Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Spam

Trouble Getting to SpamCop? 245

geekwench writes "SpamCop was apparently the victim of a recent DoS attack. A false complaint to their domain registrar led to all primary DNS information being pulled. The problem is now fixed, but there may still be access issues for the next couple of days as ISPs clear the old DNS information out of their caches. You can read about it here and here. (Sounds to me as if SpamCop is proving to be a good-sized thorn in the sides of a number of spammers.)"
This discussion has been archived. No new comments can be posted.

Trouble Getting to SpamCop?

Comments Filter:
  • Tip (Score:5, Informative)

    by Anonymous Coward on Sunday November 02, 2003 @10:54AM (#7370962)
    Because of caching, sometimes some things resolve and some don't... so, if www.spamcop.net [spamcop.net] doesn't work, try spamcop.net [spamcop.net] minus the www. Of course, if your mail server can't resolve their mail server properly, then submitted spam is a much bigger pain.
    • Re:Tip (Score:3, Informative)

      by Nintendork ( 411169 )
      Because of caching, sometimes some things resolve and some don't... so, if www.spamcop.net doesn't work, try spamcop.net minus the www. Of course, if your mail server can't resolve their mail server properly, then submitted spam is a much bigger pain.

      The problem isn't outdated or incorrect information in the spamcop.net zone. The problem is the information on the .net zone. This means that everything under spamcop.net (Including mail records) cannot resolve until the .net servers are updated (Already d

    • Re:Tip (Score:3, Informative)

      by cft ( 715198 )
      or just add one of their nameservers to /etc/resolv.conf

      ns1-117.akam.net
      ns1-11.akam.net
      ns1-109.akam.ne t
      asia3.akam.net
      ns1-93.akam.net
      ns1-90.akam.ne t
      use1.akam.net
      ns1-73.akam.net
  • Spamhaus too, maybe. (Score:3, Interesting)

    by MicktheMech ( 697533 ) on Sunday November 02, 2003 @10:56AM (#7370967) Homepage
    I've been having trouble getting into Spamhaus [spamhaus.org] too. The spammers are up to something.
  • As spammers and virus writers get more and more integrated. Spammers have the money, virus writers have the skills, together they will play havoc with the cornfields of the Internet.

    In the natural world, something like 60% of all species are parasitical, and the war between parasites and hosts is one of the defining aspects of all nature. Sex, for instance, is a way of shuffling locks faster than parasites can evolve keys.

    It seems inevitable that software and communications will have to develop similar kinds of defenses against what is an inevitable onslaught from the parasitical forces that have developed to snack on the soft underbelly of the Net.

    Cybersex, anyone?
    • Cybersex, anyone?

      Interesting analogy ... except 66% of the spam is something about sex. How would this activity do anything to reduce spam from being poured into my inbox?

      Or are there parallels in biological contexts that show parasitic organisms actually inducing host organisms to have sex? But, maybe you shouldn't since bringing this out would cause an influx of more spam beyond what Viagra has brought. Maybe, the word is "Mum"...
      • > Or are there parallels in biological contexts that show parasitic organisms actually inducing host organisms to have sex

        Sexual reproduction has bloody little to do with parasites, who thrive just fine thank you on sexually reproducing mammals. It's about creating genetic diversity more rapidly, which allows favorable mutations to occur more often and be selected, while culling unfavorable ones through selection and lack of interoperability (most genetic defects render you sterile). This is an advant
        • Sexual reproduction has bloody little to do with parasites, who thrive just fine thank you on sexually reproducing mammals.

          And which do even better on axesual animals (which have correspondingly shorter lifespans, but read on...)

          If you're interested in the subject, I would suggest you check out a copy of "The Red Queen" by Matt Ridley from your local library (or Amazon, if your local library isn't up to scratch). In it, you'll find multiple discussions which consider many possible reasons for sex, heav
    • Someone has to protect the public from the people who regularly misuse their power online. To this day, that was Spamcop. Now as many of the anti-spam groups go offline, the public is getting pelted with more and more spam, and viruses.

      This whole thing reminds me of the war on drugs. If the cops wanted to really stop the drugs from existing on the streets, they could. But they don't have any incentive for that because it works against their budgets to pull all the drugs off the streets.

