Forgot your password?
typodupeerror
Spam

Following the Spam Trail 232

Posted by CmdrTaco
from the stuff-to-read dept.
An anonymous reader writes "MSNBC's Bob Sullivan doggedly follows a spam trail from Alabama to Argentina to find out who actually benefits from spam. The beneficiaries aren't necessarily the pasty faced, high school drop out industrial spammers we have gotten to know, but well known companies."
This discussion has been archived. No new comments can be posted.

Following the Spam Trail

Comments Filter:
  • Tea bagger (Score:5, Funny)

    by mao che minh (611166) * on Friday August 08, 2003 @06:32PM (#6650765) Journal
    The reporter wrote this story as if he actually broke it.

    MSNBC: we have known about the relationship between spam, lead generators, and legitimate businesses for years now. For example, when I filled out an add to enlarge my penis 3 years ago, I got all sorts of emails from GNC and other well known health and fitness companies.....oh wait, I mean, when I clicked on the "See Britney Nude XXX HOT Angelina J-Lo-XXX-HOT!" offer I got an ad from her record label and WareHouse Music in the mail. Yea, that's it.

    FP

  • by webguru4god (537138) * on Friday August 08, 2003 @06:37PM (#6650794)
    If you look towards the bottom of the MSNBC page linked in the story, there is a form that allows you to submit your spam stories, which asks for your name, hometown, phone number and e-mail address. Now what does MSNBC need with that information, in relation to your experiences with spam? Seems fishy to me...
  • Pick up the phone. (Score:5, Informative)

    by pontifier (601767) on Friday August 08, 2003 @06:40PM (#6650825) Homepage
    If you can nail down a domain that seems to profit, use the whois information and call them on the phone. I usually dont get spam after I have complained to a person. If the phone number is bogus you can report them at http://reports.internic.net/cgi/rpt_whois/rpt.cgi
    • by Yanna (188771) on Friday August 08, 2003 @07:46PM (#6651252) Homepage
      Notice how the guy that spams is in Argentina. First, I do not think that your calls will bother him more than they will cost you. Second, this guy is a real mercenary. This is his way of life.

      I ran a little query and found that he actually registers his domains under the following address:

      Entidad Registrante: Zonda Sistemas S.A.
      Direccion: Callao 1253
      Ciudad: Buenos Aires
      Codigo Postal: 1024
      Pais: Argentina
      Telefono: 4803-3824
      Fax: 4803-3824
      Actividad Principal: Sistemas

      Persona Responsable: Alberto Roberto Meyer
      Direccion: Callao 1253
      Ciudad: Buenos Aires
      Codigo Postal: 1024
      Pais: Argentina
      Telefono: 4803-3824
      Horarios Contacto: 10-18

      Fecha de registracion: 20/01/2003
      Entidad Administradora: Zonda Sistemas S.A.
      Direccion: Callao 1253
      Ciudad: Buenos Aires
      Codigo Postal: 1024
      Pais: Argentina
      Telefono: 4803-3824
      Fax: 4803-3824
      Actividad Principal: Sistemas

      Contacto Tecnico: Alberto Roberto Meyer
      Direccion: Callao 1253
      Ciudad: Buenos Aires
      Codigo Postal: 1024
      Pais: Argentina
      Telefono: 4803-3824
      Horario Contacto: 10-18
      Fax: 4803-3824

      Servidores de Nombre de Dominio
      Servidor de Nombres Primario:
      Nombre: ns.super-zonda.com
      Direccion ip:

      Servidor de Nombres Secundario:
      Nombre: ns1.super-zonda.com
      Direccion ip:

      Tercer Servidor de Nombres:
      Nombre: ns2.super-zonda.com
      Direccion ip:

      Cuarto Servidor de Nombres:
      Nombre: ns3.super-zonda.com
      Direccion ip:

      Sorry that it is in Spanish, but the only way to find this guy is by running queries in nic.ar. Were you in a position where you could actually phone this criminals, you need to add +54 11 to the listed telephone numbers (54 being the country code for Argentina and 11 the city code for Buenos Aires).

      Good luck!
      • by notfancy (113542) <matias@@@k-bell...com> on Friday August 08, 2003 @08:03PM (#6651357) Homepage

        Don't bother calling. The number is disconnected. I just called (I'm in BA, so it's local) and the earnest recorded-message lady informed me of the fact.

        I pity the poor soul that gets assigned that number.

