Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Spam

Verizon Clogged With Tons Of Spam 195

DoorFrame writes: "This story talks about how Verizon feels it has been the victim of a malicious assault in which they received millions of pieces of spam that have delayed the delivery of email along the old Bell Atlantic lines. It's said to affect 200,000 of its Internet customers on the East Coast who may have to wait hours for their emails to arrive. They're going through the process of clearing the backlog now."
This discussion has been archived. No new comments can be posted.

Verizon Clogged With Tons Of Spam

Comments Filter:
  • Everybody has to obey the law - it's a simple and effective deterrant.

    But that's exactly the problem. You don't have to obey the law. Making something illegal does not automatically put a stop to that activity. Look at laws regarding (in no particular order) guns, drugs, alcohol, tobacco, jaywalking, speeding, financial fraud, racial discrimination, minimum wages, food quality, etc. etc. etc.
  • Save time. Just poison the spammers.
    --
  • Ever tried to call Verizon? I guarantee that they will get you to slam your phone against the wall in digust and hatred and make you throw yourself out of a tall building in the face of the futility of attempting to make any resemblance of an intelligent or meaningful contact with their mindless minions of overpaid unionist social leech drones.

    My point is that if everybody calls the 800 number, everyone will commit suicide to escape the horrific determinist nightmare that is the Verizon phone tree.
  • Postage due on junk e-mail -- Spam costs Internet millions every month.
    http://www.techweb.com/se/directlink.cgi?INW199805 04S0003 [techweb.com]

    Some interesting info... For example:

    - Uunet Technologies Inc., Fairfax, Va.: Uunet has a full-time staff of six doing what it calls "abuse investigations" of mass mail and spam complaints, according to Harris Schwartz, team leader for Internet abuse investigation at Uunet. The cost of employing the abuse investiagtors, plus several security investigators, amounts to $1 million a year. While this figure is large, it is relatively small in context, Mr. Schwartz said. An ISP as large as Uunet spends that much per day on network upgrades, he said.

    - EarthLink Network Inc., Pasadena, Calif.: Spam accounts for about 3 percent of Earthlink's overall e-mail, a spokesman for this large ISP said. The figure is down significantly, he said, thanks to various spam-fighting measures. EarthLink has three people on staff who do nothing but handle spam. "The cost is pretty high," the spokesman said. An indication of how high is EarthLink's recent $2 million settlement in a lawsuit against Cyber Promotions Inc., Philadelphia. The basis for that amount was the damage done to EarthLink's profitability by the extra load and traffic caused by Cyber Promotions' spam.

  • leave the webmaster out of it, it's the sales guys you want (most of them will fall for the make money fast scams and quit, disrupting revenue and stock prices)

    sales@qwest.net

    Oh, wait, you guys weren't bitching about Qwest.
    --
  • I think you meant root@[127.0.0.1] -- IP addresses have to be enclosed in brackets. But better yet, put MAILER-DAEMON@localhost or MAILER-DAEMON@[127.0.0.1]

    --

  • Damn, I can't find my bookmark. I do know the pages containing the juciest bits of the pilfered documents are mirrored in lots of places.
    are the pages at: Behind Enemy Lines - Premier Services Exposed [freewebsites.com] the ones that you speak of?
  • Hotmail isn't all bad, I have an address that dates the pre-Microsoft days of Hotmail and I think I've recieved only once piece of spam ever in that mailbox. I hope it stays that way too, but I only use the account for signing up for websites that require an e-mail address anyway.
  • A spammer should only gets one chance on anyone. When I get spam the IP gets added to my blocked list and they're gone forever. When I check my mail the filters and IP blocking discards most of the messages and I'm only left with actual e-mail. Anyone can do this so I don't know why everyone is always complaining about it...
  • its called a transparent proxy. and if a business on dsl needs high bandwidth smtp, let them apply for usage and keep them on a strict TOS.

    so anyone who's domain name doesn't match the ip it is coming from, just reject them. a quick way to stop spammers.

    but this reply will fall on deaf ears anyway..

    ---
  • Perhaps your school sucks as much as mine does. Any company can pay $10 to get a complete student roster, with e-mail address, telephone number, physical address, and demographic info.

    If it's a public institution, they may not have a choice. Where I work, the state's open records act mandates release of gov't records as quickly as possible and charges what it'd cost the lowest-paid individual(s) qualified to assemble the info. I think they charge about $90 for the addresses/phone #s/email of students, faculty and staff.

    There are a couple of exceptions: educational records (i.e., your report cards/ transcripts) and medical records. I've heard that you can request an exam a few days ahead of time if it's already been written, but that's about as likely as the automatic-four-oh-if-your-roommate-commits-suicide story.

    What's interesting is that if you slag your boss in one of our "supervisor reviews" s/he can request it, get it and find out what you said, while if my dog gets the shits one night and I haul her to the vet clinic on campus, that's protected because it's a medical record. It makes me wonder how many of our state legislators could find the Capitol without assistance.


    Go find your school president and kick him in the testicle.

    Having said this, I second that emotion. I'm also sure ours has just the one, if that.
  • by brad3378 ( 155304 ) on Sunday December 10, 2000 @01:47PM (#568550)
    Ever notice that if you reply to spam to be removed from their mailing list, that the message bounces back to you? Spammers often just disable mail accounts after sending you a message.

    What I would propose is a sort of Handshaking for spam free e-mail. Three transactions would be required.

    1) Sender sends the message.
    2) Receiver sends back a small packet verifing receipt.
    3) Sender sends back another small packet to verify that the receipt was recieved.

    The important part is the 3rd phase. If the 3rd phase doesn't happen, mail gets sorted out in the user's spam folder.

