Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fighting The Spammers Down Under

Posted by timothy on from the squash-foot-squash dept.

An Anonymous Coward writes: "The Sydney Morning Herald is running an interesting article about fighting spammers. It mentions that "Most of today's email spam, however, comes from a handful of culprits, described by Barry and others as &quotknown criminals&quot." Does anybody else wonder who these people are, and what are the odds of having them shut down for good?"

87 of 274 comments (clear)

  1. Final Solution by Renraku · · Score: 3, Funny

    A good solution for spammers is to track them down, post their addresses for everyone to see, and hold spam bashing parties, in which many, many people make a roadtrip to 'encourage' the spammer not to spam anymore. Such encouragements could be things like, VX, a sock with a cueball in it, small rabid animals, and herpes.

    --
    Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
    1. Re:Final Solution by Anonymous+DWord · · Score: 2

      Ah, but who will give the spammer the herpes?

      --
      "If he thinks he can hide and run from the United States and our allies, he's sorely mistaken." Bush on bin Laden
    2. Re:Final Solution by GreyPoopon · · Score: 2
      Ah, but who will give the spammer the herpes?

      I'm certain that one of the individuals who are featured in the spam would be more than sufficient.... Poison them with their own "merchandise."

      --

      GreyPoopon
      --
      Why is it I can write insightful comments but can't come up with a clever signature?

  2. "These People" by Bender_ · · Score: 5, Interesting

    www.spamhaus.org has a list of spammers and the ISPs supporting them. They also have some quite interesting articles on this topic.

  3. Block Lists by hkhanna · · Score: 3, Interesting

    In my humble opinion, the problem with spam block lists as they are today is that

    1) they are not consolidated which means your network may end up being wrongfully isolated from one or two networks and you'll never know why your legitimate e-mail isn't reaching its destination and

    2) if you get added to a list, some people aren't responsible enough to keep them updated. So if for example you had open-relaying on by accident (a common problem alleviated in the recent versions of sendmail) you may end up being "blacklisted" and if you try to contact the maintainers of those lists, you get no response and your domain is forever banished from the internet.

    I heard the FCC (or one of those acronyms...maybe the FDA) is starting to create a national "blacklist" maintained by the government. I don't know if that's true, but that might actually not be a bad idea.

    Just my US$0.02.. Hargun

    --

    Think nothing is impossible? Try slamming a revolving door.
    1. Re:Block Lists by Isofarro · · Score: 2, Insightful

      IMNSHO, the problem with spam block lists are
      1.) They have a lot of false positives (blocking people they shouldn't),

      That should encourage those positives to ask their ISPs why they are conducive to spammers, and start to convince ISP's that spammers are the source of the problem

      2.) a lot of false negatives, (they don't block very many spammers),

      Outta sight, outta mind. A little spam is still spam.

      3.) they are a lot of trouble to maintain, and

      So certain people have decided that they can accept the maintenance problems in an effort to clean up the internet - kudos to them.

      4.) they don't mesh well with the general spirit of the internet.

      Spam block lists are merely opinions of a group of people. Other organisations may agree that their list is good, and thus adopt it as their main filter - that's the organisations right.

      Adopting block-lists is nothing more than exercising the right to disassociate from a known group of people.

      This freedom of choice - what the general spirit of the internet is about. The ability to say "No, I don't want your crap."

    2. Re:Block Lists by AnotherBlackHat · · Score: 2
      Adopting block-lists is nothing more than exercising the right to disassociate from a known group of people.


      Block-lists promote the idea that an external authority should decide what is and is not acceptable. That's what I meant by contrary to the spirit of the internet.

      The ends do not justify the means. Since there are better means to this particular end, then we should promote those. Block-lists are better than nothing, but not better than the alternatives.

      -- What I really hate is people who ask you to give up your freedom to stop spam.
  4. it has to be profitable... by uberkuba · · Score: 4, Insightful

    Everyone always goes on about SPAM and how bad it is and how we don't like to get it....... The real problem is that it must be profitable for some individuals to do it otherwise it wouldn't happen (save the handful of ppl who just like to do it for fun, similar to graffiti). I have a some contact with the advertising and marketing industries here in Aus and I can tell you that from the pure marketing point of view it does look attractive. The marketing ppl rarely consider the annoyance factor, they just want nice numbers... ie "so you can send this out to 1000s of people, Great! How much per person.... what's that, its a LOT cheaper then mail, WOW put me down for 50000"... and so the corporate world pays for what we hate. Sure there might be exceptions, but I bet that this is the norm, esp in cases when the marketing department has 0 exposure to technology and so doesn't suffer like the rest of us.

    1. Re:it has to be profitable... by darkonc · · Score: 5, Interesting
      Every once in a while I get spam from someone who gives an '800 number to fax orders to....

      I send them off a nice fax, on a 50% grey scale, full page background which orders them to stop spamming..

