Exposing Spammers For All They're Worth

llywrch points out this interesting story at Art & Farces in which a "guy fights spammers by occasionally sending an email telling the spammer to leave him alone or he'll bill for time & services. Some take him off their mailing list, some pay the bill, but most don't respond . . . except one guy who was so incensed at receiving this invoice he had his lawyers send a threatening note. Makes it easier for Fraase to collect on his invoice."

Actually do something and I'll be impressed

[evilviper]

Empty threats are nice... but until large numbers of people go to court to fight against spammers, well, you lie in the bed you've made (or have done nothing to stop).

Re:Actually do something and I'll be impressed

[AntiNorm]

Wahington State went after spammers. The state was the first to pass anti-spamming legislation.

And many states have followed suit. Check spamlaws.com to see if your state (or country) is on the list.

Re:Actually do something and I'll be impressed

[fmaxwell]

I hate spam, but I don't really think the government should be getting involved. They take enough liberties away from us. If they make more crap illegal then it'll be turned around and used against otherwise normal activity and pretty soon we'll have tons of law telling us what we can and can not do with the internet.

Drop the Republican anti-government hate mongering. The federal government passed a law against junk faxes years ago and it hasn't lead to the confiscation of fax machines, innocent people being fined or jailed, or any violation of anyone's liberties. The law simply recognized that junk faxes, like e-mail spam, cost the recipients. In the case of faxes, the costs include toner and paper while spam e-mail costs include higher ISP fees to cover the cost of bandwidth, storage, and the salaries of the abuse department personnel.

The only law that I think should be allowed concerns the requirement of those doing business on the net do so with full disclosure. If someone is going to mass e-mail they should not be allowed to misrepresent their e-mail address or host of origin.

Your time isn't worth anything, is it? Well mine is and I don't want to have to wade through multiple spams per day. I don't want to have to opt-out 20 times a day. I want to be able to use a pager to tell me when I receive e-mail -- and not have it go off every two minutes because some loser sent me spam. It's my e-mail. I've paid for it, and no spammer has a right to use it for his advertising.

Collect calls from telemarketers are illegal. Junk faxes are illegal. E-mail spam should also be illegal.

I've had things like this happen to me.

[Yottabyte84]

A while ago I got an account at neopets.com (using a disposable email address) making sure to select the "don't send me any email" box, and after I was disgusted at thier birbery for clicking ads forgot about it. Then they spamed me. I sent them an email telling them they'd be billed for any further spam. Here's what they sent me (personal details deleted):

To Mr. [censored]:

The Legal Department is in receipt of your message regarding an
advertisement you allegedly received from NeoPets. We take all user
concerns-especially those in connection with member privacy and safety-very
seriously, and in this regard monitor the website around the clock for
inappropriate content.

To begin with, NeoPets unequivocally rejects your "purported" contract and
refuses to enter into any agreement with you. Your demands are neither
reasonable nor are they acceptable under any circumstance. As such, this
message should not be construed as an admission of liability or acquiescence
to your demands, but asv a complete rejection of your offer. Likewise, any
transmission you may receive from NeoPets is not an acceptance of your
agreement and may not be construed as an acceptance under any condition.

Moreover, by registering on the NeoPets.com website, you expressly agreed to
NeoPets' Terms and Conditions, which states that NeoPets may send
notifications and announcements to its users' e-mail addresses. Neither
NeoPets nor its sponsors send unsolicited e-mails and will only send e-mails
to users who have expressly requested, or consented to receive, such
correspondence and have provided an e-mail address destination. As such,
immediately upon the Legal Department's receipt of your message, we had
0rnrsegu001@sneakemail.com blocked from our system to ensure that you do not
receive any more unwanted e-mails. Additionally, we researched your e-mail
address in the NeoPets database and located the account "yottabyte," which
we immediately froze to prevent you from receiving any further unwanted
e-mail communications.

