Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Spam

Web site identifies anonymous spammers 114

EngrBohn writes "This NY Times article reports on SpamCop, a website that will extract the real origin of anonymous (and spoofed) spam and then notify the spammer's network administrator. This basic service is free of charge, and for a $15 membership, additional services are available. " Cool-maybe I can get their home address and hire bounty...um...er.
This discussion has been archived. No new comments can be posted.

Web site identifies anonymous spammers

Comments Filter:
  • Personally I don't know of anyone who likes or would miss a spammer.

  • No, they changed that. You have to give one now, and they verify it. It can still be "blowme@hotmail.com" if you want, but it's gotta be a valid email address.
  • This service does not post the spammer's home address. There would be no way to do this unless they have billing info and access logs for every ISP in the world... and even that wouldn't cover it.

    This just decodes headers for you, and weeds out the spoofed garbage. It's nifty, though.
  • The mail sent to the admins used to be a lot more verbose, but I believe Julian changed it as a result of feedback from admins themselves. Now it's short but full of links to places on spamcop.net where you can get more info on the situation.
  • >>It has to work this way, or spammers could simply
    >>forge a non-relaying SMTP host at the
    >>beginning of the message and bypass the checks."

    >I don't understand what you are saying.

    I mean you HAVE to check all the relays involved, because the spammer could add forged "Received From" header to the message using the name and IP of a non-relaying mailer, thus making your filter think the mail originated from a secured mailer
    and is OK to accept.

    The problems with this approach presented elsewhere in this thread are not insurmountable.
    I'd like to implement this for my personal use, but I need a starting point. I just wanted to know if there was any solution out there already so I don't have to reinvent the wheel.
  • Saying Bill Gates (who is the founder and CEO os MS and therefore the human being most responsible for MS's actions) is not responsible for DOS/Windows/Office viruses is analogous to saying that an automobile manufacturer is not responsible for the explosion of gas tanks in car crashes. The product's creators don't directly cause the problem, but they are grossly negligent.

    The original statement is a lot more like saying that baseball bats are responsible for assaults. It's sort of true, but not really.

    The original statement (if true) says that the programming language of choice (PERL) for extracting email addresses from the internet is also the programming language of choice for parsing email headers. I think this says more about the PERL's ability to process text than it does about the spam debate.
  • BTW, the slashdot user login cookie doesn't work with Netscape 4.6/W98 on my machine.
    IE 5 works fine.

    Anyone else?

    -
    Jesus saves - Gretzky gets the rebound and scores!

  • b) My phone company keeps charging me more money every few months for a basic account. Apparently, the cost of supporting local phone service is quite high ...



    The cost of providing service hasn't changed, just the rules of the game. As you may know, the regulatory environment for telecomm has gotten so out of hand that nothing actually costs what you pay for it anymore, you pay either more or less and the ILECs, CLECs, FCC, ESPs, decide how to redirect the money, according to rules that seem to change every month. The most recent change is to soak you for any extra phone lines you have (up from $3.50/mo to inflation-adjusted $6 == $6.09 or something) which is apparently going to the long distance companies, so you pay more for your phone, but just watch those LD rates drop!


    I'd be more excited about it if I ever made any LD calls, but I console myself with the thought that basic service is already subsidized (Universal Service) so I'm probably paying closer to cost than before. Still maddening though.

  • Most of the spam I get seems to originate from the USA, although it has been routed through some foreign server.

    It appears to me that most non-USA sites haven't reached the conclusion it would be best for them to disallow relaying.

  • Well, there is more to this. The bill text (http://thomas.loc.gov/cgi-bin/query/D?c105:4:./te mp/~c10541pyZs:e32892:) states:
    (2) COVERED INFORMATION- The following information shall appear at the beginning of the body of an unsolicited commercial electronic mail message under paragraph (1):
    (A) The name, physical address, electronic mail address, and telephone number of the person who initiates transmission of the message.
    (B) The name, physical address, electronic mail address, and telephone number of the person who created the content of the message, if different from the information under subparagraph (A).
    (C) A statement that further transmissions of unsolicited commercial electronic mail to the recipient by the person who initiates transmission of the message may be stopped at no cost to the recipient by sending a reply to the originating electronic mail address with the word `remove' in the subject line.

