Slashdot Mirror

• Distributed Server Boycott List (list: list.dsbl.org)
• Open Relay Database list: relays.ordb.org
• Spamhaus Block List list: sbl.spamhaus.org

DSBL and ORDB list open relays. They have a clear (i.e. programmatically implementable) listing/de-listing process. Spamhaus actively investigates spam gangs. Their policy is not programmatically implementable, but it's pretty clear.

DSBL even has three flavors to choose from:

• list.dsbl.org "single-stage relays tested by trusted users"
• multihop.dsbl.org "the outputs of multihop relays, tested by trusted users"
• unconfirmed.dsbl.org "everything else, including tests done by anonymous users, people could potentially sign up their own ISP's mail server to this list"

I have a relatively small and spam-free system (only six domains, very few email addresses that are not publicly visible), so for the last 7529 emails (since I configured to use these RBLs) processed by Postfix the server has rejected:

• 103 via list.dsbl.org
• 1 via relays.ordb.org
• 8 via sbl.spamhaus.org

If you're griping about collateral damage, then don't choose a wanton list, and advise others not to use one. Just don't go maligning all RBLs like ignorami.

Most spam is sent through compromised machines (check the millions infected with SOBIG for details) or through open proxies. There is no way to track these fuckers down.

Sure there is. After all, many of the spammers who use these open proxies are being tracked down and documented in ROKSO, part of the Spamhaus Project. However, this tracking does require using resources other than just header analysis and traceroute.

The investigators use methods more akin to a private detective's or law office's methods than to a network administrator's. For instance, they follow the money. The majority of spam messages are trying to sell something, so they need an avenue to collect payments. Or they use public records: many spam messages flog Web sites, which may well have spurious whois contact information, but are registered in the name of a legally-established corporation or LLC. (Spammers incorporate for the same reason anyone else does: when they get sued, it protects their personal assets.) In this case, the investigators can go to the state corporations records. These are public records, which list the officers of the corporation -- in other words, the spammers.

Take a look at the ROKSO records for any major spammer, like Eddy Marin or Ronnie Scelson. ROKSO records are compiled entirely from public information -- corporate records, legal filings, domain registrations, and so forth. They also represent a tremendous amount of work on the part of Steve Linford, Shiksaa, and other investigators. Tracking spammers is not necessarily something you can do from your xterm, but it is possible, and it is being done.

Most spam is sent through compromised machines (check the millions infected with SOBIG for details) or through open proxies. There is no way to track these fuckers down.

Sure there is. After all, many of the spammers who use these open proxies are being tracked down and documented in ROKSO, part of the Spamhaus Project. However, this tracking does require using resources other than just header analysis and traceroute.

The investigators use methods more akin to a private detective's or law office's methods than to a network administrator's. For instance, they follow the money. The majority of spam messages are trying to sell something, so they need an avenue to collect payments. Or they use public records: many spam messages flog Web sites, which may well have spurious whois contact information, but are registered in the name of a legally-established corporation or LLC. (Spammers incorporate for the same reason anyone else does: when they get sued, it protects their personal assets.) In this case, the investigators can go to the state corporations records. These are public records, which list the officers of the corporation -- in other words, the spammers.

Take a look at the ROKSO records for any major spammer, like Eddy Marin or Ronnie Scelson. ROKSO records are compiled entirely from public information -- corporate records, legal filings, domain registrations, and so forth. They also represent a tremendous amount of work on the part of Steve Linford, Shiksaa, and other investigators. Tracking spammers is not necessarily something you can do from your xterm, but it is possible, and it is being done.

Most spam is sent through compromised machines (check the millions infected with SOBIG for details) or through open proxies. There is no way to track these fuckers down.

Sure there is. After all, many of the spammers who use these open proxies are being tracked down and documented in ROKSO, part of the Spamhaus Project. However, this tracking does require using resources other than just header analysis and traceroute.

