Slashdot Mirror

I note from the Wiki article that the Court was not unanimous on that:

"I do not see a philosophical or historical basis for asserting that 'commercial' speech is of 'lower value' than 'noncommercial' speech." -- Clarence Thomas

I see I should have included more links, so here goes:

• "The High Cost of Free Speech"
  "No one considered advertising or other profit-motivated communications as constitutionally protected speech until fairly recently. According to legal scholars, the phrase "commercial speech" did not even appear in any decision of any court of the United States until 1971. Freedom of speech was an individual right, protected from abridgment by the federal government (and from state and local governments after 1931)."
• "Governmental Regulation of Commercial Speech"
• "Government Regulation of Commercial Speech"
  "The Supreme Court for many years took the view that commercial speech--speech that proposes an economic transaction--was not protected by the First Amendment. The Court reasoned that the broad powers of government to regulate commerce must reasonably include the power to regulate speech concerning articles of commerce."
• "Commercial Speech"
  "In recent years, the Court's treatment of ''commercial speech'' has undergone a transformation, from total nonprotection under the First Amendment to qualified protection."
• Findlaw has more info.

Either speech is free or it isn't, no matter what convenient label you want to put it under.

That's an easy position to take, because it is the expression of an ideal. In the real world, rights clash all the time. The rights of Individual A, when they come into conflict with those of Individual B, or of society at large, can't be absolute.

My right to defend myself does not give me the right to shoot someone in the head when they try to pick my pocket. My right to own property doesn't mean that I can drill down and inject anthrax into the groundwater. My right of free speech doesn't mean that I can spam millions of email users without consequence. It also doesn't mean that I can advertise Fruit Loops cereal as a cure for cancer. In Abstract World it sounds great to let the buyer beware, but just imagine how much of a drag that would be on society. Transaction costs would go up, because much more due dilligence would need to be done, just to conduct a simple purchase. Those with more free time and more resources would be able to conduct due dilligence. Everyone else would be put at a substantial disadvantage. That's a perversion of free speech, which is designed to protect political speech, not the fleecing of other citizens.

As a side note, your slippery slope argument may apply in some countries, but not in the United States.I don't know how it is elsewhere, but in the United States, commercial speech has been granted more 1st Amendment protection over the past few decades, not less.

abuse.net will test your mail server for you. It tries many ways of relaying and displays a report that you can print out and show your boss how secure your server is :-)

http://spam.abuse.net/bits/igotspam.shtml
      2. Sometimes spammers get mad at anti-spammers and send out spam with the anti-spammer's name, address or web site in the spam. This is called a joe-job and some people take it as evidence that they've "arrived" as anti-spammers if someone joe-jobs them. It's done, of course, to try to create trouble for the person being joe-jobbed.

As long as MoveOn and other organizations practice responsible mailing list management, their delivery will be unchanged from the way it is today. So they're not fighting what they think they're fighting.

This is a whitelist that bypasses filters, not a whitelist that is the only way to get through. Bulk mailers who don't pay up will still be able to send to AOL, and can still participate in AOL's other whitelists.

And Goodmail's service isn't a matter of "pay and we'll let you in" so much as it's "pay and we'll do a background check to see if you're a spammer, and if you pass our criteria we'll put you in the fast lane." Hmm, that sounds a lot like Bonded Sender and Habeas. Remember the controversy here on /. when Hotmail started using Bonded Sender two years ago? How exactly did that play out?

But why let the facts get in the way of a good knee-jerk reaction? We like placing AOL as the big corporate enemy. They often are, of course, but in this case? It's all overreaction and misinformation stemming from mistakes in the initial press.

Check out some of the commentary at Planet Antispam to get some views from the anti-spam community. You'll be surprised to find most of them siding with AOL on this one.

Sheesh! Slashdot has gotten really lame.