    I still have to see a spam message with name and phone # of the spammer...
    The Congress website also indicates that this bill passed the Senate, but not the House.
  • ...but figuring out the correct complaint address is faster by hand, at least for me. Nothing beats the handcraft these days, when the newbie spam warriors need toys like this.

    D00dslayer extraordinaire, 54 kills, average abuse report generation time 1 minute 10 seconds,

  • ...one spam someone forwarded to me that advertised "URL Encryption". The addresses were "mathematically encrypted using proprietary extremely complex mathematical formula". Gee, I didn't knew inet_ntoa() and inet_aton() used extremely complex mathematics, let alone proprietary algorithms. =)

  • Tele-marketers effectively save money when you hang up quick, it frees them up to call the next person (ie a cheap negative). What hurts telemarketers is when they spend time on you and then don't make a sale (ie an expensive negative).

    So waste their time, either ask them inane questions for ages (depending how bored you are this can be quite fun) or I usually just tell them "I'll go get the person you want to speak to", then go back to what I was doing. Pop back every 5 minutes or so and say "he's just coming now..." - this really cheeses them off. I had one guy hanging on for about an hour one time while I watched TV. In Australia this used to actually tie up their phone line, they could hang up but they couldn't actually get another dial tone until I hung up too.
    Of course, if you're expecting a call, then your options are limited.

    I don't get any near as many calls since I started doing this, may be coincidence of course.

  • That just gave me a great idea for a TOS policy:

    SPAM POLICY - For every message that qualifies as "SPAM" (see our definition), a charge will be added to your credit card. This charge will increase with each "SPAM" message you send. Each "CC" and "BCC" or any other form of sending the same message to multiple recipitants counts as a different message. Our pricing policy works like this:

    1st Message: $25
    2nd Message: $100
    3rd Message: $250
    4th Message: $500
    5th Message: $1,000
    6th Message: $1,500
    7th Message: $5,000
    8th Message: $10,000
    9th Message: $50,000
    10th Message: $100,000

    If you continue unsolicited mail after the tenth message, you will be charged a fee that is the same as the one for the message previous to it increased $100,000, and then you account will be terminated.


    Just think if this was enforced. Then, when the spammers are on the streets and complaining that AOL ruined them, everybody will just laugh... sort of a clockwork orange kinda' deal...
  • SpamCop is a good idea, and I wish Mr. Haight (sp?) luck in his endeavour. However, I'm afraid that in my experiences with SpamCop I've found it to be slightly less then useful.

    As head of the abuse department for a rapidly-growing ISP in Virginia, I get my fair share of spam complaints. I'm also an ardent anti-spammer, and not only hunt down all the spam that I get, but also help my customers hunt down their spam.

    I have never gotten a legitimate spam complaint from SpamCop. The few that I have gotten have always been incorrect allegations of inappropriate conduct, and the actual messages are near-indecipherable at times.

    However, I wish Mr. Haight the best of luck in future versions of his program - and hopefully once it hits a good level of reliability I'll be able to recommend it to my users.

    On a side note, as another comment mentioned on Perl and spamming - there's a good interview with Larry Wall in the Linux Journal a month or so ago where he does claim that most spam probably not only harvests addresses using Perl, but also sends the spam using it. :-)

    Now good luck, and keep fighting the good fight.

    --SeanMike
  • Actually, most of the headers are not in RFC821 (SMTP), as it only defines the protocol:

    MAIL From: me@me.com
    RCPT To: me@me.com
    DATA
    >

    Those headers are typically generated by the SMTP client before it sends the mail. Typically the only thing added by the server is Received and Return-Path headers. It is somewhere within these headers which a service like this can track Spam (at least to a certain point. Of course, the easiest way to start detecting whence spam originates is to look at the Message-Id header.
  • Last time I went to RadiosHack, they asked for my last name. Whatever. I tell him. No problem, rings up, gives me the receipt. I now have the address and phone number of someone with the same last name as mine...
  • Like the majority of people (with the possible exception of folks who don't get much mail and are happy to see ANYTHING appear in their 'in-box') I despise Spam. However, having chosen to work from home today thinking I would have some peace and quiet during my coding, I realized something.

    I prefer Spam to telemarketers!

