Slashdot Mirror
The Lone Guns Against Spam
crotherm points to a piece in today's L.A. Times, writing: "This would a great
article to pass along to those less knowledgable about SPAM and those that fight against it." It's also a bit frightening to see what happens to people on the wrong side of the spam battle sometimes, though denials of service are attributed to both spammers and de-spammers, each by the other.
Just use postmaster@theyredomain.com or summat or president@whitehouse.gov Let them spam themselves or the prez. :D
Works for me
I have recently become a bit "obsessed" with spam after signing up for the RBL (http://www.mail-abuse.org/rbl) and I have to say I'm becoming a bit cynical regarding it's origin. I have come up with an alternate theory about most, not all spam, please read/flame on:
Has anybody considered the notion that most spam isn't really selling *anything*, but is sent purely for the purpose of annoying people?? Given the apparent joy that some people get from first-posting, goatse.cx links, etc. on forums such as this one, it isn't too big of a leap to think that people might get some twisted enjoyment out of finding open relays and trying to crash them by sending millions of emails through them.
I think this view of spam goes a long way toward explaining the article on Salon.com (don't have the link, sorry) where the author tried to contact some of the so-called proprietors listed in the spams she recieved and came up dry each and every time.
Not that I'm saying the Internet is not flush with scam artists, MLM schemes and companies that "just don't get it"; I just think that the volume of spam can't possibly reflect the number of, ahem, businesses out there sending this stuff..
Ah well, what do I know anyways?? I'm just another AC..
I use a script found at Freshmeat, ricochet, to generate abuse reports to the spammers ISP, netblock provider, and other upstream relays listed in headers. This is hotkeyed to 'S' in mutt, making disposal trivial.
Seperately, I report all relay/origin IPs to the ORBS open relay list. There is an email submission system for such use, I've got a command line utility to report a list of IPs, and a shell script to extract them (need to integrate this a bit more closely, gotta round tuit?).
The combined tools take a few seconds a day to report messages -- most of which are filtered to a spam folder via procmail rules.
I only get a few spam messages per day despite wide Usenet, mailing list, and website distribution of my email address -- and all of them are reported. OK, so my Slashdot email's obscured, that's one of the few.
What part of "Gestalt" don't you understand?
What part of "gestalt" don't you understand?
Older versions of Exchange relayed by default. E2K doesn't, and I don't think 5.5 did either.
Clueless lusers don't help; the ISP referred to brags about running open relays as a service to customers so they don't have to worry about changing their SMTP settings on their mail programs if they travel overseas.
If I remember correctly, they could not find _one_ good or service that was reachable and purchasable. This suggests nobody makes money off it simply because there's no valid contact information...
b-j king is a fucking slut-bucket. holly in her own perssona is lovely. liz claman has dropped in the ratings lately. she could go waaaay up if she'd answer my email asking for a date, tho.
"shop smart:shop s-mart" ash
You know what... I've been doing that for the last 6-9 months... and I'm signing up for lots of stuff using this method. But I have not yet received any spam. Zero. So I wonder where spammers get their addresses from. Most likely there are a couple of lists that everyone buys, modifies to their liking and then resells. Every once in a while AOL member lists get crawled for fresh meat, and that seems to be it.
"Hot lesbian witches! It's fucking genius!"
Or maybe someone just downloaded the zone file, scanned for new domains and run a batch whois?
"Hot lesbian witches! It's fucking genius!"
The despam script is an embodiment of that idea. Is that script still available somewhere?
--
I do the same thing, but I didn't need a perl filter, I just set up some rules in procmail to catch the mail not addressed to me just before I dump it in my inbox. Before this rule, of course, are rules handling the mailing lists I belong to, since they aren't addressed to me either.
I harvest potential contacts ...
I may have you blocked already! What did you say your name is?
As a test, I open a new Hotmail account about once every 6 months -- the last one I opened on Feb. 22nd, and by the 24th, it was receiving spam.
I just open the account, send a quick test message to it from a Yahoo mail account (to verify that it works), then wait. I make sure to say "NO" to all the "offers" and such that MS wants to shove down your throat when you sign up.
So - conceivably, the address shouldn't receive any mail at all. I don't give the address out -- I don't use the address for anything, and I haven't given MS permission to spam the address by agreeing to their "special offers" during signup.
In 2 days, I was receiving 10-15 spam a day. It's up to about 50 a day now (that's where it seems to plateau for hotmail). There's either a backdoor, MS is selling hotmail addresses to spammers, or both.
Interestingly enough this service isn't available in North Carolina. Since you're charged per call (or at least that's how it was when it started) and the phone company had no way of proving the # of calls it blocked out, they deemed it illegal to sell such a service because they could conceivably charge customers an arbitrary amount of money per month.
If you claim that spam doesn't cost anything, then why aren't you paying for the bandwidth usage yourself?
A couple months ago my ISP unleashed a huge new mail server cluster (biggest mail server cluster I've ever seen, with vast amounts of disk space and processing power). Within just a couple weeks the system ground almost to a halt under the load of a massive spam campaign. That constituted a DoS attack by any definition. If the spam campaign was big enough to take down that monster server farm, then who knows how many smaller mail systems go down daily as a result of similar attacks.
To those who argue that spam is legitimate and doesn't cost anything, try using your own servers and valid email addresses. Maybe then your claims will have some weight.
noah
If you claim anything more that a buck or two, you are full of bulshit
If you use a wireless service to check/send mail, then the expense of spam can add up quickly. It's like a collect call that you cannot refuse.
If you have an account on a mail server which runs qmail, in fact, you can easily set up aliases for yourself which begin with your username. So if your name is foobar, you can create an alias for yourself called foobar-slashdot (no help from root required).
What are you a spammer? I think it's great that someone takes the time to report abuse like that. I never need to since my ISP seems to have great spam filtering... but I would if it became annoying enough.
Of course, you don't remember the net before the marketeers and their flocks of slop-sucking sheep came, so to you it must seem perfectly natural.
You sure put a lot of effort into rationalizing your apathy. ;^)
If I created an account for my 11 year old son (if I had one) and then let it be spammed, what child laws would spammers possibly be breaking?
We do have spam even though it's illegal in France. I do nail every Franch spammer I find with complaints to the "freedom and computing" agency (CNIL) which is in charge of this kind of thing.
Unfortunately most of the spam I (and most people in France I suppose) get is from the US. Makes it hard to retaliate against the senders.
May contain traces of nut.
Made from the freshest electrons.
You seem relatively "open" about your spamming practices, so perhaps you could answer some questions about spamming practices that I've been curious about:
I do not buy e-mail addresses from so called "online marketing organizations".I'm curious here - is this because you think what they do is wrong, or just because it's cheaper to dredge the email addresses up yourself?
On a more technical note, I'd be interested to know if you do your mail harvesting "by hand" or do you have some sort of automated process that does it? If so, how does IT work (i.e. does it just record every string with a @ in it, or does it do some kind of parsing?)
I am well within my legal right in doing so"Legal" and "decent" aren't always the same thing.
To analogize (it that a real word? :-) ) with telemarketing - I'm "well within my legal right" if I call your house every half hour every day until you demand that I stop...and then to note down your phone number and the time(s) of day that you answered (And how many times you answered before you told me not to call any more), and add that info to a database to sell to a collection of other telemarketers down the line.
Further, I think I'd be "well within my legal right" if I set up 5 different marketing corporations and have them ALL do the same thing. (Corporation A has been told to stop calling, so they stop. Then Corporation B calls selling something else until told to stop. Then Corporation C...etc., so long as they are all independent "legal entities".)
I believe I could even legally do something like this at your home - stand out on the public sidewalk in front of your house and provide my "services" to you by informing you of Amazing Offers(tm) with a bullhorn until you tell me to quit it...at which point I can note down what hours you seem to have been available to hear my "services" and how long I was able to continue before you told me to stop...and then sell your address with that info to the next guy that wants to try it. (Hey, you made your address publicly available by having the number printed on the house where it can be seen from public areas, right?)
I have no personal problem with "opted-out-by-default" email marketing (e.g. "sign up for our newsletter" and such), it's your "opted in whether you like it or not until you verify your email address by 'opting out'" method that really bugs me.
[...]you have chosen to make your e-mail address publicly available.And I notice that you haven't. Don't you Like getting spammed? Incidentally, If someone's email address said "soandso@somewhere.com <No unsolicited ads, please!>", would you honor it, or just go ahead and spam anyway? (Regardless of your personal answer, though, I'd be willing to bet pretty much every spammer would just through the address on their lists anyway...)
I'd also be curious to know what kind of ISP(s) you sign up for - it seems like most of them have usage policies against spamming. I don't know about you or your spamming practices, but nearly every article of spam that I get comes from somebody flagrantly disregarding those rules, and is just hopping from ISP to ISP as they get cancelled. In those cases, I don't see that bulk emailers ARE "well within their legal right", since they supposedly agreed not to do it when signing up with those ISP's. How do you feel about THAT kind of practice?
And now, the obvious question: You say "I always include an option to unsubscribe.". You are aware that it is commonly held that these "unsubscribe" addresses are primarily used to verify the email addresses to be either unscrupulously re-used anyway or slighly-less-unscrupulously sold on to the next spammer, arent' you? Do you do this, and how do you feel about the practice?
One final question - do you know (either personally or by having regular dealings with them professionally) other spammers, and if so, how do their practices compare with yours?
---
Hacker Public Radio is our Friend
Of course, you just send a reply to "takemeoffyourlist@somewhereorother.com" with the subject "This is a real email address that gets read so stop sending me email but go ahead and sell this address to the NEXT guy in line as a 'verified' email adress to spam to"....
(It's commonly known that many [most?] of those reply addresses are for exactly that purpose...so even if you don't get more email from that source, you tend to get lots more from brand new sources who bought the "verified email list" from the guy you replied to...)
---
Hacker Public Radio is our Friend
Except that spammers will try random letter sequences. (I knew I shouldn't have chosen a three letter username with my ISP.) Your best bet might somethingreallylongandconvoluted@whereveryou.are.
From the article:
So if his Grandma's 82 and he's 51, then Grandma must have been 31 when he was born. So Grandma had Mom at age 15, and Mom had Dave at age 15.
Conclusion: he's a spam-fighter from Kentucky :)
Your right to not believe: Americans United for Separation of Church and
<sigh>I hate spammers...
--
I think that digital solicitations provide a valuable service to consumers
Shouldn't consumers get to decide for THEMSELVES what's a valuable service to them? The point of the spam debate isn't over whether your business is legitamite or not, it's over the question of who should initiate a transaction. There are a few companies I choose to receive information from that I have specifically told them to send, but I have no desire to receive information from you or your company.
Hypothetically, how would you feel if 20 to 30 people rang your doorbell every evening to tell you all about the wonderful widgimigadget they're selling? It's not hard to receive that many spam mails in an evening, even if you've been careful with your email address.
Well, if you're sending mail to people who have already bought from you and indicated they want more news and info from you, you aren't a spammer. However, it sounds more like you're sending mail to people who haven't bought anything from you, attempting to convince them to become customers, whether they've asked for you to contact them or not. Which is the definition of a spammer. Note that spamming until they ask you to stop is still spamming, so the 'reply to get off my list' doesn't change things one bit. Especially seeing as the laws usually used to justify that have never been signed into law.
So, flat-out: do you send mail to people who haven't contacted you first asking for you to send them information and/or news?
Now what if every laboratory that hired students in the whole Uni did this. Then the mailboxes really would get clogged up.
One problem aspect to spam is that it does not scale up. If only 1 million people sent everyone just 1 piece of spam each year, that would still be nearly 2 pieces of spam coming into your mailbox every minute, on average. And don't expect it to be arriving spread out over time like that. This is not something that can ever be universally adopted. Even now it's only a handful of people doing it.
now we need to go OSS in diesel cars
Lots of people do have various means they have implemented for themselves to block spam. I do. And I have to do it carefully because I actually get some email announcements from various companies I do business with, and I'm glad to get them, such as the place I've ordered CDs from.