    It's not a perfect solution, but surely it would make it more difficult for spammers.

    Sure would be sweet if we could poison the spam databases.
  • Weird. The ISP I work for also had troubles last Wednesday. I thought it was just us, but I guess a lot of companies were hit. Now I'm curious what happened.

    --
    "insanity is a gift."
  • And what about the ones that find a vulnerability, and then post a script to exploit it while giving the vendor just a few days or a week of notice? Let alone posting the script prior to notifying the vendor at all...

    To me, tampering with a webserver is just as bad as tampering with a mail relay, but around here, (to paraphrase)it's: "the admin's fault if his web server's cracked, the script kiddie was just pointing out a weakness in the security of the site, oh but it's the spammers fault so we should lock them up and fine them and feed them to the alligators".

    It's all one and the same. There shouldn't be different standards set depending on which port a hacker or cracker happens to connect to.
  • The lawsuit idea is not new. And it *IS* doable, but requires people to work together. And, a bit of software. For the Open Source community, comming up with software is easy. To work together, and be willing to spend $100 to take a spammer to small claims court, now THAT is hard.

    The 'pecked to death by ducks' method is used by local religious groups, local community groups concerened about slum landlords or drugs and others.

    I could not find a 'how to sue the local porn shop into non-existance' link, but I did find this part of the congressional record:
    Link [house.gov]

    Defendants are then compelled to settle for nuisance value. *smile* A spammer settling because of the nuisance they caused.

  • I don't understand why you keep repeating this. I've seen this same message four times now....
    -----------------------------------------------
  • Some spammers also randommly create account names and adds the one's that are real to their lists. But, Verison seems like a sheisty company.

  • Just because you get spam on that account doesn't mean they are selling your address to spammers.

    Any large company with a well-known domain name (aol.com, msn.com, home.com, hotmail.com, etc.) has so many damn e-mail addresses that some spamming programs use brute force to just guess addresses in that domain.

    I would imagine that had your e-mail address been sold to a spam list or got there some other way, you would getting more spam than just "every now and then".

  • Look, it's called common courtesy. They don't mind people using their name--they just want to introduce some distinction. Not using the pink-meat symbol and lowercasing the word are easy and, in the case case, much more attractive.

    Sheesh, cannot people be polite anymore?

  • Kodak wanted to sue Paul Simon for his song "Kodachrome", then they realized it was better PR to allow the free publicity to be left alone.

    SPAM should be grateful.
  • What you described sounds a lot like XNS [xns.org]. The software is all open source, although commericial service providers are needed to make it go. One of the service providers owns the key patents, but they have committed to royalty free use for their competitors.

  • That's what I am wondering: So what? If Verizon thinks they are the only people that have to deal with spam in this world, they are sadly mistaken. I have had many accounts at Hotmail that became so pathetically bombarded every day that I quit checking them; I don't think that Verizon has much to complain about--they are not treated very diffrently when it comes to spammers. In addition, I don't think they have too much room to complain when they have so much spam coming from them...

    Macx
  • Yeah, I like the Poison idea. Create several email addresses, get them subscribed to all the spammers you can, then everytime those email addresses get spammed, block that message & sending address globally. Prefereably implemented at the ISP level.
  • Remember Al Gore? At one time (8+ years ago) he tried floating a trial balloon of "government sponsered internet" ala what the internet USED to be before all this web-crap popped up.

    Back when UseNet was the forum. And you had to have an acedemic reason to be on the Internet. And you knew that prep.ai.mit.edu had a good ftp site, and the new archie is how you hunted for a program.

    This balloon, like government backed health care was rejected. What you see today is the result of that rejection years ago. So, what makes anyone believe a return to the old goverenment backed internet will happen?

    If you *LIKE* the idea of the government stopping spam, then think about this [slashdot.org]. No need for any additional laws, just use the laws and methods that exist. And, instead of money going into the pockets of some goverenment body, it could end up in your pocket. Alas, you'd have to actually *WORK* to sue the spammers, and I doubht KTB will want to work.

  • The only problem with regulating or banning UCE is that the spammers will just move overseas.

    I suppose that if it was a crime for someone to send UCE and you could track out of country spam back to the US spammer then you could take action. But how would you get cooperation from the other government to do this?
  • I created a bogus company name when I registered my first personal domain with NSI (before I knew they were shit). I have never used that BS company anywhere else. I get 2-3 of BS mail for that BS company a week! I changed it a few weeks ago to see how long it would take before I started getting shit mail with that company name too. The company name was quite literally the Rot13 of "Jenna Jameson has nice tits". "Wraan Wnzrfba unf avpr gvgf" I get BS mail all the damn time for it!

    --

  • I'm probably going to get flamed quite a bit over this, but spam really isn't that bad. I would much rather have a mailbox full of spam than have my *real* mailbox full of junk mail.

    Before you flame me, try and look at it this way: Junk mail wastes trees, costs the USPS unnecessary money to sort and deliver, and creates unnecessary waste in our nation's landfills. Spam, on the other hand, wastes nothing other than a miniscule amount of bandwidth and the electrons required to transmit it.

    When I am checking my mail, I can usually tell the spam from the real mail simply be reading the subject line, and all I have to do is hit delete. We should consider loosening restrictions on spam and focusing on creating new legislation to prevent junk mail.

  • I was going to post my logs from today, but I get "Lameness filter encountered. Post aborted. Reason: Junk character post." Looks like Slashdot is filtering me.

    Anyhow, just today, over the course of an hour, I got mail sent to: bill@waldo.net, scott@waldo.net, bob@waldo.net, paul@waldo.net, mark@waldo.net, brian@waldo.net, dan@waldo.net, steve@waldo.net, jeff@waldo.net, michael@waldo.net, peter@waldo.net, gary@waldo.net, eric@waldo.net, and rick@waldo.net, all by one user.