The investigators use methods more akin to a private detective's or law office's methods than to a network administrator's. For instance, they follow the money. The majority of spam messages are trying to sell something, so they need an avenue to collect payments. Or they use public records: many spam messages flog Web sites, which may well have spurious whois contact information, but are registered in the name of a legally-established corporation or LLC. (Spammers incorporate for the same reason anyone else does: when they get sued, it protects their personal assets.) In this case, the investigators can go to the state corporations records. These are public records, which list the officers of the corporation -- in other words, the spammers.

Take a look at the ROKSO records for any major spammer, like Eddy Marin or Ronnie Scelson. ROKSO records are compiled entirely from public information -- corporate records, legal filings, domain registrations, and so forth. They also represent a tremendous amount of work on the part of Steve Linford, Shiksaa, and other investigators. Tracking spammers is not necessarily something you can do from your xterm, but it is possible, and it is being done.

So you jump from one raging fire into another? Does anyone know the meaning of RESEARCHING your hosts prior to signing a contract with them?
Spamhaus.org - Rackspace.com listings
Google archived

And why did they change to rackspace.com?

Very swiftly? Are you sure about that? I also see active SBL records that are 6 months old.

AFAICT, yes, SPEWS de-lists when all the spammers are gone.

What do you mean by 'scummy'? I define it as any host who doesn't boot all spammers (whether direct sender, web site, dropbox, etc). So for example, I would say that Cogentco, Internap and UUnet are scum. Not to mention the usual sleaze-hosters like VSNL, ValueWeb, and the entirety of Brazil.

A few years ago, JHU was put on blocklists during two consecutive Septembers. We didn't complain, since we fully deserved it (freshmen with open relays). Since then we firewalled SMTP to allow only approved servers, and now we're fully de-listed.

What do you mean by 'scummy'? I define it as any host who doesn't boot all spammers (whether direct sender, web site, dropbox, etc). So for example, I would say that Cogentco, Internap and UUnet are scum. Not to mention the usual sleaze-hosters like VSNL, ValueWeb, and the entirety of Brazil.

A few years ago, JHU was put on blocklists during two consecutive Septembers. We didn't complain, since we fully deserved it (freshmen with open relays). Since then we firewalled SMTP to allow only approved servers, and now we're fully de-listed.

What do you mean by 'scummy'? I define it as any host who doesn't boot all spammers (whether direct sender, web site, dropbox, etc). So for example, I would say that Cogentco, Internap and UUnet are scum. Not to mention the usual sleaze-hosters like VSNL, ValueWeb, and the entirety of Brazil.

A few years ago, JHU was put on blocklists during two consecutive Septembers. We didn't complain, since we fully deserved it (freshmen with open relays). Since then we firewalled SMTP to allow only approved servers, and now we're fully de-listed.

We've outed and shut down one minor spammer.

The Register of Known Spam Operations lists nearly two hundred more hard-core spammers, along with everything the anti-spam people have been able to find out about them. Check the list, see if any are in your area, and take whatever action you feel is 'appropriate'.

On the other hand, we have a myriad of compromised Windows boxes sending out new copies of SoBig.F, and poorly configured corporate mail scanners bouncing them back to their faked addresses. All this adds up to a massive strain on ISP's mail gateways, some of which are going to be used to send spam. I suspect the spam is just being slowed to a crawl by the sheer volume of SoBig.F and normal spam inconvenience levels will be restored soon. My money's on September 10th...

somethingawful.com is a bunch of script kiddie wannabes having a temper tantrum, because they can't send their 3|337 emails to their elementary school friends.

Something of note here...their provider, cogentco.com is hosting a HUGE number of, not just your regular spammers, but criminal spammers. They have an infestation of spammers, who are actively scanning for open proxies 24/7 on multiple netblocks. See Mark Ferguson's recent proxypot stats posted on news.admin.net-abuse.email for evidence.

Not only that SBL has 19 separate listings for Cogentco for hosting career spammers (not just first-time or flyby spammers, these guys are the high volume pumpers) The earliest goes back to Jan 2003. That's over half a year of hosting a known, career spammer.

SBL, btw, is one of the most conservative blocklists out there and has a rock solid reputation among both users and the ISPs.

