Forgot your password?
typodupeerror
Spam

CDT Releases New Report on Origins of Spam 376

Posted by michael
from the plumbing-the-depths dept.
Carnth writes "CDT has released a new report based on a six month project entitled "Why Am I Getting All This Spam?" The results offer Internet users insights about what online behavior results in the most unsolicited commercial email and also debunk some of the myths about spam." A very good report - read it. There's also a story about yet another sleazy spammer in Ohio.
This discussion has been archived. No new comments can be posted.

CDT Releases New Report on Origins of Spam

Comments Filter:
  • by chuckfirment (197857) on Wednesday March 19, 2003 @02:38PM (#5545774)
    Spam comes in the form of unrequested text, right? So saying "FIRST POST" every time there's a new topic is simply a way of spamming Slashdot?

    Chuck

  • by Kelz (611260) on Wednesday March 19, 2003 @02:38PM (#5545778)
    I'm still wondering why when I have my hotmail filter set to "exclusive" (only recieve from those in my address book, which contains 10 addresses), I continue to get loads of spam each day in my inbox, including some very embarassing things that would cause my mom to faint if she walked in.
    • happy 1.3 user (Score:4, Interesting)

      by aoteoroa (596031) on Wednesday March 19, 2003 @02:50PM (#5545895)
      The promised junk mail control for Mozilla is finally here and I'm loving it. The wait was almost unbearable because all the other guys in the office have had spam filters with their OSX email client for months. I was tempted to switch. But now mail comes in and gets whisked away to the junk folder almost immediatly. It's a beautiful thing.
      • Re:happy 1.3 user (Score:4, Interesting)

        by doublem (118724) on Wednesday March 19, 2003 @02:58PM (#5545979) Homepage Journal
        I know what you mean. It's been so good at work that I'm going to use it at home and migrate all my Pegasus and Outlook Express mail to Mozilla 1.3

        I did get a great laugh though. One of the sales guys wants to send out a renewal notice. I read the text and realized it was worded like a stereotypical SPAM. I raised objections, but was ignored.

        Then the Mozilla SPAM filter caught it during the test phase.

        The registration notice is now being rewritten. :)
        • by ToadSprocket (628571) on Wednesday March 19, 2003 @03:12PM (#5546115)
          Amen to that.

          I had been using the 1.3 beta for weeks before the release version. "Yes, this is junk, I am going to mark it as such and then sit here and laugh at you." I felt so... impotent I guess. All of these naked women, and nothing I could do about it. But yeah, since 1.3 came out, I am laying more pipe than Charlie Sheen in his heyday, and not with hookers either.

          1.3 kicks ass.

          • I had wisely saved a lot of SPAM messages from my 100 a day work account, so I had a LOT of them for use in training the filter. After two days I'd say it's catching about 95% of the Spam, and all the false positives are from the Marketing department. (AKA, it's SPAM I need to white list.)
    • I'm still wondering why when I have my hotmail filter set to "exclusive" (only recieve from those in my address book, which contains 10 addresses), I continue to get loads of spam each day in my inbox, including some very embarassing things that would cause my mom to faint if she walked in. Dude, you wouldn't have that problem if you didn't put those spammers in your address book!
    • Well, when I set my spam-filters to exclusive I didn't get a single peice of email. of course I didn't have anyone in my address book.
    • Are you in your own address book? If so then this is likely the case, an easy trick. And if so then here's a tip for next time: check the email addresses you're getting them from to make sure they aren't in your address book.
  • by psoriac (81188) on Wednesday March 19, 2003 @02:38PM (#5545779)
    In other news, it was announced today that after careful study, researchers confirmed that fire is hot and pointy objects hurt.
    • In related news, after more objective study, it has been postulated, pointy objects that are hot and thrusted hurt more than unthrusted cold pointy objects.

      I don't eat pork!
  • Did they use IE? (Score:5, Insightful)

    by da' WINS pimp (213867) <dart27 @ g m a i l . com> on Wednesday March 19, 2003 @02:38PM (#5545782) Journal
    I never saw anything in their methodology about how the spam was analyzed. It would have been interesting to see what effect actually opening spam e-mail in a web enabled browser had on the recurrence rate.

    I bet the web bugs would have kept the recurrences high even for addresses that were removed...

  • by ToadSprocket (628571) on Wednesday March 19, 2003 @02:40PM (#5545791)
    To Internet users who complain that their e-mail inboxes are crammed with ads for products and services they would never purchase, Childs' response is, "Quit your whining. I'm asking you, how stressful is it to push the delete button? We have become a nation of crybabies."

    I am sorry, smack me down if you must, but... Aaaahhhhhhhh!!!! Die Spammer, Die! Friggin White Trash sonsabitchin spammers. I feel slightly better now. Ready for Karma extraction.