      The police profit f
      • Someone has to protect the public from the people who regularly misuse their power online. To this day, that was Spamcop.

        Do you really have a clue as to how Spamcop works? It takes emails submitted by users and finds the sending server (as well as the ISP for any webpages spamvertised therein). If you've had a false complaint from SpamCop then your beef is with the submitter, not SpamCop itself - and you should contact SpamCop to take that account offline.

        the anti-spam and anti-virus corporations profit f

        • Do you really have a clue as to how Spamcop works?

          Yup. Spamcop was protecting people by going after the spammers. That is a good thing!

          By anti-spam corporations, I meant programs like Outlook for Office that has anti-spam features. These are marketed features that would not exist if spam was anihillated, like it should be!

          Hotmail subscriptions offer more features to protect against spam, if you pay extra.

          Without spam, there isn't a reason for users to be enticed to pay money to prevent it.

          Without viru
      • This whole thing reminds me of the war on drugs. If the cops wanted to really stop the drugs from existing on the streets, they could. But they don't have any incentive for that because it works against their budgets to pull all the drugs off the streets.

        Interesting assertion. Care to back it up, by disclosing this great plan for the removal of all drugs from our streets (working within the boundaries of the US Constitution and Legal system, as cops must) or do you prefer to just sit back and slander pe

      • This whole thing reminds me of the war on drugs. If the cops wanted to really stop the drugs from existing on the streets, they could. But they don't have any incentive for that because it works against their budgets to pull all the drugs off the streets.

        Don't be stupid. The USA is always going on about market economies and how they are the best way of allocating resources; you need to realize this is just an example of a market. Drug sales are just a market and, as long as you have demand, you will have
        • Don't be stupid.

          That's good advice.

          The drug war is a sham because you can never completely cut off supply.

          I agree! :)

          The only way to kill drug crime is to flood the market with cheap drugs so that its no longer profitable for criminals,...

          Spoken like someone who doesn't have any kids.

          ... or to attack the demand by eliminating the poverty and other social conditions that make drug use attractive.

          I like this second part better.

          • The only way to kill drug crime is to flood the market with cheap drugs so that its no longer profitable for criminals,...

            Spoken like someone who doesn't have any kids.

            I expect what makes drug use look appealing to kids falls under 2 main categories, 1) a change from their everyday life (which may be ugly or seem ugly because of poverty, crappy scholastic environments, abusive home life, just boredom, or something else) and 2) peer pressure that drugs are exciting because they're forbidden.

            Spend enough
    • Fighting spam on a purely technical perspective (authentication and rejection of unsolicited messages) is indeed very similar to competition in the natural world. However, from a different point of view, spammers have a vulnerability: customers must have a way to buy the advertised "product", which makes it traceable. This make spamming very different from most other kind of crimes, so i hope this outstanding peculiarity won't be overlooked when the governments decide it's about time to do something about
    • Jumping Jesus on a pogo stick, someone just got a (+5, Interesting) for soliciting anonymous cybersex. Are all you people really that fucking desperate?
    • From a while back...

      here [slashdot.org]
  • by attobyte ( 20206 ) on Sunday November 02, 2003 @10:58AM (#7370977)
    When are we going to do a distributed blacklist so this @$#$!@#@$ $pammer$ can't pull this crap?
    • by bigberk ( 547360 ) <bigberk@users.pc9.org> on Sunday November 02, 2003 @12:54PM (#7371576)
      When are we going to do a distributed blacklist
      USENET is pretty good. Something like this [sysdesign.ca], with underlying public-key crypto, may be more robust (it's worth the read!).
    • Forget a distributed blacklist. Why create a list of billions of hosts, when it's easier to create a centralized, sanctioned SMTP Whitelist that's a fraction of the size?
      • The problem with a whitelist is that it removes the ability to receive email from anyone (which is an important ability for some and required for others, e.g. support addresses).

        Bayesian filters have the downside that spammers will eventually craft emails so bland that they cannot be filtered without tagging a lot of legitimate email.

