Slashdot Mirror
Spammers Hit Wireless Phones
Fishstick writes, "This article at the Washington Post tells about the new spammer's frontier: wireless short messaging. Apparently, the e-mail address of certain wireless service provider's subscribers can be easily derived from the phone number, making life easy for the spammer who wants to "reach out and touch someone" with their special gift of canned luncheon meat. " My spam e-mail is now about 25% of my e-mail. Thank God for filters (they also work nicely on boring press releases ;)
Sprint and other providers have requested location base advertising ablility. In other words, because of CALEA the firms know where your cell phone is (if turned on and future ones won't turn off totally 8^( ) within half a block or so. This makes location based messaging real. Example you drive by a burger joint and they offer an instant discount on your favorite burger (yes that would be known) if you just turn in now. Or you are a gambler and ... or a drinker and the bars just won't let go..... What an addiction promoting society!!! Gotta love it! A sucker born every min was not enough!@!!!!!
Well, that's the difference. I should never have to pay to receive stuff I don't want and didn't ask for. Get it?
Most digital phones will do "analog fallback". Analog usage costs more per minute. Anyone care to explain why? I'll tell you. BECAUSE ANALOG WORKS BETTER. Think, no, really think hard about the meaning of this fall back feature and why it it's never implemented the other way around (analog with digital fallback).
Digital phone channels are narrower than analog narrow band FM channels (originally spaced 30KHz apart). This allows digital telco's to cram more users into a given spectrum space (helping *them* sell more phones, not helping *you* communicate). Of course, thar be a great whackin' trade off to pony up for the extra channels. Narrower bands means analog won't work. So they digitize the voice and then compress the hell out of it. So if reception is garbled in the least, NOTHING gets through. The analog fallback actually happens back down in the 800MHz band and not in the PCS band where there's no room for analog.
Badly scratched records can still be listened to and comprehended through all the scratchy hissing and popping. Badly scratched CDs... don't play at all. But unlike home audio, getting the message through is more important than 0.00000001% THD when it comes to cell phones. What digital user here whines about the voice quality of his analog wired voice lines at home?
Someone sent out a message to a large portion of Nextel customers around here that said something to the effect that your account balance hasn't been paid and your service will be cut off shortly.
It was actually kind of funny. If I'm going to get annoying messages, I'd prefer them to at least be funny instead of commercial spam.
Face it, it just isn't cost effective to manage shell accounts anymore for such a small subset of customers, especially given the numerous shell providers out there. Yes, it sucks that those who want shells from their ISP can't get them, but it also sucks when the ISP has to manage a shell server for roughly 5-10% of their customer base. Considering that those shell servers are most often the servers that are abused by script kiddies and hackers (not crackers), it's in the better interests of the company to not have one period.
You don't need a shell server to do procmail-like filtering. It's very easy for an ISP to write up a simple web-based utility for its customers that will allow them to perform the same type of e-mail management (and that's a system that everyone can use).
I once got SMS spam from my cell phone provider (Bouygues Telecom). I called them RIGHT AWAY and fucking yelled. Never got one since then. Yeah spam makes me angry.
I got an E-Mail from a spammer the other day, and you know what they were advertising? They were selling E-Mail addresses. They boasted somewhere around 500,000 "VALID E-MAIL ADDRESSES!"
That's about 60% of the spam I get. Makes you wonder how much business those spammers actually get if the only people they get to promote are ... themselves.
I don't trust other people's anti-spam filters. I have yet to see one that doesn't periodcially throw out legitimate email, and that is quite unacceptable. Many of them claim 99.9% success rates, but from my experience, it's more like 80%.
It shouldn't be the providers role to stop incoming spam anyway. That just means you're paying to have someone maintain their filters and the extra computational horsepower to run those filters.
The simple fact of the matter is that spammers need to be held accountable for the expenses their advertising creates. It's already illegal to send fax-spam, because fax paper is a commodity that people can easily understand as costing money. Bandwidth, on the other hand, isn't something people grasp as easily, but that doesn't mean that the money it costs is any less real.
What we're seeing now is that the economy is getting "tapped out" - we're using all of our resources to their fullest - people, capital, land, entreprenuership - it's all there, and in use. So companies are fighting with each other now because we're running out of available resources. Whether it's for employees or customers.
Result: SPAM! Spam doesn't cost much money. And, like toxic dumping in international waters, it's easier to let someone else deal with cleaning up the mess - and cheaper.
Suprise... welcome to the /downside/ of global capitalism.
