Slashdot Mirror

That's his old address (see also SpamHaus's record of his addresses) - if you read the article you'll know that's he's just moved house and the new address can be found in the in Oakland County real estate records.

Here's more information on this scum bag:
scum bag info
I'm still looking for the physical adress of his *new* home/data center. If anyone finds it as well as his phone number, or his email *he* uses. Post it!

I discussed this idea yesterday with my manager. I've been looking at spamhaus over the last couple of days but they don't take spam reports from end users. So I had the idea of setting up a domain for users to forward spam. This spam database could then be used to create an RBL for the most active mail relays. I suppose now I can create the RBL without collecting the spam. :-)

Here is an entry for ElcomSoft LTD in Russia on ROSKO. Isn't this the same company that employed Skylarov. Were we all defending a mass Spammer? Where would our loyalties lie if a russian spammer was arrested on trumped up DMCA violations?

Blackhole operators like this are just as bad as the spammers themselves; both groups take great pride in having their head firmly shoved up their ass.

I was about to just moderate you down as flamebait, but then noticed your low userid# and thought "nah, buggerit, I'll just respond."

I'd suggest you read up about the Spamhaus Block List and perhaps after that, have a look at some of the many posts by Steve on news.admin.net-abuse.email.

If you still think he "takes great pride in having his head firmly shoved up his ass", then, well, the value of your opinion should be pretty clear.

Blocking all of _Verio_? Thanks for doing your part along with the spammers to make e-mail that much less useful.

It's not making email as a communications medium even slightly less useful to you, unless:

(a) your mailserver uses the SBL (or one of the many other blocklists that list all or part of Verio) - in which case you are perfectly free to move to another one that doesn't, or

(b) your mailserver is in a range listed by the SBL. In which case you are also perfectly free to use another mailserver that isn't.

If it's not affecting you directly, then it's really none of your business. Except that if Verio either goes out of business OR gets rid of all its spammers (note: first option much more likely), then the load of spam that you are currently receiving will decrease.

Pete.

PS. Seriously, this has been coming for a loooong time. Verio is, and has been for a while, one of the worst (if not the worst) spam supporting ISPs on the Internet (and if you were completely unaware of this, then your opionion is worth even less than I thought it was). Their management are knowingly hosting spammers, and deliberately refusing to disconnect said spammers. They will never stop doing this as long as they profit by it. And they do profit by it, and will continue to do so until most (if not all) of their non-spammer customers leave.

Being shunned by the wider Internet is the only effective punishment. And it is effective. Don't fool yourself. Verio are not a responsible Internet citizen, and they will continue to be punished for it until they either mend their ways or die.

Personally I'd prefer the latter.

What really needs to be done is EDUCATE isps that an open relay can get you in a whole heap of trouble. Of course many have closed their relays, but a lot still have open ones.

"If we close the open relays, spam will go away" is actually what a lot of spamfighters thought five years ago. A common opinion then was that spam was basically a technical problem, like a security hole or smurfing, and that applying the appropriate technical fix to mail servers would prevent it.

Unfortunately, that hasn't worked. First off, open relays are not the only technical problem that makes spamming easier. Open proxies are just as common today -- and worse, since they hide the tracks of spammers. (They're also used by all sorts of other abusers.) Moreover, open proxies are harder to get people to close down, since blocking access from them to mail servers doesn't usually affect their legitimate users -- and thus doesn't draw their attention.

Second, it has been increasingly realized by most spamfighters that spam is a social problem, not merely a technical one. The problem isn't just that there are abusable resources, but that there are people who are willing to abuse them for profit, and other people who are willing to aid and abet those abusers in order to reap a share of that profit.

As a parallel, consider burglary. Sure, it is good to employ technical means such as deadbolt locks and alarms to block or deter burglars -- but nobody thinks that burglaries are solely technical problems, and that we should pursue only better locks rather than the arrest of burglars. Burglary is a social problem; specifically, a problem caused by some people's willingness to violate others' rights. We call those kind of problems "crimes".

Spam is a particularly frustrating crime since anyone who considers the proprieties of the situation can recognize it as lawless, but few legislatures have chosen to formalize its criminality in statute. It's lawless because it defies the property rights of mail server owners, alienating their resources for the spammer's use without permission. That's often covered by statutes regarding theft of service, computer crimes, or various sorts of tort, and there have been a number of cases wherein spamming was recognized by judges and juries as such. However, in many jurisdictions there's no statute to point to that says "spamming is a crime".

