Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Spam

Mega-ISPs And Spam Support 200

Posted by Hemos from the bad-business dept.
WH writes: "Over at CNET there's an article about how PSINet and other huge ISPs have been secretly signing deals to provide spammers with internet connections." The other one I've seen is AT&T signing a contract with someone -- there were restrictions, but it's still troubling to see people's appetites for money overwhelming their ability to discern good vs. bad business practices.
This discussion has been archived. No new comments can be posted.

Mega-ISP And Spam Support More

Mega-ISP And Spam Support

Comments Filter:

  • wish i could do like pitr in userfriendly [userfriendly.org]

  • My sendmail doesn't forward but my li'l home server could still get choked by idiotic Spam-bot attempts to get it to do so.

    It also returns the mail to whoever sent the spam. That ties up the line in two directions. What I'd like is for sendmail to return the first message from a location and to swallow all further attempts to forward mail from the same location. I'm looking at "sendmail for Linux" to figure out how to make it do that. That takes care of my end of it.

    The other end is to make spammers pay for each message they send. You saw the numbers: Up to 20,000,000 emails in one night in a single mailing. That's $660,000. that they don't have to pay the post office.

    They paid a mere $27,000 to PSI Net for the priviledge of saving themselves over $500k+ per night and annoying the sh*t out of us?

    Sick the authorities on them for email fraud and depriving the post offices of the world of up to $234,960,000 per year in revenue.

    Even a paltry 5% sales tax on this amount is $12,500,000. Stolen straight from government coffers. And that's just from one of these ghastly Bozos. There plenty of them. This is a big enough crime to get the FBI, Interpol and governments from around the world interested.
  • They are headquarterd in Virginia which has an anit-spamming law on the books. $10 per incident. hmmm I may have to make me some money now. Can anyone say class action suit?
  • There's not exactly a lot UUNet or PSINet can do about spammers. They resell dialup services to TONS of ISPs, they don't really sell to the customers. Now, if somehow you can figure out what ISP the person's account is with, you can actually get something done. And if that person turns out to be using an Earthlink account, may Bob have mercy on their accounts :). I work for Earthlink (who uses both PSINet and UUNet), and we do our damnedest to remove spammers from our customer base.

    Yeah, it's damned easy to forge From: fields, but it's worth a shot at least.

    BTW, if you DO get spam from an earthlink.net or mindspring.com address (or a fullon hostname from either), send that stuff off to spam@mindspring.com. My buddies in AUP need work to do :)
  • Oops, there should be '-two or three second pause-' between "Hi" and "You've reached..." in the fourth paragraph. I put that between greater than and less than symbols, and ./ ate it, thinking it was a strange html tag.

    I should have previewed, sorry! :)

  • This means, the "individual" gets a gentle slap on the wrist (if that), and they go about their business. PSI, UUNet, and all the big ISPs don't give a rat's ass about spammers. That's why a *very* good percentage of spam you get has 38.x.x.x or 63.x.x.x in the headers. 38 being PSI, and 63 being UUNet. Try it sometime. It'll suprise you.

    Bullshit. The dial-up accounts get canceled. The dedicated customers get wacked when they generate complaints and refuse to resolve them. The 63.x.x.x netblock is not all UUNet. Please get your facts right before posting.

  • As pointed out to another poster: I don't give a fscking s5it about the contents of spam. The reasons where trampled ad nauseum, but the gist is:

    I absolutely, unconditionally believe in the right to be left alone. So, if I ask you not to send junk mail (you can do that here with a simple entry in the phone book, it's widely respected): Don't!

    If I ask you not to call me for any sales pitch: Don't!

    If I not explicitely authorize a commercial entity to contact me by email: Don't!

    The major difference is that junk mail doesn't arrive postage due and telemarketers don't call reverse charges. But with spam I'm forced to foot the bill and I don't care if it's for barely legal fisting teen sluts or for KDE2 from a "Linux Software House".

  • It's not "free" if someone else is forced to pay for it. UCE takes disk space, bandwith and labor out of other peoples wallet. It's not even like junk snail-mail where the sender has to pay postage. Virtually all the $cost$ of spam is paid for by people other than the spammers.

  • I think this would be a place where we need the government to step in.

    Here's why I disagree: if government is to step in, then that means that society wants it, right? But if society really wants it, then society can fix it itself. Just use blacklists, or require crypto sigs on mail that you receive and look it up in a trustworthy-vs-spammer database, etc.

    IMHO, the only advantage that is gained by using government for this, is not that it forces society to deal with the problem (since, if government is involved, then unless there's corruption, it means that society already wants to deal with it). Rather, it forces society into a consensus of how to deal with the problem. The problem I have with that is that when government tries to dictate how to deal with a problem, they come up with crap (e.g. DMCA).

    You may think that your government solution for how to deal with the problem is perfect, but it has holes. For example, if the spam doesn't have a valid return address, and you trace it to having come from a relay outside of USA, what can you do? You just end up with an unenforcable law. I hate unenforcable laws.


    ---

  • I get legit email from people I've never conversed with before asking questions or commenting, and I'd rather not lose those.

    But if enough people blacklisted those people's ISP, then those people whose mail you risk losing, would go to another ISP (or their ISP would do what it takes to get off the blacklist).

    This reminds me of the prisoner's dilemma. If everyone adopted the blacklist strategy, then it would become the best strategy, and mutants who didn't use the blacklist would be the ones who suffered (they would get spam, but no additional legit email). But if most people don't use the blacklists, then the few people who do use it, end up losing.

    Argh.


    ---
  • Yeah I get that too alot... a lot of spammers take an address @home with a common name and just keep adding letters to it, the header will look like this...

    nitehawk1@home.com
    nitehawk2@home.com
    nitehawk3@home.com
    nitehawk4@home.com
    nitehawk5@home.com
    etc...
    no wonder @home's email servers are so faulty...

    -nite
  • Spamming to stop spamming is ... stupid. Why is your spam better than anyone else's?
  • We must remember that telephone companies actually like spam. The more network traffic there is (no matter what it is) the better for telcos. So, any ISP owned by a telco will have an interest in promoting spam.

    The only thing that have to do is keep it at a level where it doesn't stop people from using email altogether. But untill that limit, as far as they are concerned the more spam the better.

    I was about to change my long distance company from MCI-WorldCom to ATT last week in an attempt to boycott telcos that promote spam, but then the ATT spammer deal emerged. So, I guess it will be Sprint, which seems to have cleaned up its act.

  • Comment removed based on user account deletion
  • Have you ever wondered what kind of person would be a spammer? Ever wondered how they think?

    I found this site a while back and found it very interesting. Check out Behind Enemy Lines [freewebsites.com].