      • Registrant Organization: Zonda Sistemas S.A..
        Address: Callao 1253
        City: Postal Buenos Aires
        Postal Code: 1024
        Country: Argentina
        Telephone: 4803-3824
        Fax: 4803-3824
        Main Activity: Systems

        Responsible Person: Alberto Meyer Robert
        Address: Callao 1253
        City: Postal Buenos Aires
        Postal Code: 1024
        Country: Argentina
        Telephone: 4803-3824
        Hour Contact: 10-18

        Date of recording: 20/01/2003
        Organization Administrator: Zonda Sistemas S.A..
        Address: Callao 1253
        City: Buenos Aires
        Postal Code: 1024
        Country: Argentina
        Telephone: 4803-3824
  • Huh? (Score:5, Funny)

    by MoeMoe (659154) on Friday August 08, 2003 @06:41PM (#6650831)
    What "well known" company offers penis pumps? Has Gates been up to more no good?
  • by Gherald (682277) on Friday August 08, 2003 @06:42PM (#6650834) Journal
    The beneficiaries aren't necessarily the pasty faced, high school drop out industrial spammers we have gotten to know, but well known companies.

    Wow, like we hadn't figured that out already.

    All commercial advertising, SPAM included, benefits companies.

    Individual spammers are just pawns like their more respectable counterparts in the legitemate marketing industry.
    • Well, yeah, we have already figured that out. But the article isn't for us, it's for the 85% or so of users who don't even know how to block spam or why they get any. I think Slashdotters take their computer literacy for granted sometimes. :)

  • but? (Score:5, Funny)

    by chloroquine (642737) on Friday August 08, 2003 @06:42PM (#6650835) Journal
    But what about us pasty faced social misfits? I mean, I deserve my slice of the pie as well.

    This article is written for an ignorant audience. I'm an ignorant audience and its smug tone of condescension even pisses me off.

    • The fact is, "pasty faced social misfits" who send spam don't make a product. They need to either buy something from some supplier, or be feeding into some sort of lead generation program like the article lays out. So, something does ripple through the economy...
  • Obviously (Score:5, Interesting)

    by dragonfly_blue (101697) on Friday August 08, 2003 @06:46PM (#6650862) Homepage
    Someone must be benefitting if they can afford to make me this kind of offer.

    Greetings,

    We need a vendor who can offer immediate supply.

    I'm offering $5,000 US dollars just for referring a vender which is (Actually RELIABLE in providing the below equipment) Contact details of vendor required, including name and phone #. If they turn out to be reliable in supplying the below equipment I'll immediately pay you $5,000. We prefer to work with vendor in the Boston/New York area.

    1. The mind warper generation 4 Dimensional Warp Generator # 52 4350a series wrist watch with z80 or better memory adapter. If in stock the AMD Dimensional Warp Generator module containing the GRC79 induction motor, two I80200 warp stabilizers, 256GB of SRAM, and two Analog Devices isolinear modules, This unit also has a menu driven GUI accessible on the front panel XID display. All in 1 units would be great if reliable models are available

    2. The special 23200 or Acme 5X24 series time transducing capacitor with built in temporal displacement. Needed with complete jumper/auxiliary system

    3. A reliable crystal Ionizor with unlimited memory backup.

    4. I will also pay for Schematics, layouts, and designs directly from the manufature which can be used to build this equipment from readily available parts.

    If your vendor turns out to be reliable, I owe you $5,000.

    Email his details to me at: info@federalfundingprogram.com

    Please do not reply directly back to this email as it will only be bounced back to you.

    Anyone else get this one? =P

    • Re:Obviously (Score:5, Interesting)

      by Arker (91948) on Friday August 08, 2003 @06:57PM (#6650953) Homepage Journal

      Several times. I couldn't figure out what the scam was so I did some googling. Apparently the guy sending them out is a bit... different. He really seems to believe that some time-traveling bad-guys ruined his life and caused him health and other problems. He seems to believe there are actually many time-travellers on earth at the moment, and wants to get a machine so he can travel back in time and undo the horrid stuff they did to him as a child.

      Numerous folk have corresponded with him and he's made the deal many times, but somehow the bad guys always seem to nab his seller at the last moment. Poor guy.

      • Re:Obviously (Score:2, Interesting)

        by gujo-odori (473191)
        I concur. I was working for an ISP at the time he started sending that stuff out. We saw hundreds of them, and at first we thought it was a troll to gather known-good addresses for future spamming.

        The stuff kept showing up from time to time, and eventually, on a day when we didn't have much to do, we did some tracking ourselves. Like you, we found that the guy apparently really believes it. We even found a web site where someone had posted his communications with the guy.