  • My spam research (Score:5, Interesting)

    by sigxcpu (456479) on Wednesday March 19, 2003 @02:40PM (#5545796)
    I just got a new domain.
    Which means that every email to that domain goes to me.
    Every time I give my Email online I give a diff name, for instance if I buy at yahoo I give "yahoo-shopping@mydomain.com".
    If I get spam to this address I know who gave it to the spammers.
    - only been doing this for a week, no spam so far but there is still hope ;-)

    Note: I am not actively looking to be spamed, just doing my usual stuff.
    • That is exactly what I do. For a long while, no spam messages, but then things started coming to contact@mydomain.com, webmaster@mydomain.com, etc. So, I started sending any email to those addresses to /dev/null. Recently, however, I have started getting mail to kurt@mydomain.com, 1321239@mydomain.com, etc, which I can't just filter out, because it keeps changing. Crikey! What to do? Enjoy the silence...while it lasts....
      • You could create your safe list of email accounts.

        Any addresses that you use for business or personal stuff. Then anything going to other email addresses on your domain (ie, moofoo@mydomain.com) sent to /dev/null.

        As long as you don't have a massive and always changing user base with email addresses at your domain, you should be fine,

        I would think...

      • Dont use wildcard addresses, you must manually create a new email address every time you need to give one out. Its as easy as: echo virtualprefix-newemailaddress: realemailbox > /etc/aliases ; newaliases
    • Re:My spam research (Score:5, Interesting)

      by Fluid Truth (100316) on Wednesday March 19, 2003 @02:59PM (#5545994)
      That's a really common thing among my friends. Most of us use qmail, so we can receive mail to username-[anything]. Sign up for financial tracking with yahoo? Then it's username-yahoo@domain.tld Ask for info from buy.com? Use the address username-buy@domain.tld I bought stuff from x10 before they started being so darned annoying. Now, I throw away anything that comes to username-x10@domain.tld

      It helps you track spam AND get rid of annoying companies' e-mails. :-) And best of all, you don't have to get your own domain for this. You can use your existing e-mail address with just a slight tweak to your qmail configuration.
      • Re:My spam research (Score:4, Informative)

        by ebh (116526) <`gro.laerrepyh' `ta' `todhsals-hbe'> on Wednesday March 19, 2003 @05:47PM (#5547432) Journal
        You left out the best part: If, say, user-ticketmaster@domain.tld (now, why would I pick that as an example?) starts getting spam, create a file called .qmail-ticketmaster in your home directory containing the single line

        |exit 100

        The 100 exit status causes all mail to that address to bounce, not just get sent to /dev/null. And a bounce is the most reliable way to get off a spam list. AFAIK, qmail is the only MTA that allows user-level control of bounces like this.

        • Re:My spam research (Score:3, Informative)

          by Fluid Truth (100316)
          Hey! That's nice! There's another way, using the "boucesaying" program that comes with qmail. if you put this line in the .qmail file, you can actually control what the bounce says (though yours is nice because it's easy and looks more automated):

          | bouncesaying "Better luck next time"
    • Re:My spam research (Score:5, Interesting)

      by dissy (172727) on Wednesday March 19, 2003 @03:30PM (#5546290)
      I do the same thing with my domains, however I take it once step further.

      Once I get spam sent to one of the addresses, I change the forward so it no longer goes to me, but forwards to a number of addresses at their domain.
      For example, if i signed up at yahoo.com and they spammed me, I would change my yahoo@mydomain.com forward to send to:
      abuse@yahoo.com,staff@yahoo.com,support@yahoo .com, help@yahoo.com,postmaster@yahoo.com,webmaster@yaho o.com
      etc

      As they are all at the same domain, my mail server only sends one copy to the yahoo.com mailserver. Their server breaks it up then so I only really send one email out.

      Using procmail to do this, i usually turn on logging until it hits a certain size.
      If no real/ligit emails come to me before the log of spam reaches a couple megs, i turn off logging and leave it.

      This generates surprisingly little traffic on my mail server, and one would hope they get the point

      This way yahoo (only using as example of course) may remove me from their mailing lists, but they have to deal with the spam from all of their 'business partners' they signed me up for, and at that point i dont care if the address is removed or not :)
    • So what?? (Score:3, Insightful)

      by EvilStein (414640)
      That doesn't change the fact that you're still getting spammed!!! So what if you know who did it? Great, you won't do business with them again because they sold your address.

      Your still getting spammed because in most places, it's perfectly legal for them to do so. Your bandwidth is still absorbing spam. Your mail server still deals with the spam/bounces.

