Receive Spam, Make Money!

Bud Dwyer writes "Wired is running the heartening story of Bennett Haselton, who was awarded $2000 from spammers under Washington state's anti-spam law. From the article: 'Spam fighters hope that if enough individuals take spammers to court, it could eventually drive the industry out of business. And, some savvy individuals could make some easy money along the way, and with a clear conscience, too.'"

Spammers in the US, sure

[ackthpt]

About 70% of the spam I'm getting is offshore and a good percentage of that is in some language (probably chinese) which doesn't translate.

I'd love to take these weasels to court, since I'm getting about 30 spams a day and a one week vacation can result in lost email due to a clogged mailbox.

Re:Spammers in the US, sure

[iiii]

More likely it's Korean. I get tons of Korean spam.

Re:Spammers in the US, sure

[Binestar]

I must say if you are having alot of problems with Spam and have procmail on your mail system you can use Spambouncer. It filters out Chinese, Korean, blacklists, and various other spamhosts easilly. Since November 29 when I rotated my procmail-log It has filtered:

10:49am (chrisf@borg) /home/chrisf (38) cat antispam/procmail-log | grep procmail-filtered |wc -l
346

messages. In that time I've received 2 spam's to my inbox. I don't know what I would do without it.

Re:Spammers in the US, sure

[ackthpt]

Nice, but my email comes through an ISP who doesn't seem to recognise what a problem Spam is and don't provide any means to filter it on the way INTO my mailbox. Yeah, I know, I'll be changing to an new provider in a few months, when I go DSL and then it'll all be over. Still... there does seem to be a potential financial incentive to keep receiving this junk if I could sue in California.

Re:Spammers in the US, sure

[Binestar]

If you have the ability to install a mail server of some sort on your local lan, use fetchmail with that, you can use spambouncer on that machine and use your workstation to pop to the mail server and have everything filtered on that end. Granted, you still pay any fees on the download of the spam, but it's a solution that might be workable if you have broadband or even want to setup a linux gateway with diald.

With spambouncer you can just have it add headers that you could filter on, and you would also be able to add headers using procmail to filter any mailing list mail you get.

If you get any significant amount of mail per day I can't stress enough the usefulness of procmail.

Again, might not be worth the effort to setup, but if you are like me and have had the same e-mail address for 6+ years, chances are you've managed to get on many mailing lists. =(

Re:Spammers in the US, sure

You can also use a mail.com free-for-life mail redriection service. They filter the mail through MAPS RBL This drasticaly cuts down how much spam you get, Im on 2 a week (albeit on a not well know account, but used to be on my webpage and USENET postings).

abuse

[bananaape]

That could be easily abusable. I could try to do the same thing against all the people who have sent me emails telling me that Microsoft will give me 300 dollars if I forward the message to 30 people. Yeah... easy money.

How about junk snail mail?

[goatmon]

Is there anyone we can sue for stuffing our street-side mailboxes with junk mail? After all, we do have to pay to have the trash taken away.

Re:How about junk snail mail?

[throbbingbrain.com]

Just stuff it all in the postage-paid return envelope and drop it back in the mail.

Re:How about junk snail mail?

[glowingspleen]

Actually, I have had a debate about that and came to the conclusion that you SHOULDN'T send back prepaid envelopes just to get back at bad companies.

Why not? Because you will hurt everyone eventually.

Not every ad mailing will be enjoyed by every receipient. But at the same time, there are occasional random mailings we all actually like to get. By mailing back prepaid envelopes empty (or full of junk), all you do is hurt the industry's profit margin. That won't mean less junk, it will mean less prepad envelopes, since that will be the easiest way for them to save money. And then you won't have prepaid envelopes for the stuff you actually want to send for.

Just throw them away or write to that giant clearinghouse to be taken off the main list.

Re:How about junk snail mail?

[WinDoze]

I find it works well for starting the fireplace. Just remove the little plastic window from the front of the envelope (you get good at just tearing the front of the envelope off real quick) and burn baby burn! I haven't bought any kindling yet this year. Seriously. It's effective, secure (I don't like throwing away credit card applications, etc.), and very satisfying.

Re:How about junk snail mail?

[ciscoeng]

Probably not; but check out the Direct Marketing Association (google) and junkbusters.com for a good start on limiting the junk mail.

Re:How about junk snail mail?

[throbbingbrain.com]

If getting a plate of sheet metal back in their return envelope hurts their profit margin, then perhaps they'll find a better marketing channel. A little darwinism is good for business.

Re:How about junk snail mail?

And you should be sure to listen to all those telemarketers... they just might have something worthwhile to sell you.

Bah! Those prepaid envelopes aren't free either - the customers end up paying for them in the end anyway. Getting off all the stinking paper spam mailing lists is a slow and painful process. (Oh, we found your address in the phone book, so we just knew you'd be interested in new windows for your house! I just happened to notice you have a car registered with the DMV - don't you think you should buy a new one already? According to your driver's licence records, today is your birthday but you are rather fat and your picture is ugly. Happy Birthday and wouldn't you like to buy some diet pills?)

Re:How about junk snail mail?

[Johnboi+Waltune]

Actually, all that junk mail is the reason why a first-class stamp isn't $1.00. Unsolicited bulk mailers pay a lot of the USPS's operating costs, otherwise you and I would be paying. I'm not trying to justify trash mail, but that is an upside. Some uses for junk mail:

• Line a birdcage, or put it on the floor for your dog when you can't let him out
• Use it for packing material when you ship holiday gifts
• Kindling for the fireplace
• If all else fails, make sure it goes in the recycle bin

Re:How about junk snail mail?

[dubl-u]

Yes, you're absolutely right, it makes perfect sense that I should aquiesce to receiving a couple of thousand of pieces of junk mail each year so that I can save 34 cents every few months.

You seem to miss the point: the only reason that companies send out junk mail is that they can make more money by doing it. If their costs go up, junk mail will be less effective. If you don't buy stuff from junk-mail solicitations, their response rate goes down.

If you're worried about how everyone gets hurt in the long run, go look up the amount of money spent on marketing this year. Imagine how much cheaper your purchases would be if you bought them because they were the best you could find, rather than because you fell for a piece of junk mail.

Re:How about junk snail mail?

[nsandver-work]

I did this for a while, but with a fun twist: I shredded everything first. :)

Re:How about junk snail mail?

[Paul+Neubauer]

Not quite, but I have found most reputable places will be reasonable about marking your entry in their database as a 'do not send' if called and asked politely. This also has worked for the free flyer 'newspapers' I used to find on the porch.

There is a national opt-out (bah, thanks DMA, it shouldn't need to be opt-out...) list that you can get yourself on. I think junkbusters.org has information on it.

For the disreputable mailers (the ones that won't stop with a simple request) there is form 1500. This is a prohibitory order that tells an adverstising mailer that you are not to be mailed to again. Or else. Ask for form 1500 at the post office or get the pdf listed at http://www.junkbusters.org/dmlaws.html#form .

Ignore that the wording is about arousing or sexual materials. You get to decide what offends you and what shouldn't be allowed in your mailbox, and you have _sole_ discretion about it. (It'd be nice if any spam legislation took that approach.)

Re:How about junk snail mail?

[jaavaaguru]

Not every ad mailing will be enjoyed by every receipient...
I didn't ask for it so they shouldn't send it.

...all you do is hurt the industry's profit margin...
An industry that survives on sending me things I didn't ask for seems very unfriendly to me and deserves to loose out.

...it will mean less prepad envelopes...
Not a bad thing, if you ask me :-)

...And then you won't have prepaid envelopes for the stuff you actually want to send for.
If it's something I need then I'm happy to pay for it.

...or write to that giant clearinghouse to be taken off the main list.
With the majority of spam I receive, I didn't ask to be on the list in the first place, so the company doesn't deserve to receive any decency from me. Neither does the company who gave them my details. Instead of asking to be taken off the list, would it not make better sense to threaten whoever gave them your personal details with the Data Protection Act? (or your country's equivalent)

If you didn't specifically ask to receive correspondance then the company is not allowed to spam you. Simply having a box on forms that says "tick here if you don't want us to send you stuff" is now illegal in the UK - it must say "tick here if you do want to receive stuff from us.

if you are registered with the DMA (Direct Marketing Association), or equivalent service.

I also find that the majority of spam e-mail senders I've seen can be prosecuted under an Advertising standards law (in the UK the ASA / Advertising Standards Authority will deal with anyone using false statements to advertise their product or service).

Re:How about junk snail mail?

[exodus2]

you should talk to your post office, I believe they will block it. And check out the DMA to get your name off the list.

Re:How about junk snail mail?

[Zapp+Brannigan]

I heard a story about a man who got himself on as many mailing lists as possible. He was getting two entire mailbags full of junk mail every day which he burned in his wood stove to heat his house.

Not particularly environmentally friendly, given all the glossy catalogs and plastic windows, but still ingenious.

Bender:Sir, I volunteer for a suicide mission, sir!
Zapp:You're a brave robot, son. But when I'm in command, every mission's a suicide mission.

Re:How about junk snail mail?

Wood heat? How quaint! Reminds me of my childhood *wipes tear away*

Re:How about junk snail mail?

[eli867]

Although the woman in front of me on line at the post office certainly tried, the post office will NOT throw out your junk mail for you. Trust me on that one.

If for no other reason than one man's junk mail is another man's Vicotria's Secret catalog.

Re:How about junk snail mail?

[carlos_benj]

I read about a guy a few years back that got on every junk mail list he could. He rolls the accumulated paper into logs for his cabin. Somebody else pays for his heat all winter long.

Re:How about junk snail mail?

I'm not brave enough to rely solely on it for heat, no. It's mostly just for atmosphere... Gets the wife in the mood.

Re:How about junk snail mail?

[Happy+go+Lucky]

you should talk to your post office, I believe they will block it.

Don't bet on it. In theory, you can file a Form 1500 on any sender. Form 1500 is a request for a prohibitory order. In theory, the sender is no longer allowed to send you anything. In practice, the USPS is less than careful about honoring the form 1500, and I've had multiple counter attendants at one postal station tell me that it's no longer distributed. I ended up needing to go to the USPS website for it.

In other words, they won't block anything. Not even the stuff they're legally REQUIRED to block.

Also, junkbusters.org suggests that you should mark junk mail with "Refusing 3rd.-class mail is allowed under Domestic Mail Manual Section D042, 'Conditions of Delivery.' Please process." or words to that effect. I haven't noticed it having much effect.

And check out the DMA to get your name off the list.

Ah, yes, the DMA. The biggest bunch of scammers on the planet. You trust them that much?

Re:How about junk snail mail?

[Happy+go+Lucky]

Actually, all that junk mail is the reason why a first-class stamp isn't $1.00. Unsolicited bulk mailers pay a lot of the USPS's operating costs, otherwise you and I would be paying

Untrue. Damn untrue.

The USPS started doing a study of that, some years back. The DMA got huffy about it and ran to Congress, who promptly passed a law forbidding the USPS from actually making an accurate study of which class of mail subsidizes which other classes.

I don't know why the DMA would be covering that up, unless they were worried that a 2001 1st-class stamp would be a quarter if they weren't around. If you can think of a perfectly innocent reason for them to seek a legally-mandated coverup, I'd like to know what it is.

Re:How about junk snail mail?

[MarkGriz]

I've started mailing back all the crap I receive in the prepaid reply envelopes that generally accompany the junk snail mail.
Benefits:
1. Less trash for me
2. Costs offending company money
3. Makes money for the post office.
4. Annoys the receipent

Re:How about junk snail mail?

[Registered+Coward+v2]

Well, I guess that depends on how it's delivered. Where I live, the posting of flyers (usually with tape or thumbtacks) on maiolposts is consiudered littering, and yoiu can file a complaiant with the local PD. They generally contact and cite the violator, who generally is some small company that paid some kids to deliver a bunch of fliers. Actually putting them in a mailbox is a federal offense, AIR, but I would think postal inspectors have better things to do than chase down small business owners.

You may not get any cash, but if enough peopel file complaints the littering stops.

Re:How about junk snail mail?

I'm not brave enough to rely solely on it for heat, no. It's mostly just for atmosphere... Gets the wife in the mood.

Ah, yes. The atmosphere.

We're still talking about burning glossy print junk mail, right?

-kt

Re:How about junk snail mail?

Wow! What a great idea!

Thanks for sugesting it, because nobody on /. has ever heard of or discussed (at great length) that concept before!

-kt

Re:How about junk snail mail?

He did say to stuff it back in the pre-stamped envelope provided by the junkmail company. The idea being to charge the junkmail company extra.... And I'm sure there's no law against sending a junkmail company junkmail ;-)

Re:How about junk snail mail?

You can refuse any mail sent to you
simply return it to the sender.

Hmm I think i'd be..

[saqmaster]

... rich by now.

"If I had $1 for every *insert word here* i'd had.. i'd be rich by now.."

hmmm

[nomadic]

Probably won't be that easy to collect, especially if they didn't even show up in court. I'm just not sure the idea of driving the industry out of business is feasible; the vast majority of spam mail I get doesn't have a valid e-mail address. In fact, the vast majority of spam I get isn't really advertising. Most of it are just grifters trolling for victims, figuring if they send a million messages out, and get 3 marks, they'll make a profit.

Re:hmmm

[Masem]

The WA state law is NOT to prevent spammers from spamming, but to use truthful information in their spam as to whom they are, how they can be contacted, or how one can be removed from their spam lists, all which is consider consumer fraud (and thus why this bill has survived judcial scurtinity). If anything, this will simply force spammers to actually identify themselves and make it easier for people to remove themselves from their lists.

Also, from what I've read of the various cases, if you sue the spammers and they don't send anyone to court, that's contempt of court and can be considered jail time. So instead they send out someone, weakly plead their case, and lose, and write the $500 check. To them, that's chicken feed, but only because a bare handful of WA state citizens are using the process. If only 100 or 1,000 residents did this, the spammers might actually consider changing their methods instead of blinding accepting the penalty. As far as I've read, only one spam corp has fought this, and that was the case that validated the law's constitutionality.

Re:hmmm

[Violet+Null]

Well, if you assume that the company in question is actually selling something, and to actually sell something has some method in which they can be contacted or traced, then the collection problem becomes easier.

Records are kept of who pays for that 1-800 number, or who signed up for that AOL account, after all. Sure, you might not get 100% collection if these are fly-by-night operations, but you should get enough that others start thinking twice.

Re:hmmm

[Guppy06]

"Probably won't be that easy to collect, especially if they didn't even show up in court."