"Other anti-spam workers" is none other than John Levine, Ph.D, co-author of the BEST SELLING INTERNET BOOK OF ALL TIME (I kid you not) "The Internet for Dummies" (Now in its ninth edition). Some of you cretins need to read it.

In Commonwealth of Virginia v. Jeremy Jaynes Dr. Levine served as an expert witness for the prosecution. His testimony helped send Jaynes to prison for nine years.

At the second annual Conference on Email and Spam Levine presented a technical paper on his experiences with greylisting.

Dr. Levine is the chair of the IRTF Anti-Spam Research Group. He's a founding member of the Coalition Against Unsolicited Commercial Email. He runs the Network Abuse Clearinghouse.

"Other Anti-Spam Worker" indeed.

Take a good look at Blue Security's product. I think you'll see that it's little more than an HTTP DDoS tool. BlueSecurity claims that it's okay to DDoS spammers, and that they make very sure that only spammers are DDoS'd (although their careful not to call what they do a DDoS).

I'm given to understand that they moved their hosting to Israel when Verio terminated their service for violations of Verio's acceptable use policy. Verio doesn't allow folks to host denial of service tools on their network (nor will any normal ISP do so).

Someone should ask BlueSecurity about their legal threats against Everyone's Internet for attempting to do the same.

These are not nice people. The only difference between them and the normal crop of script-kiddie miscreants, is that they have found venture capital.

(I didn't feel like checking to see if it was also an open relay, that would just have completely topped it)

It was a quick trip to abuse.net's open relay test page to check, and lo and behold, blog.seanalexander.com fails one of the tests.

Since the tester doesn't actually send mail, someone will have to determine if it is an open relay by attempting to use it. And that's what I don't feel like doing. Anyone? Anyone?

How about something that works: Fight SPAM

clambrac (722059): You need a degree to become a paid, hired code monkey for a company.

I don't have a degree.

I was ultimately hired as a computer programmer years ago due to what computer related information I knew at the time and this old MS-DOS program.

Today, I still don't have a degree now yet I wrote the two freeware/shareware programs on this page that solve a major problem that has been plaguing the Internet since May 1, 1978 or March 5, 1994 depending on who is doing the counting.

Now then, what is really more important when hiring your next computer programmer?

A degree and no real-world experience.

or

No degree and lots of real-world experience.

Bryan Taylor
iamcf13@hotpop.com
SpamByte code: 7
(see http://www.cf13.com/game-over-spammers.htm )
All email containing unwanted content will be summarily deleted or reported as spam.

It's hard to justify two to five years of education when most jobs have disappeared or have such extensive requirements that a college graduate has little or no hope of finding an entry level position to obtain the experience required to get a good job.

There is a hell of a difference between what you are describing and real spam. Real spam in involves privacy violations, harvesting of addresses, messages sent to randomly generated lists, etc.

Check out The Definition of Spam (according to Spamhaus) and What is spam? (according to spam.abuse.net). The term was originally coined to describe the crap spewed onto USENET. It most certainly was not intended to describe marketing spewed by your ISP, television, newspaper, or the ad boxes on /.

So, in closing. Downloading software is illegal. Fucking consumers is immoral.


Correction: Downloading illegally available software is illegal.

Case in point: I have a free, free-to-download test program available at my site (see sig) that checks if the PC you run it on is capable of running my retail program that is available for purchase there.

zerocool complains about high-priced (overpriced) software as is his/her right in the USA under the First Amendment to the Constitution Of America.

The reality: Software development costs MONEY and should be compensated for if desired by the creators of said software.

The facts....

The computer(s) the software is developed on costs money (unless said computer(s) were donated for free).

The electricity powering the computer costs money (unless it is being generated from a free and/or donated source).

The programmer(s) who programmed the software cost money (unless they are donating their time and skills for free).

The advertising for the software costs money (unless it is being done for free somehow).

The distribution expenses to distribute the software to the recipients cost money (unless it is being done for free somehow).