Private Citizen looks useful, but I'm hoping that the new service I signed up for from US Worst, er US West will stop some of my annoying phone calls.
I've been able to strip out most of my IMAP e-mail spam by setting up "Rules" in Outlook to dump the stuff as it comes in.
What would be REALLY useful in an e-mail app would be an equivalent of the RBL for mail clients. You update your spam file daily, and anything from those known spam avenues is automatically deleted or moved into a "Spam?" folder or such. It'd need to be a universal format, something that Netscape/Outlook/Eudora could use, as well as the folks who like Pine/Elm/mail whatever.
My roomies and I receive about 3 Telemarketing calls a day, so yesterday I signed up for an option where anyone who would normally show up on caller-id as "Unavailable" or "Out of area" is prompted to speak their name and press a tone to connect to us. The phone then rings with a unique sound, and we hear their message, and are given the choice to take or deny their call. I'm betting most telemarketers won't even get that far, as they'll be unable to do the necessary button-pushing to enter their name, since the systems are highly automated.
Anyone have any experience with this?
---
When in danger or in doubt, run in circles, scream and shout. --Robert A. Heinlein
Couple of BITS? Try dozens of e-mails a week. Have you ever set up a brand new AOL or Hotmail account, and just let it sit there, without using that e-mail address or publishing it anywhere? You can end up with dozens, if not hundreds of pieces of mail a month in those accounts, and all you ever have to do is open your inbox and check it once in a while.
Also, if you ever take a laptop on the road, even with a good modem, you're going to start getting pretty annoyed with those 'couple of bits' of junk e-mail when you dial in through a hotel PBX and get, at best, a 30K connection, then have to pull all that crap through along with the two or three pieces of real e-mail that you want to read.
And yes, junk mail in real life is annoying, because 1) I have to sort through all of it to make sure I want it, and 2) it's a waste of natural resources.
Now, did you really mean that, or was that the kind of reaction you were trolling for?
(they also work nicely on boring press releases ;)
I guess that explains why so many ppl's submissions never get posted...
I wouldn't post your submission either, if you emailed it to me instead of using the story submission form...
Jay (=
But down at the bottom, under the "gee, we all hate spam" rhetoric, the real reason MsgTo.com exists ... is as a conduit for targetted marketing.
I'd be more impressed if there was an option to pay cash for the service, instead of handing over my eyeballs. Ad-supported services are not "free".
The only argument I could see is that your sms data buffer might fill up with spam and your /would/ drain the batteries (not to mention being unimaginably annoying). I presume that if one had the phone muted this wouldn't happen, but really. that's annoying.
business-critical messages might not get delivered until you clear out the junk
Which is what I was saying. But your battery point is well taken, I refuse to own a cell phone so I'm no expert, or even particularly knowledgeable. However, this particular spam made the phones make sounds (similar to the battery-dying chirp), which I could imagine
Returned Peace Corps IT Volunteer
My once great ISP, Interlog, wrote a procmail script for filtering email at the shell level. It's beautiful! It came pre-configured for a certain number of domains or addresses, and if you got another SPAM through your account, all you had to do was go into the shell and edit the .spamrc file.
Then Interlog got assimilated by PSINet, and one of the first things to go was the 10M of disk space (now 5M), then the UNIX shell. All us regular Interlog customers got up in arms and complained mightily to the PSINet dorks, and for now, the shell is still there.
While I didn't use the shell a lot, that was one of the best things about it. Now most ISPs don't even offer shell access where once it was commonplace. Grr...
Now I just have to worry about getting spammed on my 2 other accounts.
Pope
It doesn't mean much now, it's built for the future.
If they have an 800 number, call them repeatedly and waste their time.
This is a bad idea, as you could then be liable for harrassment.
However, calling once is OK. So your aim is to make that single call as long as possible. Tell them why spamming is wrong. Tell them how much spam costs other people. Give them an example of what spam is like. Read them the classifieds from an old edition of your local paper (they must be out of date ads that are not placed by you to dodge telemarketing laws, of course). Read them other bits of the paper. Move on to magazine articles. Explain in detail why proper alignment and collimation of a Newtonian reflecting telescope is essential to get good images of the night sky. Read them the DeCSS source code. When your voice gets tired, leave the phone next to the stereo so you can let them have a sample of your music tastes or your favourite radio station.
Basically, your aim is to make that call very expensive.
I understand that many spammer 1800 numbers go to automated systems that give a recorded message and then hang up. Try pressing 0 on your phone to see if that interrupts the message; if it does, then you might be able to prevent the phone from hanging up. Then you can start emptying that spammer's bank account with your fourteen-hour phone call.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
It is not going to be effective at blocking all spam, and here's why. I have received duplicate spams a number of times from the same source, and what I often see when this happens is that the spams are slightly different.
