Domain: spamcop.com
Stories and comments across the archive that link to spamcop.com.
Comments · 12
-
What Google requires for this:
1. Your full name and contact information, including a verifiable email address.
2. The Gmail address of the individual who passed away.
3a. The full header from an email message that you have received at your verifiable email address, from the Gmail account in question. (To obtain the header from a message in Gmail, open the message, click 'More options,' then click 'Show original.' Copy everything from 'Delivered- To:' through the 'References:' line. To obtain headers from other webmail or email providers, please refer to http://www.spamcop.com/help_with_headers/)
3b. The entire contents of the message.
4. A copy of the death certificate of the deceased.
5. A copy of the document that gives you Power of Attorney over the Gmail account.
6. If you are the parent of the individual, please send us a copy of the Birth Certificate if the Gmail account owner was under the age of 18. In this case, Power of Attorney is not required. -
Re:Challenge Response Spam
It goes like this. Joe Spammer decides to use several_thousand_names@mydomainname.com as his assumed identity. A do-gooder site gets reports of that mydomainname.com is "sending" this spam to, oh, say a zillion people. They promptly "blacklist" my domain -- from whence, I hasten to point out, no spam has ever been, or will ever be, sent. However, my domain is a valid domain that I depend upon to make my living. Various ISP's, through a compounding of stupidity (but still with the intent to "do good"), promptly bounce our valid emails, because the do-gooders site says we are spammers.
Any blacklist that does this should die a horrible fiery death; any mail admin that blocks on domainname without even asking for a full email with headers should be impaled, Vlad Dracule style.
This is why tools like SpamCop exist, and everyone should be using them regularly. Moral of the story: never trust the "From: " line. -
Re:I hopeOf course, they refused to tell me who reported me or what they reported
I'm glad about that. I had to stop reporting spammers years ago. Real spammers: fraud, pills, porn, etc. They are nasty people and will retaliate. Back in those days I'd get real e-mails back from ISPs saying they'd taken care of the spammers and as far as I know they did. I didn't start reporting spam again until Spamcop came along. I'm mostly anonymous, but can still be contacted through a Spamcop remailer. Spamcop does provide the content of the e-mail (that why I said mostly). I think Comcast should have at least told you what the e-mail was about!
-
Re:Maintenace the problem
You need to get your ISP to use Spamcop's RBL. This is exactly what they do. They employ a real-time spam-reporting system (with checks and balances) that identifies sources of spam in real time. I have no affilliation with the company but I cannot deny that their system blocks at least 16,000 spams a day to my server. It works.
-
Better spam solution. Ubiquitous encryption.
Alternatively, institute a microcharge on email -- be it monetary or computational -- to disrupt the economies of scale.
Spam is coming from zombied hosts these days, computational charges will be distributed to the point that they are useless. Monetary charges will destroy mailing lists like the numerous developer lists I subscribe to.
I believe there is a way to stop spam without any government intervention. We can make it so that spamming only costs the spammer money. I believe the widespread use of encryption would eliminate spam completely.
For the sake of argument consider that everyone does use encryption with all of their email messages. Now, instead of worrying about where the email came from, all people like Brightmail and Spamcop have to worry about is who the email came from. Receive spam and report it for blacklisting. Send spam, have your public key blacklisted. Get blacklisted and anyone who decides to trust their list filters your message straight to the trash.
In this scenario, if you receive an unsigned message, it is probably spam. Anyone respectable will sign, and everyone in your address book can be filtered to the 'good' inbox whether they sign or not. Unsigned spam won't be read. Spammers, knowing this, are going to be left trying to generate disposable keys. A small charge by the folks who certify the keys would then force them to reuse their keys, because generating the hundreds of thousands of keys needed to give each message a signature with a disposable key would be far too expensive for them. The speed at which we could blacklist keys in combination with the per key charge would reach a point where the 'economics of scale' no longer apply. Spam would disappear because it would no longer be profitable. Locating the spammer for prosecution would be easier too, since we could trace the payment for the keys.
And of course, this all would have the added benefit of keeping all of our private email guarded by a warm fuzzy blanket of strong encryption.
Would anyone here like to tear down my theory? If so, please avoid the obvious. The obvious being that not everybody uses encryption, Joe Sixpack could never figure out encryption, etc. Those are usability problems. What I would like to know is if I am overlooking a problem with the solution itself.
-
Other choice than Trustic - SPAMCOP
I have been using SPAMCop for the past 5 months at my work. I am also using QMAIL as my mail server and it took me about 10 minutes to get it hooked into the Spam Cop Database. The best part it is free and it it blocks about %80 of SPAM that gets delivered - I will just have to live with the other %20. Has anyone heard of other Spam IP Databases that are available for public use?
-
Re:Rules of not getting spammed.
-
CodeRed actually a SPAM filter
We all do it, that is, create a throw-away HotMail account for those times we need to register online somewhere with an e-mail address. I even go so far as to turn on the SPAM Filtering and limit the use of the account for said registrations.Even so, these accounts always manage to get overrun by a flood of SPAM. I've even set up one account to throw away EVERYTHING. Then again, that's the account I used to sign up with SpamCop
So I'm thinking, perhaps it's not a bad thing for all those nasty SPAM'rs to get hundreds, if not thousands of messages bounced back (not like they don't already). One can only hope that their stupid harversters removed bounced addresses from their lists.
At least in this way, maybe CodeRed will have done us a favor. Even for a short while.
-
Re:I'll tell you what happens...Or just use Yahoo. Their webmail also has POP3 access. You have to sign up to receive spam, but if you don't tick any interests you don't get any spam.
Or you could buy an account at Spamcop -- the best anti-spam spot on the planet.
-
Maybe Big ISPs will stop SPAM?
If more big networks get bogged with eeevil Spam, maybe they might rally together and stop it.
Sounds to hard to do. The UUnet story mentions all the hassles (weeks to stop Spammer's accounts).
Maybe they should learn to use SPAMCOP? -
Fixing the problem so it stays fixedThe whole denial-of-service problem is being quietly fixed by people who are putting small changes into server and router code. What law enforcement does is largely irrelevant. In the end, all they can do is maybe find some kid and put him in jail. That isn't effective enough, because there are too many kids.
Here's my checklist of what needs to be fixed:
- SYN flooding Don't commit TCP connection resources until the transition to ESTAB. Fixes exist.
- Packet traffic overloading from valid IP addresses Turn on fair queuing (plug: I invented that; see my RFCs) at the upstream router. Cisco routers do this for T1 and down by default; make sure it's on. Big sites generally have enough inbound bandwidth this isn't a killer problem.
- Packet traffic overloading from invalid IP addresses This is the hard one. Turn on outbound filtering where possible. Routers need a feature that accepts a request to turn on record route for the next few seconds for packets to a specified destination. This makes possible a sort of "reverse traceroute". Requires R&D, a standard, and programs that implement it.
- HTTP request overloading Impose fairness scheduling at the listen queue level. Needs R&D, some kernel coding, and support in the HTTP server, but isn't that hard.
- Attacks on large numbers of machines A small percentage of machines on the net need to be booby-trapped to trace back, silently, attacks on them. There should be voluntary services to which you can subscribe (something like SpamCop) that takes attack reports, correlates them, and locates the offender. This doesn't need to be government-run; it's a reasonable business.
Doing this will actually fix the problem. Much more effective than holding press conferences.
John Nagle
-
Re:Good tactic
Actually, I just started doing it (cuz I just got my mail server, WOO HOO!), so I haven't caught anyone so far.
Another thing I do to make the internet a better place is use SpamCop. Try it, it feels got to take spammers' accounts away!