UUnet's Case Study, or The Trouble With Spam

Eggplant62 writes: "In the wake of recent reports of spam-friendliness at big ISP's like AT&T and PSInet, [this article] takes a pretty good look at the problems UU.net is having with enforcing their AUP when it comes to unsolicited email. According to the article, it can take "two to four weeks to shut off a spammer's digital tap." The author of this article solicited news.admin.net-abuse.email for material for the article." Guess it isn't easy even for the big carriers to end the pink-meat congestion.

s0meb0dy f1re the LAWYERS

[perdida]

Stupid numeral-alphabet switches aside..

"PSINet confirmed the existence of the contract, which allows Cajunnet to send unsolicited e-mail messages directly from PSINet's networks, saying in a letter posted on its Web site that the contract was handled by a junior lawyer in PSINet's commercial contracts group and pledging to better educate its sales force.

"This would all seem to indicate that there are more pink contracts out there than the consumer is aware of," said Maurene Caplan Grey, a senior research analyst at high-tech market research firm Gartner. She said that while PSINet may have looked at such a contract to improve its flagging finances, the temptation for ISPs to secretly circumvent no-spam policies doesn't pay off. "My gut feeling is, assuming they get caught, it's not worth it. It's poor business form. You won't get partners. You will be blacklisted."

Yeh right. earlier in the article it mentioned that spammers don't give a shite about whether or not they are on the account for a few hours. it's all the same to them.

Furthermore, as we have the tech-world stock-drop known as Dot Bomb, more and more desperate folks will be turning to any moneymaking source possible. The number of USERS isn't gonna drop. the number of SPAMMERS isn't gonna drop. the number of successful ISPs is, and to stay successful a few will cater to the spammers' market, and many ISPs may let 'em sneak in while promising the bulk of users they are anti-spam with stern TOS's.

Re:"Broken Windows" approach to dealing with Spam

[Eggplant62]

On the other hand, they'd ultimately have less work to do; how many spammers would use the service if they knew that they'd get about 24 hours of use.

The problem lies especially in the fact that many other large ISPs can clamp down on a spamming user with very little interference from their sales or legal departments. 24 hours, let alone 30 minutes, is too long for a spammer to stay online. When you consider that some of these clowns set up T3's and OC1's and that they can blast 100,000 emails in about 17 minutes, there's where uu.net has it all wrong.

Rich
--
Consumer Watchdog! Yes, we're rough on bogus businesses! And today,
Consumer Watchdog reports on protecting you, the consumer,
from being consumed by dangerous products and phony packaging. -- Firesign Theatre
TINLC Unit #2309 Death to all spammer accounts.

Can Someone please explain this to me...

[h0mi]

There's 1 thing I do not understand about the generation of spam. I've got accounts on several places, and it makes sense that if my email address were made public somehow (ie usenet, forums like this, etc.) then spmmers can easily retrieve my address & send mail. (hense the Yahooo instead of proper yahoo in my email). Here's the part I dont get. I open an account on hotmail, or AOL... especially AOL, and the emails come pouring in. Porn, Herbal Viagra, all sorts of crap I didn't ask for. And I didn't broadcast the addresses to anyone. So how did they find me? I don't get it.

Re:Can Someone please explain this to me...

[J'raxis]

Well, there's the dictionary attack for one... if its @hotmail.com or even @hotmail.com, it's as good as spammed.

And did you make *absolutely* sure you actually unchecked their various "Do not list me in <some directory>" boxes? Otherwise you're address is available.

I even saw this attack once: I had an email address <somename>@usa.net. I used it in Usenet, and it got spammed massively. I have the account <samename>@hotmail.com, mail.com, usa.com, etc, etc. I've been VERY careful not to let these addresses appear ANYWHERE, and yet they've been spammed!

...It seems some spammers actually crosscheck usernames they've harvested in OTHER possible domains! These spams I received actually had a Cc line containing <samename> @ every big ISP from uu.net to earthlink.net.

I am the Raxis.

Re:uunet doesn't give a shit

[The+Cisco+Kid]

Uhm.. UUNET is only in charge of their own network. They are an ISP, and if one of their customers is sending spam then it has to be reported to them so they can get cut off.

UUNET isnt 'in charge' of anything other than that.. They arent 'in charge' of spam - each ISP is responsible for use of its own network.

Only mail that actually originated from (or was relayed through) a UUNET IP address should be reported to abuse@uunet.com - if you are (or were) sending ALL of your spam there then all you are doing is wasting their time..

There is no central organization in charge of spam, and even if there was it would be useless.. Go read http://maps.vix.com, http://www.mail-abuse.net and/or http://www.spamcop.net for real information on the topic of spam, and REAL things ISPs can do about it.

Re:The truth about shutting down accounts...

[Technician]

I think all accounts should be limited to no more than 50 e-mails/day. Who writes more than 50 e-mails a day. It's already in the user agreements for most ISP's not to bulk e-mail anything, so that shouldn't be a problem. Any exception should require a contract (pink) and a deposit (very hefty) of about $1 per email to raise the daily limit. This could be used by clubs and such that really do have a membership that would like to receive a newsletter. A deposit and no complaints would get them started and keep them going. Abuse would eat the deposit. Complaints are deducted from the deposit at a rate of $250 per complaint. This should restrict most ISP's from being used to annoy the masses.

Port 25 filtering is evil!

[sanemind]

I have a 24/7 broadband connection with better then 99.9% uptime at home, and I quite enjoy the minor hobby of being able to run my own tinsy little server on it. I have apache and sendmail, ssh login, etc. The notion of a default policy of filtering ports to the end consumer of bandwidth troubles me enormously.

Indeed, this seems to contradict the notion of free and unrestricted end-to-end service, as discussed recently on slashdot. Not to sound horrible here, but we all manage to live with spam pretty well, it's not like it's all that much of a hassle. I just keep a variety of email addresses to give out for different purposes. A few get a good deal of spam, and it's easy to run a script to delete first time messages from users I have never corresponded with from those accounts.

I just worry that, if we were try to really achieve a spam-free utopia, that it might well be at far too great a cost in freedom. I would rather deal with the occasional spam, then have the commercial bandwitdth providers filter my connection. And there is always the worry of false/vindictive reports leading to unfair account termination.


---
man sig

Re:Port 25 filtering is evil!

[mihalis]

I agree with what you say, but places that filter port 25 simply provide an SMTP smarthost that you can send your email through instead. It's one line in the sendmail configuration, and often their smarthost is allowed to send email to more servers than your home machine would be anyway (e.g. if you claim to be in some domain they don't know about). I think it's a good compromise myself.

Re:If credit fraud is a problem, where's the FBI?

[grahammm]

So maybe ISPs should do what CompuServe used (I don't know if they still do) to do and restrict the capabilities of newly created accounts.

a cure for spam (that's not a filter)

[Tumbleweed]

Okay, apparently noone's heard of this yet, which isn't surprising, but here we go.

There IS a cure for spam. A company I used to work for last year came up with some technology based on P3P technology. The idea is you set up an account and get an 'XNS Agent'. XNS is 'eXtensible Name Service'. You get your own 'XNS name' (via OneName.com or some other agency - some are free, some aren't). When you have your OneName, you can set up your XNS Agent to negotiate privacy with whatever online entity understands about XNS.

Here's the spam-killer idea my ex-boss had when we were working on the service: Build XNS into mail servers - the spec is completely open and available at xns.org. Make this like 'Caller ID for e-mail' (my phrase - I'm so proud :) - you as the email user on that mail server can set up a list of people, as well as a privacy-negotiation policy about receiving email. Those who are on your email pass-thru list can send email directly to you, as normal. Those who are not have to meet your privacy rules before the email goes to you. And/or, you could have it email a message back asking for confirmation before it sends the email to you (thus eliminating the mass majority of spammers - their reply-to addresses are almost always fake).

So, since the spammers would never take the time to confirm their privacy rules, the emails would never get back to you - and you could have the ability to configure your XNS email agent thingy to either dump those messages that didn't get authroized, or hold them for review, or whatever.

You would, of course, have to take a little more time in setting up your mail account on such an XNS-enabled mail server - set up the email address of those people and mailing lists you're on, so they don't get trashed, or bounce messages back into lists, etc. Small price to pay to actually destroy the entire spam industry, though, I'd think.

The neat thing is - all the specs are open - anyone can add it into their open source mail servers - it's encouraged! It also would mean that people wouldn't have to use special mail clients to use it - it's all server-side, hopefully with a web-based interface to configure your agent.

Pretty slick. Available, open source. Free personal 'OneNames' are available, etc. The OneName people _really_ know and understand privacy - I used to work there, I should know.

It's been frustrating receiving all the spam I have been recently, knowing there's a solution to spam out there, and noone is using it. *sigh*

=Tumbleweed (that's my OneName :)

Re:a cure for spam (that's not a filter)

[M.+Silver]

You would, of course, have to take a little more time in setting up your mail account on such an XNS-enabled mail server - set up the email address of those people and mailing lists you're on, so they don't get trashed, or bounce messages back into lists, etc. Small price to pay to actually destroy the entire spam industry, though, I'd think

Speaking as a mailing list provider, I can pretty much tell you that that "small price" would kill mailing lists, too. People aren't smart enough to figure out how to unsubscribe (when all you do is send an email to listname-off@domain, and it's IN THE STUPID SIG OF EVERY STUPID LIST MESSAGE), do you think they'll remember to put the mailing address in their filter exceptions?

Heck no. They'll subscribe, bounce crap to the list or listowner (who has to try to figure out where the crap is coming from since half the time it's forwarded from a hotmail address that's subscribed), and then say "This mailing list sucks. I never get any mail from it.

Re:a cure for spam (that's not a filter)

[Tumbleweed]

Well, one could also XNS-enable the mailing list software so that wouldn't happen.

Another thought - do you really want people that dumb on your mailing list? I sure wouldn't.

I think it's a remarkably small price to pay for getting rid of spam once and for all, without having to modify all the e-mail clients in the world.

Re:a cure for spam (that's not a filter)

[M.+Silver]

Another thought - do you really want people that dumb on your mailing list? I sure wouldn't.

If it was a technical list, I might agree with you. But I'm insufficiently elitist to say that people have to be technological wizards to join mailing lists that have nothing to do with technology.

(I actually used to be that way. The lists used to reject MIME and attachments and HTML-formatted posts and all that sort of thing. Now it silently cleans them up and posts them, since that's easier than trying to get users to correctly configure Outlook or AOL. The only thing I still don't hand out any sympathy for is people who can't unsubscribe. They get set to moderated so other people don't have to listen to "UNSUBSCRIBE ME NOW!!1!!!1!" whines, and if they ask politely, they get pointed to a page that lectures them on all the ways they could have figured out how to unsubscribe (starting with "Why didn't you keep the file that started out with the warning 'SAVE THIS FILE, YOU'LL NEED IT LATER'?") before actually telling them how.)

Re:a cure for spam (that's not a filter)

[Tumbleweed]

The procedure I talked about hardly describes a 'technological wizard'.

Anyway, the more I think about it, the better XNS-enabling the mailing list software sounds - that way things can be automated, along with privacy rules - people could be assured their e-mail address won't be used for various other purposes, etc. Also, with XNS, if their email address changes, the mailing list could be notified automatically, all without any intervention from the user or mailing list manager. There's a LOT of benefits to XNS besides anti-spam (that was really just an afterthought.)

Re:a cure for spam (that's not a filter)

[M.+Silver]

The procedure I talked about hardly describes a 'technological wizard'.

To the average nontechnical user, it is wizardry. High wizardry, completely arcane. We're talking about people who don't like to subscribe to more than one mailing list because the messages get all confused in their Inbox. About people who sign up, and then respond to the first mailing list message with "Who are you, and why are you saying that to me?"

This is, of course, exactly why web forums (you know, like here...) are more popular these days. It's clunky, it's slow, but there are big friendly buttons to click on, and if you don't understand it, you can stop going there and it doesn't keep piling up in your mailbox and scaring you.

Re:Spam and the road warrier

[Technician]

I have e-mail in another country. I used to be able to send and receive from it from anywhere worldwide. It is my very first e-mail account. I liked it so I kept it. There has been a change. I still can get my mail worldwide, but now I have to send mail from whatever ISP POP I am using at the time. I still send and receive mail, but I have to explain to clients that the reply-to is correct, even though the header says otherwise. Moral, not all reply-to at another ISP is fraud. When I am in the United States, I use the sending account of where I am at the time, and I do answer the mail sent to the reply-to address.

Re:Mail abuse, time limits, the RBL, and the DUL

[mpe]

Despite having great sympathies for the desire to relieve the general frustration caused by spammers with disposable accounts by simply removing one major source of those accounts from the picture, it unfairly places the communication ability of anyone not rich enough for static IPs at the mercy of the frequently abysmal performance of the mail server of their ISP (@Home, for instance, has mail servers that go down on a regular basis, and despite repeated claims to the contrary has been losing a rather disturbing amount of e-mail altogether) -- whether or not that ISP is having any more difficulty controlling its dialup/dynamic-ip users than it is its users with static addresses.

Forcing use of a third party relay will cause lack of redundancy and create a bottleneck.
Another problem, reading between the lines here, is over user of dynamic IP addresses. On a cable modem or ADSL setup they make no sense at all. Since you need at least one IP per customer anyway. They can sort of make sense with dialup where you only need as many IPs as telephone lines, but can have more customers than telephone lines...