Companies and individuals have invested lots of time and money in the software they create and sell. They found needs/markets for certain kinds of software and wrote the software to fill those needs/markets. Big companies have to sell software for big bucks to recoup the expenses in creating, maintaining, and distributing said software. They also are entitled to profit from their software which should be reinvested back into the company--not wasted.

For example, look at the 'gross profit margin' on a retail CD copy of Windows: $179.00 or so for a round thin sandwich of plastics and metal that has an intrinsic value of maybe $1.00. That $179.00 Windows CD allowed everybody, from the end user/customer up to Microsoft itself, to profit and benefit from the manpower and technology invested in it to create it and to benefit from its power as a computer operating system.

Ok, let's cut to the chase....

Windows is a kludge, based on code dating back to the dawn of the PC era.

Microsoft is a monopoly.

Even in this environment, the customer STILL has alternatives such as Apple and Linux -- SCO problems with commercial Linux use aside (which can be resolved.

If you want to avoid paying for high-priced software, use cheaper/free software or buy/legally get for free the necessary software tools to write your own custom programmed software solutions.

To address the second part of zerocool's comment, I offer the the following as some of the societal results of 'people as consumers -- not customers'. This has created a desparate, adversarial environment in which commerce and 'consumers' meet in an inevitable clusterfsck....

Wal-Mart, their business practices and its consequenses.

Ad creep. Even on the Internet. a technique coined and first implemented in 1996.

Email spam.

A quick Google search turns up the history. To summarize, it's a matter of whether or not commercial interests have the same rights as citizens. The Nike case that the Supreme Court recently dimissed highlighted very passionate arguments from both sides of the issue of Corporate Personhood.

The DNC does restrict speech. It restricts the ability of a telemarketer to call you up and talk to you. "Free speech" in its most literal form cannot be taken to mean anything different. However, the Supreme Court has ruled numerous times that several forms of speech are not protected. Libelous or slanderous speech is not protected. Speech that leads directly to physical harm, such as the classic "yelling, 'Fire!' in a crowded theater" is not protected. Speech that somehow violates your property rights, such as political or religious campaigning on your doorstep or in your house is not protected. For many years, neither was commercial speech in many ways, and discrimination of content based on the fact that it is commercial in nature has been allowed. This is the discrimination that the telemarketers seek to attack.

...or robustly as a dedicated provider.
I've had some pretty poor experience of dedicated service providers. They go offline for a week, every day promising it will be up in 2 hours. They lose backups. They arbitrarily change hosting software and interfaces. Expensive ones may be robust, but "cheaply" and "robustly" don't seem to go together. If I host it, I control it. If my server goes up in smoke, if I care that much about reliability I'll go out & buy another one today (or swap over another old PC).

I don't recommend hosting your own site unless you already need "fancy" service (multiple static IPs, fast upstream) for other reasons.
Depends where you're coming from. I host my own web and email. I've learned a huge amount doing so. I have far better access to the server than I'm used to with commercial services. It means that MB stored data cost nothing (so all my music & all my photos are there, available from home or office, but pw protected). I can play with different languages. I can learn about virtual hosting. And yes, it opens up the possibility of home-based webcams, home automation etc.

Hosting your own can be great fun. Start with a limited-functionality webserver such as tinyweb - less to learn, less to go wrong, fewer security holes. Don't host an email server until you're certain you understand about open relays, and then test it at http://www.abuse.net/relay.html

Back to the original topic. I'm in the UK, so can't help with US providers. But I use Zen ADSL. GBP23.82 per month, single static IP. No blocked ports.

Procmail is your friend. Use it. In conjunction with SpamAssassin, you can filter it off to a folder to go send to SpamCop at your earliest convienence. While SpamCop officially discourages doing so, setting your mail server to reject based on the RBL bl.spamcop.net will save you some work (and money if you're a SpamCop member) by prohibiting mail from sites already reported by several people.