If they fail to show up, they're found guilty by default. If they fail to pay, not only can you pass that info on to credit-reporting and background-check agencies but (if it's anything like a traffic ticket) a bench warrant is issued for their arrest (results of that vary depending on the state).

As an example I have a friend that was arrested in Florida for defaulting on debts in Virginia. The creditors filed suit in Virginia, he never showed, the court found him guilty, he got pulled over in Florida for some reason, and ended up spending the night in jail.

Re:hmmm

[MrFredBloggs]

"the vast majority of spam mail I get doesn't have a valid e-mail address"

Isnt it possible to somehow see if an email has a valid adr, and if its not, just dump it?

Re:hmmm

[flewp]

Does the WA state law only work for those who spam from within WA to WA citizens, or is it independant of where the spam originated from as long as it's sent to a WA citizen?

Re:hmmm

[sketerpot]

An alternative to taking spammers to court is to make them calculate an n-bit partial hash collision on some text, and delete email that doesn't do so. This means that sending email will be processor intensive enough to render bulk emailing impractical but not intensive enough to noticably slow down ordinary email such as I could send to a few people with suggestions like this. The full specification can be found here.

A modification I would add is the ability to give trusted people, like SourceForge mailing lists, passwords they could send and bypass the hash system, so they could operate the mailing lists.

Re:hmmm

[Masem]

It's outside spam (from only US companies, it appears) to WA state residents (and inside spam from WA to WA, of course). The examples list one guy suing a FL spammer, and the case that challenged the law was from a company in either Colorado or Montana, but I can't remember which.

Re:hmmm

[tomstdenis]

A simpler modification is to just rehash the message hash 2^16 times or so. On a decent computer it would probably take under a few seconds at most. That way you can automatically dump messages that don't have the correct hash. This [like the previous scheme] will make mass-spamming useless unless the spammer invests in crypto hardware.

Yet another scheme is todo this.

1. Make up a random string of 10 or so bytes call that R. Hash it 2^16 times [rehash the hash output] and call that K.

2. Encrypt the message you want to send with K as the key.

3. Send the ciphertext and R to the person.

On the decrypt side they rehash R to get K and decrypt. This isn't meant to give privacy but to prevent the message from being readble unless the sender uses the scheme. If the mail-readers forced detection/use of such schemes spammer who don't use the hash 2^16 [or whatever many times] will send messages that decrypt to random junk.

Et voila ./ I've just solved the worlds spamming problems. If everyone could just simultaneously switch over to such a system the world would be a better place.

As an aside I think 2^16 should be switched with 2^20 or so since a decent 1.4ghz class cpu [i.e P4 or Athlon] could whirl thru 2^16 SHA-1 hashes in under a second.

Tom

Re:hmmm

Of course, the SMTP has to verify the hash, right, otherwise what's the point? Don't you think that it may be a bit processor intensive on the server side?

Re:hmmm

[tomstdenis]

I have another scheme that relies on interactive protocols and secure servers.

You want to send user X a message and you are user Y.

1. You contact your server Y and it gives you a challenge string R.
2. You hash it 2^L times [L == appropriate] and use the hash a key for the message.
3. You send the ciphertext to the smtp server.

The Y server than pre-appends R to the message and sends it on its way.

A modification is that [assuming relays are disabled] when you want to send a message to X, server Y contacts server X to get the challenge string. Then when the message is sent server X is the one that pre-appends the R string.

The latter case is preferable since it means that you can't setup a fake server to mass-spam people by making R a fixed string.

This requires that server X be trusted....

Tom

Re:hmmm

Additionally (depending on the state), unpaid fines collect interest at rather high rates (10% or so, you need to renew every 10 years or so), and you can have the judge place a lien against their property. Which makes it harder for them to sell, and you can force them to pay or liquidate the property.

Re:hmmm

[sketerpot]

SMTP doesn't have to verify the hash, at least not the way you are thinking.

Here's the idea. You are X, sending an email to Y. First, X takes some string from Y, perhaps the email address, and hashes it 2^L (L can be adjusted for faster processors) times (I'm using the scheme proposed by some of the previous responses to my post), then the email is sent via normal SMTP. It looks like this:

header stuff
hash: nugreynv847nq843nvhrq9q (or somethng)
Dear foo, merry christmas. Etc.

The user Y's computer goes through the emails and deletes any that don't have the correct hash of the week (precalculated by Y every week or so). This weeds out spam, and Y can enjoy legitimate emails.

You wouldn't have to rehash the hash for every email. You could just change the hashed thing every week and check, just an ordinary comparison.

Re:hmmm

[marvinglenn]

Also, from what I've read of the various cases, if you sue the spammers and they don't send anyone to court, that's contempt of court and can be considered jail time.

No, it just makes it VERY easy to get a default judgement. Contempt of court is when you act contrary to an order of the court.

Re:hmmm

[JetPet]

Yeah, it's called frictionless economy.....

Re:hmmm

[Dr.Dubious+DDQ]

Isnt it possible to somehow see if an email has a valid adr, and if its not, just dump it?

Not EASILY. After all, YOU can probably tell just by looking that BHSDVGB1@hotmail.com is likely to be a fake address. But how do you explain to the computer how to tell whether it's fake or not? Especially if for some strange reason you might just have a friend who refers to himself as "Bob H Simpson, Dental Victim of George Bush #1" and named his hotmail account accordingly?

How to guess

[nasogrumy]

Ok, it is one case, but how to guess the best solution to get money or good deals or stuff for free as all these spammers use these keywords to get your attention.

Nice to hear

[KarmaBlackballed]

But our laws do not usually reach outside our borders. As this gets more notice, less and less spam will originate from within countries that prosecute. But the spam will not diminish.

This is not the fix. But it is always nice to see a spammer lose what they love most: money!

Re:Nice to hear

[brunes69]

US laws don't usually reach outside their borders? Perhaps you've heard of this little skirmish going on in Afganistan recently... Or perhaps a little law called the DMCA...

Re:Nice to hear

[Zigg]

The war in Afghanistan has nothing to do with US law. It has to do with fanatics crashing planes into buildings and killing lots of people.

Your point about the DMCA is 100% accurate, though.

Re:Nice to hear

It is a good thing too that our laws dont get out of our borders. There are way too many laws the US has passed because they are paranoid.

Re:Nice to hear

[Rogerborg]

• The war in Afghanistan has nothing to do with US law. [context: the USA projecting laws globally]

Everything that the US government does has to do with US law. The 1973 War Act attempts to limit the President's ability to declare war, while also giving the option to pass a euphemistic "use of force" resolution rather than old fashioned (and honest) declaration of war. Bush followed the procedures of this Act under protest, as Presidents like to think that as Commander-in-Chief, they're not answerable to Congress. But he did follow them.

My point is actually that the Law is defined by Congress (50% of whom are members of the American Bar Association, so much for separation of powers), and they can pass any law they damn well like to allow the USA to project power - military or economic - across the world if it's convenient to them. If there was a political will, we could very easily re-define spammers as [h|c]rackers and have them punished anywhere in the world. Remember DeCCS?

Re:Nice to hear

[ErikZ]

"The war in Afghanistan has nothing to do with US law. It has to do with fanatics crashing planes into buildings and killing lots of people."

That isn't against the law?

It's against the law, we had no other recourse, so we start up the war machine.

Re:Nice to hear

[Iamthefallen]

But our laws do not usually reach outside our borders.

Laws? Perhaps not, but who'll stop the US govmt from enforcing those laws abroad anyway? Echelon? Magic Lantern? CIA permission to assasinate foreigners?

I believe the by Clinton signed decency act was supposed to protect US citizens from evil websites and such, even if hosted in other parts of the world marked "Here be Monsters" on the map.

Re:Nice to hear

[ZPO]

The key here is "nexus". It's a legal term of where a company has a business operation. It gets pretty complex fast though.

What is important under the Washington law is that it permits the individual to go after the party the authorized the spam. The slimeball company and servers actually sending the spam may be in Elbonia, but you'll find most of the companies/products solicited do business right here in the USA.

ie - an advertised web site might be in the Caymans. If they accept credit cards they likely have a US merchant account, which means a US bank, which means (likely) a US legal address.

Almost all spam is designed to sell you something. That means they must include a way to contact them. It also means they want it to be easy to buy from them.

Now if I can just figure out how to claim residency in WA state.......

Re:Nice to hear

[then,+it+was+nigh]

The 1973 War Act attempts to limit the President's ability to declare war, while also giving the option to pass a euphemistic "use of force" resolution rather than old fashioned (and honest) declaration of war.

But the War Powers Act is not carte blanche. Section 5(b) requires the President to withdraw the military after 60 days if Congress hasn't given him a declaration of war by then. Both Clinton and Bush the Elder have been sued by Congress over violations of this. It remains, then, to be seen what will happen this time around. When did the clock officially start on this one?

Re:Nice to hear

Assassinating spammers? Now that's something I can approve of...

Ah nuts..

[MantridDronemaker]

Ah nuts, and here I was happy that I rarely get any spam at all! Maybe two spams a day if that. Anyone actually get hundreds of spams or does that really happen all that often?

Guess I'd better start looking at more pr0n! :P

Re:Ah nuts..

I've had about 12 e-mail accounts plus my BSD box and 100+ spam a day is really really easy to come by. Just sign up for a hotmail account. Ever since M$ went to using nt/2k servers Spammers have had a field day with almost any hotmail account. I was using yahoo as my primary, since they apply the RBL to any email but lately that hasn't been helping.
BTW pr0n has nothing to do with it. Although it might be all those cracking/emu sites I visit for educational/security reasons. And the fact that IE5 doesn't properly secure cookies in all versions. It could even be related to ad banners since they often track the url you came from which would (often) include the login name for your (web) e-mail account.

Re:Ah nuts..

[jon+doh!]

i've got a bunch of hotmail addresses i keep to use when i sign up for stuff. some of them haven't been given out yet though, and they still get 10-30 emails a day, all of which are spam.

Re:Ah nuts..

Just downloaded my mail this morning, first time since 3 pm yesterday. In that 19 hours, I have 402 messages in my inbox and 35 messages that were moved to other folders with filters (Friends, work, family, etc). Now, there will probably be about 50 messages from ids telling me who's trying to get where on the servers. About 10% of what's left in my inbox after that will be valid mail. Having the same e-mail address for 7 or 8 years, back when you never had to worry about spam, will get you a whole lotta spam. If you did a search on my e-mail address, you'd find a ton of pages with it up there. A pity I can't change it, and can't use anything more then very basic filters for work reasons.

(Today seems not to be a normal day though, usually I only have about 200 or so messages.. Must be the holiday season)

So, how long..

[kafka93]

.. until I start receiving a load of "received spam-mail? Make money NOW!" messages in my inbox?

Re:So, how long..

Not a far-fetched thought at all, actually. Seems there's a password stealing trojan going around pretending to be anti-spam policy from Microsoft to MS users. (See http://www.stopspam.org/).

Re:So, how long..

[WickedClean]

This reminds me of a really stupid ignorant thing that was on Experts-exchange.com. They actually had a Flash-based popup window, complete with loud sounds, which advertised a program that disabled popup windows. Needless to say, they have been going downhill ever since then. Its like auto painting shop keying your car then leaving their business card under your windshield wiper.

First Blow Up Afghanistan then...

[toupsie]

btamail.net.cn...

All my spam now seems to be coming from China according to SPAMCOP. What is the deal with this? Are the Chinese so clueless that the entire country runs as an open relay? Since I don't access any resources in China, feel free to pull the plug on them.

Re:First Blow Up Afghanistan then...

[Steve+B]

All my spam now seems to be coming from China

Thank you for having the courage to speak the truth about the brutal and tyrannical Chinese occupation of Tibet....

Re:First Blow Up Afghanistan then...

[toupsie]

What?

Re:First Blow Up Afghanistan then...

[bero-rh]

btamail.net.cn is indeed a major repeat spammer - this doesn't have anything to do with "all Chinese being clueless", though.

If you go the "Since one machine in China is a major spammer, all Chinese are clueless" route, don't forget to equate the US with AOL, spammers.net and similar resources.

A problem with ISPs in China is that most Chinese people don't speak English (which, again, doesn't mean they're stupid - how many English speaking people speak Chinese?), so dropping the ISP a note saying "your user foo is sending spam" will be as understandable to some of them as spam in Chinese is to you.

Re:First Blow Up Afghanistan then...

[toupsie]

"Since one machine in China is a major spammer, all Chinese are clueless"

btamail.net.cn is not the only Chinese domain that I receive SPAM from in China. Just the major offender. 90% of all the spam I get originates from China. I have also run open relay checks on IP blocks in China and found most to harbor open relays. So I am not talking about 1 machine.

The problem with Chinese ISPs is not the inability to speak English but the inability to give a damn about the harm they are causing to users in other countries.

Re:First Blow Up Afghanistan then...

[toupsie]

Moderation of parent message:

Moderation Totals: Overrated=1, Total=1.

You got to love the cluelessness of the moderators. Something that is not rated gets moderated to "Overrated".

Most likely a poor little moderator with a chip on his shoulder. Poor thing...

Re:First Blow Up Afghanistan then...

Yes, the D.L. living in exile is a shame. But China used troops, not spam, to occupy the region.

Besides, with the exception of island nations, all borders were set at some time via conquest. To deny that is to deny history (such as we know it). As much as we may wish it to be different, human nature is to be avaricious (especially in groups). That is why communism may be an interesting idea but will never work with humans involved. And this is so far off-topic there may need to be a new level of negative mod...

Re:First Blow Up Afghanistan then...

[Cro+Magnon]

Anybody who sends Chinese spam to America is stupid! Of course, the ones who send American spam to America are stupid too.

The most interesting part of the article...

[Lostman]

was where the guy gave a link to someone that shows others how to do this exact same thing. Try http://www.wa-state-resident.com/tugpayup.htm (unlinked for the goat weary).

He gave a form letter, even step by step directions on how to do this. Only thing was that you would have to be living in oregon unless your own state has fun laws like this. That does definately sound like fun.

Re:The most interesting part of the article...

[ethereal]

If you're too stupid to frickin' mouse over the link and check for goat links before clicking, maybe you should get off the 'Net? I'm certainly not going to give up on the hyperlink just because a few knobs have a silly photo up, and a few other knobs can't figure out how to avoid seeing that photo.

Damn the torpedoes: http://www.wa-state-resident.com/tugpayup.htm

Re:The most interesting part of the article...