  • Re:I've known this all along.... (Score:3)

    by kaip ( 92449 ) on Tuesday November 07, 2000 @05:58AM (#643376) Homepage

    This means, the "individual" gets a gentle slap on the wrist (if that), and they go about their business. PSI, UUNet, and all the big ISPs don't give a rat's ass about spammers. That's why a *very* good percentage of spam you get has 38.x.x.x or 63.x.x.x in the headers. 38 being PSI, and 63 being UUNet. Try it sometime. It'll suprise you.

    According to the SpamCop statistics [spamcop.net] the biggest sources of spam are currently:

    1. UU.NET (78,521 complaints)
    2. DIALSPRINT.NET (9,638 complaints)
    3. USS.NET (8,708 complaints)
    4. BELLSOUTH.NET (8,348 complaints)
    5. BELLGLOBAL.COM (6,404 complaints)
    6. PSI.COM (6,139 complaints)
    7. POPSITE.NET (5,733 complaints)

    UU.NET wins this contest easily... :(

  • Like I've been telling people for years now, popsite.net is about as spam friendly as it gets! I've reported hundreds of pieces of spam to them and never once got a response. I've CCd their domain billing/admin/tech contacts and never once got a response. Heck one time I even CCd the president (president@whitehouse.gov, not com! :) ) and talked about how there should be federal laws against unsolicited commercial email and the providers that support it. Nothing. Nadda. Zilch. Go to their website and read the page. Sure they make it sound like they aren't the bad guys, be you and I both know that's a crock of spam.

  • Good idea... in theory.
    How about mailing lists - I'm a member of many of them (including spamtools [abuse.net]), and it just wouldn't be possible to encrypt each message (or digest) per person. Some lists have several hundred valid subscribers.

    Richy C. [beebware.com]
    --
  • Well that's exactly what is the worst about Spam. People like you don't even realise why it is so. Don't you consider your mail Id more private space than a tv program? Who stopped you from placing Banner ads?
  • Comment removed based on user account deletion

  • Re:How do we fight this? (Score:3)

    by Floyd Turbo ( 84609 ) on Tuesday November 07, 2000 @04:12AM (#643381) Journal
    Subscribe to the MAPS RBL. Use their BGP feed to drop traffic. This way, the outage is coordinated with vast numbers of other RBL subscribers. As a result, it hits the spammers much harder and gets action taken much more rapidly.

    This will still cost you legitimate traffic, but there's no way around that. You simply have to bite the bullet and suck up some short term costs for the long-term health of the net.
    --
  • Is there a "clueless" moderation category for posts like these? Like, please...

  • A hotmail acount I never used, is spammed by +- 30 emails a day.

    Same here, I created a Hotmail account intending to use it while my-deja.com was down for upgrades. The upgrade got postponed, I didn't use the Hotmail account for a while, but when I went to first send mail through it, the box was full of spam.

    The account name is only 4 letters, thus I suppect that the spammers spam form A to ZZZZ.

    Well, my account name was 14 letters long, so I suspect rather than Hotmail sells the addresses themselves as an extra revenue stream.. ;-)

  • How many people think that perhaps we need more free (or minimum-pay) services like SpamCop [spamcop.net]? I forward spam to them on a fairly regular basis, with an average of one out of eight spammers' accounts being reported closed by their ISP. And to date, after a year and a half of usage, only two spammers have managed to avoid identification, the last being about seven months ago.

    Questions, comments, flames? Operators are standing by...

  • Yes, I do; when the amount of advertising completely overwhelms and drowns the content.
    Sometimes it seems to me like we're headed that way with spam as well.

    Besides, with TV / magazine ads, I have the option
    to completely forget about them, ignore them.
    Not so with spam. I have to invest time and effort
    to filter and delete all this junk.

    If someone was to ring you up 20 times a day to
    throw different salespitches, you would probably
    want to outlaw phone sales, wouldn't you?

  • I think that the big problem with spam and why everyone hates it so much on the user level is not the volume of it (although that's a different story on the admin level) as much as the content. Who wants to get mail from "Hot, fisting teen sluts"? or "make 1 million a year just by sending a dollar to everyone on this list". I think that there should be an accepted standard of whats sent by Email. You never see ads for porno coming through snail mail to your 6 year old son. people would be outraged and the companies and/or persons would be forced to stop. I think that we could get just about ever Xrated spammer on charges of distributing pornography to minors if we really tried. Even if they just put links in thier Email, look what happened to 2600 for placing links to DeCSS on thier site. On the other hand, I know that most people here would disagree, but I dont mind getting ads for Technical magazines and similar items by Email and similar content and I think that that should be accepted.
  • What's new about this is that we now have documentary evidence that AT&T and PSInet have both conspired with spammers to look the other way whilst the spammers commit theft and trespass; and since PSInet is incorporated in Virginia, their conspiracy is probably a felony crime, while AT&T's is mere tortious behavior.
    However, in both cases, the existence of the "pink contract" constitutes evidence of classic "simple conspiracy," which is also a criminal offense, and since it crosses State lines in both cases, it's probably under Federal jurisdiction.
  • Spam costs me money. It costs me time and bandwidth, it costs my ISP bandwidth and disk space.

    I'm absolutely for free speech, but I draw the line at being forced to accept collect calls from anyone with something to sell.

    If I sign my business up with a cheap hosting company, and I end up with the same IP address as goatse.cx, I can expect to get blocked by censorware. If I think my customers are the kind of people who use censorware, then I have to find a different host.

    I personally think MAPS is the right way to go. You're free to use it, or not, or use your own list. The spammers can keep making their collect calls, but now I don't have to pick up the phone.

    --

  • if the same message is sent out to more than X number of people where X is fairly low, KERPOW! No account.

    Which also keeps legitimate (listserv/majordomo) mailing lists from being operated from behind their connections.

  • Here's why I disagree: if government is to step in, then that means that society wants it, right? But if society really wants it, then society can fix it itself.

    The catch is that the government would have to get out of the way of society's efforts to fix the problem. How about old-fashioned outlawry (i.e. the protection of the law no longer applies) for spamming? (That is, if you can prove that X spammed you, turning X's box into a $2K doorstop is legally treated as self-defense, not cracking.)
    /.

  • I dunno. Many months ago I created a Hotmail account with a completely random 12 character log account name. I check it every couple of weeks. I've sent mail to it occasionally. But it has never, ever recieved a piece of spam. Ever.
  • I set up one last year, mainly to allow me mail access when working away from home. I deliberatly chose a jumble of alpha-numerics, yet got spammed almost instantly. There is no way they could have guessed this account, unless they tried every 6 character alphanumeric string possible.

