Slashdot Mirror
UUnet's Case Study, or The Trouble With Spam
Eggplant62 writes: "In the wake of recent reports of spam-friendliness at big ISP's like AT&T and PSInet, [this article] takes a pretty good look at the problems UU.net is having with enforcing their AUP when it comes to unsolicited email. According to the article, it can take "two to
four weeks to shut off a spammer's digital tap." The author of this article solicited news.admin.net-abuse.email for material for the article." Guess it isn't easy even for the big carriers to end the pink-meat congestion.
I have a 24/7 broadband connection with better then 99.9% uptime at home, and I quite enjoy the minor hobby of being able to run my own tinsy little server on it. I have apache and sendmail, ssh login, etc. The notion of a default policy of filtering ports to the end consumer of bandwidth troubles me enormously.
Indeed, this seems to contradict the notion of free and unrestricted end-to-end service, as discussed recently on slashdot. Not to sound horrible here, but we all manage to live with spam pretty well, it's not like it's all that much of a hassle. I just keep a variety of email addresses to give out for different purposes. A few get a good deal of spam, and it's easy to run a script to delete first time messages from users I have never corresponded with from those accounts.
I just worry that, if we were try to really achieve a spam-free utopia, that it might well be at far too great a cost in freedom. I would rather deal with the occasional spam, then have the commercial bandwitdth providers filter my connection. And there is always the worry of false/vindictive reports leading to unfair account termination.
---
man sig
---
the pen is mightier then the sword. the sword is mightier then the court. the court is mightier then the pen.
Okay, apparently noone's heard of this yet, which isn't surprising, but here we go.
:) - you as the email user on that mail server can set up a list of people, as well as a privacy-negotiation policy about receiving email. Those who are on your email pass-thru list can send email directly to you, as normal. Those who are not have to meet your privacy rules before the email goes to you. And/or, you could have it email a message back asking for confirmation before it sends the email to you (thus eliminating the mass majority of spammers - their reply-to addresses are almost always fake).
:)
There IS a cure for spam. A company I used to work for last year came up with some technology based on P3P technology. The idea is you set up an account and get an 'XNS Agent'. XNS is 'eXtensible Name Service'. You get your own 'XNS name' (via OneName.com or some other agency - some are free, some aren't). When you have your OneName, you can set up your XNS Agent to negotiate privacy with whatever online entity understands about XNS.
Here's the spam-killer idea my ex-boss had when we were working on the service: Build XNS into mail servers - the spec is completely open and available at xns.org. Make this like 'Caller ID for e-mail' (my phrase - I'm so proud
So, since the spammers would never take the time to confirm their privacy rules, the emails would never get back to you - and you could have the ability to configure your XNS email agent thingy to either dump those messages that didn't get authroized, or hold them for review, or whatever.
You would, of course, have to take a little more time in setting up your mail account on such an XNS-enabled mail server - set up the email address of those people and mailing lists you're on, so they don't get trashed, or bounce messages back into lists, etc. Small price to pay to actually destroy the entire spam industry, though, I'd think.
The neat thing is - all the specs are open - anyone can add it into their open source mail servers - it's encouraged! It also would mean that people wouldn't have to use special mail clients to use it - it's all server-side, hopefully with a web-based interface to configure your agent.
Pretty slick. Available, open source. Free personal 'OneNames' are available, etc. The OneName people _really_ know and understand privacy - I used to work there, I should know.
It's been frustrating receiving all the spam I have been recently, knowing there's a solution to spam out there, and noone is using it. *sigh*
=Tumbleweed (that's my OneName
Despite having great sympathies for the desire to relieve the general frustration caused by spammers with disposable accounts by simply removing one major source of those accounts from the picture, it unfairly places the communication ability of anyone not rich enough for static IPs at the mercy of the frequently abysmal performance of the mail server of their ISP (@Home, for instance, has mail servers that go down on a regular basis, and despite repeated claims to the contrary has been losing a rather disturbing amount of e-mail altogether) -- whether or not that ISP is having any more difficulty controlling its dialup/dynamic-ip users than it is its users with static addresses.
Forcing use of a third party relay will cause lack of redundancy and create a bottleneck.
Another problem, reading between the lines here, is over user of dynamic IP addresses. On a cable modem or ADSL setup they make no sense at all. Since you need at least one IP per customer anyway. They can sort of make sense with dialup where you only need as many IPs as telephone lines, but can have more customers than telephone lines...
Unless the sender gets special dispensation by contract, limiting users to between 10 & 100 emails a day should get rid of the entire problem of Spam.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Just set up a filter to move email where to "To:" or "CC:" fields aren't to you or none of sender/recipients are in your address book. Manually add any mailing lists you subscribe to. Have it put it in a "filtered" folder.