Third, there's also an social-technical problem. There's a small number of crooks who can profit themselves greatly by finding means of sending spam. Each of them has a much greater incentive to locate these means than any individual spamfighter does. This is a social problem in a different sense: insofar as spamfighting relies on discovering paths for spam propagation and getting them shut down (e.g. closing open relays) the crooks are always going to be several steps ahead.

By targeting organizations and persons known to be sources of spam, rather than the victims they exploit to send that spam, we can get around that problem. The number of large-scale spammers is actually rather few. Steve Linford's ROKSO (Registry Of Known Spam Operations; same guy as the SBL) lists around 100 organizations which have been thrown off of ISPs three or more times for spamming.

Fundamentally, I agree with you that the problem is one of education. However, it is not merely the education of ISP technical staff that must take place. It's the education of everyone involved -- technical staff, their managers, mail software authors, spammers, the legal system, spam recipients, and businesses that might consider spamming. Everyone needs to wise up about spam.

1. $1,000.00 USD guarantee that companies will abide by OUR rules and your information will never be sold or given out.
2. 100% True Opt-in
3. Nobody EVER sees any information you've signed up with other than the marketing preferences you have specified.
4. You will receive a flat fee per email received.
5. AND/OR you can specify a charity to receive all or part of the per email income.
6. Opt-out 100% completely at any time and have your account deactivated or destroyed.
7. Preferences:
8. 1. Allow you to be very specific about the types of material you will receive.
   2. You can also specify the maximum number of emails you will receive in a month.
   3. Block specific companies from contacting you.

1. $1,000.00 USD guarantee that every person that receives your marketing information explicitly signed up and was verified to receive it. (No pissed off customers!!!)
2. This WILL cost you more than the fly by night spammers charge.
3. You WILL reach a targetted audience.
4. Your advertisements will also be available from this site for a duration of time you specify up to 3 months.
5. All emails must be approved by us before being sent out. (No pornography or scam related material allowed.)
6. Nothing is sent out before payment is received. (This allows us to keep dishonest companies from signing up and not paying up.)
7. Users have the option to give you feedback on your advertisements.

1. Cauce: Coalition against unsolicited email
2. Spam Laws and Regulations
3. Spamcop: SPAM Reporting
4. Spampal: Windows Filtering Software
5. Spamhaus: Track the worst spammers

1. $1,000.00 USD guarantee that companies will abide by OUR rules and your information will never be sold or given out.
2. 100% True Opt-in
3. Nobody EVER sees any information you've signed up with other than the marketing preferences you have specified.
4. You will receive a flat fee per email received.
5. AND/OR you can specify a charity to receive all or part of the per email income.
6. Opt-out 100% completely at any time and have your account deactivated or destroyed.
7. Preferences:
8. 1. Allow you to be very specific about the types of material you will receive.
   2. You can also specify the maximum number of emails you will receive in a month.
   3. Block specific companies from contacting you.

1. $1,000.00 USD guarantee that every person that receives your marketing information explicitly signed up and was verified to receive it. (No pissed off customers!!!)
2. This WILL cost you more than the fly by night spammers charge.
3. You WILL reach a targetted audience.
4. Your advertisements will also be available from this site for a duration of time you specify up to 3 months.
5. All emails must be approved by us before being sent out. (No pornography or scam related material allowed.)
6. Nothing is sent out before payment is received. (This allows us to keep dishonest companies from signing up and not paying up.)
7. Users have the option to give you feedback on your advertisements.

1. Cauce: Coalition against unsolicited email
2. Spam Laws and Regulations
3. Spamcop: SPAM Reporting
4. Spampal: Windows Filtering Software
5. Spamhaus: Track the worst spammers

Deterring these "professional" spammers (many of whom have previous convictions for fraud) should therefore have a far greater effect than the numbers would suggest. Most would probably take their "talents" to greener pastures (anyone short of a few dodgy executives?)

Deterring these "professional" spammers (many of whom have previous convictions for fraud) should therefore have a far greater effect than the numbers would suggest. Most would probably take their "talents" to greener pastures (anyone short of a few dodgy executives?)

Its nice to see that a spammer is getting in trouble for the annoyance that they've caused. However, its one spammer, in one state, in one country. There are so many other spammers, how can destroying even one really make a difference?

It would have, but surenet.net said they canned Balan's ass after SPEWS got on theirs!