Examples:
The body of the message might be mangled so that they are slightly different, so that a straight comparison between the message bodies will think that they're different.
The forged "From:" address might be different each time, so filtering on that won't work.
The Subject will also be mangled so it's different.
However, almost all spam that I have received recently has one or more of three defining characteristics that identifies it as spam:
* A web site address.
* A US-style telephone number (for example, 1-800-555-7726).
* An American address that ends in a state abbreviation and a zip code.
If it also contains "S.1618" in the message, then it's almost certainly spam. (If you've received spam, you'll recognise this as a bogus reference to an American bill that was defeated. Quoting this bill implies that the spammer has a right to send you the crap.)
More on web addresses: spammers usually obfuscate their web site addresses in their spams. The obfuscation is distinctive enough in style to make an effective spam filter.
Examples are URL's with the "@" sign somewhere in them, HTML-style %xx escaping of alphanumeric characters, or a URL that begins with a number like 3141592653. Often, you'll see all these methods mixed together in a futile attempt at obfuscation. If your filter sees a URL like this, the message is almost certainly spam and may be discarded.
90% of all spam that I receive comes from one of two classes of IP addresses: addresses that are on the MAPS DUL (Dialup User List) or on a list of open relays such as ORBS. Block all SMTP connections from these sources, and you'll block 90% of your spam.
Of the remaining 10%, you can stop 90% of that if you filter the message by searching the body of the message for addresses, telephone numbers and obfuscated web site addresses. Your filter might not be perfect, so it might not stop all of it.
Do both of these, and you'll stop 99% of your spam.
Here's another idea I've had that may or may not work. It's based on using the bogus From addresses that the spammer uses against them. If you validate those addresses as the mail arrives, then you can block the mail if the address named in the From header doesn't exist.
Here's how the SMTP might look.
host1 sending to host2 (host1 is a spammer)
host1: HELO
host2: response
host1: MAIL FROM: bogususer@host3
ok, so now you validate "bogususer@host3". Start SMTP with host3:
host2: HELO
host3: response
host2: MAIL FROM: postmaster@host2
host3: response
host2: RCPT TO:bogususer@host3
host3: response that tells if user exists
host2: QUIT
host3: response.
(VRFY is now disabled on many hosts so it cannot be used to validate a user.)
Now we continue our original SMTP session. If the user exists, we continue with the SMTP session as normal. If the user does not exist, we assume that "bogususer@host3" is a forgery and terminate the SMTP connection.
host2: error (to host 1)
(close connection)
There's probably problems with this method, but I don't see anything wrong with it as a verification tool. It will probably stop another 90% of the spam.
Basically, the battle against spam is finding a series of methods that each stop 90% of spam. This is a 90% rule that I have discovered. Three different 90% filters applied successively will stop 99.9% of all spam that reaches them, thus reducing your spam considerably.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
I was out somewhere and pretty busy and my cellphone beeped. I jumped to check it and discovered it was a spam message advertising some cellphone accessory store. If I get another unsolicited message I'm complaining to my provider and if I get a third I'm cancelling the service. Why? I carry my cellphone for calls I either need or want to get. I expect an infinite signal to noise ratio. This is why I pay for the service.
Someone has already mentioned that we pay for unsolicited email while the sender pays for snail mail. This extends beyond the purely financial, however. I read email in my leisure time and deleting a few messages that my filters missed isn't a very big deal. It beats killing trees to annoy me. But cellphones and pagers are carried to make an individual accessible during non-leisure time. In a sense, they are a doorway through which we allow our privacy to be invaded in exchange for very specific benefits. While I might find junk email annoying, getting junk messages while I'm eating dinner at a restaurant, in a meeting, at a movie, or driving my car, makes me downright hostile. It violates the very purpose of the device by introducing noise into a stream that should be all signal, and disrupts our private time in the process.
Another person replied to this thread by saying that no spam would be sent if it didn't generate any sales, so we should all boycott spam. I think that we all probably already boycott spam. I can truthfully say that unsolicited email, telephone calls, and web banners have never solicited so much as an instant of my attention. There are, however, and will always be a percentage of the population that DO respond to this type of marketing. Since it's free to do, even a 1% response rate makes it a worthwhile pursuit, especially since a single email can be sent to millions of people.