I find this takes care of 75% of the spam get... Is sure is nice to again get more legit email then spam. I occasionally check the "filtered" folder for important messages, but rarely do I find anything of value in it.
---
What if the ISP's smtp server is hosed? I used to have cablemodem and the only thing that worked reliably was my pipe, not their servers. When they started caching web access, blocking smtp, nntp, that's when I went back to local dialup. No thanks to their overloaded servers my outgoing mail, web access, etc. would be blocked for days at times. I have better control over my own server and have the ability to blacklist spam to boot.
He even admits he gets nasty phone calls and death threats but still insists this is a good way to advertise. Yep, it sure sounds like he is generating a lot of good will towards his comapny this way. What really gets me is he (and those like him) honestly do not see the problem, he just sees spam as a way to cheaply reach a whole lotta people. So we get to help foot the bill for his advertising .
Other ISPs that spend money for excess capacity to handle the spam e-mail -- up to 40 percent of traffic -- bear the financial burden, a burden eventually passed on to consumers, he said.
Nace takes exception to being called a spammer
This kind of mind set is actually worse than the blatently obvious scams and porn spam since his kind will lobby that his use of unsolicited e-mail is a legitimate and respectable way to do buisiness and should be protected.
If Godzilla did not exist, man would have had to create him.
What kind of life does he live that he gets only porn spam? I see mostly beggar stories and MLM schemes.
Maybe spam could be declared "indecent" by the courts, and you'd have to prove you're over 18 to look at it. Why would anyone bother?
I have worked in the security department of a major ISP for quite some time. The response time is not the issue. We could shut down a spammer within 15 minutes of recieving the first complaint. The problem is with fake accounts. A spammer will use stolen credit cards and do online signups with these, set up a mailserver on their computer and spam away the first time they log on and continue until we get the the NMC to kill their connection. By the time we have tracked down their account and have all the paperwork done, (which is just a few minutes) they already have another account waiting, and use a different VPOP, so as not to be totally obvious. The residual damage is having our domain banned, and then trying to contact the other ISPs to clear that ban. This can some times take days. A severe pain in the ass. If they use our mail servers, we can put a maximum sender limit, and that stops them a bit. They then usually migrate to another national ISP with higher limits. Sometimes they use open relays in other countries... but the source ip is from our domain, so we have to shut down the account, then contact the foreign admin of the open relay... and again that can take days, plus several interpreters......etc....etc.
/V\4>....
So response time is not always the main issue.
..remember kids hormel is the devil
/V\4|}
Nace takes exception to being called a spammer, a term he associates with pornographers. UUNet's reaction, he said, was unwarranted. "This is a clear-cut case of the big corporations telling the small operator, 'screw you.' " Lots of pornograhic content providers use Spam or other obnoxious marketing techniques, but most of the spam I recieve does not hawk pornographic content.
I know that this messageboard is a haven for "script kids" and other hacking types, so I'm sure one of you knows the answer. I would like to integrate knowlegde of such hacker practices into our MCSE+Internet certification, but the program's technical director is stumped. Any clues?
See you in hell,
Bill Fuckin' Gates®.
See you in hell,
Bill Fuckin' Gates®.
(This post is ©2001 Microsoft(TM) Corporation.)
Throw them into a tar pit. This keeps them online, and makes them vulnerable as they are a target as long as they are connected.
© Copyright 2000 Kristian Köhntopp
All rights reserved.
Can't we nail them on some type of TOS violation... even if it is their own TOS??
Skivvy Niner? Email me!
HEY! Look left just ONE MORE TIME!
I hereby pledge that if I am ever summoned for jury duty because somebody physcially LARTed a spammer to death, I will argue that it was justifiable homicide.
As has been said before by others: I'm not trying to sound like a cold-hearted bastard, but I am a cold-hearted bastard, so that's just the way it comes out sounding.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
...have to be two of the least productive (and most annoying) forms of advertising. When you think about it, pretty much every other form of advertising has at least a little targeting that goes along with it. Billboards target people who are in the area of the business advertising. Television and radio ads target the general demographic that watches/listens to that show. Banner ads (as annoying as they are), at least know a little about the typical person that is looking at them. Despite claims of spammers to have "targeted" lists of email addresses, there is very little that they can know about those email addresses...same with telemarketers and phone numbers.
:)
One solution advertisers are using more and more as people become immune to typical methods is product placement. TV show, movies, etc., are now filled with "products" in use or on the set. Of course, the stuff spammers are selling is a little harder to use with this method...I can see it now: "Quick, get the guns, we're gonna have to...wait a minute...I don't have to do this...I've made millions...(to viewer)...you too can get rich quick with my new scheme to..."
lol. Never mind
www.code-fix.com
We do not object to use of [SPAM] to describe [unsolicited commercial e-mail], although we do object to the use of our product image in association with that term. Also, if the term is to be used, it should be used in all lower-case letters to distinguish it from our trademark SPAM, which should be used with all uppercase letters.