Also, It is questionable at best whether these people are criminals.

Did you read the usenet post I linked to in my original message? Did you even read the article this /. story is about? According to evidence gathered by Spamhaus' Registry of Known Spammers, Thomas Cowles (the spammer quoted more than anyone else in the article) has been convicted of burglary, theft, fraud and passing bad checks. He successfully evaded the law for a while after a warrant was issued for his arrest during the burglary/theft case. When they finally caught him he was trying to hide behind some shelving in an office unit his company was renting.

I don't endorse demonizing spammers. Anyone bothering to do their homework will see that most spammers do more than enough to ruin their reputations without any outside help.

As far as what the journalist can and can't do, a journalist can choose who he will quote and to what extent he will quote them. He can also subtly influence people's opinions by using terms like "spam king" and "vigalante", or by glossing over and failing to mention important facts.

More facts on this are available at here and here. Please read them so as not to waste my time with more worthless conjecture.

Yeah, but looking at the prior convictions for fraud on many spammers' rap sheets...

• Thomas Cowles - Burglary, fraud, theft
• Thomas Cowles - passing bad checks

...you really think they declare all that income?

If I were an IRS auditor, I'd consider spammers as prime candidates for shakedown.

But I'm not an IRS auditor. Does anyone reading this know any IRS auditors?

Yeah, but looking at the prior convictions for fraud on many spammers' rap sheets...

• Thomas Cowles - Burglary, fraud, theft
• Thomas Cowles - passing bad checks

...you really think they declare all that income?

If I were an IRS auditor, I'd consider spammers as prime candidates for shakedown.

But I'm not an IRS auditor. Does anyone reading this know any IRS auditors?

one spammer whines, "My operating costs have gone up 1,000 percent this year."

Dear interested spammer:

MEDICALLY PROVEN,
OUR PROGRAM WILL ENLARGE YOUR BUDGET,
NATURALLY........

You WILL Gain up to 1000% greater operating costs!
You WILL Get a larger budget!
You WILL Give your accountant MORE pleasure!
You WILL Stay IN DEBT, LONGER!

Most spammers see results within the 1st Month !!! Don't wait! CLICK HERE NOW!!!

Not just a spammer, this guy has been arrested for burglary, theft, receiving stolen property, writing bad checks, fraud, and probably many other offenses. Go here for info on this spammer.

And Thomas Cowles isn't exactly of "high moral fibre", even setting aside his spamming.

• Burglary, fraud and theft convictions
• Passing bad cheques conviction

And Thomas Cowles isn't exactly of "high moral fibre", even setting aside his spamming.

• Burglary, fraud and theft convictions
• Passing bad cheques conviction

A) Live in a state with decent anti-spamming laws.

- AND -

B) Find a DA with the time to piss away prosecuting a spammer ... I mean, heh, there are dangers to our society out there smoking that mari-ju-wanna, you know?

I have a better idea; one more Shakespearean in nature ('the first thing we must do, is kill all the lawyers'). I say, waste 'em.

Seriously.

Every day these parasites collectively consume greater than the equivolent of several human lifetimes in aggrivated and wasted time that it takes you, me and everyone to filter their crapflood.

They knowingly and maliciously violate the code of civilized society in the name of 'my right to make a buck.'

The good Mr. Jay's comment is typical of the spammer:

"I put them in the same category as people who scream when someone wears a fur coat or eats veal"

A complete dodge from the obvious truth that Mr. Jay is stealing from you. He is stealing your time and abusing a service you pay for. Email was not created to be a snake-oil salesman's bull horn in your ear. Mr. Jay and those like him are thieves who contend time and time again that their theft is legal; it is their right to steal from you.

Shut up, you consumer fuck.

Shut up and take it.

I say no more. Let's turn ROSKO into American's most wanted.

Cheers,
-- RLJ

WorldCom (via UUNet) handles 50% of US internet traffic

yeah, but if they would only enforce their acceptable use policy, the amount of traffic would only be 10%... ; )

Oh, look at all the addresses. (strokes DSL modem)

Since he's so dedicated to the idea of using email freely, how about we ALL hook up to our favorite anonymous remailers and send him personal letters about how spam makes us feel!

Hey, I even made the "mailto:" links for you! :)

No, but the Spamhaus Project has it - and more!

Check out their "Cajun Spamming gang" page. Quite the operation!

Oh, oh - committing illegal acts? In an organized group? Illegal acts committed nationwide? Can someone say "RICO?"

