Slashdot Mirror

If the spammer was Rodona Garst or Laura Betterly, I foresee a problem. Besides, even when possible, they'd have to be Hell's own air fresheners.

You have to consider the trade-off of the inconvenience of your readers/customers with the amount of spam you get.

I have a few websites with my email address all over them, in mailto links. I "mask" the email very lightly, by escaping most of the characters, and it has worked beautifully.

Here is a webpage that will quickly convert your mailto link into a form that bots will miss.

Could a bot be written that would be able to harvest these email messages? YES. But would it be worth the spammer's time to code it? NO, so it probably won't happen.

Put yourself in the spammer's shoes (or slime-covered bedroom slippers). Why would you want to go to a lot of work to build a bot that will harvest the email addresses of the very people you don't want to get your spam, because they will report you to spamcop, harass your ISP, and even hack your computer and post some very unattractive pictures of you on the internet?

No, they want the chumps, and they want to find them without needing to check every webpage for dozens of patterns.

Check this out.

http://belps.freewebsites.com/TheStory.htm.

This is a good page. I especially learned a lot from reading the ICQ Chat Logs.

Sometimes I wonder if the companies who finally benefit from the spam even know just how scummy their sources are. If you read this chat log, you will see a guy, Jeff, is gathering leads for mortgage loans from a "very professional company".

In situations like this, I wonder how effective it would be to subvert the spam network by using decoy identities to make contact with these companies and hold them liable for their sources so that the people responsible for setting up the chain of communication to the spammers will be fired.

This is a good page. I especially learned a lot from reading the ICQ Chat Logs.

Sometimes I wonder if the companies who finally benefit from the spam even know just how scummy their sources are. If you read this chat log, you will see a guy, Jeff, is gathering leads for mortgage loans from a "very professional company".

In situations like this, I wonder how effective it would be to subvert the spam network by using decoy identities to make contact with these companies and hold them liable for their sources so that the people responsible for setting up the chain of communication to the spammers will be fired.

Unclear. People participate enthusiastically in pyramid schemes that will never make money, even if the participants don't realize it. I would guess that at least some spammers make money.

I suspect that it's pretty easy to make money spamming if you've got half a brain and some programming experience. You could write your own simple address-collection and spam-blasting programs in under a day, and then all you need is to find some customers -- and apparantly they're out there.

If you're clueless and you spend a few hundred on somebody's CD of email addresses, and a few more hundred on a CD of spam software and don't know anything more about your computer than how to click on things, then you're right -- you're just going to make other spammers rich and not yourself -- and it's obvious that spammers are perfectly happy to prey upon other would-be spammers.

There's definately a lot of `spam MLM' (MLM = Multi Level Marketing) going on -- but unlike your traditional MLM, there is money to be made outside of the MLM. Kind of like Amway -- yes, it's a MLM but they do sell a real product.

That would be the infamous Rodona Garst. More info
Here

And the topless photo (not for those of a nervous disposition):
Rodona Garst Breast Size

That would be the infamous Rodona Garst. More info
Here

And the topless photo (not for those of a nervous disposition):
Rodona Garst Breast Size

The interesting thing is that the spammers are now paying people to put out their spam. Now each outgoing spam costs something above the overhead costs.

Just ask Rodona Garst or her "customer" who paid for the pump and dump, Mark Rice for what their take on this scheme is. Details of their pump and dump can be found here.

And since everyone loves to see spammers get theirs, go visit Behind Enemy Lines. Be sure to visit the Lets Get Brutal section to see what spammers look like in various states of undress!

Just ask Rodona Garst or her "customer" who paid for the pump and dump, Mark Rice for what their take on this scheme is. Details of their pump and dump can be found here.

And since everyone loves to see spammers get theirs, go visit Behind Enemy Lines. Be sure to visit the Lets Get Brutal section to see what spammers look like in various states of undress!

Just ask Rodona Garst or her "customer" who paid for the pump and dump, Mark Rice for what their take on this scheme is. Details of their pump and dump can be found here.

And since everyone loves to see spammers get theirs, go visit Behind Enemy Lines. Be sure to visit the Lets Get Brutal section to see what spammers look like in various states of undress!

A spammer forges the wrong domain into a batch of spam, and the victim strikes back.

Here's a brief explanation of the Snellen chart typically used to test distance vision. Indeed, the critical features of each letter, etc. subtend one minute of visual angle; a whole letter subtends five minutes of visual angle.

What do you think Spammers use? Dial-up modems? Maybe this will put a few spammers out of business

First, as it has been stated, it does not take much bandwidth to spam. The Behind Enemy Lines site shows one apparently successful spam outfit using stolen AOL accounts.

Secondly, ISPs are already aware of this issue. I believe they filter outbound port 25 traffic to eliminate this abuse. One then configures one's email server to use the ISP's server as a smart host - esentially bouncing outbound email through the provided email gateway. This way, email abuse is quickly noted (and recorded, if not controlled) by the ISP. Inbound traffic to your personal email server should be unaffected.

