Slashdot Mirror
RFC for Spammers
kousik writes "rfc3098 is out with the title "How to Advertise Responsibly Using E-Mail and Newsgroups or - how NOT to $$$$$ MAKE ENEMIES FAST! $$$$$"." This is a well written piece, and actually is worth reading for anyone doing advertising online. Unfortunately the people who need to understand it will never read it. And the most evil of spammers won't care because (here's the shocker) Spam Works. As long as people respond to unsolicited spam, it'll keep coming.
-- Anonymous Coward
This is akin to telling drug users "DON'T DO DRUGS" rather than giving them practical advice as to how they can do drugs safely.
--
Just goes to show -- people do listen.
The RFC gives an example of a "confirmation message" which informs the recipient that s/he has been subscribed to a mailing list, and gives instructions for unsubscribing. This is not what modern mailing-list management packages (such as GNU Mailman or ezmlm/idx mean by a "confirmation message". These packages require that a user confirm by email that s/he wants to be on the list before adding the user to the list proper. The RFC allows that the user be subscribed first, and have to take action in order to unsubscribe.
The problem should be obvious: If you have to take action to unsubscribe from a list you never asked to be on, then your mailbox can still be flooded with list email before you have a chance to get off the list. You can be subscribed without your consent by a hostile party who wants to mailbomb you. (This is more common on badly-managed mailing lists than you might think.)
Spammers today already send out (fraudulent) "how to unsubscribe" messages, whereas well-managed mailing lists require active confirmation. An RFC on how to avoid being, or looking like, a spammer should recommend that one follow the methods of the best-managed legitimate mailing lists, not those of the spammers.
I would suggest that anyone interested in responsible mailing-list operation check out the MAPS Basic Mailing List Management Principles for Preventing Abuse. A mailing list which follows these rules will be much more resistant to abuse than one which strictly follows RFC3098. Moreover, a list which strictly follows RFC3098 and which is abused will qualify its site for the MAPS RBL.
Most spam I get is porn and make money fast etc. but every now and then you get some spam for a product you would potentially be interested in (eg hardware or web hosting or whatever). But I would never deal with any of these companies since I figure if they are using spam they are probably not very reputable.
On the other hand I get a lot of snail mail advertising (I guess because my address is in my whois). I'd be more likely to deal with these companies since I figure if they are willing to pay for overseas postage just to tell me about their products then they are probably worth doing business with.
I actually liek snail mail advertising. I don't mind telemarketers either, but I would never do business with a spammer - spam is more likely to make me not do business with someone.
--
--
enterfornone - logging in for a change
(SpamCon is still accepting registrations, BTW. More info can be found here.)
--
Not much to it yet, just, "The OJ loophole: 'Pretend the gloves don't fit.'"
--
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
This is all you need to know. My config is actually kind of amusing. I've picked up various rules from various people along the way, so most of it isn't mine originally. Here's what I use minus some personal information:
The lameness filter got me... Get this here.
Regaining your honor after you have spammed
1. Obtain a sword
2. Slit your belly horizontally and vertically
3. Lean forward, spilling your intestines to the ground
4. Hand the sword to a close associate who will lop off your head
Close adherence to this procedure will permit you to regain the honor you have lost in spamming.
Webcasting the proceeding is preferred but not required.
hehehe funny. I know I'ts gotten to the point that I'll get the same piece of SPAM 2-3 times within a few days. You'd think the companies sending this drek out would try NOT to do this. All it does is innure us to it, and make it easier to spot the SPAM even before (or very soon after) you open the e-mail.
Purhaps the best thing would be for it to be illegal to send bulk e-mail in the U.S. without a license (or without registering a Postal Address to go with that e-mail). Then, just maintain a list (updated once a month or whenever), of valid licenses that can be included as part of the SMTP Headers. If the header isn't there, and its a bulk e-mail, make it a Mail Fraud crime. Invalid License #, Mail Fraud. Faked License #, Mail Fraud. That way the Government can 1) charge people for bulk commercial e-mail (the licensing fee), which will automatically help cut back on e-mails. 2) impose fines, which will also help cut back on e-mail.
This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
Maybe we're hitting on the wrong people? Maybe, instead of trying to get rid of spammers, we should get rid of people who reply to spam?