Personaly, I wish one or more state AG's offices along with the feds (FTC), would hang this sucker from the tallest bayou swamp cypress!

No, but the Spamhaus Project has it - and more!

Check out their "Cajun Spamming gang" page. Quite the operation!

Oh, oh - committing illegal acts? In an organized group? Illegal acts committed nationwide? Can someone say "RICO?"

Personaly, I wish one or more state AG's offices along with the feds (FTC), would hang this sucker from the tallest bayou swamp cypress!

No, but the Spamhaus Project has it - and more!

Check out their "Cajun Spamming gang" page. Quite the operation!

Oh, oh - committing illegal acts? In an organized group? Illegal acts committed nationwide? Can someone say "RICO?"

Personaly, I wish one or more state AG's offices along with the feds (FTC), would hang this sucker from the tallest bayou swamp cypress!

Someone else has done their homework on Scelson there is a bunch of info, including tel #s and addresses
here.

His interview makes him seem like an utter chump. Make him pay...

If you're serious about learning everything there is to know about the worst spamgangs be sure to check out Spamhaus's excellent Register of Known Spam Operations (ROKSO).

Although the site comes complete with mug-shots for one spammer, nothing I've seen there compares (humor-wise anyway) to the hilarious Tommy Brock--Spammer, thug, exhibitionist page.

If you're serious about learning everything there is to know about the worst spamgangs be sure to check out Spamhaus's excellent Register of Known Spam Operations (ROKSO).

Although the site comes complete with mug-shots for one spammer, nothing I've seen there compares (humor-wise anyway) to the hilarious Tommy Brock--Spammer, thug, exhibitionist page.

I think its not fair to blame Asia for spam.

One of the biggest and most consistent sources of spam in the world is cn.net. So says SpamCop. So says SpamHaus. The spams may be for American and European sites, but it's a Chinese ISP that's providing the spamming services.

For resorting to spam in the first place and since their own laws are strict, they hire someone else to do the dirty work for them because the poor guy needs the money.

Sooo... spamming is okay if the spammer is poor enough?

Dealing in spamware is illegal in several U.S. states and European nations. By and large, spamware programs have no lawful use -- they are built to abuse open relays and proxies, fraudulently alter mail headers, and obfuscate spammed messages to make it harder for victims to track down the spammer. Spamware is not merely a "burglar's tool" useful for lawless action -- it is like a locksmithing kit specifically tailored to be excellent for burglary and no good for legitimate locksmithing, or a gun somehow built to be perfect for murder but nonfunctional for self defense.

Nevertheless, Google accepts ads for spamware -- as well as ads for other spamming services. Google today carries advertisements and thereby accepts sponsorship from dealers in network abuse. Given the real and present danger that spamming poses to the usefulness of the email facility, and the amount of time and money that today's Internet-using businesses and people spend defending themselves from this form of theft -- how can Google justify accepting this sponsorship?

Dealing in spamware is illegal in several U.S. states and European nations. By and large, spamware programs have no lawful use -- they are built to abuse open relays and proxies, fraudulently alter mail headers, and obfuscate spammed messages to make it harder for victims to track down the spammer. Spamware is not merely a "burglar's tool" useful for lawless action -- it is like a locksmithing kit specifically tailored to be excellent for burglary and no good for legitimate locksmithing, or a gun somehow built to be perfect for murder but nonfunctional for self defense.

Nevertheless, Google accepts ads for spamware -- as well as ads for other spamming services. Google today carries advertisements and thereby accepts sponsorship from dealers in network abuse. Given the real and present danger that spamming poses to the usefulness of the email facility, and the amount of time and money that today's Internet-using businesses and people spend defending themselves from this form of theft -- how can Google justify accepting this sponsorship?

And it's very clear that you don't follow the spamming situation at all, or you wouldn't post such hilarious statement like "I am sure that none of them accepted spammailers as a viable customer." I suppose you never trace your spam or the spamvertized sites?

The above may be very well true for KPNQwest (and appears to be, according to the other reply to my post), but Qwest just loves spammers (or doesn't care about them spamming at all). Let's just take one spamming operation, Ernesto Haberli & Co. They operate (among others) the fake ISP's e-connexus.net, gigaipnet.com, transip.net and Americanet.com.ve. These are very active spamming networks (especially the first and the last at the moment):

• Postings in news.admin.net-abuse.sightings
• Spamhaus entry
• SPEWS entry
• bitchlist.net entry

That's just one spamming gang, of course. If you want the full list of spamming operations (yes, spamming operations, not just companies who spammed once or so) hosted by qwest, see here.

