Forgot your password?
typodupeerror
Spam

The Lone Guns Against Spam 243

Posted by timothy
from the spammer-should-be-cooked-in-the-can dept.
crotherm points to a piece in today's L.A. Times, writing: "This would a great article to pass along to those less knowledgable about SPAM and those that fight against it." It's also a bit frightening to see what happens to people on the wrong side of the spam battle sometimes, though denials of service are attributed to both spammers and de-spammers, each by the other.
This discussion has been archived. No new comments can be posted.

The Lone Guns Against Spam

Comments Filter:
  • by Anonymous Coward
    Just use postmaster@theyredomain.com or summat or president@whitehouse.gov Let them spam themselves or the prez. :D Works for me
  • by Anonymous Coward
    I have recently become a bit "obsessed" with spam after signing up for the RBL (http://www.mail-abuse.org/rbl) and I have to say I'm becoming a bit cynical regarding it's origin. I have come up with an alternate theory about most, not all spam, please read/flame on:

    Has anybody considered the notion that most spam isn't really selling *anything*, but is sent purely for the purpose of annoying people?? Given the apparent joy that some people get from first-posting, goatse.cx links, etc. on forums such as this one, it isn't too big of a leap to think that people might get some twisted enjoyment out of finding open relays and trying to crash them by sending millions of emails through them.

    I think this view of spam goes a long way toward explaining the article on Salon.com (don't have the link, sorry) where the author tried to contact some of the so-called proprietors listed in the spams she recieved and came up dry each and every time.

    Not that I'm saying the Internet is not flush with scam artists, MLM schemes and companies that "just don't get it"; I just think that the volume of spam can't possibly reflect the number of, ahem, businesses out there sending this stuff..

    Ah well, what do I know anyways?? I'm just another AC..
  • I use a script found at Freshmeat [freshmeat.net], ricochet, to generate abuse reports to the spammers ISP, netblock provider, and other upstream relays listed in headers. This is hotkeyed to 'S' in mutt, making disposal trivial.

    Seperately, I report all relay/origin IPs to the ORBS open relay list. There is an email submission system for such use, I've got a command line utility to report a list of IPs, and a shell script to extract them (need to integrate this a bit more closely, gotta round tuit?).

    The combined tools take a few seconds a day to report messages -- most of which are filtered to a spam folder via procmail rules.

    I only get a few spam messages per day despite wide Usenet, mailing list, and website distribution of my email address -- and all of them are reported. OK, so my Slashdot email's obscured, that's one of the few.

    What part of "Gestalt" don't you understand?

  • Older versions of Exchange relayed by default. E2K doesn't, and I don't think 5.5 did either.

    Clueless lusers [xtra.co.nz] don't help; the ISP referred to brags about running open relays as a service to customers so they don't have to worry about changing their SMTP settings on their mail programs if they travel overseas.

  • Salon once did an article where they tried to get through to spamvertised vendors to buy from them and see if they were otherwise honest.

    If I remember correctly, they could not find _one_ good or service that was reachable and purchasable. This suggests nobody makes money off it simply because there's no valid contact information...

  • by mackga (990)
    b-j king is a fucking slut-bucket. holly in her own perssona is lovely. liz claman has dropped in the ratings lately. she could go waaaay up if she'd answer my email asking for a date, tho.
  • You know what... I've been doing that for the last 6-9 months... and I'm signing up for lots of stuff using this method. But I have not yet received any spam. Zero. So I wonder where spammers get their addresses from. Most likely there are a couple of lists that everyone buys, modifies to their liking and then resells. Every once in a while AOL member lists get crawled for fresh meat, and that seems to be it.
  • Or maybe someone just downloaded the zone file, scanned for new domains and run a batch whois?
  • I think it was invented by Lars Wirzenius: have your procmail script generate an automatic reply to everyone who sends you email and who is not on your "known-contacts" list. The email instructs them to resend the email, with a modified subject line. This weeds out all bots. The humans who get through are automatically added to the known-contacts list, unless you block them permanently.

    The despam script [www.laas.fr] is an embodiment of that idea. Is that script still available somewhere?

    --

  • I do the same thing, but I didn't need a perl filter, I just set up some rules in procmail to catch the mail not addressed to me just before I dump it in my inbox. Before this rule, of course, are rules handling the mailing lists I belong to, since they aren't addressed to me either.
  • I harvest potential contacts ...

    I may have you blocked already! What did you say your name is?
  • As a test, I open a new Hotmail account about once every 6 months -- the last one I opened on Feb. 22nd, and by the 24th, it was receiving spam.

    I just open the account, send a quick test message to it from a Yahoo mail account (to verify that it works), then wait. I make sure to say "NO" to all the "offers" and such that MS wants to shove down your throat when you sign up.

    So - conceivably, the address shouldn't receive any mail at all. I don't give the address out -- I don't use the address for anything, and I haven't given MS permission to spam the address by agreeing to their "special offers" during signup.

    In 2 days, I was receiving 10-15 spam a day. It's up to about 50 a day now (that's where it seems to plateau for hotmail). There's either a backdoor, MS is selling hotmail addresses to spammers, or both.
  • Interestingly enough this service isn't available in North Carolina. Since you're charged per call (or at least that's how it was when it started) and the phone company had no way of proving the # of calls it blocked out, they deemed it illegal to sell such a service because they could conceivably charge customers an arbitrary amount of money per month.
  • Some people here have claimed that spam is a legitimate means of reaching potential customers. If that is the case then why do virtually all spammers rely on open mail relays and essentially anonymous throw away hotmail or yahoo email accounts?

    If you claim that spam doesn't cost anything, then why aren't you paying for the bandwidth usage yourself?

    A couple months ago my ISP unleashed a huge new mail server cluster (biggest mail server cluster I've ever seen, with vast amounts of disk space and processing power). Within just a couple weeks the system ground almost to a halt under the load of a massive spam campaign. That constituted a DoS attack by any definition. If the spam campaign was big enough to take down that monster server farm, then who knows how many smaller mail systems go down daily as a result of similar attacks.

    To those who argue that spam is legitimate and doesn't cost anything, try using your own servers and valid email addresses. Maybe then your claims will have some weight.

    noah

  • by Eponymous Coward (6097) on Monday April 16, 2001 @10:45AM (#287895)
    If you claim anything more that a buck or two, you are full of bulshit
    If you use a wireless service to check/send mail, then the expense of spam can add up quickly. It's like a collect call that you cannot refuse.
  • If you have an account on a mail server which runs qmail, in fact, you can easily set up aliases for yourself which begin with your username. So if your name is foobar, you can create an alias for yourself called foobar-slashdot (no help from root required).
  • by GypC (7592)

    What are you a spammer? I think it's great that someone takes the time to report abuse like that. I never need to since my ISP seems to have great spam filtering... but I would if it became annoying enough.

    Of course, you don't remember the net before the marketeers and their flocks of slop-sucking sheep came, so to you it must seem perfectly natural.

  • by GypC (7592)

    You sure put a lot of effort into rationalizing your apathy. ;^)

  • If I created an account for my 11 year old son (if I had one) and then let it be spammed, what child laws would spammers possibly be breaking?
  • That's Canadian, not French.