(emphasis mine)
it seems that Slashdot ought to have a new spam icon. See http://www.spam.com for more info.
---
Santa Claus: "Ho ho ho!"
NO CARRIER
Ok from reading the links it seems that there should be 2 things uunet could do very easily to get out of this spam problem
Background:
1: The port 25 block. This is mentioned in the article. In a perfect world, a user should only be able to send to their local mail server. Ie: When a user sets up their new ISP, they have to enter the name of their SMTP and their POP server.
With that being said, it should be logical that UU.net should set up their router filters to only accept traffic going to port 25 on their mail servers. Traffic going to port 25 anywhere else should get blocked. If you have a local UU.net account you should use the uu.net mail server.
Now what about road-warriors? the sales people out in the field who need to send mail?
2 things:
1: They probably vpn in, so that does not even matter. otherwise:
2: If you allow any uu.net address to relay via your mail servers, you have a hosed situation.
2: The second option would be for UU.net to provide the IP ranges for its DIAL Up pool to the DUL project run by MAPS.
This project takes Dial up ranges, and blackholes them from connecting to your network. They too follow the idea that you should only connect via your dedicated mail server.
Now the bonus of step 1, is that all of the mail going out of your network goes through mail servers you control, you can do certain checking,
like anyone who is sending mail to 500 BCC'd recipients (multiple RCPT), or if they are using multiple RSET commands to send out the same message but with different subjects, should get rate limited/checked.
Or you can put additional IP information in the message envelope, so that they can be detected easier.
The win with the DUL, is it lets the rest of the net be able to only accept mail from uu.nets mail servers, and takes the cpu overhead of additional filtering off of their routers.
-- C
Are you proposing a RBL of credit cards/corporate accounts of known spammers? I kind of like that idea. You're choking the problem at a financial level. Of course, UUNET might not like that for the reasons you said, since it means less money for them. Could they in theory make money off of these spammers, without ANY costs incurred on them, but onto the people with the open mail relays, and the people receiving the spam?
If so, that's a big 'o can of worms.
That reminds me, I have some of the new "smoked" flavored SPAM I have yet to try. Hate the real spam as muhc as you want, it tastes good sliced n fried with a touch of tobasco sauce!
Why do people bother to trot out these tired old false analogies? I don't pay to receive any of this crap; I do pay to receive spam.
In addition to supporting the medium, there should be some rules about what kind of content is allowable in these emails.
Out of the question, and your attempt to hitch your pet cause onto the unrelated issue of spam puts you on the borderline of trolldom.
The second issue is that this mob rules mentality that most anti-spammers seem to have screws up other legitimate uses of email.
Classic blame-the-victim fallacy. The spammers, not the people resisting their parasitic attacks on the system, are to blame for the climate of suspicion which currently prevails against legitimate (i.e. subscribed) bulk e-mail (particularly given that spammers attempt to disguise their garbage as "Information You Requested").
The "Newsletters" that many sites send out seem to fall into a gray area that threatens to eliminate this otherwise useful feature.
Newsletters for which an explicit subscription request has been filed are in a white area. "Newsletters" for which no such subscription request has been are in a black area. There is no gray area.
/.
/. If the government wants us to respect the law, it should set a better example.
I have been maintaining an anti-spam HOWTO document for some time now that might be useful to read. It's written for qmail users and administrators, but does address both the theories/principles behind blocking/preventing spam, and the technical methods that can be used to actually do this. I think it's a good summary document for users, sysadmins, and managers considering these issues.
The idea of creating a real-info blacklist has been bounced around a few times and generally rejected as legally infeasable (would generate too many lawsuits), but still, I keep wishing that as long as ISPs are using AUPs that are incredibly restrictive on users they might as well go all the way and put in a clause stating that by joining the service, you agree that if you are terminated for abuse, the reason for termination and any personal information submitted for the purpose of gaining access may be distributed to all other ISPs that are interested in making account acceptance decisions based upon that information. Maybe give it a 3 or 7 year expiration, kind of like bad credit. Access to a list like this might give even slow ISPs a chance to keep ahead of the problem by preventing it from becoming an issue.
But enough dreaming. For now, we have to make do with whatever technical solutions are available, whether they be RBL-like general blacklists or personal filters. At least those with skill tend not to be spammed much.