      Just making a cute address doesn't solve the problem.
    • by Dimensio (311070)
      Here's an idea along that theme...
      If you are just giving the address because they demanded one, and you have no reason to expect them to contact you for any reason, set up a filtering/procmail config so that any mail sent to that customized address is automatically forwarded to EVERY corporate address for the site to whom you originally gave it. That way, if someone spams that address, the corporate addresses of the sleazebags who gave it out are the ones who get it returned.
  • by AssFace (118098) <stenz77&gmail,com> on Wednesday March 19, 2003 @02:40PM (#5545797) Homepage Journal
    1) Sign up on an internet gambling site.
    2) Register a domain name.

    I have multiple domain names and I know for certain that much of my spam originated from either scanning the whois database, or someone selling the e-mail addresses from there.

    I don't gamble, but I noticed that the java applets that were used for 99% of the gambling sites were all from the same place. In other words, if you want to start a gambling site, but you don't want to write software - you can pay to use the java applets of this one company. There is some rebradning that goes on - but in the end, it all goes through their servers and uses their code.
    Because of that, I figured if there were any holes in the software, that would mean a whole crapload of open spots out there. So out of curiosity I registered at a gambling site and then looked at the source (you can get the source from a java applet).
    After that, my spam increased exponentially - the immediate group was spamming me, as well as selling off the address - which then gets repeated over and over.

    I use spamassassin now and I have it tweaked to the point where out of over 100 spams a day, I only have 1 get through - and that is because the code times out and lets it through, not because SA hasn't caught it.
    I first installed it in January and in that time have only had it once grab mail that it shouldn't have - from my mom. I added her to the whitelist and have never had a problem since.
    I use one of the more recent 2.60 versions, have the spam threshold lowered to 3.5, and I have tweaked a few of the score settings. Workds great for me.
    • When i registered my domain, I gave the address archos@myprivacy.ca. Any mail sent to this address is is held while a challange is sent to the sender. The sender just has to reply to the challange email, and the original will be sent to me. Automated spammers won't reply to the challange. myprivacy.ca is a free service provided mainly for .ca domains, or for domains registered with a participating registrars [myprivacy.ca].
      Does anyone know of any other services like this?
    • Unfortunately, you can do a lot to minimize spam, but there's very little you can do to eliminate it completely. I've had my earthlink account for 8 years now, and it is becoming overwhelmed by spam. Even with Earthlink's spam filter, and my spam filter, there's still a couple of dozen emails per day that are unsolicited and include my address in the mailto header.

      Yes, I've posted to usenet, and with only a couple of instances excepted, I've munged my address both in the from header and in the sig.

      Yes

  • To Internet users who complain that their e-mail inboxes are crammed with ads for products and services they would never purchase, Childs' response is, "Quit your whining. I'm asking you, how stressful is it to push the delete button? We have become a nation of crybabies."

    Would he also say the same thing if a bunch of people hacked his email server and redirected all his crap toward this guy's own personal email box? Or if he was sent those 2 mil AOL CDs? Also, the places where he has his server's, ar

  • Because your penis is small, you'd like to work from home and everybody loves baklava?

  • by corporatemutantninja (533295) on Wednesday March 19, 2003 @02:41PM (#5545805)
    In the debate over how much spam really costs, one factor that almost never gets discussed is the impact on behavior and openness. How many of us refrain from using our real email addresses in public forums or in correspondence with companies because of a fear of receiving more spam? There may not be a direct economic cost, but it makes the Internet less useful to all of us. Spammers have essentially driven all of us to have unlisted phone numbers on the Internet, which reduces the usefulness of the medium. Off with their heads, I say.
  • by ShwAsasin (120187) on Wednesday March 19, 2003 @02:42PM (#5545808) Journal
    I was considering moving into the spam market, but decided that was too controversial. I opted to start pornography business instead.
    • Depends on how you advertise.

      If you're up front and don't SPAM people, selling only porn that features consenting adults, then I'd say go for it.

      I was thinking of starting a porn site myself, until my GF nixed it.

      Good luck though. One of my buddies tried it, and failed due to the stiff competition. You have to have a new and unique angle, something really different, to make it now.
  • by Randar the Lava Liza (562063) on Wednesday March 19, 2003 @02:42PM (#5545810) Homepage
    The FTC already filed a complaint [ftc.gov] and had a preliminary injunction [ftc.gov] against Childs back in April. See the press release [ftc.gov] for more information. The article mentions he lives by Riverside drive in an apartment, could be with Linda Lightfoot [superpages.com], the woman mentioned in the complaints with him?
    • Sounds like a gay, transexual porn star.

      (Apologies to all the real trannies out there, I know slashdot has a few. Nothing against you, Linda Lightfoot just sounds like a bad porn name.)
    • by Tackhead (54550) on Wednesday March 19, 2003 @03:00PM (#5546000)
      > The FTC already filed a complaint [ftc.gov] and had a preliminary injunction [ftc.gov] against Childs back in April. See the press release [ftc.gov] for more information. The article mentions he lives by Riverside drive in an apartment, could be with Linda Lightfoot [superpages.com], the woman mentioned in the complaints with him?