    At least with Spam, I can just hit the delete key and it is gone! I suppose I could just hang up on the telemarketers, but years of social conditioning make that nearly impossible ...

    YS
  • Perl is responsible for SPAM? Wow, the FBI better go after Kernighan and Ritchie. I'm guessing that they're responsible for a lot of virii... :)
  • Posted by wtr:

    The general concensus on several different anti-spam mailing lists is that SpamCop, while somewhat useful, frequently misidentifies the source of the spam. One of the many problems is that many older Sendmail 8.6 systems used by spammers don't correctly identify the source of the email comming through the relay. They blindly stamp on anything you tell them in the HELO statement without any verification.

  • I take it you gotten spam through your normal e-mail address?

    Don't 'cha know that spam comes postage due?

    Yep. It's tacked on your ISP's bill. The ISP has to keep adding more mail servers to handle the load spammers put on 'em. Some even attempt a "scan" from a dialup. In all cases, it costs your ISP money, and in turn, you.

    I like to save money, thank you very much. Which is why I complain. I get alot of nuke messages that way which saves my wallet every time.

    ---
    Spammed? Click here [sputum.com] for free slack on how to fight it!
  • It would be a lot easier to just block incoming
    mail from mailservers that are open for relaying.

    The MAPS RBL and the other RBL's only work if the
    offending site has already been reported. From
    my experience the sites I get spam from have not
    been entered, and you have to jump through some
    hoops to get them entered. Big deal, so the
    spammers use the next server on the list of open
    relays they scanned for in .ac.kr and .ac.jp.

    Why can't I set up sendmail or whatever program
    to reverse-scan the intermediate mailservers for
    misconfiguration and bounce mail accordingly?
    I know I might bounce some legit mail, but I'm
    willing to do that, since my SMTP server only
    receives mail for me and no one else. At least
    the bounce message could tell them why their
    mail was refused and the sender could take it up
    with their sysadmin.

    Is there such a method of refusing mail from
    _ANY_ open relays already implemented in some MTA?
  • I just got an email from somebody wanting to sell me space on their server and they said that they were 'spam tolerant'. What good is it if your network administrator is in on the crime??????
  • Posted by FascDot Killed My Previous Use:

    1) MS Exhange doesn't (in fact, can't) relay, but doesn't report this fact to the sender. So your method would automatically block all mail coming from Exchange. This is not necessarily a killer, but...

    2) There might be multiple SMTP servers between the originator and you. If the first one relays but the rest don't you will still get spam.

    ---
    Put Hemos through English 101!
  • In the U.S. there is a Federal law, namely the "Telephone Consumer Protection Act of 1991" that says they have to put your number on the "no-call" list if you so request, and you can sue them for $500 per incident if they call you after you have requested to be on the list. See http://www.privacyrights.org/fs/fs5-tm kt.htm [privacyrights.org].

    With spammers on the other hand, replying with "remove" in the subject line just verifies your email address.
    --

  • Well, not to get into a serious discussion, but ...

    a) Most spam I get comes through my free web addresses - these are the ones I post to newsgroups with. I am probably in somewhat of a minority right now, too - my ISP is a cable provider, and their price has actually dropped over the years.
    b) My phone company keeps charging me more money every few months for a basic account. Apparently, the cost of supporting local phone service is quite high ... I am guessing the telemarketers don't lessen the load!

    I have to say that I am glad I have not yet received a telemarketer call on my cell phone yet - THAT would really bother me!

    Anyhow, I still hate Spam. But I dislike having to deal with telemarketers more.

    YS
  • > Same goes for websites that ask for my address

    Whenever I am asked for an address, I use root@ the domain name of the web site in the remote hope that someone in charge will get as pissed at the spam as we do.

    -=[doug]=-
  • Posted by FascDot Killed My Previous Use:

    Ah, I see.
    There's also a third problem: AFAIK the only way to check if an SMTP server relays is to acually try to relay a piece of mail through it. And good net admins will be logging those attempts.
    ---
    Put Hemos through English 101!
  • It's been posted again and again in news.admin.net-abuse.email that most abuse admins despise SpamCop. In fact, it's so unpopular that some admins have admitted to simply bit-bucketing all SpamCop correspondence.

  • >I just got an email from somebody wanting to sell me space on their server and they said that they were
    >'spam tolerant'. What good is it if your network administrator is in on the crime??????