10 to 100 emails a day ought to do it.

[crovira]

Unless the sender gets special dispensation by contract, limiting users to between 10 & 100 emails a day should get rid of the entire problem of Spam.

Cheap SPAM filter.

[e_n_d_o]

Just set up a filter to move email where to "To:" or "CC:" fields aren't to you or none of sender/recipients are in your address book. Manually add any mailing lists you subscribe to. Have it put it in a "filtered" folder.

I find this takes care of 75% of the spam get... Is sure is nice to again get more legit email then spam. I occasionally check the "filtered" folder for important messages, but rarely do I find anything of value in it.
---

Re:The truth about shutting down accounts...

[dattaway]

What if the ISP's smtp server is hosed? I used to have cablemodem and the only thing that worked reliably was my pipe, not their servers. When they started caching web access, blocking smtp, nntp, that's when I went back to local dialup. No thanks to their overloaded servers my outgoing mail, web access, etc. would be blocked for days at times. I have better control over my own server and have the ability to blacklist spam to boot.

Re:spam = pornography?

[Caradoc]

The point that Nace has missed entirely is that "spam" isn't a term that specifies the *content* of a message.

"Spam" denotes *any* e-mail sent blindly to people who didn't request it.

Whether it's penny stocks, pornography, or "SyberSchool" advertising - if I didn't ask for it, it's spam.

Re:Why spam is such a pain to stop.

[thogard]

Ever heard of caller id? it works great. You set up the digital ras to only let calls in that send their number (or arange with the phone co to get all numbers) and then keep a database of spamer phones numbers. A few tricks with a radius server and you know when they call back.

Re:What is the real root of spam?

[gavinhall]

Posted by Kewlhandtek:

the problem is if you even wanted to buy the stuff you could.........bad links,false links or shutdown links

Re:What is the real root of spam?

[gavinhall]

Posted by Kewlhandtek:

damn it......i have a problem with my "nots" i leave them out tooooooooooo much. YOU CAN`T even buy the stuff

Sign of the times

[sonofepson]

"We follow all the rules and regulations, and we've had full compliance with the law," Nace said, describing the 17 e-mail messages he says he sends over his two T1 lines each second. "All they have to do is say, 'we want off the list,' and they're off."

He even admits he gets nasty phone calls and death threats but still insists this is a good way to advertise. Yep, it sure sounds like he is generating a lot of good will towards his comapny this way. What really gets me is he (and those like him) honestly do not see the problem, he just sees spam as a way to cheaply reach a whole lotta people. So we get to help foot the bill for his advertising .

Other ISPs that spend money for excess capacity to handle the spam e-mail -- up to 40 percent of traffic -- bear the financial burden, a burden eventually passed on to consumers, he said.

Nace takes exception to being called a spammer

This kind of mind set is actually worse than the blatently obvious scams and porn spam since his kind will lobby that his use of unsolicited e-mail is a legitimate and respectable way to do buisiness and should be protected.

spam = pornography?

[caite]

Nace takes exception to being called a spammer, a term he associates with pornographers.

What kind of life does he live that he gets only porn spam? I see mostly beggar stories and MLM schemes.

Maybe spam could be declared "indecent" by the courts, and you'd have to prove you're over 18 to look at it. Why would anyone bother?

Re:spam = pornography?

[Tackhead]

> BTW, why do they usually put V----- in the email instead of the word? Do some mail servers filter email like browser censorware filters web pages?

Because Viagra is a trademark of Pfizer, and they don't wanna get nailed for infringement.

Because Viagra is a prescription drug, and they don't wanna get nailed for practicing medicine without a license.

Each of these excuses is about as good as the nonexistent "S.1618" law spammers like to cite. (Rule #1: Spammers lie.)

Feel free to forward all such spam to the FDA. The reporting address is available a few pages into http://www.fda.gov

(And is it just me, or is about half the spam I get from Florida, and about half of that from dialups in Pompano Beach? Judging from the spam I get from Florida, I'm really not surprised at how many Floridans are too dumb to figure out how to punch a hole in a card...)

Re:spam = pornography?

[ahodgson]

Actually, the point is that Nace is a spammer, and since spammers lie, he claims to not be a spammer. All spammers do this.

Re:spam = pornography?

[sqlrob]

Actual S.1618 is not nonexistent, it is a bill (that didn't pass), not a law (aka Murkowski bill)

If I'm feeling mean (and using a throw away account), I play with the spammer. I pull up the full text of it, and find the nice little bits of it that say $15,000 fine is the mail isn't properly addressed, and send it back to them. I usually quote any state bill as well. For some reason, I usually never hear back from that spammer.

Re:spam = pornography?

[vsync64]

Nace takes exception to being called a spammer, a term he associates with pornographers.

"A farmer fixed a net in his field to catch the Cranes who came to feed on his corn. When he went to examine the net, he found a Stork among the Cranes. 'Spare Me.' cried the Stork, 'I have eaten none of your corn. I am no Crane but a Stork, a bird of excellent character, and I honor and slave for my mother and father.' The Farmer laughed and said, 'Say what you will, but I have caught you with those who are destroying my crops, and you must suffer what they will suffer.'"

MORAL: Bad company proves more than fair professions. Birds of a feather flock together.

--

Re:spam = pornography?

[volsung]

I'm closer, but not quite: Half of my spam is for Viagra, or herbal sex-enhancing drugs (for both genders). No pictures, just lots of capital letters and exclamation points.

BTW, why do they usually put V----- in the email instead of the word? Do some mail servers filter email like browser censorware filters web pages?

The truth about shutting down accounts...

[m4dm4x]

I have worked in the security department of a major ISP for quite some time. The response time is not the issue. We could shut down a spammer within 15 minutes of recieving the first complaint. The problem is with fake accounts. A spammer will use stolen credit cards and do online signups with these, set up a mailserver on their computer and spam away the first time they log on and continue until we get the the NMC to kill their connection. By the time we have tracked down their account and have all the paperwork done, (which is just a few minutes) they already have another account waiting, and use a different VPOP, so as not to be totally obvious. The residual damage is having our domain banned, and then trying to contact the other ISPs to clear that ban. This can some times take days. A severe pain in the ass. If they use our mail servers, we can put a maximum sender limit, and that stops them a bit. They then usually migrate to another national ISP with higher limits. Sometimes they use open relays in other countries... but the source ip is from our domain, so we have to shut down the account, then contact the foreign admin of the open relay... and again that can take days, plus several interpreters......etc....etc.

So response time is not always the main issue.

..remember kids hormel is the devil

/V\4|} /V\4>....

Re:The truth about shutting down accounts...

[overshoot]

It's not the dialup "chickenboner" spammer that causes the big trouble at UUnet. It's the direct-connect account with a T1 or better line. They produce enough revenue that (as the story notes) both Legal and Sales have to be in the loop to get a disconnect.

Re:The truth about shutting down accounts...

[Skapare]

Your problem is you (the major ISP you worked for) were not pro-active about preventing spam. Obviously you intended to do nothing but clean up after the mess was made, and so you did.

Dynamically addressed dialup accounts (which is what most spammers have used and still use) should not have direct port 25 access. Those accounts are limited accounts, anyway, and should send all mail only through the designated mail servers run by that ISP.

After having 2 cases of "spam and run" done on dialup accounts at the ISP I used to work for (and continue to consult for) I put in place a block on port 25 outgoing for all dynamic dialups. That was over 2 years ago and there hasn't been an origination spam incident since then (relaying was also blocked separately). I personally use another major ISP for nationwide roaming dialup purposes, and they do this (I tested it). UUnet should start doing this. Although it wouldn't stop SyberSchool, it would stop most of the spamming which comes from their dialups.

Re:The truth about shutting down accounts...

[Orang]

Well the ISPs could start by checking the CC numbers they are given by the spammer. Facilities exist to do this but guess what - it costs to do each check, and they're just not prepare to pay.

Re:The truth about shutting down accounts...

[sjames]

A spammer will use stolen credit cards and do online signups with these, set up a mailserver on their computer and spam away the first time they log on and continue until we get the the NMC to kill their connection.

Turn all information over to law enforcement. Credit card theft is a serious crime and involves real jail time. Use caller ID to assist police in tracking down the thief. Solve two problems at once.

Re:The truth about shutting down accounts...

[sjames]

The trouble with this approach is the small but vocal minority of people who absolutely insist on running their own mail server.

I used to do that, but it's not worth it anymore. Many servers (well within their rights) refuse email directly from a dial-up netblock in order to reduce spam.

Re:The truth about shutting down accounts...

[WNight]

So remove the restriction for anyone willing to come in and show you their ID in person.

The whole point is that the system be hard to abuse, by default. Stop spammers from being able to make ten fake accounts per day without leaving home.

Re:The truth about shutting down accounts...

[Zack+Weinberg]

The trouble with this approach is the small but vocal minority of people who absolutely insist on running their own mail server. Maybe they don't trust the ISP's mail server. Maybe it's a stand on principle - just because they're on dialup shouldn't mean they can't run a mail daemon.

When you (as an ISP) decide to block outbound port 25 from dialups, you have to be aware that you will alienate these people. That may be a tradeoff you're willing to make - but you shouldn't just assume they don't exist.

Re:The truth about shutting down accounts...

[LordNimon]

You use the ISP's smtp server, not your own. Port 25 is blocked only for connections leaving the ISP. That is, you can connect on port 25 to only ONE machine, and that machine is the ISP's official SMTP server.
--

Re:The truth about shutting down accounts...

[Harik]

Yea, I'm aware that people block port 25. And guess what? The second you do that you start losing accounts. People have corperate mailservers, people have multiple ISPs (And M$ convieniently neglected to make all ISP settings switch when you hit a different profile. Macs had that 4-5 years ago when I first started doing support). And I've had to get people off national ISPs unto local ones because of their anti-spam policy blocked legitimite uses..

No direct SMTP access, and they bounce any "forged" mail, so you can only use your @nationalISP.com address. No way around it. Period. Except, of course, to ditch the account as unusable.

Thanks, but I value my customers a bit more then you apparently do. Unlike most ISPs, when I say "unlimited internet access" I mean it. If you violate our AUP, I can you. Until then you are unrestricted. (Well, at least from any legitimite activity. Source-forged packets are still blocked)

Now, for a REAL solution, I've been looking into L4 routers. Already in use to transparently cache HTTP for DSL, it may be a solution for proxying email abuse. Run it through accounting to count the number of recipients/bodies and set off alarms when thresholds are reached.

--Dan

Re:The truth about shutting down accounts...

[lizrd]

If my cable modem company said otherwise, I'd say bye-bye.

If my cable modem company started blocking port 25 I'd only be able to send mail about 75% of the time. Their mailserver (mail.rdc1.il.home.com) is so unreliable as to render it pretty much worthless. So far I haven't had too much trouble with sending mail from my 24.0.0.0 IP address, If it starts getting blocked a lot I'll have to find a different solution, but using the ISP's server is a pretty bad one.
_____________

Re:The truth about shutting down accounts...

[tanner_andrews]

) [ have worked in security dept; response time
) not the issue -- problem is fake accounts ]

My experience with UUNET (admittedly some months
old by now) is that they really did nothing about
spammers. It wasn't fake accounts: it was that
UUNET sent out a ``we're working on it'' form
reply, followed by no action whatsoever.

Spammers are sending spam for a reason: they wish
to ultimately receive money. If there is no way
to get money to them, then there is no purpose to
their efforts.

Thus, even with fake credit card accounts, there
must needs be a method of going from the spam to
a real person, else how could the spammer obtain
his revenue?

Re:The truth about shutting down accounts...

[CharlieHedlin]

I wish I had been in this thread when this message could be read, but here it goes anyways.

I have run my own mail server on my cable modem for > 2 years now. recently (within 4 months) I started being blocked by a lot of mail servers, but not by my ISP. This caused numerous problems.

Road Runner doesn't know how to setup any servers. Their network in Austin, TX is actually good, but the mail server sucks and will bounce any message that doesn't get delivered on the FIRST try. Obviously not a solution.

I now use my companies corporate mail server. They use SMTP auth so I was able to setup my home server to authenticate, and since I am a member of the group that controls the email server, I have as much if not more confidence in it than I do in my own. I just hate adding one more point of failure into my setup.

I really think we need a law for spam, that if nothing else requires the addition of something in the header to allow ISP's or users to block it reliably, with a steep fine if anyone is caught. It would work like speed limits, you can speed for a long time before you get caught, but if you are like me you get a ticket every couple of years and it keeps you from going quite as fast as you would otherwise (even if you still speed). If we make the fines for spam without the proper headers high enough, people will think twice before chancing it.

Re:The truth about shutting down accounts...

[OnanTheBarbarian]

I agree with you here. I myself connect to my home server through Port 25 - why should I have to change my e-mail affiliation (or set up some dodgy forwarding thingy) every time I change an ISP? If my cable modem company said otherwise, I'd say bye-bye.

Re:The truth about shutting down accounts...

[Maserati]

You blocked port 25 outgoing for dialups ? Thanks ! That helped.

Re:The truth about shutting down accounts...

[mpe]

The problem is with fake accounts. A spammer will use stolen credit cards and do online signups with these, set up a mailserver on their computer and spam away the first time they log on and continue until we get the the NMC to kill their connection.

