Exposing Spammers For All They're Worth 548
llywrch points out this interesting story at Art & Farces in which a "guy fights spammers by occasionally sending an email telling the spammer to leave him alone or he'll bill for time & services. Some take him off their mailing list, some pay the bill, but most don't respond . . . except one guy who was so incensed at receiving this invoice he had his lawyers send a threatening note. Makes it easier for Fraase to collect on his invoice."
"So you want to sue a spammer" (Score:5, Informative)
There's an outfit called "Private Citizen [privatecitizen.com] that helps you receive less (snail) junk mail and fewer telemarketing calls. The sell a book called So You Want To Sue A Telemarketer [privatecitizen.com]. I sure hope that they come out with the "Sue A Spammer" edition of this book soon. Even though I think too many people are quick to sue in this country, I can't think of anybody who deserves a lawsuit more than the spreaders of spam.
People too cheap (ok, "frugal") to spend money at Private Citizen can try following the advice at Junkbusters [junkbusters.com], and they even have a page concerning spam [junkbusters.com].
Google cache (Score:2, Informative)
http://www.google.com/search?q=cache:R7VWyB6BrG
Mirrors? (Score:5, Informative)
What about using copyright law? (Score:2, Informative)
Of course the SPAM lists that some companies sell is a derivitive product.
Remember Bidder's Edge v. Ebay, they argued using bots to collect information is illegal. Companies selling software to use open relays and collect addresses is as illegal as napster (if not more). Lets use some of these rulings against spammers.
Re:Actually do something and I'll be impressed (Score:5, Informative)
whore (Score:5, Informative)
A few months ago, I published an article outlining my opinion and experience with spammers in general and one in particular. That article, Fun with spammers, has drawn the attention of the subject spammer?s lawyer, and I am being threatened with legal action.
I am publishing both the demand and my response without comment. Your comments are most welcome.
Today I received the following letter on lawyer letterhead:
Gary K. Kahn
-address-
November 12, 2001
Michael Fraase
-address-
RE: Dispute Involving E-Core Technologies, Inc.
Dear Mr. Fraase:
This office represents Jim Hobuss of Portland, Oregon. Mr. Hobuss has called my attention to information you have placed on the internet regarding Mr. Hobuss. Specifically, you have defamed Mr. Hobuss in your posting and it is clear you are attempting to interfere with his business.
On behalf of Mr. Hobuss, demand is hereby made upon you to remove any reference to Mr. Hobuss from your posting. If you fail to do so within ten (10) days, my client will consider all appropriate legal recourse against you.
Sincerely, REEVES, KAHN & HENNESSY (signed)
Gary K. Kahn
To which I responded on my business letterhead:
ARTS & FARCES LLC
-address-
16 November 2001
Gary K. Kahn
--address-
Dear Mr. Kahn,
I received your letter concerning Mr. Hobuss? claims of defamation in information posted on the ARTS & FARCES internet website. I believe the article in question can be found at:
http://www.farces.com/farces/999462920/
under the title ?Fun with spammers.?
The piece accurately reflects my email experience with Mr. Hobuss and my opinion of that experience. I stand by the article and have no intention of removing it from publication. Nor do I intend to remove any reference to Mr. Hobuss in the piece.
In fact, I expect to publish a follow-up piece including the text of your letter and this response.
Your client?s account with this firm is now seriously past due, and I?d like to know what his intention is with regard to my unpaid invoice(s).
Regards,
(signed)
Michael Fraase
Re:Google cache (Score:5, Informative)
http://www.google.com/search?q=cache:www.farces.c
(It didn't work when I left in the R7VW... stuff)
google cache (Score:1, Informative)
http://www.google.com/search?q=cache:R7VWyB6BrG
cached copy and weird coincidence (Score:2, Informative)
Very odd. I was reading this exact page ~2 hours ago(from nanae I think). Synchronicity?
Google cache comes through again (Score:5, Informative)
But I pasted a copy of the text in here. Well, most of it; the slashdot lameness filter won't let me paste in the whole thing.
Warning: the spammer likes to use bad words.
