Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Spam

Anti-Spammers Wage E-War 456

Posted by michael from the no-quarter-asked-or-given dept.
ncstockguy writes "To its credit the Hartford Courant followed up with a second article this time from the perspective of an anti-spammer." The first story was about the life and times of a spam king.
This discussion has been archived. No new comments can be posted.

Anti-Spammers Wage E-War More

Anti-Spammers Wage E-War

Comments Filter:

  • Never actually noticed.... (Score:5, Interesting)

    by theRhinoceros ( 201323 ) on Tuesday July 02, 2002 @08:54AM (#3806669)
    From the article:

    "They are every fly-by-night artist that ever wanted to place a tiny little ad in the newspaper and get away with it," Frederick said. "I have yet to see one legitimate product advertised in an e-mail that I didn't ask for."

    Never thought about it before until now, but I don't recall ever having ever seen one either...

    • Re:Never actually noticed.... (Score:5, Insightful)

      by Mwongozi ( 176765 ) <slashthree AT davidglover DOT org> on Tuesday July 02, 2002 @08:58AM (#3806693) Homepage
      Even if I did, I make it a policy never to buy from companies that spam me, using e-mail or snail mail or telemarketeering or whatever.

      If I want their business, I will go to them. Spam me, and you will never, ever, get my money.

      • >Spam me, and you will never, ever, get my money.

        Not even for our new business opportunity of your life, now coming with a free penis enlargement, breast implants and a PhD?
      • I have tried to do this too... However, I recently bought a plane ticket online, and as much as i tried to resist, the cheapest ticket came from Orbitz, who is notable if not notorious for popups and spam. I really wanted to find a ticket elsewhere, but when the difference was a hundred dollars or so, where then are my anti spamming sentiments?

        The logical conclusion of this is that I helped support Orbitz and others see spam as effective. For this I can only fall on my knees braveheart style and beg /.'s collective forgiveness..

        • In my experience, Orbitz only lets you know what's available from the airlines. So I surf around Orbitz figuring out the fastest/cheapest route, and then I hit the airlines' own web pages and book the tickets - minus Orbitz's fee.

          Your experience could have been different - were you flying on multiple airlines?

      • I just can't do that (Score:5, Interesting)

        by Sycraft-fu ( 314770 ) on Tuesday July 02, 2002 @10:11AM (#3807104)
        Unfortunately I can't afford to be quite so idealistic. I've had people call/mail me that are offering services that I someday want to use. I wouldn't have internet accesses if I went by that motto since the cable company, the phone company and Sprint (they do wirless internet here) have called me to try and sell me stuff. Unlike SPAM, I find that people are actually offering me (or at least are companies that have offerings) something that I want. I don't think I've ever bought from a sales call, but I've bought form companies that make them.

        However I find SPAM very different from telemarketing/bulk mailing for several reasons:

        1) The telemarketers/mailers are 99.9% of the time legit bussinesses offering legit products. When Cox calls to sell my high speed internet access, they aren't playing around, they can and will make good if I want. When I get a book of coupons in the mail, I can really go and use those for the products on them. SPAM is fradulant so often it's not even funny.

        2) Also, with classic methods, the sender pays. The company calling me is paying for the long distance time, the mailer pays postage. It doesn't cost me anything other than wasted time (and there is plenty of stuff that does that). SPAM costs me money, which makes me angry.

        3) However BY FAR the most imporant reason in my mind is that when you ask a telemarketer/bulk mailer to quit, THEY WILL. Since they are real, legit bussinesses and DON'T want to get sued, they'll obey they laws and stop contacting you if you tell them they have to. When a telemarketer calls you, ask to be placed on their do not call list, they have to maintain one and you can sue tehm if tehy call you again (unless you buy something from you, then you have a bussiness relationship so they can contact you if they like). Also a lot of companies get your address from teh credit reporting beuarues. SO call up Equifax and ask them to stop giving it out. They'll tell you what you need to do (submit a request in writing I think) and then they will, and pass it along to the other two.

        It really is the unrelenting, fradulant nature of many spammers that gets me. For the longest time I got a ton of spam from a place that wanted to allow my bussiness to acept credit cards. Well the thing is I don't HAVE a bussiness, and I already have service to accept cerdit cards anyhow. No matter, these assholes spammed me 2-6 times PER DAY. And of course they didn't say who they were or anything, just asked you to e-mail them (to a yahoo address) with a name and phone number to call.

        Stuff like that really pissess me off, I eventually had to resort to a technical solution to make them stop. However when AT&T long distance was pestering me (about 1 call every 2 weeks) I just told them to put me on a DNC list and I've never heard form them since.
        • I used to get (until I changed my primary email address) an awful lot of spam directed through Sprint. I found that when I complained to Sprint about their delinquent users or open relays, my only response was more spam.

          Since I am in Australia, and no-one I know uses Sprint, I now have a permanent filter to blackhole any mail originating from a Sprint domain.