    I get this all the time. Constantly. It's pretty crazy.

    -Waldo
  • "Interesting", but who is going to *collect* these charges and how are they going to do it? Ask any A/R person (accounts receivable) how much more difficult it is to collect payments when the invoice is sent 1+ days late. Then ask them how difficult it'd be if you suddenly required long-time customers to *pay* for something they've always received for free.

    Or, I just thought of this, what about differing fees according to the sender's country of origin? In Vietnam, I can buy a REAL can of Coke (who cares if the writing is Vietnamese, it's Coca-Cola!) for $0.02! What would the e-mail fee be there, $0.005 per e-mail? All these companies, scum-bags or not, would move their spamming operations to the poorest countries and virtually eliminate the effect of your idea -- who cares if it costs $50 to spam 10,000 targetted recipients???

    Yeah, I remember how it is to be idealistic, but this idea just won't fly in the real world. Remember, there are a LOT of people out there sending spam. A variation on your idea, though, might be to simply have unlisted e-mail addresses. If you want your e-mail address to be unlisted (like a phone number) then all e-mail except from those in your addressbook file would be automatically refused. You could still have a spam account on Yahoo (or have a "trash" or "public" account for public use on your own server). You can really do this today if you have two e-mail accounts, one for the public and one "unlisted" one, but that's not perfect. You still need a way to ban unauthorized e-mails at the server level so the most important mails get through.
  • by gid ( 5195 )
    Well I walk out to my mail box once a day to find 90 percent of it is crap, does that count? :) Electric bill, that's crap.... car payment, that's crap too... credit card bill, dammit! Hello, what's this? A victoria's sercret catalog? Oooo jackpot!

    ---
  • THe current ad-hoc mail system is just fine. Oh sure, it has spam, whatever.. but the good part is.. no central authority, no governing body. It's anarchy at it's best.

    This is how freedoms are lost, you know. by saying 'x is being used in a way I don't approve of, we need a governing body'. Pretty soon, only those who are approved by that body can participate... etc.. etc..

    What we need, really, is a new mail network (yes, network) that requires membership and performs some kind of filtering. This would be good.
  • Try here [slashdot.org].
  • Check your logs.

    I wish. I'm a manager for the ISP's help desk. The admins tell us nothing, and they're clueless as hell to boot. I just had to explain to one of them what a corrupt mail (bad headers) spool looks like.

    So it goes. Anyone else at an ISP or large site having trouble?

  • Write a filter that automatically moves everything that does not have your email address in the To: or CC: line to a folder called "Junk" -- 99.9% of spammers will never put your email address in To: and CC: (They use bcc I guess).

    Of course there are some legitimate mailing lists that will also get redirected to your Junk folder by this, so you may want to create a filter to have those mailing lists go back into your Inbox.

  • They are called spam filters. They should get some. :-)

  • Afraid to name the company, eh?
  • I prefer abuse@verizon.com, or whatever the name of the company is. But I hold an extra grudge against the new Verizon, they are attempting to be worse than UUNET at the peak of their open mail relay fiasco.

    Just by putting these email addresses on slashdot will generate 3-15 spams a day from harvesters. It takes about 3 days from the time a non-obfuscated email address gets posted on /. until it makes it into some spammers mailing list. A single email address I posted on /. three years ago is still picking up 5-10 spams a week, the only email that goes to that honeypot.

    the AC
  • It is usually very illegal. The headers are almost always forged in some way or another (at least the return address). Also, about 50% of it is done by bouncing through open SMTP servers (which is unauthorized use no matter how easy it is to do). The problem is most of the serious spammers either open accounts with stolen credit cards and/or run trojan horse scams to harvest account passwords from real users. In other words, it takes a serious amount of time and money to actually catch up with them (and of course the FBI is too busy prosecuting people for harmless pranks to take on real criminals who cause serious damage).
  • The answer is to force all spammers to use a service the Direct Marketing Association's Email Perferences service http://www.e-mps.org/ [e-mps.org]. Of course the more disreputable ones are never going to use a service like that ... screw all that I guess.

    Of course the real problem is the stupid idiots that respond to all the wonderful opporunaties they receive via e-mail. If just one idiot in a thousand responds that's more than plenty to keep the spam flowing.

    One trick I've considered is to raise their cost of operation by mining all the spam I get from my hotmail account for 800 numbers and calling them from pay phones and wasting as much of their time as possible.

  • Oh, trust me. Verizon took 41 days to "certify" a line that they already certified twice beforehand. Though, in my area, it's a neccessary evil since there are no other options.

    Damned monopolies.
  • You obviously haven't lived in one place for very long or you wouldn't mention the Post Office as being a good regulator of junk mail. I get about twice as much junk paper as stuff I asked for (and I've asked form more than I can read completely). The Post Office ENCOURAGES junk mail: They make money on it!
  • I work for the company that makes verizon's email servers. I actually coded a few anti-spam techniques. Our servers can block mail user harvesters(try all email until they get good response) by banning IPs that unsuccesfully send too many email msgs. They could tighten relaying. if it's not done already. They could tie in third party spam servers... They could go nuts if they wanted to. We have a huge array of tools they could use which they don't seem to use. Adding IP's and domains is easy but more importantly it's fast. You can block >100,000 IP's and _still_ not drain CPU, I know cuz I coded the algorithms to store IPs ;-). There is no excuse other than Verizon not admin'ing their servers correctly. But hopefully this should change.
  • YOU GOT IT

    While I won't argue with the modding down of everything else this guy has posted (after his initial post,) I wonder if this one might've been done a bit too hastily.