      Why 50% grey scale? Because it's near worst-case for fax compression (which expects mostly blocks of white then smaller blocks of black). Faxing a 1 page grey scale at 1200 baud can take 90 minutes (800 number, remember? It's on their quarter).

      I'll usually do a voice callback first to make sure I'm not responding to someone who's being smurfed by an enemy.

      --
      Sometimes boldness is in fashion. Sometimes only the brave will be bold.
    2. Re:it has to be profitable... by coyote-san · · Score: 3, Interesting

      This points to the only long-term solution to spam - take out the profit motive.

      But this is tied to the question of strong authentication of the sender (at least at the ISP level), and all of the privacy concerns that raises. E.g., a good way to kill spam is to require each message provide non-trivial e-postage. Perhaps USD0.25 per 20kb block. (After getting over 15MB in less than our from a misconfigured spambot with a huge payload, I am *not* willing to accept "one price for all" scheme!)

      If the recipient found the message worthwhile, they could send an ack to their ISP and release the money back to the sender. Or they could let a reaonable time elapse, say 2 weeks, and the money would be released back to the sender. This could probably even be automated for explicitly named friends and mailing lists.

      But if the recipient said it was spam, they keep the postage.

      At USD0.25 per message, there's no profit motive in me lying whether a message is spam. But at USD0.25 per message, it's a safe bet that few businesses will send out 10,000 messages (USD2500) to snare a single response.

      --
      For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
    3. Re:it has to be profitable... by IvyMike · · Score: 2

      It is profitable, but only to the people selling the SPAM tools and SPAM lists. Nobody, nobody sents their credit card to the poorly worded .ru-originating "Better tasting semen" people. (If you want better tasting semen, you should stick to domestic products!)

      The reason it works is because everybody gets those messages, and some people conclude, "Wow, this must be a goldmine, I get these messages every 10 minutes. I should get in on the action." They purchase the lists and tools, send the email, and spread the meme again.

      P.S. What I always wonder is: How did the "increase your ejaculation 581%" people get such an accurate measurement?

    4. Re:it has to be profitable... by AnotherBlackHat · · Score: 2
      It is profitable, but only to the people selling the SPAM tools and SPAM lists.


      Bullshit. Spam is almost certainly profitable, even for the stupid products. Even if you only got 1 response per 100,000 you'd only have to make one dollar on the sale to make money. I've seen estimates of 1-5 responses per 10,000. Email is mind boggling cheap to send, even if you actually pay for the bandwidth, and many spammers don't pay for their accounts at all. Hell, a spammer wouldn't even last 30 minutes, much less the 30 free days AOL used to offer.

      -- What I really hate is people who ask you to surrender your freedom to stop spam.
    5. Re:it has to be profitable... by thogard · · Score: 2, Interesting

      How about the /. hero Dmitry Sklyarov, his company ElcomSoft makes bulkmailer and Advanced Email extractor as well as other tools to clean email address lists and localize them. His company has made lots of $$$$ selling spam tools.

    6. Re:it has to be profitable... by blair1q · · Score: 2

      Ever notice how most modern spam is one-shot? You see one message, then never see that particular ad again? Filtering is too weak a technology to be causing that.

      What's profitable is spam that sells spamming, because there's always a sucker out there who thinks "hey, there's all this spam, it must be profitable otherwise it wouldn't happen; now if I can just get my hands on 6 million email addresses..."

      --Blair

    7. Re:it has to be profitable... by hyrdra · · Score: 3, Funny

      Did it ever occur to you these clowns are using an e-mail fax service, which bills by page amount and not time? So you're actually costing the innocent fax service money, not the spammer.

      Now 50 pages of greyscale might be interesting ;-)

      --


      "I'll just chip in a bit for RedHat: I actually have that installed on my university machine." - Linus, '95
    8. Re:it has to be profitable... by bero-rh · · Score: 2

      That would kill off legitimate mailing lists, as well.

      Take linux-kernel: It currently has roughly 10000 subscribers, with roughly 100 posts a day.

      In your system, the people running it would have to pay $25,000 a day - they'd eventually get it back (assuming the subscribers remember to mark the messages as ok), but losing $25,000 even temporarily isn't something we all can afford (I certainly don't have $25,000, for example).

      --
      This message is provided under the terms outlined at http://www.bero.org/terms.html
    9. Re:it has to be profitable... by darkonc · · Score: 3, Interesting
      something like that happened once, accidently..

      I originally came up with the idea when I got assigned a phone # that used to be some business' fax number. Well, even though it's illegal, fax spammers would try to send me faxes at, like, 4:00am, so I started replying with these 50% grey faxes from my mac.

      (un)fourtunately, my fax modem and fax software had this wierd bug with some fax machines where, after sending the page, the page acknowledgement would get lost and the program would abort --- to try again. I had the software set to retry 10 times...