      • "Even if I did, I make it a policy never to buy from companies that spam me, using e-mail or snail mail or telemarketeering or whatever. "

        Actually I did accept a product from a telemarketer once. Qwest called me to offer its new privacy plus service..the conversation went like this:

        Me: You mean if I get this installed on my phone people like you won't be able to call me anymore?
        Telemarketer: Yes sir, thats absolut..oh well yes I guess thats right.
        Me: SIGN ME UP!

        Needless to say, I NEVER got another call from Qwest or anyother marketer!

      • There is a difference between:

        • patronizing companies who advertise
        • patronizing companies who spam
        • patronizing a company in response to a spam.

        The first point - nearly all companies advertise, how else do you educate the market about your product/service? Damn, think about your current employer - they most definitely advertise.

        Second point, I try really hard not to do this, but sometimes it just happens to be a product or vendor that I was looking for anyways, and have no other really good reason to get something else. I do however go out of my way to procure it in a way so that they shouldn't even know that I saw their promotion in a spam. Go to the company's homepage and navigate to get to the deal.

        One more thing to think about, popup ads aren't spam, they're annoying billboards that get in your way. Spam is junk that comes to your personal mailbox (be it electronic or postal).

        In the third instance, those customers should be shot. They and the spammers are defecating on the face of humanity.

    • Re:Never actually noticed.... (Score:5, Funny)

      by Chilles ( 79797 ) on Tuesday July 02, 2002 @09:12AM (#3806766)
      Legitimate businesses usually refrain from actual spamming because they are easy to find and easy to get back at.

      A major dutch newspaper (I'm dutch) once sent several tens of thousand e-mails through a known spammer advertising subscriptions. They received more than 10 thousand complaint e-mails, a few people canceled the subscription they already had and all public e-mail adresses they had were subscribed to so much e-mail/spam lists by disgruntled recipients of their spam that their internal e-mail system got overloaded several times during the following month.
    • Though famous for being an industry of fly-by-night operators, mystery shopping (also known as secret shopping) is an example of an industry in which users are spammed on a fairly broad basis with legitimate opportunities.

      I used to work in the industry, and while we'd never send mail on the 80-million-a-day scale that some of these guys do, we'd certainly send half-a-million in a given day, to broadly scattered email addresses. We always made a specific point of keeping the email small (under 1K) and it was *very* clear who the source of the message was (never luv384j6@h0tmail.com).

      The mail itself invited the recipient to sign up as a mystery shopper, which would give them the opportunity to get paid to evaluate services in their local neighborhood.

      Unfortunately, in a world of snake-oil salesmen, we took a lot of grief for the approach, even though it still paid for us to do it. Because the offered product (which was really a part time job offer) was legitimate, we never attempted to disguise the identity of the source. Bounced mails were automatically flushed from the database. Removal requests were honored. The advertising business was tracable. (Our address, phone number, president's name and industry association registration was on the first web page link in the message.) But because of all the charlatans out there, we were taken to be just one more instance of spam -- which in some sense we were, but with at most a tiny fraction of the rudeness which permeates the practice.

      • Re:Legitimate products through spam (Score:4, Funny)

        by kaustik ( 574490 ) on Tuesday July 02, 2002 @10:37AM (#3807244)
        Your post reminds me of KKK members who truely in their hearts believe they are doing something good for this world.
        It doesn't matter that your e-mails were only 1k, you f***ing jerk. I am forced to switch e-mail accounts every 4-6 months because of idiots like you. Sifting through a list of headers containing 1k e-mails and 100k e-mails makes no difference whatsoever.
        How about my buddies and I (about 10,000 of them) pin you down and pummel you with punches all day long. Don't worry, though, they will be "polite" and "little" ones. What was that - you didn't ask to get punched?
        This kind of practice is what will, sooner than later I suppose, drive e-mail back into the dark ages. Wake up!!!

      • Re:Legitimate products through spam -- HA! (Score:4, Insightful)

        by AndroidCat ( 229562 ) on Tuesday July 02, 2002 @10:47AM (#3807303) Homepage
        It wasn't legit, it was spam. "just one more instance of spam -- which in some sense we were"

        For what values of sense are we talking about? Take a look at GoogleGroups search of news.admin.net-abuse.sightings, and let me know how to your legitimate mystery shopper offer from all the others: URL from Hell [google.ca] Quite a lot of it, isn't there?

    • Think of the crap you see on late night infomercials. Half this stuff you will never see in stores -- because if you got a look at it in person you would never, ever think to buy it.

      Think of spam as products to shitty or too illegal to even make it to infomercials and suddenly it all makes sense.

      Also explains why I hate to get spam, I don't watch infomercials for a reason ...