    Yes, he's wasting your bandwidth. Yes, he's wasting space in /.'s db. Yes, he making this page take longer to load. Yes, he's starting to piss you off (if he hasn't already.)

    But he does make a point. And AFAIK, he's not selling anything. Nor is he providing penisbird links.

    I'm not sticking up for his method of doing this by any means, but I think the argument could be made that what he's done here is akin to the attempts of AdBusters [adbusters.org]; using the advertising of an idea to deflate or defeat advertising (of material concerns.)

    As I said above, pissing people off isn't the best way to win hearts and minds, but sometimes its the only way to get attention. Cyclists where I live used to get together every Thursday during rush hour and intentionally slow traffic to draw attention to the need for alternative transportation. I got held up because of this, and I was pissed off, but I also understood why they were doing it. They knew they were angering people, but also realized that writing letters to the editor wouldn't do a damn bit of good, even if they were published.

    I'm not equating this guy with any civil rights hero; I'd be a bit surprised if he'd had this strategy mapped out from the beginning. I simply find this post interesting from a rhetorical point of view, and wonder if anyone else does.

    The reaction here closely resembles that to responses to spam; I can't decide if this means all unsolicited communicatons are bad, or just the commercial ones.
  • by zCyl ( 14362 )
    This happens to my inbox all the time.
  • I'm just sitting around waiting for this to hit critical mass, when mostly every mailserver and mailbox is jammed packed with crap. Maybe we'll start seeing some attention hungry politicians on TV giving a speech on how "our information age wil come to a crash unless we pass this measure immediately.
    Don't bother with that. Just tell them to "do it for the children"...

    --
    Game over, 2000!

  • They weren't bitching about abuse@eli.net either. Of course you can be even more effective with complaints if you look up the contacts in the NSI database. For example, christian.andersen@VERIZON.COM or opsmgr@BELLATLANTIC.COM or accounting@IDNAMES.COM. of course, the ones that know what they are doing use roles, like hostmaster@ELI.NET, instead of a real person's e-mail address.
  • what is the best way to block spam?? ukNutter
  • I know several people who had Verizon DSL and when they cancelled their service, they would still get billed. I had to order a stop payment so Verizon will stop billing me and stop stealing my money for their mediocre service.

    Roadrunner service is pretty good.

  • How about we do the same thing to you for spamming this discussion? All your info is in a WHOIS lookup for Lenny.com, Mr. Mastri.

    --

  • by Anonymous Coward
    Oh my god! It's a level 5 spam storm!
  • Think about this one: the providers charge others based on how much traffic they send and how much they receive and all. Then they sign a contract saying that x can send spam. Then they charge them for the bandwidth, and you for the bandwidth for something you don't want! Evil!
  • by Tebriel ( 192168 ) on Sunday December 10, 2000 @11:34AM (#568590)
    Well, now they know how those of us who've had a hotmail account for more than 5 seconds feel like.
  • I get spam on my .edu accounts which amazes me because i am extra cautious not to use that anywhere online.

    But the best solution i like is the yahoo bulk mail transfer. I dont even see that folder. I wish i coudl write a filter like that.

  • Don't be afraid to give your address out, give your keeper address to only those you trust and for everybody else take the "spam value" out of the addresses you give out, use our Sneakemail...
    </shameless promotion>
  • "Interesting", but who is going to *collect* these charges and how are they going to do it?
    Their ISP would collect them. If they didn't pay, they'd get their internet access turned off.

    Then ask them how difficult it'd be if you suddenly required long-time customers to *pay* for something they've always received for free.
    That's the point. Spammers would have to stop sending spam, which is something they've always been able to do for free. If they resist paying to send me e-mail, then they just won't be able to send me e-mail. Of course, non-spammers aren't going to care -- my friends know I'll hit the button that says I don't want their money.

    Or, I just thought of this, what about differing fees according to the sender's country of origin?
    Each ISP could set their own fee schedule. If you're in Vietnam, and do most of your e-mailing with other people in Vietnam, you're presumably all going to be on the same fee schedule. People in Vietnam who want to e-mail me can still e-mail me, and if they're not spammers, they can reasonably expect that I'll hit the "I don't want your money" button. This is a much better deal for them than having to put postage on a letter, in which case they're 100% certain of having to pay.

    Let's also keep in mind that Joe Peasant in Vietnam doesn't even have access to a computer. For the 1% of the Vietnamese population that has access to a computer, 25 cents is not an unreasonable amount of money to risk on the off chance I'll be a jerk and accept it.

  • I've used tarpitting [lyris.com] to reduce the flow of spam through my mailserver, and it seems to work pretty well. There are patches [palomine.net] out there for QMail [qmail.org] (awesome) that seem to do the trick. There are other various [interlog.com] recipes [spambouncer.org] and such for procmail [procmail.org] that work well. If you're looking to poison their spamlists, take a look at sugarplum [devin.com], a spamlist poisoner for webservers. On a totally unrelated note, but on the same vein (poisonbots), take a look at peachpit [devin.com], a censorware spider trap.
  • when you sign up for dsl use the service, dont use the email. use something like hotmail or yahoo. you can also setup filters in pine to block spam. ie dont read anything from *.verizon.com..

    use LaTeX? want an online reference manager that
  • by yerricde ( 125198 ) on Sunday December 10, 2000 @12:09PM (#568614) Homepage Journal
    From re:SPAM [spam.com]:
    We do not object to use of this slang term to describe UCE, although we do object to the use of
    our product image [slashdot.org] in association with that term. Also, if the term is to be used, it should be used in all lower-case letters to distinguish it from our trademark SPAM, which should be used with all uppercase letters.
    It looks like somebody needs to change http://images.slashdot.org/topics/topicspam.jpg
  • Several hours? Mostly dial up? Yeah, right! I've got mail trickling in 2 to 4 DAYS late, and I'm a DSL customer

  • I know this isn't revolutionary, but I've been mach happier since I started running my own mail server on my DSL line. I now create a new email address for each service I register for so I can keep track of who is spamming me.