Voila. Personal server. No spam.

I think it was Alan Ralsky who bragged about that figure per spam run. I remember reading an interview with one of the more persistent spammers who reported a 1-to-100,000 sell rate, but at 10,000,000 spams that's still a hundred sells.

If you google around, you'll find some web sites where anti-spammers (called "anti"s in spammer jargon) post their insight into the spammers world and psyches. One of the best is the venerable Behind Enemy Lines -- Premier Services Exposed" website.

Lots of info on how they communicate, harvest AOL accounts (that's now dated info, they have devised other techniques for their spam runs), and share the loot. A Must Read!

For documentation on organized spamming, there are two repositories with the dull date: SPEWS and spamhaus.

Spam is reaching the epidemic proportion that I now with increasing frequency receive the same spam on the same address several times, spaced a week apart...

The link's just hosed. Try this:

http://belps.freewebsites.com/Stock-Scammers/Pump- N-Dump.htm

-Dan

"There's a sucker born every minute."

A great expose of how spammers operate comes from one of the mirrored sites Behind Enemy Lines. It shows that if SPAM itself isn't always profitable, selling the service of spamming certainly is. And to make this profit, spammers will resort to illegal activities.

Of course, when you consider the morals this group has already demonstrated, it should come to no suprise that their most agressive campaign was a stock pump-n-dump scam.

Does SPAM pay? Apparently. But so do a lot of other crimes.

"There's a sucker born every minute."

A great expose of how spammers operate comes from one of the mirrored sites Behind Enemy Lines. It shows that if SPAM itself isn't always profitable, selling the service of spamming certainly is. And to make this profit, spammers will resort to illegal activities.

Of course, when you consider the morals this group has already demonstrated, it should come to no suprise that their most agressive campaign was a stock pump-n-dump scam.

Does SPAM pay? Apparently. But so do a lot of other crimes.

"There's a sucker born every minute."

A great expose of how spammers operate comes from one of the mirrored sites Behind Enemy Lines. It shows that if SPAM itself isn't always profitable, selling the service of spamming certainly is. And to make this profit, spammers will resort to illegal activities.

Of course, when you consider the morals this group has already demonstrated, it should come to no suprise that their most agressive campaign was a stock pump-n-dump scam.

Does SPAM pay? Apparently. But so do a lot of other crimes.

This anti-spam feeling that's been generally favored on the net since CyberPromotions first attempted to "legitimize" the spam industry is the same attitude that makes it hard for later attempts to flourish. Once a "spamhaus" is identified, it begins to find itself slowly cut off from the rest of the Internet.

Indeed they will. But my position is that this cut off should be "grassroots" in nature, that is, by the end recipients via the servers that host them (be that an office mail server or an ISP).

Spammers will attempt to use other methods. These outfits seem to be just as organized as a "spamhaus" who pays for and uses its own resources. I would suspect the information displayed on the Behind Enemy Lines site is fairly representative of the players in the spam game.

This also shows the futility of having ISPs cancel spammer's accounts. There's more where that one came from, and even more from other places.

In short, it doesn't really matter who is spamming and how they're getting it out. The fact is, they ARE getting it out. And they will continue to find additional ways to spam unless they loose the incentive to do it. And that incentive isn't just pure joy. They're after money.

In short, spamming will continue forever. Only a locked down internet will prevent it. We're not giving up all of our freedoms (well, some for now) just because a band of digusting people taking Allah's name in vain try to hurt innocent people. These are people (back to spammers) already practiced in the art of evading and moving on to send bulk mail. They'll just do the same for the web sites.

I'm not saying don't go after the (apparent) source at all. Certainly, this needs to be done. But we can't expect this to continue to be effective. Because spammers are trying harder and harder to mask themselves, or otherwise use hit-and-run tactics, we're not always going find the source in a spam's headers.

We're probably using different terms here. By source I mean where the spam comes from as it is reaching my server. That would be the open relay (it will get blocked), or the spamhaus network (it will get blocked).

I should have used more detail on this point. "Spam tools" raises some interesting issues. First, my actual meaning wasn't just spam mailer applications (although they did come to mind). My main thought was towards services such as dynamic DNS and web hosting set up with the intent to provide resources for spammers.

And how would you craft this so it does not end up hurting other dynamic DNS users? Would you just be focusing only on service providers who specifically do this only for spammers?

Mass mailer tools are a different matter. Some of these are being sold as spam tools. These are the most damaging. Not because of the spam being sent with them - after all, there are a lot of tools that can be used to spam. But because the sites selling these tools are often full of misleading statements that attempt to add an air of legitimacy to the practice. This only encourages the uninitiated to invest in this "business", convincing them that they're just a step away from easy financial freedom. But because of the issues with censorship, etc I worry that blocking a site that advertising the "Spaminator 2000" software suite does more damage than good (unless that site has been advertised via a spam campaign).

Tools like "1st Class Mail" as shown in Behind Enemy Lines are certainly valid targets. The misleading messages on the sites offering those does perhaps needs to be the focus. Is there fraud? Probably. Go after that.