        I'm all for getting his Intern
    • Greetings,

      We need a vendor who can offer immediate supply....

      It's a wonder he didn't also spec an Illudium Q-36 Explosive Space Modulator while he was at it...

    • Re:Obviously (Score:3, Interesting)

      by Mustang Matt (133426)
      Here's mine... I was thinking it was revenge on the person at the email address listed in the parent post. I have to admit, I found it kind of humorous.

      I got the one from the parent post as well.

      >>>>>>>>>>
      Hello,

      I'm a time traveler stuck here in 2003. Upon arriving here my dimensional warp generator stopped working. I trusted a company here by the name of LLC Lasers to repair my Generation 3 52 4350A watch unit, and they fled on me. I am going to need a new DWG unit, preferea
    • I got one from him as well and he had posted a drop location for something and he gives a lat/long pair (see below). I geocoded it and the location is Woburn, MA on the corner of Willow and S Bedford streets. Now I live in Watertown Ma nearby and I was really tempted to go there an fuck with him. Unfortunately I did not have the time...

      Subject: Dimensional Warp Generator Needed wyvid ecasoylxcu

      Hello,

      I'm a time traveler stuck here in 2003. Upon arriving here my dimensional warp generator stopped working
    • Re:Obviously (Score:4, Insightful)

      by Zeinfeld (263942) on Friday August 08, 2003 @08:19PM (#6651484) Homepage
      Someone must be benefitting if they can afford to make me this kind of offer.

      There are a number of possibilities. The most likely one being that the guy is either a crank or a hacker with a wierd sense of humor.

      Another possibility is that there is some form of steganographic message being broadcast. This could be a signaling mechanism used to provide deniable communications from an 'owned' computer. Alternatively it might well be a genuine request for some form of parts. If you wanted to buy parts for some form of illegal weapon you might use this type of cimmunication to tell a quartermaster what is required.

      The advantage of using a message that appears to bee from a kook is that people tend not to take kooks seriously (unless they get elected to office but that is another matter). On the other hand if you are serious about anti-terrorism you listen to so many kooks that it becomes a warning sign. The type of people who stick a bomb in a litter bin outside a McDonalds tend to be whacko jobs.

      • Or you reply wondering what the guy is on and now all further communication has a "prior buisness relationship" .. I couldn't help but notice the address for more info was one of those financial sites on the email I got.
    • I think the point is to get people who think they are clever to email him and act like they delivered the stuff and are now asking for payment (as he says to do). "Hope you got the unit okay, I'd now like my payment..." ... now he has your email address and will spam the fuck out of you. If that's not it, then I'd have to vote for some sort of steganographic message (note there are different versions of this email w/ different numbers/specs).
    • by flux4 (157463) on Saturday August 09, 2003 @01:14AM (#6652963) Homepage
      Oh yeah, I know him. A real wing nut. He was odd when I met him in 2007, and I must say he's even stranger now, er, then. Who would use an Acme 5X24 anyway? Those things are so unstable... kind of like he is, really.
  • by inode_buddha (576844) on Friday August 08, 2003 @06:46PM (#6650866) Journal
    how many "middle men" are in the typical spam food chain, playing the percentages. Extra bonuses for network names, IP addys, hosting providers, etc. And also, why don't these large companies have the balls to just do it directly, themselves? /me thinks they are much like the Wizard of Oz, in this regard.
    • by dJCL (183345) on Friday August 08, 2003 @06:52PM (#6650915) Homepage
      If the big business did it directly, you would have an easy target and could hit them pretty hard and fast to stop it. This way they have a large number of layers of seperation(deniability) available. As the one company in the article said, they canned the account of the person who spammed to get the lead, but that person was probably already signed up under 15 other names and loses accounts once or twice a week. But that company has deniability, and can claim they took action, knowing that it was worthless...
      • by hackstraw (262471) * on Friday August 08, 2003 @07:53PM (#6651290)
        If the big business did it directly, you would have an easy target and could hit them pretty hard and fast to stop it. This way they have a large number of layers of seperation(deniability) available. As the one company in the article said, they canned the account of the person who spammed to get the lead, but that person was probably already signed up under 15 other names and loses accounts once or twice a week. But that company has deniability, and can claim they took action, knowing that it was worthless...

        Read that a couple times and think mafia, not spam.