I use exim in conjunction with sa-exim to reject spam that scores high with Spamassassin, and to teergrube the luser. Since I'm the postmaster, I also have sa-exim give all the sa-exim rejected spam to my spam folder to report as well.

I have roughly 30 users. Almost all of them use my site for mail, since doing so is extremely spam hostile thanks to me, with very little inconvienence, if any, to legitimate mailers, which is the way it should be.

On an aside, I also use abuse.net's forwarding service to report hosts infected with viruses to their ISPs. I've been fairly successful, though it could be better. Roughly one third of the ISPs I contact suspend or terminate the user's account for it. I also maintain a net-lsearchable list of the last relay such infected messages go through before hitting my server. Feel free to use it for yourself, it's on my website.

/joeyo

The author is right in one regard, legislation won't do it. If everyone who is capable of deciphering the email headers to try to track down the originators of SPAM would try to report just one piece of spam to the offender's ISP, it would possibly begin to make a difference. The math is simple -- there are only a certain number of reputable (ie., non spammer-friendly) ISPs. If even 1000 people a day would use the available tools (www.abuse.net for one), and report this junk, eventually spammers will be forced to move to the spam-friendly ISPs. Then it's just a matter of adding the spam-friendly ISP to your favorite black-hole list, and you've just done your little part to stop spam.

A quick Google search turns up the history. To summarize, it's a matter of whether or not commercial interests have the same rights as citizens. The Nike case that the Supreme Court recently dimissed highlighted very passionate arguments from both sides of the issue of Corporate Personhood.

The DNC does restrict speech. It restricts the ability of a telemarketer to call you up and talk to you. "Free speech" in its most literal form cannot be taken to mean anything different. However, the Supreme Court has ruled numerous times that several forms of speech are not protected. Libelous or slanderous speech is not protected. Speech that leads directly to physical harm, such as the classic "yelling, 'Fire!' in a crowded theater" is not protected. Speech that somehow violates your property rights, such as political or religious campaigning on your doorstep or in your house is not protected. For many years, neither was commercial speech in many ways, and discrimination of content based on the fact that it is commercial in nature has been allowed. This is the discrimination that the telemarketers seek to attack.

And that's why I don't like SPEWS. I have no leverage at all to do anything about it. None. It's not like I'm tacitly supporting spammers by staying on with a spam-friendly ISP; I'm using the only broadband ISP in town, and they happen to use cw.net as an upstream.

As it turns out, I think my ISP may be migrating to another upstream. If I were to verify that, do you think the powers-that-be would be generous enough to reward their move with the ability to send mail to SPEWS-crippled mailservers again? After all, they did the right thing - right?

Out of curiosity, what blacklists are you showing me on? Now that Osirusoft went black, I think my problem may've resolved itself. I'm not in the Spamhaus Block List, and ORDB doesn't list me in their database. Even their 3rd-party blacklist search gives me a clean slate.

First, I am not a lawyer. Nor do I play one on TV.

But protected speech is not necessarily just about dissent, but also about social value. To just pop an example of commercial speech that could also have social value ( depending on your social values, I guess ) from Google: Bigelow vs Virginia (1975), which held that advertising the availability of legal, out of state abortions was considered protected.

Now, back in the day, commercial speech didn't derive any first amendment protection - now it has limited protection, under something called the Central Hudson test. This is a four pronged test that provides guidelines as to where the government can restrict commercial speech, and you can read more about it at abuse.net ( great article ).

The meat of Hudson is in the first prong, which basically rejects the protection of misleading speech. See the above posters' comments about fraud. The other prongs alow the government to interdict if it has substantial interest in the area under discussion.

Astoundingly, much of this transition from non-protected to limited protection can be laid at the feet of consumers, who brought suit to protect their right to receive factual information ( Virginia State Board of Pharmacy vs Virginia Citizens Consumer Council (1976) ).