Probably "no link because I'm too lazy to use html" is more like it.

Goatse.cx links usually get modded to oblivion no matter what comment they're attached to, so you shouldn't have to worry about it at +1.

Re:The most interesting part of the article...

[tswinzig]

Try http://www.wa-state-resident.com/tugpayup.htm (unlinked for the goat weary).

I take it you haven't been to slashdot in a while...

Re:The most interesting part of the article...

[ethereal]

I had gone back to reading at -1 for the last few weeks, finding a few funny trolls that made the rest of the dreck tolerable, but today somebody's figured out how to use '.' to make pages arbitrarily wide, so I had to go back to browsing at 0.

For most people the goat links won't be seen at +1, I agree. Unless they're hidden under so many redir links that you can't see the end of the link. But that should always be a warning in and of itself.

Delaware

[kraut_juice]

Does anyone know if any anti-spam case has been successfully won in the state of Delaware?

Spamcop

[soundlord]

I realize that most of you probably already know about this, but I am going to mention it anyways: if you're having problems with spam, you should go to SpamCop. They have a free service that you can use to report spam to the necessary network administrators via parsing the headers of the spam mail. Simply save a bookmark that they give you, and when you receive spam mail, go to that book mark, paste in the whole text of the spam mail (including headers) and click a button.

I know that it's hard to keep spammers from doing what they're doing due to their using different email addresses and hosts each time they send out some spam mail. But I have found that by using SpamCop regularly, the spam mails eventually stop coming to my inbox. And whether this means that they've been taken out of business or they're removed me from their spam list due to my being a thorn in their side - well, either is good enough for me.

Re:Spamcop

[don_carnage]

Can we forward spam email messages (with headers) directly to SpamCop instead of pasting? This would be easier to build into a procmail filter...

Re:Spamcop

[soundlord]

You can forward spam messages to SpamCop, but in order to do that, you need to register for their service. However, I like to look at the statistics page of spam I am about to report, to make sure that I'm not sending spam report mail to anyone who doesn't deserve to get it (such as legitimate people who were unlucky enough to be involved in the headers somehow). That way, only the people who need to know about the spam get the SpamCop mail.

Re:Spamcop

Is there any easy way to bulk-parse spam via SpamCop? I get 20 spams a day and it's very time consuming to copy-paste all of them. Forwarding isn't much faster, and I can't find a way to make a filter that automatically forwards spam in Outlook Express or Hotmail (I know MS sucks, but Outlook works fine for me and I'm too lazy to find and install something else).

Re:Spamcop

[brassman]

If you're running procmail, a kind soul posted a couple of Perl scripts here in Slashdot just a week or two ago that automate the process of Spamcop reporting.

That process is in two steps -- submitting, then reading the summary of what what Spamcop found and "pulling the trigger," and I wouldn't recommend automating both parts. Quite often Spamcop will respond that the offending ISP "doesn't care," or has already closed the offending account -- in those cases there's no point in tying up Spamcop's resources any further.

I try real hard to ignore spammers, but when one wiggles past my filters you'd better believe I invest the time to ruin his day.

Re:Spamcop

[MmmmJoel]

I know it's available for paying members, although I'm not sure about people who use the free service.

Paying members can report spam as easily as clicking a hyperlink. Forward your email to your Spamcop address and Spamcop intelligently filters the spam from your inbox (using the information reported from both free and paying members) and allows the member to either delete, forward, or report the spam for you at the click of a button. And it's a cheap service! $.50/MB equals less than $15/year for me.

Re:Spamcop

[Erik+Hensema]

Yes, go to this page. Here you find two perl scripts: one script forwards the spam and another script parses the spamcop reply and automatically reports the spam.

Re:Spamcop

[Samrobb]

Hmm. Would it be possible to set things up so that SpamCop is your legal representative on issues like this? While I lack the time and energy to pursue spam-related lawsuits, if it meant an eventual end to spam, I'd be happy to sign over rights to pursue the case (or whatever) to SpamCop, and let them use the proceeds to fund their service (and the next round of lawsuits against spammers.)

Re:Spamcop

[ibennetch]

Unfortunatly, Outlook Express (don't know about Outlook) doesn't allow any kind of filtering for IMAP or HTTP mail. I just found this out a week ago when I tried to set up filtering on my Hotmail account. In the rules menu; there is a little notice at the top that says as much. I really don't know if it's a technical thing or a policy decision... -bennetch

Re:Spamcop

[dazed-n-confused]

Is there any easy way to bulk-parse spam via SpamCop? I get 20 spams a day and it's very time consuming to copy-paste all of them. Forwarding isn't much faster, and I can't find a way to make a filter that automatically forwards spam in Outlook Express or Hotmail (I know MS sucks, but Outlook works fine for me and I'm too lazy to find and install something else).

Sounds like you're looking for Spam Deputy. 15 day free trial, $20 registration. I'm a satisfied customer, and happily recommend this product to any other Spam-haters.

From here on down is from the author's site:

Spam Deputy makes it easy to report spammers and now it comes in two flavors: a COM Add-In for Outlook 2000; and a new stand-alone application for other mail clients.

Overview of the stand-alone application

Spam Deputy is an application that makes it easy to report spam for users of Microsoft Outlook Express, Netscape Messenger, Eudora and other email clients. Simply drag-and-drop or copy-and-paste your spam messages onto Spam Deputy and click the "Report Spam" button.

Spam Deputy will perform the following steps:

• launch a new instance of Internet Explorer
  
• navigate to your SpamCop authorization URL
  
• insert the selected spam message into the form
  
• submit the form for processing
  
• create a new email message addressed to the Spam Recycling Center
  
• insert the selected spam message's subject into the Subject of the new message
  
• insert the selected spam message into the Body of the new message

You can now choose to either send the email using an account of your choice or close it without sending it.

Then, after reviewing the results in Internet Explorer, you can click SpamCop's "Send Spam Report(s) Now" button to report the spam or simply close the browser.

That's it! In just a few clicks, you have reported the spammer to his ISP, webhost and/or email provider and to the proper authorities.

However, with a little more effort, you can increase the effectiveness of your spam reporting. Spam Deputy allows you to go beyond SpamCop's current spam message analysis.

• you can verify if an email address is valid or if a website is active before reporting it. Doing so will help reduce the number of redundant reports to an abuse desk.
  
• verify and report all email addresses (if appropriate), including "From", "Reply-To" and "Errors-To". You can determine which addresses are fakes and which are real and find the abuse address to report them.
  
• see all the redirects for any URL.
  
• perform WhoIs on dozens of servers to find who owns a particular domain.
  
• perform TraceRoute to find the spammers upstream service provider and find their abuse address.
  
• report any email address or website that SpamCop missed.
  
• Decode obfuscated URLs.
  
• Decode HTML document.

Spam Deputy not only makes it easier to report spam, it makes it more effective too.

Re:Spamcop

Try http://www.spamkiller.com/ for a good outlook filtering system that supports POP3 and IMAP filtering. I was running about 60+ Spams a day adnd trying to simply clean them out of the half dozen or so accounts I check, and Spamkiller has cleaned up the spam and lets me send complaints and error messages back at spammers. It reads your POP3 and IMAP mailboxes directly - then after cleaning out the spam, it log out and lets you retirve the mail using outlook. Quite an improvement

It's about time

[Philbert+Desenex]

It's about time spammers started paying for their sins.

Spamming is basically a form of theft, externalizing around half the cost of sending an advertisement to the reciepiant of the spam. That's clearly what makes spam attractive to advertisers (and their swinish lobbyists, the DMA).

The second order effect of this externalization hasn't been talked about in the press much. Ordinary advertising costs up front - a Tee Vee commercial for laundry detergent gets paid for before you buy the Whisk. A two-page spread in Time magazine for the latests SUV gets paid for before any consumer buys a 2002 Yukon. And yes, the company doing the advertising prices their product to account for the ad expenditure.

The fact that a spam victim pays for the ad before making a decision on whether or not to buy the laser printer toner means that market forces controlling advertising are vastly weakened. For example, the makers of "Whisk" laundry detergent used to have an ad campaign based on the phrase "Ring around the collar". During the mid 70s, the Women's Movement found this ad campaign offensive, so they boycotted "Whisk".

Fast forward to 2002 - you've already paid to receive an ad for Hotwet Russian Teen Sluts. No boycott on earth will have an effect on the advertiser - you've already paid for it, without being given a choice in the marketplace (maybe you prefer Hotwet Bulgarian Teens).

There's only very weak market forces that affect spam. We need government regulation of spam, we need the ability to punish spammers economically.

Re:It's about time

[4444444]

we need the ability to punish spammers economically.

You can punish them just goto http://www.goto.com and do search fro "bulk email" every limk you click will cost tehm several dollars last itme I looked it was about $8 per click

Re:It's about time

[reaper20]

Mozilla/Galeon's tab feature is perfect for this. Middle click the link 50 times, everything is self contained in the browser, close, repeat ...

Re:It's about time

We need government regulation of spam

What about the huge percentage of spam I receive that originates in .hk or .kr or .cn ? No regulation in the US will ever dent their activities, and spammers will just outsource everything to servers in those regions.

Re:It's about time

Only works once per day, so that's 49 wasted clicks.

Re:It's about time

Somewhere there's a perl script that will automatically click all those links. I can't remember where it is though. It shouldn't be too hard to do if you want to make your own.

Re:It's about time

[inerte]

Better yet, setup a script to do this for you. Something like (PHP code):

$filename = 'http://www.overture.com/d/search/?type=topbar&Key words=bulk+email&Search=Search';

$fd = fopen ($filename, 'r');

$read = fread($fd, 20000);

fclose($fd);

// preg_match_all ('/f="(.*)"+/', $read, $links);

foreach ($links[1] as $value)
$fd = fopen ($value, 'r');
$read = fread($fd, 20000);
fclose($fd);
}

This code isn't complete of course, it's not working. I hope you don't get into trouble if you modify it enough to do so :-) But you get the idea. Part of a happy breakfast!

Re:It's about time

[4444444]

Somewhere there's a perl script that will automatically click all those links

you can find several scripts here

Spambouncer / Bennett's Birthday

[waldoj]

I just installed Spambouncer, a procmail-based set of filters, on all of my servers over the past few days. I love it. It takes a little tweaking, but that's easy enough. It was not a problem to set up, and I've gone from a dozen or so UCEs per day to one or two. After a few more days of tweaking, I should be down to zero.

ObCompliment: Go Bennett, it's your birthday, go Bennett, it's your birthday! [1]

-Waldo Jaquith

[1] I am so white.

they do!

[karm13]

as far as i know, if a packet passes a US server with content illegal in the US, it's a matter for US courts.

scary, huh?

Somebody Call a Class Action Attorney!

[NortonDC]

Spam is one area where a very aggressive attorney making a career out of class action suits would be doing a public service. Some clever attorney out there ought to get on the ball with this.

Paradox

But if the posts say make money fast, and I sue them and in fact do make money fast, then I couldn't have sued them because they were in fact true. In which case they would have been false and I could sue...

Now I'm Curious...

[ackthpt]

I see these people winning in small claims courts against defendants in other states. How do they go about collecting the judgement, particularly if the out of state person/company just blows it off?

Possible new Spam trend:

From: dj898f78ds@hotmail.com
To: (undisclosed recipients)
Subject: Make Big Money Suing Spammers!

Hi, Friend! Are you bothered by Spam clogging up your mailbox, hard drive and embarrassing you by it's content? Worry no more!

For $25 we'll show you how to get rich by suing spammers! Send payment to:

O. B. Laden
Cave #1248
Tora Bora
Afghanistan

Act now, before it's too late!

Re:Now I'm Curious...

email: osamabinllama@taliban.cave

Procmail regex for Chinese encoding?

[swb]

Is anyone familiar with the encoding used for Chinese (or at least how it displays in a Latin character set) to put together a regex that would catch most of these spams?

I get plenty that are obviously not in English and it seems there should be a (set of) regexs that could pretty reliably tag it as non-English and route it to /dev/null.

Re:Procmail regex for Chinese encoding?

[polymath69]

Actually yes. If you look for the fractional character (3/4), in my experience you'll catch most of these chinese-or-whatever-they-are spams.

(This is character 0xbe; it displays as 3/4 in my Solaris xterms. It may appear differently in other fonts or locales.)

Re:Procmail regex for Chinese encoding?

[ackthpt]

Frequently the spam I get includes some URL which ends with .cn (China), so that's my guess. I never bring these things up in a browser, after one try, which yielded the on-screen equivilent of Times Square and gibberish.

I prefer a text-only preview of all incoming email and have been a happy user of The Bat, which does a nice job of allowing me to screen email without it launching nasty business behind the sceens (like some of the worms buried in html headers, an example can be found here)

Re:Procmail regex for Chinese encoding?

[Wolfier]

Yes. I can read Chinese, and I know of a 2 byte character that describes a chinese email every time - much like the "a"/"an"/"the" articles in English. Put it in procmail - boom. ALL Chinese emails are gone. Although you have to have 2 filters, one for traditional and one for simplified.

Re:Procmail regex for Chinese encoding?

[swb]

And the two byte characters are?

Re:Procmail regex for Chinese encoding?

[dvdeug]

:0:
*^Subject:.*ks_c_5601*
spam

This catches email with Korean subjects. Most of my Asian spam comes with that header; I'm told it's a Microsoft encoding that isn't even valid to use on the net, and I've never seen a valid email get caught by that filter.

Re:Procmail regex for Chinese encoding?

[Wolfier]

Don't know how to tell you now - too lazy to look up for the ascii. However, it is the single most frequent character. As shown in

http://www.mandarintools.com/flashcard.html

Wow!!

[clemens]

He's really making money fast!

hmm. i don't get repeat spams ever.

[adosoda]

if you just send them (the spammers) a msg that says something to the effect:
thank you for your mail, to continue sending me mail there will be a 500 dollar per item charge. your welcome to do so, although i will need your billing address and credit card number. if these are not provided to me, you will be taken to court so i may recover damages. thanks for your time.

Re:hmm. i don't get repeat spams ever.

Best way to do this is do a whois on the domain that's being advertised. Usually scares the shit out of them when you tell them you're going to send a bill to them, and list their home address :D

Re:hmm. i don't get repeat spams ever.

[bero-rh]

So how do you go about finding their addresses?
Quite a bit of the spam I'm getting spamvertises websites with whois entries along the lines of

You suck, Antispammers invalidaccount@hotmail.com
1, Spam avenue
Spam city
NA 12345
1-900-555-1234

Unfortunately, quite a few registrars don't kick domains for putting in invalid contact information.