        A while back their was a poll on /. about who was the most powerful with multination corps being one of the choices. Hmm........
  • by Linux-based-robots (660980) on Friday August 08, 2003 @06:47PM (#6650875) Journal
    The mystery is revealed. It is the The Hormel Food Company! [spam.com]
  • by Omkar (618823) on Friday August 08, 2003 @06:48PM (#6650879) Homepage Journal
    Hormel, or course. Free advertising.

    But seriously, does anyone here actually think people will care enough to boycott these companies?

  • by Thinko (615319) on Friday August 08, 2003 @06:49PM (#6650886) Homepage
    After IC Marketing received our data, it sold our information to a firm named Infoclear Marketing in Dallas, which then sold it to Mleads, which in turn sold it to Quicken, according to Newman.
    Infoclear immediately terminated its contract with IC Marketing when it heard about the spam offense, said Patrick Thurmond, who identified himself as a founder of Infoclear.


    Doesn't it sound a lot like InfoClear and IC (coincidence?) are actually the same company, but can appear to 'sever ties' whenever anyone anti-spam starts nosing around.. sounds like a nice setup to me, and the investigators won't implicate poor infoclear when tracing this back.
    Just my $0.02.

    Thinko

    "I have challenged the entire quality assurance team to a bat'leth contest. They will not concern us again."
    • Good observation but why would they want to make it so obvious?

      I mean, they could instead set up a front company named 'Starglass Inc.' and then set up IC Marketing as an affiliate.

    • Particularly when there is nothing stopping them from setting up another fake company and "selling" the leads to themselves again.

      Infoclear terminates its relationship with IC and immediately starts another relationship with C Marketing.

      When it is found out that C Marketing uses spam, C Marketing is dumped.

      And a new relationship is formed with I Marketing.

      lather
      rinse
      repeat

      As long as companies like Quicken are willing to PAY for "leads", there will be a market.

      Simply put, spam pays. It's easy money for
  • by SuperBanana (662181) on Friday August 08, 2003 @06:49PM (#6650887)

    What's that you say? Backbones don't police spam across their networks, spam that sucks up huge amounts of bandwidth, which they can charge people for? Whoa!

    Next at 11, employees who are responsible for self-policing timecard policies are ripping off employers!

    (seriously though- it's time we started taking major networks to task, like refusing to route packets coming from them, or refusing to send traffic to them. Watch how fast UUnet takes care of spammers, when customers find they suddenly can't get to sites. Pretty much the ONLY thing these days that separates backbones is how reliable they are- even a slight decrease in reliability, even just perceived or threatened, could have an astounding effect. Think of all the fuss SCO is causing to see the possibilities.)

  • From a related link. (Score:4, Informative)

    by spumoni_fettuccini (668603) on Friday August 08, 2003 @06:50PM (#6650893) Journal
    The spam dam [msnbc.com]Spam isn't that big a problem. A noisy, wired minority, the report said, has overexaggerated the spam jam-up. In fact, only 15 percent of workers surveyed say they have to deal with more than 50 e-mails a day. And nearly three-quarters said "only a little" of their work e-mail is spam.

    How many Sysadmins are running spam filters to catch that crap so the end user never sees it?

  • fighting back (Score:5, Interesting)

    by gclef (96311) on Friday August 08, 2003 @06:54PM (#6650927)
    I'm becoming more and more convinced that the only effective way to fight back is to spam the spammers. Not via email, but via their customer databases. Take the example of from this article: the spammers get paid for every lead they generate. But, if just 1% of the people who got the spam went to the site and *lied* about their identity, and their interest, the value of the list containing their info would go down so much as to make it worthless. Even if .1% of the people did this, it would dramatically reduce the value of such customer lists. That's the only way to stop spam, from what I can see: make it no longer economically viable.
    • Re:fighting back (Score:5, Informative)

      by rediguana (104664) on Friday August 08, 2003 @07:45PM (#6651247)
      Ah that will pale into insignificance when compared to the aging of the customer data already in the db. I did a Certificate in Direct Marketing (never used it in the end) 4-5 years ago, it was quite interesting. One of the points we were taught by our national DMA was that in a given year, approximately 25% of the customer records in a database will become outdated - I'm sure it is even higher in Internet time. The relevance to spammers is that they must continually be creating new databases to guard against obselete customer data.
    • Great post. Actually that was the first thing that I thought of when I read the article.

      We could go one step further, though. We could write a mail filter that would statistically classify spam and then reply to it using fake information. Everyone has three or four addresses on Yahoo!, right?

      I'm not exactly the best programmer, but I imagine starting with the source to spam-assassin or similar would be the way to go.