So, in summary, mentioning somethingawful.com as an example of how the "spam war" has gone too far is completely bogus. Cogentco has a huge spam problem and has refused to clean it up. Why should anyone want to accept any IP traffic from them?

Proletariat of the world, unite to kill spammers. Remember to shoot knees first so that they can't run away while you slowly torture them to death.

All large volume spammers are well known to the anti-spamming circles. Their information is listed on such resources as ROKSO (Registry Of Known Spam Operations), SPEWS (down due to DDOS by spammers on its nameservers) and Google Groups searches on newsgroups like news.admin.net-abuse.email or news.admin.net-abuse.sightings.

Then there're mainstream companies that have managed to fake legitimacy that target not the fly-by Viagra peddlers, but real businesses, politicians (you may recall the Howard Dean spam debacle from last week) and other legitimate advertisers and pretty much lie about the nature of their business ("we're strictly opt-in" while blatantly spamming to harvested addresses, etc.). These sort of companies buy full page ads on industry magazines. They're all over the place.

The chickenboning scam artists spammers are typically found by word-of-mouth or through "bulker's clubs", i.e. private web based bulleting boards spammers advertise their wares. Most of these clubs have anti-spammers as members though, so they rarely fly under the radar.

Yet another way to find spammers are contract job listing sites and reverse auction job sites (or whatever the hell they're called, where someone who wants a job done will advertise his need, then contractors will bid for it). There's a whole bunch of ethically challenged companies asking for bulletproof hosting and spamming services on them all the time.

Proletariat of the world, unite to kill spammers. Remember to shoot knees first so that they won't run away while you slowly torture them to death

There are at least a couple big name spammers based in Louisiana: Ronnie Scelson and Bubba Catts. Shutting them down would be a good start.

"The beneficiaries aren't necessarily the pasty faced, high school drop out industrial spammers we have gotten to know, but well known companies."

Been well known for quite a while now. Check out the famous spamdemic map. Real marketing takes work to make it successful, but mainsleaze bozos like Ameriquest slack off with these "shortcuts".

"Most of the ISPs are good to their word and are fighting it very, very hard," he said. "But as you get into the larger ISPs, especially those that are in any form of financial difficulty, the engineers, abuse staff and technicians all want the spammers off the network, but you have the sales staff looking at the money. ... The engineers will be fighting internally with the sales managers, but of course the sales managers always win."

Which is why these ISPs should not complain when I use some choice blackhole lists like SPEWS, Spamhaus, or SpamCop to protect my inboxes from these sleazoids. Anyone remember when Aegis thought they were invincible when they allowed spammers to run amuck on their system? And where are they now? :-)

[I am not a covert ops agent of the Lumber Cartel (tinlc).]

You're probably right, they will eventually want to charge money, and, IMHO, thier solution looks overly complicated and manipulable (spammers pay for "trusted" members to list them as "trusted").

It would be better if ISPs participated in services like the ORDB, SORBS and Monkeys that have simple network testable criteria for listing open relays. Spews, Spamhaus, and DSBL have reputable lists of usernames and addresses that send spam. If ISPs and admins would participate in projects like these, the spam problem would be greatly reduced. And it seems that these projects are mostly run by admins who are interested in blocking spam, not selling a service.

By the way, MAPS is currently free for individual use (look at the bottom of the page).

Spam control with RBLs is, in fact, decentralized. There are many RBLs to choose from, and any that are too severe will not be used for long if they generate too many false positives. As a system admin, I have my choice. I use 4 RBLs right now:

• spamhaus.relays.osirusoft.com
  (this is a mirror of the Spamhaus Block List) Well known spam operations, and is checked hourly.
• dialups.relays.osiruSoft.com
  (details at OsiruSoft) This list is of DHCP IP addresses of home users (DSL, cable, dial up).
• dnsbl.njabl.org
  (extensive details of what's on this list)
• rbl.restongeek.com
  I maintain this one myself for anything I want all my servers, primary and backup MX, to block

• Google
• Spamhaus
• Spews
• OpenRBL
• Google Groups

The EU definition pretty much matches with the one at SpamHaus: if an email is unsolicited and bulk, then it's spam. Make sure your mass mailings are confirmed opt-in and you're all set.