      Rules of spam:

      0) Spam is theft.
      1) Spammers lie.
      2) If you think a spammer's telling the truth, see Rule #1.
      3) Spammers are stupid.
      Corollary: Spammer lies are really stupid.

      So when I read this:

      "To Internet users who complain that their e-mail inboxes are crammed with ads for products and services they would never purchase, Childs' response is, "Quit your whining. I'm asking you, how stressful is it to push the delete button? We have become a nation of crybabies."

      I immediately thought "This asshat wants me to Just Hit Delete. Every time I've heard that excuse, the guy saying it has been either lying (Rule #1), or stupid (Rule #3). This guy sounds like both. (Corollary). So I'll lay odds that this guy's a spammer."

      I was just about to Google for the proof, when you did all the leg-work by posting the FTC links. Thanks. J00 r0x0r!

      • I'm asking you, how stressful is it to push the delete button? We have become a nation of crybabies.

        Oh, say, no more stressful than pulling the trigger on a high powered rifle...

        Some people just don't get it. Spam is an invasion of a personal space - it's the intrusion into our personal lives by a stranger that we resent, not the fact that we have to hit the delete key.

        Quite frankly, I'm surprised that these guys are still alive. Spam is something that really angers people, and I can imagine some

    • by blibbleblobble (526872) on Wednesday March 19, 2003 @03:04PM (#5546041)
      If anyone is having trouble forwarding their postal junk-mail ("Not known at this address: please forward to..."), here's the address again:

      Charles F Childs
      and Linda Jean Lightfoot
      4132 Pompton Court
      Dayton
      Ohio 45405

      Keywords: "Spammer's address, Universal Direct, Pyramid marketing scam", for the benefit of google.
  • Spam (Score:3, Insightful)

    by silvakow (91320) on Wednesday March 19, 2003 @02:42PM (#5545821)
    Let's all go register for online lotteries with our new Hotmail accounts. Then we'll give our e-mail address to the airport on that little frequent flyer card because I know they're going to send me only useful info. Oh yeah, let's not forget Kazaa registration, seedy computer retailers, and mail-in rebates.

    I participate in none of these activities. I have my email address on my website, but I spell it out instead of using the at@symbol.com . I've had two e-mail addresses since Summer 2001 and the only spam I get is from Windows e-mail viruses, which aren't compatible with my operation system. Yes, it *is* possible to have a public e-mail address that doesn't get spammed.
    • by Ed Avis (5917)

      the only spam I get is from Windows e-mail viruses

      So these viruses are able to get hold of your email address even though conventional address harvesters cannot. I wonder how long it will be until a spammer creates a virus or worm which as well as mailing itself to everyone in your address book, sends the contents of the address book back to the spammer (by some indirect route). There are probably large numbers of 'lost' addresses which don't appear on the Web but are in somebody's Outlook address boo

    • Re:Spam (Score:3, Informative)

      by da' WINS pimp (213867)
      Yea, but you should try working for a public institution. Our e-mail addresses are public domain and have to be given to anyone who asks. Thank god for Mozilla's filtering. Thats gotten me down to only 20 or so a day that I have to deal with.

      At this point I'm praying for legislation that makes UCE illegal to government entities! You would think it would be misappropriation of resources or something. But the Ashcroft says no, I guess he is too busy chasing terrorists.

    • Use javascript (Score:3, Interesting)

      by autopr0n (534291)
      A good way to prevent spamming is to use javascript to generate your address. So rather then writing "me@wherever.tld" you write
      <script>
      document.write("me");
      document.write("@");
      document.write("wherever");
      document.write(".tld");
      </script>

      It works pretty well, I've found.
  • pr0n Spam (Score:5, Funny)

    by ackthpt (218170) on Wednesday March 19, 2003 @02:43PM (#5545826) Homepage Journal
    Number one reason(s) for receiving pr0n spam:?

    Visited a pr0n website for research

    Posting anything on a Usenet newsgroup

    Registration of any product over the internet

    Responding to any survey on the internet, in which you indicate you are 18 or older.

    Having an email address

    Breathing

    Getting a 'first post' on /.

    Posting anything on CowboyNeal's Blog of Doom

  • I've had my email address for two years, and get about 3 spams a week in it, and didn't even get that untill I joined a few mailing lists. I used to get tons of spam sent to my old address before I switched isps. Seems to me if you keep your email off usenet you don't get much spam. That was the difference for me anyways. Heck, it's kinda annoying. I get so little spam I can't train mozilla!