  • Another tactic? (Score:4, Interesting)

    by Rinikusu ( 28164 ) on Tuesday July 02, 2002 @08:58AM (#3806688)
    Just curious, guys, but why doesn't someone do the following:

    Start filing CIVIL lawsuits against the advertisers directly, and in the process subpoena'ing the spammer's themselves? This way the spammer's identity becomes known and then civil action can be brought directly at that person.

    The basis would have to be "theft of services", as the receiver pays for the email, etc. After a few major lawsuits, I'm sure domestic spam will quiet down, and the major advertisers will cut back on funding of spam (1. they just got sued, 2. no one wants to spam for them anymore). Then the trick would be to get international cooperation...

    Just a thought...

    • You can sue an international corporation in a US court. There is a 9th Circuit case where service to an international corporation by email was upheld.

      The only issue would be collecting the money. One way to do it is to get a court to order Visa,Mastercard, American Express, and Discouver to hold any monies going to these scum bags. Without credit card processing, many of these spammers are dead.

      Anyways, I suspect some of these scum bags use fake international addresses to try to hide.

    • I think we should go much further than that.

      I think we should start using $cientology-style tactics on these bastards -- repeatedly filing lawsuits against anyone who does any kind of business with them, using ex-parte searches to confiscate all of their computer equipment, defaming them in every possible forum, etc.

      Proving damages enough to really go after them could be hard. Alleging identity theft, fraud, child pornography, terrorism (wouldn't spam be a great corpus for stego?), etc. could do the trick. Of course, if a major ISP/backbone wanted to get in on it, they could claim significant damages in bandwidth costs alone.

      -Esme

    • Just curious, guys, but why doesn't someone do the following:

      Start filing CIVIL lawsuits

      Because two reasons: First, most people don't know what their state laws say regarding civil lawsuits, and don't know how to file a civil lawsuit. Second, nobody has the time.

    • Re:Another tactic? (Score:2, Informative)

      by Phibian ( 213437 )
      See http://www.netlitigation.com/netlitigation/spam.ht m

      http://www.peacefire.org/

      http://www.mids.org/mn/803/spamset.html etc etc

      for a sampling of people who do just that. Some spammers pay up, and if enough people did this it *might* be a big enough deterent, however, so far it seems that the vast majority don't pay.

      From the research I've done, it appears that more people in the US sue over junk faxes than emails, because it is illegal to send them in a number of states, but even then apparently the business is lucrative enough to be able to either pay the fines or ignore them altogether.

      In fact, apparently quite a number of major spammers (whether sending junk faxes, email etc) create corporate shells to protect themselves - it's the "throwaway company" concept, expanding on the throwaway email address...

      Really I think the most effective deterrent would be if sending out the emails didn't bring back the revenue. While anti-spam measures etc are important (and necessary), and while educating spammers is also important - getting the masses to quit buying stuff as a result of unsolicited correspondance would have the single biggest impact.
    • Setup a non-profit company, with a lawyer at the front to collect spam, and sue on people's behalf at their request.

      Keep 98% percent of the money collected to keep the company running, and give the rest back to the complainants as a commision.

      I'd sure foward my spam on to said company on the slight chance of getting something out of it.

      And a few court victories would go a long way towards making potential spammers think.

  • Mailwasher (Score:3, Informative)

    by savaget ( 26702 ) on Tuesday July 02, 2002 @08:58AM (#3806690)
    Until this war against spammers is won, I will continue to use Mailwasher [mailwasher.net].

  • I feel so used... (Score:4, Interesting)

    by ackthpt ( 218170 ) on Tuesday July 02, 2002 @08:59AM (#3806696) Homepage Journal
    Someone used my email address (I live in California) to spam people, I received a number of bounces in my mail box. The spammer's phone number is in Washington state and I did a little review of the Washington state law (a helpful link [mcnichol.com], but not sure it helps me. Further, the Washington AG's site isn't currently accepting complaints [wa.gov] due some vulnerability (guess who probably took a crack at exploiting that?)

    Sign me up for the war, want revenge for this, feel free to advise.

    • Buddy, you've been Joe Jobbed. Sucks, doesn't it? When you get the spam complaints, explain the situation to the sender and ask for a copy of the message with full headers. Then LART it. Go after the sons of bitches with a big club.

  • How to Stop Spam (Score:4, Interesting)

    by fortiter1 ( 546980 ) on Tuesday July 02, 2002 @09:02AM (#3806709)
    Yes, most ISPs terms say that you can't send spam. That's not enough. The terms should mandate a fee of $1 for every email address you send to if it is determined you sent spam. That way, if they want to send out spam their credit card would automatically get charged. Make the spammers pay for sending out their junk.

  • Some of us go to great lengths (Score:4, Interesting)

    by SkyLeach ( 188871 ) on Tuesday July 02, 2002 @09:03AM (#3806714) Homepage
    to stop spammers.

    I have an account I purchased from spamcop.net [spamcop.net]. I never used the email address onything (i've never even checked it) and it's bounsing spam every day.