    We do have spam even though it's illegal in France. I do nail every Franch spammer I find with complaints to the "freedom and computing" agency (CNIL [www.cnil.fr]) which is in charge of this kind of thing.

    Unfortunately most of the spam I (and most people in France I suppose) get is from the US. Makes it hard to retaliate against the senders.

  • You seem relatively "open" about your spamming practices, so perhaps you could answer some questions about spamming practices that I've been curious about:

    I do not buy e-mail addresses from so called "online marketing organizations".

    I'm curious here - is this because you think what they do is wrong, or just because it's cheaper to dredge the email addresses up yourself?

    On a more technical note, I'd be interested to know if you do your mail harvesting "by hand" or do you have some sort of automated process that does it? If so, how does IT work (i.e. does it just record every string with a @ in it, or does it do some kind of parsing?)

    I am well within my legal right in doing so

    "Legal" and "decent" aren't always the same thing.

    To analogize (it that a real word? :-) ) with telemarketing - I'm "well within my legal right" if I call your house every half hour every day until you demand that I stop...and then to note down your phone number and the time(s) of day that you answered (And how many times you answered before you told me not to call any more), and add that info to a database to sell to a collection of other telemarketers down the line.

    Further, I think I'd be "well within my legal right" if I set up 5 different marketing corporations and have them ALL do the same thing. (Corporation A has been told to stop calling, so they stop. Then Corporation B calls selling something else until told to stop. Then Corporation C...etc., so long as they are all independent "legal entities".)

    I believe I could even legally do something like this at your home - stand out on the public sidewalk in front of your house and provide my "services" to you by informing you of Amazing Offers(tm) with a bullhorn until you tell me to quit it...at which point I can note down what hours you seem to have been available to hear my "services" and how long I was able to continue before you told me to stop...and then sell your address with that info to the next guy that wants to try it. (Hey, you made your address publicly available by having the number printed on the house where it can be seen from public areas, right?)

    I have no personal problem with "opted-out-by-default" email marketing (e.g. "sign up for our newsletter" and such), it's your "opted in whether you like it or not until you verify your email address by 'opting out'" method that really bugs me.

    [...]you have chosen to make your e-mail address publicly available.

    And I notice that you haven't. Don't you Like getting spammed? Incidentally, If someone's email address said "soandso@somewhere.com <No unsolicited ads, please!>", would you honor it, or just go ahead and spam anyway? (Regardless of your personal answer, though, I'd be willing to bet pretty much every spammer would just through the address on their lists anyway...)

    I'd also be curious to know what kind of ISP(s) you sign up for - it seems like most of them have usage policies against spamming. I don't know about you or your spamming practices, but nearly every article of spam that I get comes from somebody flagrantly disregarding those rules, and is just hopping from ISP to ISP as they get cancelled. In those cases, I don't see that bulk emailers ARE "well within their legal right", since they supposedly agreed not to do it when signing up with those ISP's. How do you feel about THAT kind of practice?

    And now, the obvious question: You say "I always include an option to unsubscribe.". You are aware that it is commonly held that these "unsubscribe" addresses are primarily used to verify the email addresses to be either unscrupulously re-used anyway or slighly-less-unscrupulously sold on to the next spammer, arent' you? Do you do this, and how do you feel about the practice?

    One final question - do you know (either personally or by having regular dealings with them professionally) other spammers, and if so, how do their practices compare with yours?


    ---
  • by Dr.Dubious DDQ (11968) on Monday April 16, 2001 @10:32AM (#287902) Homepage
    Do you offer recipients a way to get their name off your list?

    Of course, you just send a reply to "takemeoffyourlist@somewhereorother.com" with the subject "This is a real email address that gets read so stop sending me email but go ahead and sell this address to the NEXT guy in line as a 'verified' email adress to spam to"....

    (It's commonly known that many [most?] of those reply addresses are for exactly that purpose...so even if you don't get more email from that source, you tend to get lots more from brand new sources who bought the "verified email list" from the guy you replied to...)


    ---
  • Except that spammers will try random letter sequences. (I knew I shouldn't have chosen a three letter username with my ISP.) Your best bet might somethingreallylongandconvoluted@whereveryou.are.
  • From the article:

    Someone sent a subscription for a pornography magazine to his 82-year-old grandmother...It's not as if he doesn't relish the fight. "I describe myself as an adrenaline junkie," says Ritz, 51...

    So if his Grandma's 82 and he's 51, then Grandma must have been 31 when he was born. So Grandma had Mom at age 15, and Mom had Dave at age 15.

    Conclusion: he's a spam-fighter from Kentucky :)

  • Here's something useful if you have your own domain with unlimited aliases: Put the name of the website as the name of the email. For example: slashdot.org@mydomain.com Filter it in your favorite email reader, and when you are tremendously bored you can go through your trash folder see what websites sold your name to spammers...
    Heh, it gets even better. In the interest of saving namespace on my domain, I use a plussed variant of my address, dmuth+slashdot<at>claws-and-paws.com, when I post here. As it turns out, spammers, being stupid as usual, end up breaking off the address at the plus sign, so now spam comes into slashdot<at>claws-and-paws.com.

    <sigh>I hate spammers...

    --

  • by zCyl (14362) on Monday April 16, 2001 @10:20AM (#287906)
    I think that digital solicitations provide a valuable service to consumers

    Shouldn't consumers get to decide for THEMSELVES what's a valuable service to them? The point of the spam debate isn't over whether your business is legitamite or not, it's over the question of who should initiate a transaction. There are a few companies I choose to receive information from that I have specifically told them to send, but I have no desire to receive information from you or your company.

    Hypothetically, how would you feel if 20 to 30 people rang your doorbell every evening to tell you all about the wonderful widgimigadget they're selling? It's not hard to receive that many spam mails in an evening, even if you've been careful with your email address.
  • Well, if you're sending mail to people who have already bought from you and indicated they want more news and info from you, you aren't a spammer. However, it sounds more like you're sending mail to people who haven't bought anything from you, attempting to convince them to become customers, whether they've asked for you to contact them or not. Which is the definition of a spammer. Note that spamming until they ask you to stop is still spamming, so the 'reply to get off my list' doesn't change things one bit. Especially seeing as the laws usually used to justify that have never been signed into law.

    So, flat-out: do you send mail to people who haven't contacted you first asking for you to send them information and/or news?

  • Now what if every laboratory that hired students in the whole Uni did this. Then the mailboxes really would get clogged up.

    One problem aspect to spam is that it does not scale up. If only 1 million people sent everyone just 1 piece of spam each year, that would still be nearly 2 pieces of spam coming into your mailbox every minute, on average. And don't expect it to be arriving spread out over time like that. This is not something that can ever be universally adopted. Even now it's only a handful of people doing it.

  • Lots of people do have various means they have implemented for themselves to block spam. I do. And I have to do it carefully because I actually get some email announcements from various companies I do business with, and I'm glad to get them, such as the place I've ordered CDs from.

    Some of the strongest methods to block spam is to block relayers. Legitimate mass-mailers don't use relaying. I subscribe to MAPS and my spam load went down quite a lot. New relayers are popping up fast (mostly with pirated obsolete copies of Exchange Server), so I have supplemented MAPS by blocking ALL of China (including Hong Kong) and Korea, and am considering the same for Taiwan and maybe even Japan (will have to make exception for a little bit of legit mail I get from there) as the level of relaying there is rising.