There really isn't much that can be done about this, other than having a different business model.

Re:The truth about shutting down accounts...

[mpe]

The trouble with this approach is the small but vocal minority of people who absolutely insist on running their own mail server. Maybe they don't trust the ISP's mail server. Maybe it's a stand on principle - just because they're on dialup shouldn't mean they can't run a mail daemon.

Maybe they run standard software which needs additional fiddling around to use a third party relay. (With additional complications if they have multiple links.) Which then looses redundancy, monitoring ability and independance between different emails. i.e. following rfc 974 means that a problem delivering to foo is unlikely to affect delivering to bar. Indeed using a 3rd party relay means that one's email is all mixed up with other people's email. If one or more of those people are spammers (where an ISP provided instant access they are little better than open relay operators) then you have problems.

Re:The truth about shutting down accounts...

[mpe]

You use the ISP's smtp server, not your own. Port 25 is blocked only for connections leaving the ISP. That is, you can connect on port 25 to only ONE machine, and that machine is the ISP's official SMTP server.

Which has a number of potential problems, the first once is removal of the redundancy RFC974 provides. The second is that when these machines are used for relaying spam (remember spammers like relays, because they protect their machines and enable them to have disconnected before people start getting their junk as well as their ability to work as an "expander"). Isses such as how accurate is the clock on these machines, what header information do they put in are relevent in tracking spam sent from that ISP.

My Experiences Have Been Good

[The.Tempest]

My experiences with fighting spammers have been good. A while ago someone was sending messages to almost every newsgroup I read advertising "DSS Free Link Page", which was hosted by Prohosting (www.prohosting.com)

I sent an e-mail to Prohosting, and they promptly removed his site. I don't know if it ever went though, but I know on their web page, spammers get charged $100 per complaint that prohosting gets. The thought that some spammer got charged $100 thanks to me makes my feel warm and fuzzy inside.

Perhaps people would be less inclined to spam if there were actual repercussions, like being charged large sums of money, instead of just getting kicked off.

Spam != Pornography

[Jeremy+Erwin]

Nace takes exception to being called a spammer, a term he associates with pornographers. UUNet's reaction, he said, was unwarranted. "This is a clear-cut case of the big corporations telling the small operator, 'screw you.' " Lots of pornograhic content providers use Spam or other obnoxious marketing techniques, but most of the spam I recieve does not hawk pornographic content.

Re:Spam != Pornography

[British]

You know, spam can be a bit insulting. I get the "penis enlargement" spam, which is them saying i have inadequate equipment. They also assume I'm single, since I get spam for dating ads, etc. Why on earth would I need viagra and an enlarged penis if I'm single?

Re:Spam != Pornography

[svallarian]

>You know, spam can be a bit insulting. I get the "penis enlargement" spam, which is them saying i have >inadequate equipment. They also assume I'm single, since I get spam for dating ads, etc. Why on earth >would I need viagra and an enlarged penis if I'm single?

Or a woman?
Steven V.

ISP-wide spam: is there a solution?

[Bill+Fuckin'+Gates]

This may seem unusual, by I have a technical question. How is it that a spammer can target an entire ISP or web-mail provider? One of the biggest complaints about our popular Hotmail® service(sorry, the site is currently down; apparently the NT5 migration wasn't a complete success, but a restaffing will take care of that, eh?) is the spam which appears to be received by every single mailbox. Those of you with multiple accounts know what I'm talking about! On Hotmail®, at least, there are instances when I log into the several personal accounts I keep, only to discover that each has an indentical "DO YOU WANT TEEN SEX?" spam message in its Inbox. Very disturbing!

I know that this messageboard is a haven for "script kids" and other hacking types, so I'm sure one of you knows the answer. I would like to integrate knowlegde of such hacker practices into our MCSE+Internet certification, but the program's technical director is stumped. Any clues?


See you in hell,
Bill Fuckin' Gates®.

Re:ISP-wide spam: is there a solution?

[m4dm4x]

Its fairly simple....
Compile a library of common addresses, put a domain name behind it... spam away... the ones that give an undeliverable response are disgarded from that domain library....
when the spammer changes isps, or sells these mailing lists.. the victims will keeps on getting bombarded... even if they never gave out their address at all... if you are stupid enough enough to have a common name.. then you WILL get spammed..
ie: free@your isp.com, or sex@yourisp.com
its not the isps fault you people are dolts.. don't blame them for "selling their users email addresses"

/V\4|} /V\4>.......

Re:ISP-wide spam: is there a solution?

How is it that a spammer can target an entire ISP or web-mail provider?

He simply generates as many random usernames as he can think of and spams away. The usernames that are legit get the spam, and the nonexistent ones bounce. If the spammer wants to be a bit more selective, he uses a dictionary attack, wherein he generates usernames based on words that might show up in a username. All this is done with software, obviously. This is why you will often get spam at an address that was just created or that has never been published anywhere.

Re:ISP-wide spam: is there a solution?

[Yer+Mom]

So how about configuring the server so that IP addresses that appear to be generating an awful lot of bounces get blocked for a while?

Johnny Spammer starts trolling for random addresses, hits the limit, and his connection's blocked for a few hours. Repeated offences from the same address increase the timeout, maybe (need to keep the timeout low the first few times so as not to clobber dynamic IPs too much :)

Obviously this would need to be set up carefully so that mailing lists don't get blocked every time a bunch of accounts expire, but knowing which accounts were terminated recently and which ones haven't existed in the past year or so should handle that for the most part...
--

What a timely article

[stunnedkunt]

Why just today I had a BEOWULF CLUSTER of spam!

Re:Spam and telemarketing...

[Arcanix]

Yeah, but billboards don't waste your time. I know I don't slow down or stop to read them...

ISPs should set up decoy email accounts.

[TheLink]

And then leave their addresses as bait at various places.

If someone hits those addresses and is verified to be online as account holder of that ISP, that user is automatically suspended. Can be done with participating ISPs too.

If mail hits those addresses and can be confirmed with reasonable cause to be spam (hits those addresses and > 10 other people) , it is automatically removed from mailboxes of all customers subscribed to the optional spam removal service.

With millions of addresses on their lists it'll be hard for spammers to figure out which are decoys and avoid them.. And setting up decoys can be just about as cheap as sending spam ;).

You have to be careful to ensure that legitimate customers aren't tricked into spamming the decoy email accounts. Trojans can do that ;)... Still it can be considered a useful feature if infected customer who are spreading trojans get their accounts suspended for a while, and the associated emails (probably bearing the virus/trojan) are deleted.

Cheerio,
Link.

A creative way to fight spammers

[kris]

Throw them into a tar pit. This keeps them online, and makes them vulnerable as they are a target as long as they are connected.

© Copyright 2000 Kristian Köhntopp
All rights reserved.

DUL doesn't do relays, use RSS

[gfecyk]

2: The second option would be for UU.net to provide the IP ranges for its DIAL Up pool to the DUL project run by MAPS.

IIRC, they do. 63.0/11 appears to be the bulk (heh) of it. By their very definition, open relays usually don't follow the DUL very closely...

Much of the UUNET spam being reported to the MAPS DUL Project happens to be relay spam. This isn't helping the DUL Maintainers because they're already listed. You want to use MAPS RSS and DUL at the same time, and report open relays to RSS as found. See The RSS Project.

Re:A Solution

[thogard]

I had someone (from a uu.net dialup) try something like 122,000 userid on my domain. They hit aliases that had never been used. Hiding isn't a solution.

Fake info was "re: why spam is so hard to stop"

[winwar]

"Next you have the more technical spammer, who has an array of fake credit card numbers, false names, false addresses, and so on."

Maybe ISP's should be a little more careful before they accounts are opened.
It should be possible to tell if the credit card number is fake (gee, maybe check with the CC company).
If false information is used then the ISP should report them to the police.
I suspect that if they did this, part of the spam problem would disappear....

TOS

[RedOregon]

Can't we nail them on some type of TOS violation... even if it is their own TOS??

Too bad for you, thank the spammers.

[gfecyk]

I have a 24/7 broadband connection with better then 99.9% uptime at home, and I quite enjoy the minor hobby of being able to run my own tinsy little server on it. I have apache and sendmail, ssh login, etc. The notion of a default policy of filtering ports to the end consumer of bandwidth troubles me enormously.

You've been caught in the middle of this little spam problem and I feel your pain. Unfortunately port blocking and projects like MAPS DUL won't go away any time soon because spammers won't go away any time soon.

The worst DSL related listing in DUL has to be Sympatico Ontatio. This is an exception to the DUL rule of not listing DSL because Sympatico HSE uses PPP(over Ethernet) and can't guarantee the same IP, and they've turned a deaf ear to MAPS and to the Internet community when we complain to them about their spammers.

If the broadband provider's mail server bites, too bad. Find another broadband provider with better service or do what I did: Stick with ISDN and pick and choose between any ISP that does 56k (any server doing v.90 very likely supports ISDN transparently).

I also suggest you read your ISP's terms of service carefully. Chances are they forbid running servers on those connections for the same reasons - too much network abuse.

You might want to read some letters people wrote to the DUL Project about this, and the responses.

Sneakemail

[KevinMS]

On a consumer level, one of the best ways to fight spam is be proactive on a marketing level. We created a service called Sneakemail that lets the average user implement the "get your own domain and make a new address for each use". Our philosophy is to reduce the "value" of email addresses given out to ebiz while keeping the "value" of them for you the same. A disposable sneakemail address has less value for an online business, its only just a temporary and revokable contract of contact between you and them and has little value for resale. Its also in an ebiz's best interest to keep that address to themselves because spam sent to that address from elsewhere can be very easily traced back to them.

The whole spam war is sorta like the war on drugs, the harder you make it for spammers to get spam to your inbox, the more valuable the spam becomes and the more its worth it to them. But if you take the value of your email address for them away its probably not worth their time and money.

What we need are killfiles that really kill.

[devphil]

I hereby pledge that if I am ever summoned for jury duty because somebody physcially LARTed a spammer to death, I will argue that it was justifiable homicide.

As has been said before by others: I'm not trying to sound like a cold-hearted bastard, but I am a cold-hearted bastard, so that's just the way it comes out sounding.

Re:Why spam is such a pain to stop.

[Eil]

At $10,000 per message, the potential contractural debt is ruinous for spammers.

Back in 1998, I was getting about 3 emails a week from this one guy advertising some kind of pyramid scam. The advantage on my part was that he left a toll-free phone number to call. When you dialed it, some guy went on a 3-minute speil about the scam and allowed you to leave a message afterward with your name, phone number, address, etc.

I took this opportunity to leave a message explaining in highly legal-sounding terms that he was using my personal paid-for email box for his commercial advertising purposes. I said that if I recieved any more messages containing the 800 number that I would bill him a (something on the order of) $8000 fee for every advertisement.

I left my email address letter-for-letter, hung up, and recieved no more spam from him. :)

[A month later, I found the sticky note with that number on it and decided to call it up and leave the beginning 3 minutes of every track from my new chem bros CD on its answering machine. Yeah, I'm cruel...]

Re:Others prevent spam, why not UUNet - not true

[ozric99]

I set up a freeserve account for my mother to use with a PC she bought recently. Now freeserve allow unlimited addresses per 'domain'. So If her 'domain' was spam-me.freeserve.co.uk she would recieve mail sent to *.spam-me.freeserve.co.uk.

Within days of opening the account, and not even having used it at all, she had received FOUR pieces of spam. sent to 'addresses such as 'fred@spam-me.freeserve.co.uk' and 'mark@spam-me.freeserve.co.uk'. It seems that freeserve sell addresses as soon as they are opened.

Spam and telemarketing...

[precize]

...have to be two of the least productive (and most annoying) forms of advertising. When you think about it, pretty much every other form of advertising has at least a little targeting that goes along with it. Billboards target people who are in the area of the business advertising. Television and radio ads target the general demographic that watches/listens to that show. Banner ads (as annoying as they are), at least know a little about the typical person that is looking at them. Despite claims of spammers to have "targeted" lists of email addresses, there is very little that they can know about those email addresses...same with telemarketers and phone numbers.

One solution advertisers are using more and more as people become immune to typical methods is product placement. TV show, movies, etc., are now filled with "products" in use or on the set. Of course, the stuff spammers are selling is a little harder to use with this method...I can see it now: "Quick, get the guns, we're gonna have to...wait a minute...I don't have to do this...I've made millions...(to viewer)...you too can get rich quick with my new scheme to..."

lol. Never mind :)

Re:Spam and telemarketing...

[drsoran]

Well, you're correct on that account. I can't believe spammers do ANY type of targetted advertising. If they did I wouldn't be receiving spam in Russian for some Asian porn site, or the numerous "accept credit cards on your website" (don't have a website) spam, or the "buy our list of 6 million email addresses" spam. Just looking through my spam folder, I think it's time to reverse my procmail recipe and just start blocking ALL e-mail and only accepting stuff from addresses I know about. I'd get a far better signal to noise ratio.

Re:Spam and telemarketing...

[mr]

Why do people spam?

The actual out-of-pocket costs is minimal to the spammer.

What will stop spam?

When the cost of spamming exceeds the benefit.

With the present US legal system, how can the cost of spamming be increased? Lawsuits.

How to do this?