Really, saying that Qwest doesn't support spammers is like saying that Microsoft is an Open Source fanatic.

PS: Zeus is doing fine, thank you :) I'm the Zeus spam-admin currently, fwiw <g>

And it's very clear that you don't follow the spamming situation at all, or you wouldn't post such hilarious statement like "I am sure that none of them accepted spammailers as a viable customer." I suppose you never trace your spam or the spamvertized sites?

The above may be very well true for KPNQwest (and appears to be, according to the other reply to my post), but Qwest just loves spammers (or doesn't care about them spamming at all). Let's just take one spamming operation, Ernesto Haberli & Co. They operate (among others) the fake ISP's e-connexus.net, gigaipnet.com, transip.net and Americanet.com.ve. These are very active spamming networks (especially the first and the last at the moment):

• Postings in news.admin.net-abuse.sightings
• Spamhaus entry
• SPEWS entry
• bitchlist.net entry

That's just one spamming gang, of course. If you want the full list of spamming operations (yes, spamming operations, not just companies who spammed once or so) hosted by qwest, see here.

Really, saying that Qwest doesn't support spammers is like saying that Microsoft is an Open Source fanatic.

PS: Zeus is doing fine, thank you :) I'm the Zeus spam-admin currently, fwiw <g>

Yes, jail for the perjury would be nice. But I'd hate to see them keep any of their ill gotten cash! The Spamhaus Project has recommendations. Too bad I'm not in a state that has an anti-spamming law! I'd just LOVE to sue them.

Spamhaus.org records about MonsterHut

It includes such gems as

MonsterHut's PR

and

Whine: MonsterHut Letter to Spam Clients

(scroll down - the header index is identical for these links, but the material below is different)

Definitely worth looking over, for a profile of a spammer.

Sig: What Happened To The Censorware Project (censorware.org)

Spamhaus.org records about MonsterHut

It includes such gems as

MonsterHut's PR

and

Whine: MonsterHut Letter to Spam Clients

(scroll down - the header index is identical for these links, but the material below is different)

Definitely worth looking over, for a profile of a spammer.

Sig: What Happened To The Censorware Project (censorware.org)

Spamhaus.org records about MonsterHut

It includes such gems as

MonsterHut's PR

and

Whine: MonsterHut Letter to Spam Clients

(scroll down - the header index is identical for these links, but the material below is different)

Definitely worth looking over, for a profile of a spammer.

Sig: What Happened To The Censorware Project (censorware.org)

It wasn't a "pink contract" this time Sam, it was a "pink paragraph". The sleazy scamming spammers at Monsterhut (Neal Martin, Todd Pelow, et. al.) pulled one over on the greedy sales and clueless legal people at Paetec.

They got them to put in on paragraph that allowed for the magic 2% complaint level, this was the loophole they needed.

To stay on and spam for a year, they also needed a clueless judge who belive the lying spammers and not Paetec or the many people who submitted sworn affidavits showing they were spammed by Monsterhut. They lucked out with Judge John Lame^H^H^H^H Lane.

The appeals court saw that the paragraph was bogus and that this "pink paragraph" did not override the proper worded, "no spamming" part of the contract.

Too bad we had to eat a year of spam until it reached that court. Okay, YOU people had to eat the spam, I use SPEWS and Spamhaus to filter my mail.

Oh yeah, poster Mr. Sam has his own SpamBag block-list system that I'm sure no Monsterhut packets would ever get though!

If networks and courts don't protect you from spammers, you have to do it yourself it seems.

In particular, look at the Advice for those they spam

In the May 2002 judgement of the SUPREME COURT OF THE STATE OF NEW YORK Appellate Division, Fourth Judicial Department, Monsterhut were found to be spammers who where spamming.

If you live in one of the many US states that allow action against spammers and were spammed by Monsterhut (aka Beaverhome, aka Furniture4free) here is a perfect way to "remedy" the situation. Although they may try, it is unlikely Monsterhut could convince anyone that they are not spammers in light of the judgement. File a claim in your own jurisdiction citing your laws and the state of New York court judgement that defines what they do.