  • One of the more difficult things I continue to think over is the notion of spamming vs. free speech. I definitely want to protect the latter and make sure it is never at risk. And I consider anonymous email to be one aspect of protecting it (as long as there are people wanting to suppress ideas they dislike by threatening people or worse, then anonimity is essential).

    Reconciling this with the digusting muck of the internet is still difficult to do. To me, the content is not what should be relevant. You should be able to say whatever you want to say. Still, I should be free from having to pay for what you want to say, even if you want to say it to me.

    Ideally, a web page is the best way to go for saying what you have to say. But you still have to let people know it's there, somehow.

    I'm designing my own forum site right now, not unlike /. although with a different theme. And I am contemplating the issues of free speech vs spamming and trolling and all that kind of nonsense. The conclusion I have so far (and still subject to change ... and of course people telling me what they think about it) is that the appropriate thing to do is to allow anyone to say what they want to say, but provide a means to categorize what is said. The Usenet analogy would be instead of cancelling articles, to just change the group they are associated with to whatever the article relates to (alt.ads.penis.lengthening or whatever). And it would have to be an advisory addition, not a substitution of what group the original poster posted in. People can then select articles to read based on original, or advised, groups.

    Despite my hatred of spam, I do NOT support any legislation I have seen so far that is against spam. I'd sooner have legislation against backbone ISPs allowing the routing of IP packets arriving on interfaces with sources addresses which if routed as destination addresses would not go to that interface (if any at all). But I wonder if even an IP packet needs to be protected as free speech, including with anonymity.

    OTOH, we shouldn't have any right to expect others to pay for our free speech any more than we should expect others to pay for our beer, as wonderful as that might be (depending on the choice of beer).

  • They probably don't. But people do, so the mechanism should be there. Unfortunately, it would also be easy for spammers to abuse, or if not, the for governments to abuse (e.g. find out who sent the mail because the anonymous relayer has a record of it).

  • Yeah, that'll eliminate spam. It'll also eliminate email from anybody you know that isn't an uber-geek.

    Whoa... I didn't think about that. That's totally cool. That's a great idea. Thanks. Now I'll have to go do that.

  • by Skapare (16644) on Monday April 16, 2001 @10:48AM (#287913) Homepage
    If Usenet is so dead, why is your company still running Usenet servers?
  • From the LA Times article:
    "We don't think e-mail recipients are more sensitive [to unsolicited messages], but there's a very vocal minority who have an objection," said Robert Weintzen, president of the Direct Mail Assn., the industry trade group.

    My response? Oh really now. So you don't think that most people dislike spam, huh? Since you're obviously not in that vocal minority, then you wouldn't mind if I changed my .sig to include every dma.org email address I can find, would you?

    So here's my new .sig:

    --
    These guys love spam [madaboutspam.org]!
    webmaster@the-dma.org [mailto] kebeling@the-dma.org [mailto] echo@the-dma.org [mailto] twalsh@the-dma.org [mailto] lrc@the-dma.org [mailto] chapters@the-dma.org [mailto] customerservice@the-dma.org [mailto] conference@the-dma.org [mailto] consumer@the-dma.org [mailto] councils@the-dma.org [mailto] mmicali@the-dma.org [mailto] dmef@the-dma.org [mailto] Governme@the-dma.org [mailto] hr@the-dma.org [mailto] Internat@the-dma.org [mailto] membership@the-dma.org [mailto] Presiden@the-dma.org [mailto] privacy@the-dma.org [mailto] Sweep@the-dma.org [mailto] kelli@dma.org.uk [mailto] dma@dma.org.uk [mailto] rweintzen@the-dma.org [mailto]
    --

    Now when the bottom feeders troll through Usenet and web pages slurping email addresses, they'll pick these up as well. And if there's any karmic justice left in the universe, they haven't had the foresight to add themselves to their own block lists.

    -B

  • As long as you send from a legitimate address and actually RESPOND to remove requests, keep it up. Good luck, more power to you. But as soon as anyone sends me their marketing stuff from abc981723897@yahoo.com, they go on my shit list. :)

    -Chris
    ...More Powerful than Otto Preminger...
  • Honestly, it depends on the subject of the email and how the body is phrased.

    As a student, I get emails all the time from friends and professors, etc. Emails which start "English department looking for . . .", I summarily delete. Ones in math, physics, complex systems, or computer science I read. So, in a sense, you truly are spamming all those people who have no interests in what you're mailling about.

    On the other hand, maybe if you got the email addresses of all the students within your department, possibly those who have already declared it as their major, then in no way could it be conciderred spam. Just don't turn it into a mailling list. One clean, clear mailling is fine. Mailling any more frequently than absolutely necessary (once per term maybe), turns it into spam.

    In other words, circumstances determine whether the mail you're sending is spam or not. Spam to me might not be spam to you, and vica versa. As long as what you're mailling about is predominantly clear and your sending it to people who have some affiliation to you, your professor's request isn't that farfetched.

    ---
  • by schon (31600) on Monday April 16, 2001 @10:29AM (#287920)
    From the article:

    Spam is one of those features of modern life, like infomercials and telemarketers, for which almost no one has a good word

    It's not a feature, it's a bug. :o)
  • actually, it can be a bit simpler than that... if you use qmail as the mail server for your domain, then everything up to '-' is evaluated as an address for delivery. I routinely give

    from-[NameOfCompany]@[mydomain]

    as my email address when I'm forced to register. all such mail is then delivered to from@[mydomain] by qmail. the advantage here is you aren't creating a million aliases to keep track of; and it is _very_ easy to see who sold my name to whom.

    - mark
  • As an internet businessman, and entrepeneur, I frequently use bulk e-mail as a way of informing my customers about new products and specials. There is nothing immoral or dishonest about this practice, and I am in full compliance with US Congress e-mail regulations.

    Hey, dipshit - I can't help but notice that you don't list a public e-mail address. You're afraid of being inconvenienced by spammers harvesting it off Slashdot?

    ---
    My opinions are mine.

  • I harvest potential contacts from public forums.

    Thanks for the confession, thief.
    /.


  • Its from the university to the same university, right?

    It would appear that the professor, as an employee, is using his "company's" resources. Ask your system admin if its ok or if there is alternatives.

  • I just wrote a Perl proggy that deflected any mail that was not directly addressed to me and installed it as a procmail filter.

    Uhhhh...

    :0

    * !^TO(my_real_username1|my_real_username2)
    * !^From:.*my_real_username
    /dev/null
    Perhaps your script is doing considerably more (it had better, to make it worth writing in perl), but if all you want is to throw out mail that was sent to you via Bcc: (as spammers like to do), then procmail itself will do the work.

    The above recipe, plus a couple of holes to let my trusted friends and colleagues Bcc: stuff to me, has caught over 99% of all my incoming spam for years. Occasionally I get some piece of shit sent to me with To:/Cc:, but that's rare. (And if I could just perfect my ebola variation that only affects marketing majors, it'd be even more rare.)

  • > What about productivity losses for those staff members who don't bill by the hour, but still lose the same productivity? What happens if somebody goes on vacation, their mailbox fills with spam, reaches its storage limits and legitimate mail from clients gets bounced?