    Oddly my main ISP email address got on a Chinese spam list a few days after joining, and I still get chinese spam to this address two or three times a week.

    I now use this email address for all web activity where security is not needed.

  • Re:Some People have no clue (Score:5)

    by Alien54 ( 180860 ) on Tuesday November 07, 2000 @06:13AM (#643393) Journal
    I'm beginning to lean towards the shoot them in the face solution.

    I understand. the advantage is that the small fry cannot go over seas. and other countries may get into the act.

    [insert visions of KGB agents hunting down russian spammers]

    Well. there is always the following option, as posted on Segfault [segfault.org] back in april 99 [segfault.org]:

    Mafia Don Announces New Anti-Spam Venture

    As the NSA and FBI fear, traditional crime organizations have been incorporating high-tech communication into their organizations. Although Janet Reno was quoted stating "This is law enforcement's worst nightmare.", techies around the world are sure to be pleased with one New York Syndicate's new venture.

    It all started when Don Dominiqi signed onto his AOL account last Monday morning. His inbox was filled with "Make Money Fast", "Viagra On-Line", and "Teenybopper Web Sex" ads. Lost amidst the drivel was an important note detailing a non-taxed shipment of Marlboros, which were later confiscated by the BATF. Little did he know, as he shouted "Bring me the left hand of this f*cking gutterslime!" what would become of it all.

    Later that same day, Billy "Run!" Brutekowski and Larry "My Eyes!" Plucker cornered the pasty-faced offender of the Family in a small cyber cafe in Grenich Village. "This was by far the creepiest place the Boss has ever sent us." stated Billy, who only spoke on condition of anonymity. "Everyone in this place looked pale and sickly, like they had already been 'spoken to'. We asked for this punk, and several people quickly pointed him out. Most of the scum we find in gin joints aren't so quick to finger one of their own," Billy continued.

    "He must not watch much TV, because this sh*t didn't even flinch when we came to the corner he was hiding in," Larry proceeded to relate. "We dropped this sheet of paper the Boss had given us on his table and he says 'So you guys want to make money fast, eh?' He puts out his and says to give him $20. This scrawny little dirtball tells me to give him $20!" Larry was quite agitated at this part in his story, and his description of how Sammy Spammer's hand fell off was quite garbled.

    Billy continued, "Up till now, this was a routine visit. We was just being playful. The weird sh*t began when we tried to leave." "This pimply faced kid blocks the door as we try to leave, and I'm thinking to myself 'Great, a f*cking Karate Kid hero. He just stand there, and then he hands me a $5 bill." Billy pulls out the $5, and holds it like it is his first quarter from his favorite grandmother. "They lined up after that, and we had $175 in 'tips' when we left the joint."

    Later that day the Don himself visited the café, unwilling to believe the story. Although the details are unclear, sources at the café indicate that the Don has hired them to build and host a new Anti-Spam site. Through a SSL transaction system, the site will accept spam complaints and credit card donations towards 'solutions to problems'. Multiple complaints against the same spammer are added to the total until an acceptable solution has been found.

    Larry tells us that a typical $250 solution is a broken hand, and for $2000 all anyone ever sees again of 'the problem' are his shoes.

    The URL is to be announced next week, and the cyber café's phones have been jammed with requests for more information.

  • It's pretty much exactly the same sort of deal the the US Postal Service has cut with bulk mailers. It also happens to be the single most (and perhaps only) profitable segment of the USPS. The only reason that you can still mail a letter for a mere 32 cents is that they make all of their real money stuffing your mailbox with credit card offers and Wal-Mart circulars. Seems like ISP's will inevitably move in the same direction.

    Difference, of course, is that you can still choose your ISP in the US, so free market economics should sort the issue out in the end. Doesn't seem likely that you'll get your choice of postal carriers any time soon...
  • If there's someone in the government to CC, send it to the FTC [ftc.gov] (Federal Trade Commission). They handle a lot of fraud, make-money-fast schemes, pyramid schemes, etc, etc.

    I am the Raxis.

  • SMTP server registration. (Score:1)

    by Anonymous Coward
    d00f on Tuesday November 07, @11:13AM EST wrote:

    I believe a very effective way to stop spam is to regulate that each ISP must specify valid SMTP servers much in the same way there is a whois database with all the DNS servers listed. If we do this, then organisations can easily choose to deny all messages coming from dialup connections and it leaves spammers with only one method of sending spam. They would have to use their local ISP's SMTP relay to get their spam out. This would be trivial for the ISP to find and shut down. It would also bring stronger incentives to monitor and stop such activity if their own SMTP servers were being hit.

    The idea is to create an SMTP server registry.

    Reasons against (off the top of my head):

    1.) There's way more SMTP servers out in the world than DNS servers. Maintaining the list would be a nightmare. And how will we validate who's a valid ISP and who's a dirty spammer?

    2.) This would block tons of legitimate mail servers. Dialup ppl who couldn't register because of dyn IP's, small businesses who don't know how to register, but bought MDaemon or a WhistleJet or some other out-of-the-box mail server, etc.

    3.) This would add an onerous registration process to the setup of any small business network, if they wanted their own SMTP server.

    4.) Some (many?) ISP's don't provide SMTP relay for their customers.

    5.) This would impose a time delay in getting mail servers up & running. Do you want to wait a week, 2 weeks, a month for your SMTP server registration to go thru before you can send mail?

    Etc...

    I hate spam as much as anybody but this is a yucky idea.

    -david

  • There in this for the money. They're going to make that money any way they can get away with. And since Joe Schmoe does not have a clue what it's all about, they'll be able to keep getting away with it for the new future. If it bothers you, you can either ignore the Internet (like really...) or start your own ISP. Deal with it.
  • Not ten minutes after I created an @Home e-mail account for my parents, they were getting the same spam I was. Thanks for selling my address, @Home.

  • Even virgin accounts are spammed (Score:3)

    by Shadow-Wing ( 140086 ) on Tuesday November 07, 2000 @03:44AM (#643401)
    A hotmail acount I never used, is spammed by +- 30 emails a day. The account name is only 4 letters, thus I suppect that the spammers spam form A to ZZZZ.

  • MCI and Spammers (Score:3)

    by Greyfox ( 87712 ) on Tuesday November 07, 2000 @03:45AM (#643403) Homepage Journal
    Back when I was working at MCI (Before the Worldcomm takeover) we had a very strict anti-spam policy. If we got enough complaints about spamming from your domain, we'd cut your ($1600+ a month) internet connection off. That was always something I respected about the company.