Do I favor anti-spam legislation? You bet. Say whatever you want, just don't force me to listen. In the short-term, telco's should become aware of this problem and install filtering software. If they don't and I continue to get spam pages I WILL cancel my service. It's that important to me. I don't want to adjust, I want my privacy.
I have used MsgTo for about a year now and I have never had a single SPAM mail show up in my Inbox! Sure, there are some other features that would be awesome, but for the pure SPAM scrubbing utility of it, there is nothing better.
"Perhaps most amazingly, votaries of 'diversity' insist on absolute conformity." -- Tony Snow
why not?
Many states are considering banning the usage of cell phone while driving claiming that it is very dangerous and has been the cause for many accidents. In some states these type of laws have actually passed.
So, with some much precedents in place, how hard would it be to sue plugout.com saying that their spam email caused a car accident (or some related thing you might be able to sue about) ?
I know it might a stretch - it's just an idea. Generally speaking I am not as "sue happy" as most americans, but I have just about had it with email spam, spma that comes through ICQ, direct marketers that call me DAILY or come to my door, and now... "instant cell phone spam messaging".
It has to stop.
Just a short note: If you are using Linux (oh, let's be politically correct, make that any flavor of unix), you always have access to the mail server. Most distributions include sendmail or qmail, trough which you can define filtering rules.
If you have a POP3 account you can get your mail to your local machine by using fetchmail, which (if I recall correctly), includes spam-filtering options.
2 links:
Linux Mail users howto
Linux Mail administrators HOWTO
I strongly believe that trying to be clever is detrimental to your health. -- Linus Torvalds
I could not believe it when my text message alarm went off and it was a SPAM for term life insurance.
It prompted me to write a very annoyed entry on DaBuzz.net.
If you want to feel my pain, go check it out.
You set the IQ level for calls and messages you want to accept.
Why don't some enterprising hackers trace spam back to its source, find out the names of the executives of the spam company, and publicly post their names, phone numbers, mailing and email addresses? Everyone who recieves spam can politely call them once (at 3am or whenever is convenient) and ask them to stop spamming. There's nothing illegal about that, and spammers will quickly get the message (or go nuts). We could register spam-the-spammers.org, and use it to co-ordinate our efforts. Simple, quick (except for a few volunteers who do the actual tracing), legal, and very satisfying.
The reason SPAM is rampant, at least on UU.NET, is that it is the largest supplier of residential, permanent internet connections, i.e. xDLS. So now you have many amateurs running computers full time on the internet. Now with the growth of linux and the naive nature of amateurs you have unprotected SMTP servers just sitting out there for the SPAMers to find! And for the fact that the spammers can get a Linux box pre configured with Sendmail, RedHat 5.x and 6.x, and spam from a dial-up connection from something like NetZero. You don't pay for the SPAM and you don't pay for the internet connection!
This, kinda, happened to me... I was a linux newbie. I installed RedHat Linux 5.1 on my PC. My PC was on a cable modem. Anybody with a little knowledge could have used my server for SPAM. Now I have a decent firewall protecting my server and ONLY the ports that I need are open. I use ssh instead of telnet...
Until security is implemented by the ISPs and tighter regulation on SPAM it will be something all us netzins will have to put up with.
A little off topic but while on the subject of SPAM here is a neat little trick for auto responders...
Reply to an auto responder with your reply-to address of that auto responder. If the person who set it up forgot to deny mail to its self you'll have one busy auto responder.
Or if the person who set up the auto responder was smart and set it up to not send mail to its self send an e-mail to the auto responder with the reply to address of another auto responder and watch them duke it out.
If at first you don't succeed, skydiving is not for you.
Dunno about PSI, but SpewSpewNet has a reputation for spam-friendliness. They were subjected to the Usenet Death Penalty in August 1997, and responded with legal threats, obfuscation, and just about everything else except a committment to fix the problem. They eventually put a stronger policy in place, but establishing a policy is not equivalent to enforcing it.
/.
/. If the government wants us to respect the law, it should set a better example.
I just got a paging cell a few weeks ago so that I could monitor our work systems 24/7. About 4 days after I got the phone, I got spammed.
It's to bad the spam ended: "For more information, call". and just ended there. If I had got the call at 3am instead of 5pm, I would have been bloody furious. Maybe they expected me to respond, but I can't see the actual address on this cell...
Otherwise, the cell contractors have an opportunity here to extort payment for blocking or caller ID services.
Caller ID services are VERY commonly included along with cell-phone packages at no extra charge, mainly because you can (if you're over your free time or whatever) pay per call you answer.
Trees can't go dancing
So do them a big favor
Pretend dancing stinks!