1) everyone who wants to feed the local ambulance chasers/people who like small claims actions/ppl who hate spammers have to be willing to buy create and sell debt so the others can buy that debt and then can take spammers to court.
2) Software to act as auto-billing and clearing house for the mail analysis debt. (to make it easy for the spammed to help the local ppl to spammer to have to potential to make money)
3) people willing to change their mailers to note that this system accepts mis-configured mail messages and bills for it.

Spammer sends the mail to the host for analysis. Said target machine gets mail and sends 3 billing notices for $250. Then the $250 charge is placed into the 'database'. A local hater of spam/ambulance chaser buys the bad debt (unpaid $250) for a %age, or for $1-5. Local person drags spammer to small claims.

As more people sign up, and more spammers get dragged to court, the economic benifit to spam swings. It becomes a case where spam can cost $250+ court costs per message, + time in small claims court. And, if the local plaintiffs know the schedualed court dates of others, they can arrange court dates one a day.

A spammer getting hit $250+ a day, for 30+ days. Does this make spamming sound profitable?

End effect? Spam moves to sites outside the legal reach of suing countries for products outside the reach of suing countries. And, well, if I had to block all mail from russia or china to stop spam, I don't think I'd loose sleep :-)

Re:Spam and telemarketing...

[Eggplant62]

Despite claims of spammers to have "targeted" lists of email addresses, there is very little that they can know about those email addresses...same with telemarketers and phone numbers.

Three rules apply here:

1. Spammers lie.
2. When in doubt about spammer lies, see rule 1.
3. Spammers are stupid.

Obviously there's nothing targeted about the usual dictionary attack spam that I get from uu.net dialups all the time. I keep wondering how I got targeted for viagra.

Rich
--
Consumer Watchdog! Yes, we're rough on bogus businesses!
And today, Consumer Watchdog reports on protecting you, the consumer,
from being consumed by dangerous products and phony packaging. -- Firesign Theatre
TINLC Unit #2309 Death to all spammer accounts.

Re:Buying a Domain for Email

[ddent]

if you have a shell on the school system, try putting a file called ".forward" in your home directory, with the address you want your mail forwarded to (assuming you want it all - you may need to put it to its own address with fancy filters and all that jazz).

Credit card re-use...

[theNAM666]

"I figure most of the problem comes from their dial-up service." Spammers will subscribe to a dial-up service expecting to be booted off within a few hours or days. Then they simply sign up again after service is terminated, he said.

Of course, this would not be much of a problem if the credit card # used to sign up for one account was not allowed for another account; or if the name and address used (and necessary to authorize the credit card) were logged as unavailable. It wouldn't be hard to do this on a multi-ISP level, making it much harder for the typical spammer to do business...

Suspect there's not much motivation over at UUNet to take that kind of leadership, however, as they get paid $20-40 for each cancelled-and-renewed account...

Re:Credit card re-use...

[British]

Are you proposing a RBL of credit cards/corporate accounts of known spammers? I kind of like that idea. You're choking the problem at a financial level. Of course, UUNET might not like that for the reasons you said, since it means less money for them. Could they in theory make money off of these spammers, without ANY costs incurred on them, but onto the people with the open mail relays, and the people receiving the spam?

If so, that's a big 'o can of worms.

That reminds me, I have some of the new "smoked" flavored SPAM I have yet to try. Hate the real spam as muhc as you want, it tastes good sliced n fried with a touch of tobasco sauce!

semi-off-topic: slashdot needs to change spam icon

[myc]

From the official SPAM site of Hormel Foods, Inc:

We do not object to use of [SPAM] to describe [unsolicited commercial e-mail], although we do object to the use of our product image in association with that term. Also, if the term is to be used, it should be used in all lower-case letters to distinguish it from our trademark SPAM, which should be used with all uppercase letters.

(emphasis mine)

it seems that Slashdot ought to have a new spam icon. See http://www.spam.com for more info.



---
Santa Claus: "Ho ho ho!"

some things dont seem to make sense:

[congiman]

Ok from reading the links it seems that there should be 2 things uunet could do very easily to get out of this spam problem

Background:
1: The port 25 block. This is mentioned in the article. In a perfect world, a user should only be able to send to their local mail server. Ie: When a user sets up their new ISP, they have to enter the name of their SMTP and their POP server.

With that being said, it should be logical that UU.net should set up their router filters to only accept traffic going to port 25 on their mail servers. Traffic going to port 25 anywhere else should get blocked. If you have a local UU.net account you should use the uu.net mail server.

Now what about road-warriors? the sales people out in the field who need to send mail?
2 things:
1: They probably vpn in, so that does not even matter. otherwise:
2: If you allow any uu.net address to relay via your mail servers, you have a hosed situation.

2: The second option would be for UU.net to provide the IP ranges for its DIAL Up pool to the DUL project run by MAPS.
This project takes Dial up ranges, and blackholes them from connecting to your network. They too follow the idea that you should only connect via your dedicated mail server.

Now the bonus of step 1, is that all of the mail going out of your network goes through mail servers you control, you can do certain checking,
like anyone who is sending mail to 500 BCC'd recipients (multiple RCPT), or if they are using multiple RSET commands to send out the same message but with different subjects, should get rate limited/checked.

Or you can put additional IP information in the message envelope, so that they can be detected easier.

The win with the DUL, is it lets the rest of the net be able to only accept mail from uu.nets mail servers, and takes the cpu overhead of additional filtering off of their routers.

-- C

Re:some things dont seem to make sense:

[memfrob]

With that being said, it should be logical that UU.net should set up their router filters to only accept traffic going to port 25 on their mail servers. Traffic going to port 25 anywhere else should get blocked. If you have a local UU.net account you should use the uu.net mail server.

Unfortunately, most of the problems are not with UUNet accountholders, but with people that UUNet resells dialup POPs to.

For example. ABC-Dialup (say) uses UUNet to provide dialup access, charging their customer for the use of mail.abcdialup.com. They use radius attributes so that when the customer dials in, they can only connect to port 25 if the machine they are connecting to is mail.abcdialup.com... otherwise, the connection is blocked.

Now, an evil isp, msn.com (say...) does the same thing, but they don't implement said radius attributes, because there is no Visual C++ interface to Cisco equipment (actually, they're not Cisco radius equipment. Starts with an A, but I'll be damned if I remember what they're called). Thus, msn customers can connect to open-mail-relay.com and spam to their heart's content. When complaints return to UUNet (owner of the originating IP), UUNet has to turn around and go through msn's abuse department to try to get the spammer shut down.

2: The second option would be for UU.net to provide the IP ranges for its DIAL Up pool to the DUL project run by MAPS.

IIRC, they do. 63.0/11 appears to be the bulk (heh) of it.

By their very definition, open relays usually don't follow the DUL very closely...

Now the bonus of step 1, is that all of the mail going out of your network goes through mail servers you control, you can do certain checking, like anyone who is sending mail to 500 BCC'd recipients (multiple RCPT), or if they are using multiple RSET commands to send out the same message but with different subjects, should get rate limited/checked.

Until you get raped by some administrative escalation because some church newsletter can't be sent because you limited the maximum recipients to X people and this person happens to be the golfing buddy of the President of the Company...

Re:some things dont seem to make sense:

[mpe]

Gee, you've got some GREAT suggestions, and that's great and all, but we have these things called RFCs. You should make your self familiar with them.

i.e. forced third party relaying isn't in any RFC, indeed it's hard to find any mention of third party mail relaying let alone a positive mention.
Most of the problem IMHO is poor software which requires a third party relay in order to even work at all
An RFC complient solution would be traffic shaping of the form of dropping packets on the floor when a certain IP starts sending a lot of traffic to port 25. (Indeed it's not that hard for a router to monitor a TCP connection work out if it's to a third party relay then redirect the connection to /dev/null.)

What a crock...

[djrogers]

Just because the spammer in the article was the 'little guy', they made him out to be some sort of victim. According to the article, he fires off 17 e-mails per second! That's almost 1.5M per day, obviously these people didn't opt-in. No, he bought, traded, stole, or guessed their addresses in a cheap attempt at promoting his company with our money.
No, I have no sympathy for him whatsoever...

Re:I dont have a spam problem

[nmx]

Not really. Just because you have a filter doesn't mean it's not effective for the spammers. You wouldn't have responded anyways, and they have no way of knowing whether you have a filter or not.

Re:Proposed solution...

[jqh1]

yes -- spamgourmet.com :)

Re:uunet doesn't give a shit

[neowintermute]

oh fuck, i meant to uncheck it, OK?!!?!

heh...


___________________________
http://www.hyperpoem.net

Re:Others prevent spam, why not UUNet

[ahodgson]

UUNet Canada has always been a much more clueful organization than the US version.

Re:syberschool.net is down...

[Eggplant62]

Assuming it's not just slashdotted, I'd like to thank whoever cracked and crashed that motherfucker's server.

It's not slashdotted, it's been null-routed. Uu.net pulled the plug on Nace's connection just prior to the article going to press. Uu.net had already received a great deal of complaints regarding Nace and his activities. Seems highly coincidental that the subject of a news story about spam problems gets his connection pulled, but hey, as long as the creep ain't spamming, I'm a happy camper.

Rich
--
Consumer Watchdog! Yes, we're rough on bogus businesses!
And today, Consumer Watchdog reports on protecting you, the consumer,
from being consumed by dangerous products and phony packaging. -- Firesign Theatre
TINLC Unit #2309 Death to all spammer accounts.

Re:Mail abuse, time limits, the RBL, and the DUL

[ahodgson]

>On a cable modem or ADSL setup they make no
>sense at all.

Well, they sort of do, from an admin perspective. You don't have to track who was assigned which IP address, release them back into the pool when the customer goes away, etc. It also makes it harder for the customer to run a server, which most broadband companies don't want you doing anyway.

I would think the benefits of assigning an address would be greater than the admin gains from dynamic, though.

Re:What about stamps & lots of gray areas

[Steve+B]

Every other commercial medium (TV, Radio, even US mail) produces huge amounts of unsolicited advertisements. Anyone ever complain to the USPS about the gigantic volume of junk mail that shows up in your mail every day? Anyone ever tried to "unsubscribe" from junk mail in your regular mail? I'd bet 99% of people haven't.

Why do people bother to trot out these tired old false analogies? I don't pay to receive any of this crap; I do pay to receive spam.

In addition to supporting the medium, there should be some rules about what kind of content is allowable in these emails.

Out of the question, and your attempt to hitch your pet cause onto the unrelated issue of spam puts you on the borderline of trolldom.

The second issue is that this mob rules mentality that most anti-spammers seem to have screws up other legitimate uses of email.

Classic blame-the-victim fallacy. The spammers, not the people resisting their parasitic attacks on the system, are to blame for the climate of suspicion which currently prevails against legitimate (i.e. subscribed) bulk e-mail (particularly given that spammers attempt to disguise their garbage as "Information You Requested").

The "Newsletters" that many sites send out seem to fall into a gray area that threatens to eliminate this otherwise useful feature.

Newsletters for which an explicit subscription request has been filed are in a white area. "Newsletters" for which no such subscription request has been are in a black area. There is no gray area.
/.

Re:Others prevent spam, why not UUNet

[Charles+Dodgeson]

In the boycott proposal I wasn't suggesting something like RBLing. UUNet, I was suggesting things like not using MCI-Worldcom as a long distence carrier, etc.

anti-spam HOWTO

[Silas]

I have been maintaining an anti-spam HOWTO document for some time now that might be useful to read. It's written for qmail users and administrators, but does address both the theories/principles behind blocking/preventing spam, and the technical methods that can be used to actually do this. I think it's a good summary document for users, sysadmins, and managers considering these issues.

Re:Others prevent spam, why not UUNet - not true

[Charles+Dodgeson]

First of all, I was talking about spam originating from freeserve or advertising things on the freeserve.

Second: Are you sure that the spam was sent to the specific address you had set up (but hadn't used)? If it had been sent to anyuser@domain.freeserve.com, it would show up even if the sender didn't know the name of specific mailboxes.

You also say that you never used it. But did you browse untrusted sites with javascript enabled and your browser knowing your those email addresses?

Either way, I would suggest that you take the matter up with freeserve. I'd be extremely surprised if they were selling addresses. Take it up with them to make sure.

I should also say that I used freeserve from November 1998 through June 2000 (after that I moved to the US) and never had that problem. Other than as a satisfied customer, I have no connection to freeserver, Planet Online or Energis other than having some minor contact both the person who designed their email system and the person who is now in charge of their email system.

Mail abuse, time limits, the RBL, and the DUL

[Zed+Pobre]

A question at some point has to be asked, how much spam leakage is considered acceptable for an ISP. The general Mail-Abuse Filters currently available are very conservative in the addresses that they accept, and rightly so. Still, little things like this make me think that there should be a special category for ISPs that are trying to do the right thing with regards to e-mail and spam, but for whatever reason can't get their acts together well enough to prevent large amounts of spam leaving their borders. It is, after all, the responsibility of a provider to insure that they are not a problem on the network, not the responsibility of the network to clean up for them.