    I got the same spam too, last night. It was funny, in a sorta ``let's laugh at the mental retard who's trying to scam us" way. It was an offer to join a yet-to-be-created domain, mentioning a mailbox at eudoramail.com & another at bigfoot.com, & sent from an open sendmail port in Spain -- in other words, this site doesn't exist yet. The price was $24.95 a month, or $99.80 for three months. (Read it twice to see how it's a great deal!)

    If the dweeb who created this email ever does connect his site to the 'Net, be assured that it won't stay connected for more than a few days. Sanford Wallace wore down the patience of backbone providers with his unrepentant ways. And if he has more than a pair of brain cells, said dweeb will take what money he gets & spend it on toys -- although mommy & daddy might wonder where their 12-year-old kid got ahold of almost a hundred dollars to buy his comic books & soda pop with.

    It was the best laugh I've had concerning the Internet in a long while.

    Geoff
  • Then they are FOOLS.

    "Sir, news from the front - we are losing the war"
    "Shoot that messenger."

  • >I prefer Spam to telemarketers!
    >
    >At least with Spam, I can just hit the delete key and it is gone! I suppose I could just hang up on the
    >telemarketers, but years of social conditioning make that nearly impossible ...

    Caller ID is your friend!

    I've found from experience that any call that comes thru as ``Anonymous" or ``Unavailable" is a telemarketer -- especially if there is no phone number included. And as I & my wife have ignored those calls, over the months these junk calls have tapered off.

    YMMV.

    Geoff
  • From http://spamcop.net/spamsuccess.shtml [spamcop.net]:

    Customer account is toast, web page is no more, user bank account will be minus $500 from our clean-up fee, and the spammer is looking for his 50 Free Hours AOL cd.

    We've recently tested the Orbital Anvil Bombardment System on this spammer. The results were promising. We had to hire the folks at http://www.asepsistechnology.com to clean up the mess.

    ... it's good to know that at least 60 people are doing the right things to fight spam. Keep on sending those complaints! I assure you, I (and most sysadmins) hate spammers as much as you do.

    This user account has been terminated and charged $1,000 in accordance with our Terms and Conditions agreement.

    Woohooh!

  • I got an interesting spam on my throwaway hotmail account today. I read it in full just for kicks, and saw an interesting notation at the bottom, which I've copied here:

    "***Under Bill S.1618 TITLE III passed by the 105th U.S. Congress this letter Can Not be Considered Spam as long as we include the way to be removed."

    "To be removed from future mailings Free, simply respond with "REMOVE" in the subject line. This will permanently remove you from all future mailing: remove@update4u.net"

    Of course, it's common knowledge that a response will get you spammed to the nth degree. So clearly they don't intend to live up to their end of the deal. Is their legal reference for real? I know that the legality of sending unsolicited mail is dubious at best anyway, thanks to the fax law that was mentioned before. The main concern is that these spammers might be able to turn the tables on us somehow.

    Oh, here's something that a completely unrelated search turned up; a how-to for spammers! Behold this nauseating chunk here: http://www.billminder.com/

    For the record, I take no responsibility for any damages that occur as a result of hordes of /. readers being aware of this site's existence. :)

    (of course, the software could just be virus laden bait; we can dream, right?)
  • Email isn't anonymous to begin with, unless you're bouncing through one or more anonymous servers. All this service does is provide an easier way to track down the server that originated the crap and look up publicly available info on that person. Kinda like looking at the postmark on a letter and finding contact info for the postmaster in that town.

    Personally, I have blackmail [demon.co.uk] set up. If a DNS check on the host name provided with EHLO fails, if a DNS check on the domain the from: line has fails, or if the To: address == From: address, I don't see the email. Occasionally, a valid email bounces. More often, it just means I don't have to deal with most of the UCE I get sent. And I post to Usenet with my real address, too.

  • Sorry, I didn't mean to cause a ruckus.

    I would have quoted my orginal source for this earlier, but I was at work and had already used up my four hours of slacking off.

    Larry Wall: "If you've ever been spammed (and who hasn't?), your e-mail address was almost certainly gleaned from the Net using a Perl script. The spam itself was likely sent via a Perl script. One could say that Perl is the language of choice for Net abuse. And one could almost be proud of it."