If I understand your point correctly, you're stating that while a smaller selection of admins and anti-spammers take action, spammers believe they're simply being targeted by a vocal minority. In fact, we need a larger percentage of end users to take action and prove that spammers are not welcomed and their messages are not wanted. That would curb the desire to spam. Until that time, spammers will simply circumvent the latest attempts to stop them.

Not exactly. It is not focused on convincing spammers, per se. It is focused on convincing those who have an effect on anti-spamming operations. It should encourage more ISPs to use anti-spam tools. And I'd like to see legislation that provides for civil liability protection for those who choose to use anti-spamming tools (but I oppose legislation against spamming for the most part)

I agree that spammers will continue to find new avenues and methods to practice their trade. And in a previous post I mused over what kind of statistics would be generated if all ISPs offered their customers a choice between filtered and non-filtered email service.

And I am currently studying how I might make a mail server that offers the ability to let the customer specify exactly the categories of blocking they want to use. These would include:

• Businesses using only opt-out techniques to gather addresses at the time the address is gathered
• Businesses using only opt-out techniques but no opt-out option at the time the address is gathered
• Businesses using opt-in without confirming the address at the time it is gathered
• Businesses using opt-in without cleaning their list of rejected addresses
• Businesses not offering any obvious way to opt-out
• Businesses running a clean, verified and confirmed, opt-in only address gathering
• Open relays known to actually have relayed spam (excluding known multi-hop output)
• Other untested mail servers on the same network as Open relays
• The whole known network where an open relay is present
• The whole ISP hosting or connecting a known open relay
• Connection from any mail server without reverse DNS
• Connection from any mail server with reverse DNS for an invalid name
• Connection from any mail server with reverse DNS that does not forward resolve back correctly
• Multi-hop output servers
• Entire network/ISP of mult-hop output servers
• All mail servers at ISP known to host web servers offering spamming tools or services
• All mail servers at ISP known to host web servers of spamvertized sites (excluding cases known to be not sanction)
• All mail servers known to be running SMTP protocol (this to catch the sleepy)
• Businesses conducting mail surveys of consumers
• Businesses conducting mail surveys of businesses

However, I disagree that spammers would discontinue their ways if presented with this evidence. If you look at the portraits of Rodona Garst in the Behind Enemy Lines [freewebsites.com] site, you'll notice a slew of those inspirational posters. Spammers are success-oriented. They have convinced themselves that spamming will in itself, or in part, provide them with that success. In some cases, spammers even go to great length to defend their activities as acceptable, even welcomed. This is despite the ample evidence to the contrary in the form of ISP AUP's, spam-free service commercials, legislative activity, anti-spam activities and tools, and a wealth of internet history that dates back to 1994's first usenet spamming by lawyers Laurence Canter and Martha Siegel.

Spammers won't discontinue regardless. I'm not proposing that it be done to cause them to want to discontinue. Some will stop, but many will keep on going. I think my method is correct for obtaining the end result of a large scale acceptance of the anti-spam measures, and to convince those who neither spam, nor worry about fighting spamming, to at least accept the notion that measures against spam are good things and won't harm other aspects of business. Rodona Garst is not going to stop just because her web sites get cut off, or no one wants her garbage, or her bare breasts get shown online.

This anti-spam feeling that's been generally favored on the net since CyberPromotions first attempted to "legitimize" the spam industry is the same attitude that makes it hard for later attempts to flourish. Once a "spamhaus" is identified, it begins to find itself slowly cut off from the rest of the Internet.

Indeed they will. But my position is that this cut off should be "grassroots" in nature, that is, by the end recipients via the servers that host them (be that an office mail server or an ISP).

Spammers will attempt to use other methods. These outfits seem to be just as organized as a "spamhaus" who pays for and uses its own resources. I would suspect the information displayed on the Behind Enemy Lines site is fairly representative of the players in the spam game.

This also shows the futility of having ISPs cancel spammer's accounts. There's more where that one came from, and even more from other places.

In short, it doesn't really matter who is spamming and how they're getting it out. The fact is, they ARE getting it out. And they will continue to find additional ways to spam unless they loose the incentive to do it. And that incentive isn't just pure joy. They're after money.

In short, spamming will continue forever. Only a locked down internet will prevent it. We're not giving up all of our freedoms (well, some for now) just because a band of digusting people taking Allah's name in vain try to hurt innocent people. These are people (back to spammers) already practiced in the art of evading and moving on to send bulk mail. They'll just do the same for the web sites.

I'm not saying don't go after the (apparent) source at all. Certainly, this needs to be done. But we can't expect this to continue to be effective. Because spammers are trying harder and harder to mask themselves, or otherwise use hit-and-run tactics, we're not always going find the source in a spam's headers.

We're probably using different terms here. By source I mean where the spam comes from as it is reaching my server. That would be the open relay (it will get blocked), or the spamhaus network (it will get blocked).