BEGIN QUOTED TEXT
Every day I get roughly as much spam, which I define as any unsolicited bulk email, as legitimate email. It's a problem that doesn't have an easy solution. The proposed legislation generally misses the mark of eliminating either the unsolicited bit or the bulk bit. While the first amendment protects your speech, it doesn't include a requirement that I subsidize it--financially or with my attention.
With that in mind, I think I may have hit on a formula that probably won't eliminate spam, but it sure makes the parasites think twice about doing it again. And it always seems to push the indignant outrage button that all of these vermin seem to have in common. So far, the formula has worked like a choreographed dance in each instance. Here's how it goes (please play along at home):
Each day I select 2 or 3 of the more outrageous spam messages that serve no useful purpose whatever. They're almost always some sort of commercial scam. I do a traceroute and a whois with NeoTracePro (it's got neat maps) to determine who they really are, where the message really originated, and who their local and upstream bandwidth providers are. Then I send the following reply to the original message--complete will all header information from the original spam--with copies to the abuse, postmaster, and hostmaster addresses at the bottom-feeder's local and upstream provider:
Remove this and all addresses within the farces.com domain from your distribution lists immediately. We have no existing business relationship, nor do I wish to establish one. I don't do business with spammers. Not now. Not ever. You are using my resources for your gain without my permission or compensation. Any further contact from your domain to any address within this domain will indicate tacit agreement to your use of our resources at our published billing rate of US$125 per hour with a 10 hour minimum.
Clear enough?
Invariably I get a quick response, singularly uninspired in its lack of originality:
Except this idiot, dumber than most, actually sent a second retort, this time issuing a challenge:
Astute readers will recognize that I never claimed what scum like Hobuss was doing was illegal, only that I rejected his offer and counter-proposed one of my own. Of course, by responding, he's now agreed to my terms and is billed accordingly (with copies again going to his local and upstream providers):
You received the following message on 1 Sep 2001 in reply to your spam and yet you continue to spam this domain. Accordingly you have accepted our terms of contract and are being invoiced under Minnesota state statutes and the Universal Commercial Code. Payment in full is due immediately. If you fail to pay in full immediately the invoice will be rendered for collection, appropriate credit reports will be prepared, and we will vigorously pursue judgment in the appropriate venue(s).
For the record, our original offer is included below.
Remove this and all addresses within the farces.com domain from your distribution lists immediately. We have no existing business relationship, nor do I wish to establish one. I don't do business with spammers. Not now. Not ever. You are using my resources for your gain without my permission or compensation. Any further contact from your domain to any address within this domain will indicate tacit agreement to your use of our resources at our published billing rate of US$125 per hour with a 10 hour minimum.
Clear enough?
Invoice
[Professional-looking invoice for US$1250 removed thanks to slashdot's lameness filter. I particularly enjoyed the part on the invoice where it says "Thank you for your business."]
In this case, Hobuss actually got two of these, differing only in invoice number. As you can imagine, this game of Invoice Ping Pong can go on for days, but it rarely does. It almost always immediately devolves into barely intelligible abuse:
Oooh, I imagine the spittle at the corners of his mouth are not very attractive. But he's made the mistake of crossing over into clear abuse and maybe even threats, a second and more serious violation of his provider's Acceptable Use Policy. At this point, all I have to do is reply to the message (again with copies to his--they've always been male so far--local and upstream providers) with yet another invoice and the following tasty bit addressed specifically to his providers:
NOTICE TO ISP AND UPSTREAM PROVIDER(S): As you can see this has escalated to abuse on the part of your client. Kindly take whatever action you find necessary with regard to your AUP and notify me directly of anything necessary on my part to expedite the process. Suffice it to say that I expect immediate action with regard to this matter.
Most importantly, he's removed me from his spam list. And I'll bet good money he's at least thinking about the next spam missive he sends. From his next provider, of course.
Now, I probably can't collect on all 3 invoices, but I can certainly make the parasite's life miserable with just one. A quick trip to the county courthouse (until they get their system web-enabled) generates a court date that subsequently renders a judgment that I can easily file with the appropriate agencies. Like fish in a barrel. I've never done it because I haven't had to; my intent is to stop the spamming of my domain, and it's working. A few of these bottom-feeders have, however, paid the invoices. I deposit the checks with a grin.