A few of my favorite examples are:

• MyNetWatchman, firewall incident reporting service. Helps to defray spam by finding and reporting compromised hosts internet-wide.
• SpamCon Legal Fund, to help them further the cause.
• TMDA, The GPL spamfilter that actually delivers on the zero spam, zero fasle positive promise.
• SpamHaus, who does a great job keeping lists of both servers and spammers, and is very dedicated
• Your Local Food Bank. courtesy of abuse.net who says: "If you feel that abuse.net has been useful to you, please make a contribution to your local food bank, which needs money a lot more than we ever will. Thanks."
• Distributed Intrusion Detection System, another firewall aggregator, maybe the biggest, free to all

2. Disruption: Spam brutally disrupt your every-day routine. I can waste an hour a day going through your personal or work mailbox to delete spam. Email is such a personal, direct form of communication, having so many unsolicited messages in your mailbox is intrusive and disruptive.

Paul Graham (the guy who wrote POPFile, probably the first bayesian spam filter) has a great eassy about why spam is bad. I couldn't say it better myself.

...Me telling people about my anime web-site in virtually every post I make to Slashdot, I guess, falls into the category of spam...

Are you sure? This classic definition of SPAM is the one I like best -- SPAM explained in simple sentences.

I just checked out half a dozen of your comments. Half didn't mention your site at all. And others mentioned it only in passing, sometimes in an amusing way. I don't think this makes you a spam artist.

And I disagree with whatever moderator moderated your comment "off-topic".

It doesn't need to be a lot of work either... because a nice tool exists which may aid you, and other people even created a website to run the tool for you.

Alternatively, you can telnet to relay-test.mail-abuse.org from the mailserver.

Corporate speech and individual speech are equally protected under the First Amendment.

Wrong.

What kind of strategies have you seen work. For instance, in particularly bad instances I'm prone to send an e-mail to spam@isp.net, abuse@isp.net, or admin@isp.net, but usually never even get a response. Is there a better thing to do?

None of those addresses deliver to a human-monitored email address on most of the domains I run. Usually, the only address you can always assume will exist at all is 'postmaster@isp.net', and the mail volume to that address is usually so high that it's easy for one message to get lost in the shuffle.

One suggestion -- try the abuse contact database at The Network Abuse Clearinghouse.

Many (most) responsible large ISPs have a single preferred contact for abuse (SPAM) complaints. Many domains choose to register their preferred abuse contact at www.abuse.net.

As learned in the AOL CD story a few days ago (so don't blame me if it's inaccurate, /me points at everyone else), anything that comes bulk mail doesn't have any return to sender fees associated with it, so the post office throws it out if you send it return to sender. Meaning that all you do then is increase the load on the postal service, with out inconveniencing the sender at all, and subsequently increasing postal rates.

True. If, however, the postal junk mailer included a Business Reply envelope or postcard, you can always use it to express your displeasure at being put on their junk mail list.... No cost to you, extra revenue for the Post Office, and they pay to hear that you don't like to be bombarded with the stuff. ;>

In general, I do this only for companies that I never bought from and that bombard me with LOTS of junk mail. Since a company pays to send junk mail, I don't find unsolicited postal mail offensive in itself. I save my real ire for junk faxes and spam .

Not that I agree with spammers or their methods, but speech is speech, whether you like it or not is irrelevant.

Many spammers argue that free speech constitutes that banning spamming is a violation of protected free speech.

This is a straw argument to avoid the real issue.

First, commercial speech is not protected by the US constition in the way free speech by US citizens is.

Second, wether I like it or not is relevant.

The right to free speech means that the government or its officials cannot forbid citizens the freedom of expression.

It does not mean, however, that citizen A has to listen to another citizen B's speech forced upon him. Free speech also does not mean that citizen A has to allow citizen B to talk freely on A's property.

As a cinema owner, I can expell a weirdo who stands up in the middle of the film and reads from the communist manifesto. As a newspaper editor, I can decide which letter the paper publishes and which not. As an internet provider, I can decide if my mail servers filter spam or not.