I should have used more detail on this point. "Spam tools" raises some interesting issues. First, my actual meaning wasn't just spam mailer applications (although they did come to mind). My main thought was towards services such as dynamic DNS and web hosting set up with the intent to provide resources for spammers.

And how would you craft this so it does not end up hurting other dynamic DNS users? Would you just be focusing only on service providers who specifically do this only for spammers?

Mass mailer tools are a different matter. Some of these are being sold as spam tools. These are the most damaging. Not because of the spam being sent with them - after all, there are a lot of tools that can be used to spam. But because the sites selling these tools are often full of misleading statements that attempt to add an air of legitimacy to the practice. This only encourages the uninitiated to invest in this "business", convincing them that they're just a step away from easy financial freedom. But because of the issues with censorship, etc I worry that blocking a site that advertising the "Spaminator 2000" software suite does more damage than good (unless that site has been advertised via a spam campaign).

Tools like "1st Class Mail" as shown in Behind Enemy Lines are certainly valid targets. The misleading messages on the sites offering those does perhaps needs to be the focus. Is there fraud? Probably. Go after that.

If I understand your point correctly, you're stating that while a smaller selection of admins and anti-spammers take action, spammers believe they're simply being targeted by a vocal minority. In fact, we need a larger percentage of end users to take action and prove that spammers are not welcomed and their messages are not wanted. That would curb the desire to spam. Until that time, spammers will simply circumvent the latest attempts to stop them.

Not exactly. It is not focused on convincing spammers, per se. It is focused on convincing those who have an effect on anti-spamming operations. It should encourage more ISPs to use anti-spam tools. And I'd like to see legislation that provides for civil liability protection for those who choose to use anti-spamming tools (but I oppose legislation against spamming for the most part)

I agree that spammers will continue to find new avenues and methods to practice their trade. And in a previous post I mused over what kind of statistics would be generated if all ISPs offered their customers a choice between filtered and non-filtered email service.

And I am currently studying how I might make a mail server that offers the ability to let the customer specify exactly the categories of blocking they want to use. These would include:

• Businesses using only opt-out techniques to gather addresses at the time the address is gathered
• Businesses using only opt-out techniques but no opt-out option at the time the address is gathered
• Businesses using opt-in without confirming the address at the time it is gathered
• Businesses using opt-in without cleaning their list of rejected addresses
• Businesses not offering any obvious way to opt-out
• Businesses running a clean, verified and confirmed, opt-in only address gathering
• Open relays known to actually have relayed spam (excluding known multi-hop output)
• Other untested mail servers on the same network as Open relays
• The whole known network where an open relay is present
• The whole ISP hosting or connecting a known open relay
• Connection from any mail server without reverse DNS
• Connection from any mail server with reverse DNS for an invalid name
• Connection from any mail server with reverse DNS that does not forward resolve back correctly
• Multi-hop output servers
• Entire network/ISP of mult-hop output servers
• All mail servers at ISP known to host web servers offering spamming tools or services
• All mail servers at ISP known to host web servers of spamvertized sites (excluding cases known to be not sanction)
• All mail servers known to be running SMTP protocol (this to catch the sleepy)
• Businesses conducting mail surveys of consumers
• Businesses conducting mail surveys of businesses

However, I disagree that spammers would discontinue their ways if presented with this evidence. If you look at the portraits of Rodona Garst in the Behind Enemy Lines [freewebsites.com] site, you'll notice a slew of those inspirational posters. Spammers are success-oriented. They have convinced themselves that spamming will in itself, or in part, provide them with that success. In some cases, spammers even go to great length to defend their activities as acceptable, even welcomed. This is despite the ample evidence to the contrary in the form of ISP AUP's, spam-free service commercials, legislative activity, anti-spam activities and tools, and a wealth of internet history that dates back to 1994's first usenet spamming by lawyers Laurence Canter and Martha Siegel.

Spammers won't discontinue regardless. I'm not proposing that it be done to cause them to want to discontinue. Some will stop, but many will keep on going. I think my method is correct for obtaining the end result of a large scale acceptance of the anti-spam measures, and to convince those who neither spam, nor worry about fighting spamming, to at least accept the notion that measures against spam are good things and won't harm other aspects of business. Rodona Garst is not going to stop just because her web sites get cut off, or no one wants her garbage, or her bare breasts get shown online.

I am addressing the "spamhaus" type operation where a spammer sets up servers of their own. These vary from sending equally disgusting scams, to simply being sources of marketing mailings from people who didn't actually opt-in.

This anti-spam feeling that's been generally favored on the net since CyberPromotions first attempted to "legitimize" the spam industry is the same attitude that makes it hard for later attempts to flourish. Once a "spamhaus" is identified, it begins to find itself slowly cut off from the rest of the Internet.

Spammers will attempt to use other methods. These outfits seem to be just as organized as a "spamhaus" who pays for and uses its own resources. I would suspect the information displayed on the Behind Enemy Lines site is fairly representative of the players in the spam game.