You're the admin. You're supposed to check for this. If the system isn't all that important, I may add patches without checking them on a test system, but if it's important, no patches get added until they are checked on a test system.

2) my fav, the disks stop spinning. This is lots of fun. Try it some time.

You're the admin. You're supposed to be doing backups. Personally, if I think there's a good chance that the drives will fail when I'm doing something ( eg: greater than .5 percent) I make 2 back ups. Tapes can break. Also, I've not seen disks refuse to spin up with out powering off for a while (more than 5 minues). Frequently, you can get the disks spinning again by (gently!) tapping them with a screwdriver. If that doesn't work, sometimes heating them with a lightbulb will work. Heatlamps work too, but you need to be careful not to overheat the drive. I also try to get drives on critical systems replaced every 2 to 3 years. RAID helps here.

Keeping the network, hardware, OS, and applications up is important, but just as important is abuse response. There are a few hosting companies out there that do a wonderful job of keeping things ticking over, but fail absolutely at terminating abusive accounts. Hosting at one of these sites is inviting having your email blocked at the very least. Some sites block all traffic based on what's in the block lists. Part of due dilligence is checking the history of a host by checking at SPEWS, SPAMHAUS, SPAMCOP, News.Admin.Net-Abuse.email, News.Admin.Net-Abuse.Sightings, and other customer's experiences.

I can't find my link to the dead tree report I use to check out hosting companies at the moment, but there are several very nice writeups out there that focus on choosing a good hosting/co-lo company.

Would that spammers were as US-centric as Slashdot

Would that spammers were as US-centric as Slashdot

And for anyone who wants to look for information on them, try here

Notice the "senders who comply with guidelines" part.

Notice that there is no definition of guidelines, apart from suggestion that it would be lobbied to FTC.

Notice that the entire page doesn't say ANYTHING about opt-in or opt-out!

Notice that only those that don't comply should but the ADV: tag. Sure, voluntarily?

See? Microsoft is really planning to LEGALIZE spam!

Microsoft wants to kick out the Enlargen Penis/Porn/Scam stype spam and start sending jackloads of spam From K-mart, Walmart etc. Expact that it will be called Direct Email Marketing.

Its a part of the redefining spam game. Spammers try to narrow spam to "fraudulent, deceptive and illegal" mail. Always remember that ALL Unsolicited Bulk Email is SPAM.

Don't believe anyone who says the are fighting to ban spam, If they are not talking about mandating that the ONLY LEGAL email marketing method would be OPT-IN with CONFIRMATION email.

In the example given, the spam harvester used a unique User-Agent string and a constant IP address for spidering.

It's not so easy. What you say is true, most of them use a constant IP address. But more sofisticated spammers are now using open proxies to both harvest email addresses from websites and spam referer logs. In my domain, for example, there's one guy who's trying to spam my logs since several months ago. I receive several hundred hits every day, each of them from a different IP address. He's using open proxies around the Net.

Right now, I see only two practical solutions for spam:

- A blacklist service like Spamhaus:

Pros: easy to setup, no maintenance.
Cons: some spam still goes through.

- A sender confirmation program like qconfirm:

Pros: no spam gets through, ever. Can be configured on a per user basis.
Cons: requires some maintenance, installation is not to easy as a blacklist.

Which is why I think SPEWS rocks.

Part of the pain is that ISPs have their IPA ranges listed more and more the longer the spammer stays. This causes pain and suffering on an ISP that is too clueless to respond to complaints or is in cahoots with the spammer. SPEWS attitude seems to be "As long as you take the spammers money, we don't want your traffic."

Personally, I think it's time and past to do more than just block the spammy ISP's mail. Time to block EVERYTHING from them.

For some insight into just how fast a major ISP can kick a spammer when it wants to,, see this thread in News.Admin.Net-Abuse.Email.