Some of the strongest methods to block spam is to block relayers. Legitimate mass-mailers don't use relaying. I subscribe to MAPS and my spam load went down quite a lot. New relayers are popping up fast (mostly with pirated obsolete copies of Exchange Server), so I have supplemented MAPS by blocking ALL of China (including Hong Kong) and Korea, and am considering the same for Taiwan and maybe even Japan (will have to make exception for a little bit of legit mail I get from there) as the level of relaying there is rising.
now we need to go OSS in diesel cars
One of the more difficult things I continue to think over is the notion of spamming vs. free speech. I definitely want to protect the latter and make sure it is never at risk. And I consider anonymous email to be one aspect of protecting it (as long as there are people wanting to suppress ideas they dislike by threatening people or worse, then anonimity is essential).
Reconciling this with the digusting muck of the internet is still difficult to do. To me, the content is not what should be relevant. You should be able to say whatever you want to say. Still, I should be free from having to pay for what you want to say, even if you want to say it to me.
Ideally, a web page is the best way to go for saying what you have to say. But you still have to let people know it's there, somehow.
I'm designing my own forum site right now, not unlike /. although with a different theme. And I am contemplating the issues of free speech vs spamming and trolling and all that kind of nonsense. The conclusion I have so far (and still subject to change ... and of course people telling me what they think about it) is that the appropriate thing to do is to allow anyone to say what they want to say, but provide a means to categorize what is said. The Usenet analogy would be instead of cancelling articles, to just change the group they are associated with to whatever the article relates to (alt.ads.penis.lengthening or whatever). And it would have to be an advisory addition, not a substitution of what group the original poster posted in. People can then select articles to read based on original, or advised, groups.
Despite my hatred of spam, I do NOT support any legislation I have seen so far that is against spam. I'd sooner have legislation against backbone ISPs allowing the routing of IP packets arriving on interfaces with sources addresses which if routed as destination addresses would not go to that interface (if any at all). But I wonder if even an IP packet needs to be protected as free speech, including with anonymity.
OTOH, we shouldn't have any right to expect others to pay for our free speech any more than we should expect others to pay for our beer, as wonderful as that might be (depending on the choice of beer).
now we need to go OSS in diesel cars
Whoa... I didn't think about that. That's totally cool. That's a great idea. Thanks. Now I'll have to go do that.
now we need to go OSS in diesel cars
If Usenet is so dead, why is your company still running Usenet servers?
now we need to go OSS in diesel cars
My response? Oh really now. So you don't think that most people dislike spam, huh? Since you're obviously not in that vocal minority, then you wouldn't mind if I changed my .sig to include every dma.org email address I can find, would you?
So here's my new .sig:
--
These guys love spam!
webmaster@the-dma.org kebeling@the-dma.org echo@the-dma.org twalsh@the-dma.org lrc@the-dma.org chapters@the-dma.org customerservice@the-dma.org conference@the-dma.org consumer@the-dma.org councils@the-dma.org mmicali@the-dma.org dmef@the-dma.org Governme@the-dma.org hr@the-dma.org Internat@the-dma.org membership@the-dma.org Presiden@the-dma.org privacy@the-dma.org Sweep@the-dma.org kelli@dma.org.uk dma@dma.org.uk rweintzen@the-dma.org
--
Now when the bottom feeders troll through Usenet and web pages slurping email addresses, they'll pick these up as well. And if there's any karmic justice left in the universe, they haven't had the foresight to add themselves to their own block lists.
-B
Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.
As long as you send from a legitimate address and actually RESPOND to remove requests, keep it up. Good luck, more power to you. But as soon as anyone sends me their marketing stuff from abc981723897@yahoo.com, they go on my shit list. :)
-Chris
...More Powerful than Otto Preminger...
Great Idea.
Doesn't work in practice so well. Some of my freinds don't know how to BCC anybody. I can't tell you how many time I've ended up on a spam list because of email being forwarded a few hundred times.
When I called the "friend" to complain he told me in a haught,y sarcastic voice: "I didn't know that your email wasn't public"
People are just idiots!!
You're missing the point. They have to download and read it to know how to unsubscribe, yes? You are sending e'mail to people who are potentially having to pay for it on a per-e'mail basis. People who have to pay for storage, or time on-line, or bandwidth are PAYING SOMEONE FOR YOU TO SEND THEM E'MAIL. It does not matter WHERE you get the addresses. It does not matter HOW you get the addresses. The point remains that you are forcing people to pay so they can read and then delete your spam.
What the sort of business model is it to force potential customers to pay for advertisements to services that 99% of the time have ZERO relevance to their lives?! Don't feed me that "you pay for television commercials" crap, either. The fact that we pay for television service, which happens to come with advertisements as well is NOT a valid comparison. We pay a flat fee for television service, commercials or no. However, with e'mail spam, if we pay for bandwidth, storage, or time on-line, we most certainly DO pay extra for e'mail spam.
] D
>I would be unable to support my wife and kids if >it weren't for the business I gain through e-mail
I'm sure most buggers and burlgars would use the same argument. The fact is that what you are doing *IS* wrong, and moreover, *IS* F*CKING ANNOYING!!!
I'm sure most of the slashdot community will agree with me that we are sick and tired of slogging through dozens of adds for shit we aren't interested in and have NEVER asked for information about!
Honestly, it depends on the subject of the email and how the body is phrased.
.", I summarily delete. Ones in math, physics, complex systems, or computer science I read. So, in a sense, you truly are spamming all those people who have no interests in what you're mailling about.
As a student, I get emails all the time from friends and professors, etc. Emails which start "English department looking for . .
On the other hand, maybe if you got the email addresses of all the students within your department, possibly those who have already declared it as their major, then in no way could it be conciderred spam. Just don't turn it into a mailling list. One clean, clear mailling is fine. Mailling any more frequently than absolutely necessary (once per term maybe), turns it into spam.
In other words, circumstances determine whether the mail you're sending is spam or not. Spam to me might not be spam to you, and vica versa. As long as what you're mailling about is predominantly clear and your sending it to people who have some affiliation to you, your professor's request isn't that farfetched.
---
---
"Of course, that's just my opinion. I could be wrong." --Dennis Miller
From the article:
:o)
Spam is one of those features of modern life, like infomercials and telemarketers, for which almost no one has a good word
It's not a feature, it's a bug.
actually, it can be a bit simpler than that... if you use qmail as the mail server for your domain, then everything up to '-' is evaluated as an address for delivery. I routinely give
from-[NameOfCompany]@[mydomain]
as my email address when I'm forced to register. all such mail is then delivered to from@[mydomain] by qmail. the advantage here is you aren't creating a million aliases to keep track of; and it is _very_ easy to see who sold my name to whom.
- mark
Hey, dipshit - I can't help but notice that you don't list a public e-mail address. You're afraid of being inconvenienced by spammers harvesting it off Slashdot?
---
My opinions are mine.
Thanks for the confession, thief.
/.
/. If the government wants us to respect the law, it should set a better example.
Its from the university to the same university, right?
It would appear that the professor, as an employee, is using his "company's" resources. Ask your system admin if its ok or if there is alternatives.
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
That sounds like a trailer for a movie...
:)
Hell, I would pay to see it
Mod this guy up...I think he's come up with a great real-life analogy to describe spam to people not familiar with the internet (but nonetheless still use it):
Spam: It's like a collect call you cannot refuse.
Bill Clinton: Pimp we can believe in. - The Shirt!!!
I just wrote a Perl proggy that deflected any mail that was not directly addressed to me and installed it as a procmail filter.
Uhhhh...
Perhaps your script is doing considerably more (it had better, to make it worth writing in perl), but if all you want is to throw out mail that was sent to you via Bcc: (as spammers like to do), then procmail itself will do the work.The above recipe, plus a couple of holes to let my trusted friends and colleagues Bcc: stuff to me, has caught over 99% of all my incoming spam for years. Occasionally I get some piece of shit sent to me with To:/Cc:, but that's rare. (And if I could just perfect my ebola variation that only affects marketing majors, it'd be even more rare.)
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
I'm sure the LA Times is highly biased against all kinds of petty thefts.
If you're a legitimate businessman, then buy your advertising, don't steal it from me and my ISP.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
I don't give a flying fuck if you're getting addresses from USENET, chat rooms, or buying them from other bottom-feeding asswipes like yourself.
My mail queue is my property, not yours. I'm sure you'd love to break into my house and paint a billboard on my living room wall, too, but I'd kick your ass if you tried it.
This is not a freedom of speech issue, it's a property rights issue, and stealing your advertising placements doesn't become legitimate just because you give out an address where people can send you a note confirming that their address is live.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Actually, what makes his troll so brilliant is that those of us who whack spammer nads on a regular basis have seen spammers using his rhetoric. It's what most spammers really think.
Basically, it's close enough that it passes the Troll Turing Test, in that it's indistinguishable from the real thing.
Of course, if he stuck in markers that identified it as a troll, (e.g. first letter of every sentence spells TROLL, or AYBABTU), then he'd get bonus trollin' points for style - in that it was distinguishable from a "real spammer", but none of us picked up on it.
*shrug*, so I'm lame and need to get a life :)
Yup.
As one AC has pointed out - I have no life. 'Sokay. I never claimed to have a life :)
No, but an ISP's profit margins - and thus, its viability as a business - are affected by the amount of spam it has to process. Due to scaling issues, smaller "local" ISPs are probably hit worse than larger ISPs. (A $1M storage network is a drop in the bucket for AOL, but another $5K RAID setup may be a serious problem for some Mom 'n' Pop operation.)
The costs are indirect, but real.
> As for your friend, hasn't he ever considered turning his pager OFF before he goes to sleep?
I don't know the guy, but if he's paid to be on call 24/7, odds are that he can't just turn off the pager. Kinda defeats the purpose.
And before anyone suggests filtering...
Filters are a tool - whether they be client-side or at the router - but they're only a tool, and may not be appropriate in all situations.
And that gets to the real cost. What about the time your admin spends in writing filters and/or maintaining blocklists, rather than keeping up with CERT advisories and his usual sysadminnish tasks?
Oh, right, none of those costs are borne by the spammers either. So they don't count either, at least in spammer-logik.
In your earlier post, you said that spam "works" (from the point of view of the spammer) because of the "y" sales out of "x" spams.
The problem with your logic here is that the people who are likely to realize that things offered by spammers are generally fraudulent - that is, people who will respond to your "just hit delete" campaign - aren't part of the "y" people dumb enough to buy the spamvertised product in the first place. Encouraging people who hate spam to JHD (Just Hit Delete) doesn't threaten a spammer's income stream, because the people who delete it unread aren't gonna buy the product anyways.
In fact, a campaign whereby spam-reporters were encouraged to JHD would result in more spam, not less, as spammers' accounts would live longer, and send more spam.
And if spammers' accounts live longer, and more spam gets sent out, and we accept your (logical) assumption that "y people respond for every x spams", then by increasing x, we would tend to increase y. (Up to a limit - after all, spammers' customers have only a finite amount of money to spend on get-rich-quick scams and fake Viagra, and when they've spent all their money on the former, can no longer afford the latter :)
Thus, a policy of "Just Hit Delete" would not only results in more spam, it would also result in more profit for spammers.
This is why JHD is not a solution, long-term, to the spam problem. It may be the right solution for you, and you've got every right to JHD if you so desire. It is quicker (at least in the short term), and if your goal is to minimize the amount of time you personally spend dealing with spam, it's workable.
But if your goal is to reduce the amount of spam overall, then taking the time to report to abuse@ (thereby hitting them in the pocketbook) is the way to go.
I used to JHD too, by the way. My spamload hit 20 per day around 1997, and then I learned how to read headers. It's now down to one or two a day, and reporting every spam has become quite manageable. A friend in the next cubicle who continued to JHD is now the 50-60 per day range.
I think my "delete" key is broken. It seems to be hooked up to my brain, which views and parses the headers of the spam, and forwards a report to the abuse administrator at the spammer's ISP.
For most ISPs, the spammer's account is then deleted. I'm sure that's not what you meant to suggest I do, but it seems to work for me.
This is NOT MLM! This is NOT a scam! It's 100% legal! The guy who spammed me and suckered me into it TOLD ME SO! Really!
> I think that digital solicitations provide a valuable service to consumers
If you were subsidizing my email account, you'd be entitled to spam the bejeezus out of it. But you're not. I'm the owner of my server, and I decide what's a valuable service and what's not. Not you. Because it's not yours.