  • I've known this all along.... (Score:4)

    by Accipiter ( 8228 ) on Tuesday November 07, 2000 @04:17AM (#643404)
    Oh please. Anyone who has ever forwarded a spam E-Mail to abuse@psi.net or abuse@uu.net knows this. You usually get a first reply stating:

    Your e-mail has been received by [insert isp]'s abuse investigations. You have been assigned ticket number #SpammersAreCoolXorAndRot13. DO NOT REPLY TO THIS E-MAIL. It's automated. So shut up.

    Then, almost like clockwork, a follow up letter arrives:

    This is a follow-up letter from [insert isp]'s abuse team. Ticket number #SpammersAreCoolXorAndRot13 has been dealt with according to our AUP, and action has been taken against the individual.

    This means, the "individual" gets a gentle slap on the wrist (if that), and they go about their business. PSI, UUNet, and all the big ISPs don't give a rat's ass about spammers. That's why a *very* good percentage of spam you get has 38.x.x.x or 63.x.x.x in the headers. 38 being PSI, and 63 being UUNet. Try it sometime. It'll suprise you.

    As for this article, it comes as no suprise to me. UUNet and PSINet have been known to forward your abuse@ complaints to the spammers themselves, and are both well-known spam harbors.

    DIE SPAMMERS, DIE. (Oh, and please take a few Spam-Friendly ISPs down with you. Okay?)

    -- Give him Head? Be a Beacon?

  • They're in it for the money. They make tons of money selling WATS lines to telemarketers and other phone-annoyers, why shouldn't they make money off of spammers?

    My understanding is that if there's money to be made off of it, corporate America will do it and grease congress to make it legal and then justify it by saying "we're in a legally sanctioned business".

    Anybody who thinks that "business ethics" means anything more than "lying or stealing without getting caught" is living in fantasy land. Of course I think it *ought* to mean more than that, but the hard reality is that it doesn't.
  • What happened to the blacklist of 'spammer' domains that was constantly kept up to date.
    (With its oh so memorable FLA name!)

    My "ISP" has the following 550 messages waiting for you if you connect to its SMTP port from the wrong location

    550 We do not accpet mail from Yahoo.com a known spammer domain.

    Anyone with their own SMTP port can implement this.

    FatPhil
  • Kuro5hin had a story about this on Nov. 1. Here [kuro5hin.org] .
  • The spammer made this observation in passing:
    "We'll send out between 5 (million) and 20 million emails at a time and take a lot of heat from people whining and complaining."
    as I noted, no clue at all.

    This is why I support the idea of a spammers license. This point of the spammers license is not to legalize spam. The point is to get a legal address where they can be billed for spam, and make it legal to bill the spammers for the traffic at each step of the chain, including the recipient. Enforce the collection via you favorite government agencies - say the IRS and the ATF for example (take your pick). Sufficiently high billing rates would make it rather unprofitable.

    .

    "Never apply a Star Trek solution to a Babylon 5 problem"

  • If you could give giant ISPs more money NOT TO carry spammers than the spammer can give them TO carry them, then perhaps they might listen to your arguments.
    Once you pay the danegeld, you never get rid of the dane. I like the idea someone posted for dealing with Canter & Seigel better.
    --
  • I don't really get spam, so I guess I don't care. People can subscribe to RBL/MAPS and block my legit emails if they want I guess, but I don't see spam as ever stopping. Filter early and filter often that's the only way to deal with it.
  • I think any ISP that starts this garbage should have all it's users LEAVE! Then they should be DDoS'ed. Spam is NOT free speech it is HARRASEMENT! I think that These ISP's should also be sued for harboring criminals - people who harrass others. Since they are signing contracts with these scum it would not be hard to get suppeanas to get the name, address, phone numbers of these scumbags to sue them for harrassment - then sue the ISP for harboring criminals.

    That would teach 'em!

  • Any moves to blacklist these guys yet?

    Of course, suing MAPS seems to be coming into fashion, and I could the the shit really hitting the fan in this situation. Hopefully, though, things would go the right way and a precedent would be set in favour of blocking prominent domains.

    And it would be fun to watch the telco suits squirm like the worms that they really are.

  • Here's why I disagree: if government is to step in, then that means that society wants it, right? But if society really wants it, then society can fix it itself. Just use blacklists, or require crypto sigs on mail that you receive and look it up in a trustworthy-vs-spammer database, etc.

    So instead of enforcing a law that says everyone must identify themselves (or at least their originating address), you would have us work at one level removed from the problem. After half the people in the world have been spammed, the spammer's name can go into a blacklist. Of course, what will be blacklisted if no name was sent, and what's to stop them from using another throw away account.

    IMHO, the only advantage that is gained by using government for this, is not that it forces society to deal with the problem (since, if government is involved, then unless there's corruption, it means that society already wants to deal with it). Rather, it forces society into a consensus of how to deal with the problem. The problem I have with that is that when government tries to dictate how to deal with a problem, they come up with crap (e.g. DMCA).

    e.g., traffic laws (what we have now is so much worse than the early days of the car when people could just cross the intersection whenever they liked, isn't it?).

    e.g., environmental control laws (it is much better when companies get to decide when their waste is too toxic for the environment, isn't it?)

    I could go on with a long list of good laws that lead to an orderly and civil society, but suffice it to say that not all laws are bad. Your slander of the entire legal system supported by a single example pushed through by powerful individuals in a manner that, if not corrupt, is at least questionable, does not give due credit to a system that has served us well for two centuries. Right now we have a tension in how people should interact. It is a proper role for the government (the organization appointed to add order to how we interact) to add order to this interaction.

    You may think that your government solution for how to deal with the problem is perfect, but it has holes. For example, if the spam doesn't have a valid return address, and you trace it to having come from a relay outside of USA, what can you do? You just end up with an unenforcable law. I hate unenforcable laws.

    If it becomes too much of a problem, you can block the entire domain at the US borders? We can nuke that country? How about, we exercise trade sanctions or even enter into a treaty with said country? Since the citizens of that country would most likely have the same problems that we are, maybe we could get them to implement a compatible law.

    BTW, when was the last time you got a fax without the transmitting number being printed on it? All fax machines, and programs automatically add the originating phone number because companines large enough to make a profit selling these consumer products don't want to run up against the law. A lone spammer on AOL may spurn the law, but do you think PSINet or AT&T would do it openly without getting paid some fairly high dollars? And if they get paid that much, that means that the cost to the spammer will be increased, which should cause a decrease in the quantity of spam. Which in the end is all that we really want anyway.

  • Really, if anyone should be put on it it is them. UU.NET is the ogrigonator of nearly 80% of the spam I get. Of course I guess I could set up my own mail server and take care of it myself.
    Molog

    So Linus, what are we doing tonight?