What's the best way of filtering SPAM mail if you _don't_ have access to the server? Which mail reader programs have the most advanced filtering options? Any general tips for spam filtering? And if I need to "RTFM", which manual should I read? :)
-Ted
I received many such emails -- then they stopped :-).
For other people, you might want to look into the Art of Lart. It's a great document specifying how to deal with spam, who's reponsible, and various counter measures.
My usual policy is to trace out any ISPs reponsible -- wether they are the providers for the originator, or they are a "Reflector" open relay. I also mail any service listed in the email. abuse@, postmaster@, webmaster@, and manager@ cluster-emails tend to get noticed. Add to that the usual fun of calling their 1-888 numbers, and you have a recipe for revenge.
Speaking of which, I was recently spammed by these nutrional people selling pill which cure snoring. 1-888-688-6354 -- it's a laugh.
---
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Ok considering you get billed massive quantities of money for all this is there an effective means of prosecuting the people who send you things like this? Unmetered net access makes traditional e-mail solicitation almost harmless. However you cold theoretically screw you favorite target with all sorts of crap and make him pay. Quite nasty.
Slashdot social engineering at it's finest
That's unfortunate that the pricing structure is set up that way.
Have you ever seen someone telnet to the POP3 port and scan the subject lines of the emails by typing in POP commands ?
They can get enough information to filter spam without downloading the whole email.
It would seem that the key would be making it easy to use and setup with your account -- as a plugin to the Netscape mail handler, perhaps.
True. But I really don't think it's very likely that a hit and run spammer will sue me for harrassment. They're sending unsolicited adverts, with forged headers, and abusing someone else's server. Would they really want all of their contact information laid out in court documents? They'd be sitting ducks for counter-suits and other fun.
More so the handshaking involved when your cell phone gets a message. (or whatever, it seems like the transmitter is busy when I get a SMS too)
But you're right. 5h talk and 50h standby is an absolute minimun nowadays. I charge my two years old Motorola every third day and it is almost never off. A new Nokia or Ericsson could last a week.
Worse is the fact that if I'm abroad *I* pay for the international charge. The sender just pays for a domestic call.
All opinions are my own - until criticized
Responded AT&T customer Ryan, "They're not doing me any favors by soliciting me over my cell phone."
Because the boom in cell phone usage is recent, this is the time to demand a ban on cell phone solicitation. If you thought solicitations over the home phone were/are such APITA, what more could a company want than to expect you to jump every time the cell rings with an "important" call? Otherwise, the cell contractors have an opportunity here to extort payment for blocking or caller ID services.
To-do List: Receive telemarketing call during a tornado warning. Check.
LoL I have a phone that works just like that that.
:)
5555555555@messaging.sprintpcs.com Viola.. email to my phone.
A 100 character message. I was like what happens of I begin receiving large amounts of unsolicited emails. They said to file a customer service complaint etc and the charges could be taken care of.
That comforted me some but it is and was still a slight fear of mine that I will turn on my phone to find 200 messages over my limit or something and then.. guess what 10 cents a pop. That puts me out about 20 dollars, So its not a LOT of cash.. But it did unerve me a little to think that can happen.
However the service IE customer-sprint has always been good and they are very responsive with all of my questions, I spent like 40 minutes with one of there developer stalking about HDML!! LOL.
Anyways if you are in a metropolitan area sprint pcs works well, If you are in the middle of no where.... Forget it.
Well my point is im not afraid at least with my current provider (until they prove me wrong
Jeremy
So what's the next move? this kind of situation:
You talk with your girlfriend on the phone and all of a sudden: -Please don't hang up. Your conversation will resume after this short message: Today on EBay - golf clubs starting auction starting at $1!...
(meanwhile on the other side:)
-Please don't hang up. Your conversation will resume after this short message: Tampax! Because you've got too business in your hands!...
? FUCK THIS.
THIS IS FUCKING BULLSHIT!!!
You can't handle the truth.
On my Nokia Communicator I *could* write an application that monitored the text message queue and delete spam. Mobile phone spamming hasn't really happened much in Europe yet though so I'll wait until then...
--
That's always the way isn't it? You have to make it personal before the people who legislate actually care enough to do something about it and we're not just talking spam here.
--
For only $29.95 a month and a $74.95 activation fee plus $299.46 installation and a $14.95 adapter (Net weight 4lbs. 2 oz Adapter sold separately), we will remove your name from our mailing lists. No more stupid messages like the one you are reading now.
Please call 1-900-StopSpam for more information.