Unfortunately, we have no control over the sponsors our users register with,
and this is a matter that must be taken up with each sponsor that sends you
e-mails. As a practical matter, our sponsors are very responsive to
"unsubscribing" users who wish to be removed from e-mail databases. As a
courtesy, we will try to help remove your e-mail address from our sponsors'
systems, although we can make no guarantees as to the effectiveness of
preventing future unwanted e-mails. To do this, however, I will need you to
send a list of the sponsors from whom you are receiving unwanted e-mails.
Because NeoPets.com does not pass along user information to anyone, we do
not know where your e-mail address was registered and thus have no way to
automatically unsubscribe it.

Please contact us directly at legalDepartment@NeoPets.com if you have any
further questions or if this problem persists. We hope the foregoing has
addressed your concerns.

Sincerely,

The NeoPets Legal Team

Now for some commentary.

Moreover, by registering on the NeoPets.com website, you expressly agreed to
NeoPets' Terms and Conditions, which states that NeoPets may send
notifications and announcements to its users' e-mail addresses. Neither
NeoPets nor its sponsors send unsolicited e-mails and will only send e-mails
to users who have expressly requested, or consented to receive, such
correspondence and have provided an e-mail address destination.

And yet they tried to get me to buy tickets to some event (I seem to recall it being some radio station held event of some sort)

Unfortunately, we have no control over the sponsors our users register with,
and this is a matter that must be taken up with each sponsor that sends you
e-mails.

I definatly did not register for any annoying ads.

I responded to this by telling them "whatever.... all further email to this address will bounce" then going to sneakemail.com and deactivating the address.

I'm sort of amused by this, I bet it cost them at least $100 to have thier lawyers tell me off.

SpamCop, and Nagging Admins with complaint Email

[RageMachine]

I would have to say the best thing to do is to use spamcop for the 1st or 2nd time, and then after that if the ISP still does nothing about the spammer, then find every address listed on the site, and forward the spam to it. That will make the admins listen.

I repeatedly recieved spam from a site called popsite.net, run by megapop.net, and repeadidly asked them to stop sending spam, or to stop providing free dialups to spammers, and they still din't listen. I got tired of it and called them. They still did nothing. I recieved another one, and decided to just annoy the hell out of them untill they did somthing about it. I forwarded the spam to EVERY email address listed on megapop.net: abuse@ support@ noc@ billing@ etc... every one. Then I forwared the auto-replys back to them. And finally a REAL person emailed me and said they had found the spammer, and mentioned that several people were pressing charges against him, and asked If I wanted to, and gave me his email address, AND his home phone number.

Now every now and then when im near a phone and bored, ill call the spammer and hangup, or play a recording of a Telemarketer; somthing along the lines of "Congratulations! You've qualified for the platinum card!". Every site that asks for an email address to download somthing, I just put his email address in it.

I have over 1,200 lines in access file for sendmail, and STILL I get spam from overseas servers. Mostly I will just block all of .co.uk, or .com.pt, or somthing to that nature, to prevent 9/10ths of the spam that comes in.

The best way to fight spammers/advertisers/telemarketers is to fight fire with fire.

Getting back

[wormyguy1]

Spammers really go to all ends to get you to open their email. I got an email the other day that said, in all caps, "BIN LADEN HAS BEEN CAPTURED", and it came from a coherent-looking MSN email address. Realizing that I didn't know anybody lame enough to send me anything in all caps, I opened it anyway. Well, to no surprise, it was porn, in HTML format, with some 300k of blinky, flashy, seizure-inducing images.

If it's one thing I don't understand about spam (and this coming from the fact that my mother is in the advertising/graphic design business and I help them with tech support issues, I know how the corporate marketing machines work) is that you want to target a key demographic who is going to be interested in your product (in this case porn), you want to send it to the people who will be most likely to give you their money. Marketers spend millions of dollars on demographic databases to make sure that they aren't wasting money marketing to people who aren't interested. Now imagine how much it costs them to send 300k of images to the email boxes of, I'll be conservative here, a million email addresses. Imagine how much it costs when said email bounces. Witnessing the slashdot effect (especially right now, I haven't even been able to resolve the domain of the site linked above), I can't even imagine what must be going through spammers minds when they send an email with "BIN LADEN CAPTURED!" as the subject. After reading that subject, I imagine that most people would open the email, download all that porn, cost the spammers money, and then not even be interested as they weren't looking for porn to begin with. Same thing with them registering domain names... if you are looking for information on the White House (IE: whitehouse.com) and you come across porn, how interested are you going to be?