        The problem with spam is that it combines 2 qualities - it is in bulk and it is unsolicited. If senders of unsolicited email could be restricted in quantity (to, say, a couple

        • The problem with a whitelist is that it removes the ability to receive email from anyone (which is an important ability for some and required for others, e.g. support addresses).

          I do not think so. It might make it slightly more difficult for someone to spontaneously set up a SMTP relay, but the benefits exponentially outweigh any inconveniences imposed.

          Look at it this way. The way the current SMTP system is set up, it's analagous to a TLD system that requires no registration: anyone can flip on a SMTP
          • It might make it slightly more difficult for someone to spontaneously set up a SMTP relay, but the benefits exponentially outweigh any inconveniences imposed.

            Where do relays come into this? We are talking about end users running whitelists, right?

            The way the current SMTP system is set up, it's analagous to a TLD system that requires no registration: anyone can flip on a SMTP relay and start spewing crap to the Internet with bogus header information which in turn creates DDOS situations.

            Hence my proposa

  • by Maserati ( 8679 ) on Sunday November 02, 2003 @10:58AM (#7370978) Homepage Journal
    quietly reporting everything I get through spamcop and to the FCC.

    It isn't helping, but maybe one of the ones I help get shut down will quit.
    • Right now, even though it seems like spitting in the wind, your efforts do make a difference. All of us ISPs who use Spamcop's BL rely on diligent, responsible people such as yourself to report spam. It helps. If nobody else will say Thank You, please allow me!
  • Yikes! (Score:5, Insightful)

    by Quasar1999 ( 520073 ) on Sunday November 02, 2003 @11:00AM (#7370987) Journal
    This is scary stuff... anyone can get any domain pulled with a little accusation?

    We need to secure the domain registration/ownership process... seriously... We might not be able to take down microsoft.com, but with this complaint technique, I'm sure we could do some damage to a lot of less high profile companies... We need to get this fixed now! It's almost as bad as being allowed to call your neighbour a terrorist, and have him/her arrested indefinetly, with no proof...
    • well, if you pick a domain registrar that acts like a whiny bitch . . .
    • The problem is that anti-spammers demand a nuke-first ask-questions-later policy for shutting down 'bad' sites.

      Unfortunately, that policy can also bite you in the ass. You can't have it both ways.

  • by Trick ( 3648 ) on Sunday November 02, 2003 @11:00AM (#7370990)
    > Sounds to me as if SpamCop is proving to be a
    > good-sized thorn in the sides of a number of
    > spammers.

    Maybe, but maybe not. The DOS attacks by spammers have been getting pretty brazen of late. SpamCop's a well-known name, and that's probably all it took to make it the target of an attack, regardless of how effective it is.

    They've gotten almost no resistance to the attacks they've launched so far. They've got no reason not to launch an attack on anyone who even attempts to block spam at this point.
    • Yeah, when I worked at my previous job, I spent lots of time trying to cut down on incoming spam email. (We had loads of complaints, and when you're using Exchange Server 5.5 for your email with Microsoft's Internet Mail Connector, you don't have all the filtering options of a Unix box....)

      I religiously reported problem emails to Spamcop, for about a year straight, and only *once* did an ISP actually write me back to report that they removed someone's account, and thanked me for reporting the issue. On t
  • Surge in spam (Score:5, Interesting)

    by October_30th ( 531777 ) on Sunday November 02, 2003 @11:00AM (#7370992) Homepage Journal
    The amount of spam I receive every day has clearly been steadily growing for the last few months. Looks like the spammers are winning the war by DoSing spam fighters and hiring mercenary hackers with 450000 trojaned systems [wired.com].
    • Ive noticed that too. I'm now up to over 500 a day to my entire domain.. and its just a tiny spot on the roadway...

      At the office, over 20,000 are deleted off the bat, and that doesnt include what gets thru.. ( though that is a major domain with over 40,000 users.. )
    • The amount of spam I receive every day has clearly been steadily growing for the last few months.

      Mine has doubled (at a minimum) over the last 6 months. I regularly purge 100-200 spam messages a day, though some days it's much lighter.

      • Re:Surge in spam (Score:2, Interesting)

        by letxa2000 ( 215841 )
        In March of this year I received 1638 spam. In September I received 5073, and in October alone it increased over 50% to 7704.