    And before anyone suggests filtering...

    ...what if your customers are coming from places you're filtering out? Lots of folks can afford to blackhole much of the Far East due to the influx of spam coming from open relays. If your company does business in .jp, .cn, .tw, however, that's just not gonna fly.

    Filters are a tool - whether they be client-side or at the router - but they're only a tool, and may not be appropriate in all situations.

    And that gets to the real cost. What about the time your admin spends in writing filters and/or maintaining blocklists, rather than keeping up with CERT advisories and his usual sysadminnish tasks?

    Oh, right, none of those costs are borne by the spammers either. So they don't count either, at least in spammer-logik.

  • > A simple campaign of 'just delete' would be much more effective.

    In your earlier post, you said that spam "works" (from the point of view of the spammer) because of the "y" sales out of "x" spams.

    The problem with your logic here is that the people who are likely to realize that things offered by spammers are generally fraudulent - that is, people who will respond to your "just hit delete" campaign - aren't part of the "y" people dumb enough to buy the spamvertised product in the first place. Encouraging people who hate spam to JHD (Just Hit Delete) doesn't threaten a spammer's income stream, because the people who delete it unread aren't gonna buy the product anyways.

    In fact, a campaign whereby spam-reporters were encouraged to JHD would result in more spam, not less, as spammers' accounts would live longer, and send more spam.

    And if spammers' accounts live longer, and more spam gets sent out, and we accept your (logical) assumption that "y people respond for every x spams", then by increasing x, we would tend to increase y. (Up to a limit - after all, spammers' customers have only a finite amount of money to spend on get-rich-quick scams and fake Viagra, and when they've spent all their money on the former, can no longer afford the latter :)

    Thus, a policy of "Just Hit Delete" would not only results in more spam, it would also result in more profit for spammers.

    This is why JHD is not a solution, long-term, to the spam problem. It may be the right solution for you, and you've got every right to JHD if you so desire. It is quicker (at least in the short term), and if your goal is to minimize the amount of time you personally spend dealing with spam, it's workable.

    But if your goal is to reduce the amount of spam overall, then taking the time to report to abuse@ (thereby hitting them in the pocketbook) is the way to go.

    I used to JHD too, by the way. My spamload hit 20 per day around 1997, and then I learned how to read headers. It's now down to one or two a day, and reporting every spam has become quite manageable. A friend in the next cubicle who continued to JHD is now the 50-60 per day range.

  • by Tackhead (54550) on Monday April 16, 2001 @10:34AM (#287936)
    > I've found a rather neat little thing to keep spam from bothering me too much. It's called the Delete key. Trust me, it works.

    I think my "delete" key is broken. It seems to be hooked up to my brain, which views and parses the headers of the spam, and forwards a report to the abuse administrator at the spammer's ISP.

    For most ISPs, the spammer's account is then deleted. I'm sure that's not what you meant to suggest I do, but it seems to work for me.

  • by Tackhead (54550) on Monday April 16, 2001 @10:20AM (#287937)
    >I run a legitimate multi-level internet business,

    This is NOT MLM! This is NOT a scam! It's 100% legal! The guy who spammed me and suckered me into it TOLD ME SO! Really!

    > I think that digital solicitations provide a valuable service to consumers

    If you were subsidizing my email account, you'd be entitled to spam the bejeezus out of it. But you're not. I'm the owner of my server, and I decide what's a valuable service and what's not. Not you. Because it's not yours.

    When you pay for my server - or if I'm in Europe, my per-minute-local-calls, or if I'm in the US and reading it on a cellphone, my cell phone bill, or if I'm an ISP, the bill for the 30% capacity I have to add to /var/mail and /usr/spool/news that's currently taken up by spam - then, and only then, do you have a right to advertise on my hardware.

    > Please, I urge you, give us a break, we're just trying to get by the only way we know how.

    On the very slim chance that you're not a troll:

    If the only way you know how to make a living is by stealing the resources of others, I hope you either (a) learn another way of making a living, or (b) starve to death.

    Theft is not a viable business model. Until you've learned that, please fuck off. Fuck off, stay fucked off, and don't come back until you've finished fucking off.

  • That doesn't always work. I recently got a vanity domain. Soon after that, I started getting e-mail addressed to "MyFirstName@MyLastName.net" before ever sending e-mail out!

    Spammers have tricks where if they seem you use something like (John SMith) jsmith@aol.com, they'll try "jsmith@att.net", "jsmith@earthlink.net", "john@smith.com", etc.

  • UltraBot2K1: why don't you provide an email address in your /. profile?
  • Even some of the free email services have anti-spam options these days.


    I've used pobox.com for more than 5 years. They're a mail forwarding service - my-login-name@pobox.com forwards to whatever account I'm currently using to get my mail (so I can change ISPs, or use a free email account, or whatever.) About $15/year, cheaper if you buy multiple years up front. They've got a spam-handling service that you *could* trust to delete anything exceeding a spam threshhold, but is safer to use by having them mark the Subject: line of suspected spam (it's a 0.0-10.0 scale, and you can set what level gets marked, default >=3.0.) They've gotten pretty accurate. Also, any mail that's addressed directly to my ISP account that isn't from the ISP themselves is almost guaranteed to be spam, so my Eudora filters mark those automatically.

    Brightmail uses the "only accept mail from known addresses" method - if it gets mail from an address it hasn't seen before, it sends confirmation mail back to the sender saying "hi, this is brightmail spam blocker, please confirm that you're a real person". Mildly annoying, once, to real people who send you mail, but since spammers almost never have real return addresses, it almost always blocks them.

  • POP3 is only for retieval of mail residing on the server. It does not send outbound mail,

    Not true. There is an extension to POP3 that allows you to send email. My email client, MR/2 ICE for OS/2 [secant.com], supports it. It's also supported by InetMail for OS/2 [hethmon.com], a POP3 server.
    --
    Lord Nimon

  • Well if they really want to talk they should just call. I have caller ID and always check it. If the number isn't known or listed, they can talk to my machine until I decide if I want to talk to them or not.

    You can avoid pissing off grandma by keeping a white list.

  • by Greyfox (87712) on Monday April 16, 2001 @11:19AM (#287949) Homepage Journal
    It's pretty easy to completely eliminate spam. Simply reject any mail not encrypted to your personal GPG key with a message explaining where to get your key and encryption software that uses it. Make your key obnoxiously long (4096 bits to start out) so that it takes 30 seconds or so to encrypt a message on a P166 and on the page that houses your key require the user to agree to an EULA in which they agree not to redistribute your key or use it to send you unsolicited commercial E-Mail.

    I was kicking around the idea of doing this for a while and lost focus on it but now my spam load is pissing me off to the point where I'm planning on starting it up again. A little java POP client with some Extra Features should be enough to do the trick.

  • I do not buy e-mail addresses from so called "online marketing organizations". I harvest potential contacts from public forums. Mainly chat rooms, usenet posts, and forums like Slashdot and Kuro5hin. I am well within my legal right in doing so, since you have chosen to make your e-mail address publicly available. As I have previously said, I always include an option to unsubscribe.

    How incredibly generous of you! You provide an option to unsubscribe!