When you pay for my server - or if I'm in Europe, my per-minute-local-calls, or if I'm in the US and reading it on a cellphone, my cell phone bill, or if I'm an ISP, the bill for the 30% capacity I have to add to /var/mail and /usr/spool/news that's currently taken up by spam - then, and only then, do you have a right to advertise on my hardware.
> Please, I urge you, give us a break, we're just trying to get by the only way we know how.
On the very slim chance that you're not a troll:
If the only way you know how to make a living is by stealing the resources of others, I hope you either (a) learn another way of making a living, or (b) starve to death.
Theft is not a viable business model. Until you've learned that, please fuck off. Fuck off, stay fucked off, and don't come back until you've finished fucking off.
Spammers have tricks where if they seem you use something like (John SMith) jsmith@aol.com, they'll try "jsmith@att.net", "jsmith@earthlink.net", "john@smith.com", etc.
The cake is a pie
UltraBot2K1: why don't you provide an email address in your /. profile?
Actually, i usually stick in an address at the domain i'm signing in at....
For example... say i'm getting free acrobat reader, and they want my email address, i just
fill in jsmith@adobe.com
-Grin
Old truckers never die, they just get a new peterbilt
MAPS doesn't filter anything. Either you or your ISP has to do the filtering, perhaps based on MAPS recommendations.
Actually that is exactly what is happening, and is the only reason you don't wake up every day to 50,000 messages in your inbox to delete.
Thank the army of zealots for at least holding the line, if not actually winning the battle.
Does it strike anyone else as odd that they are supporting a vigilante (thier word, not mine)?
Rarely do you see this IRL, but b/c it's on the internet it's ok?
Hmmm . . . .
WHONEEDSSLEEPWHENWEHAVECAFFINE?!
I've used pobox.com for more than 5 years. They're a mail forwarding service - my-login-name@pobox.com forwards to whatever account I'm currently using to get my mail (so I can change ISPs, or use a free email account, or whatever.) About $15/year, cheaper if you buy multiple years up front. They've got a spam-handling service that you *could* trust to delete anything exceeding a spam threshhold, but is safer to use by having them mark the Subject: line of suspected spam (it's a 0.0-10.0 scale, and you can set what level gets marked, default >=3.0.) They've gotten pretty accurate. Also, any mail that's addressed directly to my ISP account that isn't from the ISP themselves is almost guaranteed to be spam, so my Eudora filters mark those automatically.
Brightmail uses the "only accept mail from known addresses" method - if it gets mail from an address it hasn't seen before, it sends confirmation mail back to the sender saying "hi, this is brightmail spam blocker, please confirm that you're a real person". Mildly annoying, once, to real people who send you mail, but since spammers almost never have real return addresses, it almost always blocks them.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I get very little spam in my main inbox, by putting noone@nowhere.com in every damn e-mail box I fill out on the internet
I usually give companies a dose of their own medicine and use one of their mailboxes for registrations. For example, Realplayer is registered to abuse@real.com, and Quicktime is registered to abuse@apple.com.
Even though my cable modem is $50/month regardless of how much spam I get
I spend a lot more than that. Let me see ... $US163.75/mo and that lets me receive up to 3GB of spam.
And can you believe it, mail.com won't close an email account I got there?
PS, tip for qmail users: to create a mail blackhole, use:
|/bin/true/bin/true exists on my Linux Mandrake system.
Not true. There is an extension to POP3 that allows you to send email. My email client, MR/2 ICE for OS/2, supports it. It's also supported by InetMail for OS/2, a POP3 server.
--
Lord Nimon
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart
You are a lowlife slime, trying to pretend he's something else. If I post my address on Usenet (which I've stopped doing, thanx to assholes like you) it's not your authorization to send me tons of crap. It's because I want to allow someone ON THAT FORUM (not you, slimeball) to contact me.
Crawl back under your rock, scum-bag.
--
"that's not encryption - it's a new perl script that I'm working on..." - from some Matrix parody
You can avoid pissing off grandma by keeping a white list.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I was kicking around the idea of doing this for a while and lost focus on it but now my spam load is pissing me off to the point where I'm planning on starting it up again. A little java POP client with some Extra Features should be enough to do the trick.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Once I got my DSL installed I canceled my phone line. Now I only use a cell, however enven that is getting spamed because I give it out when asked for a home phone number(I tell them it is a cell) Some places just dont care. But call your phone company and cancel
.sigs suck, thus nothing here.
How incredibly generous of you! You provide an option to unsubscribe!
I don't give a flying fsck. You have no right to subscribe me against my will in the first place. I therefore have absolutely no obligation to waste my time reading your spew and figuring out how to unsubscribe from something I didn't subscribe to in the first place.
Posting my email is not a solicitation for junk mail, and in no way excuses your theft (by chattel) of my resources.
All talk of "legal rights" and complying with US "law" (actually not law at all, but bills that failed to become law) is total nonsense. You have NO legal right to my mailbox. And if I'm going to have to waste my time dealing with your spew, you can bet using your "unsubscribe" (which you may or may not interpret as "sell the address to all the other sleazebags, it's good!" but certainly most of your peers do) will not be my choice of action. I'll be tracing your crimes and notifying some service providers instead.
Want to send random people junk mail? Fine, use snailmail. That way you pay for it. Try to steal resources I pay for to facilitate your junkmail? Expect war. Don't whine. What other reaction could you possibly expect from your victims, thief?
"That old saw about the early bird just goes to show that the worm should have stayed in bed."
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
Nothing wrong with it as long as everyone on your bulk email list agreed to receive your notices. Somehow I doubt that's what you meant, and anyway you already confessed further down the thread so we know this is not what you are talking about.
About those 'regulations' - what on earth are you referring to? You mean one or more of the bills that didn't ever make it into law? Those aren't regulations, or laws, or anything except bills that were not made law...
Wow, talk about self-contradiction.
So you're saying you are incapable of feeding your family by legitimate means? Are you looking for sympathy? You're more likely to get spit on, honestly. If you can't support your children without stealing you probably should have worn a rubber, and/or tried to learn some job skills growing up. At any rate, your failure does not obligate me in any way to excuse your theft.
Umm and just what is the difference between a legitimate businessman and a lowlife spammer? I'll give you a hint - legitimate businessmen don't go around subscribing strangers to bulk email lists without their permission!
"That old saw about the early bird just goes to show that the worm should have stayed in bed."
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
In your case, an alternative, a possible compromise between you and the prof, might be to send mail to the academic advisors in departments whose students might be interested. They would be most likely to know who would actually be interested and could forward the message to the appropriate students, without annoying excessive numbers of people. Might be worth a go.
Good for you for standing up for your principles tho.
---
"This message is composed of 100% recycled electrons."
So yes, it's definitely probable that someone did get the address from your web page, but without using your database and without your knowledge or permission.
---
"This message is composed of 100% recycled electrons."
I'm not going to rise to the obvious troll, but this reminds me of a question that's been bugging me for a while: why do the suit-types (and, often, spammers) think that spam is an acronym? I can almost always tell a suit/spammer from a tech by how they capitalize "spam." If it's all caps, they don't know what they're talking about.
Of course, if it actually *is* an acronym, I'm probably about to get flamed.....
It's quite simple. If you don't send spam then you are not a spammer. Spam to me is email that advertises something from a company that I never asked to recieve. If I go to your web page and sign up for a news letter and then you send me one every week that isn't spam. But if you buy a list of email addresses and my name happens to be on it, and I never asked you to send me an advertisment well then, that's spam to me. At least that is the way I feel about it.= \=\=\
=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\
The simplest solution for spam is for ISPs to charge for outgoing emails above some reasonable
threshhold. For example, average joe user gets
2000 outgoing emails for his $20 per month
basic account, and usage above that is a penny
per email.
This will do several useful things:
(1) Legitimate
businesses will strive to filter their email
lists, just like ones that use paper mail, because it will cost them more to send email.
Today the cost for an email address list is
pretty low, and the sending is cheap or free.
Therefore it gets overused, since it only takes
a few sales per million emails to cover your
costs.
(2) ISPs will have a new revenue stream, which
will help to lower the cost of providing the
rest of us with service.
(3) ISPs will have a better chance to collect
from spammers who steal their service. This
will serve to deter the spammers, and encourage
the ISPs to go after them. At a penny a pop,
sending a million emails would be priced at
$10,000, which would be a heck of an incentive.
Daniel
LOL these spammers have the BALLS to go threatening people's physical safety?
:)
Where do I sign up? I'll blast some spammers myself. Let's see if they can even FIND me. Then if they do find me, let's see who comes bringing the noise.
I've got six friends and they all run faster and hit harder than any punk who shows up on my doorstep. Oh man, being threatened by SPAMMERS, oh my god, I've seen it all.
The sad part is, since these SPAMMERS leave their personal (business) information as a means to contact them to buy their products, there is great opportunity here for anonymous "antagonists" to harass them. Heheh. I think I will go and figure out ways to strike them down with impugnity.
========================
63,000 bugs in the code, 63,000 bugs,
ya get 1 whacked with a service pack,
--- Grow a pair, liberals... stop letting the Republicans bully you!
There is a system on some sites, like hotmail.com, for blocking certain email addresses.
:)
Imagine if you could use a regular expression style filter on email, set at the ISP level, for a flat monthly fee? Each user would have their own settings, and then maybe MAPS would have a global list for everyone to download.
Or, the more likely and manageable (for ISPs) method - to put this filter into the email client itself. It causes more download time for the customer, but still, they would not EVER see the spam.
The filter would be a two way filter: accept only certain email addresses/paths/subjects (up to *@* if you want), and the same thing for deleting email. Also, if the email is from an address that doesn't exist, auto delete it. (I don't know how much this would strain the user's or ISP's system, though.)
Would that work?
========================
63,000 bugs in the code, 63,000 bugs,
ya get 1 whacked with a service pack,
--- Grow a pair, liberals... stop letting the Republicans bully you!
Spam is doubly annoying outside of the United States due to most of the advertsing contained within it being mainly targetted for an American audience and it taking up valuable time and bandwidth.
Beyond the annoyance value it is theft of personal time and computer resources which if the spammer provides no means of workable list removal shamelessly criminal. I can recall a case in the UK were a man sued an advertsing firm who used unsolicited faxes as their media for theft of fax thermal fax paper, and won.
MarkAt least you could burn the unsolicited mail.
No it isn't. This might be my own stupid fault for using Hotmail, but I have a hotmail account that I haven't give out to anyone or any site. But still I get SPAM.
I do this, and I have received spam from slashdot and ebay, so i deleted the slashdot alias.
ironic, no?
Paul
I would be very hesitant to do that. Many of the addresses in the 'from:' line are either totally bogus or are some innocent persons email address. It is very rare for the from address to be the spammers.
No replies made to AC posts. Please log in.
Dude, calm the fuck down. I am not a spammer. I was just passing on a link that I remember seeing on NANAU way back in the day. I thought it was funny.
No replies made to AC posts. Please log in.
See subj
"It's exactly what they want you to do. Spam isnt' annoying, you just throw junk mail out anyways right? Just hit delete!"
Fuck that shit.
I must admit that I have never really taken much time to learn about automatic methods of identifying and eliminating spam. Nevertheless, it seems that human judgement is required to consisently identify all of the various forms of spam.
While it is fairly painless to delete spam, (you can usually identify it by only reading the header) the real problem is that it is not only you deleting it from your mail account; its also tens of millions of other people deleting the exact same message. If someone else has already taken the time to figure out that the message is spam, why should you have to be bothered with duplicating their effort?
If we ever want to get serious about eliminating the amount of spam in our inboxes we are going to have to integrate spam identification functionality within our mail clients, not just within our mail servers.
If we allowed users to inform the mail client that they regard a piece of incoming mail as spam our program could respond by (obviously) deleting the message, then propagating the information that this piece of mail is spam to mail servers. Our mail servers would then be able to delete the message before the remainder of its clients downloaded it into their inboxes.
Unfortunately, this system would not be reponsive enough to block spam as it arrived at mail servers. Accordingly, it would most likely help to augment, not replace, existing spam filtering technologies.