-russ
Don't piss off The Angry Economist
RFC 3098 Advertising Responsibly April 2001
AFJ!
---
Correction: As long as someone believes that spam works, there will be spammers to take their money. It does not need to actually work any more than the Brooklyn Bridge needs to actually be for sale.
/.
/. If the government wants us to respect the law, it should set a better example.
Slashdot me! DO IT!!! ;)
-Omar
I sometimes get spammed on ICQ, so one day I started quizing a spammer since I was bored. They don't get it. They just don't understand what they are doing. I tried for an hour to explain the costs involved and they don't care. They think bandwidth and mail storage is free and theirs for the taking.
:)
I pushed to get some kind of answer on the percentage of people that respond to them...they wouldn't say. I assume very close to zero.
The funniest thing was the guy I was messing with didn't think spamming on ICQ was actually spam. He sent one of those fake "Hey, help me out with my homepage. It's at www.makemoneynow.com (or something) messages. No, that isn't spam.
(Note: I know the link I mention in my sig asks for email addresses. Use a fake one, they don't check and she'd appreciate the votes.)
Actually, it was Yom Kippur.
Also, don't forget Hank Greenberg.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
When I receive spam takes me about 5 muscles to hit the down arrow, then hit the d key to delete it in mutt. Not a big deal at all.
We hear this argument all the time. "Just delete it, it's no big deal."
One of the things I do it firewall repetitive hosts that the message traversed through via ipf and its very simple to create a script to just block it via ipf as well or any other firewall your using.
Not everyone has these kinds of options, or the time and knowledge to set this sort of thing up. Joe Average User lets his ISP deal with the spam issue -- filtering, etc. -- and the costs of such services are passed along to him. If spam was effectively eliminated, either through a technological or legislative solution, these costs would disappear, and either ISPs could pass along the savings to the customer.
The fact of the matter is, whether or not you're receiving spam, you're probably paying for it indirectly, somehow.
In related news, can anyone give me a ride to the hospital when I get scurvy?
---
PA JIMOH ESQ.
JIMOH & ASSOCIATES
BOOK SHOP BUILDING, 11TH FLOOR
23 BROAD STREET,
LAGOS - NIGERIA
FAX: 234 1 7596610
And then the next day from these guys
KHALID ABDULLAH ESQ.
ABDULLAH & ASSOCIATES
BOOK SHOP BUILDING, 11TH FLOOR
23 BROAD STREET,
LAGOS - NIGERIA
Two lawfirms, one address! And of course it's the same friggin Nigerian Bank scam thing.
You'd think that for all their money they could at least get two different addresses! The worst part? It's in ALL CAPS!
Link to alternative: http://ftp.belnet.be/pub/mirror/src.doc.ic.ac.uk/p ackages/rfc/authors/rfc3098.txt.gz
If programs would be read like poetry, most programmers would be Vogons.
Even better, at the bottom of the email, it says this:
Ha! Who's going to send email to someone who selles email addresses to spammers?--
--
I like to watch.
--
--
I like to watch.
It seems like the best approach is really to find another means of advertising where users can't immediately delete the message upon seeing the subject header, and before seeing the actual content.
What about TV? It is usually a dead giveaway when the show your are watching has yielded to a commercial. What stops the user from seeing it is no longer the show, and getting up an using the bathroom? Changing the channel? Not only has the viewer missed your PAID advertisement, but the viewer can never retrieve it (unless he/she has a Tivo and is really bored). With SPAM, sure you can delete it but if you skip over it, at least the recipient can view it at a later time (why, I don't know, but they can).
The difference is that with spam, you get a free introductory account to an ISP, buy an inexpensive list or inexpensive address spider, and then send out as many emails as you can before the ISP cuts you off. Other advertising methods cost thousands of dollars to produce and thousands to purchase media time. That is why spam is so common - no entry cost. If you spam 50,000 people, and make $10 per response, a small 0.1% response rate still nets you $500. If you bought the list for $20, that is a good rate of return.
That does not mean that they must, or even should, be dicks about it.
It is also legal for me to fart at the beginning of a long elevator ride... but a polite person will either do so before boarding, or hold it.