      This could be huge. Of course, to really make a dent, we'd have to write a filt
    • This is something I have been advocating for a while. Create a distributed app of some sort (think SETI@Home) which goes out and slowly fills these databases with real looking fake data. Its has to look real but be semi random, a couple of huge name lists which are used to randomly pick first, last, middle names etc. It would have to be updated occasionally to include new web locations for the forms, and to delete dead ones (possible have a central server which houses the lists). And expand the name list
    • I had a similiar idea about the SCO problem. I was wondering if (the royal) we could all mail 1 letter a week to SCO.

      The letters would be totally legit, requests for pricing information, comments on the situation, etc. It would be sort of a distributed DOS attack using the post office (I'm sure someone has done this before).

    • by Huusker (99397) on Friday August 08, 2003 @09:41PM (#6652005) Homepage
      The only effective way to fight back is to spam the spammers. Not via email, but via their customer databases.

      There is a utility called FormFucker [google.com] which spams web forms.

      It analyzes the web form and then makes 1000s of submissions using realistic-looking but fake names, addresses, zip codes, telephone numbers, credit card numbers, etc.

      Note that use of FF is very controversial, as many consider it fighting-abuse-with-abuse.

      • Very interesting. Thanks. I had thought about writing something like that for a while, but never got around to it.

        I think one of the big problems with FormFucker, which I'm trying to avoid, is that it's really a vigilante justice system. For some reason, which I can't totally put my finger on, having lots of people fill out one order form each (but with all of them lying) just seems less abusive than one person flooding the site with orders...even if the total number of fake orders comes out the same.

        I
  • by Cade144 (553696) on Friday August 08, 2003 @06:54PM (#6650930) Homepage

    According to the story, it seems like MSNBC was responsible for the termination of at least three business relations between "Legitimate" companies and spammers.
    If only more news outlets traced their spam the same way, it could put a dent in the demand for spam.

    Who am I kidding? Those spammers, er "lead generators" will go right back to work, selling to anyone who will buy, no questions asked. As long as businesses will pay for personal information, there will be plenty of weasels to sell it to them.

  • by andy666 (666062) on Friday August 08, 2003 @06:57PM (#6650949)
    paying attention to the spam i got, i managed to get a great morgage on a house, marry a beautiful russian bride, and i pleasure her every night with my enlarged, viagra powered penis.

    now, if only i could get some printer toner...
  • by ansak (80421) on Friday August 08, 2003 @06:59PM (#6650965) Homepage Journal
    The really telling remarks came in the final paragraph:
    "The only thing that's going to make spam go away is if people do not respond," he said. "When e-mail first started, you could send out 50,000 e-mails a day and make money. Now you have to invest a lot of money and time, you get a return rate of less than one-tenth of one percent. One day it will become so you can't send enough to make any money. And that's the only thing that will stop spam."
    0.1% and it's still profitable... sheesh! Won't it be nice when it becomes 1 part in a trillion and the race comes of age in e-mail usage.

    and it's always about the money...ank

    • Spam will go away when no one responds...

      ... Or, when everyone responds, with bogus contact information, so that the spammer or whoever hopes to make money off of spam must follow up on thousands or millions of false leads in order to find the one bite from a real pigeon.

      Downside, a few people spamming on behalf of "legitmate" companies will reap a windfall when they get to sell a whole lot of leads. But that will dry up quick when the companies paying for these leads find that the leads are all bogus.

      • Start your own "spam" company as part of the slashdot program to end spam. Solicit e-mail addresses from willing slashdotters who provide the desired false leads. You get both the benefit of bogus leads and the windfall from all the extra false leads
      • Would you like to make spam drop off tremendously overnight?

        The technology is there right now. All ISPs have to do is is block outbound port 25 TCP and the problem will almost vanish.

        What makes it that easy is the economics of spam. Spammers are generally not paying for the resources they use, which is how they can make a profit even at their incredibly small success rates.

        Consider the case of a spammer who uses a DSL or cable line to send spam. Assume a relatively expensive plan offering high bandwid
  • by reboot246 (623534) on Friday August 08, 2003 @07:01PM (#6650984) Homepage
    we do have computers in Alabama.

    And electricity.

    And indoor plumbing.
  • by rmarll (161697) on Friday August 08, 2003 @07:02PM (#6650996) Journal
    Interesting, if what the article says about the 20 dollar fee is true. Perhaps we can end spam by answering it.