  • Re:I've known this all along.... (Score:3)

    by JeffL ( 5070 ) on Tuesday November 07, 2000 @04:36AM (#643428) Homepage
    Indeed, the majority of spam I get originates at a uu.net or psinet dialup (except the foreign stuff relayed through a Chinese or Korean government servers), and I get this same annoying response back each time.

    If the institution of higher learning that I am at got some backbone they could probably finance their entire IT budget off the spammers, because it is illegal in this state [slashdot.org].

  • Re:PSI I don't understand, but with AT&T... (Score:3)

    by russ-smith ( 126998 ) on Tuesday November 07, 2000 @04:38AM (#643429) Homepage
    You can sue them for the phone calls see

    ATT Called.com [attcalled.com]

  • Bullshit. Spam is bad as long as its non-invited. Yesterday, "nissan computer corp" spammed me because of nissan auto wants to shut'em down. Guess what? ncc is now one of my sworn enemies, and i've complained to their ISP's, simply because I don't want their spam.

    If they had gone other ways than spamming, I would've supported them. But, by spamming, they made me one of their enemies.


    --
  • a dialup & email account I had since 1994, from a small startup ISP, was recently sold to Earthlink, notorious for allowing spam - I prefer the local FreeBSD Mom&Pop shop (w/ roots going back to BBS days) anyway, wasn't using the dialup anymore, the email address was on many spam lists, all signs said CANCEL, and good riddance it was.
  • UU.NET dial-up servers are used by a few large ISP's. MSN is the largest ISP I know of that uses UU.NET. So an MSN customer will get an IP which will point back to a UU.NET server. Unless the spammers put an MSN email address in the SPAM, there is really no way of determining which ISP is being used (Unless UU.NET looks at their logs).

    In the small town I live in, four different ISP's that I know of use the same UU.NET dial-up server. The only difference is on the users end when they dial-up. Logins are [ISP code]/[user login] (i.e. - MSN/luser). There is no way to effectively add UU.NET to RBL because a LARGE chunk of IP's would be blocked.

  • Exactly. My main email all comes from my yahoo account. I have found it very useful, good uptime, and one can setup a great set of filters. I get maybe 1 spam a month to my inbox (all the rest is routed to the trash which I never see). I find web-based email much easier to get to than a shell because you don't always have SSH handy.
  • One of my concerns with implements the RBL or similar block lists is that it will get legitimate email to me in addition to spams; e.g. all or nothing. Because I do run web sites, I get legit email from people I've never conversed with before asking questions or commenting, and I'd rather not lose those.

    I found a procmail recipe set called "SpamBouncer" [spambouncer.org] which has catches for most common spams and can read from RBL and other sources for more spam goodies. Besides being able to install as either a machine-wide or a individual user setup, it can also have several options for dealing with spam: /dev/null, bouncing the mail back to the domain for possible spam dealings, or, my favorite, dumping all spam to a specific mailbox. This way, I can read through the spam that was sent and see if any messages were truly legit (and in a list of subjects which is mostly spam, it's easy to pick out the legit headers, as opposed to picking out spam headers in a bunch of legit mail).

    Only drawback with this is that it is processor heavy; a long overdue fetchmail that pulled up a 100 messages got my CPU usage on a 200MHz to 15+. But the program is actively maintained, usually with weekly updates.

  • Potential for abuse... some assumptions (Score:4)

    by Some guy named Chris ( 9720 ) on Tuesday November 07, 2000 @06:53AM (#643448) Journal

    There are over 3,000,000 businesses in the USA which are members of the United States Chamber of Commerce (a href=http://www.uschamber.com/_About+Us/Who+We+Are /default.htm>source). Now, assume that spam becomes an accepted business practice, and 10% of these small businesses decide to send out 1 spam a month. Assume you are only on 10% of these companies spam lists (a generous estimate, since once you get on one, you tend to get on them all).

    3,000,000 small businesses

    * 10% spammers
    ---------
    300,000 spamming small businesses
    * 10% of lists you are on
    ---------
    30,000 spams you get a month
    30 days per month (avg)
    ---------
    1,000 spams per day.

    Now, if you received 1,000 spams per day because spam was legitimized, just how useful is email to you anymore? I'd say not very.

  • Re:How do we fight this? (Score:4)

    by Starship Titanic ( 207017 ) on Tuesday November 07, 2000 @04:42AM (#643453)
    Yes, rejecting all traffic from ISPs of that size IS possible. Ever heard of the Usenet Death Penalty? [cabal.net] Those were applied to a lot of major ISPs and backbone providers, inculding, as it appears, PSI. The same is possible for all net traffic. So how do we fight this? Talk to your ISP's/uplink's friendly sysadmin.

  • How to Stop Spam (Score:3)

    by Greyfox ( 87712 ) on Tuesday November 07, 2000 @04:44AM (#643455) Homepage Journal
    If everyone rejected unencrypted messages by default, spammers would go away. If they were no longer able to send out 2 million spams with one shot to an E-Mail list, spamming would become economically unfeasible.

    But Grey (I hear you cry) we still get junk mail despite the postage. True, but THEY actually have something to sell you. Spam alienates most of the target audience so only shifty companies advertise that way. If they can blast out 2 million E-Mail for free and have 10 or 15 people they can bilk respond, they've made a profit. Require bigger hardware for encryption, plus the time it takes to encrypt to 2 million public keys and all of a sudden, spam gets a lot less economical.

  • Comment removed based on user account deletion
  • Subscribe to the MAPS RBL [mail-abuse.org].

    Also subscribe to the MAPS RSS [mail-abuse.org] and DUL [mail-abuse.org] lists. Out of the spam that I get here, 99% of it gets blocked by RSS and DUL, and the other 1% by RBL. I've not received a single spam since installing these.

    If you have sendmail 8.10 or later, do this in your sendmail.mc file:

    FEATURE(dnsbl,`blackholes.mail-abuse.org',`Mail rejected, see http://www.mail-abuse.org/rbl/')dnl FEATURE(dnsbl,`relays.mail-abuse.org',`Open relay rejected, see http://www.mail-abuse.org/rss/')dnl FEATURE(dnsbl,`dialups.mail-abuse.org',`Dialup rejected, see http://www.mail-abuse.org/dul/')dnl FEATURE(`delay_checks')dnl

    You won't see any more spam, and your log file will show the address they tried to send to (this is what delay_checks is for).
    ---

  • "We are very up-front about what we do and how we do it," said Cajunnet general manager Eugene Wanless. "I think a lot of people consider it spam. We'll send out between 5 (million) and 20 million emails at a time and take a lot of heat from people whining and complaining. Eventually our ISPs wind up turning us off.
    Ah, the typical spammer mentality. When we're upset about paying (either directly or indirectly) for their crap in our mailboxes, they call it "whining". I think that speaks volumes for the respect, or lack thereof, that this particular spammer has for other peoples' property.