      One day I sent off a grey-scale fax to a company before I ran off to work. It got hit by the bug, and repeatedly tried sending the fax... It succeeded on the 5th or so try, tying up their fax machine until the early evening to get that one page fax through.
      hehe.

      BTW. Part of the reason for using the 50% grey scale is that it minimizes paper waste while getting in maximum time. A single grey-scale page at 1200 baud takes the same amount of time as 90 pages of regular text. an 8 page fax will take almost 12 hours.

      --
      Sometimes boldness is in fashion. Sometimes only the brave will be bold.
    10. Re:it has to be profitable... by cobar · · Score: 2

      >Well then, they can publish their email on a >website and their 10,000 people can bookmark it.
      >
      >I can't seriously believe that anyone would sign up >to a mailing list with 100 emails per day - the >emails must arrive so fast that you wouldn't be >able to do anything else.

      Um, no. You don't disadvantage the users of a legitimate service to deter an illegitimate one.

      Why do you care if they read those 100 emails a day or not. If the mailing list provider doesn't care and the isps don't care, it's none of your business.

    11. Re:it has to be profitable... by BCoates · · Score: 2, Interesting

      There's an idea similar to this called hashcash, where you require the sender to 'pay' you for mail in burnt CPU cycles (usually by calculating secure hash collisions, which is hopefully only possible by brute-force). You 'charge', per message, maybe 1 sec of time on a modern system, and it's pretty much unnoticable on an ordinary machine, but in order to do the mail volume spammers need, you'd need tons of computers running full-time.

      --
      Benjamin Coates

    12. Re:it has to be profitable... by Daniel · · Score: 2

      I get about 80-120 legitimate emails a day from mailing lists, and this is common among people who work on free software. Charging for email would kill many prominent projects.

      And if you think that email isn't a good way to "disseminate information" and that reading Web pages is a good substitute, well, all I can say is: please go away and come back when you've bought yourself a clue or twenty.

      Daniel

      --
      Hurry up and jump on the individualist bandwagon!
    13. Re:it has to be profitable... by AnotherBlackHat · · Score: 2

      That just means that it's theoretically profitable.

      Show me an independant source that says that spam is profitable. I dare you.


      Plenty of people who sell spamming tools say that spam is profitable. What you really want is some reliable evidence. Clearly, I can't post anything to /. that can't be a fabrication.

      But think about it for a minute and I think you'll agree that selling by spamming is profitable.
      You get a spam.
      Then, a week later you get the same damn spam again.
      A month later you get a copy sent to a different email account.
      That means the person sending that spam did it once, and then did it again later. You know that spammers get bitch slapped pretty hard. They certainly lose their account, and have to set up a new one. That takes time and effort. Why do it a second time if it didn't work the first? Once could be an experiment, but multiple spams over time have a real reason. Do you think spammers are doing it just to piss you off?

      -- What I really hate is people who ask you to give up your freedom to stop spam.
  5. targetted email marketing by ciole · · Score: 3, Insightful

    Spam is "spam" until registrations, licenses, warranty agreements, etc, require a valid email address and/or an opt-in to that company's "news". Then it becomes legit. i get plenty of unsolicited email from companies legitly possessing my addy, even email with opt-out links. if every company i interact with sends me just one of these, that's still a lot of undesirable, often image- and HTML-laden emails to have show up.

    That's why i don't think spam will cease to be a problem for end-users, even if the signal-to-porn ratio improves.

    1. Re:targetted email marketing by AntiNorm · · Score: 2

      Spam is "spam" until registrations, licenses, warranty agreements, etc, require a valid email address and/or an opt-in to that company's "news". Then it becomes legit. i get plenty of unsolicited email from companies legitly possessing my addy, even email with opt-out links. if every company i interact with sends me just one of these, that's still a lot of undesirable, often image- and HTML-laden emails to have show up.

      IMO that still constitutes spamming. I get so many of these that I have the following system set up: Whenever a company legitly wants my email address, I give them a custom forwarding address at my domain. Since these addresses all forward to my real email addresses, these companies are free to contact me if they need to. But if they decide to spam me, I set their forwarding address to automatically bounce any future messages sent to it. You have a valid reason to contact me, fine. You spam me, you give up the ability to contact me.

      --

      I pledge allegiance to the flag...
      of the Corporate States of America...
  6. Sue a Spammer! by thecarson · · Score: 3, Funny

    What you can do:

    Go to war!
    Sue!
    And win!
    or...
    Join them!

  7. maybe i'm alone in this world by kraada · · Score: 3, Insightful

    but i'd rather hit delete a few times per day (i don't get more than 10 spam mails a day) and know the internet is still relatively free. yes, they're sleaze, but if you're going to start blocking them, it's not that hard for a few other domains to be slipped in there. the potential for censorship seems too great to me *shrug*
    so i'll continue deleting my 10 mails per day.
    Kraada

    1. Re:maybe i'm alone in this world by LiamQ · · Score: 2, Insightful

      Perhaps you'll change your mind when 95% of your email is spam. When that happens, it's too easy to accidentally delete legitimate email.