In short, it doesn't really matter who is spamming and how they're getting it out. The fact is, they ARE getting it out. And they will continue to find additional ways to spam unless they loose the incentive to do it. And that incentive isn't just pure joy. They're after money.

Why can't you go after the source of the spam? Do you have an example case?

How do you block spamming tools? Many of those tools are also useful for legitimate (confirmed opt-in) mass mailings and even mailing lists that many open source developers use.

Mass mailer tools are a different matter. Some of these are being sold as spam tools. These are the most damaging. Not because of the spam being sent with them - after all, there are a lot of tools that can be used to spam. But because the sites selling these tools are often full of misleading statements that attempt to add an air of legitimacy to the practice. This only encourages the uninitiated to invest in this "business", convincing them that they're just a step away from easy financial freedom. But because of the issues with censorship, etc I worry that blocking a site that advertising the "Spaminator 2000" software suite does more damage than good (unless that site has been advertised via a spam campaign).

The perception that comes across when this is done is that a few people are trying to block the spam from the masses. They still believe they are providing "valuable product/market/service information" to the masses, and will just seek some way to avoid the "problem" of MAPS.

If I understand your point correctly, you're stating that while a smaller selection of admins and anti-spammers take action, spammers believe they're simply being targeted by a vocal minority. In fact, we need a larger percentage of end users to take action and prove that spammers are not welcomed and their messages are not wanted. That would curb the desire to spam. Until that time, spammers will simply circumvent the latest attempts to stop them.

I agree that spammers will continue to find new avenues and methods to practice their trade. And in a previous post I mused over what kind of statistics would be generated if all ISPs offered their customers a choice between filtered and non-filtered email service.

However, I disagree that spammers would discontinue their ways if presented with this evidence. If you look at the portraits of Rodona Garst in the Behind Enemy Lines site, you'll notice a slew of those inspirational posters. Spammers are success-oriented. They have convinced themselves that spamming will in itself, or in part, provide them with that success. In some cases, spammers even go to great length to defend their activities as acceptable, even welcomed. This is despite the ample evidence to the contrary in the form of ISP AUP's, spam-free service commercials, legislative activity, anti-spam activities and tools, and a wealth of internet history that dates back to 1994's first usenet spamming by lawyers Laurence Canter and Martha Siegel.

Spammers have either convince themselves that their actions are accptable, or they simply do not care. I suspect the later.

In any case, spamming is business. Whether spamming works or not, its attraction is its perceived cost vs return. Until spamming becomes cost prohibitive (running out of money was mentioned and I agree there) people will continue to spam.

I am addressing the "spamhaus" type operation where a spammer sets up servers of their own. These vary from sending equally disgusting scams, to simply being sources of marketing mailings from people who didn't actually opt-in.

This anti-spam feeling that's been generally favored on the net since CyberPromotions first attempted to "legitimize" the spam industry is the same attitude that makes it hard for later attempts to flourish. Once a "spamhaus" is identified, it begins to find itself slowly cut off from the rest of the Internet.

Spammers will attempt to use other methods. These outfits seem to be just as organized as a "spamhaus" who pays for and uses its own resources. I would suspect the information displayed on the Behind Enemy Lines site is fairly representative of the players in the spam game.

In short, it doesn't really matter who is spamming and how they're getting it out. The fact is, they ARE getting it out. And they will continue to find additional ways to spam unless they loose the incentive to do it. And that incentive isn't just pure joy. They're after money.

Why can't you go after the source of the spam? Do you have an example case?

How do you block spamming tools? Many of those tools are also useful for legitimate (confirmed opt-in) mass mailings and even mailing lists that many open source developers use.

Mass mailer tools are a different matter. Some of these are being sold as spam tools. These are the most damaging. Not because of the spam being sent with them - after all, there are a lot of tools that can be used to spam. But because the sites selling these tools are often full of misleading statements that attempt to add an air of legitimacy to the practice. This only encourages the uninitiated to invest in this "business", convincing them that they're just a step away from easy financial freedom. But because of the issues with censorship, etc I worry that blocking a site that advertising the "Spaminator 2000" software suite does more damage than good (unless that site has been advertised via a spam campaign).

The perception that comes across when this is done is that a few people are trying to block the spam from the masses. They still believe they are providing "valuable product/market/service information" to the masses, and will just seek some way to avoid the "problem" of MAPS.

If I understand your point correctly, you're stating that while a smaller selection of admins and anti-spammers take action, spammers believe they're simply being targeted by a vocal minority. In fact, we need a larger percentage of end users to take action and prove that spammers are not welcomed and their messages are not wanted. That would curb the desire to spam. Until that time, spammers will simply circumvent the latest attempts to stop them.

I agree that spammers will continue to find new avenues and methods to practice their trade. And in a previous post I mused over what kind of statistics would be generated if all ISPs offered their customers a choice between filtered and non-filtered email service.