Re:hmm. i don't get repeat spams ever.

[dubl-u]

So how do you go about finding their addresses?

Follow the money. 99% of spams are trying to get money from you; they need a way for you to get them the money.

If they have a web site, a court can compel the ISP to cough up their payment details. Ditto for an 800 number. And if they're using a PO box, you can get the details yourself; according to postal regulations, they're required to give out the true name and address of anybody using a PO box to do business with the public.

How did he figure out who to sue?

[sphealey]

I wouldn't mind taking action of this nature against spammers, if I could figure out who to take action against. When spam arrives with no usable return address and no valid telephone number, who do you take to court?

sPh

Re:How did he figure out who to sue?

[Rogerborg]

• When spam arrives with no usable return address [...] who do you take to court?

The upstream provider? Really, it hacks me off that so many places run open relays, are RFC ignorant, and basically don't give a damn about the use of their networks (regardless of what their AUP's say). Sure, there are good providers that don't dick around when you send them abuse reports, but the amount of crap I'm seeing coming from .ac.somewhere-in-asia (that's international .edu) is staggering.

They're outside your country? Contact them anyway. If they don't respond, and the spam keeps coming, keep moving upstream. Sooner or later you'll hit your own ISP or ASP. Let them know that they're handling packets from RFC ignorant peers, and dump it on them. If that drives costs up, good, I'm sick of hearing that ISPs don't have the resources to deal with spam.

Instead of giving money to lawyers (directly) and courts (through taxes), let's get it to the ISPs instead.

Inconsistency..

[kafka93]

I find it quite interesting that while many users of the Internet are quick to claim that 'information wants to be free' and to fight against censorship and restriction of their liberties, spam remains an area where the same people rush to seek legislation.

Surely these things must work both ways? If we have the right to send email to whomever we please, and to do so without the content of our email being checked by a third party, shouldn't that privilege extend to companies wishing to promote a product - however irritating it might be?

Before anyone flames me: I did read the article, and I realise that the case cited was based upon the forging of the 'from' address, which rendered the spam illegal. But is even this a 'fair' thing? If I were to send someone an email address with faked details, wouldn't that be my prerogative?

Perhaps where things need to be tightened up in order to address the problem of spam in a consistent manner is in the area of unapproved use of resources like SMTP servers. Instead of the recipients of spam being able to sue, it should be possible (and easy, and effective) for those whose resources are used by spammers without concent to take action - and the crime should be treated in the same way as would theft in the material domain. If spammers were forced to use their own servers, the act of blocking them out would be rendered easier; and if they were to face criminal charges when using other servers, then I'd wager we'd soon see matters improve.

Incidentally, I'm not a sysadmin and if I'm talking crap, please forgive me. But it seems to me that piecemeal court cases filed in small claims courts are going to do very little, very slowly.

Re:Inconsistency..

[sphealey]

Surely these things must work both ways? If we have the right to send email to whomever we please, and to do so without the content of our email being checked by a third party, shouldn't that privilege extend to companies wishing to promote a product - however irritating it might be?

Before anyone flames me: I did read the article, and I realise that the case cited was based upon the forging of the 'from' address, which rendered the spam illegal. But is even this a 'fair' thing? If I were to send someone an email address with faked details, wouldn't that be my prerogative?

Your right to exercise your biceps and knuckles ends at the tip of my nose. Whether or not information is or wants to be free, you have no right to impose monetary costs on me without my consent. Which, since I pay for dial-up access to my e-mail, is what spam does.

sPh

Re:Inconsistency..

How the hell did this old anti-anti-spam argument get moderated up? Its been debunked so many times that I just start laughing whenever I see it. The moderators must really be smoking some good stuff today.

Re:Inconsistency..

[sacremon]

The differnce between freedom from censorship and the blocking of spam is one of consent.

If I wish to view something on the web, and the author wants others to view it, I should be able to do so without someone else telling me that I can't. The author is consenting in wanting others to view the work, and I am consenting in wanting to view the work.

With spam, my consent is considered irrelavent by the spammers. They are sending me material, without my consent or my desire to see it. It costs me money to receive their spam, as the ISP is going to pass on the cost of their bandwidth utilization to me in the form of higher fees.

Re:Inconsistency..

[sheriff_p]

And the US is a free country, so people have the right to commit fraud, right? Isn't the whole war on Afghanistan about freedom?

I think you need to get some context, matey.

Re:Inconsistency..

[withak53]

If I were to send someone an email address with faked details, wouldn't that be my prerogative?
Whether you may or may not spoof your email isn't the issue here. Whether or not a company can is. Companies do not have the right to give fraudulent information.

Re:Inconsistency..

[bero-rh]

You're overlooking a couple of things.

First of all, a lot of people (basically, everyone outside the US and some European cities) actually pay for net connections per minute or per second, so receiving spam actually costs money.

If they want to put up a website telling how great their product is, I'm all for it - why not.
But stealing their potential users' money to get the word out is NOT acceptable.
How would you react if a local store sent you junk mail and included a bill for printing and shipping cost?
That's what spammers do, along with making sure the bill gets paid.

Also, a lot of spam is fraud ("MAKE MONEY FAST", "We need your help getting some millions out of Nigeria", ...) - and fraud should never be legal.

Protecting fraudulent offers as free speech is probably not what most anti-censorship people want.

Re:Inconsistency..

[Guppy06]

"I find it quite interesting that while many users of the Internet are quick to claim that 'information wants to be free' and to fight against censorship and restriction of their liberties, spam remains an area where the same people rush to seek legislation."

Simple: both closed-source programmers and spammers are the same in that they both seek absolute control over the information in question. Microsoft wants to have a say in how their customers use their computing resources by placing artificial limitations on it. Spammers want to have a say in how their potential customers use their computing resources by forcing them to use it to process the ads.

"Perhaps where things need to be tightened up in order to address the problem of spam in a consistent manner is in the area of unapproved use of resources like SMTP servers."

Why must it be limited to SMTP servers? Why can't I have a say in unauthorized SMTP traffic going through any of my networking hardware, even if that hardware is just a modem?

Re:Inconsistency..

[walt-sjc]

Yes, you are talking crap, but I will forgive you.

First, Spam is NOT speach, and even speech has limits. For example, a newspaper or TV station does NOT have to print or broadcast your statement for free. Why should I pay to receive your spam on the same grounds?

You have a perfect right to put up a web page to sell any product, or say just about anything (within legal limits there too.) That right does NOT extend to my email box which costs me money. That's the key - You have shifted the cost burdon to ME.

On the subject of forged headers, what is going on is fraud. They do this to bypass filters, or to avoid getting shut down for violating their ISP's AUP. This is like using a blow-up doll in the passenger seat to use the carpool lane. The spammers KNOW you don't want their crap, yet they try their hardest to force it down your throat against your will.

When a spammer steals another companies resources to relay through their server, that's theft (or worse if the effect is that the company goes offline due to the volume of problems associated with the spam run.)

The current crop of spam laws are broken watered down piles of crap. They don't fix anything. The penalties are too small making it too expensive to persue. On that front, you are correct.

We need a national spam law that provides for Severe penalties for forging emails for the purposes of selling products or services, pyramid schemes, stock scams, etc. We also need laws that prohibit the theft of relay services by US citizens / companies EVEN IF THE RELAY IS OUTSIDE THE US.

But, since we don't HAVE any good laws since all the congressmen are corrupt, we have to handle things ourselves. This is still "the wild west" on the internet.

This means that we have to go overboard on our protections. For those of you using your ISP for email, you are on your own. I run my own email server which means that I can be VERY picky on who sends me mail. Since I get VERY little overseas mail, I block ALL non .com, .net, .org, .us, .gov mail, and any IP address that doesn't resolve (RFC's be damned.) This cuts spam down 90% which is a HUGE win. The reject message gives info (one time key) on how to bypass the filter, and a whitelist allows sites with dumb admins to still send me mail. (I check for other things as well, such as known spam sites, dial-up addresses, etc.)

A secondary filter scans for SPAM signatures, again bouncing messages that match, with instruction on how to bypass.

End result is little to no spam (1 per week) out of several hundred attempts.

Unfortunately this doesn't work for most people, which is why we need Good Solid anti-spam laws with Massive punative damages. ISP's need to be able to sue for messages going though thier servers. Spam cases need class-action status so EVERYONE wins. Spammers actually need to GO TO JAIL, not just fined. This means corporate officers need to be liable for their companies actions for a change.

Re:Inconsistency..

[Pentagram]

It's interesting that none of these defenders of spam elect to publicly display their email. Perhaps they're not that keen on spam after all. You have to wonder how long their tolerance of spam would last if everyone who read their message decided to sell their address to a spam list.

Re:Inconsistency..

[Talsan]

As I remember, the law also allows ISPs to collect up to $2000 if they choose to fight the spammer, so the law covers companies as well.

-Patrick

Re:Inconsistency..

[rhanneken]

With spam, my consent is considered irrelavent by the spammers. They are sending me material, without my consent or my desire to see it. It costs me money to receive their spam, as the ISP is going to pass on the cost of their bandwidth utilization to me in the form of higher fees.

I have a few comments:

1. All email utilizes bandwidth, and hence imposes costs on your ISP and (indirectly) you. Should it be illegal for anyone else using your ISP to receive email?
2. A lot of non-commercial email is sent without the recipient's prior consent. Suppose a friend gives me a girl's email address because he thinks we might hit it off. I send the girl a short note introducing myself. Should that be illegal? Should the girl be able to sue me?

You can always avoid the costs of spam by not using email. If you choose to use email, you are doing so with the knowledge that you are going to bear the costs of spam. It would be nice if we lived in a world where those costs didn't exist, but we should consider the costs of achieving a world without spam. Lawyers and government officials always have their own agendas, and they care only about what they can get away with, not about the intentions behind anti-spam laws. Anti-spam laws would create legal risks for email senders and ISPs, and we'd all end up paying more when ISPs passed the cost of legal insurance to their customers. Personally, I'd rather just spend some time deleting junk email.

Re:Inconsistency..

And this is written where? While it's not likely I'd ever do busin
ess with a spammer it is not illegal to lie. Except may in a depostion.

ac

Re:Inconsistency..

[kafka93]

Who's defending spam? I was merely looking at what I perceived, rightly or wrongly, as a disparity between the stated opinions of internet users. And, while I don't think I put my case too well or gave it enough thought, I don't think I was trolling or flame-baiting. But hey, c'est la vie.

Here's another way to attack spammers

Here's how you can exhaust some of the business capital of spammers:

1) Go to your favorite web directory, where sites are paying per clickthrough, such as:

Overture.com
FindWhat.com
Bay9.com

2) Search on any of these keyword phrases:

email marketing
bulk email marketing
direct email marketing
bulk email marketing campaign
email marketing company
email marketing software
opt in email marketing
targeted email marketing
permission email marketing
marketing email
email marketing services
email marketing tool
optin email marketing
online email marketing
email marketing program
email marketing list
email marketing campaign
free email marketing
bulk email work marketing
email marketing strategy
email marketing solution
permission based email marketing
email marketing uk
marketing email list
target bulk email marketing
email marketing consultant
direct email marketing firm
precision email marketing
bulk email marketing software
marketing bulk email
marketing email service agent
direct marketing email
email marketing 98
email marketing service
targeted bulk email marketing
discount targeted email marketing
email marketing secret closeout
email marketing technology
email marketing consulting
email target marketing
business to business email marketing
html email marketing
opt in email marketing software
global email marketing
marketing via email newsletter and mailing list
email marketing system
email marketing benefit
targeted opt in email direct marketing
viral email marketing
marketing with email
direct email marketing australia
replynet powerful email marketing tool
email marketing arabic
mass email marketing
email lab marketing specialist
email marketing career
email marketing etiquette
marketing phd email list
optinpro opt in email marketing software
email marketing research

3) Start clicking away; some of these companies are paying five and six dollars per clickthrough!

In most cases, Slashdotters would exhaust a lot of marketing capital that these companies have. In a few cases, the company may not have set a cap on their spending, and a few hundred thousand frivilous clickthroughs would bankrupt them.

Way to go Bennett

[mcSey921]

This guy is great. I remember peacefire.org from back in the day. He helped me fight a censorware install at the schools at which I was teaching. I wonder if he is still selling those groovy t-shirts.

Re:Way to go Bennett

[CoolVibe]

I think he still sells those t-shirts (I own one :).

He's fighting a worthy cause. Buy some stuff from his website, he could sure use the support.

Yahoo filtering

[webwench_72]

Yahoo web mail has a 'bulk mail' filter, enabled by default, which works really well for me (and has the advantage of being free). I get perhaps 1 or 2 spam messages that slip through to my 'real' inbox; all the rest are successfully filtered. I would never use an ISP email account address for filling out forms, etc, either -- I use webmail (obviously), and if spamming gets out of hand, I can always get rid of a webmail account.

Re:Yahoo filtering

[OrlKorrect]

Hotmail introduced the same feature within the past year or so. Funny thing is, before the "bulk mail" feature, I got surprisingly little spam, with no filters on the account. Once it was there, it immediately began to fill up with approx. 10-20 spam messages per day; most of which, incidentally, were from @hotmail or @msn. Now most of the @hotmail and @msn ones go straight to the inbox. Makes me think they gave you that extra mailbox just to spam it.

Re:Yahoo filtering

[webwench_72]

That's no fun. I get maybe 2-5 a day on Yahoo.

Re:Yahoo filtering

[Colz+Grigor]

I thought the Yahoo! bulk mail filter was a good thing too, until I checked what it was filtering and realized that it had filtered out some of the non-spam mail that I wanted to receive.

::Colz Grigor

--

Good!

[orgnine]

Excellent that finally people are doing something about spam... not like some that are just passing the buck.

Personally I am fed up with tolerance people have for spammers. It is a very negative facet of the computing industry and a lot of people are plain turned off of e-mail because of spammers. Economy-wise, there is a negative trend that will continue to appear if spammers, fakes, phoneys, aren't given the prod with a very hot iron.

Help Fight Spam

The Original Spam

more info

[klip04]

there's quite a bit of info about this stuff at wa-state-resident.com

What are you doing to receive so much spam?