    BTW -- if you are ever in the job market, I suggest using this tactic with the job engines. It is *very* interesting to see which job sites actually get you responses from real companies vs recruiters vs job-related spam.
  • On the other hand, there are many people all over the world who pay for their internet access per minute or per byte or some other way (wireless especially). Then, the person getting the spam winds up paying for it.

    Even without per-minute charge, the receiver pays. Time spend dealing with spam can be much more expensive. A month ago I got 750 identical spam messages via one of the ISPs I use. After downloading and deleting about about 150 replicas, I gave up and called the ISP and have them delete the whole batch. The whole incident took over half an hour of my time during the busiest time of day, which, if it were done for most of my consulting clients, would have been worth $75 or more.

  • I've never used their services, and I don't own stock or anything, but I saw recently that a company called Brightmail [brightmail.com] offers services to ISP's and Corporations to severely limit the amount of SPAM that gets trafficed through email servers. You can find out more about their anti-SPAM services here [brightmail.com]. One of the things they do, is to actually to to attract SPAM, by using a type of "honeypot" system. You can find out the specifics of that on this page [brightmail.com].

    Penguins don't always have to play nice. The Linux Pimp [thelinuxpimp.com]

  • by root ( 1428 ) on Sunday December 10, 2000 @12:14PM (#568624) Homepage
    Even if laws require the spammer to quit spamming you upon request, he says "fine", and the he SELLS your email address, which is now more valuable since you proved that someone reads mail there, to many more spammers, with whom you don't have any "no spam" requests filed with. So "complaining to them" actually makes them more money. The only proper solution is to block them at the router level with ipchains (in DENY mode, not REJECT, for force connections to wast the most time possible until they timeout).
  • by parker ( 140273 ) on Sunday December 10, 2000 @12:14PM (#568625)
    The difference between junk mail in your post office mail box and spam in your email is that when someone sends you junk mail, they pay for the mailing, and you pay for nothing.

    On the other hand, there are many people all over the world who pay for their internet access per minute or per byte or some other way (wireless especially). Then, the person getting the spam winds up paying for it. How would you like it if every time you got a piece of spam you had to pay 32 cents for it?

    - Tony
  • by Anonymous Coward
    I think the body can anylise the situation and pass Laws or guidelines. Everybody has to obey the law - it's a simple and effective deterrant.

    Trouble is, such a law would only be enforceable in the country it was passed in. Granted, the US probably generates more spam than any other country, but even if such a law were passed (and could be realistically enforced) it would be a temporary inconvenience... companies would simply hire foreign spam agencies to do their advertising. And realistic enforcement is impossible anyway... the government can't possibly deal with a significant number of the cases, and spammers would guess (rightly) that they'd probably get away with it. Even if they were caught, the fines would probably be beneath the notice of a company.

    For example, current legislation requires that there be removal instructions at the bottom of spam messages if I'm not mistaken. I've never seen those instructions work, not even once. Usually the server that the removal account is supposed to be on either doesn't exist or doesn't recognize the username.
  • Personnaly, I do not have spam problems. I owned the same email address for years now and I don't remember receiving an unsolicited message. Obviously, I keep my email address as secret as possible and I do not have a "spam dedicated"@hotmail.com address. I feel this kind of mail box is useless since you will have to read it anyway to make sure no important mail has been routed there.
    The same thing apply for my "real" mail; it is not filled with loads of unwanted samples/tryouts/adds. Ok, maybe just a little bit of junk that has not been personally addressed but put in every citizen mailboxes of the small town I live in.

    I realise that the Average Slashdotter is against Government interferance, and rightly, but in some instances it is better to have a government body, as I'm sure everyone agrees. Driving Licenses and Food Indpection agencies spring to mind.

    I strongly agree with that, in theory. It would be nice if some agencies could punish or regulate spam. I consider spam to be a virus whose goal is to waste bandwith and people time. Based on that it may be possible to bring spammers to justice?
    There's also ICQ spam; lot of people scan for online people to send them spam, often of the form of pr0n site advertisement. Same thing for IRC but it is not really a problem there since it is easy to get rid of 'em.

    The better solutions would be to ensure that spammers don't make money out of spamming. I wonder if ipv6 would make life easier in tracking spammers?

    --
  • Chances are, that's it. Compile Linux's 2.4.0's PPPoE support (as a module or built-in) instead and a pppd patched to support it. I know people that ran into this, and this is the fix.

  • Yeah - Salem's a pretty good town for DSL in general. Covad and Northpoint are both in the CO, the infrastructure is pretty good, and the Verizon techs here in town get along well with the CLEC people - you can't overstate the value of good relations at the technician level in getting services provisioned.

    I've had DSL (Flashcom/Northpoint) for a year and a half now, and that service has been pretty good and the installation was smooth. I'm switching to XO (also with Northpoint) due to Flascom's meltdown - and that line, too, has gone really well thus far in the installation process. Wednesday is the scheduled turn-up, and we'll see then if it's as smooth as the last one for certain.

    - -Josh Turiel
  • Here in Virginia, the legislature recently passed a law banning "Unsolicited Commercial Email". UUnet appears to have taken someone to court under this statute. I think that this is a step in the right direction and that Virginia is in a unique position to help choke off the flow of spam as I'd guess that most AOL traffic goes through there but it won't fix things in the end. As many others have pointed out, spammers will move to other jurisdictions and then offshore. Along the same lines, the cat and mouse games between spammers and those who create filtering software will never end. I think the only way to stop this shit is to create something akin to an electric stamp. Think about it. The only other outfit that has to deal with this type of stuff is the Post Office and they keep it in check by making somebody pay to deliver it. Or course, I haven't a clue as to how you would go about this but it's a start.
  • Spam, on the other hand, wastes nothing other than a miniscule amount of bandwidth and the electrons required to transmit it.