However, I disagree that spammers would discontinue their ways if presented with this evidence. If you look at the portraits of Rodona Garst in the Behind Enemy Lines site, you'll notice a slew of those inspirational posters. Spammers are success-oriented. They have convinced themselves that spamming will in itself, or in part, provide them with that success. In some cases, spammers even go to great length to defend their activities as acceptable, even welcomed. This is despite the ample evidence to the contrary in the form of ISP AUP's, spam-free service commercials, legislative activity, anti-spam activities and tools, and a wealth of internet history that dates back to 1994's first usenet spamming by lawyers Laurence Canter and Martha Siegel.

Spammers have either convince themselves that their actions are accptable, or they simply do not care. I suspect the later.

In any case, spamming is business. Whether spamming works or not, its attraction is its perceived cost vs return. Until spamming becomes cost prohibitive (running out of money was mentioned and I agree there) people will continue to spam.

Spamming is not an accepted activity and thus, spammers must resort to great measures to continue their trade. Lucky for them, one doesn't have to maintain a presence to spam. Its a very hit-and-run activity. Spammers therefore use a variety of resources - incorrectly configured mail relays, throw-away accounts, and stolen accounts.

You are referring to a different category of spamming, the kind we see pyramid schemes and ponzi schemes and other get rich schemes from the low life. It is a very important category to deal with, but it's not the matter I was addressing. I am addressing the "spamhaus" type operation where a spammer sets up servers of their own. These vary from sending equally disgusting scams, to simply being sources of marketing mailings from people who didn't actually opt-in.

Blocking email servers helps limit the damage from questionable business contracts and misconfigured relays. It might even put pressure on those who provide easy access to throw-away accounts... though usually the damage is already done. It does very little to prevent the damage done with stolen accounts using otherwise valid resources.

Yes, these servers need to be blocked to prevent getting the garbage. Open relays should be blocked, and stay blocked until they are closed, and perhaps confirmed closed. If the network the open relay exists on hosts other mail servers, they may also be misconfigured, and potentially subject to being blocked ... certainly so if spam comes from them as well.

Another mode of spam is getting more popular and that is direct broadband spam. Spam from direct dialups did happen, but the bandwidth limited its effect. These need to be blocked. Many dialups have been listed in blacklists, and broadband dynamic pools are also getting listed. Open relays also exist within these.

So if you can't go after the source of the spam, the only thing left to target is the spam's goal. The item being advertised (and likely the real source of the spam since most activities are being conducted by, or for-hire by, those being advertised). If that involves a web site (or another spammer resource), you point that site out and allow the community that uses the MAPS service to block it - essentially shunning it from the shared network. And by doing so, attempt to remove (or at least limit) the incentive to spam (and in some cases, some of the tools that help spammers).

Why can't you go after the source of the spam? Do you have an example case?

This does not remove the incentive to spam. The perception that comes across when this is done is that a few people are trying to block the spam from the masses. They still believe they are providing "valuable product/market/service information" to the masses, and will just seek some way to avoid the "problem" of MAPS. They change addresses, change ISPs, invoke legal maneuvers. Few cease spamming and those that do only do so because funds run out. None have a change of heart. If they are spending money to set up spam operations, they are not some "innocent" individual who didn't realize what he was really doing.

How do you block spamming tools? Many of those tools are also useful for legitimate (confirmed opt-in) mass mailings and even mailing lists that many open source developers use.

So that might explain the reason that anti-spam efforts would extend beyond email servers. But this activity also brings forward a whole slew of other questions; power-plays, censorship, etc.

That is indeed a problem. And I also believe the current anti-spam methods mask and obscure the reality that the vast majority of people truly do not want spam. By having a few self-appointed anti-spam-masters doing this, the real election of not wanting spam by everyone else is not really seen. By going beyond simply providing tools and information to help people block just spam, they are not only alienating some people like me (I no longer want to use MAPS, but that does not mean I was to start accepting spam), but also confusing the whole big picture.

Why is MAPS blocking web sites? I want SPAM to be blocked, not web sites. I don't get SPAM from web sites, I get SPAM from mail servers.

Spamming is not an accepted activity and thus, spammers must resort to great measures to continue their trade. Lucky for them, one doesn't have to maintain a presence to spam. Its a very hit-and-run activity. Spammers therefore use a variety of resources - incorrectly configured mail relays, throw-away accounts, and stolen accounts.

Blocking email servers helps limit the damage from questionable business contracts and misconfigured relays. It might even put pressure on those who provide easy access to throw-away accounts... though usually the damage is already done. It does very little to prevent the damage done with stolen accounts using otherwise valid resources.

So if you can't go after the source of the spam, the only thing left to target is the spam's goal. The item being advertised (and likely the real source of the spam since most activities are being conducted by, or for-hire by, those being advertised). If that involves a web site (or another spammer resource), you point that site out and allow the community that uses the MAPS service to block it - essentially shunning it from the shared network. And by doing so, attempt to remove (or at least limit) the incentive to spam (and in some cases, some of the tools that help spammers).

So that might explain the reason that anti-spam efforts would extend beyond email servers. But this activity also brings forward a whole slew of other questions; power-plays, censorship, etc.