Another observation is that initially, this system would generate almost as much information as the spam had done in the first place. While this is true, when spammers realize that only the first few of their millions of messages are being read, they might decide its time to look for a real job. Eventually, the net gains in both human time/effort as well as computational resources would be tremendous.
BTW, I have provided my real e-mail address. While never directly providing your true address anywhere on the web might save you some grief, it seems to remind me of an ostrich burying its head in the sand. We should not all be forced to learn clever ways of how to encrypt our e-mail addresses to avoid spam. You certainly don't consider changing your PO box because it gets too much junk mail. If spam has grown so far out of control as to force us to change our actual addresses, how can it be that so little has been done to stop it?
-Angelo Torres
You can always use mail2web.com, filter the spam and then fire up your actual mail client.
Or you can use IMAP instead of POP3.
Donate free food to the hungry at The Hunger site.
spammotel.com generates a guid for you and associates it with whatever you want to associate it with. that email account can forward the email to you or block it or whatever.
but if you give someone a spammotel guid and a little while later spam starts pouring through it, you can tell who either sold your email addy or who has cheesy security.
can someone tell me if it's true that you can obtain a list of all the 'valid' emails on a mail server by sending a certain smtp query? if so, how to prevent if you don't have control over the server? thanks in advance
Peace,
Amit
ICQ 77863057
[o]_O
True, True. I hunt down spammers kind of regular. Since I am on this machine or that most of the day I can often even catch the person online. Sniff them out a little and report to the ISP after a trace route. It does work. Sometimes when done right a whole bunch of spam influx just vanishes. Unfortunately, the spammers eventually find the address again and it starts all over. I have gotten a few emails on follow ups and resolutions to spam complaints from ISP's and those just warm your heart ;)
I have not managed to get on a spammers blacklist yet, as you have mentioned after many years of hunting the pests down I don't truly think that a spammers black list exists. If it does, it wouldn't surprise me to find out they pass it on to the 'hey add this guy to every email list you can cause he fucked me' list. That I have seen. I went after a spammer who was located in the Netherlands once. His ISP wasn't to cooperative. I complained to their upstream provider nothing there either. With the help of my ISP and a few other folks who had complained (at my ISP) eventually contact was made and the upstream provider took some action. In the mean time either they (or the spammer, maybe they were one in the same) proceeded to flood my inbox with 'viagra alternatives' spam for 5 days straight (in the neighborhood of 120 per day or so).
Count your blessings on the lack of spam in your inbox and hunt those few that do trickle in down!
Prospecting Stinks. Stop Wasting Time on Cold Calling.
Really, it's not that difficult to seriously dampen the amount of spam that your server receives and sends just by changing some lines in some configuration file. And think of the bandwidth and diskspace you'll save.
Spam is the bane of Usenet. If weren't for people like him Usenet would be totally unusable.
...for at least some websites. One website I run has over 200,000 subscribers. At least once a month we get a rant from some user who uses this method. They go on and on about how we sold their email address to spammers, they're going to sue us, blah blah blah.
But we simply don't do any such thing. I am the only one with access to that data in bulk.
I don't know where someone got that address from; maybe sniffing traffic at some intermediate point, or through a client-side security issue in their browser.
So if you *do* use the alias trick to identify where spam is coming from, keep in mind that it is not fail safe. And if you're going to contact the website in question, try to be reasonably polite and not instantly super-confrontational and threatening, ok?
Cheers
-b
If I wanted a sig I would have filled in that stupid box.
I did once. I wasn't on my normal machine, so I forwarded the message to abuse@ and neglected to send the headers. It didn't matter. Within 24 hours, I got a reply (from a person) stating Hotmail had terminated the account.
The fact that I didn't include the headers somewhat scares me, but I don't know if they had received other similar complaints. I was impressed with their swift retribution, however. Nice suspicions, but they just don't match my experience.
It could also be a guess-bot. I shouldn't be too tought to find a list of first and last names and assemble plausible usernames from combinations and spam them all. It might be an interesting experiment to try doing the same thing but with two different usernames at the same time. Choose one that should be easy prey to a guess-bot and one that's just a bunch of random gibberish. If the easy to guess name gets spam while the other one doesn't that would be evidence that it's a guess-bot.
There's no point in questioning authority if you aren't going to listen to the answers.
Thats why I forward my spam to sales@uu.net and info@uu.net
Spam has dropped from 7/day 1/3weeks now - the sales staff hate it and make their pink contracts remove me from their lists.
Next up - Gridnet.net
The first thing we do, let's kill all the lawyers. Shakespeare, Henry VI, Part 2, Act 4, Scene 2
What, no Jon Katz review yet?
Slashdot, besides being read by the trolls, is also read by a bunch of fairly well-to-do individuals. Prime target for an automatic reaping bot to come and harvest email addresses, which is why people here tend to obfuscate theirs in a way that fools the 'bots.
For me, a simple spam filter did the trick. I just wrote a Perl proggy that deflected any mail that was not directly addressed to me and installed it as a procmail filter. [zap] no more spam.
I do ocassionally get spam sent directly to my email address and I have had a couple of mailing lists bounced, but it's just a matter of adjusting the block file. (Oh, and no one has threatened my life or stollen my credit card numbers for it either.)
--
Wooden armaments to battle your imaginary foes!
Seriously, though: If you're sending email out to people whom which you have done business with in the past or people that have signed up for your mailings, then I'm OK with it. However, if you "obtain" a list of email addresses from an "online marketing organization" you're clearly in the wrong. I mean, you do realize that most of those addresses are harvested from websites (like /.) and newsgroups and chain letters, right? You really think those people want to receive your junk mail in their inboxes?
Opt-IN is a far better approach than Opt-OUT.
--
Wooden armaments to battle your imaginary foes!
No one gives two shits about the option to unsubscribe. Usually, it's a hijacked account (of someone you hate), or a URL to a pr0n site.
--
Wooden armaments to battle your imaginary foes!
People should really enter x@x.x or something when e-mail addresses are required.
Monkey sense
No. Not ironic. Not in the least. Look up the meaning of ironic and you'll see why.
forth ?love if honk then
I would like to inform you of an increasing problem with our society lately... it is called SPAM.
...
...
yadda yadda yadda... more text and hyperlinks...
even a link to "Remove you from our mailing list" (which actually just adds you to 3 other newsletters/mailing lists that you don't want)...
Thank you for your time.
PS. If you don't send this to 30 people within the next 5 minutes, you will have bad luck for the rest of your life.
Karma: NaN
This is what I send back if some idiot sends one of those to me. http://www.kith.org/logos/things/chain.html
--You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
youruserid+cowX@yourdomain.blah
The mail would get delivered to your box. If you start getting SPAM (Stupid People's Advertising Method) to "youruserid+cowX" or perhaps a "Dear Mr. YourUserid CowX" you will _immediately_ know where they got your address.
Isn't that a contradiction in terms? Legitimate and MLM would seem to be mutually exclusive.
Two is not equal to three, not even for very large values of two.
Sure. It's called Le Spam. There's even a website, though it appears to be free of content. But at least they're running Apache.
A friend of mine (a horribly misguided friend) uses MSN dial-up access... stays away from MSN Explorer, thankfully, but the damage is already done. Anyway, in accordance with their spam policy, MSN now blocks access to all SMTP servers except for smtp.email.msn.com or whatever it is, so now anyone using MSN dial-up can't send mail through their own mail servers. I personally think that they should prove that a person is a spammer before restricting their access like that, but Microsoft and I tend to not always agree on things. I just think it's kind of funny, seeing that Hotmail is one of the most easily accessible spam account providers...
--
POP3 is only for retieval of mail residing on the server. It does not send outbound mail, therefore you would not be at risk of having your machine abused by spammers for such stuff. However, it's always a good idea to close any ports you don't actually use.
SMTP is what you need to worry about. If your SMTP service is running from the default system setup, it is much more likely that you are open for abuse.
  -Tommy
"I got a half gallon of Jack, and 2 dozen Ant Traps. I'm about to get wild." -me
Give me 5 minutes and I can write a script that d/l's a slashdot discussion and pulls out all the email addresses. A side thought to my original idea would be to not "announce" your email address. Either don't put it up at all or somehow spam-proof your name (and using the word "spam" isn't good, cause I can filter that out in an extra 10 seconds).
Put yourself in the mindset of someone grabbing email addys with a script. How can I make an address that the common person can figure out, yet be complex enough to dodge simple filters... Keep this in mind if you have an email addy that will be displayed in the public eye.
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
Here's something useful if you have your own domain with unlimited aliases:
Put the name of the website as the name of the email. For example:
slashdot.org@mydomain.com
Filter it in your favorite email reader, and when you are tremendously bored you can go through your trash folder see what websites sold your name to spammers...
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
What I did to control it was to save every spam message for a few months. After this time, I had a collection (a few thousand emails) of various scams, sales pitches, etc, each with it's own wording. A little perl program was then fed this archive of spam, and it sorted the most popular 3 and 4 word phrases, which were then used for fgrep fodder via procmail. The MarketingSpeek(tm) is self-identifying...
It was a bit of work, but the results were worth it. Of course, "make money fast" was near the top of the 3-word list.
not that I don't believe you, but I've had my hotmail account a lot longer than 2 days and I'm only getting a little over 1 piece of spam a day.
I use my hotmail account for outgoing mail, and I give people my iname address that is set to forward to hotmail.
So in theory, I should be getting double the spam as I've got two addresses going to a single inbox. (Three if you count my university account).
The only real protection I have is that I have hotmail's spam protection turned on, and I block the sender of every piece of spam I get.
Some people seem to get harder hit by spam than others...
. --- If you're looking for free e-mail you won't find it here! http://www.noemailhere.com
If you don't have anything nice to say, say it often.
If you don't have anything nice to say, say it often.
- Ed the Sock
Doh... grammatically challenged today.
If you don't have anything nice to say, say it often.
If you don't have anything nice to say, say it often.
- Ed the Sock
An ordinary man. They took his porn. Now he wants revenge.
// It had been Fat's delusion for years that he could help people. --Philip K. Dick, Valis
And they are hurt more in the pocketbook if their account is nuked and can't receive/send any more for a while or if their website is taken down by the ISP.
And "Just say No" worked well too...
.1% that respond (e.g. that don't follow the "Just Press Delete!") that may be enough to keep them in business, can't get through so the effective response is 0.
You have the thousands doing it. It is just going to take ISPs actually paying attention to the complaints. They certainly can't make any money if they are completely unable to get the results of the spam run. So the
Legend has it that it is actually an acronym: SPAM = SPiced hAM. Of course, the official line from Hormel is that it's just a made-up word.
In fact, Hormel has this to say about spelling "SPAM" in all caps:
You can read their full statement at http://www.spam.com/ci/ci_in.htm.
jehuni
My ISP got on MAPS' shit list, and my brother's ISP blocked all my email to my brother.
Excuse me, then you were paying money to a shitty ISP, and it's good that you left. That is exactly the effect intended when a network refuses to be a responsible member of the Internet community.
You didn't say whether your ISP was in MAPS RSS or RBL. We know to get in MAPS RSS, a mail server must:
- Be open to third-party
relay.
- Be proven to have relayed spam mail in the past.
- Be unwilling to correct the problem
They claim to only block IP addresses, and they claim to not block by domain name, but the easily-verified truth is that they do block by domain name.I challenge you to prove otherwise. So far, you are just full of hot air.
Note that they're too chickshit to block AOL or MSN -- I guess even MAPS don't have enough lawyers to fight those guys.
OK, now you're talking out of your ass. What, are you a really good troll or something? MAPS did put MSN on their blacklist.
I think MAPS is lacking in some areas, but your bad experience with a bad ISP is not going to convince me you have a legitimate gripe.
You should not have had to contact MAPS for any reason; your ISP, being the ones blacklisted, should have done what needed to be done.
You sound like an end-user. Let me tell you, it's very hard to get into the RBL if you are a competent organization with well-clued system administrators.
Here, at Central Oregon Internet, we've been using MAPS since nearly the beginning (meaning, years), and I can count the number of problems with legit mail being dropped on ONE HAND (and guess what? I'm a nice sysadmin that will allow email to come in from blacklisted hosts if a customer needs mail from there--but I will try hard to get the offending network to get themselves off the blacklist, and if I see any spam from them, they don't get any more special treatment. See, your brother's ISP sucks, too). A couple of weeks ago, MAPS checking was turned off for three days, and the amount of spam reported by our users skyrocketed. That is all the proof I need of the effectiveness of MAPS.