The second issue brought up by the article (albeit somewhat indirectly) is the gradual blockage of direct access to mail to dial-up users, either by blocking SMTP at the router level, or by using the MAPS DUL. Despite having great sympathies for the desire to relieve the general frustration caused by spammers with disposable accounts by simply removing one major source of those accounts from the picture, it unfairly places the communication ability of anyone not rich enough for static IPs at the mercy of the frequently abysmal performance of the mail server of their ISP (@Home, for instance, has mail servers that go down on a regular basis, and despite repeated claims to the contrary has been losing a rather disturbing amount of e-mail altogether) -- whether or not that ISP is having any more difficulty controlling its dialup/dynamic-ip users than it is its users with static addresses. Granted, a number of ISPs are filtering at the router or submitting their dialup addresses directly to the DUL themselves, but I have yet to see one of them disclose in their advertisements that they provide a crippled internet connection.
So in summary, what we still need to control this problem ourselves is a better way of publicizing the e-mail distribution points that take a long time to deal with spammers, and a better way of identifying only those dynamic address ranges belonging to ISPs that are either incapable of dealing with their dynamic-IP userbase or have given up on it completely -- and then a centralized location to check up on ISPs with broken services ahead of time, sort of like a Better Business Bureau for the internet.
How to do it? I have no idea. Here's to hoping someone else does.
Well, I figure since I've had to deal it with almost 100% of my career, I may as well toss out my $0.02USD.
/. readers claim, say, swear, or demand it is. First off, you have several types of spammers.
Spam isn't as easy to stop as most of the 'tech savvy'
First off is your atypical newbie moron spammer, who gladly gives you all his correct information, gets online, and fires away, gets disconnected immediately, gets blacklisted.
Next you have the more technical spammer, who has an array of fake credit card numbers, false names, false addresses, and so on. He'll setup six or seven accounts on one ISP, usually something like AOL or UUnet, and bounce around with these accounts, spamming. On and off before they can catch him in the middle of it.
Third, you have the guy with a pile of lawyers working for him, that's going to negotiate and hardball his way into a contract with an ISP that lets him spam.
The only remaining spam-friendly ISP was AGIS. Why 'was'? That policy was changed due to something like 60%+ of their customers cancelling after the announcement. Remember Spamford Wallace? He was the guy they hooked up first, and he was the guy that lost them a lot of business. Companies blocked AGIS - my employer at the time filtered all of AGIS' netblocks immediately, to prevent incoming spam. Some providers, ie; PSInet, have negotiated contracts with 'big name' (aka LOTS of spam) firms that allow them to spam to their heart's content.
Now, you've got a spammer. We'll say your typical type 2. And you want to shut him down. Not that easy. Because you do NOT have a common factor, including where they're dialing in from, they can CONTINUE to abuse your service, and there's not much at ALL you can do about it till they slip up somehow, which most sales droids are NOT going to be aware of. They'll just keep bouncing around and evading. And if the ISP gets blackholed or filtered all over, they'll just jump ISPs entirely. These are the pricks that cause the most damage to ISPs. They usually also use the ISP's SMTP server - best thing you can do is to disconnect them the second you see it, and pray they don't have more accounts. I've had to deal with a couple of these in the past, and we had one guy sign up for *SIXTY* accounts in *ONE DAY*, all with different information. When we FINALLY figured out who it was, we were ONLY able to kill the accounts because we had relatively few (around 2,000) and knew when they were added.
Now, say you have someone who bought a leased line and ordered it up deliberately for spam. You can't prove it beforehand, and some of the software out there makes it incredibly hard to find the true source. You have to catch them in the act most of the time. And the best you can HOPE to do is to do a shut on their interface. That's assuming you don't have a legal department that you MUST consult before disconnecting a customer for a contract violation (ie; spamming) and who MUST sign off on the disconnect order - I had to deal with this before. In some of the larger shops, ie; UUnet, AOL, etcetera, you have to go to your legal group and get them to sign off on a disconnect, then you have to go to your engineering department, who may or may not have to schedule it as a change management, who may or may not have to get their managers to write off on it, who may or may not have to go further up the chain. In other words, typical corporate bull will typically tie up a spam disconnect for over a week. It's the cold reality. If you disconnect a customer who WASN'T spamming, they can and likely WILL nail you for breach of contract on a leased line, and that could cost your company MILLIONS. Legal wants proof, engineering wants time and to be left alone, management just wants the mess out of their hair. Plus the overworked abuse departments do not help, as most complaints go there. Where I worked, we had a two person abuse department, who typically had a three week turnaround on initial reply.
You have to take all these kind of things into account. I'm certainly not saying UUnet is doing a great job - they aren't - but they're doing the best they can. I'm not personally aware of any contracts UUnet has negotiated permitting spam, and they usually *do* disconnect a customer for spamming. Other providers are far worse. You can whine, scream, complain, and moan all you want, but spam is not going to go away overnight, and policies at these places don't get changed overnight, if at all. UUnet has their policies, as do most other providers, and the tech that ignores them and just unplugs that spammer is going to find himself out of work almost immediately.