And finally, the very method of spamming is illegal over here in Germany and I have successfully brought a spammer to court here (although with very little financial consequences for the spammer). It's good to see that US courts are seing the light, as well.

There's a rather interesting trend going on with the regulation of commercial speech in America. You can read about it here.

Just four years ago in an advertising class I took, the professor stood upon the mount and proclaimed that advertising isn't "protected free speech." Take that as you will.

Ahh, crap, I'm getting all varklempt. Talk amongst yourselves! Here, I'll give you a topic. With fax.com's assertion, the trend continues towards paid messages being allowed to be progressively more intrusive. Discuss!

We're all glad HP backed down, but what scares me is that the "Responsible Disclosure" FUD continues. On Bugtraq people write that CERT and SecurtyFocus are "established parties" and everyone who does not give them their so-called "0days" is irresponsible (at least CERT is known to sell 0days). I personally won't give them my 0days early.

The "Responsible Disclosure" draft continues to get advertised, though it was not approved by the IETF .

Why do people think about giving away the right of free speech just because of some FUD?

Even in the unlikely case if this bad RFC passes, does it mean that that people are safer when they disclose problems - I definitely don't think so personally.

So the facts are: some companies can't write secure code, and it is more expensive to write code securely.

Just check "Help -> About" on Windows before using the word "responsibility".

The easiest solution is to shoot the messenger and to outlaw saying the emperor has no clothes. But this won't fix the problem in the real world. Such regulations will only alienate a lot of people and will make things worse.

Does the FTC really have the authority to do this?

Yep, it's interstate commerce.

Are there First Amendment implications?

Yeah, but commercial speech has limited protectionunder the First Amendment.

Under which law would they sue?

Not sure, but it seems that it could fall under fraud, or unfair trade practices, or something. The FTC probably has leeway to invent its own rules, as well.

Third time's the charm, right?
While I have enjoyed this story every time that is was posted...

1 Another Go At Making Spam Cost Money by timothy with 81 comments on Tuesday April 09, @04:23PM
2 Class Action Lawsuit Against Spammer by CmdrTaco with 299 comments on Friday March 15, @04:24PM
3 MoFo Sues Spammer by timothy with 17 comments on Thursday March 14, @07:36PM

...there's a lot of other spam news out there that we could be reading. Check out http://spam.abuse.net for a variety of exciting, spam-related news and information, such as:

RULINGS IN INTEL V. HAMIDI BULK-EMAIL CASE (California Supreme Court agrees to hear Intel V. Hamidi).

Or you could read this story again...whatever... =)

I think they've done a pretty good job, actually. I particularly like the integrated encryption and spam-reporting tools. These are widely asked for by those in the business, and yet no mainstream e-mail client seems to provide them. I'm sure more people would use them if they were easily available, rather than something you have to fight for. For example, there is a helpful service for spam complaints, who amongst other things will forward the details to the relevant abuse address, but how many people know that, or where to find it?

That said, I'd settle for just having the colour-coded "new mail" icon with the ability to hover over it and see the sender/title. At the office, where we use Outlook/Exchange Server, one of our guys tried to write a tool that hooked into Outlook and did that a while back. Unfortunately, he found insurmountable problems with the way Outlook's automation and new mail reporting features work. Too bad, as the rest of us were looking forward to him finishing it! That alone, to me, would be a major improvement. Here's hoping some of the guys at MS read the article!

I just did at test over at abuse.net, and it seems like nigeriafraudwatch.org erm, relays mail (well, one of fifteen tests did, anyway...).

Note that this isn't necessarily so, as this was just the public statement by the server, and may be different to the internal rules..

There have been a number of times when I could have done with an open relay. Times when POP was ok on an account but SMTP had problems. I think having well publicised open relays is good for the community... if we can keep bulk emails off.