    Moral of this story? Post to usenet (and mailing lists) with a junk account. Keep a private account for friends and
  • by masonbrown (208074) on Wednesday March 19, 2003 @02:47PM (#5545865) Homepage
    Saw a banner ad for IronPort MTA [ironport.com] just now on Slashdot. It features a technology that "ensures that if one campaign has a problem with less than perfect spam filters at receiving ISPs, it won't impact other campaigns on separate Virtual Gateways".
  • by obli (650741)
    monday: small showers of florida vacations through the .net and .org domain
    tuesday: threathening cloud of penis enlargement pills coming up from the south and webMD health issues are clearing up
    and so on...
  • To Internet users who complain that their e-mail inboxes are crammed with ads for products and services they would never purchase, Childs' response is, "Quit your whining. I'm asking you, how stressful is it to push the delete button? We have become a nation of crybabies."

    I actually had to go re-read that quote. What a prick! I sincerely hope the FTC continues to investigate this guy and his company. Then I hope he goes to jail. I'm not talking white color resort prison; I'm talking federal pound-you

  • I'm a girl with an amgibous email address. My firstname is set to '-' my lastname is set to '-'.

    At first, receiving email that said, - -, you too can have a larger penis! was funny. That wore off... oh... five years ago. Now I'm just annoyed.

    I've opened hotmail accounts and left them alone, never used them for anything, never registered them with anyone, never posted or emailed from them. And two months later, there's spam in them.

    Since I figure hotmail is going to get spammed anyway, I use a hotmail acc
  • bah (Score:5, Insightful)

    by nomadic (141991) <.nomadicworld. .at. .gmail.com.> on Wednesday March 19, 2003 @02:50PM (#5545900) Homepage
    To Internet users who complain that their e-mail inboxes are crammed with ads for products and services they would never purchase, Childs' response is, "Quit your whining. I'm asking you, how stressful is it to push the delete button? We have become a nation of crybabies."


    Oh god, here we go with the old "waah why isn't everyone as tough as I am" complaint.
    I wonder, does he have children? If not, would he relish the idea of them constantly being hit with sex ads? How about elderly relatives?
    • Re:bah (Score:4, Interesting)

      by FeloniousPunk (591389) on Wednesday March 19, 2003 @03:15PM (#5546145)
      If you read the article, you find out the guy is a cop who got fired for selling drugs. So, I doubt he'd be much concerned with family values no matter what the circumstance.
      And let us all hope that he doesn't pollute this world with offspring.
    • Re:bah (Score:3, Interesting)

      by bheerssen (534014)
      I wonder, does he have children? If not, would he relish the idea of them constantly being hit with sex ads?

      Clearly he doesn't care. We're talking about a guy who violated his public oath as a peace officer to make money by selling drugs on the street. In my opinion, breaking that oath is a far worse crime than selling drugs because it illustrates a perfect lack of integrity that the simple act of selling illegal drugs does not. Someone who would sell out the citizens he has sworn to protect certainly wou
  • by great throwdini (118430) on Wednesday March 19, 2003 @02:52PM (#5545918)
    Web Sites received the most e-mails when an address was placed visibly on a public Web site. Spammers use software harvesting programs such as "robots" or "spiders" to record e-mail addresses ... E-mail addresses posted to Web sites using these conventions [Replacing characters in an e-mail address with HTML equivalents.] did not receive any spam.

    The above CDT finding is mildly surprising to me. Is there a reason people haven't built 'smarter' Web scrapers that filter and convert character encodings of things like the '@' sign in email addys? Doesn't seem too difficult, but if the report is to be taken at face value, it seems a simple precaution to take (still). I had always considered it a low-tech defense easily overwhelemed. Guess I was wrong?

    • That was always what I thought as well. If a human can read it without any prompting, why can't a spambot?

      Then again, I have always used that method of hiding my email address for newsgroup postings, despite the fact that I thought it wouldn't really work. Good to know that it does, I suppose.

      I'm actually interested in how well spambots deal with something like the email address listed at this page [plogs.net] listing my contact info. Do they parse html info and realize that this is just a normal email address in a t
    • by stratjakt (596332) on Wednesday March 19, 2003 @03:05PM (#5546056) Journal
      It's not worth doing.

      The people who obfuscate their email address to avoid spams arent the ones you want to spam, since they're pretty much 100% guaranteed not to even read the email.

      The spammers want the messages sent to the dopes who might actually buy the product/service.
    • I would suspect that many bots convert % symbols now. It would only take a pass through a standard URL encode/decode function.

      There are better obsfucators [arizona.edu] available.
  • An interesting read, altogether. I know I'll be obsfucating my email adress when it goes on my website (not that the spammers won't figure that one out soon enough).

    Still, notice that they received more than 10,000 emails... and more than 8,000 were spam. That's around 80% spam, and it includes the accounts that actually took some measure of protection against it. Naturally accounts that didn't bother to protect their email addresses got a much greater proportion of spam.