A lot of the posters definitely need a good dose of reality, because this is how it is. It's not just unplug the guy. Maybe the Mom & Pop ISPs have that luxury with dialups, but the other ones? Not a chance. So you're just going to have to live with it. Build your own filter lists, update them, etcetera, and quit whining about these companies being unable to stop it immediatley. You want it fixed? You go get a job in management and fix it yourself. No amount of your screaming is going to change a thing.
=RISCy Business, who doesn't give a damn what you think.
your company here.
your company here.
shelby != ford
If a major ISP wants to allow a spammer to operate, then the way they should do it is to require it be done from a dedicated circuit, and to prohibit relaying through any mail server not listed in the DNS for the destination address. Such an operation is very easy to block on the receiving end. In addition to RBL/DUL/RSS, I also have my own DNS zone to block my own set of IP addresses.
My point of view on this is that if someone actually wants to be a part of this and get spam, they should be allowed to do so. Likewise, someone who does not should not have to. I'm not opposed to an ISP that wants to allow spammers to send bulk email in a legitimate (e.g. identifiable, easy to block) way. Anything less is, IMHO, fraud (and if the ISP knows it's going on, is a party to the fraud, also IMHO).
What I want to know is if Nace and SyberSchool are sending their email direct (doing normal DNS MX lookups and sending to the designated host) or if they are doing relaying through innocent third party mail servers. If it is the latter case, then I think they should be cut off. If the former, then I have no problem with it because I can block them myself very easily (your ISP can, too, if they want to).
now we need to go OSS in diesel cars
> Is SPAMing even getting through anymore?
8 1-318280,00.html]
I've only had a ``gut-feeling" answer to your question until I stumbled across the following about six months ago. It is the only fact I have seen about this anywhere. (Yes, the writer is from AOL. But I am still amazed at a response rate far above the typical 3-5% for junk mail.)
Until I read it, I always thought the way people made money from spam in this manner: spammers found marks, promised them alot of money if they let them advertise for them on the Interent, sent out the spam, & made off with the money while the mark took the fall. If this email is any indication, a spammer may actually get useful leads & make somem sales from engaging in this obnoxious activity!
Geoff
[from http://www.zdnet.com/tlkbck/comment/82/0,9586,821
Name: Patti Illingworth
Email: plifrog@aol.com
Location: Reno, NV
Occupation: Secretary
I am a small business and use the computer on an individual level. We are not
network but we have the same problems. I also use the internet for personal
things, such as just enjoying it. I get quite a few commercial spams and LOADS
of the porn crap, which I am not interested in. I am with AOL and they have an
email address that I just forward the junk to. I have never gone so far as to
CLICK on one of their hyperlinks and don't intend to. The biggest bother is just
spending the time forwarding and deleting it. Someone did get into my computer
once with a Trojan Horse program and somehow got my password and sent a lot
of this trash out in my name. I was temporarily kicked off of AOL and had to
spend a lot of time just getting rid of the stuff. Overnite, I had 450 messages from
people responding to whatever it said (I never did see the original letter) about
80% were very angry and called me every name imaginable. The other 20%
were responding positively and wanted more information. What a mess that was.
I am aware that it is going to be a difficult thing to stop. We just all need to not let
it bother us and keep on living. I have gotten over being frustrated by it and just
know that some of my time each day will be spent getting these jerks off of my
machine.
Thanks for letting me vent.
I think I see a trend here. Maybe for them it really would be easier to muzzle the entire internet than to produce p
> Actually, you've put your finger on an important point -- in the case you cited, the spammer wasn't getting a response, and
> wasn't likely to for very long (if at all).
And your response brought out another: there is far more rumor & myth in circulation concerning spam than there is fact. (Sorta like the other other boogie men of modern life -- the drug trade & child pornography -- your cite, including the other links on the Salon web page -- effectively tripled the literature I could quote about the effectiveness of spam advertising.)
I guess I have to revrt to my original assumption about spamming: the only people making money from this are the folks selling the mailing lists or software to other folks who then send their solicitations to millions of email addresses, & lose their Internet access in exchange for a handful of responses -- if they are lucky enough to receive them.
Like P.T.Barnum once said, ``There's a fool born every minute, & two to take him."
Geoff
I think I see a trend here. Maybe for them it really would be easier to muzzle the entire internet than to produce p
One way to get folks to pay attention is for some of the larger ISPs to block further up the line. If Mediaone (now AT&T Broadband) were to block all mail traffic from MSN, it would certainly catch someone's attention and make them clean up their shop real, real fast. For me to trash all MSN mail would perhaps work for me (I indeed do trash entire domains privately), but not do anything to reduce the core problem that MSN is spam friendly. Companies likes da back and if they start losing paying customers because they are skunk striped due to some spammers he has welcomed, those spammers will get the heave ho real fast.