Thank you.
kwsNI
And don't forget to CC: SignMeUp@Spam.Com when you forward this to all your friends.
kwsNI
Unfortunately, I don't think so since it is a text message and not a voice call. This technically isn't telephone service, but short messaging delivered to a PCS handset. It doesn't use the voice channels, it uses the data signalling channel to deliver text messages. If the TCPA covered text pagers (which I didn't think it did) then you might have a case, tho.
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
>However, this particular spam made the phones make sounds (similar to the battery-dying chirp), which I could imagine /would/ drain the batteries
Yes, this would only nominally drain the battery. Nothing compared to the current that needs to be drawn for actual voice com. Battery tech these days in handheld phones is pretty advanced. Day-long standby is the norm now. Plus, you can set the sms alert to silent if it bothers you.
Someone made a comment at lunch that was pretty interesting, though. If you get a phone from your employer so they can get hold of you in an emergency and you rely on the sms alert to let you know that something is going on, getting a constant barrage of spam messages really interferes with that. If you get lax in responding to sms chirps because 90% of the time it is just junk, that would really defeat the purpose of low-latency wireless communication. You just end up ignoring it and when all hell really does break loose, you don't jump out of your skin and check your message right away because you are so sick of 'false alarms'.
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
As another poster mentioned, this isn't a "call". Just because a device is capable of features X and Y does not necessarily mean laws about X usage apply to feature Y.
It's like trying to apply the same "cell phone" laws to Palm Pilots with telephony, or your PC with its own modem.
And then what happens with people that set up cellphone aliases.. e.g. jondoe@cellphone.example.com which redirects to 5105551234@whatever. Are the senders responsible for the legal implications of spamming a cellphone then? How could they know?
Of course, spamming sucks one way or the other, and if I had my way, it would all be banned entirely..
This is why gun control is a bad idea.....an Ithaca pump or a Colt .45 1911A1 is the best answer to spam.
Bwaaaaaaaaaaaaaah ah ah ah.
Fucking spammers.
Latest spam story that happened to me: a French company (I hardly ever get any French spam) spammed thousands of webmaster@*.fr ... including a few dozen of domains for which *I* am the webmaster. Guess what that company sold? INTERNET TRAINING! That's right! I called them and insulted them and abused them. AAaaah. I felt better.
Spam wastes time, bandwidth and the energy expended in filtering the junk out.
Spam on your cellphone considering the rates charged for time used is even worse.
Everyone agrees to this. Why can't there be some sort of law passed to prohibit this sort of nonsense? I thought that the fax spam law that says if it costs the person getting the fax money that it could be prohibited. Why is it taking lawmakers so looong to react?
ACK
The major reason spam is a problem, is that it pushes the costs onto the recipient and the recipients ISP.
You thinkjust cos you have 1 or 2 email spams a day, big deal, hit delete.
Now think of this from an ISPs standpoint, you have 500k+ users. You have joe schmoe spammer, who decideds to spam every conceivable name in the dictionary @ispa.com, he forges user@ispb.com as the sender of the spam, and he sends the spam through open relay in godknowswhere.co.ko (makes tracing difficult)
Now, thje scenario is set.
1) ispa.com has just recieved those 2 or 3 spams for 500k+ users, and needs to store all of the messages, means increased mail server space and bandwitdth since that email did not come in once for all the users, but 500k+ times.
2) all of the bounce backs that are generated by user unknown get sent back to user@ispb.com (and I have seen spam runs generate millions of bounces and literallty destroy a small ISP's mail servers and bandwidth).
Who pays for all this, you can damn well bet the ISP is going to put the cost onto the user for better equip when it comes tmie to upgrade.
Spam is bad, there is no reason for emailing someoen somethign they did not request, and if I had it my way, I would have every single ISP that has an open relay server blocked completely at the router level at all the backbones. no traffic gets through, but hey, I have no control so oh well.
I came, I conquered, I coredumped
Where would I get all my porn?
;-)
Where would I find out about donating sperm?
How else would I make $5000 a week for surfing the web?
spam has its uses
Thanks to the informative link that sqlrob provided:
(iii) to any telephone number assigned to a paging service,
cellular telephone service, specialized mobile radio service,
or other radio common carrier service, or any service for
which the called party is charged for the call;
I certainly get charged for a text message I receive. Someone noted that this section also covers pager numbers. I say this:
I get charged for the message;
The message is sent via my phone number;
A text message is functionally indistinguishable from a page (which is, I imagine, elsewhere defined broad enough to allow this interpretation);
and I receive the message via a telephone device.
Therefore, the action is in violation.