    Spammers hack systems to get accounts, they harvest them, they buy them (illegally) from state agencies. These people are scum and I consider it my right, duty and priviledge to take them out whenever and wherever I can find them.

    I am in the process of building a snort utility specifically designed to track down the home IPs of spammers (in the US at first).

    I won't go into details on what I plan to do when I get some, but rest assured it will be neither pretty nor legal.
    • ...rest assured it will be neither pretty nor legal.

      Ah. The Jay and Silent Bob method. Up close and personal...!
    • I have an account I purchased from spamcop.net. I never used the email address onything [sic.] (i've never even checked it) and it's bounsing [sic.] spam every day.
      Please clarify: Are you praising SpamCop because it's successfully bouncing so much spam? Or are you complaining because you're getting spammed without even using the SpamCop address?

      (I'm seriously considering upgrading from the free reporting service to a paid account with a SpamCop address, so I'm very interested in users' experiences.)
    • Spammers don't exactly "hack systems". In just about every respect they're pretty incompetent (with a few exceptions). A vulnerability is found in software like formmail or some dumbass admin puts up an open relay (read: installs Exchange) and someone far smarter than the spammers are writes a couple pieces of software to sploit those holes. The spammers use the ready-made software to fill your inbox with penis-enlarging stock scams from Nigeria. They didn't even write the software themselves. They are nothing more than script kiddies. Baaaahhhh, damned spammers piss me off.

  • I have three words for you.... (Score:3, Informative)

    by pj7 ( 469369 ) on Tuesday July 02, 2002 @09:04AM (#3806717)
    Spamassassin [spamassassin.org]
    Okay, so that's more like 6 words, but still it's great. A guy I work with turned me onto it and I love it. And adding a `spamassassin -r` in my procmailrc for known_spam gives me the feeling that I'm actually doing my part in preventing SPAM.
    • Okay, so that's more like 6 words, but still it's great.

      I don't know how well people will take your assessment given you think the word 'Spamassasin' is either three or six words. It's bad enough to be schizophrenic, but when both of you are wrong.....

  • Spam Assassin (Score:5, Informative)

    by totallygeek ( 263191 ) <sellis@totallygeek.com> on Tuesday July 02, 2002 @09:05AM (#3806728) Homepage
    Let me say that I have never been happier since installing Spam Assassin [spamassassin.org]. I reset the threshhold to 8, and get maybe five spam messages a week, as opposed to the more than 100 per day!

    • Re:Spam Assassin (Score:4, Insightful)

      by Zathrus ( 232140 ) on Tuesday July 02, 2002 @10:30AM (#3807199) Homepage
      get maybe five spam messages a week, as opposed to the more than 100 per day!

      No. You still get 100+ per day. You just don't see them in your mailbox. But the bandwidth and storage space have already been eaten, and that's really what's evil about spam.

      I'm all for programs like Spamassassin, blackballing systems (run right), etc. But they put a thin veneer over the real problem - that boatloads of bandwidth and storage space is being sucked up by noise -- the vast majority of people don't want this stuff, and the cost of transporting it is being passed directly on to the consumer.

      What, you think you don't pay for it? Has your internet service increased in price recently? Has the level of service on it remained the same for the past 3 years? Still able to download/upload stuff at the same rates you could 3 years ago?

      I really, really hate to say it, but I'm increasingly convinced that the only way to stop spam is to do so through the legal system. The vast majority of spammers are within the US - either they source the mail from the US or they are US citizens using foreign resources. In either case prosecution under either current anti-fraud laws or (ick) new anti-spam laws could seriously reduce the flood of spam.

      Yes, it would probably take some international cooperation on the legal front. But there's a helluva lot more of that then there is on the technical front. Sure, technical solutions (refusal of service, leaf node filtering, etc.) work in theory. In reality they've failed. Miserably.

      Seeing the NY AG sue Monsterhut for fraud and violations of consumer rights statutes makes me happy. And I sincerely hope that it's just the tip of the iceberg on that kind of case.

      • Re:Spam Assassin (Score:3, Insightful)

        by osgeek ( 239988 )
        No. You still get 100+ per day. You just don't see them in your mailbox. But the bandwidth and storage space have already been eaten, and that's really what's evil about spam.

        Excellent point.

        I really, really hate to say it, but I'm increasingly convinced that the only way to stop spam is to do so through the legal system.

        Ironically, though, anti-spam measures only serve to hide the problem from the general public! Anti-spam measures keep your average internet user from getting so pissed off that they'll vote for politicians who promote legislation that would alleviate the problem.

        I hate to say it, but the biggest problem with getting enough critical mass to force legislation through is the anti-spam community that is hiding the true magnitude of the problem from your average voter.

      • Still able to download/upload stuff at the same rates you could 3 years ago?

        Much, much faster today. You see, now I'm on DSL wheras I was on 56K. More bandwidth makes spam a smaller percentage of that bandwidth.

        The technical solutions are better than the legal solutions.