    2. Re:maybe i'm alone in this world by coyote-san · · Score: 2

      When you only get 10 pieces of spam per day, you have options.

      I've gotten over 15 MEGABYTES of spam in about an hour from a misconfigured spammer. That's enough traffic that it would have totally wiped out any prior mail in a free email service, and if I didn't have a cable modem I would have been unable to do anything for a few hours while the mail queue cleared over a modem connection.

      That's a worst case scenario, but I've missed legitimate important messages in all the crap the spammers sent. Filtering helps, but messages get misdirected and sometimes they're a bit silly. (E.g., right now I've black-listed the entire country of (South) Korea because of the volume of spam coming from their domains.)

      --
      For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
    3. Re:maybe i'm alone in this world by Yusaku+Godai · · Score: 2, Insightful

      Agreed. I'm just as much against anti-spam legislation as I would be against anti-internet piracy legislation. I'll I'd like to see is more and better ways for people to fight a personal war against their spam.

    4. Re:maybe i'm alone in this world by bero-rh · · Score: 2

      Would you still say this if you received 300 spams a day, and had to pay for your net connection by the minute?

      That's the situation many people around here are in.

      If you look at it from this point, you'll probably agree that spam is theft.

      I'm all for freedom, but requesting a "freedom to spam" is much like requesting the "freedom to commit fraud" or the "freedom to shoot people because you don't like their looks".

      --
      This message is provided under the terms outlined at http://www.bero.org/terms.html
    5. Re:maybe i'm alone in this world by Rogerborg · · Score: 2
      • i'd rather hit delete a few times per day (i don't get more than 10 spam mails a day) and know the internet is still relatively free

      Yes, and I'm sure most spammers consider themselves gleaming champions of freedom rather than slimy freeloading leeches.

      Incidentally, do you consider that it's fine for companies to send unsolicited porn snail mail to anyone (including children)? With packaging saying "Porn for Joe Sixpack"? And make Joe pay (time/money/resources) to receive and deal with it? If not, explain why it's OK to do that with email.

      --
      If you were blocking sigs, you wouldn't have to read this.
    6. Re:maybe i'm alone in this world by AnotherBlackHat · · Score: 2

      but i'd rather hit delete a few times per day (i don't get more than 10 spam mails a day) and know the internet is still relatively free. yes, they're sleaze, but if you're going to start blocking them, it's not that hard for a few other domains to be slipped in there. the potential for censorship seems too great to me *shrug*
      so i'll continue deleting my 10 mails per day.
      Kraada


      At some point, maybe it's 100 spams a day, maybe 1,000, or even 10,000 one takes action against spam. Spam will continue to grow until enough people take action against it. Since the only way to stop it is to take action, you might as well take action now, instead of waiting for it to be a problem big enough for you to care about.

      -- What really makes me mad is people who ask you to give up your freedom to stop spam.
  8. not worth it by thundercatzlair · · Score: 2, Interesting

    I hate spam as much as the next guy, and would love to see it done away with... but after stopping to think about it, I don't see it as really possible without consequences for everyone. In the long run, little annoyances like this that get complained about until the government or whoever does something about it, lead to more and more restrictions and more and more freedoms being taken away.

    We need to stop and think, "Is it really worth it to give up more of our freedom just to get rid of a few emails that you can easily delete without ever having to read them?" Also, we need to ask ourselves if we think we can really eliminate this problem anyhow. How are we going to be able to determine exactly what constitutes spam? And what happens when some business receives an email from someone requesting information and sends them an email in reply about their products. It could be the case that person forgot they ever requested the info or that someone entirely different submitted the request under a fake name. How can it ever really be proved?

    I just don't think it's worth pursuing...

    later,
    thundercatzlair

    1. Re:not worth it by Teun · · Score: 2
      It's most definitely worth fighting this scorch of the internet.
      On my E-mail address that I use since '97 I get 5-10 of these junk mails per day!
      And when I'm opening them on my Windows machine there's a fair chance they generate all kinds of nasty side effects like masses of pop-ups, plant cookies and spyware.

      This is not what I have an E-mail account for.

      As a matter of fact I think you are a bit of a looser to react the way you do, how would you like it when the village idiots would piss on your porch after every beer they had??
      And about your remark: "lead to more and more restrictions and more and more freedoms being taken away"
      This is the dumbest argument I've seen in this discussion
      It's like saying the law that requires us all to drive on the same side of the road is a limitation of freedom.....

      The internet is a public place and as all public places it has a few basic rules to function at it's best for most.