    It's a shame we have to protect
  • by Our Man In Redmond (63094) on Wednesday March 19, 2003 @02:54PM (#5545938)
    Childs blamed the mix-up on a programming accident and said he has since apologized to Smithson [for using her site as an open relay].

    Reminds me of the old saying, "I might have believed it was an accident if you hadn't stopped twice to reload and once to chug a couple of beers."
  • by autopr0n (534291)
    These fucking spammers. Fucking DMA preventing tough anti-spam laws. I don't know about you, but I never buy anything from telemarketers and I'm more likely to just throw out any physical mail advertisements, after hitting the 'delete' button so many times.
  • there's another one that has house/offices located near Tontogany, Ohio and also in Toledo. He lives in a LARGE house located in a richer area in the country. Their house is full of expensive toys, computers, LCDs, and furniture. He looks something like Marilyn Manison having a good day. He chain smokes. He doesn't get up till 2 oe 3 in the afternoon. He claims he is completely for "mass mailings". He wants people to believe that his emails are making their day.

    I wish I remembered his name.

    He is a
  • by douglips (513461) on Wednesday March 19, 2003 @02:56PM (#5545966) Homepage Journal
    None of this puts a chill into Childs, who said he has nothing to fear from anti-spammers. "I don't ask for understanding from anybody. I follow the law." And as for angry e-mails and junk mail, he said, "I can give as good as I get."

    Geez, I sure hope he's right. It sure would be a shame if his physical mailbox overflowed with a gazillion free catalogs.

    Did anyone explain to him what happened to Alan Ralsky [slashdot.org]?

    • Is that maggot-eaten sack of whale drek still getting a gazillion pieces of snailmail every day?
      • by Tackhead (54550) on Wednesday March 19, 2003 @04:02PM (#5546565)
        > Is that maggot-eaten sack of whale drek still getting a gazillion pieces of snailmail every day?

        Ahem.

        I represent the Cetacean Fecal Matter Anti-Defamation League. Please retract at once your defamatory comments against whale dreck.

        I have also been informed by the Head Maggot of the Fly Larva Anti-Defamation League that although his members will gleefully chow down on any form of cetacean poop ranging from Dolphin Doo to Blue Whale Bombs, they'd definitely draw the line at Ralsky's carcass. They've got standards, y'know.

  • Charles F. Childs, Dayton Ohio.
    Can anyone narrow that down a bit?
  • by Slashdolt (166321) on Wednesday March 19, 2003 @03:02PM (#5546021)
    I don't want to get myself into any possible legal trouble, so please excuse me if I'm somewhat vague in some respects. IANAL.

    About 2 or 3 years ago, my wife visited a store in the Lansing, Michigan area and gave them my email address. From time to time, I would receive email from them. Eventually, I asked them to stop. They stopped.

    On November 21, 2002, I received an email from them asking me if I would like to begin receiving advertisements and marketing offers from them again. There was a link to click on, if I didn't want to opt-in. I clicked on that link.

    Approximately 2 months later, I received an email from them. They had an option to unsubscribe by sending an email to their unsubscribe address. It said I would be removed immediately. I even received a confirmation stating that I had unsubscribed. For the next month, I continued to get 2-3 emails from them per week. Each time, I clicked unsubscribe and was told that I had indeed been unsubscribed.

    After the 2nd email, I contacted customer service and reported the problem. No response. After the fourth time, I contacted them again, and threatened legal action, if they didn't stop. No response. I called customer service, talked to a live person, and was told that I would be removed from all their lists. But the email continued to come.

    I filed a lawsuit in Michigan small claims alleging violations of the "junk fax" law, having heard about a Michigan man who had won by doing so. 6 violations for $500 each, resulted in $3,000, the maximum allowable under Michigan Law for small claims. As evidence, I have nearly all of the advertisement emails as well as my requests to be unsubscribed, and their acknowlegements stating that I had been unsubscribed. Additionally, I have the emails I sent to customer service, which never received replies.

    About 2 weeks after filing suit, I received an email from their customer service stating that they were finally looking into the problem. I haven't received an email from them in the last 2 weeks, so I assume that I'm finally off their list, and it only cost me $36.50 ($32 small claims, $4.50 certified mail).

    However, now their attorneys have demanded that the case be removed from small claims and placed into general civil court (which is their right). Unfortunately, I plan to do just that.

    The FTC has publicly stated that not honoring removal requests is illegal. However, I'm not sure I have a private right of action in this situation. Using the Junk Fax law in general civil court is probably a bad idea, and I think I would likely have to claim actual damages in order to pursue it in general civil court.

    I don't really want to get in over my head. I'm sure they realize this, which then makes me WANT to get in over my head. However, I'm still not sure that I have a legal basis for my case. Even in a state like Washington, where anti-spam laws exist, half of the cases get dismissed by the judge.