  • Valuable Products? (Score:3, Insightful)

    by Heem ( 448667 ) on Tuesday July 02, 2002 @09:06AM (#3806736) Homepage Journal
    I don't even know why spammers bother. Does anyone really fall for 'Have a bigger penis in 3 days' or 'Lose 50 pounds in 23.2 seconds' or any of the other common spams? I mean come on. I would not mind, actually I would WELCOME email advertising if it was only for things that I could use. I like working on cars, computers etc.. so if I were to recieve advertising based on those things,that actually came from a trackable source, with a reliable way of removing oneself from the list, I actually might be HAPPY about it, since I could find out about new products and places with good prices on them. Mass-email marketing COULD work, if anyone could actually trust the vendors, but of course we all know that we can't. I'd like to see legitimate vendors joining us in the anti-spam war, it could only be a positive for them. As it stands now, if I even WANT a product, I won't buy it if it comes as spam. Take the x-10 camera for example. I'd love one of those. I could think of 1000 things to do with it, and that doesnt even include the sneaky, spying on the 18yr old girl next door type ones. But guess what? I'll never, ever do business with them because of their aggressive, intrusive advertising methods.

    • Re:Valuable Products? (Score:4, Insightful)

      by Mr_Silver ( 213637 ) on Tuesday July 02, 2002 @09:21AM (#3806816)
      I don't even know why spammers bother. Does anyone really fall for 'Have a bigger penis in 3 days' or 'Lose 50 pounds in 23.2 seconds' or any of the other common spams?

      Unfortunately a lot of people actually do fall for it - that is, enough of them to make spamming 15 million people worthwhile.

      Until those sort of people stop replying and purchasing these "products" from spammers, then we will continue to see spam in one form or another.

      • It's the same way with telemarketers. It wouldn't be such a big business if it weren't making money. Although, they are regulated a lot better than SPAM. In Indiana you can register to be on a no-call list, which prevents many telemarketer calls, but does allow for some (non-profit orgs using their own people, etc.) The only problem is it would be difficult to enforce similar legislature for SPAM.
      • Does anyone really fall for 'Have a bigger penis in 3 days'

        You mean I won't have a BIGGER PENIS in 3 days, so that the HORNY TEENS won't want me and I won't need that HERBAL VIAGRA? I guess I'll have to fall back on my PHD FROM AN UNACCREDITED UNIVERITY to pick up women, after I get OUT OF DEBT by REFINANCING MY MORTGAGE!
    • Yes. They do.

      Scott Adams in the Dilbert Future actually hit the nail on the head on this topic.

      Suppose you spam 1,000,000 e-mail addresses, and 1/2% are stupid enough to fall for it. That's 5,000 responses, from people willing to fork over money for your bogus or not-bogus product.

      Given the cost of spam, it's no surprise it's so prevalent.
    • "I don't even know why spammers bother. Does anyone really fall for 'Have a bigger penis in 3 days' or 'Lose 50 pounds in 23.2 seconds' or any of the other common spams? I mean come on."

      Yes. Probably nobody on slashdot or in similar communities would fall for it, but often we forget how stupid the average user tends to be.

      Would your dear mother, bless her soul, who just got AOL last week respond to a free vacation scam?

      Would your pointy-haired-boss fall for a 'learn everything about your employees' scam?

      Would your neighbour fall for a penis enlargement scam?

      Would the annoying sot who forwarded you the latest chainmail saying that little Suzie who has cancer will receive $0.05 for every time you forward the mail?

      Now multiply this by the entire population of internet users. Yes, spammers have a large market of suckers and it is practically impossible to educate them all. I'm sure there are slashdotters out there who have met suckers who read every spam from start to finish.

  • Don't rule out Neil Schwartzman (Score:4, Funny)

    by cecil36 ( 104730 ) on Tuesday July 02, 2002 @09:07AM (#3806744) Homepage
    Anyone remember his anti-spam campaign against one Bernard Shifman?

    Shifman Is A Moron Spammer [petemoss.com]

    Schwartzman's anti-spam page [petemoss.com]

  • A thought ... (Score:5, Funny)

    by robstercraws ( 458221 ) on Tuesday July 02, 2002 @09:15AM (#3806780)

    This article made me think of a slightly modified version of the question asked in the article yesterday about The True Story of Website Results [slashdot.org]: If you could press a button and kill a spammer on the other side of the world, would you do it? And would you even need to be paid the million dollars? ;-)
    • >If you could press a button and kill a spammer on the other side of the world, would you do it?

      no, I want to see him suffer, and I want him to know it was me..

      //rdj


    • How much would you pay to be able to instantly kill a spammer, anywhere in the world?

      How much if you could subject them to torture first?

      How much if you could force the other spammers to watch?

      A colleague and I agreed that if we were to take money out of our 401(k)'s to hire a contract killer for sapmmers, that the withdrawal should be tax-deductable. Possibly even listed as a charitable donation.