      --
      "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
  9. Spam by Proxy (3rd party payouts) by BrookHarty · · Score: 2

    The biggest problem with spam, is that people get PAID for spamming. Companies offer people MONEY to spam you, then they innocently say that spammer didnt read the standard no-spam policy.

    This is Bullshit. We need to go after the people who pay spammers.
    -
    Obviously crime pays, or there'd be no crime. - G. Gordon Liddy

  10. As long as there is market... by aralin · · Score: 2
    ... there will be always someone to offer the goods, even if its illegal. Look at drugs. No way to fight spam the way to go after the people who deal it. Change the system, and as with campaign on drugs, try to destroy the market. Punish the beneficiaries. Well, its more than harsh in case of drugs, so why not in case of advertisement?

    Very good solution would be IAIA (Illegal advertising inhibition act - known as donkey law). Lets punish with severe penalties every company that is proven to knowingly order advertisement through illegal means (such as spam, tattooing childern and pop-under windows).

    --
    If programs would be read like poetry, most programmers would be Vogons.
  11. Spam has lost its legitimacy. Now go for the kill. by Animats · · Score: 2
    With the appelate court verdict in Ferguson vs. Friendfinder last month, most spam is now unquestionably illegal in California. And, looking at my spam file since that decision, I'm not seeing anything from a business that could even vaguely be described as legitimate. I was just exchanging E-mail with a lawyer who sues spammers, and it's getting hard to find a target worth sueing, at least in California.

    The Direct Marketing Association has a national opt-out list. I'm on it, and that seems to turn off spam from legitimate US businesses. The remaining bozos probably won't get the message until the cops come knocking.

    I think we're going to win this thing. There seem to be only a few hundred spammers left, most of whom are doing something that qualifies as fraud. Pushing for misdemeanor convictions on a few every year is probably enough to discourage them.

  12. Easy way to block most spam. by systemaster · · Score: 2, Insightful

    The best way to block spam is stop html email. Nobody I know sends html stuff, just quick txt notes. Now if only outlook could do that.(yes gotta use outlook at work, and yes i get spam at work)
    this sig is a virus, take it and use it.

    --
    LinuxWorx
    Spelling errors are intentional as are gramatical error
    1. Re:Easy way to block most spam. by edremy · · Score: 2
      Outlook can most certainly send plain text email. Tools->Options->Email Format. Set to plain text and you're done.

      You can reply to HTML mail in plain text as well: just reply, Format->Plain Text.

      --
      "Seven Deadly Sins? I thought it was a to-do list!"
  13. Weak market forces control spam by Philbert+Desenex · · Score: 5, Insightful

    Sure, spam is probably profitable: it transfers most of the cost of advertising to the (probably unwilling) receipiant, and nobody ever went broke underestimating the Good Taste of the American public.

    The problem with spam is that the dirty details of spam disassociates it from market forces, unlike other, more conventional forms of advertising.

    In just about every other form of ad (radio or Tee Vee commercial, newspaper ad, billboard, etc) the advertiser pays for the ad up front, before you make a decision to buy the advertised product or not. So, if the ad is particularly repulsive, ("Ring around the collar!") the consumer can make a decision to not buy the product. The advertiser is out the cost of the ad. Of course, the cost of any advertised product is higher than an unadvertised product, so the consumers who chose to buy an advertised product ultimately pay for a portion of the advertising.

    Contrast this with a spammed ad: the consumer has paid for his or her network time to receive the ad, the disk space to store the ad and the CPU cycles it took to process the email ad before getting a chance to decide whether to buy the spamvertised product or not. No matter how repugnant, stupid, wasteful, or dumb the ad is, the consumer ends up paying for the spamertising. Only very weak market forces control spamvertising. That's the real problem with spam.

    Email spamming is theft, plain and simple. Email spammers must be punished.

    1. Re:Weak market forces control spam by bero-rh · · Score: 2

      I agree, but it's currently not enforcable, at least not in .de.

      I've reported a spammer to the police for theft of service, and got a letter back stating "this incident will not be pursued because the damage done was too low".

      They sort of compared spamming to stealing $.01 from someone's pocket - it's not strictly legal, but nobody will do anything about it. :(

      Like most non-technical people, they simply fail to understand spam is doing more than a little bit of damage.

      --
      This message is provided under the terms outlined at http://www.bero.org/terms.html
  14. How to solve spamming, worms, email trojans, etc.. by Meowharishi · · Score: 2, Interesting

    Everytime I see a thread pop up on /. regarding spamming or other email abuse, I find myself compelled to repeat my suggestion for how we can effectively battle against these forces which leech the life out of the 'Net.

    My suggestion is quite simple: All SMTP servers should put in place policies which reject mail that is not digitally signed with a certificate trusted by a root authority. Personal email certs should be free, commercial (for marketing purposes) should cost a reasonable amount.