END QUOTED TEXT
Notes on my editing: To avoid the slashdot lameness filter, I used HTML "blockquote" for the quoted email messages; the original text used '>' characters. Also, some of the punctuation came through as question marks; I tried to replace it with correct ASCII punctuation. (The punctuation was apostrophes and long hyphens.) I did my best not to introduce any errors, but no promises!
steveha
Google Cached here .... (Score:2, Informative)
I've tried billing them... (Score:5, Informative)
However http://spamcop.net does wonders. A couple of weeks ago I contacted dodgy list-seller, http://www.incnet.com.au and complained about them continuing to sell my details to others when I had emailed AND phoned (it's a local call - I'm in Sydney) and asked to be removed. I talked to a guy who said "Oh YOU'RE the bastard that reported us to Spamcop. We had a LOT of trouble because of that". He then bullshitted on about how he was going to sue me for causing him financial loss. So I called the Australian Direct Marketing Association and put in a formal complaint and haven't heard from either since. I assume he was talking shit at the time and got into trouble over it since.
Anyway, the moral is that Spamcop does seem to do something, and it's a lot easier than personally emailing all involved with each piece of spam you recieve.
Re:How slloooowwww does this guy read? (Score:2, Informative)
Spam is theft. Whether it's one second or two hours of my time, it's still theft. Maybe you don't find burglaries inconvenient, but I sure as hell do.
An easy way to avoid new spam. (Score:3, Informative)
javascript:window.location='mailto:tda'+'vis@tda '+ 'vis.org'
...doing appropriate substitution for your own email address, of course. It would probably also be useful to include an explanation [tdavis.org] in case someone doesn't have JavaScript enabled.
The only problem I have now are legitimate mailing lists, like the PHP lists, which archive stuff to the web without obscuring addresses similarly. sigh.
Re:KABLOOEY! Slashdotted. (Score:1, Informative)
You can make a spammer miserable right now (Score:0, Informative)
jimhobuss@home.com
JJH ONE Enterprises, LLC
Hobuss Jim
17525 SE Marie Street
Portland, OR
97236, US
(503)491-9420
Isn't that great? You can call this gentleman and tell him what you think of him!
Re:Actually do something and I'll be impressed (Score:1, Informative)
woof.
Baddoggie posts anon to save mod points. All this logging in and out is getting on my tits, and checking "Post as AC"desn't really make you AC -- all mods from a thread are removed, but the points aren't returned.
Re:Spam from an admins view (Score:2, Informative)
2250spam*2s/spam=4500s
4500s*(1min/60s)*(1h/60min)=1.25h
1.25h*(1workday/8h)=0.15625workday
0.15625workday*221dollar/workday=34.53125dollar
22falsepositives*30s/falsepositive=660s
660s*(1min/60s)*(1h/60min)=0.18333h
0.18333h*(1workday/8h)=0.022917workday
0.022917workday*221dollar/workday=5.06458dollar
34.53125dollar+5.06458dollar=39.59583dollar
Unless all the people behind the 13000 mailboxes make 221 bucks per hour, your off by about an order of magnitude.
Re:Spammers (Score:2, Informative)
A couple of weeks ago we had a call from a bunch of idiots who'd obviously just gone through the telephone directory.
Phone rings. My wife answers, and after listening to the speil asks for the callers name. He gives it. She then asks for the callers address... He gives it! Then she asks for the callers telephone number. At this point he gets suspicious and asks why. "Because I need the information to report you to the TPS". Amazingly, this satisfied him & he asked his collegue for the phone number!
It gets better. He couldn't find the number but promised to call back.
10 minutes later - he called back! With the correct number!
15 minutes later he called *again* and starts all over again - this time asking for me... it hadn't clicked that there are two people living in this house with the same last name & telephone number.
Given the level of the fines that the TPS can levy (Minimum of £10,000 per call) I suspect the guy is currently unemployed...
Some nice spamcop reporting scripts (Score:3, Informative)
Re:I've had things like this happen to me. (Score:2, Informative)
me+foo@foo.bar --> me@foo.bar
Personally, I'm at the "create new entries in
The next step is to use subdomains, and revoke the DNS when they get spammed. One subdomain per e-mail address is silly, but it's about the only way to keep them from filling my maillogs with bounces.