Common sense... buy a cheap 2nd hand clunker for connecting to the net. When you've downloaded email or whatever, unplug from the net, and plug into your *MAIN* home PC. The main PC downloads from your clunker. Then wipe the download area of the clunker; disconnect it from your main computer and connect it back to the net. If you don't, well you risk what happened here including especially juicy stuff here (warning; some nudity).

Common sense... buy a cheap 2nd hand clunker for connecting to the net. When you've downloaded email or whatever, unplug from the net, and plug into your *MAIN* home PC. The main PC downloads from your clunker. Then wipe the download area of the clunker; disconnect it from your main computer and connect it back to the net. If you don't, well you risk what happened here including especially juicy stuff here (warning; some nudity).

Don't bet on it.
I receive plenty of .us only SPAM (e.g. with text "For US residents only" i the mail), to addresses ending i .dk. Spammers will send anything to anyone.
For a look at the mind of a spammer, take a look at Behind Enemy Lines

I think you want Behind Enemy Lines.

http://belps.freewebsites.com/index.htm

Disclaimer:I have no idea if any of this is true or not. Just an interesting read for those interested in spam and anti-spam.

-Coach-

You mean the story about this guy?
Personally, I think it was hilarious! Im not sure what ended up happening either. It was just a funny "take back the net" story.

It's easy to get into the "gim'me gim'me gim'me" mode of thinking when surfing the web. After all, "information wants to be free", right? The sad truth is that is costs real money to host a web site. Sure, there are some crappy free hosting services, but their performance is dismal AND your page gets served with their adverts. User account website at ISP (www.some-isp.com/~username) come at no extra charge but only for a few megs of data and rather limited transfer each month.

Web unfriendly software raises the cost of hosting a web site. Low cost hosting usually seems to be billed on the number of bytes transfered, and software like what you're proposing will needlessly increase the site owner's costs. High end hosting tends to be billed on bandwidth (not total transfer), so this software doesn't hit the site's owner directly in the wallet, instead it just makes the site less responsive for other users.

This idea is even worse than archivers, as most of the bytes will sit in a cache and get expired, instead of in a archive directory where they _might_ someday be seen or used. In the case of an archiver, the user went out of their way to obtain a complete local copy of the web site, presumably because they are interested in the material and might actually read it off-line. With a predicitive caching proxy, there's no indication from the user that they will ever make any use of the material dwonloaded. The vast majority will sit in the cache, which will in all likelyhood rapidly need to remove least recently obtained pages. In normal caching terminology, one would say "least recently used", but in this caching scheme, the vast majority of pages in the cache will never have been viewed. Utter waste.

This sort of net-unfriendly behavior is analogous to pollution. Even if just one person pollutes the environment, there is some small harm to a small number of people, perhaps significant harm to a couple if the pollution is severe. If a large company pollutes recklessly, perhaps a community or two is badly effected. If pollution becomes widespread, it's a global problem and almost everyone is harmed.

Likewise, if you hack together a predicitive look-ahead caching proxy and use it amongst yourself and your friends, you're impacting the net similarily as if you'd take your use motor oil and other waste and dump it directly in a local stream. If a large company or two replaces their bandwidth conserving squid proxy with your bandwidth abusing look-ahead caching, a lot of sites will suffer increased costs. If its use becomes widespread, it would significantly increase overall bandwidth usage on the net, in all likelyhood raising costs enough to be passed all the way back down to end users, and it's raise the cost of hosting web sites, which would need to be made up somehow. Perhaps large website could absorb the cost of more bandwidth? Smaller sites, like mine, would be in a world of hurt. For quite some time, I paid out-of-pocket a couple hundred dollars a month to keep the site up. Now, we're making some small sales from the site... getting close to covering the costs.

Well, that's been a long rant. I hope you'll take a moment to consider that web site operators pay real dollars to make their sites available to you, and keep that in mind when you consider designing networking software.

Damn, I can't find my bookmark. I do know the pages containing the juciest bits of the pilfered documents are mirrored in lots of places.
are the pages at: Behind Enemy Lines - Premier Services Exposed the ones that you speak of?

But as the AC pointed out:
the ability to get a screen capture via a sudden-notice attack on a Windows box (Win9x? WinNT?) seems very unlikely. There's reason to be skeptical.

You can certainly read through the comments from the time is was discussed here on slashdot, but I'll boil it down a bit. There seems to be three schools of though (more or less).

• It's gotta be a fake, windoze doesn't have remote login and nobody could have done that hacking. (as our AC above pointed out)
• It's real... it'd be very hard and a lot of work to fake so much data. The spammers were running windows file sharing wide-open, and they used PC Anywhere, so their systems were very easy to attack (many people provided details of how to do it). The (very long) ICQ chat logs show them asking script kiddies for help setting up their networking, and there's conversations about how they liked PC Anywhere so they could lay in bed while "working".
• The data is real, but the "hacker" is someone who had physical access and stole the disks or otherwise made a copy with physical access.