If my lawyer can't argue that, he's fired.
--
Terrorists can attack freedom, but only Congress can destroy it.
Yes, the SMS services of GSM used to be free, back when it was almost unused and there were no gateways from the internet. I once had an almost continuous stream of messages going back and forth between a few phones as a security service, probably sent 39K messages total in 3 months. Remember the TCP over email tunnel? I had just started coding an IP over SMS driver for linux when SMS charges started. But now almost all GSM providers charge for SMS, and especially SMS email gateway functions, either for a fixed number per month or per message.
Belgacom and Proximus have anti-spam features in place on their internet --> SMS gateways, and are starting to block thousands of messages per day from spammers. They both block all messages from UUNET and AOL and a few other well known spam relays, and don't even bother to look for legitimate messages from there. There are hundreds of 'trigger' mailboxes of dead numbers that nobody should be sending messages to, which is a good method of stopping spam pretty quickly before the customer service lines start to light up.
France telecom (itineris) have no such protection measures in place except for extremely rude and untrained front line customer reps. But the SMS service is now an opt-in pay up front service, so very few mailboxes are actually enabled. But for those who have the email --> SMS gateway paid for, expect a few spam messages per week. This is outlawed in france, but there is no enforcement because france telecom refuses to track down the sources. Most of the french spam comes from within france, and is for french businesses, so it wouldn't be very hard to find them and make a few examples.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
Well, in the UK, people have to pay for local phone calls, so they have to pay to get spam regardless of their internet connection fees.
:)
Even now, not everybody has unlimited internet for a fixed price.
Similarly, it is illegal for people to send spam faxes because the recipient has to pay for them (paper and ink, at the very least).
Besides, haven't you ever felt the thrill of seeing "you have new mail" and then been disappointed to see that it's just "make $$$ fast"?
-Zuff
In previous slashdot spam discussions www.privatecitizen.com has been recommended as an excellent guard against unwanted phone and snail mail advertisements. I don't use it ( I see using the court system to go after these people as only slightly less objectionable than using the legislature), but perhaps someone who does can comment on it's effectiveness and whether it would guard against cell phone mail spam ? It seems that privatecitizen depends on being able to distribute a list to known advertisers, and I think that many spammers ( wireless and regular ) are much more fly-by-night types.
Several times in this thread Europeans have jumped in saying that they have to pay to download spam because of non-free local calls. But it is technically possible to make a good spam defense even without having to download the entire spam:
- Get a shell account and read your mail on the server, downloading only what is displayed to you. Of course, you pay for the connection while you stare at messages and compose them, so you might look into something more sophisticated, such as . . .
- Get a shell account and split the spam with procmail or the equivalent (on the server), and set up something like fetchmail to only get the important stuff, plus a log file of all the headers/subjects of the spam, just in case an important one slipped through the filter and you want to actually look at it. Or . . .
- Have a program that talks directly to a POP server once you are connected, that downloads just the headers and subjects, starts downloading everything obviously not spam in the background while presenting you with a list of of everything so you can select things to download and read and things to delete unread.
Why haven't European (or American, for that matter) ISPs already provided this as a service to differentiate them from their competitors ? Why haven't any of the free software people provided the same, just as they provided junkbuster ?I suspect it is because annoyance at spam is not as widespread as a vocal minority would have us believe. It is just not that big a problem in the larger scheme of things. Otherwise someone would have already written the program I listed last above and they would be making money going to ISPs and integrating it with the little custom windows dialers and email clients.
Web banner ads are more annoying and take up time right when you are trying to actually do something (look at a web page), so fairly effective filters came out quickly. But I suspect that most people also stay on longer than necessary just to download their mail, because they briefly check the slashdot headlines for example, and their mail can download in the unused bandwidth while they browse.
I am afraid that we will let government regulation do it's usual heavy-handed solution that will only stop 50% of the problem anyway, rather than picking a technical solution which involves less emotionally gratifying yelling (and slashdot posts) and would solve 80% or 90% of the problem. If non-download filters were common and the default on ISP services, response rates to spam would drop.
There was this stupid school or something which kept sending me email, almost every other day saying "NEED DEGREES FAST LIKE TODAY".
Obviously they were using false email addresses and there was no point trying to get the providers to disbar them because I doubt they intended to use any of those addresses again.
However, they had a phone number in there which you were supposed to use to reach them. I called that number and at the tone, yelled out a tirade of abuse and insults ending with a threat to call the police if the emails didn't stop.
The emails stopped. I hadn't left my name or anything so, assuming I wasn't the only person they were spamming, I guess they stopped spamming everyone.