The proper solution is to either use the domains 'example.com/net/org' (which are guaranteed never to exist) or the pseudoTLD '.invalid' (which is also guaranteed never to exist).
With postfix, the delimeter is configurable (the default is +). Assuming you don't have any email addresses with period in them, you could hypothetically use that as your delimeter. Since so many legitimate addresses use periods, it's less likely that they'll strip them.
http://www.yelm.freeserve.co.uk/spamido/
Gimme Gimme Gimme - Karma!
There is a simple solution, I think: check the books. no company I know of is going to spend ANY amount of money on ANYTHING without keeping very good track of it. ThinkGeek would arrange for an independant auditor, agreed upon by both sides of the case, to go over their books. Somewhere in there, there will be eitehr nothing to see, or an amount indicating a payment to a spammer.
Eh, it's a kludge. I don't know if there's an easy solution, but it makes more sense to go after the person who pays to spam, if it can be pulled off properly.
--- Chief Technician, Helpdesk at the End of the World
"I am an Adept of Tantric VAX."
Instead of going after the spammers, go after the guys who pay the spammers to hawk their products.
If Spam is going to be constituted as a menace to the stability of the internet, the judicial system should acknowledges the inherent inability of investigators to determine the identity of all spammers, and instead find culpable for damages the people who commission spammers to do their advertizing for them.
Remember, spammers do not exist in a vacuum. It is a rare spammer who hawks their own services. The person who is selling something, and the spammers who are selling stuff themselves, must have some way of separating a user from his money. Thus, they must have some sort of contact point to send money to. There has to be a warm body somewhere along the line who collects the poor sods' money. And if there's a convoluted way of getting money to them, then the Feds of any number of countries will smell 'money laundering' or 'tax evasion' and start salivating like Pavlov's tax inspector.
This will ensure that companies will be very cautious as to who they commission to do their advertizing for them, and will specify that they do not want their product advertized for via unsolicited, bulk, server-crashing, net-clogging, router-crushing, POP3-hijacking, bloody well annoying mass mailing. And spammers will suddenly find their work drying up, and nobody will want to advertize in that manner.
That.. or I'd like to know why this isn't possible. =)
--- Chief Technician, Helpdesk at the End of the World
"I am an Adept of Tantric VAX."
I don't have a complaint with UCE/spam when they really do honour unsubscribe requests or have legitimate headers that allow me to contact the people and have my details removed.
I really hate forged headers as it takes time to cross-reference and check the real routing details. And if you can easily get make a spelling error, the spam sites use close approximations of well know sites.
And that is what really pisses me off about Puls. Forged headers and bogus unsubscribe details. I think people like him are a bane to society. They chew up bandwith with rubbish I don't want to see and there is no way to get off thier list. If I want to by something I'll do a search for it and I make sure not to use companies that use spam to spread their message.
Using a private and public email addresses only works until your private one is accidentally made public. It happens all the time. So I now fight to try and keep my private one clean of spam. The many good sites have removed me.
Obviously I still get crap from Puls. His treatment of people make me wish he has a long, slow degenerative illness resulting in his demise. With my luck he'll live to 1024.
djve
"There is magic in the web." - Othello Act 3 Scene 4.
This practice is total bullshit. People should only be sent spam who has previously asked for it. You should have to "OPT-IN" not out. Spammers should be declared fair game with a bounty on their heads. Just like telemarketers bottom feeding scum with attitudes like yours no wonder people want to see you go down. If you need to feed your family get a real job like the rest of us....
Messages sent in compliance with e-mail regulations are not a problem; they're easy to filter out, and I never see most of them (nor do I want to). But these account for a minority of the junk mail I receive on my several e-mail accounts.
A random sampling of subject headings from the crap I've received over the past few days (from my Spam folder):
"Triggers POWERFUL sexual responses"
"You decide 9089"
"Time to refinance"
"Your saving is here 27514"
"You deserve a vacation now______"
"Make the right choice 3703"
All of these were sent from addresses that appear to be randomly generated (frequently from Japan). Do I have any reason to believe that the unsubscribe address is actually valid? I've received about 40 such messages in the past week.
This is why spam has (and deserves) a bad name. I argue that the majority of unsolicited commercial e-mail not sent in accordance with any guidelines. Isn't it actually illegal to spoof your return address through someone else's mail server?
There are some days when I seriously want to punch the bastard who sent the most recent round of junk mail. You (UltraBot2K1) are not the sort of person I'd be upset with -- I really don't mind the stuff clearly marked with ADV: and with a valid unsubscribe address (I just filter it out).
I live on a college campus (Georgia Tech), and I am inundated with marketing every day. One company (TribHub.com -- THEY SUCK, DON'T USE THEM) actually posted flyers in the dorm restrooms, even though GT housing is marked No Solicitation. BigWords.com (THEY ALSO SUCK, AND THEY'RE NOW OUT OF BUSINESS) was almost as obnoxious, but they at least didn't break laws in the process.
Allright, back to cleaning my inbox.
-John
Please count this as notice to not send unsolicited mail to my address. Thanks.
-John
My e-mail address is on all of my Slashdot posts, so it's reasonable to assume it was already in his database. That goes for anyone thinking of using my address for advertising. Don't. You have been given notice. -John
On many occations, I've successfully had spammer accounts (dialup, web, email) nuked. SPAM is a violation of most ISPs AUP, and even though you may never hear anything about your complaint, they usually investigate it. The replies I do get from ISPs I notify, are almost always positive (and no, they're not all form-letters).
You may think it's no big deal for a spammer to lose his/her ISP account - getting a new dialup account is no sweat at all right? Well, it is, when you have to do it every fscking time you send a SPAM letter... And after a while, the spammers become as pissed at you as you are at them!
Now here's the beauty of it - spammers do not only share mailing lists, they also maintain black lists - lists of annoying people whom not to spam if you want to keep your ISP account. Consistently report SPAM, and you'll eventually make it to one of those lists.
I have no way to verify it, but I think I've made it onto one of those lists. Despite being a frequent poster on usenet, and not being too careful with my email address, I have not had one piece of spam for half a year.
^]:wq!^M
Don't you hate it when your friends goes to a joke site and hits that "E-mail this to a friend" and give away your e-mail address to them??
By the way, check out Netforward.com. All they do is forward mail. This is a great site to create an e-mail account to use when signing up for stuff. I actually have one that forwards to another which forwards to my address. The 1st address I use for obvious mailing lists like contests and such. The 2nd one I use for signing up at web sites that involve discussions and such. Either way they're both disposeable.
This isn't funny, its incredibly useful, I've started doing it all the time.
The reason usenet is dead/dying is because of spam however. Its a shame, on the whole I like newsgroups better than web message boards.
btw, i think your analogy sucks. i think it would be more akin to every business owner in the city calling you on the telephone to tell you about the great deals they have. eventually you dread answering the phone because you know it's just going to be more crap to waste your time. THAT is what spam is akin to.
Gee, I'm glad no businesses in the USA ever resort to tactics like that to sell their products.
Well, the "select group" was approx. 10000 students and university staff members combined.
To me this sounded a lot like spamming and I refused to do it. The professor didn't agree with my opinion, but since he saw that it was a question of principle to me he let it go -- for the moment at least.
It's unbelievably hard to convince people who don't have their e-mail box clogged by spam (he's got a secretary who goes through the mail first) that spam is a real problem.
From the article:
"Legislation reintroduced in Congress this year would require that unsolicited e-mails carry accurate return addresses and allow consumers and Internet providers to sue spammers who ignore requests to be removed from mailing lists."
This does not go far enough. There should be required CLEAR markers which all SPAM messages have to bear, indicating the type of SPAM they are: (1) SPAM that is trying to get you to buy something (2) SPAM that is trying to get you to join some organization or participate in some poll, etc or (3) Chain mail SPAM(i.e., those stupid poems you get about touchy-feely friendship). Thus, all SPAM sent should have the following in its headers:
SPAM1i [for case (1) SPAM]
SPAM2i [for case (2) SPAM]
SPAM3i [for case (3) SPAM]
This way, ISPs and private users can easily filter out SPAM to their choosing; for example, ISPs could choose to filter out all SPAM messages after the 1000th SPAM message of the day, or whatever.
Also, SPAM should NOT be opt-out, it should be opt-in. Hence, all initial SPAM messages would follow something like this:
Title(SPAMXi)
Body -- "Would you like to receive info- emails about . . . "
And should be limited to being a certain size, with no pictures, no color text, no tricks or frills: no pop-up IE windows of little girls fucking allowed!
This way, any SPAM sent would not clog up bandwidth as much, nor put as much a burden on the receiving person's computer. IF a return e-mail is NOT sent by the potential "customer" then the SPAMer must NOT send any requests for info-email subscriborship again to that address. Hence, this effectively means that any "legit" spammers will have to send their legit e-mail addresses(even if it's just a buffer Yahoo! address) in order to ever send that person anything again.
This way, SPAMers DO have the right of freedom of speech: they just have to ask if they want to be heard first. This is reasonable. For example, when those Born-again fucks come to your door or those Jehova's Witness fucks come to your door, they have to introduce themselves and their topic: and if you don't want to hear them, they have to get the fuck off your yard. This does not violate their right to free speech, and at the same time protects *your* rights. What I propose would allow a similar thing to be used for e-mail.
As an additional protection, there should be a government run list which lists the e-mails of ALL users who do not want unsolicited SPAM e-mail, and which all SPAMers would have to check to make sure that they weren't sending messages to any of those e-mails.
Also, ISPs should be allowed to adopt reasonable policies for filtering out unnecessary SPAM -- I am all for the right of people to freely express themselves, but that doesn't mean they can do so and make your ISP(and hence you, eventually) pay for it. All freedoms and rights cost something: the price should be paid by the person excercising the right, not other people. You SPAMing fucks do not have the right to cost ISPs millions of dollars and make my ISP bills go up.
I would like to comment on the posting of one fuck, a spammer(who refused to post an e-mail address), who said "I make a legitimate living by using SPAM to support my business". No, asshole, you don't. You are stealing from the ISPs, hogging bandwidth that should be *mine*, and making my ISP bill go up: you are also burdening MY computer unnecessarily with your crap.
On a tangent note, I would like to say that this all relates to pop-up windows, non-closable windows, large animated ads, and misleading web-page descriptions. All of these are things that are similar to SPAM: they are techniques to benefit the person who created them, which do so at the COST of me, my ISP, and the internet search services.
This burdens my ISP because they have to waste bandwidth on that crap -- all advertisments should be small, with minimal graphics, and minimal animations. Advertisements about as frequent as are on Yahoo! and the main page of slashdot are acceptable: anything else is NOT.
This burdens search engines because their service quality is degraded and user opinion of them reduced when clicking on a link that says "President Clinton" brings you to a website that says "Blowjobs Anonymous".
Most importantly, this puts undue burden on ME because it wastes the bandwidth that I am paying for, and stresses my CPU, my GPU, and my RAM: in short, it puts undue burden on everything that I have paid for. In addition, it may even crash my computer. As I have a very recent computer(1.1GHz, GF2 GTS, 256 MB SDRAM), this is not terribly bad for me -- however, it is still unacceptable.