Maybe it's all a hoax, but as many folks posted, the remote windows screen capture is apparantly a simple trick if the target has unsecure windows file sharing. The Back Orifice tool is certainly not a hoax.

So if it really was a hoax, I'd like to see some real evidence that it's a hoax... remembering that remote windoze screen capture being a relatively easy thing if file sharing is unsecure, and not even all that hard if you can trick the user into running some code in one of many ways pointed out in the June 7th discussion. A thing like this is much easier to prove to be a hoax than to confirm.

It may indeed be a hoax, so AC, if you're reading this, take a moment to post anything you can find to discredit the story, other than you don't believe the hack was possible because it's beyond your knowledge/paradigm. The hack is easy and many people have explained how to do it.

Nowadays, there are an awful lot of people who are working to fight spam, which makes is quite a bit harder for a spammer. With cool services like Spam Cop (you copy-n-paste the spam w/ headers, and they track the spammer and stop that account, often within minutes), anyone can easily contribute to getting whatever account a spammer is abusing shut down as rapidly as possible.

It works. I've tried spamcop several times, and every time the result was that someone had already beat me to it and the ISP had already shut down the account that was being abused. The spammer wasn't caught, but they were delayed and their job was made harder.

This forces spammers to work harder, so the cost of sending a message is not zero. An an example, take a look at the material a hacker stole from spammer Premier Marketing, Inc. It's clear that they had to use multiple people and a never-ending supply of stolen dialup accounts. They went to a lot of trouble to compile a giant list of know anti-spam activists who used services like Spam Cop (or read the headers themselves and called ISPs), so that their stolen dialups would hold out a little longer.

It's easy to just throw your hands up in the air and accept spam as a fact of life. It's easy to feel like spammers are unstoppable. The truth is that these anti-spam countermeasures do make things harder for spammers. They increase the cost, from virtually nothing, to something. Admittedly, not much, but it doesn't take much to make some of the really lame-ass scams these folks spew unprofitable.

There's also hope for the world in the kick-ass efforts of Paul F. Pete Wellborn III, the lawyer who's taken down a couple big-time spammers, most recently that annoying printer supplies guy!

So don't give up. Even if you just press delete without a second though, don't discourage others. There is hope. A lot of people are working against spam, and as more things like this come on-line, the cost and risk of sending spam will continue to slowly rise. A very Good Thing!

I found this site a while back and found it very interesting. Check out Behind Enemy Lines.

Now go to http:// www.bigcharts.com/intchart/frames/frames.asp?symb= MSOF&time=8&freq=1 and check out what MSOF did around that time. On November 30, it opens at 1/16th. Closes at 1/8th. Dec 1, closes at 3/16. Dec 2, 3/8. Dec 3, 7/16. So in three days of trading, anyone with MSOF has septupled the value of their holdings.

It gets better. People take profits over the next few sessions and the stock troughs a bit. But in the second half of the week it starts really charging. It closes the next Monday, Dec 13, at well over a point. And if you bought in at 1/16ths and sold with perfect timing when MSOF peaked at 1 1/4, you would have turned a $1000 investment into $20k in under two weeks.

Read a little further into the ICQ logs such as this one and you will find bank account numbers and social security numbers.

If this is all made up, the guy sure is taking a risk by publishing (what appears to be) real information.

Damn all that spam, I hope it becomes unprofitable someday, although I don't see how that would happen. I logged into my unused HotMail account the other day and had over 110 e-mails in three weeks, all of it spam.

*sigh*

anyway, here's a bit of extra fact:

"Pump & Dump" Claim
Mark Rice Insider Info

So he does exist, and he did want to trade 50,000 shares. Of course the problem with good lies is they are often half-true.

This is so fake. He got pictures of her TITS?!?!? I don't believe this for a second.

I think I'm going to puke now.

It seems to me that he would have to use something like BO (Which she would have to install) in order to get it.

It seems to me that he would have to use something like BO (Which she would have to install) in order to get it.

This is amazing. I'm opposed to capital punishment on general principle, but in this case I'd make an exception!

What this guy is doing is probably "wrong" but I applaud him on all accounts. I really detest spammers

This is excellent. Incidentally, there is a legal doctrine called the "doctrine of necessity" which allows what would ordinarily be considered crimes to be committed if a) the amount of damage caused is less than that caused by the original crime and b) there is no other reasonable legal alternative.

A bank which, rather than alerting the police and causing their shareholder value to drop precipitously, instead hired hackers to hack back when they were being invaded, would be merely honoring their fiduciary responsibility to shareholders.

"Hack back" defenses have not yet been legally tested, that I know of. Further the risk is minimal. I myself have used DOS attacks (deliberately limited to avoid damaging the guy's ISP) against spammers, to limit the damage they cause while attempting through other means to get them axed. I find it highly unlikely that someone is going to complain to the police about something someone did to them while they were themselves committing a crime.

"Uh, officer, well, I was stealing this car when this guy came up behind me and. . ."

The 'innocent' spammers in question have already starting taking down mirrors of the site [cluelessfucks.com]. I suggest you get in quick!