        The good news is that with Bayesian filtering I only saw 13 of them in October.

        Interestingly, my Bayesian filter continues to increase in accuracy. In October I was up to 99.8%. My guess is that they're increasing the number of times they do each spam run and that only makes Bayesian that much more accurate. That's the explanation I have for seeing such an increase in the volume

    • Beh 8000+ probes from former soviet countries, and other known spam havens in the last month you tell me where this is going.

      I am on a simple cable modem, but the rogers network has been having huge problems the last while(virus, trojans, headend issues, DNS issues, DHCP server issues, on and on). I wonder if they(spammers) pay attention to the fact that rogers has recently upped the speeds from 1.5mbps to 3mbps; were unsure if this is perm. yet or not. But it could be and that would be boon to the spamm
  • by YetAnotherName ( 168064 ) on Sunday November 02, 2003 @11:02AM (#7371005) Homepage
    I was a religious SpamCop user for awhile. You tattle to SpamCop on a spam you receive, it checks its various databases, and then notifies various network authorities of the problem.

    Problem being, that several of the network authorities are huge megacorps where the complaints get filed with the rest of 98,000 or are spamhosts themselves.

    I gave up in favor of SpamAssassin and Mozilla's spam filtering, which turned out to be far more effective.

    Isn't effectiveness the whole reason eight-year-olds tattle in the first place? ("Billy hit me!" Billy gets in trouble. (And Tommy gets beaten up after school.)) Somehow, I don't think enough spammers got in trouble.
    • One benefit of reporting spam to spamcop is that it lets ISPs know about client systems that have been owned and are being used for relaying spam. I don't know how many of the major ISPs actually do anything with the information.
    • by tsarin ( 217882 ) on Sunday November 02, 2003 @11:23AM (#7371096)
      As you say, SpamCop is fine; it's the ISPs that you need to worry about. A while back, I was running a mail server (forwards for a hundred-odd users, plus my own mail) off my DSL service. One of my users, playing the good little netizen, reported a batch of her spam to SpamCop, who, since my machine was in the headers, reported to my ISP--who promptly turned me off. No investigation, no "Hey, what's going on here?", not even a "Why are you spamming?". Lather, rinse, repeat, until the ISP ended up turning me off permamently. (And then, promptly, went out of business, shorting me nearly six months of my prepaid contract.)

      Had they taken the thirty seconds to actually look at the headers, it'd've been obvious that I was, effectively, as much a victim of the spam as my user.

      A "disconnect first, ask questions later" policy is fine, assuming you bother to ever actually ask.

    • I used to use it pretty consistently. There were occasions when my inbox would get flooded with the same spam hundreds of times. The only times it ever happened was when I was reporting stuff to spamcop. This leads me to beleive that on some level spammers were being at least made aware of the fact that they were being reported (and then trying to take some measure of revenge).
    • Actually, SpamCop now uses SpamAssassin as well as its own blocklist. And I use it mainly for one-click accurate reporting through the 'held' web interface. You are right that most abuse desks don't care about SpamCop reports, but it's still worth it for the remaining doing their job.
      Regarding Joker registrar policy wrt to validation procedures, I suppose that the fact that SpamCop goes away tells it all.
    • by Uggy ( 99326 ) on Sunday November 02, 2003 @12:27PM (#7371445) Homepage
      I agree. The only way to stop spam is by filtering it at the ISP or end user level. Email is too entrenched and too important for us to be mucking around with whitelists and trusted senders and whatnot. Reverse lookups would really do the trick, but since in my experience 99% of ISP's/bandwidth providers are just too uncooperative in updating their reverse DNS, that is out. Couldn't do virtual domains either.

      You could utilize some minimal checks like forward dns or just a HELO name check, which my company used for a while. But, there are SOOO many exchange servers out there that identify themselves as "microsoft.msft" (which is of course not correct) that some of our clients couldn't get their mail. They'd call, "Hey, so and so can't send me email." I'd telnet to their port 25 and check what they returned in their HELO... sure enough, it was incorrect, so I'd notify the administrator and our client that their email server is not configured correctly (and it's an open relay to boot). A couple of days later this client would call again saying, "Other people can receive this guy's email, but I can't. What's wrong with your server?"