Time critical mailing will go out the window.

Too bad Alan Ralsky is not in the list of defendants.

Here's a few:

• SpamHaus Registry Of Known Spam Operators
• Stop-Spam Spammer Contact Information
• Frankie Spammers in Maryland

They are taking note, but the only "legislation" they're proposing is being paid for by the Direct Marketing Association.

According to Spamhaus.org, all the proposed legislation basically legitimizes "opt-out" instead of requiring "opt-in" like the Europeans do.

All todays spammers applaud [Billy] Tauzin's [(R-LA), Chairman of the House Committee on Energy and Commerce] "Reduction in Distribution of Spam Act", as does the Direct Marketing Association. It's what spammers have always dreamed of. They would no longer need to hide their identities to thwart disconnection, on the contrary, once spamming is legal they would be able to sue any Internet Service Providers who disconnect them for 'spamming legally'. All of todays spammers will instantly increase their volumes ten-fold flooding the Internet in 'legal' spams, "ADV: Grow your Penis", "ADV: Want Some Viagra?", "ADV: Wanna spy of your Wife?", etc. With the "Reduction in Distribution of Spam Act" we'll wish for the 'little' spam problem we had today when spam was only 50% of all email on the Internet.

They are taking note, but the only "legislation" they're proposing is being paid for by the Direct Marketing Association.

According to Spamhaus.org, all the proposed legislation basically legitimizes "opt-out" instead of requiring "opt-in" like the Europeans do.

All todays spammers applaud [Billy] Tauzin's [(R-LA), Chairman of the House Committee on Energy and Commerce] "Reduction in Distribution of Spam Act", as does the Direct Marketing Association. It's what spammers have always dreamed of. They would no longer need to hide their identities to thwart disconnection, on the contrary, once spamming is legal they would be able to sue any Internet Service Providers who disconnect them for 'spamming legally'. All of todays spammers will instantly increase their volumes ten-fold flooding the Internet in 'legal' spams, "ADV: Grow your Penis", "ADV: Want Some Viagra?", "ADV: Wanna spy of your Wife?", etc. With the "Reduction in Distribution of Spam Act" we'll wish for the 'little' spam problem we had today when spam was only 50% of all email on the Internet.

• Register of Known Spam Operations

A US-only law would still shut down at least half of the worst spammers. But more importantly, Senator Schumer is proposing both a US law and an international treaty.

No problem. SpamHaus is a good resource. So is SPEWS. SPAMCOP isn't much help FINDING the spammer, but News.Admin.Net-abuse.email is always a good choice and News.Admin.Net-abuse.sightings is another.

No, the real problem isn't finding them, it's proving beyond all doubt it's them doing it that is the problem. A quick run through of their hard drives is always helpful.
Some spammers even fail to secure their machines so all it takes is a web browser to browse their hard drive. Hey, what can I say? Spammers are stupid.

So far as enforcing the laws already on the books, only 28 or 29 states have laws against spamming. What laws are you thinking of that apply everywhere? (Think non-US too.)

Spam isn't a technical problem, and can't be completely solved with technical means. However, technical means can make spammy's life a bit harder, and I'm all for that.

So, I am pleased by this ruling not only for what it means for google, but for what it may mean for DNSbls.

.. and if the connection's not clear enough for them already, perhaps it'd help if a few geeks go nuts and kill a few
hardcore spammers.

This is a really weak argument to continue to allow anyone to impersonate me (well, to pretend to be allowed to send mail for my domain).

Nowhere did I advocate allowing that. I just criticized this particular way of combatting the spam problem. Spam (including spam from impersonators) can already be very effectively blocked using a combination of a good spam sources block list with a list of open proxies and relays. The tools exist that deal with the problem without breaking e-mail as we know it. RMX would only force spammers to send mail from a domain belonging to the originating network and would thus only serve to legitimize spam.

Don't for a moment think that RMX would stop or even slow spammers - for example, they are already paying students to do their spamming for them from their college computers, and when they get shut down they just find another one. So with RMX we could expect spam from perfectly verified .edu domains.