The point of my story is that most of these spammers have to provide you a way to get back to them if they are selling something. That is what you should target to get back at them, not the email address they are sending from. If it's a website, get the provider who provides a link to that website to turn them off. Hurt them where they think the advertising will help and make the spamming pointless
Mmmm.. Donuts
Very few wireless service providers give you an unlimited number of messages for free. Most of them cap it at 250 or 500 per billing cycle. After that they charge you a few cents per message. And what happens when the cellphone companies start offering a lower cost text messaging service that charges per message?
This is along the same reason that europeans hate spam so much. In Europe even local calls are billed by the minute, so every email spam they get takes time to download which they are then billed for.
"You can't fight in here! This is the war room" --Dr. Stra
Rudy Temiz, the company's 22-year-old president, said yesterday afternoon that he didn't plan to repeat the exercise but expressed no remorse either, saying that the marketing technique had generated "quite a few" sales.
This is what encourages spamming. People need to be educated that they should not purchase anything from spammers, even if it's a product that wasn't advertised to you. If they offer you something that's a really good deal, be wary. These companies are usually fly-by-night or startups that may not be around in a few months.
As the owner of a vibrating pager, and of a few pairs of those boxer shorts with the pocket in the crotch, I have to say that I don't object to being spammed in this way anything like as much as normal spam. Just not when I'm trying to put my contact lenses in, OK?
-- the most controversial site on the Web
I got an E-Mail from a spammer the other day, and you know what they were advertising? They were selling E-Mail addresses. They boasted somewhere around 500,000 "VALID E-MAIL ADDRESSES!"
Now, you can be *anywhere*, and get a chirp -- SPAM CALLING. It's infuriating. Thank goodness I don't have a cell phone - I despise them....but I can feel for those who will be affected by this crap. (What gets me, is that almost everyone who can do anything about spam is so blasé about it. They just don't care.)
On an unrelated-yet-related side note, what do ISPs actually DO about reported spam? I've noticed that 85-90% of my Spam can be traced back to either PSI.NET or UU.NET. Of course, I forward the mail to ABUSE@xxx.yyy, and they send me the standard "We've recieved your complaint, blah blah blah" and "We have taken action against those responsible, blah blah blah", but it just KEEPS COMING IN from those addresses. Not everyone on those services is a Spammer, so I can assume 2 things:
If they terminate the spammer's account, they have no problem giving the spammer another one.
OR
They really *aren't* taking any action whatsoever.
In either case, I can only guess that these services (as are any others that do the same thing) are Spammer-Friendly. That makes me Sick.
Oh, I've also noticed that AOL has changed their abuse structure. Just for your information, AOL no longer accepts Spam complaints at abuse@aol.com. The NEW address to send SPAM complaints to is: tosemail1@aol.com.
(AOL never gets back to me. They must hate acknowledging that something is WRONG in their perfect service.)
-- Give him Head? Be a Beacon?
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
because this will get spam laws accepted, challenged, and cemented a LOT faster than the current process. Why? cell phone access is metered, battery-limited, and often business-critical. "Sorry, I didn't get your voicemail about the system being down because all the spam ran my battery down". Right. That'd go over like a ton of bricks--and get the spammers sued for liability and lost earnings.
We should make sure that the laws that come out of this (and there WILL be laws, just as there WILL be cell-spam now that it's possible) also cover other forms of spam, including email and direct-mail.
Returned Peace Corps IT Volunteer
Email addresses are irrelevant, unless the spammers are stupid enough to give you a valid reply address (like "write to sales@idiot.com for a catalog!"). The name of the game in spam-busting is the Received: headers.
Track the spam back to the SMTP server it was sent from. Do a WHOIS on that domain. Email the listed sysadmin, as well as abuse@that_domain.com and explain how open relays are just like letting spammers steal their money. Also:
Do I take spam-busting too seriously? Hell yes. But I've inflicted a lot of damage on dozens of spammers, and gotten a few dozen open relays shut. Every little bit helps.
The point is: snail junkmailers pay for their junk. Spammers make others pay for their junk. And the fact that emails are so much cheaper just means that if spammers were not being fought, we'd quickly end up with 99% of all email traffic being spam, effectively destroying emails as a medium of communication.
The illegal we do immediately. The unconstitutional takes a little longer.
--Henry Kissinger
The people that got these messages may be in luck, to the tune of $500 USD. The TCPA bans automated calling of cell phones . It certainly seems as if this falls under this umbrella. I would certainly like to see this prosecuted.