    This would enforce accountability behind emails by guaranteeing the identity of the sender. Do this and things will clean up considerably, imho.

    --
    mje0w!!!1!
  15. Spamcop anyone? by a3d0a3m · · Score: 2, Informative

    When I get spam, I report it on spamcop. It is a free service [with pay options, please pay and keep it going!] that will analyze your e-mail and headers looking for legitimate source IPs, open relays and websites mentioned in the spam and then look up the e-mail addresses to send anonymous reports on your behalf. You can also sign up for spam-free e-mail and buy a paid subscription to spamcop reporting. I can't say whether it has worked or not, but I feel better knowing open relays are being noted and that sysadmins are being notified! Link.

    adam.

    1. Re:Spamcop anyone? by Carmody · · Score: 2

      I have been using spamcop for about a month, and so far I have not noticed any decrease in the amount of spam that I get.

      I continue to use it intermittently, but I don't have any indication that it is doing any good.

      I would be interested if anybody has evidence of is efficicacy

      --
      God is real unless declared integer
  16. Just make them pay. by AnotherBlackHat · · Score: 2

    The reason spam exists in such vast quantity is because it's so cheap to send.

    Suppose that every time someone wanted to send you an email, they had to "buy" a password token. Then, after you read the message, you could "return" the token if you think it's not spam. If tokens were a penny, it would stop most of the really annoying spam, but if you really hated spam, you could sell your tokens for a dollar.

    -- What I really hate is people who ask you to surrender your freedom to stop spam.

  17. Why not by fferreres · · Score: 2, Insightful

    Anyone can spam: from "a 6 year old guy", to "dr.evil" to "mr. good guy that is trying to solve world hunger". So you want different penalties: kill evil guy, warn good guy, educate kid.

    Some of them, unknowing how bad spam is

    People complain about spam. Yet, if they find it usefull, they use the service (contradiction)

    Spam doesn't kill people or ruins lifes or fortunes

    Spam is relative: what defines spam? a) everything unsolicited? (leads to: nobody can even contact you to ask you if they can contact you.). b) something that is sent to more than me and that is unsolicited? (leads to: how do you enforce/know that? Spammer could just program variations of the smap message).

    There IS usefull spam and useless spam as well (99% useless ratio today). If we enforce "good smapping practices..." (ie: receive unsolicited email from good employers offering good salaries)

    Spam is global (different legislations) and can move fast (from server to server).

    Detecting spammer (physically) is: a) expensive, b) they usually don't have much money (what will you do to him? arrest him like Mitnik?).

    Thouthan other reasons

    So the bottom line is (my opinion):

    Spam doesn't know black and white. There're shades of gray only, and difficult/expensive to block. At some point we should draw a line, beyond that line, prosecute spammers (law). Everything else would be client-side (ie: tools to block spam, blacklists, filters, etc.).

    --
    unfinished: (adj.)
  18. Yes, fight them down under! by Dr.+Awktagon · · Score: 5, Funny

    Finally, someone has come to recognized my preferred solution to fight spammers: kick them in the genitals.

    Or did you mean something else by "Fighting The Spammers Down Under"?

  19. Re:editors, hello by grytpype · · Score: 2

    They also post an article about spam every other day. This article had nothing new at all, but they posted it anyway.

    --

    - Have a picture

  20. Re:How to solve spamming, worms, email trojans, et by radja · · Score: 2

    >commercial (for marketing purposes) should cost a reasonable amount.

    actually, an UNreasonable amount would stop more spam.

    //rdj

    --

    No one can understand the truth until he drinks of coffee's frothy goodness.
    --Sheikh Abd-Al-Kadir, 1587
  21. Support the FTC by SomeoneYouDontKnow · · Score: 5, Interesting

    If the FTC is really serious about going after spam, then we need to give them our support. More than that, we need to make them do their job with this. If most spam is fraudulent, and if most spam is sent by a relatively small group of people, then it stands to reason that getting rid of these hard-core spammers will go a long way toward reducing the spam problem.

    Now don't get me wrong here. I'm not naive enough to believe that this is going to be easy. Spammers are slippery little worms, and stopping them for good won't be easy. However, there's nothing like a court order to give someone an attitude adjustment.

    So here's the deal. The FTC wants to receive spam at uce@ftc.gov, so send it. My guess is that they like getting all spam, but bear in mind that they don't have jurisdiction over spam per se, just spam selling fraudulent goods and services. This is something they can latch onto and run with because they are empowered to stop fraud. If you send, be sure to include full headers so messages can be tracked back to the source. That way, if a spammer hops from ISP to ISP, it may be possible to construct a pattern that can be used to find and nail him.

    As I said, I don't count on this to work, but if the FTC really is serious, then let's give them the evidence they need to bust some balls.