The idea of creating a real-info blacklist has been bounced around a few times and generally rejected as legally infeasable (would generate too many lawsuits), but still, I keep wishing that as long as ISPs are using AUPs that are incredibly restrictive on users they might as well go all the way and put in a clause stating that by joining the service, you agree that if you are terminated for abuse, the reason for termination and any personal information submitted for the purpose of gaining access may be distributed to all other ISPs that are interested in making account acceptance decisions based upon that information. Maybe give it a 3 or 7 year expiration, kind of like bad credit. Access to a list like this might give even slow ISPs a chance to keep ahead of the problem by preventing it from becoming an issue.

But enough dreaming. For now, we have to make do with whatever technical solutions are available, whether they be RBL-like general blacklists or personal filters. At least those with skill tend not to be spammed much.

The second issue brought up by the article (albeit somewhat indirectly) is the gradual blockage of direct access to mail to dial-up users, either by blocking SMTP at the router level, or by using the MAPS DUL. Despite having great sympathies for the desire to relieve the general frustration caused by spammers with disposable accounts by simply removing one major source of those accounts from the picture, it unfairly places the communication ability of anyone not rich enough for static IPs at the mercy of the frequently abysmal performance of the mail server of their ISP (@Home, for instance, has mail servers that go down on a regular basis, and despite repeated claims to the contrary has been losing a rather disturbing amount of e-mail altogether) -- whether or not that ISP is having any more difficulty controlling its dialup/dynamic-ip users than it is its users with static addresses. Granted, a number of ISPs are filtering at the router or submitting their dialup addresses directly to the DUL themselves, but I have yet to see one of them disclose in their advertisements that they provide a crippled internet connection.

So in summary, what we still need to control this problem ourselves is a better way of publicizing the e-mail distribution points that take a long time to deal with spammers, and a better way of identifying only those dynamic address ranges belonging to ISPs that are either incapable of dealing with their dynamic-IP userbase or have given up on it completely -- and then a centralized location to check up on ISPs with broken services ahead of time, sort of like a Better Business Bureau for the internet.

How to do it? I have no idea. Here's to hoping someone else does.

Re:Mail abuse, time limits, the RBL, and the DUL

[mpe]

Well, they sort of do, from an admin perspective. You don't have to track who was assigned which IP address, release them back into the pool when the customer goes away, etc.

Is it really that difficult to write a database which does just that...

It also makes it harder for the customer to run a server, which most broadband companies don't want you doing anyway.

In practice they do little to stop running of "servers" especially the like of web servers which tend to involve short TCP transactions.

Re:Mail abuse, time limits, the RBL, and the DUL

[Skapare]

If you ISP provides bad mailer services, then choose another ISP. If you're stuck with a single ISP because it's a cable system, consider switching to DSL if that is available. If not, then be sure to voice your concern by making sure you call up their technical support department EVERY SINGLE TIME anything wrong happens. Demand to open each as a separate incident. There is no excuse for having shitty mail servers, since there are plenty of people around that know how to run mail servers right. And tell them I said so. And be sure to tell the tech support people that they wouldn't have to put up with all this if they would just wake up the sysadmin and let you talk to him directly. And find out the names of other people in your area having the same problems and make sure they are doing the same. And plan some "tech support phoning parties" at certain times, where you all call tech support at the same time.

Why spam is such a pain to stop.

[RISCy+Business]

Well, I figure since I've had to deal it with almost 100% of my career, I may as well toss out my $0.02USD.

Spam isn't as easy to stop as most of the 'tech savvy' /. readers claim, say, swear, or demand it is. First off, you have several types of spammers.

First off is your atypical newbie moron spammer, who gladly gives you all his correct information, gets online, and fires away, gets disconnected immediately, gets blacklisted.

Next you have the more technical spammer, who has an array of fake credit card numbers, false names, false addresses, and so on. He'll setup six or seven accounts on one ISP, usually something like AOL or UUnet, and bounce around with these accounts, spamming. On and off before they can catch him in the middle of it.

Third, you have the guy with a pile of lawyers working for him, that's going to negotiate and hardball his way into a contract with an ISP that lets him spam.

The only remaining spam-friendly ISP was AGIS. Why 'was'? That policy was changed due to something like 60%+ of their customers cancelling after the announcement. Remember Spamford Wallace? He was the guy they hooked up first, and he was the guy that lost them a lot of business. Companies blocked AGIS - my employer at the time filtered all of AGIS' netblocks immediately, to prevent incoming spam. Some providers, ie; PSInet, have negotiated contracts with 'big name' (aka LOTS of spam) firms that allow them to spam to their heart's content.

Now, you've got a spammer. We'll say your typical type 2. And you want to shut him down. Not that easy. Because you do NOT have a common factor, including where they're dialing in from, they can CONTINUE to abuse your service, and there's not much at ALL you can do about it till they slip up somehow, which most sales droids are NOT going to be aware of. They'll just keep bouncing around and evading. And if the ISP gets blackholed or filtered all over, they'll just jump ISPs entirely. These are the pricks that cause the most damage to ISPs. They usually also use the ISP's SMTP server - best thing you can do is to disconnect them the second you see it, and pray they don't have more accounts. I've had to deal with a couple of these in the past, and we had one guy sign up for *SIXTY* accounts in *ONE DAY*, all with different information. When we FINALLY figured out who it was, we were ONLY able to kill the accounts because we had relatively few (around 2,000) and knew when they were added.

Now, say you have someone who bought a leased line and ordered it up deliberately for spam. You can't prove it beforehand, and some of the software out there makes it incredibly hard to find the true source. You have to catch them in the act most of the time. And the best you can HOPE to do is to do a shut on their interface. That's assuming you don't have a legal department that you MUST consult before disconnecting a customer for a contract violation (ie; spamming) and who MUST sign off on the disconnect order - I had to deal with this before. In some of the larger shops, ie; UUnet, AOL, etcetera, you have to go to your legal group and get them to sign off on a disconnect, then you have to go to your engineering department, who may or may not have to schedule it as a change management, who may or may not have to get their managers to write off on it, who may or may not have to go further up the chain. In other words, typical corporate bull will typically tie up a spam disconnect for over a week. It's the cold reality. If you disconnect a customer who WASN'T spamming, they can and likely WILL nail you for breach of contract on a leased line, and that could cost your company MILLIONS. Legal wants proof, engineering wants time and to be left alone, management just wants the mess out of their hair. Plus the overworked abuse departments do not help, as most complaints go there. Where I worked, we had a two person abuse department, who typically had a three week turnaround on initial reply.

You have to take all these kind of things into account. I'm certainly not saying UUnet is doing a great job - they aren't - but they're doing the best they can. I'm not personally aware of any contracts UUnet has negotiated permitting spam, and they usually *do* disconnect a customer for spamming. Other providers are far worse. You can whine, scream, complain, and moan all you want, but spam is not going to go away overnight, and policies at these places don't get changed overnight, if at all. UUnet has their policies, as do most other providers, and the tech that ignores them and just unplugs that spammer is going to find himself out of work almost immediately.

A lot of the posters definitely need a good dose of reality, because this is how it is. It's not just unplug the guy. Maybe the Mom & Pop ISPs have that luxury with dialups, but the other ones? Not a chance. So you're just going to have to live with it. Build your own filter lists, update them, etcetera, and quit whining about these companies being unable to stop it immediatley. You want it fixed? You go get a job in management and fix it yourself. No amount of your screaming is going to change a thing.

=RISCy Business, who doesn't give a damn what you think.
your company here.

Re:Why spam is such a pain to stop.

[sjames]

The problem is in the response to SPAM. It wouldn't matter so much that it takes 3 weeks to disconnect a spam account if there was a contractural penelty of $10,000 per message for spamming. Most spammers are in the business because spam is cheap. Their whole operation is based on a 1% or less positive response to spam. They see it as profitable because the spam costs practically nothing to send.

At $10,000 per message, the potential contractural debt is ruinous for spammers. In addition to a clause about unsolicited commercial e-mail, the contract would need to spell out specific things that are spam. For example, sending out any advertisement whose headers don't point back to the advertiser's account. Sure, out of a million, you'll only have definitive proof of a few dozen, but at $10,000 each, that batch of spam just became unprofitable.

To avoid accidentally bothering legitimate users, set things so the spam clauses don't kick in for the average user. For example, the fines and penelties don't come into consideration unless you connect to sombody elses port 25 OR you send more than 1000 emails through your assigned mail server. Surely, at least 99% of your legitimate users will be immediatly exempted by that while no spammer will be. If you want to be more sure, stipulate that connecting to someone elses port 25 is still exempt if you send less than X KB to other people's port 25.

Given that plus the fact that you have had complaints against that account (tracked down based on IP address and time) the vast majority of cases that must be reviewed based on the other spam criteria are actually spammers. Don't disconnect the line and risk being sued, just call them up and notify them of the substantial charges to their account.

As far from perfect as those measures might be, it's at least something. Perhaps ISP's should fund their abuse departments based on a principle similar to spamming. You'l only collect that $10,000 fine less than 1% of the time, but that small percentage is enough to pay for equipment and personel. If that doesn't cover it, up the fine.

Re:Why spam is such a pain to stop.

[elmegil]

the fines and penelties don't come into consideration unless you connect to sombody elses port 25 OR you send more than 1000 emails through your assigned mail server. Surely, at least 99% of your legitimate users will be immediatly exempted by that while no spammer will be. If you want to be more sure, stipulate that connecting to someone elses port 25 is still exempt if you send less than X KB to other people's port 25.

While I like the general gist of what you're saying, I think simply connecting to someone else's port 25 is ridiculously wrong as a criterion. I have multiple email accounts, and if I dial up when my DSL is down, the dial up will NOT let me change my reply name to my actual main email account. So I have to connect to the DSL account's SMTP server. I think that the limitation on KB is probably reasonable though.

Re:Why spam is such a pain to stop.

[sjames]

I think simply connecting to someone else's port 25 is ridiculously wrong as a criterion.

It is probably better to use that in conjunction w/ a KB limit. Either way, meeting that criterion shouldn't in itself incur the fine, it should just be one criterion. There would also have to be multiple complaints and reason to believe that it was actually unsolicited and commercial. I say multiple complaints to eliminate most cases where someone (possably a spammer you help to nail) wants to be an @$$hole by signing up for a mailing list and then complaining.

spamming direct vs relaying

[Skapare]

If a major ISP wants to allow a spammer to operate, then the way they should do it is to require it be done from a dedicated circuit, and to prohibit relaying through any mail server not listed in the DNS for the destination address. Such an operation is very easy to block on the receiving end. In addition to RBL/DUL/RSS, I also have my own DNS zone to block my own set of IP addresses.

My point of view on this is that if someone actually wants to be a part of this and get spam, they should be allowed to do so. Likewise, someone who does not should not have to. I'm not opposed to an ISP that wants to allow spammers to send bulk email in a legitimate (e.g. identifiable, easy to block) way. Anything less is, IMHO, fraud (and if the ISP knows it's going on, is a party to the fraud, also IMHO).

What I want to know is if Nace and SyberSchool are sending their email direct (doing normal DNS MX lookups and sending to the designated host) or if they are doing relaying through innocent third party mail servers. If it is the latter case, then I think they should be cut off. If the former, then I have no problem with it because I can block them myself very easily (your ISP can, too, if they want to).

Re:semi-off-topic: slashdot needs to change spam i

[m4dm4x]

SPAM is used as opposed to spam, for the emphasis on horrible processed material more akin to the Hormel attrocity.

I'm still waiting to see *new* clear spam, or vermicelli spam... also known as sporm... then I will know hell hath no fury like the abortions of human stupidity..

Spam on LinuxBase.org

[pranalukas]

The thing is, some people claim that spam is legal.. Some people have legality tendency to say that spam, as regulated by Under Bill s.1618 TITLE III passed by the 105th U.S. Congress this letter is not considered "spam."

These kind of people should be eliminated since not everybody lives in USA. For example: LinuxBase.Org was spammed: http://lists.debian.org/lsb-impl-0012/msg00000.htm l

How can we prevent things like this happening? Take a look at the spam message over there. They claimed that their "expert programmers have made it possible for us to penetrate any email blocking filter in use."

Re:Spam on LinuxBase.org

[svallarian]

>by Under Bill s.1618 TITLE III passed by the > >105th U.S. Congress this letter
More BS from the same people who bring you all the chain letters about the FCC banning "Touched by an Angel".
Bill s.1618 was proposed, and quickly shot down..
Steven V.

Re:What about 2nd had spam?

[Skapare]

If the IP addresses are static (and usually they are on T3 and T1) then smack yourself for not blocking them on the first incident.

Re:Effectiveness of SPAM

[llywrch]

> Is SPAMing even getting through anymore?

I've only had a ``gut-feeling" answer to your question until I stumbled across the following about six months ago. It is the only fact I have seen about this anywhere. (Yes, the writer is from AOL. But I am still amazed at a response rate far above the typical 3-5% for junk mail.)

Until I read it, I always thought the way people made money from spam in this manner: spammers found marks, promised them alot of money if they let them advertise for them on the Interent, sent out the spam, & made off with the money while the mark took the fall. If this email is any indication, a spammer may actually get useful leads & make somem sales from engaging in this obnoxious activity!