You SPAMing and pop-up freaks can argue that you have the "right to free speech" -- which you do. You DO NOT, however, have the right of free speech at MY cost: your free speech has to cost YOU, not ME. You may have the right to give a speech in a public area, but you don't have the right to steal my microphone so that you can give that speech.
social sciences can never use experience to verify their statemen
Ok, for the part about having one list on the internet of e-mails that do not want to receive SPAM, this would be something that would be independant of governments in terms of it's maintenance, but which government's(that agreed to the thing) would force SPAMers to reference against when sending SPAM. This site would be mirrored accross the world, and would be maintained by volunteers(i.e., like the ppl who volunteer to use their time developing GNU software, despite there being no money in it), or not at all. Maintenance would only be required when problems arose, such as a large proportion of the e-mails on the list being non-existent. Also, this is not really necessary at all, but just a nice bonus. The most important part of my proposed legislation was the OPT-IN part, which stated that spammers would need to send small TEXT-only messages asking people if they would like to receive info e-mail on , and that if no response was received, they would have to stop sending e-mails to that address. This way, freedom of speech would be protected(in that they could send messages anonymously, with non-email in the TO field) but the rights of the ISP and the person receiving the e-mail would also be protected: in that the person receiving the mail wouldn't have to get that crap again if he didn't respond, nor would the ISP have to use that bandwidth again were that person not to respond, and that both would have legal optioins available to stop further violations. Now, to be quite frank, I really don't give a shit about the "rights" of SPAMers. Their "right" to free speech does not mean they have the right to steal the ISPs bandwidth, or to hog MY resources and time -- just like anti-choice fanats don't have the right hinder my use of an abortion clinic by blocking the entrance, nor do SPAMers and pop-up junkies have the right to hinder my use of my computer by wasting precious RAM. Of course, this list would have to be something which SPAMers could use to prevent their e-mails from being sent to certain locations, but of which the contents would not be known by the SPAMers, or be made available to anyone else, aside from the volunteers who may occasionally work on the list to eliminate redundant and fraudulent applications. It would have to actually be maintained as some sort of filtering executable program with protections against reverse-engineering, so that the average stupid SPAMer would never know what names he was filtering out(i.e., this program would have to be like some sort of patch to an e-mail program, making it delete any messages with the given address in their TO field, without allowing the user to realize this[i.e., say it's sending these messages even when it's deleting them]). A version of this "patch" would also have to be available for every major type of operating system -- BeOS, Mac, Win9x/+, *nix, Amiga, etc, etc -- and for every major type of e-mail program on those operating systems.
social sciences can never use experience to verify their statemen
There's also a new open source project to get this code out to mail administrators so that they, too can offer the spamgourmet service. If you run a mail server, please go the sourceforge discussion area for the spamgourmet project and put in your 2 cents.
who's moderating the meta-moderators?
>People in my neighborhood deal with calls by
>subscribing to a service with the phone company
>to only let phone calls through that are
>identifiable
Yes, I have caller id. I was forced to get it last time I moved and was assigned a recycled phone number. Every telemarketer on the planet has it. I get 10 or 12 calls a day and they are all junk. And this is *after* subscribing to Private Citizen's anti-telemarketer service. Of the calls I have answered, nearly all are actionable under federal law for automated messages (always with no identification) or outside approved time period.
I pay a lot of money every month for caller id just so I can identify the one call per week from someone I want to talk to. It's like a protection racket.
The only reason I have a phone line is for outgoing calls and to be able to get DSL. I don't answer it unless I happen to be sitting next to the phone and I can see that it is someone I want to talk to. That happens about once every other month at most. If not for DSL, I would not have a wireline phone. If more of my friends would actually respond to their email, I might not even have any phone at all.
Email makes the 'net go round. Kill email, and you kill the Internet. Spam is killing email.
I filter all mail as trash except those I regularly write to. I must also have my name in the To:. My sig line states such. They either have to ask a freind to foreward something back to me to get added, or write me via snail mail. If abused, it gets removed. I don't receive unsolisited mail. Reply mail goes to a to be checked folder, so product registrations can arrive. It only gets checked if I am expecting something. Otherwise it gets flushed.
The truth shall set you free!
I think that digital solicitations provide a valuable service to consumers... In your own humble opinion. In my humble opinion they suck suck suck! I get 30 a day, minimum, some are so vile they pop up other windows. I've switched my reader to plain text.
It is unfair to label all e-mail marketers as criminals But it is fair to label most of them as unethical scumbags, thieves even.
While I'm sure that a few Linux users are career criminals, the vast majority of Linux users are law-abiding citizens One could make the same assertions about people who drink Coca-Cola, wear Levi's jeans, drive Honda Accords, write left-handed, live in Arizona, etc. This has no validity in the context of placing unsolicited email in my mail box. I may return from a 5 day trip and find my email capacity was exceded by spam and wanted email from friends and family was denied.
Please, I urge you, give us a break, we're just trying to get by the only way we know how. So learn another way to make a living, you've been given the most able brain of all God's creatures, use it!
--
A feeling of having made the same mistake before: Deja Foobar
Spam is like weeds. If you want it, or find it interesting, it isn't Spam.
I get regular e-mailings from RedHat, American Airlines, and a couple of other enterprises I do business with regularly. This is not Spam. It's solicited advertisements. OTOH, I get ads for pornography, get-rich-quick schemes, pyramid schemes, cars, magazines, other merchandise, and indecipherable crap from Asian addresses. I do not want any of this stuff. It is Spam. It shows up in my box because someone harvested my e-mail address from Usenet or god-only-knows where.
Are you a responsible e-mail marketer? Do you offer recipients a way to get their name off your list? Does you return address resolve? Do you get your names from a reliable source? Can you assume that the members of the recipient list are likely to have some interest in your products? If so, then GREAT! You aren't a member of the group that is being maligned in the article, and you shouldn't take it personally.
For the most part, chasing after spammers is a waste of time. Just filtre it out with a script.
But on occasion, I get in a bad mood and decide that it's time for a lart.
Usually a lot of spammers will have their originating machine & e-mail address spoofed, but
they will have some sort of "Reply to" address on one of the many free web-based e-mail services.
Granted, you'll rarely catch spammers, but it does give a bit of satisfaction when you do this...
$mail spam-meister@yahoo.com < core
...a few hundred times and fill up those 6 megs of email space real quick.
(And cheating them out of any business, which they don't deserve.)
/*drunk.. fix later*/
Fellow Debtor:
This is going to sound like a con, but in fact IT WORKS! The person who
is now #8 on the list was #9 when I got it, which was only a few days ago.
Five dollars is a small investment in your future. Forget the lottery
for a week, and give this a try. It can work for ALL of us.
You can edit this list with a word processor or text editor and then
convert it to a text file.
Good Luck!!
Dear Friend:
My name is Dave Rhodes. In September 1988 my car was repossessed and the
bill collectors were hounding me like you wouldn't believe. I was laid
off and my unemployment checks had run out. The only escape I had from
the pressures of failure was my computer and my modem. I longed to turn
my advocation into my vocation.
In January 1989 my family and I went on a ten day cruise to the tropics.
I bought a brand new Lincoln Town Car with CASH in February 1989. I am
currently building a new home on the west coast of Florida, with a private
pool, boat slip, an a beautiful view of the bay from my breakfast room
table and patio. I will never have to work again. Today I am RICH! I have
earned over $400,000.00 (Four Hundred Thousand Dollars) to date and will
become a millionaire within 4 or 5 months. Anyone can do the same. This
money making program works perfectly every time, 100% of the time. I have
NEVER failed to earn $50,000.00 or more whenever I wanted. Best of all,
you never have to leave home except to go to your mailbox or post office.
In October 1988, I received a letter in the mail telling me how I could
earn $50,000.00 or more whenever I wanted. I was naturally very skeptical
and threw the letter on the desk next to my computer. It's funny though,
when you are desparate, backed into a corner, your mind does crazy things.
I spent a frustrating day looking through the want ads for a job with a
future. The pickings were sparse at best. That night I tried to unwind
by booting up my computer and calling several bulletin boards. I read
several of the messages posted and then glanced at the letter laying next
to the computer. All at once it became clear to me. I now had the key to
my dreams.
I realized that with the power of the computer I could expand and enhance
this money making formula into the most unbelievable cash flow generator
that has ever been created. I substituted the computer bulletin boards in
place of the post office and electronically did by computer what others
were doing by mail. Now only a few letters are mailed manually. Most of
the hard work is speedily downloaded to other bulletin boards throughout
the world. If you believe that someday you deserve that lucky break that
you have waited for all of your life, simply follow the easy instructions
below. Your dreams WILL come true.
Sincerely yours,
Dave Rhodes
Hmmm... it's a good idea, until human nature comes into play.
Assuming you could convince just about everyone on the internet to put their e-mail address on one website, which government would administer it?
Might I suggest the DNS be www.bigbrother.net?
Take care,
Mark
Take care,
Mark
There is a solution...
We know lots of people send spam. If it doesn't pay, presumably (sooner or later) they'll stop. Anyone know what the response rate is on the various offers? Does anyone (except the sellers of address lists and bulkmail programs) make real money off spam?
Try Spamcop it seems to work pretty well.
As x approaches total apathy I couldn't care less.
Yeah. Everyone knows that having children and viewing porn, or even being interested in sex, are mutually exclusive.
:-) Sex? Oh, yeah, remember that! Remember?
In reality, once you have children, the closest thing you'll get to sex most of the time is porn.
The price of freedom is eternal litigation.
You just almost described SpamCop, except SpamCop is even more functional. I'm only affiliated as a satisfied customer.
CEE5210S The signal SIGHUP was received.
That's great. They can waste their time in a totally futile effort. I'm glad they have a hobby. I'm a big fan of the 'delete' button though. Why? Spam works because out of every x number of mails that go out, y will result in sales. If everybody just nuked their spam, there'd be no financial incentive for spammers to spam any more. As always, hit 'em in the pocketbook. That's where it hurts the most.
But this isn't something that the ordinary citizen can do to fight it. This system that you describe would have to rely on an army of zealots who did nothing but attack spammers. If you can work 10 hours a day to fight spam, and maybe get, I dunno, a few thousand other people to do the same, yeah, maybe you can stop spam. More power to you. But that's not realistic. A simple campaign of 'just delete' would be much more effective. On top of that, by attacking the ISP or the accounts, are you helping anything, or are you just tying up more bandwidth in this fight, which would continue, because spammers haven't lost their incentive to spam. As long as money can be made, they'll try. The easiest thing to do is to take away their ability to make money. "Just Press Delete!"
It's not so much apathy, as it is realism. There are millions of spammers out there, sending probably billions a day. Some of them make a lot of money doing this. It's very, very unlikely that you'll be able to stamp this out, any more than you can stamp out ANYthing else online (child porn, MP3 trading, warez, etc.). It's like trying to plug a dam with your finger. Plug one leak, and another one opens.
... I find it hilarious that 9 out of 10 pieces of spam sitting in my deleted items folder are related to how to use the power of E - M A I L M A R K E T I N G ! !
Str8Dog
using System.Darkside; public
That works... until your family members give out the Email addresses of all their family members to the first site that asks for it...
An unjust law is no law at all. - St. Augustine
Due to the complexities involved with international law, legislation on this issue can never really be effective. I believe the best way to deal with the problem to be at the level of the individual. People should proactively adopt a method to protect themselves from spam. Telemarketers have been with us for a while. People in my neighborhood deal with calls by subscribing to a service with the phone company to only let phone calls through that are identifiable (caller ID works).
For those calls that don't have an ID, a recorded message informs telemarketers to remove the number from their list, and then the system asks for the person to give his name. The system informs the resident being called what that name is, and then the receiver can decide whether or not to take the call. It can be a little annoying for those who are calling from a number that can't be identified, but by and large, it is effective.
I see a market for Email providers that automatically blocks spam. I would be willing to pay $5 a month to have an Email account that is largely spam-free. Or, I would be willing to pay an ISP $5 a month that provided spam-free Email service. The revenues that the subscribers pay would help maintain the software that would effectively block the spam (this includes paying for ongoing research to defend against the eventual loopholes that spammers will find in any such system).
People will pay for effective virus protection. People keep paying for updates as virus writers find ways around the virus protection software. If spam is as annoying as everyone says it is, why aren't they paying up for services such as these?
An unjust law is no law at all. - St. Augustine
I really hate FP people... even worse are the people that say FP when they are indeed not.
samrolken
get counseling man
samrolken
I have a friend who had a support address for his clients. If they put "URGENT" into the subject, his pager went off. It went off at about 3:00AM because of some spammer's "URGENT" message. Would your delete key have prevented that?
Get a clue. Spam is a problem that needs to be eliminated, not just ignored.
No kidding. I cannot count the number of times that I've told them that they shouldn't put me in anything that even resembles a 'tell your freinds' box, and they just go and do it anyways.