Also, the next big thing will be e-mail worms that hijack home computers to spam for the spammers. Those can easily be written to set the spam's sender to an address in the domain of whatever network they have infected.

We already know who some of the spammers are. Heck, some of them have admitted it!

I keep submitting this link as a slashdot story. It keeps getting rejected. FFS guys, stop hassling one spammer at a time when they happen to make the news. Let's put pressure on the whole bunch. Start now, and keep it up until they stop spamming.

#1 - When I was talking class action, usually it's been my experience that the lawyers who go looking for plaintiffs, not the other way around. So I wouldn't have to pay a thing - I'd just wait until some enterprising lawyer went after Ralsky and other spam gangs. and just sign up.

#2 - You don't need to hire a lawyer to claim damages under a civil statute. In California, you can file small claims for any amount less than $5000, which entails a minor filing fee ($22).

Obviously a lawyer isn't going to take a time-consuming case unless there's a definite payoff at the end (like taking down Ralsky and all the property he owns, or getting a piece of all that Viagra money.) So big deal - for all the other scum, we'll just use small claims.

Go see ROKSO entry for Mr. Scelson if you want to get in touch with him. Excerpt below.

ABUSERS: Ronald R. Scelson
[Birthdate: 12-11-71 or 72, New Orleans, LA, married]
avsrscelson@aol.com / cajunspam@aol.com / avsrscelson2000@yahoo.com / dff@yahoo.com
Amy Hoolahan [wife/sister?]
43 CYPRESS MEADOWS LOOP
SLIDELL, LA 70460 US
Home: (504) 646-2225
Work: 504-649-6248

PHONE NUMBERS: 888-365-0000 ext. 1648 / 800-242-0363 EXT. 2427
888-724-3108 x5413752
504 781 8117 / 504-957-1037 / 504-847-1232 / 504-649-7751
504-781-6615 / 504-649-6248 / 504-781-6655 / 504-831-1595
504-646-2225 / 504-641-0876
FAX: 504 641 0810 / 504-456-0995 / 504-781-6615

MORE INFO: Connelly sues to keep spamming:
http://www.frc.org/legal/lf99j05.html
http://www.freedomforum.org/speech/1999/10/20laspa m.asp
http://www.mediainst.org/digest/fall1999/pa ge8.htm l
Wife Florence Fox sued for Nu-Skin Pyramid Scheme:
http://www.attorneygeneral.gov/press2/mon ths/Feb98 /feb23pr1.htm

The Registry of Known Spammers has his contact information, including emails, snail address, toll free phone numbers, etc. Lameness filter prevents posting the whole thing, but here's a peak at it.

ABUSERS: Ronald R. Scelson
[Birthdate: 12-11-71 or 72, New Orleans, LA, married]
avsrscelson@aol.com / cajunspam@aol.com / avsrscelson2000@yahoo.com / dff@yahoo.com
Amy Hoolahan [wife/sister?]
43 CYPRESS MEADOWS LOOP
SLIDELL, LA 70460 US
Home: (504) 646-2225
Work: 504-649-6248

PHONE NUMBERS: 888-365-0000 ext. 1648 / 800-242-0363 EXT. 2427
888-724-3108 x5413752
504 781 8117 / 504-957-1037 / 504-847-1232 / 504-649-7751
504-781-6615 / 504-649-6248 / 504-781-6655 / 504-831-1595
504-646-2225 / 504-641-0876
FAX: 504 641 0810 / 504-456-0995 / 504-781-6615

MORE INFO: Connelly sues to keep spamming:
http://www.frc.org/legal/lf99j05.html
http://www.freedomforum.org/speech/1999/10/20laspa m.asp
http://www.mediainst.org/digest/fall1999/pa ge8.htm l
Wife Florence Fox sued for Nu-Skin Pyramid Scheme:
http://www.attorneygeneral.gov/press2/mon ths/Feb98 /feb23pr1.htm