    --
    That light you see at the end of the tunnel might be from an oncoming train.
  22. Re:scam the spammers by MillionthMonkey · · Score: 2

    This isn't a good idea because it fosters meta-spam. The spammer can say "Look at all these responses I'm getting from my bulk emails!" and sell CDs of email addresses to people.

  23. Re:No odds by bakes · · Score: 2

    I get spam to email addresses that I have NEVER posted ANYWHERE. My ISP owns multiple domains, email sent to my name @ any of those domains comes to me. They take the domain name, combine it with a list of names, and spam the list. Some of them will be real addresses, some not. Often I get the same spam 2 or 3 times, sent to different addresses (but delivered to the same mailbox).

    I used a spam bouncing program for a while to generate fake 'undeliverable' messages, and that helped a little bit. I stopped a few months ago, and it's starting to build up again.

    --
    Ho! Haha! Guard! Turn! Parry! Dodge! Spin! Ha! Thrust!
  24. 99/1 rule on spammers by chongo · · Score: 5, Informative
    Over the past 2 years we have noticed that more than 99% of the repeat spam comes from less than 1% of the sites.

    In addition to the usual anti-spam methods:

    one can block IP addresses that attempt to spam on a regular basis. Tools such

    can be configured to block frequent spammer IP addresses from your SMTP ports.

    The following is a list of IP addresses that we have observed spamming on a regular basis. Blocking these sites won't solve your spam problem. On the other hand blocking common spam locations as part of an overall anti-spam system will help.

    12.30.205.0/24 24.2.10.0/24 24.88.20.0/24 61.13.0.0/16 61.30.0.0/16 61.129.0.0/16 61.177.0.0/16 63.100.231.32/28 63.184.200.0/24 64.14.218.128/28 64.65.0.0/18 64.80.216.0/22 64.80.220.0/23 64.208.134.0/15 64.239.0.0/18 66.33.0.0/17 66.72.98.10/32 128.18.0.0/16 128.121.126.220/32 142.154.0.0/16 161.58.0.0/16 192.147.174.0/24 194.91.230.0/24 195.53.155.0/24 195.153.207.128/27 202.9.128.0/19 202.181.196.120/29 205.141.192.0/19 205.141.224.0/21 206.173.16.0/21 206.173.24.0/22 208.50.155.0/24 208.165.228.0/22 208.187.17.192/27 209.38.216.0/22 209.69.0.0/16 209.239.0.0/19 209.239.192.0/19 209.249.0.0/16 210.52.0.0/24 210.85.0.0/16 210.201.0.0/18 210.226.0.0/15 210.228.0.0/14 210.241.0.0/17 211.20.180.0/22 211.21.0.0/16 211.32.0.0/13 211.51.63.171/32 211.226.126.0/24 212.49.192.0/24 212.174.0.0/15 212.216.0.0/16 216.41.0.0/16 216.42.0.0/16 216.53.128.0/17 216.79.0.0/16 216.87.64.0/19 216.122.0.0/16 216.143.68.0/22 216.143.72.0/22 216.143.76.0/24 216.167.0.0/17 216.174.192.0/18 216.183.206.64/28

    Sorry if your IP address is in the above list. If you are not a spammer then it could be that you happen to be using an ISP that tolerates spammers (or is unable/unwilling to block them), or you work for a company that spam, or you are near a poorly configured and poorly maintained site that is abused as an open relay.

    --
    chongo (was here) /\oo/\
    1. Re:99/1 rule on spammers by pne · · Score: 5, Funny

      I get a lot of spam from the 127.0.0.0/8 netblock from some weirdo telling me I'm a spammer myself. I keep complaining but it doesn't seem to help.

      --
      Esli epei etot cumprenan, shris soa Sfaha.
    2. Re:99/1 rule on spammers by Erasmus+Darwin · · Score: 3, Interesting
      "If you are not a spammer then it could be that you happen to be using an ISP that tolerates spammers (or is unable/unwilling to block them), or you work for a company that spam, or you are near a poorly configured and poorly maintained site that is abused as an open relay."

      ...or you've got an IP address that at one point in the past belonged to a spammer. The problem with a static list such as this is that there's no procedure to get an address removed from it, even if the original ISP eventually kicks the spammer off or even if the ISP goes out of business.

      Consider, for example, the position of PaeTec Communications. They've been unable to kick a spammer off (Monsterhut), as said spammer was able to obtain a temporary injunction. When the case is resolved, PaeTec will presumably win. Until then, however, the address range they lease to Monsterhut is getting added to numerous blacklists. I see no reason to why that address range shouldn't be removed after PaeTec succeeds in ridding themself of this spammer -- at some point in the future, that address will get reassigned to a new customer. But if the people blacklisting that address are using an uncommented, static, ad hoc list that the snarfed from Slashdot, there's a decent chance that that listing'll be around indefinitely.

      In summary, I strong encourage sysadmins to stick to well-maintained lists when it comes to spam blacklisting. They should carefully evaluate both the criteria that gets a site listed and the criteria that gets a site unlisted.