    The company whose site I am currently working on had not locked down their SMTP server correctly. A spammer proceeded to send thousands of emails through it, and in the process stalled the server.

    The server was not used for the delivery of most email, but for a specialised subsection. It was 2 weeks before somebody noticed that we'd had no sign-ups to the specialised website.

    So not only did I and a colleague waste a morning clearing the mess up and locking the machine down properly, but the company probably lost a fair bit of business because of the bad impression the potential customers got (we didn't answer them for a fortnight).

    Yes, it is partly the company's fault for having an open SMTP relay exposed. But just cos it's there doesn't mean you can nick it and run away laughing.

    IMHO spam costs more than snail-mail spam; it's just different people who pick up the tab.

    Theft is theft.


    ---------------------------
  • yeah, but they're not just complaining about run-of-the-mill spam, they claim (according to the story)that this was an intentional, malicious attack. They didn't just get lots 'o spam, they think were targeted specifically to disrupt service.

    it may very well be they are claiming that as a cover for just poorly admined mail servers. They don't say exactly how many messages they got over what period, so it is hard to say what is just a lot of 'legit' UCE vs. someone deliberately trying to flood their servers to disrupt service.

  • by account_deleted ( 4530225 ) on Sunday December 10, 2000 @12:23PM (#568653)
    Comment removed based on user account deletion
  • What the heck would they do, put meters on everybody's mail client?

    They could institute severe civil and criminal penalties for unauthorized computer access (i.e., using an open mail relay without permission) and for fraudulent misrepresentation and damage to reputation (faking headers and addresses). That would take care of 90% of spam. Blacklists of ISPs that permit spamming would take care of most of the rest.

    I'm surprised that more ISPs don't track down and sue spammers who fake headers. I'd gladly hunt and disembowel any slime who faked spam headers to look like it was coming from one of my domains. (I'd just go to small claims court, but someone like Verizon could put their stable of high-power lawyers to good use and crush the spamming bastards like the cockroaches they are.)

    Tom Swiss | the infamous tms | http://www.infamous.net/

  • by chris95040 ( 262585 ) on Sunday December 10, 2000 @12:26PM (#568656)
    I have had Verizon online DSL for about a year now, and the support is absolutely nonexistent. Every week my line goes down at least once for about 10 hours at a time. Although the physical connection is fine and the modem handshakes, my PPPoE client recieves an endless stream of authorization packets. It simply cant finish authorizing me since the packets are in not in any sort of order. Every time I tried to get support, they told me they "cant support a Linux machine." Unfortunately for me, they didnt understand that it was not a problem with my operating system. Their lazy support staff saw "linux" and read it as "get out of jail free", and dumped me out of their support queue. After trying to convince them, I finally used a roomate's windows box to see if it miraculously worked when my linux box did not. Obviously, windows was also not able to connect. I called the support and explained this to them, and they said they'd get back to me. That was 4 weeks ago. Dont use verizon online dsl, they are definitely not nice folk.
  • by Anonymous Coward
    I signed up one of my email accounts to loads of lists and newsletters, expecting to get masses of spam. I've had none.

    Why?
    Because I'm a hero. Yup, that's right - I am a fucking H E R O.

    Wanna be a hero too? Then buy my new book, 'How to be a hero in ten easy steps!' It contains everything you need to get you onto the path to heroic-ness. Soon, girls will fling themselves at your feet and beg you to fuck them. Any day now. It will happen. It will.

    Available in all good book stores.
  • plenty to put those kind out of biz over night!!!
    Then we regroup and focus on those cgi based
    webpage signup forms

    man you the script kiddies could be heros
    if they focused thier attention on spammers :-)

    wouldn't that be fun to watch?

  • by Kwelstr ( 114389 ) on Sunday December 10, 2000 @11:34AM (#568665)
    Seriously, I get their own inhouse generated spam all the time. I got tired of checking for new messages and getting their ads.

    Wonder how it feels when the shoe is in the other foot eh?
  • Just make a -real- email address with the word spam in it. I have the address spamme@ever.mine.nu as my email address for slashdot, and it is a -real- email address. However, the harversters have [for the past several months, anyhow] ignored it completelt

    ---
    man sig
  • No, looks like someone at Hornel needs to give up trying to control other people.

    Trade marks are to prevent confusion in trade, not to protect you against other people doing stuff you don't like.

  • by bcrowell ( 177657 ) on Sunday December 10, 2000 @05:05PM (#568674) Homepage
    The reason spamming is such a tempting crime is that it's free to send a spam. The solution is to let people charge for the privilege of sending them e-mail.

    Here's how it would work. I tell my ISP to activate the money-based spamproofing system. Anybody who e-mails me for the first time is asked to agree that it costs them 25 cents per e-mail. (When I first activate the service, I can upload my e-mail address book so that my actual friends don't have to pay and never get the request to authorize the 25-cent micropayment.) If someone e-mails me and it's not spam, I click a button to say I don't want their money.

    This solves the spam problem forever. We even have a micropayment infrastructre in place: PayPal. OK, PayPal has a lot of problems, such as being essentially incapacitated for the last month, but at least they take customers from a bunch of countries outside the U.S. now. One hopes they'll either add enough servers this xmas season or else that somebody will build a better alternative.