      After a while, it's just a perception problem. You've got to be able to receive from everybody (except the absolute worst spammers). So we accept all mail and tag it with spamassassin using the X-Spam-Status tag. Clients then can filter it and check at their leisure. If they have a little more no-how, we tell them to download and install mozilla-mail or thunderbird with built in spam filtering. You've got to train it, but it works.

      Email is too important and too ubiquitous to be screwed around with. The surest and best way to deal with spam is to filter/tag at the end user or ISP. Legislation won't cut it. Threats won't cut it. Whitelists/Blacklists won't work. You can't even rely on first line HELO identification checks. There are just too many monkeys who've set up email servers out there.

      And just think about this: even ipv6 STILL isn't widely deployed.
      • > Email is too important and too ubiquitous to be screwed around with. The surest and best way to deal with spam is to filter/tag at the end user or ISP. Legislation won't cut it. Threats won't cut it. Whitelists/Blacklists won't work. You can't even rely on first line HELO identification checks. There are just too many monkeys who've set up email servers out there.

        I'm glad someone finally got it right. Let's come up with a technical solution instead of a legislative solution. This way, everyone is fr
      • You could utilize some minimal checks like forward dns or just a HELO name check, which my company used for a while. But, there are SOOO many exchange servers out there that identify themselves as "microsoft.msft" (which is of course not correct) that some of our clients couldn't get their mail.

        Insightful, my arse.

        The RFCs specifically state that a mail transport agent MUST accept the connection regardless of the HELO/EHLO. There's a reason for that too.
        What if the sending MTA is inside a NAT boundary,

        • I suppose you're also the type that likes to see 192.168.x.x in a traceroute from the Internet? Hmmm?

          The HELO check was a life saver during sobig. And I don't care who you are, reporting yourself as microsoft.msft is just stupid even through a nat'd connection.

          One more thing... magic must defeat magic!!
    • I work for an ISP and honestly, we love SpamCop. Our abuse mail gets a lot of complaints. We can take action on maybe 2% of them, because people simply don't give us enough information. "Stop sending me spam" does nothing for us, nor do the 75% of people who forward the spam and do not inlcude the headers. (Honestly, how can so many people still not know to include full headers when reporting spam?)

      The SpamCop reports have ALL the information we need (timestamps with time zone are crucial) to track dow
    • Even though the reports may go in to a black hole, it's still a good idea to keep reporting. Spamcop is partially "user controled" in that it decides what to block in some cases based on how many complaints have come in for that mail server; if there are a lot of complaints, the server will be added to the blacklist, and future messages will be caught. Even this isn't 100% effective mind you, but it's about as close as you're going to get considering it's impossible for anything to be 100% effective.
    • Someone else has already mentioned this, but here's my two cents.

      I used to work at the helpdesk at a small dial-up ISP. I ended up taking care of abuse complaints, and SpamCop came in handy many times. For a while we had a spammer sign up once a month for a throwaway account, and the very first indication was always SpamCop. I flatter myself that after being shut down a few times in a row, he went elsewhere.

      SpamCop is easy to use, quick, and it provides the admin with all the information she needs.

    • I gave up in favor of SpamAssassin and Mozilla's spam filtering, which turned out to be far more effective.

      That depends on your goal. You apparently want to not see the spam after it's sent, but don't care about paying for it's transmission. Some people care about the latter and view the spam problem as a social one that must be addressed.

    • My primary email address is a Spamcop address. I get about one spam a month and it never makes it to my inbox. This last bit is important -- I only have dial-up at home and I don't think that downloading 40 spam messages (my old daily rate, when I had a Yahoo account) then filtering them is the answer.
  • by Detritus ( 11846 )
    What's preventing the restored DNS records from propagating from the root server down to all of the requesters?

    When I send mail to spamcop, my ISP's mail server bounces it with a fatal DNS error.

  • by Anonnymous Coward ( 557983 ) on Sunday November 02, 2003 @11:04AM (#7371014)
    Most of the spam comes from and/or points to IP addresses in China and Brazil. Their reaction to your reports, if they even receive them, is "We'll get right on it."