    Facinating.
    • In selected cases, yes. Answering the loan spams would cause all the loan vendors to start looking a lot more closely at the lead rates they get, and probably start investigating why the rates suck for certain suppliers. That assumes of course that a given lead company is predominantly spam-generated or not.
      • Even if they are not predominantly spam-generated, there is some layer, which gets most leads from spammers (but doesn't spam itself). Hopefully, this layer would stop paying spammers for the leads and quit the business... Doesn't sound likely, though...
  • ISP connections (Score:3, Informative)

    by abhisarda (638576) on Friday August 08, 2003 @07:06PM (#6651021) Journal
    "ISPS MAKE MONEY, TOO
    An entirely separate set of companies also benefits from the spam economy -- Internet service providers who carry their traffic... In exchange, the ISP agrees to suffer more than normal complaint rates. In PSINet's contract, revealed on News.com, the firm received an upfront payment of $27,000 from Cajunnet, a marketing firm based in Slidell, La. In exchange, PSINet agreed to permit Cajunnet to send unsolicited email "in mass quantity" through PSINet's lines."

    Maybe this might drum some sense into somethingawful.com's heads.

    I made a comment 2 days earlier [slashdot.org] about this. If you do business with ISP's that work hand in glove with spammers, don't go around whining that SPEWS is the one to blame.
  • Read the article about mortgage rates. Guess what a popup advertised? Yup mortgage rates

    Fantastic

    Rus
  • by Tailhook (98486) on Friday August 08, 2003 @07:18PM (#6651097)
    The story ends with the conclusion that the existence of spam is the consumers fault. The assertion is that if spam didn't generate responses and, in turn, revenue, these business interests wouldn't bother causing it to be created, however indirectly.

    That logic is hard to argue with, but I have an additional way to fault the consumer. Why does the consumer continue to tolerate the open sewer that is contemporary email? It's not just spam. Millions of these sheeple have been infected with viruses sent via email. Spam and viruses, and a seaming endless ability to tolerate large quantities of both...

    One would think that after enough of this crap occurred, consumers would eventually consider dealing with it. RTFA to discover that you can't count on ISPs to deal with it. They value spammers and the extra money they're willing to pay. RTFA to discover that respectable companies participate via a web of indirection and plausible deniability. The only thing we have is the end user. If the end user isn't willing to deal with the problem, no one will.

    If the end user was willing to deal with the problem, then it becomes a simple matter. All that would be needed is a requirement that senders provide a verifiable signature in all messages, and easy to use white lists to remember the 'ok' parties. If the end user were willing to a.) obtain a cert that allows them to sign and b.) tolerate the need to not blindly open mail that hadn't been placed on their white-list previously, spam would not exist.

    The key here is the end user. Until they come around spam is inevitable.
    • When I can convince my grandmother to establish a challenge-response system on her AOL account, I'll consider blaming stubborn end-users.

      Fortunately, she hasn't purchased any penis pumps or Russian brides yet. It can't just be the consumer solving this problem any more than we can ask every human to go certify organic farms or kosher sausage factories. It's a question of time, a question of costs to benefits, and with verifiable signatures, a question of creating a binding international law that would ha

      • When I can convince my grandmother to establish a challenge-response system on her AOL account

        Do you suppose AOL wouldn't be happy to establish it for her for a small fee? All that's left now is for your grandmother to ask for it. That's where you come in...

        It can't just be the consumer solving this problem

        Actually, it has to be. All other interests involved would very much like to either a.) send you spam, or b.) sell the means for spam to be sent to you. This includes your ISP, and your bought-
  • No spam no spam (Score:5, Informative)

    by Brian Kendig (1959) on Friday August 08, 2003 @07:20PM (#6651107) Homepage
    I don't see what the problem is. I don't get spam any more.

    Now, granted, I run my own mail server: Exim, attached to SpamAssassin via SA-Exim. And this combination is highly effective. I have it set up to be more aggressive than most people would want their spam filter to be; if an incoming message even *smells* like spam, my server refuses to accept it and instead gives a failure message with an alternate non-filtered address to use if the email wasn't actually spam. In a year of running it, it's rejected 100 spams per day on average, with only one known false positive in the entire year (it was someone forwarding a spam to me). And if a spam is sent to one of the addresses which I haven't used for years, then I perform the added courtesy of tarpitting the spammer.

    But there are a lot of tactics that an ISP's mail server can use to cut down on a huge amount of spam without risking false positives. Check the mail against Razor and the other services which keep track of mass-mailings which have been reported as spam, for example. Refuse mail from a server which pipelines its SMTP commands then drops its connection without waiting for a response. Verify that the sending mail server's address actually can be resolved.