    OBInfo: I maintain a FAQ for figuring out the origin of forged spams and how to complain about them here [claws-and-paws.com]. I hope folks find it helpful.

  • PSINet sells nationwide dialup service to ISPs, *that* is why so much spam originates from their network.

    Yep. PacBell is a 63.xxx.xxx.xxx
  • If there were a lawyer who was prepared to handle spam cases where they assist in suing the spammer, I'm sure there would be a reasonable market once a few high-priced cases got through.

  • Re:Even virgin accounts are spammed (Score:3)

    by d00f ( 242859 ) on Tuesday November 07, 2000 @07:13AM (#643473) Homepage
    I'd suggest much of the problem lies in the mail providers being unwilling to or unable to use measures to stop spam.

    I own a small webmail company (fastworks.com [fastworks.com]) and we routinely get spammed. There are a number of methods people use and a number of ways to combat them.

    Spammers will go out and get a dialup account, start spamming after the ISP's abuse department has gone home (usually a Friday night) and continue until someone finally pulls the plug.

    These spammers will either send the spam by connecting directly to the victim's SMTP server or by using a 3rd party relay.

    We combat this by subscribing to the RSS, RBL and DUP services at mail-abuse.net [mail-abuse.net].

    Mail sent via a dialup connection is often denied at the outset because many dialup connections are in the DUL. Open relays are often in RBL and RSS.

    These two measures alone cut out more than 80% of our incoming spam.

    Another popular way (among spammers) is to try the brute force method. They connect to a service with a few million subscribers and blast away with a dictionary-type attack. This usually causes the most problems on a network side because the victim mail server has to contend with 100,000 plus bounces in a few hours. This tends to fill mail queues quite fast.

    Some of the most popular mail systems (which shall remain nameless) combat this problem by not bouncing after a threshold has been reached. This, although a simple method still allows the spam to get through.

    I refuse to believe that I'm any smarter (maybe faster, but not smarter) than the folks running yahoomail and hotmail, but it makes a lot more sense to me to have the delivery agent blackhole (delete) this spam as it arrives based on the source IP, email address and even the content. It doesn't take much logic to detect a host that sends you 100,000 messages in an hour where 90% of them bounce.

    This cuts out 99.9% of bruteforce spam. It saves us on disk space since the spam is never delivered, and it saves on CPU cycles since the SPAM lands in /dev/null as soon as it is received rather than bouncing all over kingdom come.

    I believe a very effective way to stop spam is to regulate that each ISP must specify valid SMTP servers much in the same way there is a whois database with all the DNS servers listed. If we do this, then organisations can easily choose to deny all messages coming from dialup connections and it leaves spammers with only one method of sending spam. They would have to use their local ISP's SMTP relay to get their spam out. This would be trivial for the ISP to find and shut down. It would also bring stronger incentives to monitor and stop such activity if their own SMTP servers were being hit.

    Now if only we can stop ICQ spam...

    -Michael

  • One question - has anyone figured out how to do this on a windows (Figure "The Bat" as the client) system?

  • > There in this for the money.

    Yes, which is why we should filter out ISP's who support spammers. This will cost them customers, and thus money.
  • > Subscribe to the MAPS RBL.

    And when MAPS refuses to RBL spam sources like uu.net (likely via msn.com dialups without port 25 filtering, but uu.net refuses to identify their rogue resellers), and dialsprint.net (Dialsprint took ~6 months before it finally cleaned up its act and blocked port 25), and att.net (who denied the existence of pink contracts right up until the news broke)?

    RBL is a good start.

    But the /. article is about how you deal with institutions that appear to be "too big" to RBL.

    I say - block 'em yourself. If uu.net gets RBL'd (which will never happen), then they only have to twist one arm to get themselves unblocked. But if 1000 sysadmins independently drop uu.net traffic on the floor, they're well and truly fscked.

    There are still AGIS netblocks from 1997 that remain on the DENY list. May uu.net suffer the same fate.

  • Any field in which you can take classes in ethics is a field which has no ethics . Otherwise why would anyone need to take the classes? If the practitioners of the field behaved ethically no one would ever think to create ethics classes for the field; it would be like a class for basketball players teaching them how to jump.

    I do understand Yin and Yang; there is an element of formal ethics study in largely ethical professions. I know that there is a 'code of ethics' for professional engineering; but that is something that lawyer and business types created so that the engineering profession would remain forever in its place as a sacrificial profession for the consumption of business men and the law.

    It is not something that ethical engineers saw that they needed to impose on their unethical fellow engineers to clean up their profession. In addition, from Yin and Yang it is predictable that there would be unethical fields where there are no ethics classes available; crime comes to mind - nobody can take classes in 'criminal ethics'.

    Formal stated ethics usually occur in 'Con job' professions like the law or business where it is important that people believe that the fields are ethical when they are not.

  • I think this would be a place where we need the government to step in. It is illegal to send a fax without the originating phone number. This is both acceptable and effective, since if someone wants to converse with me I have to be able to contact them. Spam should be the same way. It should be illegal to send email without the correct and legitimate origin as a return address within the same domain. That way I could respond to the email with an encrypted, uuencoded copy of a core dump or two. Anonymous re-mailers are safe here, since they would only be required to attach the remailer's address.

    PSINet, AT&T, et. al. will think twice about these contracts once they understand that mass spamming will result in a righteous DoS attack. The spammers will have to either pay higher rates, or find a legitimate job. Either way I won't have to delete 30 bogus emails a day anymore.

  • Well, my account name was 14 letters long, so I suspect rather than Hotmail sells the addresses themselves as an extra revenue stream..

    I suspect this is true, because I've experienced the same thing. A Hotmail address that I gave to nobody has received an incredible amount of spam. The only conclusion is that the spammers got the address from Hotmail itself. (Oh well, you get what you pay for, I guess...)

    What I wonder is whether this actaully backfires on Hotmail? In one of my accounts I get upwards of 30 spam messages a day. Multiply this by a few million accounts, and you need some serious hardware to store and process all these messages. Surely in the long run it would have been cheaper not to sell the addresses in the first place?

  • how about people lying in their spam? (in my case, this is about 3 in 4 spams).

    >From: spammer@foo.bar
    >Subject: Make money fast

    >I saw your webpage, and ..

    No you didn't... I'm pretty sure, since I dont have one. then there's ofcourse the old "lotsa money! (if you're american)", and the classic 'here... have some doodles in japanese/korean' which could fall in earlier mentioned categories but I cant read it so i dont really know. Good thing my autoreply is still the DeCSS source..