  • Internet bylaws (Score:2, Insightful)

    by Monoman ( 8745 )
    I tend to agree that we probably don't need new laws. Laws already exist that can cover alot of the Internet sewage.

    I think a set of bylaws should have been set forth quite some time ago. Bylaws to ban things such as spamming, massive pop-ups, etc. These bylawas could be set forth by a governing body(IETF maybe). If someone/something violated these bylaws then appropriate action could be taken.(account termination, blacklist, etc)

    The Internet should be self regulating in itself and laws should be left for crimes in general regardless of the methods used to commit them.

    just my 2 cents
    • Pop-ups are the fizzling neon signage of the net. If you see it, you know you're somewhere unsavoury.

      Unlike spam, you can simply avoid such sites, and your pop-up problem is solved.
  • All an ISP has to do is inform their customers that any e-mailings of over 50 addresses will be reviewed and placed on hold for the customer to acknowledge that it is indeed their e-mail going out. After it is acknowledged, if it is an advertisement or spam, that e-mail will cost 1 or 2 cents for each address it's being sent to.

    Unfortunately, this doesn't address the torrent of spam from China, nor the Nigerean Millions waiting for a bank acount spam, But at least it would be a start.
    • One of the Nigerian spams (Give us your bank details so we can put these millions there for safe keeping, etc...) turned up here once.
      If you get those, you are supposed to report them to the police, and your local law enforcement or embassy may be able to help. In London, the Metropolitan police have a web page [police.uk] about it, so we sent the mail and original headers to them.
      Apparently, six people were recently arrested [com.com] for this very crime! So things that are obviously major frauds are worth looking up in case you can shop them to the law!
    • They could also check that the emails have valid return addresses. Also, how about putting a limit on how many emails a person can send per hour/minute? The average person isn't going to be sending more than a couple per minute. A spammer would be hard-pressed to deal with a 10 second delay per message or 3 messages per minute on an 80 million address spamming.

  • Why bother fighting? Here's why (Score:4, Interesting)

    by zaren ( 204877 ) <fishrocket@gmail.com> on Tuesday July 02, 2002 @09:35AM (#3806878) Journal
    "It's really theft of services. It uses my connection, my equipment and my in-box, which I pay for," Roth said. "With postal mail, the sender pays for it. With spam e-mail, the receiver pays for it. Big difference."

    People will say that spam is the same as junk snail mail, but it's not. "Legitimate" junk snail mailers will happily bear the cost of sending their messages, knowing that they are advertising a legitimate product or service. Spammers push that expense off on the people receiving their message.

    To further the theft of services concept, an overwhelming majority of spam is sent through open or unsecured mail relays. This means that people who have no legal right to use those services are using them, much like someone who splices into an apartments building's cable tv system to get free cable. And as I always point out in my spam complaints, there's always this little gem:

    Advertising via unsolicited e-mail is trespass to chattel and theft by
    conversion. That was established in Federal court in 1996/97 in Compuserve
    vs. Cyberpromo, heard in US District Court in Ohio by one Judge Graham.
    Spammers routinely also use third-party relay, which is outright theft of
    services and a violation of the Federal Computer Crimes Act, to wit,
    unauthorized access to a computer system.


    -----
    Darwin is an evolutionary OS [cafepress.com]...
    --
    Apple hardware still too expensive for you? How about a raffle ticket? [macraffle.com]
    • actually I'd like to add junk mail to the mix; I have to pay for garbage disposal, and it actually costs almost as much as server space to get rid of, not to mention the damage it does to the environment.

      don't think it's a problem? just try joining your local chamber of commerce and see how much junk mail you'll receive every day! Even if you quit, it keeps coming in. My house is a mess.

  • Willful ignorance on the part of ISPs (Score:3, Informative)

    by wowbagger ( 69688 ) on Tuesday July 02, 2002 @09:39AM (#3806904) Homepage Journal
    Several ISPs, such as Verio, UUNET, Qwest, etc. host many spammers, and are willfully ignorant WRT the activities of the spammers - they do a fine Sgt. Schultz "I know NOTHING, NOTHING" when confronted with the evidence.

    First, I suggest EVERYBODY use Spamcop or a similar reporting service when the get SPAM (disclaimer - I am in no way associated with SC other than using their free reporting service).

    Second, if you get a spam from a server hosted by one of these ISPs, you use www.bitch-list.net to turn the crapflood back on the ISP - make it cost them more in support calls than the spammer is paying them.

    Third, if any of you HAVE servers hosted by these ISPs and you ever get shut down for TOS violations, you sue the ISP, claiming discrimination - "They didn't TOS these spammers, why are the TOSing me?"

    Make it cost the ISPs more to host the spammers than the spammers pay, and they will drop the spammers. Remember, both Verio and Worldcom/UUNET are hurting for money right now - pink contracts must look pretty good to them ("See, the spammers will pay DOUBLE for bandwidth!"). Turn the pink contracts into red ink, and they will cease.
  • An interesting thought came to me as to why I hate spam so much. It isn't just because there is too much spam, or it is annoying, or etc..