---
If you run your own mail server or an ISP, just block most of the spam via RBL/DUL/RSS from MAPS. If you don't run a mail server, choose an ISP that does these things for you on theirs. That will block most of your bandwidth waste.
now we need to go OSS in diesel cars
I wish I could tell you the correct US Code...But here is the "$500" part:
...
(B) an action to recover for actual monetary loss from such a violation, or to receive $500 in damages for each such violation, whichever is greater, or
(C) both such actions.
This is about Fax spamming...Or misuse of telephone equipment... If you look at it loosely enough, email could apply... In the real world, I doubt it would hold up...But heck, there are some good lawyers out there... (Good being figurative =])
All I have is the Section # and title:
Sec. 227. Restrictions on use of telephone equipment
You could do a search on that, and find it though, I'm sure..
There really aren't that many different spammers. There are probably less than 100 people behind all the spam. If spamming was illegal, and some lawyer made a business of going after the top offender on Spamcop every month, spam would be gone in a year or two.
Ok, maybe I'm naive here, but I've seen enough to realize that capitalistic forces tend to set the course of just about everything in today's world. Which leads me to the question, which benefits from spam. I'll have to assume that all the corporate spammers out there are striving to make some money out of their efforts in some way. Wouldn't one of the most effective anti-spam campaigns be to simply cut off that revenue stream? I'm not sure I've ever actually read a spam email, so I may be out on a limb here, but if people just stop buying or browsing to whatever spammers are selling, they should start to go away.
Kind of like that Simpsons' Halloween episode where the commercial mascots went nuts until everyone ignored them.
UUNet isn't hte only problems, a lot of spam comes from
-- DuckWing
PSI had taken (and deserved) a ton of flak in the past because of their crumby handling of UCE and abuse complaints. Fortunately, I think that the pressure of MAPS and others is finally forcing some changes at the companies.
Last week, I had a problem with a PSI customer with a stuck browser who was (accidentally) hammering our shopping cart script. I called up the number listed in the WHOIS record for PSI.net. A few simple keypresses and maybe 20 seconds later, I was connected with the abuse department. I was speaking to a real, live person! The representative was friendly and understanding and willing to take immediate action against the abuse. She requested that I send logs to abuse@psi.net and while I still had her on the phone, I was to wait for a trouble ticket number. A few seconds later, I gave her my trouble ticket number and she took action while I was still on the phone with her. Amazing.
I used to work for a large cable modem ISP and our "Abuse" department at the time was one lady and an always-full voicemail system and mail queue. Keep up the good work, UCE crusaders. It's finally paying off.
>by Under Bill s.1618 TITLE III passed by the > >105th U.S. Congress this letter
More BS from the same people who bring you all the chain letters about the FCC banning "Touched by an Angel".
Bill s.1618 was proposed, and quickly shot down..
Steven V.
I patented screwing your mom. But it got revoked for "prior art."
Pick an account. Aol, yahoo, whatever. Start replying to spams. Act interested. Act like some idiot fool with cash to burn. Sure, you'll get added to even more lists, but odds are that the original spammer will REPLY TO YOU to get more information.
And what do we now have? THE SPAMMER'S ADDRESS.
Maybe it's not his personal account. But it sure as heck is one he cares about. He checks it for his business. It is very critical for him to have a business account to contact his clients (cough-easymarks-cough).
This sounds very promising, except that spammers are normally either reachable by phone, or they have a website they are promoting. From what I've heard about reading up about spam in various forums, they don't tend to use a real email address to do business - well, they'd get spammed if they did that, wouldn't they!
Not to sound horrible here, but we all manage to live with spam pretty well, it's not like it's all that much of a hassle. I just keep a variety of email addresses to give out for different purposes.
You might possibly be able to convince me to see your viewpoint if 90% of my spam wasn't out-and-out fraud/get rich quick/pyramid schemes. A lot of these things that the spammers are pushing are flat out illegal (under U.S. law), and some people are uninformed enough to buy into them. So maybe port filtering is not the answer, but I don't think spam is okay to live with, at least not the type I'm accustomed to receiving. This is people abusing the system. And unless we continue to fight back in force, it will get worse. There is no doubt in my mind about that.
- Scott
------
Scott Stevenson
Scott Stevenson
Tree House Ideas
Actually, you've put your finger on an important point -- in the case you cited, the spammer wasn't getting a response, and wasn't likely to for very long (if at all). A trojan may get you SMTP access (or an account password), but once complaints start arriving in the POP box a few hours later, the user will call customer support, change their password, and/or run that virus scan they have been ignoring for months.
This is a general problem. Salon did an article reporting their miserable experiences in trying to respond to spam. Basically, they couldn't get through to anyone!