    I don't give a flying fsck. You have no right to subscribe me against my will in the first place. I therefore have absolutely no obligation to waste my time reading your spew and figuring out how to unsubscribe from something I didn't subscribe to in the first place.

    Posting my email is not a solicitation for junk mail, and in no way excuses your theft (by chattel) of my resources.

    All talk of "legal rights" and complying with US "law" (actually not law at all, but bills that failed to become law) is total nonsense. You have NO legal right to my mailbox. And if I'm going to have to waste my time dealing with your spew, you can bet using your "unsubscribe" (which you may or may not interpret as "sell the address to all the other sleazebags, it's good!" but certainly most of your peers do) will not be my choice of action. I'll be tracing your crimes and notifying some service providers instead.

    Want to send random people junk mail? Fine, use snailmail. That way you pay for it. Try to steal resources I pay for to facilitate your junkmail? Expect war. Don't whine. What other reaction could you possibly expect from your victims, thief?


    "That old saw about the early bird just goes to show that the worm should have stayed in bed."
  • As an internet businessman, and entrepeneur, I frequently use bulk e-mail as a way of informing my customers about new products and specials. There is nothing immoral or dishonest about this practice, and I am in full compliance with US Congress e-mail regulations.

    Nothing wrong with it as long as everyone on your bulk email list agreed to receive your notices. Somehow I doubt that's what you meant, and anyway you already confessed further down the thread so we know this is not what you are talking about.

    About those 'regulations' - what on earth are you referring to? You mean one or more of the bills that didn't ever make it into law? Those aren't regulations, or laws, or anything except bills that were not made law...

    I think that digital solicitations provide a valuable service to consumers, and have been (unfairly) given a bad reputation. I run a legitimate multi-level internet business, and use bulk mailings as my primary method of solicitation.

    Wow, talk about self-contradiction.

    I would be unable to support my wife and kids if it weren't for the business I gain through e-mail.

    So you're saying you are incapable of feeding your family by legitimate means? Are you looking for sympathy? You're more likely to get spit on, honestly. If you can't support your children without stealing you probably should have worn a rubber, and/or tried to learn some job skills growing up. At any rate, your failure does not obligate me in any way to excuse your theft.

    It is unfair to label all e-mail marketers as criminals just because of a few persons who have no respect for users privacy and bandwidth limitations. Some of us are honest businessmen who are just trying to make a living, and have been branded as low-lifes because of a few rogue SPAMmers.

    Umm and just what is the difference between a legitimate businessman and a lowlife spammer? I'll give you a hint - legitimate businessmen don't go around subscribing strangers to bulk email lists without their permission!


    "That old saw about the early bird just goes to show that the worm should have stayed in bed."
  • I think you'll find the likes of Mr Ritz will leave you alone once you pull your thumb out of your ass and lock down your news servers.

    Really, it's not that difficult to seriously dampen the amount of spam that your server receives and sends just by changing some lines in some configuration file. And think of the bandwidth and diskspace you'll save.

  • I doubt he's using email, more likely he's sending out NNTP cancels. Each of these is a few lines, digitally signed (for authentication) to cancel a spam message. I'd say most news servers would be grateful to receive them.

    Spam is the bane of Usenet. If weren't for people like him Usenet would be totally unusable.

  • ...for at least some websites. One website I run has over 200,000 subscribers. At least once a month we get a rant from some user who uses this method. They go on and on about how we sold their email address to spammers, they're going to sue us, blah blah blah.

    But we simply don't do any such thing. I am the only one with access to that data in bulk.

    I don't know where someone got that address from; maybe sniffing traffic at some intermediate point, or through a client-side security issue in their browser.

    So if you *do* use the alias trick to identify where spam is coming from, keep in mind that it is not fail safe. And if you're going to contact the website in question, try to be reasonably polite and not instantly super-confrontational and threatening, ok?

    Cheers
    -b
  • For me, a simple spam filter did the trick. I just wrote a Perl proggy that deflected any mail that was not directly addressed to me and installed it as a procmail filter. [zap] no more spam.

    I do ocassionally get spam sent directly to my email address and I have had a couple of mailing lists bounced, but it's just a matter of adjusting the block file. (Oh, and no one has threatened my life or stollen my credit card numbers for it either.)

    --

  • Heh -- let me know your domain name so that I can add you to my block list. :^)

    Seriously, though: If you're sending email out to people whom which you have done business with in the past or people that have signed up for your mailings, then I'm OK with it. However, if you "obtain" a list of email addresses from an "online marketing organization" you're clearly in the wrong. I mean, you do realize that most of those addresses are harvested from websites (like /.) and newsgroups and chain letters, right? You really think those people want to receive your junk mail in their inboxes?

    Opt-IN is a far better approach than Opt-OUT.

    --

  • Oh yeah...and here's an example of the block file: block.conf [dnsalias.com]

    --
  • Heh -- nice troll, btw.

    No one gives two shits about the option to unsubscribe. Usually, it's a hijacked account (of someone you hate), or a URL to a pr0n site.

    --

  • by don_carnage (145494) on Monday April 16, 2001 @10:31AM (#287983) Homepage
    Stupid gay lameness filter.

    You're just going to have to go here: spamfilter.txt [dnsalias.com]

    --

  • From the nowhere.com [nowhere.com] front page:

    NOWHERE.COM takes all available measures to ensure that no spam originates from this host, or passes through it.

    Specifically, we use postfix [postfix.org] which will both refuse to relay email, as well as block based on information from the RBL [mail-abuse.org] The only valid hosts within the NOWHERE.COM domain are 'mx','ns1', and 'ns2'. Any other hosts claiming to be from within the NOWHERE.COM domain are forgeries.

    We assure you, any spam/scam/bulk mail claiming to come from the NOWHERE.COM domain has been forged. Feel free to send a copy of the email you recieved to abuse@nowhere.com [mailto], minus threats of legal action, violence and/or death. It is actively being looked into.

    Thank you.

    p.s. NOWHERE.COM gets about between 5000 and 80000 pieces of email per day, which mostly comprise of bounces, threats and complaints about spamming. We have very limited resources with regard to time, cpu cycles and bandwidth. Please be gentle.

    People should really enter x@x.x or something when e-mail addresses are required.

  • I would like to inform you of an increasing problem with our society lately... it is called SPAM [latimes.com].

    ...
    yadda yadda yadda... more text and hyperlinks...
    even a link to "Remove you from our mailing list" (which actually just adds you to 3 other newsletters/mailing lists that you don't want)...
    ...

    Thank you for your time.
    PS. If you don't send this to 30 people within the next 5 minutes, you will have bad luck for the rest of your life.
  • This is what I send back if some idiot sends one of those to me. http://www.kith.org/logos/things/chain.html
  • I've gotten more spam than I can count from supposed headhunters who "saw your resume posted on the internet".

    Well you could waste their resources too:
    call'em and arrange a meeting (IRL) week or two ahead and
    cancel it day before. Repeat.

    --

  • Dunno if this is a legitimate question, or not, but it at least deserves a little clarification.

    POP3 is only for retieval of mail residing on the server. It does not send outbound mail, therefore you would not be at risk of having your machine abused by spammers for such stuff. However, it's always a good idea to close any ports you don't actually use.