[wonder]

I'm a software developer, so suffice it to say, i get around on the net on average about as much as many other people who seem to be getting assailed by spam on a daily basis. I however, am not being assailed. In fact, i get virtually no spam at all. I'm on the (former) @home network, and have been for years, so i have a hard time accepting such innuendo that my isp is selling out my email address. Not because it was @home - i'm a skeptical pessimistic bastard most of the time, so i don't put it past any company to screw me over any way they can - but because i simply haven't gotten any spam, which must lead me to the conclusion that i haven't been sold out. So if i haven't been sold out, and i'm on the same network as thousands of other people who suffer from spam every day, i am forced to wonder, what are these people doing to invite the spam? I think "invite" is the appropriate word here too. I can't logically think of any other explanation. If you follow all those links that your "less technical" friends send you in email - nobody is immune from spam that your friends fwd to you - and sign up for all these newsletters and junk like this, you have to expect that your luck is going to run out and you're going to be sold out sooner or later.

You'll never hear me support spammers in any way, shape or form. I detest them and if i could banish them from our universe, believe me i would, but perhaps the blame doesn't rest solely on the spammers - they have to get your address somehow right? Maybe (if you're one of those people that suffer from spam) you should take a look at yourself and figure out what you're doing to aim that spam cannon at yourself.

Re:What are you doing to receive so much spam?

[Technician]

How I get lots of spam;

1 I opened a mailbox with a guessable name.

2 Didn't abandon it after 2 years.

That's all it takes is a mailbox that doesn't bounce that isn't a business address like microsoft.com. I joined an ISP when they broke ground and got the easy to remember randy@ on the domain. I guarded the address, but after about 2 years of a clean box, it became discovered and made someones list. Getting on a list is all it takes. Try it. Due to overload it is about impossible to get a randy@msn/yahoo/hotmail etc. box now. Look for a new local ISP in your area and sign up trying to get a guessable box. Don't ever use it, but check it often. Guess what, when the domain gets discovered, the guessable boxes get spammed.

Re:What are you doing to receive so much spam?

[walt-sjc]

Well, some of us actually have a life, and use email to communicate. Some of us had posted a message to usenet, a mailing list, or had it listed on a web page, or had registered a domain name. Any one of those will get you in a spam database. Even worse if you keep your email address the same for years, the volume of spam increases by a factor of 10.

As a test, I created a new email address about 3 years ago, and posted ONE message to comp.mail.sendmail. I then deleted the account. I STILL get spam attempts to that address, probably 2 or 3 PER DAY.

Bottom line is that you are an idiot. No one is "inviting" spammers any more than I'm inviting telemarketers to call me because I sign up for a credit card, or invite snail bulk mail because I want electricity (one third of my junk snail mail has the exact same hand-crafted misspelling of my name that I gave the power company (PG&E) a few years ago.)

It's that Girl's fault she got pregnant when she was raped. She shouldn't have been wearing that short skirt and should of been taking birth control pills for "just in case."

Yes, your "invitation" logic IS that stupid.

Re:What are you doing to receive so much spam?

[KjetilK]

Well, the problem is of course that I do solicite e-mail. I've got my e-mail address posted on every web page I make, and it obviously attracts a lot of spam. I've got this how to use a compass pages where I tell people that they may ask me questions.

So, perhaps you could say that I asked for it. I get about 10 spams a day.

But, there is nothing more irritating to surf pages and there is no contact information when you need to contact the publisher if you've got comments.

I'm not going to let spammers dictate that I can't let people send me their questions, thus making the internet less useful for everyone. The spammers are not going to win.

Re:What are you doing to receive so much spam?

Write some free software. My e-mail address shows up in lots of documentation connected to my stuff, and various mailing list archives. The documents and archives show up on web servers all over the place, web robots latch onto it, and then I'm screwed.

My address was pretty much clean until the last year or so when my software really started getting around . That and the entry in the Linux CREDITS file doesn't help.

Sooner or later I'm probably going to have to consign it to the bit bucket and craft a new one that has some really bitchy requirements, such as verifying the sender's PGP signature. I've already lost an entire domain to spammers since we (me and my users) used to post to Usenet from it in the mid-90s.

Re:What are you doing to receive so much spam?

What am I doing to receive spam? Well, I registered
a domain. So my administrative contact address is
available through WHOIS.

Isn't it ironic...

That Bennet, one of the most vocal anti-MAPS whiners (because his website, peacefire.org, was listed on MAPS. This was most probably done by his ISP who moved it into an ip range infested with spammers and on the RBL), it getting notice for suing spammers.

I certainly hope that more spammers get sued, but I also hope that more blocking lists, like my current favourite SPEWS, blackhole more spam tolerant ISP's. If peacefire weren't on a spam tolerant ISP, they wouldn't have got onto the RBL.

Should MS jump on the bandwagon?

With the amount of spam going through Hotmail these days, you'd think MS would want to help in the fight against spam, just to save some Hotmail resources. Aren't they always concerned about the "consumer"?

Money from a turnip

[The+Panther!]

It's about as likely to get a significant enough settlement to cover lawyer fees and a bit more for spam, as it is to sue indigents for damages when they spit polish your windshield.

Spammers are by nature in the lowest percentile, or they wouldn't be spamming. Perhaps it would be lucrative for some ambulance chasers to 'buy' the rights to prosecute--the way they buy patent rights for prosecution purposes today--then at least someone could make a buck off it on average.

spam back

[diesel_jackass]

I've tried spamming back people who spam me, with thousands of emails, and random subject and bodies. That makes me feel good. It is a hog to run on my computer though.

Now i just send them a bill with PayPal. I haven't had any responses yet, but i think they definitely owe me something for wasting my time, bandwidth, and storage. Maybe some lame spammer will cave and pay me the $30 that i billed them

See, here's what I don't get..

[jabber01]

If the spam doesn't have a valid email address, and doesn't provide any reliable contact information by which to track down the offenders, how can the spammers expect to hook anyone on their crap schemes?

After all, if it is just as difficult to chase down the spammer, as it is to try and take advantage of whatever they are offering..

I can see how this might work for some types of spam.. The 'hot stock tip' bit for example simply counts on someone out there buying a stock to drive up the price..

But when there's a product or service involved? Whom do you pay? And if you know whom to pay, you know whom to sue..

I get as much as a few dozen bits of spam each day at my 'public' address.. And these are the ones that I can't 'umbrella' filter by country, domain, etc.. Most of these are not even in English, or from the US.. Spam laws don't work in the areas most responsible for pumping out spam..

Sad waste of bandwith, tis all. And the spammers are counting on the fact that it is much easier to simply delete their crap than compile, research and file suit.

Re:See, here's what I don't get..

[nomadic]

A typical strategy is to first get you to reply. Once you do that they already have you; they'll sell your name to other spammers. Then they continue from there. I just loaded up my hotmail account, which I don't care too much about getting junk mail on, and opened a random mail:

Recession Buster Stop watching your stocks and mutual funds lose money!! The average investor lost 15% to 50% of their portfolio! Our clients earned a fixed return of 36% per year getting paid 3% monthly Fully secured by Account Receivables and by a multi-million dollar company! This is the great equalizer of the stock market! This is a Limited offer! Minimum $10,000 Investment! A representative must speak with you to verify your information before your free information is sent out! Click the link below to get started. http://www.opt-invalues.com/optin/usa10k/index.htm l

Now just the address itself has the word optin twice. If I look it up on whois it's registered to a P.O. box in LA. If I was in Washington, and got this after asking to be removed from their list, what could I do? The expense and trouble of tracking the owner down would probably cancel any monetary damage I might sue for. Even if I did track them down, they could just say that page on the server is run by someone else, who registered anonymously (of course, I'm assuming this is a scam; maybe they can really give me a fixed return of 36% on my investment, and they wouldn't really take my $10,000 and disappear, but the chances of that happening are somewhat nonexistent). To track most of these guys down would require a lot more than a case in small-claims court. And all they need is one person to fall for it, and they've made money.

Re:See, here's what I don't get..

[13013dobbs]

That spam is from Bruce Connelly and/or Ron Scelson out of Slideall, LA.

Re:See, here's what I don't get..

[jwhyche]

I see the same problem with these antispam laws. You can only sue the spammer if you can get an address of the spammer. Since most spammers use false addresses, it makes them almost impossible for the unknowing to track them down.

Instead of suing the spammer write the laws so you can sue the company advertising with spam. Target the laws at people advertising with it and it no longer becomes profitable.

Re:See, here's what I don't get..

[roystgnr]

Target the laws at people advertising with it and it no longer becomes profitable.

No, but then it becomes loads of fun to wreak havoc on any person or company you don't like by sending out anonymous advertising spam in their name...

Re:See, here's what I don't get..

[Nater]

The expense and trouble of tracking the owner down would probably cancel any monetary damage I might sue for.

I agree. The effort and expense required for one person to prove that a spam came from a particular source and violated a particular law is probably enough to cancel the benefit of winning the case. However, the spam likely went to thousands of people within the jurisdiction of that particular law, and the source and violation need only be proven once. If a dozen recipients sued together and were each awarded some payback by the court, then the cost of the case is pitted against twelve times anyone's individual award. The problem is organizing the recipients into a group.

No Inconsistency

[Steve+B]

If we have the right to send email to whomever we please, and to do so without the content of our email being checked by a third party, shouldn't that privilege extend to companies wishing to promote a product - however irritating it might be?

The issue here is one of property rights, not speech rights. Freedom of speech does not cover spamming for the same reason it doesn't cover painting graffiti on people's houses.

Re:No Inconsistency

[kafka93]

I suppose I was forgetting that people do pay for access to their email; however, it seems to me that the burden with email has *always* fallen upon the recipient in all areas: I'm on a load of mailing lists, and if I don't want to receive email from certain people, it's my job to block them out, and not their job to stop sending to me.

And I'm not certain that this can be seem as an issue of property rights as opposed to speech rights. If someone speaks to me, then the act of listening and processing what they say requires energy, which ultimately costs me money; it's not for the sender to know whether I'm interested in what they have to say or not, and they can't be held directly accountable if I'm irritated or bored by what they have to say. Spam mail is like lots of people all talking nonsense at the same time - tiresome, a pain in the neck, but nonetheless a speech issue.

Of course, in real life if somebody keeps following me around and talking to me against my wishes, I'd have a restraining order issued; I don't think that's really practical, though, when it comes to email - and my original argument was principally about what constitutes a pragmatic solution to the problem.

Re:No Inconsistency

[BAKup]

Well, those mailing lists your on is 99.99% of the time you signed up for the list. No one here has a problem with mail lists like that. It's just when a spammer just randomly picks addresses(or buys a list of addresses) and mails out spam, that's where the problem lies. It takes up *my* resources to receive something I don't even want at all.

And I do feel that it needs to be practical to put a restraining order put on someone who spams. I consider it to be the same as junk faxing, and there *are* laws against that.

Re:No Inconsistency

[dubl-u]

[...] and my original argument was principally about what constitutes a pragmatic solution to the problem.

In today's fast-paced world, I can see that you may have forgotten what you wrote half an hour ago. But that's no reason not to look.

Your post was titled "Inconsistency" and three of the five paragraphs talked about a perceived mismatch between the desire for free speech and fighting spam. So saying your post was "principally" about your suggestion that, gosh golly, people besides the end recipient should be allowed to sue is a bit of a stretch.

And given that a whole ten minutes of research would have shown you that server admins can and have sued for relay runs, we can presume you didn't get modded up to 5 for the alleged core of your post.

Of course, in real life if somebody keeps following me around and talking to me against my wishes, I'd have a restraining order issued

Now you're getting it. If somebody parked outside your house with a bullhorn to persuade you to buy their Amway products, you could have them hauled off.

The right to free speech is the right for people to communicate without government interference. It is not the right for me to force you to listen.

Re:No Inconsistency

[BadDoggie]

I'm on a load of mailing lists, and if I don't want to receive email from certain people, it's my job to block them out

Correct, because YOU SIGNED UP FOR A LIST! You can also unsubscribe. I subscribed to NO list and it is impossible for me to unsubscribe to the spam. Furthermore, legitimate lists are rather easy to block, since they use legit headers, standard formats and usually, standard subject lines. This ain't the case with spam.

then the act of listening and processing what they say requires energy, which ultimately costs me money

Wrong again. If you want to listen, that is your choice. It does not cost you money to *hear* someone, and you are able to walk away. If you are NOT able to walk away, there are a number of harassment and assault laws which cover the subject. As you stated yourself, you can get a restraining order. Not so for spam.

Spam costs ME money. Someone else is advertising and expecting ME to pay for it. This has been made illegal in every other form (and there have been some very interesting postal fraud cases as a result). The New York State junk fax law is most likable to this situation, where costs to the advertiser are negligible and costs to the recipient are not.

You cannot legitimately and logically defend spam based on its own definition. It isn't spam if I ask for the mail, and I've never, ever asked someone to send me any sort of advertisement. Not even when they've been willing to pay me to read it. How can you logically expect me to bear the costs of advertising your scam?

A couple good links (I'm already karma-capped):
New York Law Journal (Sep. 1997!)
How to use 47 U.S.C. Section 227(b) [Telephone Consumer Protection Act] against junk faxes

woof.

This is not a sig.

This works well...

Run your own email server. Only publish aliases that you change regularly, say every 3-9 months. Forward *all* email that is not properly addressed to one of the spam services, or to a porn site (example: forward to webmaster@whitehouse.com).
Generate a separate email alias per registration needed, such a ebayal2@, webal33@, etc.

Your spam will drop to near zero.

Re:This works well...

Back up another level. You have to own a domain and control the DNS on it, but it's much better in terms of sticking it to the abusers.

Create limited-use addresses using the *right hand side* of the @. If you have foo.com, create a subdomain within it like "spamtrap", then give it a wildcard MX - i.e. *.spamtrap.foo.com MX 5 foo.com.

Obviously you have to do some magic with your MTA to make it deliver anything in there to you, but it can be done.

With that done, you can give out addresses in the form of whatever@anything.spamtrap.foo.com. When that gets abused, you screw 'em by breaking it out of the wildcard:

anything.spamtrap.foo.com MX 5 warez.slashdot.org.

... or whatever your favorite alias for 127.0.0.1 happens to be.

Personally, I point the MX for these abused sub-domains to a box that runs a nasty little looper on port 25. If you hit it on port 25, it hits you on port 25 and copies bytes back and forth. So, if you're an open relay, you hammer yourself to death unless you have loop checking.