    From a previous /. link to Linux Journal [linuxjournal.com]

    I wasn't trying to blame Perl for all the Spam in the world, but when I read that this site relied on Perl, the quote from Wall came to mind.

    (And Bill Gates IS responsible for all Windows virii. He and Janet Reno write them in the basement of the loveshack on his back lawn, emailing the binaries to unsuspecting script kiddies around the world.) I'll take my medicine now.
  • I wonder how SpamCop is able to extract the phoney origins from the "genuine" ones?

    Now if the Network Admin *is* the spammer then I think DoS is in order no?
  • Posted by FascDot Killed My Previous Use:

    I just used it to report a spam and it (apparently) worked great. Couple of problems though: 1) I had to give a valid email to use the service. Upside is it allows "throwaway" addresses and they even provide one-use addresses to subscribers. 2) The report sent to the admins is kind of ugly. No explanation or "how to fix", but a bunch of headers and ugliness. 3) The website itself, while it works fine, is amazingly ugly. 16pt black type on yellow background, etc.
    ---
    Put Hemos through English 101!
  • For some reason, I didn't need to register for this specific article. The link brought me directly there.

    kmj

  • I'm reminded of how anti-abrtion site that posted the names and addresses of doctors got sued last year for something in the 10's of millions of dollars. The Doctors' addresses were suupposedly found out from this site. Now is it legal as it it, or can the site get sued if somebody kills a spammer with a posted address?

    -------------------------------------------------- ----
  • try
    here [spamcop.net]
  • by Anonymous Coward
    They need you to register that way the NY times along with Radioshack can conquer the world. All part of the master plan, why do you think they ask for your name at Radioshack when you're buying bateries? One way or another, all will signup for the NY times. It's just a matter of time..
  • I wonder how the newsgroups will like this?
  • Posted by FascDot Killed My Previous Use:

    I think the poster was refering the IDP (Internet Death Penalty) for sysadmins who knowingly send/allow spam.
    ---
    Put Hemos through English 101!
  • I've been using this for quite a while. It's great becuase most of the spam I get has forged address information in the header (duh).

    All you do is post the entire message (headers and all) and SpamCop parses it out and lets you know the e-mail addresses (abuse@, postmaster@, etc) that you need to complain to. It even composes an e-mail for you to send if you want.
  • by Anonymous Coward on Thursday June 24, 1999 @07:23AM (#1834853)
    Username: cypherpunks
    Password: cypherpunks

    The answer to all your login problems :-).
  • DoS is *never* in order.
    Besides, what do you mean, "extract the phoney origins from the
    "genuine" ones?" The SMTP protocol adds quite a few headers to a message during its travels; Faking all of them would be impossible (unless your own mail server lets someone manipulate the headers).
  • Does this mean that there is no way to access a host anonymously? Or send email? Isn't this a privacy breach?
  • Posted by FascDot Killed My Previous Use:

    Try this one [spamcop.net], too...
    ---
    Put Hemos through English 101!
  • The cases are very different.

    The anti-abortion site ("the nuremburg trials" or some such) posted wanted "dead or alive" posters, advocated the "remnoval" of the doctors for "war crimes", poster the doctors family info and celebrated the victory of a given doctors death.

    All of that adds up to a very different climate than this. SpamCop is "report spam", not the abortion sites "kill these bad people".


    _Dante_

  • Now if the Network Admin *is* the spammer then I think DoS is in order no?

    No. DoS is NEVER in order. It's lame, it's childish, and it's ILLEGAL.

    -- Give him Head? Be a Beacon?

  • Of Spam Cop, I can say two things...

    1) It is very effective in making admins aware of spam traffic from their system; and

    2) It is less than helpful to admins in identifying that is going on.

    The really bad thing is that you get so much e-mail, it's almost a DoS in itself.

    jf

  • Glad I'm not the only one that
    likes to jack with telemarketers!

    Get them off the script, ask odd
    questions that have nothing to do with
    the product or service. It's loads of
    fun if I have time to do it.

    Finally I tell them they should hang up
    on people like me.
  • I tried this one at Radio Shack, but the clerk just gave me this blank look ;-)>
  • There's probably a way to tell if you're dealing with an Exchange server, though, right?