In Canada (Monsterhut aka Beaverhome, aka Furniture4free other home), the nation's new privacy laws may enable citizens to file claims. Be sure to mention their 1999 loss in Canadian court (1267623 Ontario Inc. v. Nexx Online Inc.) where the Ontario Superior Court of Justice denied their motion, ruling that "Sending unsolicited bulk commercial e-mail is in breach of the emerging principles of Netiquette..."

Sig: What Happened To The Censorware Project (censorware.org)

In particular, look at the Advice for those they spam

In the May 2002 judgement of the SUPREME COURT OF THE STATE OF NEW YORK Appellate Division, Fourth Judicial Department, Monsterhut were found to be spammers who where spamming.

If you live in one of the many US states that allow action against spammers and were spammed by Monsterhut (aka Beaverhome, aka Furniture4free) here is a perfect way to "remedy" the situation. Although they may try, it is unlikely Monsterhut could convince anyone that they are not spammers in light of the judgement. File a claim in your own jurisdiction citing your laws and the state of New York court judgement that defines what they do.

In Canada (Monsterhut aka Beaverhome, aka Furniture4free other home), the nation's new privacy laws may enable citizens to file claims. Be sure to mention their 1999 loss in Canadian court (1267623 Ontario Inc. v. Nexx Online Inc.) where the Ontario Superior Court of Justice denied their motion, ruling that "Sending unsolicited bulk commercial e-mail is in breach of the emerging principles of Netiquette..."

Sig: What Happened To The Censorware Project (censorware.org)

In particular, look at the Advice for those they spam

In the May 2002 judgement of the SUPREME COURT OF THE STATE OF NEW YORK Appellate Division, Fourth Judicial Department, Monsterhut were found to be spammers who where spamming.

If you live in one of the many US states that allow action against spammers and were spammed by Monsterhut (aka Beaverhome, aka Furniture4free) here is a perfect way to "remedy" the situation. Although they may try, it is unlikely Monsterhut could convince anyone that they are not spammers in light of the judgement. File a claim in your own jurisdiction citing your laws and the state of New York court judgement that defines what they do.

In Canada (Monsterhut aka Beaverhome, aka Furniture4free other home), the nation's new privacy laws may enable citizens to file claims. Be sure to mention their 1999 loss in Canadian court (1267623 Ontario Inc. v. Nexx Online Inc.) where the Ontario Superior Court of Justice denied their motion, ruling that "Sending unsolicited bulk commercial e-mail is in breach of the emerging principles of Netiquette..."

Sig: What Happened To The Censorware Project (censorware.org)

In particular, look at the Advice for those they spam

In the May 2002 judgement of the SUPREME COURT OF THE STATE OF NEW YORK Appellate Division, Fourth Judicial Department, Monsterhut were found to be spammers who where spamming.

If you live in one of the many US states that allow action against spammers and were spammed by Monsterhut (aka Beaverhome, aka Furniture4free) here is a perfect way to "remedy" the situation. Although they may try, it is unlikely Monsterhut could convince anyone that they are not spammers in light of the judgement. File a claim in your own jurisdiction citing your laws and the state of New York court judgement that defines what they do.

In Canada (Monsterhut aka Beaverhome, aka Furniture4free other home), the nation's new privacy laws may enable citizens to file claims. Be sure to mention their 1999 loss in Canadian court (1267623 Ontario Inc. v. Nexx Online Inc.) where the Ontario Superior Court of Justice denied their motion, ruling that "Sending unsolicited bulk commercial e-mail is in breach of the emerging principles of Netiquette..."

Sig: What Happened To The Censorware Project (censorware.org)

I'd have to agree with this. news.admin.net-abuse.email is full of people who have hosting with ISPs that host spammers (*cough* SPRINT *cough*) and their mail then bounces, or packets get dropped at firewalls.

http://www.spews.org/ allows you to do lookups, but unfortunately it's single IPs, not netblocks.

You can also lookup ISPs by name on http://www.spamhaus.org/

In general a quick "hat check" post to n.a.n.e. can save you a lot of time and grief.

So then the spammer fills his database with these non-existant addresses on existing domain names. He then sends his spam to these addresses, and their mail servers not only have to process the message to determine that it's an invalid address, but they also have to bounce the message back as undeliverable.

Chris Beckenbach

Given What Happened To The Censorware Project (censorware.org), I don't think submitting it to Slashdot as an article is even worth the e-mail.

I'll post it here just for reader enjoyment. I think it's better than many of the stories which WERE posted!