    It's because they never, ever have sold a product that doesn't look like a scam, or porn to me. Every single spam I have gotten in my 7+ years on the internet has been for penis enlargers, aphrodisiacs, etc. It's like the snake-oil dealers of old have found a new home on the internet.

    If I got coupons to the stores I frequent (or are in my area), or just adverts for legitimate, registered, good companies about products I might consider. It wouldn't bother me as much. But it's the fact that the spam I receive is pure, unadulterated, useless crap which explains why I hate spam so much, and don't feel too bad about junk mail I receive by post.

    Just my thoughts on the issue.

  • Spam-fighting hiatus to raise awareness (Score:3, Interesting)

    by andyNola ( 33159 ) on Tuesday July 02, 2002 @09:51AM (#3806990)
    > "People are going out there and
    > tracking it back down to the source,"
    > Mozena said. "Without that constant
    > fight, things would be a lot, lot,
    > lot worse."

    Does anti-spamming really work? The administrators and users of SpamCop, SpamAssassin, etc. should back off for one 24-hour period. Let the spam roll in. If it truly would be a "lot, lot, lot worse" without spam-fighters, the happy fallout will be that thousands of indifferent users who respond to spam with "JHD" (Just Hit Delete) will see how bad it's become. Maybe they'll join the spam-fighting ranks, or at least demand a solution.
    • At the very least, they pass on their info to the various blacklist sites, when then add the spammers to the reverse dns lookup lists. I run a personal email server that checks any incoming connection with ordb.org and relays.osirusoft.com . Believe me, those two lists right there stop ALL of my spam. I havent seen a spam msg on my personal mail server in months.

  • The answer (Score:4, Interesting)

    by Technician ( 215283 ) on Tuesday July 02, 2002 @09:54AM (#3807010)
    Due to the massive abuse, e-mail may simply become a thing of the past. I am gradulaly moving to a web form and dropping e-mail. To write me, visit my page and fill in the online form. I'll soon no longer have an inbox.
    As inconvienient as that is, it fixes most of the problems of the e-mail system. Mostly it will not accept any bulk mail from anybody.
    • Software exists to send email spam through a bug in popular web form software.

      There is also software out that makes it trivial to "spam" a web form, that is, to constantly call the CGI with random input, flooding the message store with bogus data.

      My answer to spam?

      Use GPG, and only email encrypted with your public key. If someday you start getting encrypted spam (never happened yet, encryption takes CPU resources), there is a more draconing step-

      Only accept mail that is crytographically 'signed' by people in your personal keyring, or from somebody who has had their public key signed by somebody in your keyring.

      This restricts incoming email to 'friends', and 'friends of friends'. It is spam-proof.

      It also ensures that your Aunt Millie in Oklahoma who only uses WebTV will never be able to send you another email. This could be a good thing, depending on how annoying Millie is.

    • Hope that works for you. But it certainly doesn't let you do what you can with email.

      Sorry, when I want to let some friends know about something then I'm not going to go to their individual web boards and write a message. I'm going to email them once using cc's or bcc's. Oh, sure, I guess you can then start talking about community webboards (my wife uses one to keep up with her college friends), but just how many different boards do I get to go read for this kind of thing? No thanks.

      And lets not even talk about the umpteen million different interfaces you'd have to deal with. Plus all the different "feature sets" -- any bets on how many people won't think to allow attachments? Or other things that will become standard for a large part of the net? Essentially you roll the email system back 30 years. There's a reason that it's a freaking 7-bit protocol with really, really wacky rules.

      Email isn't going away. We need to work on technical and legal solutions to the issue - not ignore that it's there.

  • Blocking spam is one thing... (Score:3, Interesting)

    by Neph ( 5010 ) on Tuesday July 02, 2002 @10:16AM (#3807130) Homepage
    I've started to have a much more aggravating problem -- spammers using the email address of an old account of mine for the From: of their spam! I know because undeliverable mails are being returned to me. Is it just me, or is this a new low even by spammer standards?
    I'm in the middle of dredging through the headers trying to figure out what the company ultimately responsible is, but even if I manage to find out, I'm not sure what to do with the information. I want blood.
    Any suggestions?

  • Approach = failure, motive = weak. (Score:4, Insightful)

    by bitchx ( 322767 ) on Tuesday July 02, 2002 @10:30AM (#3807198)
    Let's take a secomd and evaluate our "Mr. Roth," and determine if he is adding or subtracting value from the network.

    Martin Roth aka lumbercartel@hotmail.com


    Martin Roth aims to solve the spam problem by educating spammers about proper e-mail marketing practices. But to educate them, he first has to find them.


    Well, that sounds like a plan.