AKA: RONALD SCELSON (NETBLK-FON-106771046442576)
43 CYPRESS MEADOWS LOOP
SLIDELL, LA 70460 US
SCELSON, RONALD (RS928-ARIN) RSCELSON@AOL.COM
5049571037

According to Spamhaus:

(http://www.spamhaus.org/rokso/search.lasso?evid en cefile=1070:

ABUSERS: Ronald R. Scelson
[Birthdate: 12-11-71 or 72, New Orleans, LA, married]
avsrscelson@aol.com / cajunspam@aol.com / avsrscelson2000@yahoo.com / dff@yahoo.com
Amy Hoolahan [wife/sister?]
43 CYPRESS MEADOWS LOOP
SLIDELL, LA 70460 US
Home: (504) 646-2225
Work: 504-649-6248

PHONE NUMBERS: 888-365-0000 ext. 1648 / 800-242-0363 EXT. 2427
888-724-3108 x5413752
504 781 8117 / 504-957-1037 / 504-847-1232 / 504-649-7751
504-781-6615 / 504-649-6248 / 504-781-6655 / 504-831-1595
504-646-2225 / 504-641-0876
FAX: 504 641 0810 / 504-456-0995 / 504-781-6615

MORE INFO: Connelly sues to keep spamming:
http://www.frc.org/legal/lf99j05.html
http://www.freedomforum.org/speech/1999/10/20laspa m.asp
http://www.mediainst.org/digest/fall1999/pa ge8.htm l
Wife Florence Fox sued for Nu-Skin Pyramid Scheme:
http://www.attorneygeneral.gov/press2/mon ths/Feb98 /feb23pr1.htm

Me, I'm thinking some letters of marque and reprisal are the answer...

Might as well just link to where all of the information is.

... is here. He must not be doing all that well if he can't scrape together the dough to get his fat ass out of Slidell, Louisiana, a town I had the misfortune of driving through a year ago and whose only redeeming feature is the Lake Ponchartrain bridge/causeway leading out of it and to New Orleans.

A few of my favorite examples are:

• MyNetWatchman, firewall incident reporting service. Helps to defray spam by finding and reporting compromised hosts internet-wide.
• SpamCon Legal Fund, to help them further the cause.
• TMDA, The GPL spamfilter that actually delivers on the zero spam, zero fasle positive promise.
• SpamHaus, who does a great job keeping lists of both servers and spammers, and is very dedicated
• Your Local Food Bank. courtesy of abuse.net who says: "If you feel that abuse.net has been useful to you, please make a contribution to your local food bank, which needs money a lot more than we ever will. Thanks."
• Distributed Intrusion Detection System, another firewall aggregator, maybe the biggest, free to all

There is a list of the 180 worst spammers here if you want someone to blacklist or harass.

And yes, Alan Ralsky appears at the top of the list. But only because it's in alphabetical order.

....one can be a filthy lying coke fiend lawyer with a $1000/day habit....

Crap!! How the hell did you know about this lawyer?! You either live in FL, or are psychic. Check out Spamhaus.org under Eddy Marin for his spammer "client's" *cough*partner*cough* coke traffiking record.

Oh, by the way, Spamhaus.org is located in London, and I've yet see a US court claim jurisdiction over the pond to England.

But we can all stay tuned for another episode of how the legal crack pipe smokes!

That sounds like this spam sent by Empire Towers which is run by this guy who is pictured appearing as a panelist at the FTC Spam Forum. Note that he's a convicted felon.

I try very hard to ignore spam content because the fact is that the real problem is lack of consent. Unfortunately sometimes the depths spammers sink to are just sickening. Between this and the (pre-looting) spams from Artmarket/Artprice about how terrible the war in Iraq would be for the art market and how you could reduce your risk as an investor in this market by buying their blah blah blah...

At least with child pornography there are laws that sometimes are actually enforced. There are people in prisons waiting to cut the offender's balls off and flush them down the toilet. Cowles and those art fuckers will never really be held accountable for their sick exploitation. They'll just keep slipping through the cracks.

Spamhaus explains that with this page