01101001 01100001 01101101 01101110 01101111 01110100 01100001 01101100 01100001 01110111 01111001 01100101 01110010
I think from no on everytime I get a SPAM email, Im going to spam back the sender. I think my product will be something like Magic 1$ pennies, not actually proven to do anything of course, but reputed to -Cure Cancer/Cause Weight Loss/Fix Lower Back Pain/ Etc...-
If they try to take legal action, I'll just hang on to the original spam they sent me.
I wonder if this would actually work?
RA7
-
"Consistency is the hobgoblin of small minds" - RWE
I was saying AOL users who spam, not spammer who email AOL users.
Get your Unix fortune now!
If the guy wants to take things into his own hands that is all good, but the guy sounds like a pest.
He's kinda like copyright.net's system of asking sysops to block access to users and what not. These sites, MSN and Yahoo (excite and so on..._ are the ones to blame, but I doubt they are going to start watching their e-mail servers closer.
These services, MSN (or hotmail) for example is horrible for keeping people from abusing it's system. One reason I suspect is that MSN makes money from every visit a spammer may make to send their messages; that is of course if the user is visiting the site to do it and not just using open ports in pop servers. Why would they start working to block visiters?
Plus these free sites have so many 'customers' that I doubt they even have time to block this stuff. I doubt people even use the same username twice. Chances are they don't care about the abuse because once the message is passed on, they aren't affected. (unless you get a lot of responses or bounced e-mails - disk space could fill up)
If users are abusing the systems by using open ports or what not - what chance do I have that a spammer would use my computer to spam out a message? I've noticed after installing Suse, Caldera and Mandrake (maybe Redhat too, it only stayed on for about an hour) that a pop3 server was started with the default system setup.
I, being a good linux user, noticed that I didn't know about the security of it and turned it off until I learned more.
Should I worry?
---if these sysops knew anything would they work for msn?---
Get your Unix fortune now!
I've had a hotmail account for at least two years now, and I've only just started recieving spam, and that at a rate of one every two or three days.
I set up a hotmail account for my mum, using a name of [first initial last initial]surname and within a day she was recieving spam. Mostly porn, which as a fifty four year old woman, she greatly appreciated (Sarcasm, for those who can't tell). .. and their solution was to "Block the senders"! Why didn't i think of that?
All of this happened before she even sent out any emails. I routinely signed into her account and blocked the senders, as you did. Only worked for a week.
The problem being, you can only block 250 addresses. Why she got hit by spam so hard, I don't know. I reported this to abuse at hotmail
My solution was to go to zzn.com (sorry, can't be bothered making a link) and set up an email server for my parents ( ____@[lastname]mail.zzn.com)
Much better than hotmail, no porn yet. Heck, even my slashdot address, which is real and not even rearranged slightly, hasn't been hit yet. This might change things a bit. [as a side note: Go ahead! Bring it on!]
Um, got distracted. I think my point was, go create your own email server. If nothing else you have more control over it.
Why yes, all my base are belong to you.
How did you guess?
I spent a year in Iraq looking for WMD and all I found was this lousy sig.
In fact, spam costs Internet subscribers worldwide more than $9 billion dollars every year.
Frankly I've had to create Five e-mail accounts just to deal with all of this extraneous junk. It's to the point that I'm probably going to have to create a couple more accounts just to filter the garbage that I get from slashdot and userfriendly.
Fight against the garbage and help the ones who have yet to see the light.
Worry is like intrest paid on a loan that never comes due.
Why can't I find this simple functionality? It's not perfect, but I bet it would eliminate 99% of the spam I receive overnight. So let's hear it, hackers - how hard can this be? I'd pay money for it!
It Is the Nature of Information to Transgress Artificial Boundaries
I love geting spam with toll free numbers on them. I have a list of numbers that when I get bored I call. Since they pay for the call it's all the better. But I don't call from home always a pay phone. Last week while waiting for someone at the airport (late flight) I talked to a spamers 1-800 number till the mailbox was filled. Talked about how evil she was, how embarrassed her kids must be, etc. A web site of toll free spamer numbers would be a good thing to have.
How about a commercial site, a retailer that can sell just about anything you need, only this retailer has a 'shitlist' of companies it won't deal with -- a lot like the list administrators (from the story) use to block domains that propagate spam. Think of the possibilites; thousands of members (slashdotter's too, right?) who only buy from this site and it's retailers (who are thoroughly researched by a quality assurance team.) The guidelines retailers must meet can be decided by what members see as important -- such as shoes that aren't made in a sweatshop. Say Intel is a retailer on the site -- they endorse CPRM, members get angry and vote to take their merchandise off the site. The more members, the bigger the boycott: the bigger the boycott, the more companies that are eager to respect your rights without being punished first.
;)
One can hope, at least
Now let's see if this message is buried too deep to get seen.
--
Sometimes hatred is a difficult thing to aviod feeling. But it's definitely worth your time to learn how to cultivate love and compassion. This site maybe answer some questions, and help to lead you on a more righteous path in the future. Good Luck!
Kind of brings up an interesting idea, thnough... I wonder if anyone was ever using an account named like that because they thought it would be cool, and ended up getting the bejesus spammed out of them.
Thos poor guys @ nowhere.com Anyway, thanks for the tip. I'll try to start using x@x.x or something in the .invalid TLD (mentioned in a post related to my public apology) I'm not quite sure how long it'll take to break the habit, though...
Yeah, I saw that article, too, but I refrained from quoting,since it's not my style, and I think that although it definitely costs a lot of money, I sure as hell wouldn't want to try to put a price tag on it. I think the results of any poll like that are highly subjective, but it provides backup for my case, so I'll take it. Thanks.
First of all, it's an annoyance. I have to set up filters to get rid of what I can, delete what gets through the filters, and wait for it to d/l from the server (this would be a bigger deal if I was on a modem, rather than cable.) I go to great pains to make sure I get very little spam in my main inbox, by putting noone@nowhere.com in every damn e-mail box I fill out on the internet, unless I really trust the vendor. Friends and family get a second, not-so-important e-mail account to send to, and they get my real address after they show me they're not imbeciles. I shouldn't have to screen people like this, but I do, just to avoid spam.
Secondly, the main reason spammers get put in jail or otherwise reprimanded is because they send out such huge amounts of spam, they crash someone's server, and that someone gets pissed. Even though my cable modem is $50/month regardless of how much spam I get, spam costs someone money, in terms of downtime and misused resources.
Finally, I know that some people pay for their internet connections based on the amount of data transferred (this is for regular consumers, too, in some countries), and if I got charged a flat rate per byte (kilobyte, whatever), I'd be really pissed if every time I checked my mail, I got spam in addition to my real mail. A lot of newbies are probably getting these kind of accounts, and are ending up paying double or triple what they would pay if their inboxes were spam-free.
Spam has real costs, which can be expressed in terms of real dollars, not just in terms of wasted time. It's unfortunate that spammers can send for free. If they had to pay for postage out of their pocket, I think we'd see a lot less of it. I am all for getting spammers to quit.
legitimate multilevel marketing? It is interesting to note that while you are all in favor of spam, (legalized spam of course), you provide no email address for us to forward ours to. I personally return all spam to sender, and try to make sure their inbox has plenty of copies of my "remove notice". while [ 1 ];do mail -s "remove Anonymous_Admin@blah.net from your list" spammer@spam.org ;done
well... at least they don't call collect!
Exactly. It's your email account, not the vigilantes, so the vigilantes have no right to block anyone else's email to you, only you should have that right. If you chose to assign that right to a spam filtering company, that's your choice. MAPS and the other vigilanties don't give us that choice, they filter all email for us whether we like it or not, just because they decided that they are better than the rest of us. That's crap and I'm sick of it. Vigilantes on the 'net are as bad as they were in the "old west." I keep waiting for the Gummint to send in the Marshal and clean up this town, but so far the Gummint is more interested in getting my ISP (and phone company, and cable company, and power company, etc.) to spy on me.
Death to Spammers, yes, but Death to Vigilantes too!
If all this should have a reason, we would be the last to know.
Only half-true. Your ISP does _not_ have to "join" MAPS for your email to be "filtered" (censored is more like it -- hijacked, really). If the recipient's ISP uses MAPS, you can^H^H^Hwill be screwed if MAPS considers your ISP "bad". Or, the other way around, if your ISP uses MAPS (without your knowledge or permission) you can lose email you wanted to recieve. Worse, if some intermediate link in the chain joins MAPS, email will be blocked even if both sender and recipient want it to go through.
My ISP got on MAPS' shit list, and my brother's ISP blocked all my email to my brother. My email only got through when I switched ISPs. As much as I hated the idea, it was easier than switching brothers.
Naturally, my attempts to communicate with MAPS and resolve this reasonably were thwarted by MAPS' refusal to accept any of my email! And once I did get through to them they lied to me (and everyone else) about how their "service" works. They claim to only block IP addresses, and they claim to not block by domain name, but the easily-verified truth is that they do block by domain name. Note that they're too chickshit to block AOL or MSN -- I guess even MAPS don't have enough lawyers to fight those guys. Or maybe MAPS is secretly run by AOL and MSN as a way to put all the smaller ISPs out of business.
Lord God Almighty, please protect me from those who would do me harm, especially self-appointed 'net vigilantes and the devil-spawned whores who grant them internet access.
The end does not justify the means. The way to stop spam is not by putting all the small ISPs out of business. The way to stop spam is not by forging cancel messages. The way to stop spam is not by blocking internet traffic that you think is "bad" -- especially while at the same time generating other internet traffic that other people consider bad. Two wrongs do not make a right.
If all this should have a reason, we would be the last to know.
Yours is the only reply. If this is flamebait is isn't working, is it? Please, since you and your MAPS friends won't define "spam," can you define "flamebait"? I didn't think so. Here, let me try: 'Anything I don't want to read is spam.' 'Any opinions I don't hold are flamebait.' Isn't that about it for you guys?
"refuses to be a responsible member of the Internet community" by whose standards? The vigalante's standards, that's who. Not the community's standards. Not legal standards. Your standards. Well, excuse me but Who The Hell Are You? Who died and made you king?
How in Hell should I know, or care?
Whose proof? I asked for proof and MAPS refused to provide any.
What problem? You don't like me because you think I'm ugly -- first, that's your problem; second, what do you want me to do, get plastic surgery? My "problem" was that MAPS thought my ISP hosted spammers. What did MAPS want me to do, shoot all my ISP's customers? What they wanted me to do was change ISPs, but to whom? How do I know if my "new" ISP is safe from MAPS's wrath? Why should I have to shop ISPs based on whether or not they've pissed off some 3rd party? Self-appointed 3rd party, at that. I now at least have one guideline: I refuse to use an ISP that subscribes to MAPS, that's for sure! (although I strongly suspect that MAPS's customers are excempt from their list, while all other ISPs are fair game [you wanna get off our blacklist, get on our subscriber list]).
They said they had spam from these IP addresses, but I had not used any of those IP addresses. Therefore, they blocked my ISP's domain, not just specific addresses.
Sorry, my mistake. No, I'm not a troll, I'm wrong. Now I'm scratching my head, wondering why MSN didn't sue their asses off. I would have.
I know MAPS is lacking in many areas. I suppose they are actually on to some people who just about anyone would agree are truely spammers, but my bad experience with them is not going to convince me that they have a legitimate right to block any internet traffic they don't like -- especially when they refuse to provide proof of their claims of spamming. In 100% of the cases with which I am personally familiar, they refused to cooperate in any way, including providing proof of their claims. What they did do is provide me a list of the IP addresses they said were used to spread spam from my ISP. I did not use any of those IP addresses, but they blocked my email anyway.
You're absolutely right. I should not have had to contact them, but they gave me little choice. As for my chickenshit ISP, you're also right: they should have sued MAPS from here to Hell and back.
Damn straight. You sound like a vigilante.
Aha! You are a vigilante, or at least an accessory after the fact. If I have my way, your actions (blocking email based on the recommendations of lawless vigilantes) will be illegal. Of course, if I had my way the government would define "spam" and make it illegal, too. I fear neither will happen anytime soon, especially with this administration.
If all this should have a reason, we would be the last to know.