    SMTP is what you need to worry about. If your SMTP service is running from the default system setup, it is much more likely that you are open for abuse.

    &nbsp&nbsp-Tommy

  • by FortKnox (169099) on Monday April 16, 2001 @10:10AM (#287996) Homepage Journal
    Here's something useful if you have your own domain with unlimited aliases:
    Put the name of the website as the name of the email. For example:
    slashdot.org@mydomain.com
    Filter it in your favorite email reader, and when you are tremendously bored you can go through your trash folder see what websites sold your name to spammers...
  • by lamasquerade (172547) on Monday April 16, 2001 @10:22AM (#288001)
    Ritz, a frequenter of Usenet groups where erotic images were traded as digital files, took the deluge of porn spam personally. "My enjoyment was being interfered with," he says. "The spam got out of hand and I felt I had to take action."

    An ordinary man. They took his porn. Now he wants revenge.

  • Legend has it that it is actually an acronym: SPAM = SPiced hAM. Of course, the official line from Hormel is that it's just a made-up word.

    In fact, Hormel has this to say about spelling "SPAM" in all caps:

    We do not object to use of this slang term to describe UCE [unsolicited commercial email], although we do object to the use of our product image in association with that term. Also, if the term is to be used, it should be used in all lower-case letters to distinguish it from our trademark SPAM, which should be used with all uppercase letters.

    You can read their full statement at http://www.spam.com/ci/ci_in.htm [spam.com].

    jehuni

  • Just so you know, you might not want to use nobody@nowhere.com, noone@noone.com, or anything close to the aforementioned address, because sometimes I get creative.

    The proper solution is to either use the domains 'example.com/net/org' (which are guaranteed never to exist) or the pseudoTLD '.invalid' (which is also guaranteed never to exist).

  • Unfortunately more than a couple of sites that offer you something for your email address will not accept addresses in the form bwientze-companytag@the-dma.org

    With postfix, the delimeter is configurable (the default is +). Assuming you don't have any email addresses with period in them, you could hypothetically use that as your delimeter. Since so many legitimate addresses use periods, it's less likely that they'll strip them.

  • We've heard nothing but complaint about the spammers, but there may be a rather elegant way of getting back at the people who flood our e-mail boxen with inane drivel.

    Instead of going after the spammers, go after the guys who pay the spammers to hawk their products.

    If Spam is going to be constituted as a menace to the stability of the internet, the judicial system should acknowledges the inherent inability of investigators to determine the identity of all spammers, and instead find culpable for damages the people who commission spammers to do their advertizing for them.

    Remember, spammers do not exist in a vacuum. It is a rare spammer who hawks their own services. The person who is selling something, and the spammers who are selling stuff themselves, must have some way of separating a user from his money. Thus, they must have some sort of contact point to send money to. There has to be a warm body somewhere along the line who collects the poor sods' money. And if there's a convoluted way of getting money to them, then the Feds of any number of countries will smell 'money laundering' or 'tax evasion' and start salivating like Pavlov's tax inspector.

    This will ensure that companies will be very cautious as to who they commission to do their advertizing for them, and will specify that they do not want their product advertized for via unsolicited, bulk, server-crashing, net-clogging, router-crushing, POP3-hijacking, bloody well annoying mass mailing. And spammers will suddenly find their work drying up, and nobody will want to advertize in that manner.

    That.. or I'd like to know why this isn't possible. =)


    --- Chief Technician, Helpdesk at the End of the World

  • I don't have a complaint with UCE/spam when they really do honour unsubscribe requests or have legitimate headers that allow me to contact the people and have my details removed.

    I really hate forged headers as it takes time to cross-reference and check the real routing details. And if you can easily get make a spelling error, the spam sites use close approximations of well know sites.

    And that is what really pisses me off about Puls. Forged headers and bogus unsubscribe details. I think people like him are a bane to society. They chew up bandwith with rubbish I don't want to see and there is no way to get off thier list. If I want to by something I'll do a search for it and I make sure not to use companies that use spam to spread their message.

    Using a private and public email addresses only works until your private one is accidentally made public. It happens all the time. So I now fight to try and keep my private one clean of spam. The many good sites have removed me.

    Obviously I still get crap from Puls. His treatment of people make me wish he has a long, slow degenerative illness resulting in his demise. With my luck he'll live to 1024.

    djve
  • by egjertse (197141) <.slashdot. .at. .futt.org.> on Monday April 16, 2001 @12:31PM (#288018) Homepage
    I see that most people here favour the "filter and forget" method of dealing with SPAM. I have had far more luck with the more aggressive method of consistently reporting SPAM to spammer ISPs, and in some cases upstream service/access providers.

    On many occations, I've successfully had spammer accounts (dialup, web, email) nuked. SPAM is a violation of most ISPs AUP, and even though you may never hear anything about your complaint, they usually investigate it. The replies I do get from ISPs I notify, are almost always positive (and no, they're not all form-letters).

    You may think it's no big deal for a spammer to lose his/her ISP account - getting a new dialup account is no sweat at all right? Well, it is, when you have to do it every fscking time you send a SPAM letter... And after a while, the spammers become as pissed at you as you are at them!

    Now here's the beauty of it - spammers do not only share mailing lists, they also maintain black lists - lists of annoying people whom not to spam if you want to keep your ISP account. Consistently report SPAM, and you'll eventually make it to one of those lists.

    I have no way to verify it, but I think I've made it onto one of those lists. Despite being a frequent poster on usenet, and not being too careful with my email address, I have not had one piece of spam for half a year.

  • by Peter Dyck (201979) on Monday April 16, 2001 @10:16AM (#288024)
    As the one responsible for hiring new students into our laboratory, I was asked by my professor to get a list of student's e-mail addresses and start mass mailing them with information about our laboratory and available jobs.

    To me this sounded a lot like spamming and I refused to do it. The professor didn't agree with my opinion, but since he saw that it was a question of principle to me he let it go -- for the moment at least.

    It's unbelievably hard to convince people who don't have their e-mail box clogged by spam (he's got a secretary who goes through the mail first) that spam is a real problem.

  • I filter all mail as trash except those I regularly write to. I must also have my name in the To:. My sig line states such. They either have to ask a freind to foreward something back to me to get added, or write me via snail mail. If abused, it gets removed. I don't receive unsolisited mail. Reply mail goes to a to be checked folder, so product registrations can arrive. It only gets checked if I am expecting something. Otherwise it gets flushed.
  • I frequently use bulk e-mail as a way of informing my customers If you have acquired the list of email addresses by your customers volunteering them, then more power to you, particularly when you honor their requests to take them from your server list.

    I think that digital solicitations provide a valuable service to consumers... In your own humble opinion. In my humble opinion they suck suck suck! I get 30 a day, minimum, some are so vile they pop up other windows. I've switched my reader to plain text.

    It is unfair to label all e-mail marketers as criminals But it is fair to label most of them as unethical scumbags, thieves even.

    While I'm sure that a few Linux users are career criminals, the vast majority of Linux users are law-abiding citizens One could make the same assertions about people who drink Coca-Cola, wear Levi's jeans, drive Honda Accords, write left-handed, live in Arizona, etc. This has no validity in the context of placing unsolicited email in my mail box. I may return from a 5 day trip and find my email capacity was exceded by spam and wanted email from friends and family was denied.