    With practiced ease, Roth launches software tools with names such as "SpamCop," "SpamKiller" and "Sam Spade." These, along with multiple online accounts, help Roth comb through the junk e-mail pile for clues to the spammers' identity.
    It's embarassing to use these tools because of the raw number of false positives they generate. Of course, for click and drool "d00dz, d3l3t3 yur spammer NOW!" people like Roth, that's a-ok. Of course, let's note that he belongs to a group that calls itself "Spam Wranglers Action Team," which by naming itself something stupid has demonstrated idocy.


    But others, such as spam messages that appear to have been sent by an Internet newcomer, may present a better opportunity. A rookie spammer may fail to disguise headers and return addresses, create an amateurish sales pitch or promote a common multilevel marketing scheme.
    So, go after new spammers because it's easy? Well, I guess they are easier to convince to change their ways, but if he really wanted to stop spam he'd be going after the mega-houses.


    "Here's a guy maybe you can educate," Roth said, pointing to one such message among the scores before him.
    What kind of education do you think this guy is going to get?


    With that information in hand, Roth then reports the abuse and asks that the spammer be cut off. Many Internet providers will comply, since the sending of spam is usually prohibited by their own user policies. Providers that don't comply could face the prospect of being added to the blacklist of companies that support spamming.
    Oh, that's some quality education there, sir.


    As he speaks, Roth's computer erupts with the sound of gunfire once more. Roth
    smiles broadly.

    "Got another one," he said.


    And that, my friends, is why these people do it. Because they enjoy the feeling of power that cutting people off the net gives them. They are like petty IRC dictators, typing "/kill .*@.*aol.com".

    Martin Roth is doing nothing to help the spam problem, and he is a poor choice of people to profile. Martin Roth is yet anoter Maryanne [google.com] Kehoe [viper.net.au]
    • Comment removed based on user account deletion
      • If you want to feel frustrated, ignored, and almost powerless, try fighting spam...

        ... ineffectively. If you want to actually have an effect and contribute to the Internet community, then do something effective.

        Shutting down spammers is a small part of being effective. You want to make a tiny effort to shut them down, because it will help a bit. It won't help much against the big spammers who use Chinese or Korean servers to send their spam, but it'll help a bit. But don't waste your time at it. Find some automated tool to send off the reports. I use Spamcop, because it's dead easy; I imagine lots of Spamcop complaints get ignored, but you need to put so little effort into them, that it's no big loss.

        The big advantage of using Spamcop to complain is that it improves the Spamcop blacklist. Sites that originate spam are blacklisted when sufficient traffic from them over the last week is reported as spam. Other sites can use the Spamcop blacklist as an indicator that an email is coming from a recent spam source, and block it (or use this information in a scoring scheme to help decide whether to block).

        You can also sign up with Spamcop for email filtering. I'd estimate that it catches about 95% of incoming spam, with a very low (0.01%, maybe) false positive rate. For me, this is sufficient: I get just 2 or 3 spams per week. Others may want more powerful filters.

        There are other community efforts to build spam filters, such as Vipul's Razor [sf.net] and SpamAssassin [spamassassin.org].

        Contribute to any of these, and you'll have a big effect on your own spam load. Publicize them, and you'll get more systems to incorporate them into their mail servers, making spam less of a problem on every system.

  • Irony (Score:2, Informative)

    by MMyers5 ( 589677 )
    Did a Google search for "spamjamr", an anti-spammer group or individual listed in the story and was directed to an Angelfire member site. Of course Angelfire member sites contain the one thing that rivals spam in annoyance levels -- multiple pop-up windows.
  • I'm surprised that no one mentioned sneakemail [sneakemail.com]. I've been using it for almost a year now, and I've gotten only two spam messages, at addresses I used posting to usenet. I simply deleted those email addresses; no more spam.

    Didn't slashdot have a story a while back about a study on how to get on SPAM mailing lists? I believe they found that posting on usenet was the worst.

    Sneakemail is still free, but they are now asking for donations.
  • The article talks about a SPAM Swat team ; and the concept of that is absolutely rediculous. When it takes teams of people to shut down spammers, the Spammers have won. That might work for the time it takes to do the article - but it is not a 'sustainable' activity. These SPAM swat teams aren't going to exist forever.

    What needs to happen is the Email protocol needs to be re-written. It was originally developed in RFC822 to be an open standard that could take on many forms and purposes.

    Today, we know how Email is used intricately, and the protocol can easily be re-written to *ENSURE* Spammers do not have the ability to automate spamming.

    My company is re-writing the protocol over the next year or so ; and our changes will made available to the world.

  • Nearly 200 different non-existant usernames in my various domains are being spammed, many on a continuing basis. These are usernames that have never existed, and never accepted delivery of mail, so they are definitely not confirmed opt-in's for anything. It just shows how far spammers will go, and how they never clean up their lists (as if that would help real people).

Slashdot Top Deals

I have hardly ever known a mathematician who was capable of reasoning. -- Plato

Close