    //rdj
  • Spamming and acting as a spam haven is clearly bad netiquette, but that's not necessarily the same thing as bad business practices.

    At the moment, I'm not sure that it's truly established in their minds that spamming is a bad business practice. From their point of view, it's CHEAP advertising, so cheap that it doesn't matter if the business rate from it is REALLY low.

    If you really want to stop ATT from spam-related behavior, either permitting it or doing it, then drop them as a long-distance carrier. Do it by mail, and tell them why you are doing it.

    Corporate spam won't stop until we, as consumers, manage to change it from a good business practice into a bad one.

    Either that, or we'll get into the "JC Whitney" business. When I first moved to Vermont, there was a JC Whitney catalog waiting for me in my never-before-used mailbox. I was even the first occupant of that apartment, so it wasn't bulk mail for the previous resident. But JC Whitney and Sharper Image catalogs are a fact of life. We all get them, and several others. They've degenerated into background noise. As we get to more sophisticated mail handling, maybe spam will assume a level of normal noise, too.

  • How do we fight this? (Score:5)

    by petard ( 117521 ) on Tuesday November 07, 2000 @03:45AM (#643494) Homepage
    There are two techniques I can think of for fighting this evil business practice:
    1. Take your business elsewhere, and tell them why.
    2. Refuse to carry their traffic.
    (1) doesn't apply to me. I am not one of their customers, nor is my company. (2) is very difficult. Can anyone afford to reject all traffic from ISP's this size? I certainly can't. I get far too much legitimate traffic from them to do that without a sever degradation in my service. So how do we fight this one WITHOUT LEGISLATION? (I'm not 100% sure, but legislation sounds like a losing proposition to me!)
  • Sending out emails twice is "annoying to the customer" because they receive two emails. I take it that means annoying to the potential customer receiving the spam, rather than the customer on whose behalf the spam is sent. Kind of interesting that they don't want to annoy the customer twice, but they are completely willing to put up with annoying us just once. Actually, there is one advantage to email: if I try to flame someone who sends me paper junk mail, I would probably get charged with arson.
  • Though I wasn't working for that division, I believe if they got one or two, they'd tend to attribute that to random error, forged headers, etc. Of course, forwarding the spam so our network guys could look at the headers was always effective.

    I think the users generally got a warning first, so if they had an open relay they could close it without getting cut off.

  • ...they were actually selling something useful.
    Has *anyone* ever seen a spam that wasn't advertising:

    Gambling site
    Loans/credit for losers
    Accept credit cards
    Sex site
    Weight loss/nutrition supplement
    Get anything on anyone
    Spam software

    Sheesh!
  • Anyone know how to do this using qmail?

    "If ignorance is bliss, may I never be happy.
  • We should have seen this coming. Ever since the "Green Card" spam, things have been getting worse as these gutter-snipes consider themselves legitimate businessmen.

    Now if someone had walked up to Canter and/or Siegel in the street and just shot the fuckers in the face, the net wouldn't be in such a sorry state as it is now? The warning would have been heard and this pissants would have moved on to a less dangerous profession like running a crack house.

    Or maybe little 8 year old Timmy REALLY enjoys receiving emails advertising "XXX RED HOT FISTING NECROSLUTS" Do you want your kids getting such filth? Of course you don't. So take action!

    Protect our children - Shoot a spammer in the face with a high calibre handgun!
  • All that is required is for a heads up to be sent to the admin: "Hey Mr. Admin, I'm going to run a mailing list for about 500 people. Just want to let you know what all that traffic is. Thanks."

  • Re:Whats so bad about spam? (Score:3)

    by Myddrin ( 54596 ) on Tuesday November 07, 2000 @04:59AM (#643518) Homepage
    Because SPAM is much more intrusive
    than a TV add.

    Each message comes in and takes a small part
    of your hard-drive space and time. It would
    as each producer of each tv ad came into
    your house and took a single grape and a single small slice of cheese.

    While each grape or slice of cheese doesn't cost much, the collective mountain of foodstuffs
    would be quite expensive.

    I added up the sum of the cose of HD space and
    time I wasted on spam once (took an average week and projected it out over a year). It came to
    something like 1 day(deleting my junk folder repeatedly) and about $15,000(obviously the space was deleted and reused) in HD space.....

    And I'm very careful who get's my home address. (I have about 3 different spam addresses though.)
    ---
    RobK
  • I have never heard of HostPRO until I recieved spam from one of their customers. I forwarded the spam onto their abuse team and recieved this reply:

    The message you forwarded involved one of our dedicated customers. Although HostPro expects our dedicated customers to abide by our Acceptable Use Policy we allow them to adopt their own procedures for handling complaints.

    Does this mean I will be spammed at will with no recourse?

  • you need some serious hardware to store and process all these messages.

    This would account for why Hotmail accounts regularly get tossed from mailing lists... they bounce with a 554 ("Permanent" disk full) every few weeks. It's gotten to where my disconnect notice has a special piece for Hotmail users explaining why they should switch.

  • Ah, you noticed. UUnet have the beginnings of a history of being crap.

    I report Usenet spams from UUnet more often than not; all I get back is unrelated automated crap from them, with no personal followup later - ever. UUnet ought to have their plug pulled until they wise up.

    (General point: go easy on spamcop, btw. Speaking as a sysadmin at a site that occasionally sends out bulk mails, it *is* still the case that bulk mail is not unsolicited, ie reporting us to spamcop.net just because you can't be arsed unsubscribing will not endear you.)
    ~Tim
    --
    .|` Clouds cross the black moonlight,
  • Basketball players might actually benefit from learning how to jump correctly. Yin and Yang predicts that there would be some ethical professions where the enhanced ethics of formal training is useful - even though in most cases it is used as window dressing for unethical professions.

    Once again - from Yin and Yang, a largely ethical profession like medicine will have unethical elements to it; medical experiments and things like abortion do present ethical dilemmas.

    Conversely it is possible to be an ethical businessman or an ethical lawyer, and I do personally know examples of each. However it is extremely difficult to be an ethical business or legal practitioner who is very rich - I don't know either of those. All of the wildly successful people in both of those fields that I know are unethical. I am sure that there are exceptions to those observations - somewhere there are successful businessmen and lawyers who are ethical - I have just never met any.

  • Dunno why I get them, considering I'm only 19

    Could be worse. I get them, and I'm female.

  • So maybe PacBell gets their block for UUNet. But at home, my DSL line is 63.xxx.xxx.xxx
  • There already is legislation in some jurisdiction -- doesn't that put the rogue ISPs on the hook along with the spammers, if they have explicitly contracted to aid and abet their criminal activity?
    /.