Hence restricting volume, as suggested above, is a good idea. If he isn't just too lazy to do POP before SMTP authenticate and it's a freedom of speech thing then he should hack the relay to allow 100 emails/day from one IP. That's an awful lot of speech to have free and should help those being held hostage by their email providers problems whilst stopping spam.

Phillip.

With mail servers, however, there isn't, at least yet, any widespread tool that will tell you if you have an open relay

• abuse.net 's web form
  
• mail-abuse.org has a description of a number of tools (the tried and true telnet relay-test.mail-abuse.org and a good FAQ
  
• linux-sec.net
  has a list and lots of info
  

I inherited an open relay when I came to work for a small company. I never got blacklisted, though once upon a time I got a warning message from ORBL that I was an open relay...I fixed that right away.

I suggest you read through the spamtools mailing list archive at abuse.net, or better yet join the mailing list. I'm sure that you will have more success getting de-blacklisted if you communicate with some of the blacklisters who are on that mailing list.

Realize that there is a huge variety of opinion regarding spam, SPAM, UCE, UBE, and so on. Some people like to /dev/null incoming hotmail.com and yahoo.com because they're fed up with the spam. There are people who will blacklist you if you don't have an abuse@yourdomain.com account set up. It is ultimately up to the mail admin at the receiving side, and you're gonna have to deal with that on a case by case basis.

But, if you've fixed your relay (and maybe your formmail.pl vulnerability too) then you shouldn't have too much of a problem convincing a *reasonable* person to take you off his list. (Unless you are actually a spammer...) Be warned that there are *UNreasonable* people as well, spam Nazis who'd make you wear a yellow "known spammer" armband if they could. Good luck deailng with them. Those guys are proof positive that noone owns the Internet, and you DAMN well better play by THEIR RULES if you want to use THEIR SERVERS!!

*cough* plagiarism *cough*

http://spam.abuse.net/spambad.html

1. Do not post your email on a website or in newsgroups.
   
   
2. Use a separate email address for subscribing to web sites. If that email gets spammed, change your email on web sites you want to continue to use, delete your second email and create a new one.
   
   
3. Use 2 emails, one for your job and one for your private use. That way, you won't get porn or stupid jokes at your job and your company won't monitor your private emails.
   
   
4. Never reply to a spam. If you have to unsubscribe, do it on the web.
   
   
5. If you want to put your email on the web or in newsgroups or on any system that can be digitally scanned for emails, disguise your email so that only a human can read it. Example myname@isp.com becomes myname(AT)isp(DOT)com.
   
   
6. Use a tool for filtering your incoming email.
   
   
7. Never forward an email chain letter. They are all scams. If you absolutely want to forward one, check the information before.
   
   
8. If you have subscribed to mailing-lists, check or ask if it is indexed on the web and if your email is diclosed there. Ask for removal or dedicate another email to that list that you will delete/change when it gets spammed.
   
   
9. If you have time, read the headers of spam emaiks and complain to the ISP that the spammer used.
   
   
10. There are many tools and advice on the web:
    abuse.net
    cauce
    

Excellent that finally people are doing something about spam... not like some that are just passing the buck.

Personally I am fed up with tolerance people have for spammers. It is a very negative facet of the computing industry and a lot of people are plain turned off of e-mail because of spammers. Economy-wise, there is a negative trend that will continue to appear if spammers, fakes, phoneys, aren't given the prod with a very hot iron.

Help Fight Spam

The Original Spam

My problem is you still lie.

I see you keep on using the words you know best.

Will it make you happier if I said that yes, you're right, they don't acually have that phrase in the text, and that yes, I arrived at my conclusion about the removal of robots.txt a little bit too soon (after reading the text once)?

Now, explain to me exactly why it's not spam if the commercial link is "not direct"? I think that the commercial link is as direct it can be without them actually saying "give us $$$". Try to explain it without calling me a lier if you please. It might help to know that the definition of spam contains the phrase

Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it.