    It would be far more effective to simply drop any SMTP connections from networks in Brazil or China. Even better would be to actively scan emails for links pointing to that IP space, and dump any messages received. This would eliminate most spam from user mailboxes.

    Spamcop is a nice parser, though, for those rare occasions in which reporting would do any good. Unfortunately, they're in bed with Cyveillance--don't forget to uncheck that box to avoid helping them.

    • What's wrong with Cyveillance?

      Being that I"ve used Spamcop now for 3 or 4 years, just curious.
    • Unfortunately, they're in bed with Cyveillance--don't forget to uncheck that box to avoid helping them.

      Why?

      • Cyveillance ignores robots.txt and uses deceptive user agents to crawl websites that might have material that doesn't jibe with the PR stance of their corporate clients. They are actively involved in suppressing free speech on the Internet by selling "monitoring" services to its corporate masters. The discussion about Spamcop in bed with them [google.com]
    • by admbws ( 600017 ) on Sunday November 02, 2003 @11:16AM (#7371055) Homepage Journal
      It would be far more effective to simply drop any SMTP connections from networks in Brazil or China. Even better would be to actively scan emails for links pointing to that IP space, and dump any messages received. This would eliminate most spam from user mailboxes.

      Alternatively, you can simply drop all SMTP connections from the entire IPv4 address space! That would eliminatate all spam from user mailboxes!

      P.S. I'm being sarcastic, but blanket bans suck [somethingawful.com].
      • Alternatively, you can simply drop all SMTP connections from the entire IPv4 address space! That would eliminatate all spam from user mailboxes!

        P.S. I'm being sarcastic, but blanket bans suck.

        Banning is the proper way to deal with unethical Internet activity. There's nothing wrong with it. If an ISP chooses to allow unethical behavior to occur on its network then it will need to learn to deal with the consequences of the rest of the Internet shunning it. Sure, it hurts innocent people, but people sh

    • You don't understand how Spamcop works.

      There are several levels. The "complain to the ISP" is just one of Spamcop's services. Their network employs an automated system maintaining a real-time relay blacklist based on spam reports. Even if the ISP doesn't respond or take action, rogue smtp relays will be automatically blacklisted and participating networks will begin to refuse to accept mail from these systems, whether the ISP chooses to deal with it or not.
  • They did have a disconnected phone number, which Joker might of have had some legal crap in their AUP, if so, it does change the situation a bit - but it seems that Joker was kind of a bitch here and the articles don't exactly give shining reviews of their customer service. Seems that the company is living up to their name.

    I wonder how much better a distributed system would work . . .
  • SpamCop costs (Score:5, Interesting)

    by cft ( 715198 ) on Sunday November 02, 2003 @11:09AM (#7371032) Journal
    It's been reported that SpamCop is paying upwards to $30K / year for bandwidth as a direct cause of the continous DDOS attacks on it.

    The spammers are doing everything they can to squeeze the anti-spammers out. They use frivolous lawsuits (aka Mark Felstein and his porn spamming backers) or DDOS attacks that either knock the anti-spam resources off completely or increase the costs so that no hobbyist can run them.

    And while all this is going on, the law enforcement agencies are doing nothing to counter the clearly illegal acts of the spammers.

    And ISPs are doing NOTHING to reduce the number of zombies on their networks. So the DDOS attacks continue.

    Nice going.

    It's only a matter of time when someone (Al Queda?) will use the zombie network for something that will truly be noticed.

    Proletariat of the world, unite to kill spammers
    • Re:SpamCop costs (Score:3, Interesting)

      by shokk ( 187512 )
      And at what point do people get sick of the legal route and take matters into their own hands? I think the messages gets across after a few spammers disappear in a mist of quickly oxidizing nitrogen-based substances, or a hail of metal. For those International spammers, at some point the links to the civilized world have to be considered a liability and just need to be shut off or filtered.
    • It's only a matter of time when someone (Al Queda?) will use the zombie network for something that will truly be noticed