    I called a local attorney and was told that I should dismiss, or risk being counter-sued for a frivolous lawsuit. Essentially, what they did is illegal, but there really isn't much I can do about it other than contact the FTC and the state attorney general, and if I pursue my case against them, I could wind up paying them.

    --
    Slashdolt
    • Better to stay in small claims court if at all possible. Small claims is geared toward individuals representing themselves - you'll (almost) be required to hire a lawyer to pursue the case in regular court (which will, of course, cost you more than you're claiming in damages).

      There's no advantage to you in going to regular court, and many disadvantages. Oppose their motion to move the case to regular court.
      • After rereading my message, I removed a line of text. It was supposed to read something like:

        "They're trying to get my to dismiss. Unfortunately, I probably do just that."

        --
        Slashdolt
    • by Anonymous Coward on Wednesday March 19, 2003 @05:32PM (#5547298)
      An activist! Bless you.

      For anyone out there who cannot convince FirstUSA bank to stop telemarketting to your house, call the assistant to the CEO at 888-622-7547 x6839.

      Tell her that you will call her back each time you get one of their calls. If she tells you that it could take several months to get off their lists, then tell here that it will also take several months for her to get off *your* list.

      I went thru this about 7 years ago and finally put a stop to it with this method after my "properly channeled" requests were ignored. They started up again recently; so I went straight to plan B. It works! Just call the CEO, or as close as you can get.

  • A former Dayton police officer who was fired in 1996 for selling drugs on the street, Childs said he doesn't rise most days now until 1 p.m.

    So let me get this straight. Not only is this Childs guy a commercial spammer who says people should "Quit your whining" about receiving spam, but he was also a drug dealer and a corrupt cop.

    So now, my question is how the hell isn't this guy in jail? You'd think between dealing drugs, being a corrupt police officer, and being a spammer this guy would be behind
  • On the first day, the Lord created email, and it was good.
    On the second day, the Lord created spam, and it was bad.
  • by bill_mcgonigle (4333) on Wednesday March 19, 2003 @03:07PM (#5546069) Homepage Journal
    Obscuring an e-mail address is an effective way to avoid spam from harvesters on the Web or on USENET newsgroups... ("example at domain dot com")

    I thought for sure by now spammers would have figured out regular expressions and e-mail address verifying modules, and I'm glad they haven't.

    But doesn't that prove that there's never been a smart programmer who's worked on an e-mail harvester?

    I think that says alot about the profession.
  • My plan for spam.. (Score:4, Interesting)

    by xchino (591175) on Wednesday March 19, 2003 @03:08PM (#5546085)
    Spam needs legitimization. Hear me out, now, before you add that -1, Troll. By legitimizing spam we put ourselves in control. We need laws on a national level defining exactly what is valid spam and what is illegal.

    We need the ISPs to work WITH the spammers ( or vice cersa). Make it trvial to filter, and only send it once. Give everybody a shared "Spam box", as place to go and see if they really need to acclerate their dialup to new levels, or a vacation, or whatever (I'm assuming 18" Penis and XXX TEEN LESBIANS will not be considered legit). We need stiff penalties to those who violate the law. We can't enforce the law in other spammer friendly countries, but we can enforce the law in our own. The company marketing should also be held responsible for violations, preventing American companies from just outsourcing their spam. Any spammer friendly ISP's either deal with their spammers or risk the entire range being blocked (voluntarily) by American ISPs. I know 99% of service providers would have no problem blocking out spammers voluntarily, especially if they are being good Americans while they are doing so. Let's not forget that as rapidly as it's changing, a majority of popular sites are American based. I know all you Norwiglians out there would probably drop your ISP if you couldn't get to slashdot just because your ISP supported spam.

    The DMA has too much money to let spam die, and apart from the slashdot crowd a majority of people don't find spam to be a big problem in their daily lives (albeit mostly thhanks to us busting ass). Some people actually enjoy getting spam. I don't understand it either, but to each his own. As an option in a recent poll said, grey areas definately exist.

    I think spam is a fact of life. Sometimes I get emails from business friends who include a small ad as their sig. We can't kill spam but we can change the face of it to be ever os less intrusive. We're going to have to compromise our "FUCK YOU AND YOUR GOD DAMN SPAM" attitudes if we plan on giving our credibility to our cause.

    We want complete restriciton, and they want no restriciton. Somewhere in the middle there's a feasible solution for both of us.
    • We need laws on a national level defining exactly what is valid spam and what is illegal.

      Simple:

      Non-Bulk or Opt-In: Legitimate
      Bulk and Non-Opt-In: Illegal
      Duh.
  • by arvindn (542080)
    Many surveys have shown that the vast majority of computer users (up to 95 percent) do not want to receive spam.