I truely don't know what you're talking about. Perhaps it's my lack of networking knowledge. They had a mail server and a news server, both of which I used -- so what? The ISP assigned me an IP address when I dialed into their service. A different IP address every time, which means the aledged spammers got a different IP address, too, and which also means that any of the ISP's customers might get the "offending" IP address when they next got online. This, of course, means that if MAPS works the way they claimed (to me), it would be ineffective. So, since they couldn't target just the aledged spammers, they target all the ISP's customers. This is how MAPS truely works, but not how MAPS told me that it works. They lied.
MAPS said that someone had used IP addresses X, Y, and Z to post spam, so they (MAPS) had blocked those addresses. The specific emails of mine that were blocked were NOT sent out on any of the IP addresses they cited, but they were blocked anyway. I therefore conclude that MAPS blocked all IP addresses from my ISP. In effect, they blocked the entire domain, not just the specific IP addresses that they claim -- with no proof -- were used to send spam. So they lied to me about how their "service" works.
I guess you can't read. Or you're a hypocrit. Or both. I don't wish to use MAPS's services, but unfortunately I have no choice: If my email is routed through a MAPS customer, my email is rejected. That's telling ME to accept YOUR standards, and in case you missed it that's hypocritical.
If all this should have a reason, we would be the last to know.
This seems to be a popular topic.
Unfortunately, the Times story neglected to point out that there is a Usenet newsgroup dedicated to this topic, frequented by many of the administrators mentioned in the article, and some of the people from MAPS.
And they're only too happy to discuss the same kinds of ideas being posted here, and help turn you into an amateur anti-spam guerilla.
That newsgroup is news.admin.net-abuse.email
</plug>
Under crotherm's advice, "This would a great article to pass along to those less knowledgable about SPAM and those that fight against it", I have 'passed' this article along to every distribution list at my place of employment, most of the newsgroups on Usenet, and I modified an IRC bot to post the URL in all of the channels on EfNet, DALNet and Openprojects.
Thanks for your help and support in the fight against spam.
Brant
Brant
Argle. Bargle.
Maybe a little OT, but I was thoroughly amused by a SPAM that I received this morning. It was someone who said they saw my website, thought it was really cool, and wanted to help me advertise it. Then they included a link to said website, which was merely a message I had posted on SOMEONE ELSE'S message board!! F*cking idiots I tell you!! They probably SPAMmed everyone else on that message board, too. Idiot spammers are at least amusing ... but I still wish it would just all stop. :-(
You know ... that whole part about talking to those ISPs who won't close their ports or relays? Well, in a situation like that, I think some karmic justice is the key. How about setting up a SPAM computer that targets those relays ... then, using a list of all the executives, salespeople, support people, etc. for that ISP (get *every* address you can), start forwarding them all the SPAM you can find THROUGH THEIR OWN SERVERS!! I think a truckload of SPAM sent to them via their own machines would get their attention pretty quickly. :-)
Ha! For a minute there I thought your uid was 12. Lowest uid grammar nazi.
But Yogi, the RIAA won't like that.
You forgot the sarcasm tag.
bwientze-companytag@the-dma.org
Spammers have some smarts and will often strip the tag meaning that bwientze@the-dma.org may receive spam.
Of course since bwientze@the-dma.org considers spam to be free speech he probably enjoys reading it and would never try and use that djb-ware or simillar tricks to avoid it.
No whitespace in tagnames dipshit. That would be treated as an italics.
btw, i think your analogy sucks. i think it would be more akin to every business owner in the city calling you on the telephone to tell you about the great deals they have. eventually you dread answering the phone because you know it's just going to be more crap to waste your time. THAT is what spam is akin to.
sigs are for suckers
"Ritz, a divorced former radio and recording engineer, pursues his campaign against Internet abuse out of a cluttered Milwaukee suburban apartment equipped with an ordinary dial-up Internet connection for his desktop computer. He sends out a constant stream of messages to dozens of freelance spam-cancelers and thousands of network administrators."
Am I the only one that finds this funny? Ritz sends out a constant stream of messages to thousands of people from his dail-up connection. I hope he has a static IP so someone can put him on MAPS.
I think that digital solicitations provide a valuable service to consumers, and have been (unfairly) given a bad reputation. I run a legitimate multi-level internet business, and use bulk mailings as my primary method of solicitation. I would be unable to support my wife and kids if it weren't for the business I gain through e-mail. Again, I fully abide by all rules and regulations against SPAM, and provide an unsubscribe option to all mailings.
It is unfair to label all e-mail marketers as criminals just because of a few persons who have no respect for users privacy and bandwidth limitations. Some of us are honest businessmen who are just trying to make a living, and have been branded as low-lifes because of a few rogue SPAMmers.
This would be akin to calling all Linux users criminals. While I'm sure that a few Linux users are career criminals, the vast majority of Linux users are law-abiding citizens trying to avoid Monopolistic alternatives. Again, a few bad apples are giving an entire group a bad name. Please, I urge you, give us a break, we're just trying to get by the only way we know how.
Slashdot: Open Source, Closed Minds.
Actually, they break it up at the plus because certain email programs (netscape is one, IIRC) use any info before the plus to route it to a specific email folder, so you can have for example funny_jokes+tod@somedomain.tld, and anything sent to that addy will be sent to the funny_jokes folder. Now, a lot of people give out their email , including some here at /., addy as trash+whatever_their_username_is, so that the spam goes straight into the bit bucket. So, the spammers, figuring that they are so SMRT, wipe off everything to the plus, and send the email to the general delivery addy.
If god had intended you to be naked, you would have been born that way.
We find that MAILSweeper for SMTP is an effective filtering tool that lets us filter on custom phrases "Get Rich Quick!!!" and other such so that most spam gets dumped into the turf directory rather than filling up our mailboxes.
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
If I'm understanding his excellent suggestion correctly, of course.
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
I usually don't bother pursuing spammers or trying to get them cancelled. The lone exception is spammers who insist upon setting the priority of their message to "High" -- which does alert our support guys. When that happens we do complain to their ISP and take other measures to express our displeasure with the spammer's tactic.
As for the ISPs, the provider who supplies our corporate pipe to the Internet charges us if our monthly bandwidth limit exceeds a preset point. So far we've managed to stay beneath that point - but we'd be pretty irritated to incur that extra charge because some spammer decided it was imperative to send a 100K HTML spam to every address in our organization -- every day, muliple times.
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
As it is our filter really just quarantines most of the mail and our admins have to take a few minutes, twice a day, and sift through all of it to make sure no legitimate messages were inadvertently snared. 95%+ of what gets caught is junk, but there are always one or two messages in the quarantine that were legit (though rarely important).
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
http://belps.freewebsites.com/index.htm
Disclaimer:I have no idea if any of this is true or not. Just an interesting read for those interested in spam and anti-spam.
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
[Hypothetical]Let's say they get 20 spams a day and it takes them 3 seconds to deal with each one of them. That's a minute per day or an hour every 2 months. At $200 per hour (their billing rate) it's costing them $100 a month to deal with spam. Each. Since there are about 30 of them in the company at any given time that means it costs my company about $3,000 a month.
That's just the folks who bill by the hour. What about productivity losses for those staff members who don't bill by the hour, but still lose the same productivity? What happens if somebody goes on vacation, their mailbox fills with spam, reaches its storage limits and legitimate mail from clients gets bounced?
How about the bandwidth wasted transferring hundreds of e-mail messages (increasingly in HTML)? That bandwidth isn't free.
How about the CPU cycles and storage space wasted processing junk e-mail?
Maybe home users putzing around with their little AOL accounts don't have much in the way of tangible costs, but I can assure you that those of us who actually have to run and support e-mail systems can show you costs associated with high volumes of junk e-mail.
-Coach-
Perhaps the world's greatest tragedy is that ignorance is not impotence.
The one big problem that I have with spam, is the burden of cost. When someone sends out direct mail by snail mail, they have to pay for printing, postage, etc. The cost burden is on the sender. Bulk email, on the other hand, puts the cost burden on the person being marketed to. We all pay for spam in higher ISP costs, decreased available bandwidth, etc. This is wrong. If you want to market to me, don't make me pay for it. Besides that, alot of spammers use mail servers that have been left as open relays (which I believe M$ Exchange does by default). Why should these companies shoulder the burden of someone else who thinks that I just have to know about the latest, greates porn site.
Where's my lobbyist? Right here.
I've found that a very effective way to get rid of the snail mail spam that you regularly receive is to take the business reply envelopes and stuff them with anything that's heavy. Once they get tired of paying the postage on the brick you sent back to them, they'll stop sending you "Free Magazines!!!! (if you sell your soul to the Devil)" offers.
Keep one public account, to sign up for websites and the like. and then have one you just give to your friends/co-workers/family, etc
TODO: Something witty here...
There is a fundamental problem with the email system: It doesn't care who you are. You can say you are the king of egypt and most SMTP server will gleefully accept this as your return address. This fundamental problem prevents any easy solution (i.e. traded lists of spamming domains).
If there was a way to enforce the FROM portion of the email (and I really can't think of a good way) then eventually most people who don't want span could buy a simple AntiSpamScanner that could be updated in much the same way as a virus scanner. Simple and effective. Companies like MacAfee and Norton could start finding spammers and maintaining the list. They make money and people get an effective way to prevent spam.
Yes marketing is an important part of a company's business strategy to sell its products, however, it has grown too much. Today we are flooded with marketing flicks everywhere.
Marketing, today, has become a NEGATIVE image of a product. You want proofs! You don't need any. This is just common sense, no super hot chick in a commercial flick is never gonna make me buy that really important product i need. More and more people just want plain QUALITY.
Bulk e-mail marketing campains DO NOT WORK. Don't give me bullshit with that. I've seen so many good Internet projects failed because they were based on e-mail marketing or banner marketing. These medium usually attract a good amount of users for a very short period of time. And that is why these Marketing strategies DO NOT WORK.
You know what most user do with your SPAM? They create an hotmail account and redirect all your marketing crap to it. They're not even READING your crap. Everyone knows these type of marketing e-mails are just crap.
Conclusion: Hell's crap, ;)
just send your load of crap
directly to an hotmail crappy account
, let's say crap4387@hotmail.com.
If someone wants to read this load of crap,
the log/pass is crap
Here goes one stone, two hits. he he
( Meant Microcrap and all Spammers. )
Evolving at the paste of the fastest, not the slowest.
MacOS X's "Mail.app" has a feature to bounce email as undeliverable. Sure, you still end up seeing the spam, but I've noticed a significant decrease in spam since I've been bouncing it all back.
Most of the spam that gets through to my other accounts came from the WhoIs info on my domains.
Oh, and I got stuff to "hostmaster@***.net" claiming that it had opted-in for spam. More proof that this opt-in stuff doesn't work as well as it's cracked up to be.
Stop using email and try to use smoke signals...
Doesn't it get monotonous after about the first fifty reports of spam sent out?
ISP bills higher as a result of spam? You mean to tell me your ISP charges you per email stored on their servers?
I'm tempted to respond with "Get a clue. Get a better ISP."
As for your friend, hasn't he ever considered turning his pager OFF before he goes to sleep?
Well, this tactic works for me IRL, though I don't know if it'd work the same online.
Usually, when I get snail mail spam, they come with business reply envelopes. Stuff them full of anything that's heavy, and send them back. Sooner or later they'll get tired of paying the postage on the brick you sent back to them.
I dunno if a similar tactic would work online, though. I should try it though, send a 3 meg file back the way the spam came (might work as a great substitute for my Delete key, too) and see if I continue getting crap from these people...
Well, then, I sympathize with his friend just out of the fact that I'd hate to have to put up with that sort of crap as well. As for the thing above, that wasn't really what I was getting at. I understand the correlation, but it would've been nicer if it was stated more precisely than "...your ISP bills -- which are higher as a result of spam?". That right there implies a number of possibilities. I figured his ISP was/is crazy enough to charge him per email received to his account. On the converse, however, with the point you got at, most larger ISPs don't particularly care about spam in the first place. If his ISP is one of those Mom 'n' Pop operations, they'd be more inclined to prevent spam from infiltrating their networks in the first place, or they'd at least be a bit more receptive to a user's complaints rather than leaving it in the hands of the user to fix it himself. But yes, I see what you're getting at.
I suppose by that logic, every Linux user is a socialist. No, I'm not a spammer. Just because I take a rather simplistic approach to it instead of getting all whiny and bitchy about it doesn't mean I support it.