BTW, I recommend this because there are idiots out there who will keep mailing never-valid addresses forever. Read about "Nadine" - http://www.honet.com/Nadine/

Going After Spammers

Some of you may like this ;-)

For a while now, my company has been in "hot pursuit" of spammers. Getting them for the message itself is mostly a grey area legally (the Washington state makes an exception), but using corporate resources without authorization is illegal. So we send them hefty invoices (for relay easily in the $500,000 range) and enforce them worldwide with the help of a collection agency, which adds 48% to the original cost to the spammer (we operate under the assumption that none will pay voluntarily, and all cases go through the full court process).

Currently there are $1.2m pending in courts, 90% in the US, the rest in Japan and Korea. And a vast majority has not even been invoiced (we have spent a ton of money on that already, but it does take time to research proper addresses to serve documents).

The goal is to get a few major judgements against the people who have their goods promoted this way (if we can collect on that, is another issue; and they can see if and how they can collect from the actual spammers). Once that is done, and press releases have been issued, we hope it sends strong enough a signal to spammers and their clients to stop it worldwide.

Any surplus beyond covering our costs will be donated to the EFF. Top EFF lawyers were very helpful in validating the legal approach. We are not looking to make a profit on this.

For more information see:
http://www.meliorinc.com/html/policies.html

[Why? We were shut down once too often by relay, at a time when we had to keep some servers open for special customers]

(I didn't remember my SlashDot login, and the password didn't arrive yet via e-mail - sorry for the "anonymous" sender address)

Thomas J. Ackermann
CEO
Melior, Inc.

Radio Shack (not quite spam)

[Sammeh]

Not quite spam, but I remember a month or so ago, that a user billed spammers at the rate of 125$ per hour with a minimum of 10 hours to filter out their email to his/her domain.

Anyways, recently, Radio shack posted my home phone number as one of their local stores. I emailed them a couple weeks to change it and got no response, so I gave them a notice to remove it within 24 hours or I'd bill them the same amount (1250/10hours), to route their phone calls to the correct store.

I went to the store and they also have it listed on their reciepts and said they're having it listed in the phone book. They told me that they shipped in the notice to not print it in the phone book and were working on the reciept prints, but the website was up to corporate, so that's who I'm billing.

They have until 5:32 tonight to change the number on their website or they're getting a daily invoice.

I don't care if it works or not, I'd love the cash, but I'd love even more the phone to stop ringing off the hook, its worse than spam.

Re:Radio Shack (not quite spam)

[laserjet]

haha. that is hilarious. it must suck to have that problem, but i hope you get your money. very funny that they could be so stupid. the amazing thing is how slow corporations move. It would probably take one person one hour (or less) to get your number changed. oh well. if I were you i would start answering the phone "Radio Shack, this is Rupert" and be rude to their customers and drive them away from the store. It's what they deserve if they don't correct their msitakes given ample time.

Re:Radio Shack (not quite spam)

Interesting idea. I'd go to that Radio Shack store first and jot down a few names from the employees' nametags. Then when your phone rings you can introduce yourself and such-and-such.

:-)

Re:Radio Shack (not quite spam)

Obviously, you should pretend to be the local Radio Shack. Tell them that you're giving away free remote controlled cars or something, and to come down right away.

See what happens. :)

Re:Radio Shack (not quite spam)

[anticypher]

Bill them, on a daily basis. Find an accountant to verify your invoices are legal for your state and have all the required information.

In the meantime, any calls for RatShack should be handled 'special'. Have you seen the story (possibly UL) of the woman who started getting calls for the big hotel in town? She started taking bookings for people, arranging marriage receptions, promising excellent deals. When the people showed up at the appointed time, the hotel had no clue what to do, and often had to deal with very upset crowds of people. Eventually the hotel manager promised to change their adverts and the calls trickled off.

So do the same thing. Tell people about the one-day-only-90%-off sale, and to claim the reduction the secret phrase is '$MANAGER is an idiot'. Claim that the store was shut down temporarily due to a cholera outbreak, but you hope to be open soon, and that if the person had been in the store any time in the previous month, to seek emergency medical aid immediately and send the bill to the store. Use your imagination (or google if your imagination isn't devious enough).

the AC

Re:Radio Shack (not quite spam)

[ryanvm]

Anyways, recently, Radio shack posted my home phone number as one of their local stores. I emailed them a couple weeks to change it and got no response.

You need to tell Radio Shack that you're going to start playing practical jokes on their potential customers - that will get their attention.

When you get a call for Radio Shack, just bullshit the caller and act like you don't know anything about electronics. Oh wait - that won't work, that's what happens when you call the real Radio Shack.

Re:Radio Shack (not quite spam)

[dbc]

The phone company can intercept all calls to your number with a live operator that will ask "Good morning. What party are you trying to reach?" and route it accordingly. The do it for important customers. Have Radio Shack pay for this service for you until they sort it out. Or, have them pay a temp agency for a receptionist to sit by your phone all day until they fix the problem.

Re:Radio Shack (not quite spam)

[Sebastopol]

She started taking bookings for people, arranging marriage receptions, promising excellent deals

i don't buy that story. if someone dials the wrong number and you take them for a ride, i think a judge would be inclined to spank you pretty hard for fraud.

Re:Radio Shack (not quite spam)

[gordguide]

Here is how you document your billing. Charge $60/hour plus telephone charges; you are entitled to markup telephone charges by any reasonable amount (try 150%).
Answer the phone, be polite, and mention to the caller that you will connect them. Do a 3-way call which uses your phone companies service and is billable to you.
Result:
No monitoring of the line/call is necessary; (recording without permission is illegal, mostly) the phone company will provide very well documented, court-accessible documentation for your billing. You will be able to charge interest on any unpaid invoice pretty much from day 1; and the remedies for collection are much simpler (any civil court).

This would require reasonable notice to Radio Shack, but I'm sure it would hold up, and your damages would be accepted without bullshit arguements about what exactly is owed.

Re:Radio Shack (not quite spam)

[cheebie]

It depends on how you word your responses.

Customer: I'd like a reservation for two people on the tenth.
You: Okay. How many nights?
Customer: Three.
You: Okay, I have you down in my book as wanting a reservation at the Megatel in East Nowhere for three nights on the tenth. Is that correct?
Customer: right.
You: Thank you.

Notice that you never actually said you were making a reservation. Just that they wanted to make one.

(Warning: I'm a smart-ass, not a lawyer)

Re:Radio Shack (not quite spam)

[chriscrowley]

You have to submit this as a story for Slashdot. There are tons of suggestions you can get for this.

Two Spam Rules will change your life! Send $19.95

[The+Panther!]

I guess you don't have any dipstick friends who think online greeting cards are cool? Those are spam list generators that you have no control over. If you post on a Usenet board and don't mask your return email and spam-proof any email address in your post, you're asking for it.

I do a fair bit of buy/sell/trading of computer hardware online, and I've noticed even with spam-proofed everything, I've seen an increase from 10/day to about 30/day in a few months. Once you're on a list, it's guaranteed to be merged with larger lists and resold. Just one spammer typing in addresses manually can demolish your email account. They never do this, though... they're spammers because they're lazy.

But, I combat it very effectively. I set up two mail rules.

• Anything with known phrases that are spam, known subjects that are spam, etc, get moved to a JunkMail folder and marked as read.
• Anything else which does not contain keywords I find interesting, and does not come from people in my address book, get moved to the same folder and marked as read.

This way, I've rejected about 95% of the spam I get, and only occasionally find new keywords to reject or passthrough. True, I do "pay" to download and store the spam locally, but I'm on broadband and delete the JunkMail every day anyway. At some point, when I'm pretty confident that I get all the mail I care to read, I'll change the rule actions to delete immediately.

The important thing to remember is once you've gotten on a list, you'll never get off. And at that point, it's not a matter of bellyaching about it, but being pro-active, because spammers are putting (some) effort into mail bombing you.

What about distributed ani-spam?

[zkosky]

I don't know much about this stuff, but couldn't you have a Gnutella-like system in which people contribute to a list of known spammers. It wouldn't be maintained by one anti-spam company or prog writer, but many people who ban together to build a distributed DB of spammers.

One problem with this would be the obvious way in which someone could play a bad prank on someone else by adding the poor bastards name to the list. A possible way to overcome this would be have a minimum number of complains about one spam, after which their name would be added to the list.

Anyway, what do you think?

PS. I think I might have read about something like this as an open-source project... "razor... something", so don't think I'm being original or anything.

Honey, you're scaring the children

Comment removed

[account_deleted]

Comment removed based on user account deletion

Tidbits did this too

[frankie]

Tidbits (a MacOS maillist & web site that happens to be based in Washington state) sued a spammer in 1998. They won in 2000, but by then the spammer had fled across different state lines a dozen times, and you have to file new paperwork every time. They eventually gave up on collecting from him.

The article doesn't specify if Bennett has actually received money yet, or just a judgement. It's quite possible he won't see a dime.

Re:First Moist!

Mmmm...green jizz and spam...

Other States?

[Capt_Troy]

Does anyone have any information on how to persue payment from spammers in states other than Washington? Do any other states have similar laws? I live in Oklahoma and as far as I know, we don't have any such law.

Thanks,
Troy

Laws shouldn't allow for suing spammers...

[Dimensio]

Spamming should be a capital crime. Seriously, if the penalty for deliberately sending out unsolicited bulk e-mail was death, we would have a lot fewer spammers in this country. Of course sometimes you have the problem where a US-based company spams but uses an offshore spammer to do it. In those cases, long periods of incarceration for knowingly arranging a spamming run would be sufficient, IMO.

Re:Laws shouldn't allow for suing spammers...

[bero-rh]

If you actually take the time to read the spam, you can get much harder punishment for spammers.
Simply be creative in what you report.

"MAKE MONEY FAST": Report them to authorities not for spamming, but for fraud. Punishment is much harder.

"LOOK AT MY XXX SERVER!": Report them for sending pornographic material to children (spam will ALWAYS reach kids as well...) - at least in .de, this can get spammers to prison for a couple of years.

Other spam: If you're running your own mail server, call it theft of service (your mail server's resources were abused against its terms of use -- therefore, it's theft of service).

I've actually tried the second variant on a major repeat spammer; the court hasn't come to a decision yet, though.

Spamming == Terrorism???

[Capt_Troy]

If we considered spamming to be an act of terror (I don't know about you, but I am often terrorified by large ammounts of spam) then it would be perfectly fine to send some B-52s over there and blow the living daylights out of them!

Re:Spamming == Terrorism???

[torgosan]

Can we also manage some collateral damage for the brain-dead admins running open relay boxes?

The spam I get typically originates overseas but always comes through a box here in the US, like the crap spewed through phillytvnews.com yesterday.

Spammers suck and those that help them swallow.

Re:Spamcop LAWYER SYNDICATE

This brings up an interesting dillema. Is it worse to feed the sharks(lawyers), or let the spammers run free.

A countryman between two lawyers is like a fish between two cats. -- Ben Franklin

DON'T spam back

[bero-rh]

While it's tempting to mailbomb spammers, it just increases the problem.
It doesn't just boggle down your computer, it also affects your ISP's (innocent) mail server, and all the hosts that happen to be on the route between you and the spammer.

Oh, boy!

[YU+Nicks+NE+Way]

Now I can expect to get a bunch of e-mails with headers like "Make money fast! (WA residents only).... beeblebrox".

Oh, wait. I already do.

Congratulations to Slashdot...

[germinatoras]

for the world's first Meta-Spam

Make Money Fast!!!!

[s20451]

Dear Friend,

This message could CHANGE YOUR LIFE. Are you tired of a go-nowhere job and a clogged inbox? You can make THOUSANDS OF DOLLARS FAST by SUING SPAMMERS! Our patented technique is GUARANTEED to GET YOU RICH using anti-spam laws that only our experts know about!!!

Steve D., of Omaha, Nebraska, writes: "I couldn't believe that I could actually MAKE MONEY FAST by SUING SPAMMERS! Now I make $10,000 a month just for receiving spam. You guys are great!"

To access our SPAM LAWSUIT SERVICE, send a $50 (US) cheque or money order to: Secret Illegal Account, Cayman Islands Holding Corporation, Grand Cayman. Don't miss out on your chance to CASH IN on SPAM!

PS. This is a one-time mailing. To be removed from future mailings, please go to http://www.ha-ha-ha-up-yours.com and click "Remove".

Laws DO reach beyond borders!

[zmokhtar]

Yes and no. Remember that spam is an advertising tool that companies/individuals use to draw you to something. If you live in the U.S., then companies that try to advertise to you will most-likely also be in the U.S. I don't think it matters where the SMTP server that the email bounced off of is, it just matters where the person wanting to advertise to you is.

In most cases, this will be the same country that you live in. We can also assume that Europe will jump on the band wagon and pass similar laws. This leaves 3rd world countries. Now you have to remember that not only do the servers have to be in the 3rd world country, but also the company soliciting also must be in the third world country in order for them to remain immune.

Does this mean..

[rmadmin]

that if the 'Click here to remove yourself' is broken, and I go to the actuall site, and find out their address and yada yada I can take them to court for not compling completely with that FCC law that requires the 'click here to remove' to be at the bottom of the e-mail?

Also, I have root@ along with others for my 3 networks forwarded to my mailbox. Most of them have that page that says 'Put your e-mail in this box' to add you to 10 other lists...err.. I mean remove you from our list.. How am I supposed to do that when its to 'Undisclosed Recipients', and I have 50 addresses?

originate

[www.sorehands.com]

That is true, but much of it originating overseas is for products/services from the USA. There you get them.

mostly through out-of-court settlements?

[Jburkholder]

>Martin Palmer, also from Washington state, claims to have collected over $18,000 from spammers, mostly through out-of-court settlements

Getting cash from spammers is good, but wouldn't it be better in the long run to get an actual judgement? Seems like a string of judgements would set some precedents that would help the cause for future cases. Taking cash in exchange to drop the court case might punish the individual spammer in the short run, but I would think getting more $500 judgements on the books would be far more damaging.

Heh... he said spam.

I had lots of spam from Postmaster General, but i got filters set up on my email proggie. It eventually dwindled down. The Spam Offer helped a bit...

lazy Anonymous Coward that can't be bothered to create an accout.

Spam works

[stabbs]

Spammers wouldn't spam if it didn't work! If no one replied to spam, there wouldn't be any money in spamming, therefore no more spam. Let the marketplace take care of spam instead of trying to pass nebulous laws with great potential for abuse.

Re:Spam works

[psxndc]

What is your definition of "didn't work"? If the spam is coming from some $cr!p+ |psxndc

Dipstick Friends?

I've had an @home account for just over 4 years. I use it regularly, I register for various services with it, and I publish it openly (Just not this instance: I'm sure SOMEONE would make it a personal vendeta to sign me up for every pr0n list on the planet ;^) ).