    Please, I urge you, give us a break, we're just trying to get by the only way we know how. So learn another way to make a living, you've been given the most able brain of all God's creatures, use it!

    --

  • That's great. They can waste their time in a totally futile effort. I'm glad they have a hobby. I'm a big fan of the 'delete' button though. Why? Spam works because out of every x number of mails that go out, y will result in sales. If everybody just nuked their spam, there'd be no financial incentive for spammers to spam any more. As always, hit 'em in the pocketbook. That's where it hurts the most.

  • But this isn't something that the ordinary citizen can do to fight it. This system that you describe would have to rely on an army of zealots who did nothing but attack spammers. If you can work 10 hours a day to fight spam, and maybe get, I dunno, a few thousand other people to do the same, yeah, maybe you can stop spam. More power to you. But that's not realistic. A simple campaign of 'just delete' would be much more effective. On top of that, by attacking the ISP or the accounts, are you helping anything, or are you just tying up more bandwidth in this fight, which would continue, because spammers haven't lost their incentive to spam. As long as money can be made, they'll try. The easiest thing to do is to take away their ability to make money. "Just Press Delete!"

  • It's not so much apathy, as it is realism. There are millions of spammers out there, sending probably billions a day. Some of them make a lot of money doing this. It's very, very unlikely that you'll be able to stamp this out, any more than you can stamp out ANYthing else online (child porn, MP3 trading, warez, etc.). It's like trying to plug a dam with your finger. Plug one leak, and another one opens.

  • Due to the complexities involved with international law, legislation on this issue can never really be effective. I believe the best way to deal with the problem to be at the level of the individual. People should proactively adopt a method to protect themselves from spam. Telemarketers have been with us for a while. People in my neighborhood deal with calls by subscribing to a service with the phone company to only let phone calls through that are identifiable (caller ID works).

    For those calls that don't have an ID, a recorded message informs telemarketers to remove the number from their list, and then the system asks for the person to give his name. The system informs the resident being called what that name is, and then the receiver can decide whether or not to take the call. It can be a little annoying for those who are calling from a number that can't be identified, but by and large, it is effective.

    I see a market for Email providers that automatically blocks spam. I would be willing to pay $5 a month to have an Email account that is largely spam-free. Or, I would be willing to pay an ISP $5 a month that provided spam-free Email service. The revenues that the subscribers pay would help maintain the software that would effectively block the spam (this includes paying for ongoing research to defend against the eventual loopholes that spammers will find in any such system).

    People will pay for effective virus protection. People keep paying for updates as virus writers find ways around the virus protection software. If spam is as annoying as everyone says it is, why aren't they paying up for services such as these?
  • I certainly haven't.

    What do I look like, a delivery boy?

    Only a trained monkey would work in a job where he was 'on call.'

    Must suck to be you.

    No, professionals work in jobs where they are on call. For instance, doctors almost always are "on call." If what you do is so unimportant, or your skills are so common that any number of other people could do your job, then I guess you don't need to be on call. I program firmware for satellites. If one of the satellites has an anomaly on orbit, then hell yes, I will be called.
  • by fmaxwell (249001) on Monday April 16, 2001 @10:45AM (#288050) Homepage Journal
    So, does the "Delete key" also reduce your ISP bills -- which are higher as a result of spam? Does it prevent small businesses from being inundated with complaints when some spammer uses their domain as his fake from: address?

    I have a friend who had a support address for his clients. If they put "URGENT" into the subject, his pager went off. It went off at about 3:00AM because of some spammer's "URGENT" message. Would your delete key have prevented that?

    Get a clue. Spam is a problem that needs to be eliminated, not just ignored.

  • by ImaLamer (260199) <`john.lamar' `at' `gmail.com'> on Monday April 16, 2001 @10:28AM (#288054) Homepage Journal
    If the guy wants to take things into his own hands that is all good, but the guy sounds like a pest.

    He's kinda like copyright.net's system of asking sysops to block access to users and what not. These sites, MSN and Yahoo (excite and so on..._ are the ones to blame, but I doubt they are going to start watching their e-mail servers closer.

    These services, MSN (or hotmail) for example is horrible for keeping people from abusing it's system. One reason I suspect is that MSN makes money from every visit a spammer may make to send their messages; that is of course if the user is visiting the site to do it and not just using open ports in pop servers. Why would they start working to block visiters?

    Plus these free sites have so many 'customers' that I doubt they even have time to block this stuff. I doubt people even use the same username twice. Chances are they don't care about the abuse because once the message is passed on, they aren't affected. (unless you get a lot of responses or bounced e-mails - disk space could fill up)

    If users are abusing the systems by using open ports or what not - what chance do I have that a spammer would use my computer to spam out a message? I've noticed after installing Suse, Caldera and Mandrake (maybe Redhat too, it only stayed on for about an hour) that a pop3 server was started with the default system setup.

    I, being a good linux user, noticed that I didn't know about the security of it and turned it off until I learned more.

    Should I worry?

    ---if these sysops knew anything would they work for msn?---

  • For the rest of us, there's sneakemail [sneakemail.com]...

    --

  • Some sites are actually TOO good at blocking. DSM.org [dsm.org] notes on the front page of their site that their mailing list (which you have to request to have sent to you) gets bounced by AOL for being 'spam'. Apparently AOL doesn't follow normal email conventions and rules in an attempt to 'help' the average retard Joe Schmoe that just got on the 'net.
  • Yeah, I saw that article, too, but I refrained from quoting,since it's not my style, and I think that although it definitely costs a lot of money, I sure as hell wouldn't want to try to put a price tag on it. I think the results of any poll like that are highly subjective, but it provides backup for my case, so I'll take it. Thanks.
  • by Hormonal (304038) on Monday April 16, 2001 @10:45AM (#288070) Homepage
    I see a lot of people here defending spam, which is fine. You have a right to your opinion, no matter how wrong it is. Unfortunately, most people are looking at this from a somewhat U.S.-centric point of view, which allows them to overlook the real cost of spam.

    First of all, it's an annoyance. I have to set up filters to get rid of what I can, delete what gets through the filters, and wait for it to d/l from the server (this would be a bigger deal if I was on a modem, rather than cable.) I go to great pains to make sure I get very little spam in my main inbox, by putting noone@nowhere.com in every damn e-mail box I fill out on the internet, unless I really trust the vendor. Friends and family get a second, not-so-important e-mail account to send to, and they get my real address after they show me they're not imbeciles. I shouldn't have to screen people like this, but I do, just to avoid spam.

    Secondly, the main reason spammers get put in jail or otherwise reprimanded is because they send out such huge amounts of spam, they crash someone's server, and that someone gets pissed. Even though my cable modem is $50/month regardless of how much spam I get, spam costs someone money, in terms of downtime and misused resources.

    Finally, I know that some people pay for their internet connections based on the amount of data transferred (this is for regular consumers, too, in some countries), and if I got charged a flat rate per byte (kilobyte, whatever), I'd be really pissed if every time I checked my mail, I got spam in addition to my real mail. A lot of newbies are probably getting these kind of accounts, and are ending up paying double or triple what they would pay if their inboxes were spam-free.