    In the case of multiple SMTP servers, I would
    bounce the message if any of the intermediate
    SMTP servers were open relays. The person who
    receives the bounce may not know what to do about
    a relay upstream from them, but if they report
    it to their ISP perhaps a call from another
    admin might get the problem fixed.
    It has to work this way, or spammers could simply
    forge a non-relaying SMTP host at the beginning
    of the message and bypass the checks.
  • Posted by FascDot Killed My Previous Use:

    "The person who receives the bounce may not know what to do about a relay upstream from them, but if they report it to their ISP perhaps a call from another admin might get the problem fixed. "

    Assuming that
    • The first ISP gives a crap
    • The first ISP can find the middle ISP
    • The middle ISP gives a crap/is competent
    • You have 3 weeks to spare waiting for all this to happen

    "It has to work this way, or spammers could simply forge a non-relaying SMTP host at the beginning of the message and bypass the checks."

    I don't understand what you are saying.
    ---
    Put Hemos through English 101!
  • please meet virtual machine A and B, who have been configured to do a reverse open relay check on RCPT, One a particular day, A wants to send some email to B...

    A: "HELO, B"
    B: "pleased to meet you. A"
    A: "I have some mail for you"
    B: (thinking, do I trust A? Let me see...)

    (B starts working in the background)
    B: HELO A
    A: Pleased to meet you B
    B: I have some email for you (hee hee, but I'm not going to send it, just checking your answer"
    A: (thinking, do I trust B? let me see...)

    (A starts working in ther background)
    A: HELO B
    B: Pleased to meet you again, A. Busy today, isn't it?
    ....

    In short, it's a nice idea, but it would set up an endless loop.

    --
  • Actually, here Ameritech offers an extra feature, Privacy Manager, that costs a few bucks on top of the few bucks for caller ID with name.
    Basically if the call would show Anonymous or Unavailable on caller ID, it routes it to their system, and asks the caller to record their name, and then calls you, plays their name, and asks you if you want to talk to them, or not, or play them a nasty "I don't talk to telemarketers" speil.

    It's nice being able to tell who's calling before answering, either by caller id, or the preannounce. It also apparently makes predictive dialers think they hit an answering machine, so the big telemarketing places don't even make it to the point of ringing my phone.

    My saturday mornings have gotten alot quieter. Instead of 1-3 calls/saturday morning trying to sell me crap, I get to sleep.
  • You may add the quoting of this bill onto the ever-growing list of idiot assumptions that spammers make. A bill not passed by both houses of Congress and not signed by the President is not law, and, thus, does not supersede any other laws. They are in (alleged, not yet conclusively proven) violation of provisions restricting junk electronic communications (faxes) that has been interpreted by some courts to include spam as well. Simply because they are in compliance with a proposed law is much like car makers saying they meet "2002 government safety standards." That's great, but it's not required yet. And, if those standards included a provision for, say, a lack of a steering wheel because it might impale someone, then they would still be in violation of current law requiring steering wheels unless the new (thus superseding) law provided some form of exemption. That is all, of course, contingent on the law ACTUALLY BEING PASSED!
  • There is a difference between having your home searched and not using the Internet as a duck blind to avoid taking responsibility for your exercise of free speech.

    Privacy isn't defined by the U.S. Constitution either (it's by statute,) but it's a moot issue, since none of that governs international law, and the Internet is international.

    There are always ways to find out who people are on the Internet. SpamCop just makes it easier to find those who abuse it.

    J.
  • S.P.I.T.E. [sputum.com]

    The Spamkilling Personal Interface (Tactical, Enhanced). Tis a very nice tool.

  • There is also an available text box that allows one to add any comments he or she feels are appropriate. If you feel that the system admin needs information on "how to fix" or just an explanation, I'm sure you can put it in there.
  • Some choice quotes from billminder.com:

    ....

    > "Bulk E-mail really works!!!!" I have never seen anything else that can so quickly boost a small business into near famous recognition

    .

    ( how about that, you can become nearly famous!)

    .

    > I think most people on the internet would agree that a person who spends a lot of time trying to collect targeted email addresses is not a spammer.

    .

    ( I think most people on the internet would like to beat you around the head with a ClueBat (TM alt.tasteless)

    And there's even more stupidity like this below:)

    .