______

Spam "protection" - a modest proposal

by Seth Finkelstein
April 1 2002

The problem of Spam, i.e. junk e-mail, has been plaguing the net for years. This article makes a modest proposal for spam "protection", in terms of a novel economic analysis leading to the benefit of all concerned.

In economic terms, let's consider why there's profit in spamming (sending large numbers of unsolicited emails). This is due to the "cost-shifting" nature of the spam process. It takes very little effort to send a large number of e-mails. But e-mail is not free (as in beer). In effect, the spammer shifts the expense of the advertising campaign, from the seller, onto ISPs and users:

1. The ISP must pay (in resources) to distribute the spammer's ads
2. The user must pay (in time) to delete the spammer's ads

But what does this sorting organization do? Its only task is to try to identify spam from real mail. That is, it is paid to try to identify mail sent from spammers. However, since it is in an adversary relationship to the spammers, the spam-gangs have every reason to try to avoid such identification.

There have been some proposals to facilitate identification of spam by legally requiring labels. But that involves government and law. In fact, it's compelled speech! Instead, since the free market is the solution to all problems, the only proper course of action is to provide spammers with an economic incentive to identify themselves. After all, spam identification is the exact product being sold by third parties, so why pay a middle-man? If one is going to pay, for maximum market efficiency, why not pay the source?

In this scheme, the user pays a mailbox "protection fee" to an umbrella group, let's call it the "Spamafia". In return for this "protection", the "Spamafia" provides the user with a simple mailbox checking system which can be run over mail messages. Because this system works in a manner akin to passing items over a net barrier, it might be termed a "racket". So, the "racket" tests each piece of mail. Those mail messages which originate from members of the Spamafia each contain a certification token. In the process of testing the mail, this token is sent back to the Spamafia, and so redeemed to the individual spammer for a small fee, say a penny or so. In return, the user is given assurance that this message is certified as spam, and so can be automatically deleted without fear of losing legitimate mail. In essence, the spammer is given an incentive to also obtain a small amount of money from each smart user by being straightforward, rather than only trying to obtain a larger amount of money by fooling just a few suckers (and annoying everyone else).

The beauty of the system is that everyone has an incentive to participate. The spammers get more money, as the spams can generate income now from both the suckers, and the nonsuckers paying mailbox protection fees. There's no reason to evade spam-detection, in fact the opposite. The more people signed up to the protection racket, the more certification tokens are redeemed. The smart users get to have a workable mailbox, rather than one filled with junk. And they have the "peace of mind" that the mail being deleted is not important. It's the magic of the market at work.

I think it was Alan Ralsky who bragged about that figure per spam run. I remember reading an interview with one of the more persistent spammers who reported a 1-to-100,000 sell rate, but at 10,000,000 spams that's still a hundred sells.

If you google around, you'll find some web sites where anti-spammers (called "anti"s in spammer jargon) post their insight into the spammers world and psyches. One of the best is the venerable Behind Enemy Lines -- Premier Services Exposed" website.

Lots of info on how they communicate, harvest AOL accounts (that's now dated info, they have devised other techniques for their spam runs), and share the loot. A Must Read!

For documentation on organized spamming, there are two repositories with the dull date: SPEWS and spamhaus.

Spam is reaching the epidemic proportion that I now with increasing frequency receive the same spam on the same address several times, spaced a week apart...

Check out Rokso. This site maintains a database of well known spammers, as well as spam samples, MO's, partners in spam and, yes, personal info for many of the spammers.

Try going to SPEWS and searching on the IP addresses of any SMTP relays used in the mail. If you find a hit, view the evidence file. It will usually contain information about the sender of the spam, their ISP, and related domains.

Subscribe to news.admin.net-abuse.email via your news provider of choice, or search the archives at groups.google.com. If you type in some particulars about the spam - for example the domain being advertised, or maybe the email address listed on the whois for that domain - Google will usually bring up some pertinent matches from NANAE. When it's a new spam run, or a new spammer, remember that Google's archive is usually at least 12 hours behind.

If you don't find anything, or even if you do find something and you're in a sharing mood, post the spam you get to news.admin.net-abuse.sightings and if you've done any research into the spammer, include it at the top of your post.

Shaun

So, there's the ROKSO list of spammers, plus the usual MAPS and so on. Of course, there's also hieristic software such as Spam Assassin...

However, does anyone know of any web hosting providers that actually use these tools? I'm particularly interested in any that use SpamAssassin, as that appears to be very effective.