Geoff

[from http://www.zdnet.com/tlkbck/comment/82/0,9586,8218 1-318280,00.html]

Name: Patti Illingworth
Email: plifrog@aol.com
Location: Reno, NV
Occupation: Secretary

I am a small business and use the computer on an individual level. We are not
network but we have the same problems. I also use the internet for personal
things, such as just enjoying it. I get quite a few commercial spams and LOADS
of the porn crap, which I am not interested in. I am with AOL and they have an
email address that I just forward the junk to. I have never gone so far as to
CLICK on one of their hyperlinks and don't intend to. The biggest bother is just
spending the time forwarding and deleting it. Someone did get into my computer
once with a Trojan Horse program and somehow got my password and sent a lot
of this trash out in my name. I was temporarily kicked off of AOL and had to
spend a lot of time just getting rid of the stuff. Overnite, I had 450 messages from
people responding to whatever it said (I never did see the original letter) about
80% were very angry and called me every name imaginable. The other 20%
were responding positively and wanted more information. What a mess that was.
I am aware that it is going to be a difficult thing to stop. We just all need to not let
it bother us and keep on living. I have gotten over being frustrated by it and just
know that some of my time each day will be spent getting these jerks off of my
machine.

Thanks for letting me vent.

Re:man

[Skapare]

Goodbye Anonymous Coward. You posted too much anyway.

two words:

[otis+wildflower]

SMTP AUTH

(or, even better, require signing certs authorized by the ISP.. One can dream...)
Your Working Boy,

How About Forged Spam?

[NeuroManson]

For the last few months, probably due to the leaked e-mail addresses from Digital Convergance, I've been recieving spam from an e-mail forger... Unfortunately, the spammer in question also changes his address, such as akdsjksd@msn.com or what have you, followed with a subject line such as: Get Mortgage Loans Today! [2387sd]

I've attempted to filter for msn and yahoo addresses, as I rarely recieve anything from those, but that didn't work (so sue me, I'm too lazy to learn any other e-mail software other than Outlook Express)...

Other than the universal "use other software", "switch to linux", etc, responses, how does one block against such spam abuses? At least with legitimate spam, I can respond and get them to remove me from their lists... But the spam with forged addresses, of course I cannot simply respond to get it shut down...

Spam recieved since day one..

[nolife]

Verizon sucks. Three days after I started using their dialup I already had 14 spammed messages. And I NEVER gave, wrote down, spoke out loud, my account name a single time. I get at least 50 junk mails a week and i still have never given, used this email account to anyone since day one. I ,mainly use my old shell account from my previous ISP or Yahoo. I emailed Verizon asking how this was possible. I was given a canned response with a link to the Verizon SPAM FAQ.

Basically the solution is to never give out your email address (which I never have) and filter the crap that gets through on your own end! Verizon is ALMOST as bad as Hotmail..

Re:Spam recieved since day one..

[nolife]

Damit, I put this reply under the wrong story.. It was supposed to go to the Verizon thread. Too many SPAM stories on /. today.

Re:"Broken Windows" approach to dealing with Spam

Christ!

FINE, I admit it. It was me. I let the dogs out. I thought they were hungry, so I went over to their kennel and unlatched the gate. I didn't realize such a horrible problem would ensue. Please forgive me for letting the dogs out.

Block, then authorize and collect deposit

[just+someone]

If you need direct port 25 access, then you have an idea about what's going on.

ISP should let you sign up for it, authorize it, and perhaps put a large deposit down to insure proper use.

I like the idea listed in the maps rbl, just route all port 25 traffic to the local ISP smtp, then the ISP can add tracking information (x-track-userid,x-orig-smtp, and not rewrite the header). Most users would never notice this, and might actually benefit (no more x-plaining, why can't i send mail through our server while I'm at a conference)

If is was a smart system, then it would alert the ISP that a user was trying to directly contact an open relay server... and ...

Re:Others prevent spam, why not UUNet

[yesod]

Of course, its somewhat naive to compare an ISP the size of UUnet to Freeserve - just in terms of dialup locations.

Re:Effectiveness of SPAM

[llywrch]

> Actually, you've put your finger on an important point -- in the case you cited, the spammer wasn't getting a response, and
> wasn't likely to for very long (if at all).

And your response brought out another: there is far more rumor & myth in circulation concerning spam than there is fact. (Sorta like the other other boogie men of modern life -- the drug trade & child pornography -- your cite, including the other links on the Salon web page -- effectively tripled the literature I could quote about the effectiveness of spam advertising.)

I guess I have to revrt to my original assumption about spamming: the only people making money from this are the folks selling the mailing lists or software to other folks who then send their solicitations to millions of email addresses, & lose their Internet access in exchange for a handful of responses -- if they are lucky enough to receive them.

Like P.T.Barnum once said, ``There's a fool born every minute, & two to take him."

Geoff

Blocking further up the line...

[HiyaPower]

One way to get folks to pay attention is for some of the larger ISPs to block further up the line. If Mediaone (now AT&T Broadband) were to block all mail traffic from MSN, it would certainly catch someone's attention and make them clean up their shop real, real fast. For me to trash all MSN mail would perhaps work for me (I indeed do trash entire domains privately), but not do anything to reduce the core problem that MSN is spam friendly. Companies likes da back and if they start losing paying customers because they are skunk striped due to some spammers he has welcomed, those spammers will get the heave ho real fast.

Re:Hmmm....

[tpv]

I think that $10 billion is well spent.
Those spammers aren't paying their pink-contract fees!
If UUnet moved all their spammers onto pink contracts, they'd make much a high profit.

--

Re:What about stamps & lots of gray areas

[prisoner]

Other than the high-handed tone of your screed, You some good points....and some not so good points. For instance, you *do* pay to receive "spam" via US mail. As the volume of mail grows, the facilities required to handle this mail grows along with it. Who the hell do you think pays for more delivery men, sorters, trucks and all of the other shit that goes along with it. The people who produce junk mail don't make one lump sum payment to enhance the facilities of the USPS. The volume increase isn't due to personal letters my friend. You also pay as you have to fedex stuff around the country so that it will get there in a reasonable amount of time. I think that this particular argument is far more than a "tired old analogy".
As far as the content of the spam goes, it's not my "pet cause", I'm just sick of having to explain to my parents, and other older users of the medium why they get emails about "hot teens" and whatnot.

50 emails/day

[nuggz]

Personal use I send 10 or so emails a day.
School stuff I send 0-40 a day (group work, copy 3 or 4 people adds up fast)
At work when I worked nights everyone else worked days I was easily sending 100-200 a day. I would guess people who work at home would have similar needs.

I would be pretty pissed off to have to give a $200 deposit to send email. Although some sort of authentication to send over X emails/day would be reasonable.

Block 25

[nuggz]

My ISP blocks outgoing smtp traffic, I MUST use their mailserver. It is annoying, particularly with poorly set up mail servers.
But now I just forward to theirs, and everything is fine.

Forcing the Reply/From headers is just stupid, I would leave my ISP for that kinda shit

Get a provider with a clue.

[mrsam]

The obvious solution to your problem is to sign up with a broadband provider that explicitly allows their consumers to operate servers. Yes. There are broadband providers who do that, and whose salespeople and tech support people do not get a brain hemorrage when they hear that you run Linux.

---

Not fair, but effictive..

Here is a link to a special BlackHole List. It is rather arbitrary ( see its name.. ) but quite effictive. I've been using it for some weeks now and the amount of known-spammers for our domain has dramatically decreased. See http://rbl.v6net.org

If credit fraud is a problem, where's the FBI?

[swb]

I'll guess that type 2 spammers (smart dialup users) are a biggest part of the problem, and they're registering many accounts with stolen credit cards, wouldn't the combination of frauds taking place here (and we'll assume that most of the business opportunities are fraudulent at best, and most are prima facia illegal) warrant a serious FBI task force?

They seem to have plenty of time and money to chase script kiddies whose "damage" may only be limited to B&E, but chasing people who steal service with stolen credit cards so they can promote criminal enterprises strikes me as more important by an order of magnitude.

Re:Buying a Domain for Email

[Skapare]

If you run your own mail server or an ISP, just block most of the spam via RBL/DUL/RSS from MAPS. If you don't run a mail server, choose an ISP that does these things for you on theirs. That will block most of your bandwidth waste.

Re:Truth to $500 fine?

[gothic]

I wish I could tell you the correct US Code...But here is the "$500" part:

(B) an action to recover for actual monetary loss from such a violation, or to receive $500 in damages for each such violation, whichever is greater, or
(C) both such actions.

This is about Fax spamming...Or misuse of telephone equipment... If you look at it loosely enough, email could apply... In the real world, I doubt it would hold up...But heck, there are some good lawyers out there... (Good being figurative =]) ...

All I have is the Section # and title:

Sec. 227. Restrictions on use of telephone equipment

You could do a search on that, and find it though, I'm sure..

Most of my spam comes via Slashdot

[Animats]

I get more spam from reply addresss I use on Slashdot than from any other source. My address above is valid, but is filtered by SpamCop. Probably a few hundred of those UUNET reports are mine.

There really aren't that many different spammers. There are probably less than 100 people behind all the spam. If spamming was illegal, and some lawyer made a business of going after the top offender on Spamcop every month, spam would be gone in a year or two.

Re:Most of my spam comes via Slashdot

[Chris+Johnson]

I can believe that. I keep seeing the _same_ _ones_ over and over.

Spam reminds me of someone breaking into my house to write commercial messaages on my sticky-notes and paste them to the middle of my monitor, and then yelling at me because my pen's running out of ink. "How dare you let your pen run out of ink? I need to use that pen to save trees and exercise my right of free speech!" :P

Re:Most of my spam comes via Slashdot

[sporktoast]

Spam reminds me of someone breaking into my house to write commercial messaages on my sticky-notes and paste them to the middle of my monitor, and then yelling at me because my pen's running out of ink. "How dare you let your pen run out of ink? I need to use that pen to save trees and exercise my right of free speech!" :P

Reminds you? This has actually happened to you before?

expanding spamgourmet.com

[jqh1]

Another approach is to rig up a domain with blocking rules that allow for easy disposable email addresses -- that is, one or a few messages are allowed on a particular address, and the rest are /dev/null'ed. The trick here is to make defeating spam easier than accepting it in the short term, that is, when you're putting your address somewhere that's likely to get it added to a list. Without that, I've frequently taken short term convenience at the price of long term spam-saturation. I've had an address for years that is just snowballing with spam, but I'm reluctant to get rid of it.

Now I think spamgourmet.com will accept mail from other domains, if the MX record for the domain points to the server, but I'm not sure. It'd be interesting to find out one way or the other, and/or to move the site to a server where it could...

What is the real root of spam?

[dkemist]

Ok, maybe I'm naive here, but I've seen enough to realize that capitalistic forces tend to set the course of just about everything in today's world. Which leads me to the question, which benefits from spam. I'll have to assume that all the corporate spammers out there are striving to make some money out of their efforts in some way. Wouldn't one of the most effective anti-spam campaigns be to simply cut off that revenue stream? I'm not sure I've ever actually read a spam email, so I may be out on a limb here, but if people just stop buying or browsing to whatever spammers are selling, they should start to go away.

Kind of like that Simpsons' Halloween episode where the commercial mascots went nuts until everyone ignored them.

solution

[DuckWing]

Find the spammer, sue them for $1,000,000 for violating the AUP, giving 1/2 to the person who reported the spam. Then have them shot and drawn and 1/4'd so they never do it again. Finally, hit them with an ICBM. That'll put fear in the ranks of those jerks.

UUNet isn't hte only problems, a lot of spam comes from .kr, and .jp domains or through public email lists (DO YOU HEAR ME GIMP-USER AND GIMP-DEV LISTS! SHUT DOWN THE FRICKEN PUBLIC POSTS!)

Re:solution

[robhancock]

I don't think that much actually comes directly from .kr and .jp, it's just that those countries have large numbers of open mail relays, some of which are so badly configured that they don't even bother to say where the message originally came from..

Re:Others prevent spam, why not UUNet

[svallarian]

so shit, you're going to boycott the entire US east coast net traffic?

Good luck with that one!

Steven V.

It's Getting Better. Really.

[cjsnell]

PSI had taken (and deserved) a ton of flak in the past because of their crumby handling of UCE and abuse complaints. Fortunately, I think that the pressure of MAPS and others is finally forcing some changes at the companies.

Last week, I had a problem with a PSI customer with a stuck browser who was (accidentally) hammering our shopping cart script. I called up the number listed in the WHOIS record for PSI.net. A few simple keypresses and maybe 20 seconds later, I was connected with the abuse department. I was speaking to a real, live person! The representative was friendly and understanding and willing to take immediate action against the abuse. She requested that I send logs to abuse@psi.net and while I still had her on the phone, I was to wait for a trouble ticket number. A few seconds later, I gave her my trouble ticket number and she took action while I was still on the phone with her. Amazing.

I used to work for a large cable modem ISP and our "Abuse" department at the time was one lady and an always-full voicemail system and mail queue. Keep up the good work, UCE crusaders. It's finally paying off.

Re:A Solution

[mihalis]

Pick an account. Aol, yahoo, whatever. Start replying to spams. Act interested. Act like some idiot fool with cash to burn. Sure, you'll get added to even more lists, but odds are that the original spammer will REPLY TO YOU to get more information.

And what do we now have? THE SPAMMER'S ADDRESS.

Maybe it's not his personal account. But it sure as heck is one he cares about. He checks it for his business. It is very critical for him to have a business account to contact his clients (cough-easymarks-cough).