To put it simply, if the law is the only thing guiding your behaviour, your are what We Doctors call and "ass hole".
Changing the icon is easy, the use of it was not really that funny to begin with, and the good people at Hormel would appreciate the change. That seems like reason enough to me.
"Can't we all just get along?"
Disclaimer: No, I am not a doctor, I was recycling an old Graham Chapman bit.
Information wants to be anthropomorphized.
I just realized this recently. I've been fighting spam for quite a while now. I've gotten quite good at getting accounts cancelled, open relays closed and whatnot. I got a spam last week that seemed like just another typical spam message... one of those "make money" type deals. Well, in researching it, it seemed like the usual free website with a form submission to a cgi script at another. (Typical tactic, to try and get people to only cancel the free site) Well, while poking around, I discovered that the cgi-bin had directory browsing on and contained two files... the script and a text file containing the name, address, email and credit card information of everyone who responded.
I fired off complaints to geocities and earthlink as well as information on what happened to all the folks whose information was in the file. Most got back to me that they'd cancelled their credit cards, etc.
Is there a moral? I could come up with something witty if I weren't so tired. So, just use this example when telling people why you don't respond to spammers.
Portable versions of Firefox, GIMP, LibreOffice, etc
As I write this, rfc-editor can't find the document. There are other copies of the RFCs out there; here is the link from Ohio State:
http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc309 8. html
http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc3098. html
b&
All but God can prove this sentence true.
Face it - as long as there are idiots who really think that pyramid schemes work, viagra is the best thing since sliced bread, and that you can have all the pr0n in the world by sending some guy your CC#, there will be SPAM.
Not to say we shouldn't make life hell for'em of course.
^]:wq!^M
Messages with "reply to remove" have a reply-to email address like: dflajksdfldf@whatever.com
Just a random banging of home row keys followed by a domain name. The odds are high that those addresses DON'T EXIST
"Generally, schizophrenia affects those in the 15 - 25 years age group. Increasingly, the individual tends to withdraw from ... The incidence of this illness world-wide, is about 1%."
"For companies with well-known brands, the 1 percent return [from spam] often isn't a good deal, and they are not going to use unsolicited advertising because it could be a damaging business practice ... They aren't always legitimate businesses."
hrm... :)
Uninnovate - Only the finest in engineering.
Responsible Spammers
People who have actually Lost 30 lbs
People who have actually fired their own boss and made $5,000 a week
People who actually benefit from Spam
Secure IIS pr0n sites you can safely leave your credit card number on
Actual women who sent spam "as a woman"
Example of a Large book:
Persons within the state of North Dakota who would beat a spammer senseless with 10 Lbs of pickle loaf given the chance
-- .sig are belong to us!
All your
A feeling of having made the same mistake before: Deja Foobar
Unfortuantely, the RFC for murder was killed in committee.
Beware typoes.
Hey, well, SPAM DOES work. I should know. Some guy ofered me $10,000 a month to work out of my home! As soon as I hear from him, and I recieve my "special instructions" (which the $25 is well worth), I'll be rolling in the dough...
One thing I noticed, however, was that they listed a phone number to call them at. A quick web search for that phone number turned up the home page for the company behind the spam...including...
...a legitimate e-mail address to contact them at. I e-mailed them, asking politely to be removed from their list. They responded, contritely, that they will do so. As they were pretty clearly busted I am somewhat optimistic that they'll remove me.
If they don't I know have TWO legitimate e-mail addresses at their company and I can easily rig my system to automatically bounce 50 copies of every spam I get from them right back at those addresses.
I'd (almost) hate to do that, but it may be the only way to really get their attention.
Coach
Perhaps the world's greatest tragedy is that ignorance is not impotence.
Trouble might be putting it too strongly. Hormel don't seem overly vicious in enforcing this policy. However, they've asked politely, and I don't think it would hurt anyone to change the icon.
Special People from Austin, Minnesota
--
Yes, the nick is flamebait
All this stuff sounds OK to newbies too. They WANT to receive more information in their email so they don't uncheck the little boxes. They WANT to help the little sick girl by forwarding this email to as many people as possible.
Not everyone is a 31337 hax0r. As long as there are newbies, this stuff will never end. Ever.
my screen name means "Greetings Friend!!!" in Finnish.