I get at most 1-2 spam messages a week. Period.

You want to know why? I don't have dipstick friends. Anyone so blindingly ignorant as to send me garbage email (the same people who "FWD:FWD:FWD:FWD:Hello! Outlook Virus Enclosed" I figure) don't deserve to even speak to me, let alone be considered a friend.

Don't take it! Tell your "friends" what they're doing wrong, why it's wrong, and why it's stupid. If they don't understand, forget their phone numbers and k-line their arses ;^)

So *that's* what it meant...

[Jeremi]

when it said "MAKE MONEY FAST" :^)

Oh come on!

[Gannoc]

The title of this article should have been "MAKE MONEY FAST!!!!"

A golden humor opportunity thrown away.

For IMAP Users

[mcowger]

FOr those of us that use IMAP on a server we dont control (many college students, company users) but that have access to a Unix machine, we can use a beautiful app called, strangelely enoughm imapfilter

I have set up some spam filters for it, and they generally work very well. Here is my script for removing SPAM - it hasb't caught a bogus one yet:

filter spam or
subject "Cat"
to "unlisted"
to "undisclosed"
from "WeatherBug"
subject "Animals"
body "Nigeria"
body "Virtumundo"
subject "Casino"
subject "Payout"
subject "win"
subject "won"
subject "free"
subject "back"
subject "SaveBig"
subject "Breast"
subject "Natural"
subject "Rates"
subject "teen"
subject "lesbian"
subject "sex"
body "teen"
body "sex"
body "lesbian"
body "Merchant"
subject "Money"
subject "mortgage"
subject "loan"
subject "irs"
from "Cyberworld"
subject "$"
from "Dialpad"
subject "DVD"
subject "Debt"
subject "Judgement"
subject "Dollar"
from "email.ro"
subject "%"
to "Valued"
to ".ru"
from ".ru"
to "$"
from ".ar"
to ".ar"
action move SPAM

Anyways, have fun all.

Domain Registration!

[dbc001]

I registered a virtual domain in 1998, and it expired in the summer of 2000. Many of the spammers use addresses that have been pulled from domain registration databases, and even though I havent had a website since summer of 2000, I regularly get email with a subject line that says "I saw your site".

Re:Spamcop LAWYER SYNDICATE

[zelyan]

Well, I guess we just have to decide which is worse, idiot-chasing spammers or ambulance-chasing lawyers...

Anyone else on the fence?

Jeff

Same Guy?

Is this the very same "Bennett Haselton," of Peacefire infamy, that was bitterly complaining in news.admin.net-abuse.email about how the IP block he was in was black-listed because of all the spam coming from it and about how unfair that was? Even after it was proven to him that his ISP moved him into that IP block knowing full well that it was black-listed? Pretty funny. I imagine NANAEites will have a field day with this little bit of news :-).

Regardless: glad to see a spammer spanked no matter who administers it.

Spews == joke

[13013dobbs]

When are they going to list a large ISP? So far they have listed some ma & pa ISPs, but when are they going to list something big?

Irony...

[Jay+Maynard]

Am I the only one who thinks it's ironic as hell that a guy who's done more than just about anyone to hurt the fight against spam is making money from it?

Re:Irony...

[mvdwege]

No you're not.

I am still rather new at combatting spam, but I subscribed to news.admin.net-abuse.email just in time to see the whole-of-nanae vs. Bennet Hasselton flame war in all its glory (and the Hipfloods of course). Bennet was not doing his cause any good in that discussion, and his prolific public defense of Media3 definitely served to paint spam opponents black.

Mart

GroupLotto

[Pathetic+Coward]

About half the spam I get is from GroupLotto. Anyone filed suit against these email terrorists yet?

Re:GroupLotto

I used to get a bunch from them too. I finally used their "opt-out" link. It took 3 or 4 tries, but they finally stopped, and it doesn't look like they sold my address yet. My case is probably the exception though.

SpamBouncer for Windows

[Pathetic+Coward]

Do SpamBouncer equivalents for Windows mail programs (Outlook Express, Netscape Messenger) exist?

(No Microsoft flames, please. I have to use the damn thing.)

Re:SpamBouncer for Windows

[Binestar]

Well, if your ISP allows use of procmail, you can use procmail to just scan all the mail and flag is with X-Spambouncer: headers which you could filter on in your mail client. Other than that I'm not familiar with any microsoft based spam filters, as I've not needed to use them.

Re:SpamBouncer for Windows

[Cheetah86]

This is just an idea, but wouldn't it also be possible to make a norton-like* proxy that all your email gets filtered through with a spambouncer type filter system?

*Norton antivirus has a POProxy which, if installed, makes your mail client go through it and it filters all incoming mail for viruses.

plenty of u.s. spammers - try this one

this idiot spams for a living.

dfrosh@svn.com

uses his own address too. moron.

Good Spamcop, Bad Spamcop

[fm6]

Spamcop's header parsers are very handy. But I'm beginning to wonder if their complaint system is a good idea. Most of the time it works well, but there are a few savvy spamsters who use the complaints to harvest or verify addresses. This will soon catch on.

The big disappointment is their non-free email proxy. Requires too much manual intervention, which kind of defeats the whole purpose. What I'd give for a simple "prove that you're not a spambot before you send to this address" filter!

Evil Counterstrike hmmm...

What if we start keeping all the spam-bot addresses. Use spam-bot addresses at other spammer sites. They (spam-bots) always auto-reply which will spawn another autoreply-reply ad infinitum. This could cost spammers a few megs-gigs/day in bandwith.

Hackers On Planet Earth

New Hampshire

[Pathetic+Coward]

or New Hampshire?

...and an idea for Software Aided Spam Litigation

[anvilmark]

Yes. This *begs* for Class Action. Do the research once, send one notification: "...we have 10143 litigants persuing 500 dollars each...".

Now, we get to the interesting stuff - how would you get all your participants? Sounds like an open source project to me.

Develop an application that people can download that scans through their mailboxes daily looking for known spam messages. If it finds one the users name is added to the litagant list. Participants should be able to use the application to designate certain messages as potential spam, those messages are funneled to a central repository for research and, if deceptive, legal action.

Now *this* sounds like a business opportunity with "unlimited potential"!

(All rights reserved...anyone using this idea *must* let me participate!) :)

Don't know

[CaptainSuperBoy]

I don't know if many people do respond to spam. My suspicion is that a lot of spam is from first-time, single offenders. After they see they didn't get any business, and get smacked down by their ISP, you have an ex-spammer. The problem is that there are a hundred morons waiting to fill their shoes - the supply of first-time spammers is endless. The repeat offenders in the spam game are spamware vendors and spam-friendly ISPs.

History has also proven that we can't trust people to do what is best for themselves and society. If everyone did the right thing in terms of 'voting with their dollars' we wouldn't need laws against confidence games and fraud. The fact is, there are a lot of gullible people who are looking for a free lunch, who will probably be taken for some money by a scam artist. It's no different from spam - you can't count on everyone using their best judgment.

Re:Don't know

[robogun]

That's a bunch of shit. When you get your own domain, soon your contact email will be flooded by spam. The spam is from the same group of hard-core spammers. See spamhaus.org for the list. Thir MO is to blast and blast repeatedly. Ralsky hosts his spamsites off a cable and changes domains on a 3-4 day basis. You will sooner or later get his CONGRATULATIONS FREE VACATION timeshare spam or his BERRYTRIM WEIGHT LOSS "banned affiliate" spam -- guaranteed. There are several outfits like that that might be called serial spammers, and they are responsible for 90 percent of the spam volume. Ralsky has been sued successfully in MI and WA and yet he still spams.

Well..

[macdaddy]

Not to knock your data, I must say that it's commonly recognized that 70% of the spam actually comes from the US. Much of most people see as foreign (to the US) spam doesn't actually originate from there. It's usually a US-based spammer like Alan Ralsky with a US ISP relaying spam through a foreign open relay. This is really really common. In fact almost all of the Ralsky spam I've received lately originated froma Broadwing.net dialup (a known spam supporting ISP: BLOCK THEM!) and was sent through a foreign open relay. Hell I've even seen Ralsky abuse a NASA owned open relay. This isn't to say that foreign countries don't spam. Many people have great luck in filtering on TLDs or netblocks of foreign countries. I've heard of people filtering all of China's netblocks, as well as the .cn, .tw, .jp, .ar, .br, and more tlds and having little foreign spam left in their inbox. I can't justify doing that at a provider level but I can justify recommending it to individuals that never correspond with people in those countries. Give it a try sometime and see how you like it. Use the procmail 'clone' bit to test it.

Re:Well..

I used to have a cool sig but people replied to it more than they did my comments.

What was it? Now I'm curious!!

Register a Domain!

That'll get you spammed to death!

Also, I have a backup email account with PacBell, the address of which which I have NEVER given out. It gets 3 to 5 spams a day. THis forces me to conclude that either Pac Bell sell the info, or that their network is massively compromised and sniffed.

What does $5000 per day mean?

[CleverFox]

What does $5000 per day mean? Per day I receive spam? The Tennessee spam law reads:

(2) If the injury arises from the transmission of unsolicited bulk electronic mail, the injured person, other than an electronic mail service provider, may also recover attorneys' fees and costs, and may elect, in lieu of actual damages, to recover the lesser of ten dollars ($10.00) for each and every unsolicited bulk electronic mail message transmitted in violation of this section, or five thousand dollars ($5,000) per day. The injured person shall not have a cause of action against the electronic mail service provider that merely transmitted the unsolicited bulk electronic mail over its computer network.

Re:What does $5000 per day mean?

[gordguide]

" ... the lesser of ... "

This law states you will are entitled to damages of $10 per spam-mail. Should you recieve more than 500 spam-mails you would be limited to a maximum damage of $5000 for the occourances of that day (probably based on time/date stamp).

Re:What does $5000 per day mean?

What this means is that you can either collect:

1) The cost of damages from the SPAM plus attorney's fees and court costs

or

2) $10.00 per SPAM received, up to $5,000.00 per day. If the number of spams * $10 $5000, you get $5,000.

The equation resets each day. So if someone sends you a shitload of SPAM each day, you could potentially rack up $5000.

Yeah, and now he has to try and collect. Good luck

[DirkDaring]

A lawsuit is easy to file. Winning is just as easy in a case like this. No lawyer needed.

Actually GETTING your money is the hard part.

He won't see dime one of 4 grand.

Dirk

Reminds me..

A few years ago, some chick (evidently named "Leanne") moved, and gave everybody MY phone number (instead of hers) by mistake.

I was doing shiftwork, and would get woken up at all hours for people asking for "Leanne"..

After two weeks (she evidently hadn't done anything about letting her friends know her real number) I was woken up by someone asking for her..

My response was "No, she died - she was hit by a car coming home today."

The girl at the other end was mortified, and we went through the usual "I'm so sorry, is there anything I can do, etc.."

I thanked her for her support, and told her that there would be an informal wake on Saturday, 11AM, at Leanne's house.

I never recieved another call after that. (I'm guessing she got the message.)

Bothered by Spam? Blame Tolkien.

[Merry_B.Buck]

At least, according to this timeline, we might need thank Tolkien for more than lembas. Intrigued by Google's USENET archive, I tried to hunt down the origin of the word "spam".

EFF and Wired both give the party-line answer: the word derives from MUDs (Multi User Dungeons) of the late 80s to describe "unwanted stuff", and came from the Monty Python spam sketch.

The USENET posts I found, though, flesh out the story a little. The origin seems tied specifically to TinyMUD, written by Jim Aspnes, inspired partly by Zork and earlier PDP-10/11 MUDs. TinyMUD was launched in August of 1989. TinyMUD's advantage over other MUDs was that visitors could not only wander around a dungeon (think "maze of twisty passages, all alike"), but they could also add new rooms and monsters on the fly.

Searching USENET, it seems there were two meanings of the term "spam". One definition was based on people abusing the ability to add new objects to the TinyMUD world:

• April 17, 1990, posted by Jon Blow:
  ...By this time, the wizards [dungeonmasters] had locked off a few areas that were just spam-for-the-senses...
  
• June 27, 1990, posted by Vintage Mutant Ganja Technerd:
  For example, a delay of 5 to 10 seconds between object creations and logging in, will all do the trick of 'limiting' spamming without the juggling of quotas, login times, keeping track of hosts, et al.
  
• October 4, 1990, posted by A Molitor:
  ...when you run a MUD advertised as having few or no rules, a MUD where you can do anything, players *will* spam it. This is not conjecture, but documented historical fact. Ask around about BloodMUD some time.
  

However, the second meaning of the word, and the one that seemed to appear earlier in USENET, is the one that more closely resembles the meaning we use today:

• From: Jon Blow (blojo@tornado.Berkeley.EDU)
  Subject: Re: Word wrap
  Newsgroups: alt.mud
  Date: 1990-01-22 23:18:55 PST
  Right now my entire adventure is formatted to be easy-readable in 80 columns. This is also a pain, since 1) It takes much longer for me to write it, and I constantly feel a loss of artistic quality when I am forced to reword so that a line will fit; 2) People with wordwrap must turn it OFF, or the adventure will look like Spam. Bummer.

Other posts (and various MUD histories on the net) discuss the problem of MUD visitors who used various commands (most often the 'say' command) to fill other people's screens with unwanted text, thus scrolling more important things off the screen. The first place I found the word "spam" being applied to USENET posts themselves was here, related to a bot that accidentally regurgitated other posts in the news.admin.policy newsgroup.
Since most MUD Histories attribute their rise to the fantasy genre of Tolkien (and to a lesser extent Dungeons and Dragons), don't forget to thank Middle-Earth (and 25-line CRTs) for 'spam' when you see the movie next week. There are doubtless other etymologies; I'm just basing this on the only evidence I found.

As a side note, to Google employees the term "spam" refers not to unwanted email but rather to the underhanded tricks folks try to boost their search-engine rankings.

Only If...

[rsmartin]

We had something like this to stop the nonsense I get in the snail-mail.

I can't tell you how many times I've had to go to the post office to pick up my mail when I had only a couple of valid pieces of mail in my mailbox.

And stamps, not that they're all that expensive, but does anybody else notice a trend here? How much am I paying the post office to give me advertisements I didn't want in the first place? And God forbid my mail get anywhere before the deadline when I send it out last minute!! How silly of me, I mean, there's all this important junk mail to sift through, no wonder there's not any time to get my wife and kid that Christmas card I sent them during the holiday!!

Now that I think about it...