Spammer: "Consequential and more severe actions.." (Score:5, Informative)
consequential and more severe actions will now be initiated and followed through to conclusion. An acceptable conclusion is no longer a removal of the Web page."
Want some cheese with that whine?
Spammers lie to net retailers (Score:5, Informative)
I always make it abundantly clear that I don't want my contact information shared. If there isn't policy on the site explicitly promising not to share my information if that's what I choose, I don't buy there.
More than a dozen times, I've gotten mail advertising the original store, followed by a flood of random spam to the same address. When I contact the store owner, they insist that they had an agreement with the 3rd party that they wouldn't use the list of addresses for anything else. "Then why am I getting mail to UglyShoes@mydomain when you're the only one who ever got that address?" They lose a customer, and I cancel a mail alias.
Then again, not all retailers are honest either.... God forbid you share your name with Radio Shack.
Three years ago I bought a soldering iron at Radio Shack, the address including an "Apartment RSHK", again requesting no mailings or address sharing. Now, if I had a dollar for every shit mailing and magazine I'd been automatically subscribed to at "Apartment RSHK", I'd be a rich man by now.
Again, it doesn't seem to stop with Radio Shack sharing. I think many of the companies Radio Shack shared with turned around and sold my address as well, because it went from Radio Shack mailings to Columbia House to Playboy to Victoria's Secret to Lillian Vernon to Fingerhut to god knows what. Half my specifically targeted junk mail comes to "Apartment RSHK", and about half comes to "Apartment SN", from my long-ago subscription to Science News.
Re:Actually do something and I'll be impressed (Score:2, Informative)
This site offers a listing of ALL laws on the books in U.S. States, as well as a weatlh of other information. They also maintain a mailing list which is currently tracking the efforts of several people who are actively suing spammers.
Re:Spam from an admins view (Score:3, Informative)
I would be happy to send you my rules file if you are interested.
Re:What we're up against... (Score:3, Informative)
Fill out Form 475 [fcc.gov] at the FCC, and eventaully they will hit them with a large enough fine to make them think twice. I think that willfully breaking federal laws can get you in bigger troubles than just the $500 fine.
That's totally illegal (Score:1, Informative)
Every time you get a call you consider junk, just ask the questions in this script. If they answer no, you may be able to sue them. You can print copies of it to keep by every phone at home. If everyone follows it, the junk calls will slowly but surely drop off.
``Are you calling to sell something?'' (or ``is this a telemarketing call?'')
``Could you tell me your full name please?'' $
``And a phone number, area code first?'' $
``What's the name of the organization you're calling for?'' $
``Does that organization keep a list of numbers it's been asked not to call?'' $
``I would like my number(s) put on that list. Can you take care of that now?'' $
``And does the company you work for also make telemarketing calls for any other organizations?'' (If they answer no, skip the next question.)
(If yes) ``Can you make sure your company won't call me for any other organization?'' $
You may need to ask to speak with a supervisor if they sound lost. When you're ready to let them off, you might close with ``Is it clear that I never want telemarketing calls from anyone?'' and just say goodbye. If you feel like making them pay, keep going:
``Will your company keep my number on its do-not-call list for at least ten years?'' $
``And does your company have a written policy that says that on paper?'' $
``Can you send me a copy of it?'' $
``What's your supervisor's first and last name?''
``What's your employer's business name, address and main telephone number?''
``Are you calling for a tax-exempt nonprofit organization?''
``Is this call based on a previously established business relationship?''
Before hanging up, check you have all their answers written down, then say goodbye. Add the date and time to your record. (Is it between 8 a.m. and 9 p.m.? $)
Disclaimer: nothing here should be taken as legal advice. If they answer no to any question ending in ``$'' you may be able to sue them for $500-$1500 under the Telephone Consumer Protection Act. But if the answer to either of the last two questions is yes, then the Act doesn't consider the call to be a solicitation, so it's not covered by many of its regulations. Also excluded are calls to business numbers. For more details, see our pages on federal laws and on how to reduce telemarketing calls and junk mail. JUNKBUSTERS DECLARE makes it easy to tell companies not sell your phone number to telemarketers, and to request the Direct Marketing Association's Telephone Preference Service.