      "We are 100% certain that they have Zombies of Mass Destruction" - GW Bush
  • Is this the wave of the future? If you dont like someone just make up something and 'report' them... Let them pay the bill to fight it. Be it with their ISP or the HSD......
  • by rjch ( 544288 ) on Sunday November 02, 2003 @11:19AM (#7371072) Homepage
    geekwench writes "SpamCop was apparently the victim of a recent DoS attack.
    So of course, you just had to follow a DoS attack with a Slashdotting, didn't you? :)
  • by Anonymous Coward on Sunday November 02, 2003 @11:55AM (#7371236)
    I'll tell you why: they are not numerous enough. I'm the abuse mailbox handler for a well-known company that is disliked on and off line. Out of a 5-million-address mailing, I get maybe 12 complaints. Management does not care to alter anything about our "customer retention management" system. In fact, with only 12 complaints our of 5 million emails, they think we're doing pretty damn good, and so do I.

    We do the following:
    1. Opt-out only. You do business with us, you're on the list and have to taken yourself off of it to stop getting our mailings. There is no choice to opt-out at time of purchase, no choice to omit your email address.
    2. Sell your address to our partners. Our contracts with our partners requires us to collect addresses when we make a sale for them, and pass the address lists along.
    3. Pass off opting out of partners' lists to our partners.
    (We spell all this out in the online Terms of Service which is displayed before a customer makes a purchase. People still buy).

    Still, with all these "bad practices" in place, we only get a dozen complaints out of several million spams sent. We're on AOL's whitelist of approved spammers^Wmarketers whose mailings bypass their spam filters. We're on other ISP whitelists, too. If we get a Spamcop complaint, I dutifully click on the link in the notice, check "account terminated" and that's the end of it. But with only a handful of them each week, I can take care of the Abuse mailbox in less than a hour a week. Anti-spammers have had no adverse effect on us in the four years we've been doing it this way.
  • lawsuit? (Score:2, Insightful)

    by Althazzar ( 313749 )
    IANAL, but doesn't this give reason for some sort of lawsuit? Joker have, on account of one false complaint about wrong adres info, suspended a service which i presume was still being paid, without any warnings after their first one, though a reply had been given. I don't know which law applies here, but in Holland, this would be reason enough for a court meeting.

    On top of that, there is ofcourse the question of: how is this possible? are there rules for actions of this kind? returning a fax is, IMHO, inde
  • by wayne ( 1579 ) <wayne@schlitt.net> on Sunday November 02, 2003 @12:12PM (#7371320) Homepage Journal
    I saw this mentioned on the spamcop news group [spamcop.net].

    There is a new email worm called W32/Mimail-E that is designed to create a distributed denial of service attack on the anti-spam websites of spamcop, SPEWS, and spamhause. See: sophos write-up [sophos.com].

  • by Dynamoo ( 527749 ) on Sunday November 02, 2003 @12:19PM (#7371384) Homepage
    There's a long and quite interesting thread in news.admin.net-abuse.email [google.com] about an attempted "LART" on SpamCop by a well-known character called Jamie Baillie [google.com]. This came out of a result of a long-running dispute between Mr Baillie and more or less everyone else who posts to that newsgroup.

    There is no proven connection between the issues at the registrar and Jamie Baillie's attempt to have SpamCop shut down, but the complaint to Joker (the registrar) was anonymous and clearly vindictive.

    Oh yes.. the domain name cesmail.net will often work in place of spamcop.net for those still struggling to get through.

  • So I use Outlook XP for email (go ahead and laugh now). One of Spamcop's most useful features is the ability for the user to simply forward spam directly to a predefined email address (one for each end user) and have Spamcop handle the rest. I have one or two addresses within a domain that I own which receive nothing but spam. I usually just filter them all to the trash, but I decided to start forwarding them along to Spamcop and let them do their thing. When it works, Spamcop is great.

    So I tried this
  • I've been thinking about this. I agree, Joker did not exercise proper due diligence.

    They *assume* that email is a reliable way of contacting someone, but the *require* you to fax a document to them. I do not even have a fax machine and, off hand, I don't know where I could send a fax from the US to Germany. I suspect that it would cost at least a couple of bucks and would take a fair amount of time.

