brand and to seek damages as appropriate. Individuals are strongly discouraged from forging the Yahoo! domain in the future and appropriate action will be taken as necessary.
If this looks familiar, it should. It is identical to the original response, so it is clear that reporting clear cut cases of abuse to Yahoo!'s abuse desk is simply a waste of time.
I am also fairly sure that I understand the flaw in Yahoo!'s security model that is letting these things in, but I will refrain from posting details here. We don't want copycats.
Trawling through the spam archive here we find, at the last count though the number is still increasing, 92 of these same Canadian Pharmacy spams, all with very similar characteristics.
The first was dated 6th February this year, with the very latest samples today. All but 4 of them were routed via Yahoo! in precisely the same way as described in my earlier piece.
The other 4 game from Gmail.
In addition to the obvious difference in quantity, with Yahoo!'s count outnumbering Gmail's count by a factor of 22 and climbing, one other characteristic of the Gmail variants is interesting.
The Gmail spams all originated within a 3 hour window on the same day, 28th February. We (and doubtless others) reported them. There was no auto-response, no ill considered follow-up from an underqualified helpdesk operator. The spam. Just. Stopped.
There has been no recurrence and I expect none.
For me, that is a striking contrast. It is clear that Google knows how to run a clean email system and Yahoo! does not, having forgotten (if it ever really knew) some very basic principles.
Category: Spam miscellany
Technorati: canadian+pharmacy GMail Spam Yahoo
1. Turtle19/03/2008 22:40:49
Homepage: http://www.weightlessdog.com/shell.nsf
Yep, that's how they roll. "Our rules say nobody is allowed to spam, therefore, the spam cannot have come from a Yahoo account. And our highly-paid experts have already looked at the headers, but since of course our rules say no one can spam from Yahoo, the experts concluded that somebody had to have forged the headers. So, go pound salt."
2. Ben Rose20/03/2008 14:13:37
Homepage: http://www.jaffacake.net
Not seeing them here, time for a proprietary spam filter? 
3. Chris Linfoot20/03/2008 14:36:46
We're only seeing them because we have decided to collect them as evidence. They're easy to block, actually. We just silently remove them from the delivery queue before the router delivers them and squirrel them away for later analysis.
Proprietary spam filter?
I'm thinking Lotus Trojan or whatever it's called.
4. Dave Harris26/03/2008 06:01:03
Homepage: http://www.wavysworld.com
We've had a number of these as well, to a shared address, again, all from Yahoo except one on 28/02 from gmail.
Enough now, if it contains the phhrase Canadian Pharmacy in the From header, they just don't get accepted at SMTP handshake.
Unable to post a comment? Please read this for a possible explanation...
- 