Does anybody else pay for their T-1 according to the bandwidth they use or is that just us...

Re:Only If...

If you're in the US, then you do! Go to the local PO and pick up form 1500. Tell the fool behind the counter that you want to get the form to be taken off of pornographic lists...

The form is used to apply for a Prohibitory Order. The USPS MUST issue the order. YOU, and YOU ALONE have complete, unfettered, and unreviewable discretion as to what is, and is not, considered erotic and pandering. The US Supreme Court has held in a 1970's case that you have this power, and that you could consider a dry goods catalog to be pandering and erotic.

So get that form, Initial box 1, check box A, fill in the name and address of the schmuck who sent you the crap, and staple it to the form. Then send it to the USPS Prohibitory Order processing center (address is on the back of the form). Don't bother taking it to the PO - they get confused and argue with you about it.

In about 2 weeks you get a Prohibitory Order from the USPS. One copy is sent to the snail mail spammer via certified mail. 30 days after they sign for it, they are legally prohibited from sending you anything for 5 years! They have to remove your name, and can't sell, lease, or otherwise distribute it.

If they do send you something, then you open it, sign the front with a statement to the effect "I received this on . In apparent violation of Order: ". Send it back to the Prohibitory Order Processing center.

They'll review things and send you back a note saying either:

"Not enough time has passed to allow mailer compliance" (i.e, 30 days hasn't passed yet...)

"A complaint against the mailer has been filed" - the mailer has to respond to the USPS Pro. Ctr. as to why they haven't removed your name.

After one or two complaints against a mailer have been filed, they make a "Determination" - that the mailer is in flagrant violation, and the whole mess is turned over to the local US Attorney. Then the mailer gets to go to court to explain to a Federal judge why they can't stop mailing you.

Best of all - it doesn't cost you anything but a stamp.

Even better - the snail mail spammer can try to appeal, but this case was litigated all the way to the US Supreme Court back in the 1970's and they held that you have the right to do this!

The case can be found at:
397 U.S. 728 (Rowan v. USPS (1970))

And the relevant US Law can be found in: Title 39 USC Sect. 3008

Notwithstanding the above, you can REFUSE anything you want. Mark it "REFUSED. RETURN TO SENDER". and toss it back in the box. If it's First Class, the PO will return it to the sender, and the sender will have to pay for the return postage! IF it's "Standard" or advertising mail, the PO has to toss it out. Let them deal with their crap.

Understand that the mail carrier will get pissed. They'll leave it in your box, they'll write you nasty notes. (this has all happened to me). I just keep leaving it in the box. When they fuck with me too much, I toss it in an envelope and write a note to the Postmaster asking for compliance with the DMM (Domestic Mail Manual) regulations and ask him to discuss the situation with the LEtter carrier. Stick to your guns and you'll get almost no snail mail SPAM after about 2 - 3 months.

Visit www.junkbusters.org for more info

Here is a question ...

[TheViffer]

If I live out of state .. meaning not in Washington, but receive and read my email on a computer stored in Washington (via http, telnet into a box, etc) .. am I covered under Washington state law in regards to spam since the emails destination was a computer in Washington and resides on that computer in Washington?

Re:Here is a question ...

[Nater]

IANAL... but this looks very similar to the "where do I owe taxes" question. Basically, with online purchases, you owe sales tax in the state where your ass is. I would expect the ass doctrine to apply to spam law as well.

What else would be nice

[Guppy06]

Suing spammers is one thing. It'd also be nice to sue ISPs that neglect to enforce their AUP.

WA has a gaggle of litigants

[jestapher]

I am one of a handful of people actively pursuing spammers in Washington. I am vice-president of a Seattle ISP and when I get bored on the weekends, I scan the Qmail alias file, which is 99% double-bounced spam. Under RCW 19.190, almost every one of these is illegal as the spammer "misrepresented the point of origin" of the email.

I pick out the easy spams -- ones with phone numbers, fax numbers or physical addresses -- and I contact the spammer and say, "look, we got illegal email from you and we're willing to overlook it if it doesn't happen again." A fair number of spammers then remove all of our domains from their lists. The ones that don't get a few reminders, then a notice of small claim. Under Washington law, ISPs can sue for $1,000 per email.

Check out my lawsuit page for some info. For those non-Washingtonians, you can get in on some of the lawsuit fun by suing junk faxers and telemarketers under federal law, which I've tried just to see if it works. The good news: it does.

Us folks in Washington State have a great deal of cooperation going on via mailing lists. We're gearing up for some serious spammer suing. And it is hard to collect, but it's not impossible. Once you get a dozen cases going, the money from one case isn't a big deal so you just send it to collections to fuck with the spammer.

Essentially, this is just a real fun hobby that happens to pay a bit of money. Oh, you might find this interesting: Zen and the Art of Small Claims.

Too broad

[21mhz]

to ".ru"
from ".ru"

You probably can drive away some valid messages from guys like me. Of course, you are free to live in a cave and avoid any message that is even remotely suspicious. I, for myself, would not rely my communication on overly paranoid filters.

Re:Too broad

[mcowger]

Read the filter action again - it doesn't get deleted, it gets moved. I dont know anyone in russia, no anyone with a .ru address - if at anytime I do, I will be a check ABOVE that to filter out that specific address. Even if something get caught that should, its still sitting in the folder waiting to get looked at.

Re:...and an idea for Software Aided Spam Litigati

[CaptJay]

Now, we get to the interesting stuff - how would you get all your participants?

That's the point of class action lawsuits: You don't need to find participants, you only need one 'victim' and the court's permission to go forward with the suit. After the trial is over, the judge awards damages per victim, and then you post notices to rally them.

The problem of course is that a class action lawsuit can be brought for specific actions, therefore you could not sue "The Spammers" collectively. You'd have to initiate one action per spammer company.

Legal notice

[p0ppe]

Here's a free-to-use legal notice that I think I got from Politechbot.com:

LEGAL NOTICE
To whom it may concern

[XXX] SeekerCenter has sent or caused to be sent one or more unsolicited
commercial email ("UCE" or "spam'") messages to an email address at the
[XXX] domain name. Your spam was not sent in response to any request for
information. Spam is an annoyance and takes up our valuable time,
bandwidth, server space, and computer hard drive space. Effective
immediately, your further use for commercial purposes of any e-mail address
ending with any of our domain names: [XXX] constitutes your
agreement to the following terms and conditions:

1. Each time you send UCE to our e-mail address, you agree to pay a
usage fee of one thousand dollars ($1000.00) within 30 days of our invoice,
payable to [XXX]. This fee is deliberately high because
we do not want to spend our time and bandwidth dealing with UCE unless we
are paid to do so. You will be invoiced on a monthly basis and agree to
pay interest at the rate of eighteen percent (18%) per annum on any balance
which remains unpaid for more than thirty (30) days.

2. You agree to accept , service of process in [XXX] as well
as the jurisdiction of [XXX] courts for the enforcement of this
obligation.

3. You agree to pay the costs of collection, including reasonable
attorney fees, even if the cost of collection exceeds the usage fee.

This message constitutes an offer which you may accept by sending
commercial email or causing it to be sent to any email address at any of
the above-listed domains. If you notify us that you do not agree to these
conditions, then you do not have permission to send UCE to any of the
above-listed domains; your doing so without permission will constitute
trespass to chattel and will be pursued by legal action.

Sincerely, [XXX]

Here's the next best thing: Cost spammers $$$

[vandan]

Get your own back from SPAMMERS! Click the link and follow through to each of the SPAMMER's advertisments you wish to 'pay back' for their fine services. The cost to the SPAMMERS per click is displayed next to each advertisment. Only one click per day per person per advertisement is counted... http://www.overture.com/d/search/?type=home&Keywor ds=bulk+email

All the more reason to deregulate encryption

[jabber01]

That way, each company would have to sign the message digest of the message with their private key, and you could validate sender by verifying the signature.

Purdy dern simple, if the Fed would just quit seeing crypto as a weapon.

Hotmail spam

[iforgotmyfirstlogon]

Ok, so Hotmail is owned by a Washington state corporation, right? Assuming that the mail servers (and hence the final destination of the messages) are located in Washington, could I file for violations of that state's law on all of the spam I get to my hotmail account? IANAL, but if my mail all ends up in that state, wouldn't I be protected by that state's consumer protection laws?

- Freed

Another approach

[aquisgrana]

A story at the Register suggests perhaps another approach. See http://www.theregister.co.uk/content/3/23377.html A short quote from the article: Appeal Court upholds Intel ex-staffer's email injunction By Tony Smith The US Third District Court of Appeal in California has ruled that ex-Intel staffer Kourosh 'Ken' Hamidi did indeed commit an act of trespass upon his former employer's computer system when he sent anti-Intel emails to 65,000 company workers.

So somone sending Spam is in fact trespasssing on your system. I'm not in the US myself, but this could be worth following up for those who are.

My Uncle.

[dmaxwell]

My uncle used to do that only he would sometimes tape a brick to the envelope. Magazine advertisers used to send punch cards that you were supposed to punch out if you were responding to an offer. He always punched holes randomly before sending them back. He got a free subscription to some gardening magazine once.

Re:My Uncle.

[throbbingbrain.com]

yyyeeeeeeesss!!

Great idea!

I'll just wait until I get a hardcopy-spam (junkmail) from a place I'd like to go.

Then tape the reply envelope to my forehead!

Woohoo! Free vacation!

...but what about the return trip?

An eye for an eye

[uigrad_2000]

Simply go here, and check to see if your favorite pyramid-scheme spammer is on there. Most of them are.

Now, go and sign up one of them for random free crap (AOL CD's, etc.). If one lives near you, taking out frustrations on them next halloween will be even more effective.

Of course, I'm not advocating you do anything illegal. But, when they give away their addresses, they must be seeking feedback about their social skills.

Won't work

[deuist]

Taking a few spammers to court simply won't end the problem. There is a federal law which says that telemarketers can be sued for calling you more than once. However, I'm still getting calls from Sprint asking me to switch.

big spam/big tobacco

[geckosan]

It's interesting that tobacco companies have gotten away with making money off the misery of people for decades, but spam companies only got away with plying their trade for a few short years before it becomes a less business-effective idea. The turnaround of these things is becoming faster and faster with advanced technology, the system of the human world has better and better controllers to stablize its "plant" (society) with less overshoot and faster settling time..
Yes I just finished studying for a control course. Metaphors good.

No Spam

[gordguide]

I get virtually no spam (not one in the last 12 months, 3 ISP accounts and 2 web-based accounts).
Some things I do which may have something to do with my nospam:
(I use Mac/Windows/Linux)
When you first install many OSs (MacOS, Windows, Internet Explorer, etc.) you are asked certain questions like your full name and email address. This is used globally in some conditions when your actual eMail app is not used. They can send all the spam they want to nobody@bullshit.net, but I never get it.

State laws against spam are a terrible idea

[btempleton]

Whatever your opinion of using government regulation of E-mail to stop spam, I hope that most of you will come out in opposition to the idea that the individual states should be doing so.

This has to be opposed on the general principle of the thing. Individual states should not be making any rules about E-mail. It doesn't matter if the rules support motherhood and condemn terrorists. It's a jurisdictional issue, and the laws are unconstitutional.

The reason is that for a large fraction of E-mails, the sender has no idea what state the recipient is in. If we let the states regulate E-mail "into the state" then we create a duty on every E-mailer to know what state they are mailing, and become aware of the E-mail laws of that state and obey them.

This means that if I, in California, send an E-mail to somebody who happens to be in Oregon (though I don't know that directly) that I must check to see that they are not in Washington. But Washington has, under the constitution, no power to put any requirements on people mailing from California to Oregon, nor should they have such power.

Consider: New Mexico passed laws restricting indecent material on the net. Are you now ready to be aware of that, and to check every E-mail you send to make sure it's not going to New Mexico or is not indecent by their standards? And check 49 other states while you're at it.

It would be a zoo.

Now, I'm not really keen on any government regulation of E-mail, but if it is to exist, it should only be federal.

And if you use Perl then

Mail::Audit also warrants mention. Truely a useful utility.

Anti Spam laws in differing states

[Whatthehellever]

Is there an index of all the states and the spam laws in them anyone can reference? I'd love to find out what the laws are here so I can sue somebody.

hahahaaaaaa

Prepare to be destoryed spammers! ESPECIALLY those guys who send me the messages in Chinese. YOU MAKE ME SICK.

ways to screw spammers

[4444444]

you can find ways to fight spam here

http://www.lenny.com/spam/

Re: Or Run Away!

[fixitnow]

Some spam will inevitably get into the MUA, after all, the end user is the one who has to initially identify spam.

Here is my proposal: Run Away. How? There is a new, but improperly implemented (so far) email addressing standard called plus addressing, where your address is like "user+box@host" where the "+box" part is supposed to be ignored yet passed on from the MTAs and MDAs to the MUA.
Unfortunately, some ISPs still bounce this kind of addressing as unrecognized, even if "user@host" is a valid email address. If you think of the plus addressing part ("+box") as a personality (in Eudora parliance) then your email address now can be filtered into as many pieces as you need.

Now, when I asked a couple of ISPs why my envelope recipient (RCPT TO: part of the SMTP protocol) isn't in any of the headers on a BCC email, I got an answer like "well, if it got to your mailbox, it's for you," but with this new addressing paradigm there remains the question of which me? i.e. which personality does the email belong to? so that argument needs to be thrown out the window.

I have read that some ISPs have recompiled their MDAs to include a header like "Envelope-to" or "Delivered-To" or "Envelope-to" or "rcpt-to" (all optionally preceeded with an (X-") but not mine, of course. If my plus address were included in a header like this, I could easily filter all bcc email to personalities I want, and then force the spammers to use it.

A really good ISP would allow me to upload a list of plus addresses that were allowed, and block everything else at the RCPT TO stage of the SMTP protocol (it might also provide end users with some Eudora, etc. plug ins to better manage personalities, signatures, addresses and filters as a personal information management (PIM) with one personality per contact.)

If the spammers guessed one, I could simply give another one to the person who communicates to that personality, and turn off (or send to bitbucket, or report as spam) all future communications to the compromised personality.

I know Spam Motel, Mail Shell, do this already in a way, and one could even use hotmail, but I think my method is more under my control, and allows everyone to run away indefinitely.

Question: what ISPs already provide these headers for bcc'd mail or where do I find out?

Looking for Lawyers ;)

Well, okay.
So does anybody know any good, technology-savy lawyers in the Frankfurt, Germany area? :)