    Which means 5% want to receive spam? I'm surprised there's anyone at all that doesn't loathe spam except the spammers themselves.

  • It seems to me that the origin of spam deserves a really good goatse.cx link, but I've trolled enough this week.
  • Childs' apartment off Riverside Drive

    Wink, wink, nudge, nudge....

  • YASS = Yet Another Sleasy Spammer
  • by MBCook (132727) <foobarsoft@foobarsoft.com> on Wednesday March 19, 2003 @03:18PM (#5546182) Homepage
    On my PC (win 2k, using MS Outlook (not express)) I've managed to get almost all my spam filtered out. I still get 1 or 2 a day, but that's way better than the 30+ I used to get. All it took was spamassassian (to catch most of the spam) and cloudmark spamnet (which catches many/most of the viruses that seem to find their way to me). Works great.
  • by Anonymous Coward on Wednesday March 19, 2003 @03:18PM (#5546191)
    Here's what I presume [spamhaus.org] to be home address of the spammer named in the article.

    ABUSERS: C. Fielding Childs
    cf_childs@yahoo.com
    Bulker's Paradise
    4132 Pompton Ct.
    Dayton, Ohio 45405
    FAX: (937) 275-3741

    ALSO: Charles Fielding Childs, Jr.
    "MAIL ORDER ALLIED COMPANY"
    2936 Melbourne Ave.
    Dayton, OH 45417
  • Google Groups (Score:3, Interesting)

    by iso (87585) <[slash] [at] [warpzero.info]> on Wednesday March 19, 2003 @03:25PM (#5546237) Homepage
    I have the same email address that I've had since 1994 (basically firstname@lastname.com). Unfortunately I used it on the Usenet many years ago, before this was considered to be a bad idea. Nowadays, Google Groups (and perhaps others?) have my postings, and email address, forever immortalized.

    I imagine that harvesting software would crawl Google groups regularly. Is there anything I can do about this? This study makes it clear that after an email address is removed from the web, the amount of spam it receives drops off dramatically. It makes sense that removing my email address from google groups (the last remaining place it exists on the web) could help substantially.

    So the question is, will Google remove my email address from their site if I ask them? Has anybody else tried this?

    - j
  • Here [linxnet.com] is a link that Slashdot previously posted about a guy who successfully used 47USC227 to sue spammers. You can do it too. Go for the money, or gonads, whichever turns you on the most.
  • by adamkuj (263548) on Wednesday March 19, 2003 @03:36PM (#5546348)
    The Dayton Daily News article discusses Charles F. Childs, an Ohio native. Last year I testified before the Ohio Senate Commerce Committe regarding a proposed spam bill. That bill was later passed into law [state.oh.us] . Among other things, the bill has opt-out requirements, requires a pre-existing business relationship, and makes it a feleny to forge headers and/or abuse open relays or proxies to send email. I would imagine that Mr. Childs, and another Ohio spammer, Tom Crowles [toledocybercafe.com], are in violation of some or all of the provisions of the Ohio spam law. Here's a new get rich quick scheme for you: hire an attorney and start collecting damages from these scum (up to $100 per email plus legal expenses).
  • New Tactic (Score:4, Interesting)

    by thecoolestguy (602946) on Wednesday March 19, 2003 @04:10PM (#5546628)
    I've also noticed that lately spammers have been putting a 1 pixel wide image in the email message itself. (I.e. img src=spammers_server/pixel.gif?email=youremailaddre ss ) If the message gets opened or previewed - the pixel is pulled from the spammers server and a web log is created with your email address in it. Even viewing a potential spam email can verify your email address to the spammer as a valid account.
  • by mclarkcdt (660262) on Wednesday March 19, 2003 @04:41PM (#5546919) Homepage
    I have posted an HTML version of the report at http://www.cdt.org/speech/spam/030319spamreport.sh tml [cdt.org] . Thanks for your interesting comments, I am collecting them for ideas for future research projects. Mike
  • by forged (206127) <<moc.liamg> <ta> <zsetlos>> on Wednesday March 19, 2003 @05:48PM (#5547442) Homepage Journal
    The article was a great informative piece, and their conclusion was interesting:
    • Conclusions
      1. E-mail addresses harvested from the public Web are frequently used by spammers. By an overwhelming margin, the greatest amount of spam we received was to addresses posted on the public Web.

    They have forgotten to mention the very mailto: tag in their research. IMHO this might have been a crucial factor to their research.

    Although on the majority of web pages you have the mailto: link to be the same as your email address (duh), for research purpose it would have been interesting to separate the visible email address and the one in the mailto: tag. I am confident that whatever is in the mailto: link is what attracts spiders, and the email address displayed on the page gets less.

    Can someone with knowlege of harvesting get back to us and tell me if this assumption is correct ? Better yet, does someone has any data ?

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

Working...