  • by hugg ( 22953 ) on Sunday December 10, 2000 @11:39AM (#568680)
    Verizon's servers are spammer's heaven. Their mail servers are blacklisted by ORBS and I have often gotten connect errors when trying to send mail -- so their servers are probably not administered properly. That's why I keep my mail elsewhere. I have had severe DSL outages in the past with them -- not lately though.
  • Consider this, bunky:

    Spam is considered legitimate. Say there's 500,000 spammers worldwide(a conservative number). Let's say 10% of them have your e-mail address on file. That's 5,000 spammers. Let's say that a further 10% of THOSE spammers spams on a daily basis(not an unreasonable figure).

    That means that you, my friend, will receive 500 spam e-mails PER DAY. How are you going to deal with being deluged by 500 worthless e-mails daily? And that's a conservative number! Spamming is too easy - bulk snail-mail costs some serious $$$ to do, spam is free. 520 hours on AOL and some spam software for $50. The problem with spam is that if it's allowed to grow in use, it will inevitably grow to the point that any e-mail messages of use are drowned out by the noise. And what about occasional users? There are some people that only get 5 messages a week from friends! Can you imagine what a PAIN it would be to sort through 3500 messages just to find those 5 that you want to read? E-mail would be crippled by it, USENET already has been largely crippled by spam.

    The S/N ratio of the net has been dropping steadily for a LONG time, it's doomed if people don't try to fight that trend.

  • That isn't a very good analogy.

    First you need to seperate people who make vulnerabilities public from those who actually use them. Those who use them need to be punished. Those who point them out (assuming proper notice/time was given to the vendor to fix it) should not be.
  • This is silly. A couple of things to think about:

    • The USPS turns a profit on junk mail. They like the stuff; they even run ads and build web sites encouraging it [uspsdirectmail.com]. This is part of why US letter rates are much cheaper than most countries.
    • For a business, the entire cost of making and delivering even the simplest piece of bulk mail is over a buck.
    • For the sender, the cost of spamming millions is less than the cost of a typical newspaper display ad.


    When you think about these facts a little, you'll realize your plan doesn't make much sense.

    These days, a lot of smart people put a lot of effort into nixing spam, and I still get 10-20 pieces a day. Why? Because it's so cheap! Even if 99.99% of people don't respond, that's still a hundred responses per million spams. A bulk mail campaign with a response rate like that would get the staff fired, but if you make a few bucks on each one, then that's enough to pay for the spam.

    So since spam is orders of magnitude cheaper than paper mail, then making it legit will mean that you will get orders of magnitude more spam than you do paper junk mail. Everybody who now buys tiny ads in the backs of newspapers will realize that they get more for their money by sending our a million spams.

    And since it's so cheap, they won't be careful where the send them, either. Will you still feel that spam is better when you're getting 100 a day? 200 a day? Your local newspaper has a lot more ads than that every day, and there are a lot of local newspapers in the world. I now regularly get spam for businesses on other continents, and the Internet has barely touched large parts of the world.

    I agree with you that paper junk mail is annoying and a waste of good trees. But if you want to save trees, put a 100% tax on non-recycled paper and put the money into forest conservation. Don't ruin our in-boxes in hopes of making some Faustian pact with the marketing industry.
  • I have my own domain, and just use Verizon for connectivity. My domain _happens_ to live elsewhere, on its own box, but you can get your own domain for $20 + $10/month. It's great for bragging rights, running your own email accounts, and webhosters don't make as enticing targets for spammers. Also, that's what they DO, not some bandwagon that an old, crufty Telco decided to jump on. Check out He.Net [he.net] for an example.
  • by cluge ( 114877 ) on Sunday December 10, 2000 @12:32PM (#568691) Homepage
    Why can't SPAM be considered a DOS?

    Local ISP users get mail bounced because spam has put them over quota, UU net has to double capacity to keep up & Verizon can't deliver e-mail in a timely manner. Every one of these people has been denied service do to unsolicted commercial e-mail.

    Everyone says "taking a spammer to court takes to much time", "not worth the effort", "To costly and to long", "you can't get blood from a stone", "It won't do any good". It seems to me that if you hurt spammers finacially, and hunt them down that eventually they start to go out of business. Make the risks TOO high for them, make the profits too low.

    I know they can spam from bora bora (save those flames for somone else), but you I can put bora bora IP's in my router and be done with the whole mess. It makes it MUCH easier to force them into a corner, and then wall up that corner a la Count of Monte Crisco.

  • by big.ears ( 136789 ) on Sunday December 10, 2000 @01:08PM (#568692) Homepage
    Every time some web site/software company makes me give them my email address, I enter "support@verizon.com" or "sales@verizon.com". I guess it has just added up so much that it brought their servers down.
  • Oh, piffle. Give e-mail spammers 5-20 of hard labor cleaning up landfills and planting new trees, and both problems are solved. :-)
    /.
  • by sethgecko ( 167305 ) on Sunday December 10, 2000 @11:40AM (#568701)
    I have a DSL account with them. I get 1 master email address plus 3 others. I immediately created a new email account to use day to day and never used the master account for *anything*. I get spam on it every now and then--they are the only ones who have it which means they are selling my address to spammers. When I say I never used the master account, I mean *never*. Not even to contact them.

    Feel sorry for everyone who won't be getting their mail though. Maybe this will change their policy on selling email lists.

  • by www.sorehands.com ( 142825 ) on Sunday December 10, 2000 @11:41AM (#568702) Homepage
    Maybe this will prompt Verizon to make some good examples of spammers.

    I'd hope the next time that someone complains to Verizon about spam, Verison would do something about it.

    Many ISPs, don't take it seriously. This might help.