    Spam has real costs, which can be expressed in terms of real dollars, not just in terms of wasted time. It's unfortunate that spammers can send for free. If they had to pay for postage out of their pocket, I think we'd see a lot less of it. I am all for getting spammers to quit.

  • legitimate multilevel marketing? It is interesting to note that while you are all in favor of spam, (legalized spam of course), you provide no email address for us to forward ours to. I personally return all spam to sender, and try to make sure their inbox has plenty of copies of my "remove notice". while [ 1 ];do mail -s "remove Anonymous_Admin@blah.net from your list" spammer@spam.org ;done
  • A common misconception is that the anti-spam camp abuses the spammers right back.

    While I can't say that never happens, more frequently it's showing the ISP the spam, and the section of THEIR OWN Acceptable Use Policy that's been violated, and asking them to remove the spammer's account.

    Or simply denying them service (hosts.deny, anyone?).

    Or educating the admins of open relays on how to secure them. If half of the open relays get secured, then the spam load on the remaining half doubles. It's self-punishing to be a moron.

  • by banuaba (308937) <drborkNO@SPAMhotmail.com> on Monday April 16, 2001 @10:14AM (#288080)
    Under crotherm's advice, "This would a great article to pass along to those less knowledgable about SPAM and those that fight against it", I have 'passed' this article along to every distribution list at my place of employment, most of the newsgroups on Usenet, and I modified an IRC bot to post the URL in all of the channels on EfNet, DALNet and Openprojects.

    Thanks for your help and support in the fight against spam.


    Brant
  • by superflex (318432) on Monday April 16, 2001 @10:24AM (#288088) Homepage
    frankly i don't care if you run a legitimate business. i still don't want unsolicited email in my inbox. if i am already a customer of yours, then fine. i'm obviously already interested in your product. but, when i send my mother flowers on mother's day, it really pisses me off when within a week i'm getting spam for swedish penis enlargers, 0% mastercards, and "fabulous business opportunities". if i was interested in any of these things, i could find them on the net myself. i don't want you and 5 million other assholes sending email to me to tell me about it.

    btw, i think your analogy sucks. i think it would be more akin to every business owner in the city calling you on the telephone to tell you about the great deals they have. eventually you dread answering the phone because you know it's just going to be more crap to waste your time. THAT is what spam is akin to.

  • The LATimes article in the story seems to be highly biased against e-mail marketing. As an internet businessman, and entrepeneur, I frequently use bulk e-mail as a way of informing my customers about new products and specials. There is nothing immoral or dishonest about this practice, and I am in full compliance with US Congress e-mail regulations.

    I think that digital solicitations provide a valuable service to consumers, and have been (unfairly) given a bad reputation. I run a legitimate multi-level internet business, and use bulk mailings as my primary method of solicitation. I would be unable to support my wife and kids if it weren't for the business I gain through e-mail. Again, I fully abide by all rules and regulations against SPAM, and provide an unsubscribe option to all mailings.

    It is unfair to label all e-mail marketers as criminals just because of a few persons who have no respect for users privacy and bandwidth limitations. Some of us are honest businessmen who are just trying to make a living, and have been branded as low-lifes because of a few rogue SPAMmers.

    This would be akin to calling all Linux users criminals. While I'm sure that a few Linux users are career criminals, the vast majority of Linux users are law-abiding citizens trying to avoid Monopolistic alternatives. Again, a few bad apples are giving an entire group a bad name. Please, I urge you, give us a break, we're just trying to get by the only way we know how.

  • I do not buy e-mail addresses from so called "online marketing organizations". I harvest potential contacts from public forums. Mainly chat rooms, usenet posts, and forums like Slashdot and Kuro5hin. I am well within my legal right in doing so, since you have chosen to make your e-mail address publicly available. As I have previously said, I always include an option to unsubscribe.
  • by CoachS (324092) on Monday April 16, 2001 @11:08AM (#288100) Homepage Journal
    Where I work the "professionals" bill by the hour. How much time do they have to spend reviewing and deleting spam?

    [Hypothetical]Let's say they get 20 spams a day and it takes them 3 seconds to deal with each one of them. That's a minute per day or an hour every 2 months. At $200 per hour (their billing rate) it's costing them $100 a month to deal with spam. Each. Since there are about 30 of them in the company at any given time that means it costs my company about $3,000 a month.

    That's just the folks who bill by the hour. What about productivity losses for those staff members who don't bill by the hour, but still lose the same productivity? What happens if somebody goes on vacation, their mailbox fills with spam, reaches its storage limits and legitimate mail from clients gets bounced?

    How about the bandwidth wasted transferring hundreds of e-mail messages (increasingly in HTML)? That bandwidth isn't free.

    How about the CPU cycles and storage space wasted processing junk e-mail?

    Maybe home users putzing around with their little AOL accounts don't have much in the way of tangible costs, but I can assure you that those of us who actually have to run and support e-mail systems can show you costs associated with high volumes of junk e-mail.

    -Coach-

  • The one big problem that I have with spam, is the burden of cost. When someone sends out direct mail by snail mail, they have to pay for printing, postage, etc. The cost burden is on the sender. Bulk email, on the other hand, puts the cost burden on the person being marketed to. We all pay for spam in higher ISP costs, decreased available bandwidth, etc. This is wrong. If you want to market to me, don't make me pay for it. Besides that, alot of spammers use mail servers that have been left as open relays (which I believe M$ Exchange does by default). Why should these companies shoulder the burden of someone else who thinks that I just have to know about the latest, greates porn site.
  • I've found that a very effective way to get rid of the snail mail spam that you regularly receive is to take the business reply envelopes and stuff them with anything that's heavy. Once they get tired of paying the postage on the brick you sent back to them, they'll stop sending you "Free Magazines!!!! (if you sell your soul to the Devil)" offers.
  • by Tyler Eaves (344284) on Monday April 16, 2001 @10:01AM (#288103)
    Keep one public account, to sign up for websites and the like. and then have one you just give to your friends/co-workers/family, etc
  • What we all refer as SPAM is in fact a technic believed to be effective by the marketing people. The problem here folks isn't SPAM, it's Marketing.

    Yes marketing is an important part of a company's business strategy to sell its products, however, it has grown too much. Today we are flooded with marketing flicks everywhere.

    Marketing, today, has become a NEGATIVE image of a product. You want proofs! You don't need any. This is just common sense, no super hot chick in a commercial flick is never gonna make me buy that really important product i need. More and more people just want plain QUALITY.

    Bulk e-mail marketing campains DO NOT WORK. Don't give me bullshit with that. I've seen so many good Internet projects failed because they were based on e-mail marketing or banner marketing. These medium usually attract a good amount of users for a very short period of time. And that is why these Marketing strategies DO NOT WORK.

    You know what most user do with your SPAM? They create an hotmail account and redirect all your marketing crap to it. They're not even READING your crap. Everyone knows these type of marketing e-mails are just crap.

    Conclusion: Hell's crap,
    just send your load of crap
    directly to an hotmail crappy account
    , let's say crap4387@hotmail.com.
    If someone wants to read this load of crap,
    the log/pass is crap ;)

    Here goes one stone, two hits. he he
    ( Meant Microcrap and all Spammers. )

    Evolving at the paste of the fastest, not the slowest.

The world is no nursery. - Sigmund Freud

Working...