So aside from the common sense of the recipient, there is a real question how would-be suckers can actually learn where send their hard-earned money when spammers are so elusive. Web pages are one answer, but In the weeks after that Salon article, I tried a few times, and found that the spammer Web sites were usually either dead or empty.
Much (but by no means all) apparent spam is actually meant to harrass the unwitting "sender", either as a vendetta or a blind script-kiddie prank. In managing several domains, I have seen a lot of spam that would never be commercially viable because the sender could never, even in theory, get a reply.
Of course, if there are only a million idiots out there, and each of them periodically decided to 'give it one more try' with that software they wasted $35 on... that adds up to many billions of spam a year, and that's still just a drop in the bucket.
Here's a page from spamcop.net (a spam-reporting and filtering service which I highly recommend) that people might find interesting: http://spamcop.net/stats/biggest_source.html.
This is the list of top sources of spam as reported through their service - #1 is UU.net with 43811 reports. #2, a distant second, is sympatico.ca with 3168. Draw your own conclusions.
Prevention is better than cure, in this case.
This seems like an area where a faster, tougher response to spam would greatly reduce their problems with it. If UUnet were to have a working group that spanned the legal, sales and abuse departments that pretty much responded to spam within 12 hours (or some similar short time) and expedited dealing with it, sure, that would cost them a lot more money.
On the other hand, they'd ultimately have less work to do; how many spammers would use the service if they knew that they'd get about 24 hours of use.
A further twist would be placing some sort of brake on large amounts of outgoing mail - perhaps every 10 complaints received reduces the # of messages per hour by 10% that UUnet will handle from these people (or further, artificially choking off the bandwidth of outgoing packets that are directed at port 25 - although that might be infeasible technically). If it turns out the complaints are not well-founded, then the brake could be removed.
Of course, if the ISPs are colluding with the spammers, there's not a whole lot one can do.
I guess hitting their website is usually pointless, but going to it and getting further contact info might help.
;)
On the other side of the coin, if we get a phone #, who is to say that they don't get several dozen random phone calls from a DialPad bot?
------
Let me give you the lowdown
"We follow all the rules and regulations, and we've had full compliance with the law," Nace said, describing the 17 e-mail messages he says he sends over his two T1 lines each second. "All they have to do is say, 'we want off the list,' and they're off."
Nace takes exception to being called a spammer , a term he associates with pornographers. UUNet's reaction, he said, was unwarranted. "This is a clear-cut case of the big corporations telling the small operator, 'screw you.' " LOL!
My solution to spam on my school account was simply telling friends that I won't accept any email from msn.com and then filter out the whole domain. So far this has worked wonders. Now I know why I have received so much mail originating from msn.com - I read in the linked article that msn is a UUnet partner and that it lacks port 25 filtering. I wish I didn't have to filter out a whole origin domain. I would just ditch the account, but my school refuses to send school-related email to another account.
However the BEST way to go spam-free is to buy oneself a domain that has never been bought before. I have unlimited POP3 (within the space limits that my hoster provides) for myself a few of my friends. I have been spam free on my domain email for just over 2 years now. Not one single one. It's worth the price of email hosting. Just make sure no one has ever had the domain before and let it go back up for sale. Another of my domains have spam associated with certain email addresses. Careless past owners and users! It was funny though seeing the "kmoore" that previously had an email account has subscribed to various porn sites.
---
---
I'm just an ordinary man with nothing to lose.
Coming from a fairly large ISP in the southeast, I had to deal with spam from uu.net hitting our subsidiary company's mail servers. Complaining to abuse@uu.net usually did nothing but generate the usual Auto-Reply: " Here is your case number. And well get back to next year...." In the case of a massive attack, the only quickfire solution was to blacklist uu.net on the mail server. Calling uu.net's NOC was like trying to call the cable company at 4:50pm about your cable being out and needing repair; you play the on hold game for 30 mins. Meanwhile, if your queue doesn't break 8000, your sendmail connections top 1000. Uunet needs to rethink their abuse policy and procedures.
--Chemguru
Enter a high-paying career in anti-spam technology with high-paying technology companies!
Earn money hawking anti-spam products!
Qualify for that second mortgage!
Yes, you only need to send $12.99 to the following addr
Click here to read something completely unrelated to the rest of this comment
--
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
Q) What is the only way to effectively have a spam-free account?
A) Change your account frequently.
Yes, you could NEVER give it out, but then you might never know what silly shmuck friend of yours will forward an email you sent to a guy who sends out joke lists that are read by another guy who posts the list, email and all, on his website.
OR, you could be really creative and only make your listed reply-to addresses contain those witty NOSPAM.blah.com lines, which sooner or later (if not already) will simply be encoded by a spam collection bot to bypass in search of more legitimate addresses to collect and sell.