    > And computers never get tired, so they make great workers.

    > So [this] gets the reader to open the e-mail, but it can also make a few people a little angry that you tricked them into opening the e-mail. I have to confess though, I like using the sneaky approach of [this] the best.

    ....

    And guess what, billminder even have an 800 number - surely some of you 'merkins can cost this company a few dollars:

    800-721-7118


    furthermore, here's the whois entry for billminder.com:

    Registrant: Bill Minder (BILLMINDER-DOM)
    PO box 6301 Akron, OH 44312
    US Domain Name: BILLMINDER.COM

    Administrative Contact: Cimino, Joe (JC17073) billminder@AOL.COM
    330 733 9599
    Technical Contact, Zone Contact: Nicholson, William (WN72) domreg@TRICREATIONS.COM 212 564 9820 (FAX) 212 695 8026

    (Nicholson, William (WN72) domreg@TRICREATIONS.COM
    Tri Star Web Creations, Inc. 15 Penn Plaza, Suite OF2 New York, NY 10001
    212 564 9820 (FAX) 212 695 8026)


    Billing Contact: Cimino, Joe (JC17073) billminder@AOL.COM 330 733 9599
    Record last updated on 03-Sep-98.
    Record created on 03-Sep-98.
    Database last updated on 24-Jun-99 08:34:00 EDT.
    Domain servers in listed order:
    NS1.TRICREATIONS.COM 207.156.166.10
    NS2.TRICREATIONS.COM 209.139.57.141
  • One time I went to Radio Shack and the salesguy said: Can I have your name and address?

    I said, "No, you can't".

    Sheepishly, he goes, "oh, OK" and rings me up. Problem solved.
  • I read somewhere (babelfish: Once upon a time) that Perl was responsible for a lot of Spam because it was used to extract information from newsgroups to find valid email addresses. Now this guy uses Perl to extract the same information on the Spammers

    Truly a Postmodern situation. ;)
  • Hee hee, I haven't bought anything from Radio Shack in so long that I forgot about the big receipt they want you to fill out (at least in Canada). Same goes for websites that ask for my address and #, when all I want to do is see what downloads they have. Why do they need all that?
    Just fill in "don't give out to strangers" and make them think about their information gathering.
  • by Anonymous Coward
    My grandmother had cookies turned on in her browser and she went to the NY Times web site. A week later she was dead!

    Conclusive proof that cookies are EVIL!

    Or, we could just get a life and admit that cookies are necessary to make up for shortcomings in the HTTP protocol.
  • the anti-abortion site, asked for addresses and invaded the privicy of said doctors.
    spamcop, in as far as i can see, just uses the email headers to find where send spam came from. spamcop doesnt seem, invasive. the anti-abortion site asked for more info on doctors.
    Bottom Line:
    • the info on were spam comes from can be found by looking up info in the header of an email message.
    • the info on doctors had to be found by stalking them, and invading their perivicy [sp].

    nmarshall
    #include "standard_disclaimer.h"
    R.U. SIRIUS: THE ONLY POSSIBLE RESPONSE

  • >One time I went to Radio Shack and the salesguy said: Can I have your name and address?
    >
    > I said, "No, you can't".

    You were lucky. They also ask for my phone number!! I use your response or make up invalid info depending on how I feel. If the person is really stupid i make stuff up so they don't waste time wondering how to proceed with the transaction.

  • Uh, like why pay someone $15 to claim to claim to scan your spams for you when there are plenty of mailing lists [claws-and-paws.com] out there full of people willing to help you learn how to read the headers on your own.

    Really, it's not that hard once you get the hang of it...

  • All this does is compose a complaint to the spammer's ISP to have the spammer delt with. It doesn't post home addresses and phone numbers, it only automates the process of dealing with the spammer the same way you would deal with the abuse manually. This just makes it faster and easier.

    However, on the other hand, while this will make life a little harder on the spammers, they're already used to the "fly by night" nature of the business they're in, and getting shut down by their ISP is nothing new to any of them. They'll react like they always do, by going to a new ISP.
    This is where the home addresses would come in handy, since if ISP's were to confirm the identity of their users, they could effectively blacklist a spammer from operation until they changed physical addresses. Its a LOT harder to move physically than make a 15 minute phone call to get connected to a new ISP.