This sounds very promising, except that spammers are normally either reachable by phone, or they have a website they are promoting. From what I've heard about reading up about spam in various forums, they don't tend to use a real email address to do business - well, they'd get spammed if they did that, wouldn't they!

It's the fraud that's the problem

[TheInternet]

Not to sound horrible here, but we all manage to live with spam pretty well, it's not like it's all that much of a hassle. I just keep a variety of email addresses to give out for different purposes.

You might possibly be able to convince me to see your viewpoint if 90% of my spam wasn't out-and-out fraud/get rich quick/pyramid schemes. A lot of these things that the spammers are pushing are flat out illegal (under U.S. law), and some people are uninformed enough to buy into them. So maybe port filtering is not the answer, but I don't think spam is okay to live with, at least not the type I'm accustomed to receiving. This is people abusing the system. And unless we continue to fight back in force, it will get worse. There is no doubt in my mind about that.

- Scott


------
Scott Stevenson

Re:I dont have a spam problem

[Orang]

I realize not everyone will setup filters, but as long as I have them for me it isn't a problem anymore!

And that makes it okay?

Re:Effectiveness of SPAM

[shogun]

Yeah it gets the bbq going great, however it tends to set you on fire too..

But can the ISP do it?

[RallyDriver]

We're on a UUnet T1 at work, and run our own mail server. I really don't want the hassle of having to bounce all my mail through UUnet's boxes, and neither do they - it just increases their network and server load for no reason. I pay them for a pipe and some minimal DNS replication. I *want* to run my own boxes.

Also, one thing the proponents of all these fancy ISP-based solutions seem to overlook is, does the ISP have the staff? With the competitive pricing in the market it is hard for ISP's to afford good staff. I won't mention names, but we had a customer whose office internet and email (and hence DNS) was provided by a major regional ISP, and when we put their new website live I went through three calls and about ten people to find a support person there who understood the concept of why I wanted an A record for the domain name itself.

Re:Effectiveness of SPAM

[corbettw]

The response rate isn't 20%, the percent of people responding positively is. Since the original writer doesn't know how many emails were sent out, we don't know the response rate.

Re:goodbye AC

[Mrs+Anonymous+Coward]

&& d0n'7 forg3t to g0 by the st0re and g3T s0me SOAP on the way h0me!!
\0x0x0x0x ... l0v3 y0u ,,,
Mrs AC :)

uunet doesn't give a shit

[neowintermute]

I wonder why they're even in charge of this. This issue obviously affects their business very little, since they sell access, and spammers need bandwidth and we need bandwidth to download all that spam.

I personally used to always send unsolicited emails to abuse@uunet.com and I don't remmeber ever seeing anything come out of it. Those addresses I used to use still get insane amounts of spam. It's ridiculous.

Even my new addresses, which I've only been using for about a month, are already getting spammed. And I only use them for business functions and I'm always careful to not uncheck the "send me more info" buttons.

Obviously, spam is way out of control at this point and needs to be controlled by a different organization.

Maybe someone like internic or icann, at the domain name level, can have enough power to really do something about spammers.


___________________________
http://www.hyperpoem.net

Re:Effectiveness of SPAM

[The_Laughing_God]

Actually, you've put your finger on an important point -- in the case you cited, the spammer wasn't getting a response, and wasn't likely to for very long (if at all). A trojan may get you SMTP access (or an account password), but once complaints start arriving in the POP box a few hours later, the user will call customer support, change their password, and/or run that virus scan they have been ignoring for months.

This is a general problem. Salon did an article reporting their miserable experiences in trying to respond to spam. Basically, they couldn't get through to anyone!

So aside from the common sense of the recipient, there is a real question how would-be suckers can actually learn where send their hard-earned money when spammers are so elusive. Web pages are one answer, but In the weeks after that Salon article, I tried a few times, and found that the spammer Web sites were usually either dead or empty.

Much (but by no means all) apparent spam is actually meant to harrass the unwitting "sender", either as a vendetta or a blind script-kiddie prank. In managing several domains, I have seen a lot of spam that would never be commercially viable because the sender could never, even in theory, get a reply.

Of course, if there are only a million idiots out there, and each of them periodically decided to 'give it one more try' with that software they wasted $35 on... that adds up to many billions of spam a year, and that's still just a drop in the bucket.

take the hotmail approach

[rsimmons]

uu.net should take the shoot first, ask questions later approach that hotmail.com does. The problem that large ISPs have is their dialup customers, its quite difficult to track down a spammer on a dynamic IP. I imagine thats the main problem that uu.net has.

Re:UUnet: Utterly Useless

[mmontour]

Here's a page from spamcop.net (a spam-reporting and filtering service which I highly recommend) that people might find interesting: http://spamcop.net/stats/biggest_source.html.

This is the list of top sources of spam as reported through their service - #1 is UU.net with 43811 reports. #2, a distant second, is sympatico.ca with 3168. Draw your own conclusions.

Logs

[svallarian]

Why can't the ISP track the phone lines (via call waiting or such) and track down the spammer like that?

Steven V.

Re:Truth to $500 fine?

[svallarian]

Just forward your email to your fax machine for a day...and wait!

Steven V.

Hormel?

This Question is kind of silly, but I really would like an answer.
Does anyone know how Hormel feels about the usage of the word spam in reference to things besides the meat? (Hormel is the company that makes Spam, the food) Have they ever tried to discourage its use in reference to things besides the meat? Anyone?

Re:Hormel?

[robhancock]

Someone just posted their feelings on the matter above. They don't mind "spam" being used for junk email but they don't like it in all caps (SPAM) and they don't like the product picture being used (like Slashdot does, actually..)

Exponential backoff and account classes

[erice]

Actually, a better way is not to give an explicit limit but employ exponential backoff, like some news servers do. After a small number of messages, each additional message is delayed by an increasing amount. The delays soon become prohibitive.

If a user actually has legitimately need to send large quantities then they need to get a "bulk mail" account. No significant differences from a normal account except that the backoff is eliminated, identity confirmation is required, and an agreement must be signed holding the customer liable for damages if they do spam.

I wonder if it would be practicial to impliment some form of exponential backoff in a router. 'Be tough to distinguish spam from large attachments I suppose.

Allow direct port 25 only from confirmed accounts

[erice]

There are legitimate reasons to have direct port 25 access. The solution, IMHO, is to require ID confirmation and some sort of a deposit to gain port 25 access. It may take a few days to set up but that's no big deal for a legitimate user. 'Makes it pretty hard for a hit and run spammer though.

"Broken Windows" approach to dealing with Spam

[OnanTheBarbarian]

Prevention is better than cure, in this case.

This seems like an area where a faster, tougher response to spam would greatly reduce their problems with it. If UUnet were to have a working group that spanned the legal, sales and abuse departments that pretty much responded to spam within 12 hours (or some similar short time) and expedited dealing with it, sure, that would cost them a lot more money.

On the other hand, they'd ultimately have less work to do; how many spammers would use the service if they knew that they'd get about 24 hours of use.

A further twist would be placing some sort of brake on large amounts of outgoing mail - perhaps every 10 complaints received reduces the # of messages per hour by 10% that UUnet will handle from these people (or further, artificially choking off the bandwidth of outgoing packets that are directed at port 25 - although that might be infeasible technically). If it turns out the complaints are not well-founded, then the brake could be removed.

Of course, if the ISPs are colluding with the spammers, there's not a whole lot one can do.

Re:"Broken Windows" approach to dealing with Spam

[drsoran]

Well, I think the spammers have gotten what they wanted. Spam has become so commonplace many people just accept it as fact and ignore it. This is probably the only long term solution that's going to ever work. Let the spam come to you and delete it without reading it. What I personally find offensive is when a spammer sends a message with faked addresses with a subject of something I may actually have been waiting to hear from about from a legitimate business only to have me open it up and find out it is some lame spam. Oh well.

Re:"Broken Windows" approach to dealing with Spam

[caite]

The whole spam problem seems to result from people not seeing their own impact on the situation. I hate to see restrictions on email, and tracking the volume of mail sent... but I don't think I've ever sent out 50 emails in a day.

The braking idea seems decent. And if you could only send out 10 emails a day with an account... Or maybe we should say that you can't send more than 100 emails a day with a free account.

Wonder whose ass you have to kick to get them to actually do something about the abusers who are spoiling the playground.

1/2 of it

[glowingspleen]

I guess hitting their website is usually pointless, but going to it and getting further contact info might help.

On the other side of the coin, if we get a phone #, who is to say that they don't get several dozen random phone calls from a DialPad bot? ;)

Re:Buying a Domain for Email

[greydmiyu]

You've not hit upon something new, you're just damned lucky. On both of my domains and all email addresses on those domains I've gotten spam in short order even though I know I was the first and only person to get the domain. And it isn't easy stuff, either. Hell, when I setup an account at a national ISP with this username (greydmiyu) which I have /NEVER/ seen anyone else use anywhere I was getting mail 2 DAYS later. I never use the account for anything since I have my own server. Go fig.

what a moron!

[SpitefulBen]

"We follow all the rules and regulations, and we've had full compliance with the law," Nace said, describing the 17 e-mail messages he says he sends over his two T1 lines each second. "All they have to do is say, 'we want off the list,' and they're off."
Nace takes exception to being called a spammer , a term he associates with pornographers. UUNet's reaction, he said, was unwarranted. "This is a clear-cut case of the big corporations telling the small operator, 'screw you.' " LOL!

Re:what a moron!

[sith]

He must have something configured very poorly if he can only pump 17 emails out a second over dual t1s. Crazy...

The truth about checking card numbers

[Tau+Zero]

Well the ISPs could start by checking the CC numbers they are given by the spammer. Facilities exist to do this but guess what - it costs to do each check, and they're just not prepare to pay.

If you validate the card number, you get used by fraudsters to validate randomly-generated card numbers for them. This can cost you an enormous amount of money before you can shut your service down.
"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \

Re:The truth about checking card numbers

[Orang]

No, you miss the point. Facilities exist to check that "Yes, that person does hold that card, his address is as given, and it has not been reported as stolen/missing."

Buying a Domain for Email

[nachoworld]

My solution to spam on my school account was simply telling friends that I won't accept any email from msn.com and then filter out the whole domain. So far this has worked wonders. Now I know why I have received so much mail originating from msn.com - I read in the linked article that msn is a UUnet partner and that it lacks port 25 filtering. I wish I didn't have to filter out a whole origin domain. I would just ditch the account, but my school refuses to send school-related email to another account.

However the BEST way to go spam-free is to buy oneself a domain that has never been bought before. I have unlimited POP3 (within the space limits that my hoster provides) for myself a few of my friends. I have been spam free on my domain email for just over 2 years now. Not one single one. It's worth the price of email hosting. Just make sure no one has ever had the domain before and let it go back up for sale. Another of my domains have spam associated with certain email addresses. Careless past owners and users! It was funny though seeing the "kmoore" that previously had an email account has subscribed to various porn sites.

---

Re:Buying a Domain for Email

[limbostar]

You are a very lucky man. The email address I used to get my first domain was an address I got back in high school from a local government push to 'get that thar interweb into the city'. These people wouldn't know how to harvest email addresses if I told them.

But that address has recieved a steady dosage of spam since I registered the domain, as has root@, admin@, sales@, webmaster@, and a few other generic .com-type addresses. And I'm pretty sure (although I can't verify it) that 'awdang.com' has never been owned before.

Eventually I just gave up on the dream of not having spam. Now it's turned into my spam sandbox...

--sjd;

Re:Others prevent spam, why not UUNet

[PolaRis75]

Well, I can't speak for UUNet US, but I work for UUNet Canada, and the guy who takes care of spammers works in the same department as me, and I can say with 100% assurance, ANY spam complaint he recieves, is dealt with swiftly, and immediately. I've seen him turn off a customer's 10 meg bustable ethernet connection before, just because they had an open SMTP server that was being used for spam, and until the customer fixed it, they remained disconnected.

You must reply to all spam!!!!!

[LennyDotCom]

Because it cost them time and money
they get a tiny return on their efforts
If a small percenatage reply especially to
the spam with 800 numbers it will cost
spammers more time effort clogged phone systems
bogus e-mail signup forms
I effect we can spam them to death
becuase every bogus reply will cost them something.

The Star Chamber

[Lauritz]

12 sys-admins around a dimly light table:

- "Here is yet another one: 'My friends, are you running into brick walls with your job?'"

- "Shall me vote right away?"

- "Guilty"

- "Guilty"

- "Guilty"

- "Guilty"

...

- "I'll the arrangements"

You must reply to all SPAM!!!!!!

[LennyDotCom]

Because it cost them time and money

they get a tiny return on their efforts

If a small percenatage reply especially to

the spam with 800 numbers it will cost

spammers more time effort clogged phone systems

bogus e-mail signup forms

I effect we can spam them to death

becuase every bogus reply will cost them something.

Dealing with uu.net's spam.

[chemguru]

Coming from a fairly large ISP in the southeast, I had to deal with spam from uu.net hitting our subsidiary company's mail servers. Complaining to abuse@uu.net usually did nothing but generate the usual Auto-Reply: " Here is your case number. And well get back to next year...." In the case of a massive attack, the only quickfire solution was to blacklist uu.net on the mail server. Calling uu.net's NOC was like trying to call the cable company at 4:50pm about your cable being out and needing repair; you play the on hold game for 30 mins. Meanwhile, if your queue doesn't break 8000, your sendmail connections top 1000. Uunet needs to rethink their abuse policy and procedures.

