Who Reads Your @nospam Mail?

pjbrewer writes: "Ever use an address like name@nospam.com when filling out a form on the web or registering software? Think thats safe? Somebody is surely receiving messages destined for these fake nospam emails... and for curiosity or boredom, I checked it out. Nospam.com is owned by Anything.com, which is apparently, as it says on their web page, based in the Cayman Islands. Their page gives a short bizspeak blurb about what the company does (provide strategic advice to internet companies and vc-types). Offshore corporations can be as legitimate as any other, so why does this suggest concern? Could it be that the owners or managers of nospam.com want to avoid US laws for some reason? The Caymans sound like a place to incorporate rather than a place to set up offices and a T1. Am I overly paranoid, or is there something interesting that could be done to analyze people's use of *@nospam.com type addresses or some other interesting use of this content they must be receiving? Nospam.org and Nospam.net appear to be net malls owned by BestOfTheNet."

"my" @nospam mail? It's not -mine-.

[RollingThunder]

Think about it folks. If you don't actually put your email address in the field, why in gods name would you consider the email yours?

You TOLD them where to deliver it. They're doing exactly what you wanted. Don't complain when that actually goes someplace! :)

Use EXAMPLE.COM for this purpose

[Ross+Finlayson]

If you want to use a deliberately fake domain name, please don't just make up something that you think is fake; instead, use EXAMPLE.COM (or .NET or .ORG). IANA has deliberately reserved these domain names for this purpose.

Check out asdf.com too:

[Tom7]

Check out this page at asdf.com, too:

http://www.asdf.com/asdfemail.html

Spamido - The art of stopping spam.

[Moderation+abuser]

Spamido - The art of turning a spammers strength against them.

http://www.yelm.freeserve.co.uk/spamido/

It's Happening to Me Right Now

[InitZero]

wouldn't it be fun to put someone's e-mail that I don't like in my message, to get them spammed to oblivion?"

It would NOT be fun.

Since June 5, I've been the person of which you speak.

If you have done a gnutella (or clone) search in the past few days, you probably have seen my name...

gnut> find anything CURRENT RESPONSES ----------------- 1) email matt@steinhoff.net for kiddie porn and anything 216.10.33.21:6345 size:80.854M ref:84279680 speed:10000

It all started when I noticed that every query I submitted returned an html file. In that html file was a link to http://www.cybergirlsex.com/raw cash/click.cgi?tella...

gnut> find anything and everything CURRENT RESPONSES ----------------- 1) anything and everything.html 216.100.51.42:6345 size:2.83K ref:234946611 speed:10000 gnut> find nothing at all CURRENT RESPONSES ----------------- 1) nothing at all.html 216.100.51.42:6345 size:2.83K ref:117638272 speed:10000

I figured that an ambitious person had hacked gnutella in order to promote the web site so that he'd get some extra cash. I sent email to the the owner of 216.100.51.42 and they promptly shut off the user's connection. I also sent email to cybergirlsex.com in hopes that they wouldn't pay the user 'tella' for the referrals. Spam shouldn't pay no matter how it is done, right?

Ever since I sent the email message to the domain admin for the porn site, my name and server address has been showing up in each and every gnutella response. Cause and effect (and a bit more) leads me to believe that the porn site was 'tella' and they are not happy that I've cut into their revenue stream.

With a bit of investigative work I was able to tie the user who is spamming gnutella with the user who admins the porn site and more than two dozen other domains.

I've got the guy booted off a number of services in the past few days but that isn't much help (though it does make me feel a bit better). It's like playing wack the mole; hit him in one place and he pops up again elsewhere. I'm getting hundreds of email messages from people either looking for child porn or wanting me dead for supplying child porn. (Of note, of course, I don't have any child porn so stop asking.)

I've contacted the FBI's computer crimes division and they are far more interested in the folks emailing me looking for kiddie porn than they are in getting rid of the slime ball spamming my email address. At least the kiddie porn angle got their attention or I imagine this wouldn't have even made their radar.

So, what can I do? I'm already filtering my email so that I don't have to read through hoards of email. (Did I mention that he has also signed me up to dozens of mailing lists?) What's next? While tracking and smacking the first day was exciting, today it's a bit of a drag.