Spamcop, at its core, is an automated spam processing system. It comes in a free and a pay flavor. Basically, you either cut and paste your spam into a form on their website, headers included, or you forward it as an attachment to your submission address. It slices and dices, looks for links, parses headers, records statistics, and sends notices to appropriate parties, be they ARIN contacts for IPs or abuse.net contacts for domains. There's all sorts of nifty stuff for making sure that your real email address doesn't end up in spammers' hands, instead creating a ReportID@spamcop.net address for each report (my most recent one is in the 4.75 million range). Still though, it's not perfect. Sometimes it's fooled by the mta chain, sometimes it does let an identifying bit of information slip through, and it DOES NOT parse reply-to addresses (grumble). Still though, it does do a pretty good job overall, and lets me send out reports about spam in a fraction of the time it would take to manually parse them.

For spamcop vs. @home, @home bounces anything with an @spamcop.net address, whether it's an automated report or whether it is someone using their @spamcop.net address (each paying member gets an email account that is spam-filtered, which can be used for everyday usage). Myself, I prefer Sneakemail for my mail management. Anyway, not only do they block spamcop reports, but they generally ignore even manual reports from non spamcop.net addresses. Just today, they started sending an auto-acknowledgement with a case ID of something like 1001 for every case (non-incrementing), indicating that they simply don't care anymore.

All in all, SpamCop, despite its problems, is an incredible service. It's open source too, with the code being available on SourceForge. You can use it for free, or pay $36/yr or $1/mb of mail for a lot of advanced features, such as the filtered email address, IMAP/POP3 access, black/whitelists, et al.

"Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it."

From the Net Abuse FAQ:

"The term "spam," as used on this newsgroup, means "the same article (or essentially the same article) posted an unacceptably high number of times to one or more newsgroups." CONTENT IS IRRELEVANT. 'Spam' doesn't mean "ads." It doesn't mean "abuse." It doesn't mean "posts whose content I object to."

One of the major cases on this issue is Valentine v. Chrestensen. There is a short version of the relevant points here, the full argument can be found by searching for "commercial speech" here.

Furthermore, the first amendment only applies to the government's actions to restrict speech. "Congress shall make no law..." It has nothing to do with what individual companies or persons do to restrict speech. If an ISP decides they're not going to deliver or relay spam because it costs them money and resources to do so, that is their business and not a violation of the first amendment.

---

There is a huge difference between checking whether a port is open and actively trying to exploit a security hole. You are trying to blur the distinction between the two.

#/bin/sh
for fqdn in $@
do
finger "${fqdn}@abuse.net"
done
# eof

Call the script with the domain(s) you want to contact and it will respond with the proper mail address, if known, of the abuse handler for that domain.

// Klaus
--

#/bin/sh
for fqdn in $@
do
finger "${fqdn}@abuse.net"
done
# eof

Call the script with the domain(s) you want to contact and it will respond with the proper mail address, if known, of the abuse handler for that domain.

// Klaus
--

x-empt wrote, "Take the lists of addresses and emails, pretend you are really spamming thousands, while in reality you only spam a couple of accounts (yours and your boss's)... fake the logs"

Oh, that's great! I love it! Except I'd add a few other accounts to the list. How about webmaster@fbi.gov, abuse@aol.com, the webmaster at spam.abuse.net, postmaster@cauce.org, and key individuals at other various law enforcement and anti-spam groups?

I think that might get a little bit of extra action ;)

"...get the ISP to terminate the account after a few days..."

That's even better. And I can't think of an admin that wouldn't do it. Happily.

True spam is indistinguishable from your best friend sending you a message (unsoliticated!) about a business opportunity.

Wrong. Spam is unsolicited bulk mail. The word "bulk" is key. Also, prior relationships (e.g., friendship, customer who asked to be contacted) are generally considered to excuse the first spam, as it could be seen as a natural mistake. For more information, see the various spam definitions out there. E.g., at abuse.net.