  • PGP only accounts could help... (Score:3)

    by pallex ( 126468 ) on Tuesday November 07, 2000 @03:59AM (#643540)
    ...have an isp set up an email system so it only accepts valid PGP encrypted emails. Spammers would then need not only an email address, but a valid key for each person, plus cpu time to encrypt the message for each person.

    Or does someone already offer this service. Strictly PGP encrypted ONLY.

  • I have found it very useful, good uptime, and one can setup a great set of filters

    But that's just the point: You wouldn't find it as useful, if whatever mail you sent from there had a tendency to not be delivered. Then you and everyone else who uses Yahoo would find another service, unless Yahoo did something to correct their problem. As long as Yahoo is convenient for you (and everyone else), then Yahoo has no incentive to behave and the problem won't get fixed.


    ---
  • Simple. Find their MD's and postmaster's email addresses, and set up a procmail rule to forward it all, automatically, straight back to them. Worked for me with the Harris Poll pillocks, anyway ;)
    ~Tim
    --
    .|` Clouds cross the black moonlight,
  • I recently got rid of my long distance service(Excel), and ever since then, AT&T has been calling me off and on, sometimes up to 3 times a day, INCLUDING SATURDAYS! Even when I bsed with one of the AT&T reps and eventually said I wasn't interested and hung up on her, I still get calls from them. I know each time since it always shows up as "UNAVAILBLE" on my caller ID box.

    I know, I should ask them to put me on their "do not call" list. Hopefully they won't sell that list(of legitimate phone numbers!) to someone else.
  • If you could give giant ISPs more money NOT TO carry spammers than the spammer can give them TO carry them, then perhaps they might listen to your arguments. Until then, it is a simple function of money. Spammers pay to have their traffic carried, you all pay nothing and bitch. Gee, I wonder who the ISPs are going to listen to.
  • Like many of you, I seethe each time I open my mailbox and see FREE XXX/Make $10,000 per week from home/lost 3 inches guaranteed crap.

    Hunting/identifying/shutting down spammers' freemail address and geocities/angelfire sites is not that satisfying - you know the jerks are just going to start another one.

    Fight fire with fire!
    I've been having fun saving the 800 numbers in my Palm V and calling them from public phones - and leaving the 800 number of other spammers in their voicemail. Call 800-555-1219: "Hi, this is Mark Miller, and I'd love to make $10,000 from home each week. My number is 800-555-4492. Look forward to hearing from you!"
     Call 800-555-4492: "Hi, this is David Logan, I'd be very interested to talk! 800-555-1219"

    Alternatively, I've left messages pointing to my home fax line. And I KNOW those thieving motherfuckers call back - there's always a few call-and-hangups after each phony voicemail I leave.

    The idea of jamming up hopeful get-rich-quick idiots gives me warm fuzzies at night. Sure, it's a cheap thrill, but they are gratifying nonetheless. That 800-number "duck quack" meme cost the company over $10,000 in long distance charges [cnet.com] per day. Don't just ignore spam - run up their telephone charges and drive them out of business. Your country is counting on you.


    - The Mischief Commitee
    (a wholly owned subsidiary of Project Mayhem. Member FDIC)
    -------------------------------------------------

    -- If the blues don't kill you, brother, they'll make you a mighty, might man.
  • Some interesting tidbits here. I have a mail.com account with a fairly unlikely address - not likely to be in a dictionary, and too long for the AAAA-ZZZZ approach. I don't seem to get "random" spam, but what I've noticed is that every time I get a real message, I get a spam message soon afterwards. One-for-one correspondence. Coincidence, or has anybody else noticed this?

  • Here's how to get them to leave a message... (Score:4)

    by KlomDark ( 6370 ) on Tuesday November 07, 2000 @05:39AM (#643556) Homepage Journal
    Almost all telemarketing operations use a system called a 'predictive dialer'. What that means is a computer dials a list of numbers, but only at the rate that of the current average of the time it takes for the actual telemarketer to complete the call (Including both sales and hangups). It dials the number, listens to the way the phone is answered, then switches the call to a waiting telemarketer if it is determined to be a person on the line.

    How does it do that? It listens for a pattern in the sound when answered. Typically, an answering machine has a message like "Hi, you've reached so & so, please leave a message" - basically a long, uninterrupted pattern of sound. When a person answers, they generally just say "Hello?" and wait for a reply - a quick pulse of sound, then nothing.

    That's what the predictive dialer listens for - a quick pulse. If a long string, then it hangs up, so they don't waste their phone bill on an answering machine.

    How do you take advantage of this? Instead of putting "Hi, you've reached so & so, please leave a message", instead put something like "Hi" "you've reached so & so, please leave a message"

    This will fool the dialer into thinking it's a real person, and transfer the call to a telemarketer. Sure, the telemarketer will hang up, but you've just consumed an extra five or ten seconds of their time, and a few cents of connect time. This impeded the amount of time they can spend bothering other people, and when it happens in the thousands, it can actually have an effect.

    Do it, try it!

  • There is already are ware between the programmers of filter software and the spammers. See SpamCop.net [spamcop.net]. Ok, the owner of that site takes money for a almost spam-free email adress, but after my primary mailbox got unusable, I saw no other choice.

    This site uses some very tough filters:

    • The MAPS RBL [mail-abuse.org], which blocks notorius spammers and sometimes even puts their uplinks on the RBL.
    • The Open Relay Behaviour Modification System [orbs.org] which tests and lists open relays (This is the filter that blocks most of the SPAM for me)
    • An ISP-"Scorelist", which means that email that comes from an ISP with a high score has to be confirmed again from the sender because SpamCop wants to see if the return address is forged.

    The negative impact is that there is about one piece of mail per week SpamCop holds back. And people who send email to me are often people who cannot understand the confirmation request.

    So I think that this war cannot be won. After my experiences with ORBS, MAPS and SpamCop, I must say that having a nearly spam-free mailbox has severe disadvantages, and I think that there are lots of people who will accept SPAM in the end; simply because it is too difficult to build filter software that filters most SPAM and is user-friendly at the same time.

  • A while back I put all of agis.net's IP addresses in my network filters, which cut my total number of spams in half.

    I'm perfectly willing to drop large networks into my network filters. Like AOL. Never seen a useful mail from AOL. Right in the filters. Same thing with the assorted free E-mail sites.

    While it may not be a big deal if one site filters out all that, it gets more important when bunches of sites do. If you can't get to a significant portion of the internet because your backbone provider is a known spammer, you're going to take your business elsewhere, even if you're a spammer.

Slashdot Top Deals

"No matter where you go, there you are..." -- Buckaroo Banzai

Close