Any good ideas will return my eternal gratitude. (Any especially nasty ideas and I'll give you the guy's email address. {grin})

Matt Steinhoff

(I had posted this as an 'Ask Slashdot' a few days ago and, of course, Slashdot would rather post Anime Moves on DVD.)

Re:It's Happening to Me Right Now

[Valdrax]

Actually, I just hopped onto Gnutella for the first time tonight and ran into the problem with your name popping up everywhere. I thought you were just an annoying marketer since I don't get the kiddie porn bit as a result. Searching for "nonsense" gets me back " e-mail matt@steinhoff.net for nonsense" instead of a result for kiddie porn. Seems like you'd be getting even more e-mail harrasment if this is pointing at you for everything.

On a related note, you might want to contact the makers of ShareZilla. They claim to be selling software that intercepts Gnutella requests and responds with ads related to the search requests. Any search result I get back includes the above URL for their website. This product seems vile and frighteningly abusive enough in its own right, but it may be the tool that the scum ruining your name may be using. You may wish to inquire with them about that.

To be honest, though, I think Gnutella needs to be reworked or replaced if something like this or what happened to you can go on there. It sickens me to see this being done.

Have you considered trying to nail the bastitch under stalking or harrasment laws? How about libel or defamation if people searching for illicit materials are pointed your way? This jerk has to breaking several laws doing this. Forget civil litigation -- file criminal charges.

Use example.[net|com|org]

[wfberg]

Example.net, .com and .org are domain names that will never be registered to any one, they're reserved specifically to be used in examples in textbooks etc. There are no DNS entries for these domains, so all mail should bounce. Thank the boys and girls at IANA for this nice service ;-)

Of course, loads of domain name registrars and ISPs advertise with yourname.com.. Which is of course a competitor! Doh!!
--

Too Paranoid...

[quonsar]

...but I guess after phony leaked Quake screenshots, and another chunk of internet-as-3rd-world-panacea tripe, this vaporware-conspiracy-involving-spam-and-domain-nam es story is just what the doctor ordered. Expect a follow-up detailing NSI involvement...

"I will gladly pay you today, sir, and eat up

O the humor...

[nutty]

root@127.0.0.1 works for me. That way they end up spamming themselves. :)

Of course, the funniest part is when i am told that someone already registered it.
;-p

/nutt

I have an approach to dealing with spam

[SIGFPE]

Whenever I sign up for any kind of service I generate a random 32 bit integer. This is the email address I use to sign up. For example for slashdot I use (4 more than 0x7ff00000)@sigfpe.com. I have a little database that maps these integers to the service I signed up for. If I receive spam on one of these addresses (1) I can remove the address from my /etc/aliases and

(2) I know how the spammer got my email address. If the email address was given to a service that promises not to give out addresses I'll know exactly who to blame.

Basically I can track the spammers like doing cookies in reverse. Even if you don't have access to your mail server you can use 'plus' userids at many ISPs although that isn't quite as powerful. Of course I don't want to feel like I'm just a number and that's why the addresses all start with 0x7ff (geek joke - think about it! :-)
--

Re:So don't do that.

[Syberghost]

Actually, yahoo can do what they want with your email, including letting anybody they want read it. Since it's on servers they own, technically, they own all the email, even users private email.

That has been incorrect since 1986. There is a specific law against it in the United States, and it is a seperate felony count for *EACH* email.

Just like at work, you're employer has rights to read and do what they want with your email since it's on their equipment.

That is a specific exception in the law; your employer can read email that exists in their mail system, and they can prohibit you from accessing your private mail from work (and fire you if you do), but they can't look at your private email even if you access it from their equipment.

Trust me on this one; it's what my last employer's lawyers told them shortly before I left. :-)

--

send me spam! c'mon!

[tomaasz]

I have an account that I created for only one reason: TO COLLECT SPAM. I tried really hard to actually subscribe as much spam as possible, but I'm very disappointed with the results. I only get about 7-8 mails a day. Can you help me?
The address is spambox1 through 4 @atlas.cz, that is:
spambox1@atlas.cz, spambox2@atlas.cz, spambox3@atlas.cz, spambox4@atlas.cz

spambox2 is dedicated to spam for porno sites, so please be nice and respect that.

When I have enough spam, I'll try to find some really interesting pieces and post 'em somewhere!

Thanks in advice
tom