But I love SPAM

[FrostedChaos]

Some people, driven doubtless by the monotony and unrelenting drollity of their lives, have impugned the good name of SPAM. Needless to say, THIS MUST STOP!

I love spam. Spam is my favorite food. Its light and understated taste refreshes and cleanses the palette after a dish of caviar. Its airy and delicate flavor compliments truffles, eggplant, and parmesan.

It contains partial supplies of 2 vitamins and minerals! It even- imagine this- stays crunchy in milk. If you ask the finest chiefs in the world which pink meat product they prefer, there can be only one choice.... S P A M

Thank you.

Get rich quick!

[xant]

By learning about my new patented method of spam prevention! For only $12.99 (PayPal accepted) you too can learn the secrets of spam prevention! And with these secrets, you too can

Enter a high-paying career in anti-spam technology with high-paying technology companies!

Earn money hawking anti-spam products!

Qualify for that second mortgage!

Yes, you only need to send $12.99 to the following addr

Click here to read something completely unrelated to the rest of this comment
--

Re:Effectiveness of SPAM

[robhancock]

The reason that the web pages are so often dead is that they're usually shut down for TOS violations too - SpamCop, for one, reports the admins of any web sites and email addresses linked to in spams it processes. Free web providers like Angelfire and Geocities, in particular, don't seem very hesitant at all to nuke spammer pages..

A Solution

[glowingspleen]

Q) What is the only way to effectively have a spam-free account?

A) Change your account frequently.

Yes, you could NEVER give it out, but then you might never know what silly shmuck friend of yours will forward an email you sent to a guy who sends out joke lists that are read by another guy who posts the list, email and all, on his website.

OR, you could be really creative and only make your listed reply-to addresses contain those witty NOSPAM.blah.com lines, which sooner or later (if not already) will simply be encoded by a spam collection bot to bypass in search of more legitimate addresses to collect and sell.


Q)What's the solution then?

A) Pick an account. Aol, yahoo, whatever. Start replying to spams. Act interested. Act like some idiot fool with cash to burn. Sure, you'll get added to even more lists, but odds are that the original spammer will REPLY TO YOU to get more information.

And what do we now have? THE SPAMMER'S ADDRESS.

Maybe it's not his personal account. But it sure as heck is one he cares about. He checks it for his business. It is very critical for him to have a business account to contact his clients (cough-easymarks-cough).

So now what do we do? Submit it to some grassroots organization that stores the address. They'll register a few hundred random accounts at legitmate locations (we don't want to spam him back with false addresses like he did, now do we?) and send him oh, 400 emails with varying lengths and varying titles and varying names EVERY DAY. He won't be able to sort out who is who and will waste a bulk of his time trying to find 1 or 2 legitmate buyers.

Thus the loop is complete. They waste our time, we waste theirs. Sooner or later, 95% of them will deem the practice to be more trouble than it is worth. It's not perfect, and sure there are a few holes in the idea, but how does it sound as a start?

Nace is obviously a spammer

> "We follow all the rules and regulations,and
> we've had full compliance with the law," Nace
> said, describing the 17 e-mail messages he says
> he sends over his two T1 lines each second. "All
> they have to do is say, 'we want off the list,'
> and they're off."

Any time you HAVE to opt-out of a "service" by sending a "take me off the list", then you are a spammer.

This guy is a clear-cut spammer. His account should have been revoked from day 1.

S.1618 is Great for Filtering - only spam uses it

[billstewart]

A couple of years ago, when S.1618 was proposed, there was discussion about it on some mailing lists that was interesting. That's long over with, and every piece of email I receive that refers to it is SPAM. So if you set your email filters to trash email referring to "[Ss].1618" and "[Ss] .1618" you'll only trash spam, not real messages.

I dont have a spam problem

[kilgore_47]

I havn't really minded spam since I setup mail filters to delete all messages that dont have my email address or one of my forwarding accounts in the TO or CC fields, or are sent from a sender on a predefined list of OK mass mailings (ie listservs). Even hotmail has basic mail filtering ability; if everyone setup filters spam would not be profitable. I realize not everyone will setup filters, but as long as I have them for me it isn't a problem anymore!

It is yOur duty to reply to SPAM!!!!!!!

[LennyDotCom]

Because it costs them time and money
they get a tiny return on their efforts
If a small percenatage reply especially to
the spam with 800 numbers it will cost
spammers more time effort clogged phone systems
bogus e-mail signup forms
In effect we can spam them to death
becuase every bogus reply will cost them something.

YOU HAVE TO REPLY TO SPAM!!!!! IT"S YOUR DUTY

[LennyDotCom]

Because it cost them time and money
they get a tiny return on their efforts
If a small percenatage reply especially to
the spam with 800 numbers it will cost

spammers more time effort clogged phone systems

bogus e-mail signup forms

I effect we can spam them to death

becuase every bogus reply will cost them something.

My very recent expirience with UUNet

[charon.de]

I had/have some trouble with an UUNet customer who is an extrem spammer, he sends lot of mail, with large CC lists to an open relay in the .cn domain, we get the To: , cause it's for a domain we have the MX, most disturbing is of course that the open relays in .cn drop the CC and we get lots of angry mails from customer, who get those spam.

I mailed UUNet, got a trouble ticket and it looked like they closed his account, but he just signs up a new one and it starts all over again.

I mailed the admins in the .cn domain, that they close their open relay, but a short nmap scan showed me, that they are using M$ server with all ports open and have perhaps no clue how to close it, they just don't react on my mails...:-(

Looks like I couldn't do much about it...Perhaps I should launch some DOS attacks to bring those M$ servers down, wouldn't be very friendly, I known, but it looks like, it could be the only thing I could try to prevent those spam...sad...

Michael

Exactly...

[schon]

It's technical term is DNIS - and every termserver that I know of supports it.

You get your terminal server to send the DNIS to the Radius accounting server, and the Radius server to log it in the accounting records.

If someone is using a forged/stolen CC number, you give this information to the police, and send the bastard to jail.

Credit card fraud is taken _very_ seriously by the police.

My Own personal solution...

[SupahVee]

Here's what I do to prevent it, or rather keep it from showing up in my primary mailbox.

Keep many email addresses, I have about 6 or so, I think. I have one that doesn't go out to anyone but my friends and family, period. I have another one that I use for signing up for free crap on the internet. I check it every couple days, I usually has 100+ every time I clean out the box.

Then comes the fun part: I have a few more addresses that I track very carefully. I have a notebook of what email addy I used to sign up for what. Then, when I start getting spam on any of the dummy accts, it makes it easy to figure out what company is either a) spamming you, or b) selling your email addy to a spammer.

I also do the same thing with my regular mail address when I sign up for things. Just toss in an intentional type-o and watch it flourish from one company to 15+. (I have mail coming to me from about that many companies with the same type-o on it, none will own up to where they got it)

On a side note, you can sorta do the same thing with telemarketers, but fucking with them is a lot more fun than blocking them entirely. I once had the rare opportunity to make a carpet cleaning company hang up on me for keeping them on the phone for twenty minutes only to tell them that I have wood floors. Laughed my ass off for weeks on that one...

Re:Spam and the road warrier

[drsoran]

Exactly. I've setup a domain and colocated mail server for my family and friends to use as an SMTP server and POP/IMAP server so they don't have to deal with the inept ISPs' tech support. So now with ISPs apparently starting to block outbound port 25 it gets a little annoying... but no matter. The SMTP server can just as easily also listen on 1025 or 2025 or whatever easily bypassing their lame filtering. Personally I'm of the opinion that an ISP that you pay for should do NO filtering other than private IP and anti-spoofing of their address space and let the end user deal with the spam, NetBIOS traffic, etc. ISPs shouldn't be in the business of blocking anything they should be in the business of providing you the fastest, most reliably open internet access that you can get for your money.

Spoofing

[Mike1024]

Hey,

Nace also said that when pressed by one of Nace's co-workers, the UUNet staffer told the co-worker that he was "stupid for not using cloaking software," to hide the IP address of his outgoing mail.

Well, nace was stupid for not constructing fake packets, but any URL has to point to his website in any case, and the URL kinda identifies the account.

Some send a reply, with the subject "remove" in the header, looking to escape from future mailings. Some add death threats, Nace said... Nace takes exception to being called a spammer, a term he associates with pornographers. UUNet's reaction, he said, was unwarranted. "This is a clear-cut case of the big corporations telling the small operator, 'screw you.' "

As oppoosed to, say, a clear-cut case of the big corporations enforcing thier terms of service, whilst people who have been sent spam say 'screw you', or maybe 'I will personally hunt you down and gouge out your eyes with my Leatherman'.

On a more seroius note, why don't UUNet say 'After ten complaints from demonstratably different parties, your connection will be suspended whilst we investigate'? That would allow near-instant shutdown with big UCE incidents.

Michael

...another comment from Michael Tandy.

What about stamps & lots of gray areas

[prisoner]

It occurs to me that there are two problems here: 1) everyone likes to bitch about spam but how much of the bitching has to do with getting unsolicited email and how much has to do with the larger problems (and costs) that the ever-increasing volume of spam (and legit) email produces? I think that the fundamental nature of the internet has clearly gone from the early "Internet Club" (duh) to a commercial medium. Every other commercial medium (TV, Radio, even US mail) produces huge amounts of unsolicited advertisements. Anyone ever complain to the USPS about the gigantic volume of junk mail that shows up in your mail every day? Anyone ever tried to "unsubscribe" from junk mail in your regular mail? I'd bet 99% of people haven't. It seems to me that the thing to do is to figure out a way to make commercial users of email (advertisers specificly) pay to support the medium. In addition to supporting the medium, there should be some rules about what kind of content is allowable in these emails. And don't even start yammering about fucking first amendment issues. I've yet to get a piece of mail from the postman about some chick that likes to take it in the ass.

The second issue is that this mob rules mentality that most anti-spammers seem to have screws up other legitimate uses of email. The "Newsletters" that many sites send out seem to fall into a gray area that threatens to eliminate this otherwise useful feature. Many small sites (who seem to constitute an ever-increasing percentage of sites) use newsletters to keep users coming back and these newsletters are an important piece of their strategy!

In summary, perhaps this is a good place for the gov't to get more fully involved. I don't normally advocate this type of governmental activity but I think it would be best to solve this problem in a coherent manner before one of the spammers manages to line up a court case involving an equal protection issue or some such.

Fake accounts

[h0mi]

I believe you're correct, regarding the use of stolen cc's and the like, but can't these people then get thrown in jail? Last time I checked, credit card fraud was illegal, and shouldn't we be seeing a bigger effort made to stopping that sort of thing?

The reason why.

[mindstrm]

ISP's are seen as responsible is it's only the ISP who can say 'you can't use our service'. THe ISP can set terms of use. If spammers want to hop providers, fine.. what the anti-spam world wants is for NO providers to allow spam, or for the ones that do to be easily identifiable.

Very interesting.

[jcr]

UUNet has 43,576 complaints, and the next highest is (sympatico.ca) has only 2,994.

I think that puts UUNet right into AGIS territory in my book. Time to shut the fuckers down until they clean up their act.

-jcr

syberschool.net is down...

[jcr]

Assuming it's not just slashdotted, I'd like to thank whoever cracked and crashed that motherfucker's server.

-jcr

Others prevent spam, why not UUNet

[Charles+Dodgeson]

Other ISPs, including freeserve, the largest in the UK, prevent spam from their customers and spam advertising their customers.

So I don't believe UUNet's "we're trying but it's hard" story. They are lying. And it is about time that we consider a boycott of UUNet's parent, MCI-Worldcom.

Should the ISP be responsible?

[enterfornone]

The problem with making the ISP responsible for spamming is that they will just go to another provider. In the case of warez, kiddie porn, DeCSS etc. no one expects the ISP to take action, they go after the people responsible. We need a way to go after the spammers ourselves, rrather than leaving it to an ISP that may or may not do anything.

One way to stop spam would be via compulsary encryption. Then only people who take the time to obtain your key will be able to mail you, and you will always be able to verify the identity of the sender via their key.

Hmmm....

[max99ted]

The company spends about $10 million a year fighting spam. "We have a process in place, and we want to be fair to all our customers." Haight said he doesn't doubt that UUNet's technical staff works hard to fight spam, but he questions the company's priorities. "UUNet spends two or three million dollars a day upgrading their network. Spam is not costing them enough to clean up their mess." Other ISPs that spend money for excess capacity to handle the spam e-mail -- up to 40 percent of traffic -- bear the financial burden, a burden eventually passed on to consumers, he said.

Maybe it's me but this paragraph sums it up nicely. UUNet spends (approx) half a billion dollars a year on network upgrades (5*52*2mil) and passes on these costs to ISPs that need the bandwidth to handle the onslaught of spam email coming down the pipe from companies that UUNet negotiates "pink contracts" with - all the while spending 10 million a year on spam cops to screw over the rest.

Nice.

Effectiveness of SPAM

[Tuzanor]

I've always wondered, how effective is SPAM anymore? People get so much junk email nowadays then they just delete it without even thinking twice. Even regular peple who can't figure out why they get these emails in the first place probably get roll thier eyes and delete it too. Is SPAMing even getting through anymore?