    They sent *one* email before shutting the domain down. They did not reply to the (one) email that was


  • There have been times when I have reported spam to Spamcop and received an apology from the spammer's ISP less than two hours later.
  • by harlows_monkeys ( 106428 ) on Sunday November 02, 2003 @12:57PM (#7371585) Homepage
    I don't understand spamcop.net's choices of providers for various services. For a domain registrar, they are using a German company, that they have no idea how to call when things go wrong. Wouldn't it make a lot more sense to use a US or Canadian company that would be easy to contact? (Note that I'm not saying there is anything wrong with German companies!)

    Second, on their pages, they have at the top a recommendation for a specific web hosting company, presumably the one they use--this isn't a banner ad, but rather an ad written right into their HTML, so it sure looks like it is their personal recommendation for web hosting. When I was looking for a new hosting company for my site, I wanted to find one that was not soft on spam, so that I would not have to worry about ending up in SPEWS, and figured that the one SpamCop uses would have to be good. Checked out their plans, and they were good. I was ready to sign up, but decided it would be dumb not to at least Google a bit...and I found that that hosting company does NOT have a good reputation in the anti-spam community!

    You'd think one sure-fire way to find a white-hat ISP would be to use the one that a major anti-spam site recommends, so this was quite a shock.

  • Spamcop works (Score:3, Informative)

    by Blackknight ( 25168 ) on Sunday November 02, 2003 @01:28PM (#7371724) Homepage
    Spamcop is great if the ISP or web host actually responds to the complaints. I work for a web hosting company and we investigate every complaint that comes in. If it's legit the account gets terminated.

    I still think by the time spamcop gets to us it's too late though. You can't unsend spam, once it's out it's out. They'll just get a different account on another host. What we need is some kind of filtering on the incoming and outgoing sides. Or the world could just switch to something besides Outlook, which helps these viruses and worms propagate.
  • by mabu ( 178417 ) * on Sunday November 02, 2003 @01:47PM (#7371798)
    Right now, Spamcop is THE most effective anti-spam solution bar none. End users don't realize the effect Spamcop has on overall network performance and the reduction of spam they receive in their inbox. Most users naively think client-side filtering helps when it's little more than a band-aid on a severed artery.

    In the last 24 hours, one of my modest-sized mail servers reported these stats:

    accepted mail: 2480 messages
    spamcop blacklist rejected mail: 8216 messages

    This is with no legitimate mail being blocked and a rather conservative set of relay blacklist rules.

    That's more than 70% of the e-mail we receive clearly identified as spam and rejected at the server level.

    But at least we stop the spammer as soon as he connects. We don't receive any of the junk e-mail once we identify mail coming from a known spam source. This reduces our operational costs, tax on hardware and software and available bandwidth to all users. Client-side filtering consumes all these resources and offloads the burden on the end-user to pay for software that still does not effectively deal with spam.

    When you employ client-side filtering you do NOT stop spam; you do NOT reduce anyone's operational cost. When you deny mail relay access from spammers you DO cost the spammers time and money!

    Spamcop has proven itself to be the most effective and productive solution at present, which is why it's being targetted by spammers. Using Spamcop's RBL, spammers can't even connect to participating networks. When you employ client-side filtering, you help spammers because their argument for de-regulation of spam involves putting the cost burden on the users - all they care about is delivering X messages and that is still accomplished, whether your mail filter catches it or you manually delete the junk, so this "solution" encourages future spam activity and also breathes more life into companies like Symantec that actually profit from the spam epidemic.

    There are only two more-effective solutions to the spam problem: 1. The Federal Government finally deciding to pursue the spammers who break into computer systems (which has been illegal since before the Internet existed), and the employment of a sanctioned smtp whitelist.

    I posted a previous comment with my detailed analysis of the issue and exactly how it can be realistically solved. [slashdot.org]
  • Spambayes (Score:2, Informative)

    by kenyob ( 209893 )
    Who needs SpamCop...
    Just use <A href="http://spambayes.sourceforge.net/">SpamBayes </A>.Its free, open source, and works almost as well as my Mailblocks account...

"An idealist is one who, on noticing that a rose smells better than a cabbage, concludes that it will also make better soup." - H.L. Mencken

Working...