    ISP's could go a long way towards making spam much less of an annoyance if they'd just use software to filter out the obvious spams. Hook the mail server up to SpamAssassin, set the threshold high enough to avoid false positives.

    • I do not want my ISP deciding what is and what isn't spam for me. Others may be comfortable with that however. At most, ISPs could offer it as an option.
      • Re:No spam no spam (Score:2, Informative)

        by big-magic (695949)
        Most service providers that have anti-spam software will allow you to turn it off.

        But I think the real advance will come when service providers give individualized Bayesian filter to each customer. That way, each customer can decide what is spam to them. Of course, that's a lot of data to keep track of when you have a lot of customers. But I think it is doable. The downside is that during the training process, the customer would need to use a web based client rather than your IMAP/POP client in order t
        • I think it's possible, too. And ya know, I think if there's a way to offload some of that processing to the user's PC somehow, I think they'd be willing to do it. I know the ideal is to have spam cost the end-user zero (in terms of cost and resources), but if they have to do some text processing to see no spam, I think they'll be fine with it.
  • as this was a a mortage related spam - aka respectable spam - as opposed to the unrespectable spam like "enlarge ..." spam, it is not too off track to show how the big corporations are lobbying for the ability to send spam directly rather than thru these layers ...

    It is also very interesting that the big companies like Microsoft are paying lobbyists for laws that shall allow them to send spam, on the pretext that if only their spam is identified as spam it is no longer spam. I might give my email id to a Microsoft division, and then without my permission it is available to all the divisions of microsoft - even if I have no interest in all their products save one for which I gave my email - so isn't all the unrelated email they send me now spam ???

    What the big companies want to do is to send spam themselves, but prevent others from sending it. All knowing that spam is dirt cheap tool for sales, but there is only so much spam a consumer can take before the backlash hurts all spammers ...

    it is pure and simple application of game theory - when it becomes lucrative enough for the politicians, they will step into it too ...


  • People still don't get it....

    No new spam laws are needed to stop spam.

    99.9% of the spam on the Internet already is illegal and many cases criminal, involving the theft of computer resources and bandwidth, mail relay hijacking, forged headers, etc.

    The problem is the Feds won't enforce the existing laws on the books. Unless there is X amount of damage involved to a specific politically-connected corporation, they turn the other cheek.

    People need to ask their local District Attorney to start prosecuting t
  • by owlmon (696565) on Friday August 08, 2003 @07:31PM (#6651168)
    The article describes how "affiliates" get paid for supplying information gleaned from people who respond to spam e-mails.

    This suggests that the economics of spamming could be disrupted rather easily if large numbers of folks would helpfully supply the information that the spammers seek.

    Think about it. What would happen if every time a slashdotter got a spam, he responded with all the personal information (randomized, of course) that the spammer requested? The article used the example of a web form that the spamee was invited to fill in with his mortgage information.

    A perl script could generate a lot of fills to the web form in a short period of time.

    In the short term, affiliates would make extra money by selling truckloads of (phony) personal information. But within a few monthes, the large companies that pay for that information would wise up. That's when the spam economy would start to suffer.

    This strategy is only interesting to those of us that have good spam filters in place. I'm getting very good results with bogofilter now. I believe that I could "survive" the major spam wave that would result if I employed this strategy. But this strategy would be a lot more effective if I had some company.
  • In advertising there are divisions much like the white red black hats of hackers. Often times a company will submit a block of money to an advertising group, which will then employ dozens of different strategies. Often times, these techniques are not follow known or endorsed by the sponsoring company.
    Take for instance when IBM launched a "edgy" campaign where peace signs were spray painted on the sidewalks of SanFran. Or some TV show that quietly advertised by sending a non-existant football team to v
  • by Anonymous Coward on Friday August 08, 2003 @08:04PM (#6651363)
    Anyone find it funny that the article asks: "How does unsolicited commercial e-mail affect you?" and then prompts for your email address?
  • by tabdelgawad (590061) on Friday August 08, 2003 @08:22PM (#6651509) Homepage
    "Four days later, four companies sent us an e-mail indicating they knew we were looking for a new mortgage". Four days!! With the myriad layers of 'affiliates', 'lead generators', and 'spammers' operating in legally grey areas and distributed all over the world, it's amazing that it takes only this long to get a response. I mean, sometimes it takes longer to get a response from legitimate online tech support!