    However, while ISP's may have the spammer's personal information, they're probably relucatant to provide it to anyone for anything less than a legal subpenoa, BUT, if they specifically state in their contracts that any user caught spamming automatically forfeits their right to privacy and their personal information will be shared with other ISP's in an effort to stop the spam, then a prospective spammer will avoid that ISP like the plague (assuming they're forced to provide their real information in the first place).

    I'm not sure of the legal implications of such an idea, but a spammer, usually by definition, violates his contract, and as long as the contract specifically states the consequences of those violations, I doubt it will come back to haunt the ISP.

    -Restil
  • No, it is possible, at least to some extent. noproxy.com [noproxy.com] is in development, and there's another one (anonymiser.com or something) which has been going for some time now.

  • Yeah, it's like saying Bill Gates is responsible for viruses, because the majority were created on and for DOS or Windows. Hmmmm....

  • Security is guarantgeed by the constitution, but not by providers? Fuck spammers, and fuck email requirements too. Think about it how would you stop this so called service from releasing your info. Do you honest trust that delete button?
  • Fact: SpamCop doesn't find out WHO the spammer is, let alone their email address. It finds one server that was responsible for delivering it, and emails the admin of that server. Hardly what I would call an invasion of privacy.

  • Yes BUT if you've only got one received line, is there any better alternative than to send it to SpamCop? That's the key question.

    Surely if the relays are allowing forgeries through, the solution is to get the relays in trouble, and the admins of that relay will get annoyed and decide to upgrade their software. Or does it not work like that?

  • I don't understand. What more do you expect? Spamcop explicitly tells its users to include full headers. What the hell more is it supposed to do - telepathy???? IMHO, if you can't analyse headers properly, go find out how - as someone listed as an admin, you should know.

  • Duh. Can you read?? The basic service is FREE, and automatic. A no-brainer. Easier than doing it yourself. I strongly recommend it.

    The $15 is for extra stuff like spam-free email addresses (which I avoid like the plague in case they accidentally block anyone interesting. But that's just me).

  • SpamCop's going to get slower than adfu.blockstackers.com now that the New York Times has publicised it. Hopefully he'll get enough subscribers to pay for more bandwidth, but I should expect slow times ahead temporarily (particularly as Julian is out of the area at the moment).

  • One of the best things about SpamCop is the forum. Julian's always there, always listening to people, replying; he'll answer any question you have and he is always making improvements to the site.
  • Let's face it, most of the email clogging the ether is from so-called anonymous spamsters.

    And if they send it to a Washington State resident (and California too, I think), we and our State Attorney General She-Who-Must-Be-Feared will sue their butts off in court.

    Time to grow up ...


    Will in Seattle
  • It is in Washington State
  • >>Isn't this a privacy breach?

    But that's the point! Its an invasion of *MY* privacy to continuously receive spam when I don't want it. I *PAY* for the right to use my email service, why should I have to put up with unwanted spam? Its my email, I choose who to give my address to. If I want ads from a business, I will give them my email address. Most spam is not of a viable nature. Most of it consists of "get rich quick" or "get this thing cheap here."

    The ability to be anonymous isn't the issue. I could care less if somebody wants to surf and email anonymously. As long as this person doesn't use their anonymous status to bother me with spam.

    Personally, I don't think email should be anonymous. Its a form of communication. How can you trust an anonymous email? There's no way to validate the sender's name, address, etc. It would be like trusting a guy on the street wearing a ski mask and disguising his voice. You can't see his face and you can't recoginize his voice. Would you trust him? I view spam the same way. They falsify return addresses and their own identity - and they want me to buy stuff from them? HA HA HA HA. Uh, no.

    Spam is evil. I wish the clueless morons who use it would just spontaneously combust or something.

    adaml
  • Posted by FascDot Killed My Previous Use:

    Of a story I heard about a guy who went to RadioShack and gave all kinds of crazy information. ("Name: King Solomon", etc) The counter-jockey is annoyed but accepts the information (what else is he going to do?). At the end the RS grunt has to ask "Is all this information accurate?" and the guy says "No. Now ring up my purchase."
    ---
    Put Hemos through English 101!

It's been a business doing pleasure with you.

Working...