The other thing that surprises me: if it wasn't successful, they wouldn't bother.

Going after TrafficMagnet

[greysoul]

Recently I got Spam from a company called Traffic Magnet, they provided me with a screensho of my webpage, and I sent them the following, feel free to copy, or comment on the points of my letter. thanks

Christine,

One thing I notice is that you are using my copyright images to sell a product and/or service.

Please email the physical address of your legal department, or the location to which I should have an attorney contact you about this issue.

If you prefer to contact me via mail please use my business address:

--Address--

As an artist I take my copyright, and privacy very seriously. While no laws yet exist in New Mexico regarding Unsolicited Commercial Email (SPAM) There are laws that protect Copyright holders. As a copyright holder it is my responsibility to protect my property. I do hope that you take this matter seriously and we can resolve this quickly. The normal process is I would have my attorney send a cease and desist letter, to which you would have a lawyer reply that the actions demanded (by me or my agent) have been followed out in accordance with applicable laws.

Thank you for your time

Signed.

Spam from an admins view

[buss_error]

Out of 13K mail boxes, I get 10K-15K e-mails per day not including those that don't pass our Internet MX (In otherwords, internal e-mail). About 3 in 20 are spam of one sort or another. So that makes about 2250 spams per day.
Lets say it takes about 2 seconds per-person per e-mail to decide it's spam and hit delete.
OK, that's 4,500 seconds, or about 1.25 hours. Lets say the average pay per person with an e-mail box is $221.00 per day.
So, total, it costs my employer 276.25 per day just to delete spam.
Now, let's say that 1 in 100 of those e-mails deleted really wasn't spam, but real e-mail. If the user notices they deleted a legit e-mail, and goes to get it out of the trash, lets say that it takes them about 30 seconds to retreive it. That makes 22 per day, at 30 seconds each, at 221 per day, that is another 41.50 per day.
Grand total now is 317.25 per day completely pissed away because someone wants to sell some lady a penis enlarger, or some gay guy hot teen bitches.

OK, now about content filtering. I've looked at quite a few, and all choke on the amount of e-mail we have. Others, running on unstable OS'es, are a complete joke. The only thing that does seem to work for a week at a time is to block based on IP. If I could find an IP distribution map by country, I'd be a happy camper. Sure, I could zot 202/8, 203/8, 210/8, 211/8, 64/8 and a few others, but more and more these netblocks are getting re-assigned to US companies that I don't want to block.

One thing that's helped quite a bit is blocking all of DialSprit's assignments, and a few others. The RBL helps, but it's too easy to get off and too hard to get on.

For all you Missourians

[Mustang+Matt]

I'm working with State Rep. Carl Bearden to get our spam laws up to par. We're currently adopting a several sections of the Washington laws, and hopefully coming up with some of our own in the near future.

I've submitted the details of my success twice to slashdot but my stories are always rejected.

I strongly encourage people in other states to contact their state reps and ask for better laws! It really IS that simple!

I was amazed at how willing my State Rep. was to learn about the problems and what possible solutions can be put in place.

For all you people complaining about Spam, if you haven't done your part and tried to make a difference, quit all the fuss.

Step #3 in Jam the Spammers Game

[scoove]

I neglected to mention Step #3 that is particularly helpful inducing noise into the email spam channels:

Step 3. Develop noise email identities, particularly focusing on notably abusive spam domains. My favorite here is someuser@chinanet.cn.net (make up your own value for someuser - common names like admin, hostmaster, root, etc. are good to try) - per my experience with Spamcop assessments, Chinanet is about the most frequent spam abuser (and they almost always lie about their email origin identity). These guys literally provide safe harbor to spam terrorists.

Sure, it's fun to route chinanet IP's to a null interface (and probably wise too - countless rogue script-laden emails that fire up a browser and open you up to numerous issues come from chinanet solicitions).

Obviously, chinanet likes spam - so be sure to put them down to receive some!

*scoove*