Q)What's the solution then?
A) Pick an account. Aol, yahoo, whatever. Start replying to spams. Act interested. Act like some idiot fool with cash to burn. Sure, you'll get added to even more lists, but odds are that the original spammer will REPLY TO YOU to get more information.
And what do we now have? THE SPAMMER'S ADDRESS.
Maybe it's not his personal account. But it sure as heck is one he cares about. He checks it for his business. It is very critical for him to have a business account to contact his clients (cough-easymarks-cough).
So now what do we do? Submit it to some grassroots organization that stores the address. They'll register a few hundred random accounts at legitmate locations (we don't want to spam him back with false addresses like he did, now do we?) and send him oh, 400 emails with varying lengths and varying titles and varying names EVERY DAY. He won't be able to sort out who is who and will waste a bulk of his time trying to find 1 or 2 legitmate buyers.
Thus the loop is complete. They waste our time, we waste theirs. Sooner or later, 95% of them will deem the practice to be more trouble than it is worth. It's not perfect, and sure there are a few holes in the idea, but how does it sound as a start?
------
Let me give you the lowdown
A couple of years ago, when S.1618 was proposed, there was discussion about it on some mailing lists that was interesting. That's long over with, and every piece of email I receive that refers to it is SPAM. So if you set your email filters to trash email referring to "[Ss].1618" and "[Ss] .1618" you'll only trash spam, not real messages.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I had/have some trouble with an UUNet customer who is an extrem spammer, he sends lot of mail, with large CC lists to an open relay in the .cn domain, we get the To: , cause it's for a domain we have the MX, most disturbing is of course that the open
relays in .cn drop the CC and we get lots of angry mails from customer, who get those spam.
.cn domain, that they close their open relay, but a short nmap scan showed me, that they are using M$ server with all ports open and have perhaps no clue how to close it, they just don't react on my mails...:-(
I mailed UUNet, got a trouble ticket and it looked like they closed his account, but he just signs up a new one and it starts all over again.
I mailed the admins in the
Looks like I couldn't do much about it...Perhaps I should launch some DOS attacks to bring those M$ servers down, wouldn't be very friendly, I known, but it looks like, it could be the only thing I could try to prevent those spam...sad...
Michael
It's technical term is DNIS - and every termserver that I know of supports it.
You get your terminal server to send the DNIS to the Radius accounting server, and the Radius server to log it in the accounting records.
If someone is using a forged/stolen CC number, you give this information to the police, and send the bastard to jail.
Credit card fraud is taken _very_ seriously by the police.
Nace also said that when pressed by one of Nace's co-workers, the UUNet staffer told the co-worker that he was "stupid for not using cloaking software," to hide the IP address of his outgoing mail.
Well, nace was stupid for not constructing fake packets, but any URL has to point to his website in any case, and the URL kinda identifies the account.
Some send a reply, with the subject "remove" in the header, looking to escape from future mailings. Some add death threats, Nace said... Nace takes exception to being called a spammer, a term he associates with pornographers. UUNet's reaction, he said, was unwarranted. "This is a clear-cut case of the big corporations telling the small operator, 'screw you.' "
As oppoosed to, say, a clear-cut case of the big corporations enforcing thier terms of service, whilst people who have been sent spam say 'screw you', or maybe 'I will personally hunt you down and gouge out your eyes with my Leatherman'.
On a more seroius note, why don't UUNet say 'After ten complaints from demonstratably different parties, your connection will be suspended whilst we investigate'? That would allow near-instant shutdown with big UCE incidents.
Michael
...another comment from Michael Tandy.
"Goodness me, how unlike the FBI to abuse the trust of the American public." -- The Onion
ISP's are seen as responsible is it's only the ISP who can say 'you can't use our service'. THe ISP can set terms of use. If spammers want to hop providers, fine.. what the anti-spam world wants is for NO providers to allow spam, or for the ones that do to be easily identifiable.
The problem with making the ISP responsible for spamming is that they will just go to another provider. In the case of warez, kiddie porn, DeCSS etc. no one expects the ISP to take action, they go after the people responsible. We need a way to go after the spammers ourselves, rrather than leaving it to an ISP that may or may not do anything.
One way to stop spam would be via compulsary encryption. Then only people who take the time to obtain your key will be able to mail you, and you will always be able to verify the identity of the sender via their key.
--
enterfornone - logging in for a change
Maybe it's me but this paragraph sums it up nicely. UUNet spends (approx) half a billion dollars a year on network upgrades (5*52*2mil) and passes on these costs to ISPs that need the bandwidth to handle the onslaught of spam email coming down the pipe from companies that UUNet negotiates "pink contracts" with - all the while spending 10 million a year on spam cops to screw over the rest.
Nice.
Please stop APK.. you're only hurting yourself.