    The article opens by saying "There wouldn't be spam if there wasn't money in spam". Truer words were never uttered. And there wouldn't be money in spam if consumer demand didn't exist. All 'solutions' to the spam problem that fail to take this 'demand' problem into account are, IMO, doomed to failure.
    • All 'solutions' to the spam problem that fail to take this 'demand' problem into account are, IMO, doomed to failure.

      Court mandated rehab!

      1. Patent SPAM Rehab business model
      2. Convince administration to declare "War on SPAM"
      3. Convince Congress to require SPAM Rehab(tm) (patent pending) for repeat users
      4. Open SPAM Rehab Centers (including a few exclusive celebrity resorts)
      5. Profit!

  • by swordgeek (112599) on Friday August 08, 2003 @09:04PM (#6651782) Journal
    Don't know if the ads are static or dynamic, but the one I got, in the middle of an article about sleazy tactics and spammers, was a "CLICK HERE TO ENTER THE GREEN CARD LOTTERY!!!!!"

    Heh.
  • Sneakemail.com (Score:5, Informative)

    by KevinMS (209602) on Friday August 08, 2003 @09:24PM (#6651885)
    This is why Sneakemail [sneakemail.com] was created over 3 years ago. You can easily bust whoever benefits from your stolen/sold email address no matter how far down the chain it goes. For those who don't know Sneakemail was the first disposable email address service which was designed both for keeping your address clean and tracking those selling your address. Sneakemail got a mention in this months MIT Technology review magazine.

  • The Other Solution (Score:2, Insightful)

    by renard (94190)
    The article ends with the following conclusion (courtesy of an anonymous "small time" Spammer):

    The only thing that's going to make spam go away is if people do not respond.

    But that's not actually the case. As the article demonstrates, the companies making money off of spam are big, legitimate companies - companies that can be sued, or subpoenaed, or fined for their support of the Spam economy.

    What should happen is that the companies that are ultimately hiring the spammers - Ameriquest, Quicken Loan

  • The article points out how ISPs will ignore their rules when the spammers slip them a little extra cash. And then, at the head of the Slashdot list of comments, the most violently anti-Microsoft site I know has: a Microsoft ad!
  • by swordgeek (112599) on Friday August 08, 2003 @09:59PM (#6652118) Journal
    Every time I read an article about spam, I see a bunch of people promoting the spam filters on their system, or their ISP, or some other way of dealing with spam at the destination.

    The only way to deal with spam is at the source. The only way to stop spammers is to keep them from sending their shite in the first place. As soon as it leaves their computer, it becomes an arms race--we get better filters, they figure out a new way around them, we tweak our filters again. Eventually the entire email system worldwide becomes one big armed camp, and that's BAD! Worse yet, I see people proposing we go straight to that end right now, as a solution.

    We have to stop spammers from being able to spam, not stop the spam from reaching us.


  • Noticeably absent is any mention of Microsoft's support of spam, including their spammer-for-hire subsidiary, bCentral.com .
    Listbuilder is one of the worst at harvesting email addresses from any source they can get their hands on.
  • by gbulmash (688770) <semi_famous AT yahoo DOT com> on Saturday August 09, 2003 @03:49AM (#6653349) Homepage Journal
    A number of years ago, back when Sanford Wallace was still the self-proclaimed spam king, I did a little detective work... locating his mother's phone number.

    I'd started building an anti-spam site (I was going to call it "Spamintology") and I was planning to launch it with the number up front, suggesting that people call her to tell her what a bad boy her son was.

    But I didn't. Because after the visions of glory, I had visions of my own mother's phone ringing off the hook as spammers called her to complain about me. And that's when I cancelled my plans for the site.

    These spammers are often criminals, and always scumbags. If you really start to hurt them, hit them where they live, you risk them trying to hurt you back. That's why I decided to abandon my crusade, because I wasn't so altruistic as to put myself and my family in the line of virtual fire for the sake of zinging Spamford.

    Some spam will be stopped by current anti-spam laws under proposal, but the only way to truly stop spam is going to be to take it out of the hands of the FTC and put it into the hands of the FBI. Spam will slow when we see spammers on the evening news, walking into federal courthouses to defend themselves against RICO charges like John Gotti.

    If we put together an FBI Anti-Spam unit on par with the FBI's Organized Crime unit at its height, we'd see spam decrease and the nightly news would be entertaining again... for a while.

    - Greg

Adding manpower to a late software project makes it later. -- F. Brooks, "The Mythical Man-Month"

Working...