  • So, I'm supposed to feel bad for Verizon? I get basketloads of spam either from them, or from mail systems hosted by them. The do nothing when you send in a complaint! Sorry, not this little black duck...
  • by KevinMS ( 209602 ) on Sunday December 10, 2000 @11:46AM (#568711)


    Today, the business world moves at cyberspeed. And if your business can't keep up, you may be missing opportunities. But now you can get the high-speed Internet access you need at a reduced rate - as little as $49.95 a month. With Verizon Online DSL, you'll enjoy sizzling downloads over your existing phone lines. It's always on, so there's no dialing and no busy signals. You can even use the same phone lines for voice calls, faxes or credit card authorization while you're online! You've got three "speed options" to choose from, and starting is not only easy, but free - FREE DSL modem, FREE installation and FREE service connection! So bring your business up to speed now--with Verizon. For more information on Verizon Online DSL Plus, click here http://mx01.opt-in-net.net/cgi-bin/eclick.cgi?link =1523 AOL Members Click Here [opt-in-net.net]


    This was sent to an address I have never used, the spammer they hired built it from a domain I owned and my first name. I'm sure this information was supplied to them by network solutions.
  • Took a look at that page and it looks very bogus. It stinks of a spurned ex-lover who is jealously trying to ruin her life. The pathetic little hax3r intro followed by him immediately somehow getting a screenshot of her screen (without claiming that she was already infected by a trojan) just seems completely and utterly bogus.

  • by 1010011010 ( 53039 ) on Sunday December 10, 2000 @06:17PM (#568714) Homepage
    Funny how GTE keeps changing their name, hoping people will forget they are that same old sucky telco.

    GTE actually installed a T1 line on a telephone pole outside the building once, rather than inside the building as they should have.

    I think some of their fiber-repair guys once decided to haul the cut ends inside the van for repair due to inclimate weather. They brought each end in a separate door, and repaired it. Then they figured out that the cable couldn't be taken out either door, anymore. They ended up cutting the van in half rather than re-sever the fiber line.

    They were also "Cellular One" -- the suckiest cell phone service ever. Tin cans run by a Russian mob would work better. :)

    Perhaps GTE should change something besides their name...


    ________________________________________
  • by gad_zuki! ( 70830 ) on Sunday December 10, 2000 @01:30PM (#568718)
    This is a great example of how spam mail is a waste of resources the same way it is a waste of resources to use a fax machine to spam other fax machines. Of course its illegal to do that and we need the same legislation to do the same to spammers.

    I'm just sitting around waiting for this to hit critical mass, when mostly every mailserver and mailbox is jammed packed with crap. Maybe we'll start seeing some attention hungry politicians on TV giving a speech on how "our information age wil come to a crash unless we pass this measure immediately."
  • "Count of Monte Crisco"? What have you been eating.

    "Fortunado" from E. A. Poe's "Cask of the Amontillado" would be a better simile anyway.

  • I used to get a lot of spam. Interestingly, my Mindspring mailbox was really heavy on spam. Interesting, because I NEVER used that email address ,or gave it to anyone for anything, which means my (former) ISP sold it or gave it to spammers. This from the company that hyped their "spaminator" email filters. :)

    On my other accounts, I started to get spam shortly after they were set up. For six months or so, I was religious about doing a full inspection of all spam -- headers, traces, whois, port scans, etc. I'd send a spam report to every ISP between me and the source, and sometimes to an attorney general somewhere. For intransigent cases, I'd mail-bomb them, sometimes attaching 100+ copies of the particular spam to the reply and sending it every @culprit.com address I knew.

    Now, I must be on some special "don't ever spam this guy ever" list, because I just don't get spam anymore.

    :)


    ________________________________________
  • Spam, on the other hand, wastes nothing other than a miniscule amount of bandwidth

    Did you even read the article? This more than proves what we've been saying all along - SPAM uses huge amounts of bandwidth. How can you even think that it only wastes a 'miniscule amount of bandwidth'?


    Maybe the amount of SPAM you recieve is 'minuscule', but multiply that by the 200 million or so e-mail addresses (there are many more E-mail addresses than ISP customers) and you have a serious hog. Throw in the millions of failed SPAMs (many spammers use automatically generated 'guesses' at e-mail addresses, with a huge failure rate) that the servers still have to handle, and maybe you'll see the light...

  • I am employed by a largish(regional) ISP. We started having weird problems along this line on Wednesday night or Thursday morning, e.g., multiple accounts over disk quota, all at the same time, no misconfiguration by customer.

    I'd be quite interested to know if anyone knows when Verizon thinks the problem/attack started. I'd also like to know if any other medium-to-largish ISPs had similar problems in the same time frame...

    Also, if it was an attack, how was it launched? Anyone know? I can't see someone sending gigabytes of mail from their home dial-up connection, so I'm thinking zombies again...

  • by jpostel ( 114922 ) on Sunday December 10, 2000 @11:49AM (#568727) Homepage Journal
    One of my clients sent me an email to my home account last week. Since I never got it, I decided to send a couple of test messages from my webmail accounts to test it out. Here's what I found when I went through the headers of the test messages:

    6 test messages duplicate message = 4 times instant delivery = 0 delayed 1 hr = 4

    I also just got 4 messages this morning that were 2 days old.

    Having dealt with Verizon/BA about my DSL line that was up only 70% when I first got it, I got to know their tech support procedure pretty well. As far as I can tell, they do not inform their customers of an outage while it is happening. They usually wait until it has either hit the news or 200 people call to complain before they even acknowledge it. They will deal with it when they get the chance, but it also seems that their high level network and system people only work 9-5 five days a week.

    I wish I could switch to another broadband company, but nothing else is available in my area.

"Confound these ancestors.... They've stolen our best ideas!" - Ben Jonson

Working...