  25. Unaccountability by iangoldby · · Score: 2, Insightful

    The article mentions that some of these 'spam cops' are only contactable via a newsgroup, and that they hide their real identities in order to avoid being hassled by lawyers employed by the spammers. I understand this. I applaud what they are doing - I despise spam as much as the next person.

    But by their anonymity, they make themselves unaccountable to anyone else. That means that there are no real controls. What happens if one of these spam cops ends up on some kind of ego trip, or perhaps just starts making mistakes? A breakdown in relationships or other pressures could result in a block list not being updated.

    Much as it may be difficult, I think all efforts to control spam must be made out in the open, with full accountability to the rest of the internet community.

    1. Re:Unaccountability by Senior+Frac · · Score: 2, Insightful

      But by their anonymity, they make themselves unaccountable to anyone else.

      They are accountable only to those who use the list to block. Those users may voice their displeasure by ceasing to use the list. Any other feedback avenue is above-and-beyond the responsibility of the list maintainer. Some might do it, some not. To assume they are accountable to anyone else is misguided.

    2. Re:Unaccountability by crucini · · Score: 2
      The problem with making the list maintainer anonymous and unaccountable (by which I mean they don't answer to anybody - no one can bring them back into line if they start getting it wrong) is that sysadms won't necessarily know that there is a problem and therefore that they should stop using the list.

      Sounds like a theoretical, rather than practical, problem. At least with regard to SPEWS, which is probably the most useful list. Anyone disagreeing with a SPEWS listing can post to news.admin.net-abuse.email. On the very rare occasions where the complaint is legitimate, the listing is removed quickly. Almost always, the complainer is a spammer trying to weasel out of the consequences of his actions. Everyone on nanae is attuned to the danger of 'spite listings' and similar irresponsible behavior. (See ORBS). If SPEWS starts doing this it will be highly visible on nanae and they will lose their user base and therefore their importance.

      The assumption that significant public blacklists are operating in the dark, unexamined is incorrect. The more important the list, the more scrutiny.

      Now the lists which really do operate in the dark are those maintained privately by ISP's. You cannot ask earthlink whether or why they are blocking mail from your IP block. The maintainers of SPEWS are anonymous. Who are the maintainers of earthlink's blacklist?
  26. Re:Other types of spam by MartinB · · Score: 3, Informative

    This is where I gloat a wee bit about living in the UK. We have a lovely service called the Telephone Preference Service. Anyone making unsolicited commercial calls must cleanse their lists against the TPS list, or be guilty of a criminal offence.

    Since registering a year ago, we've maybe had five calls, all of whom hang up really quickly once you start asking them for their details to report them to the TPS.

    --

    The only thing you can accurately describe as "Scotch" is a sticky tape made by 3M. And it's

  27. Beware all opt-out lists.. by jcr · · Score: 5, Interesting

    The Direct Marketing Association has this little checkbox on their page, which says "notify me when my listing expires".

    EXPIRES? WHAT THE FUCK?

    If I were naïve enough to belive that any of the sleazebags in the DMA would actually honor this list for *any* amount of time, I'd be pretty pissed off when the spam started flooding in when their database says my "leave me alone" notice has expired.

    I trust these people about as far as I can throw them.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
    1. Re:Beware all opt-out lists.. by Technician · · Score: 2

      Anybody up to testing this? Do you have a spam mailbox to submit to DMA to see who harvests it? Please post the results here. This could be interesting for those with your own mailservers. Just list DMA@example.com and see what turns up.

      --
      The truth shall set you free!
    2. Re:Beware all opt-out lists.. by Zocalo · · Score: 2

      Anybody up to testing this? Do you have a spam mailbox to submit to DMA to see who harvests it?P Yup. For a couple of weeks now. Either my fictitious account has been lucky or DMA "e-ps" is currently legit.

      --
      UNIX? They're not even circumcised! Savages!
    3. Re:Beware all opt-out lists.. by Animats · · Score: 2
      The DMA's opt-out list appears to be semi-legit. They do this in hope of staving off Federal legislation. They don't publicize it much, though. And they're still fighting against spam tagging with "ADV:", fearing it will all be dumped automatically.

      The DMA also operates opt-out lists for paper mail and telemarketing, which do have some effect. The paper mail list will stop all the major national promotions; I haven't heard from Publisher's Clearing House in a decade.

      The DMA expires e-mail addresses after one year, though, while the paper mail addresses are good for five years.

  28. The other evil of Spam by Cybertect · · Score: 5, Informative

    A friend of mine here in the UK has recently suffered a nasty fate at the hands of some very active spammers... they faked a reply-to address in his domain (summerisle.demon.co.uk).

    The result was that, for a period of about two and a half weeks in January, David was receiving over 1000 bounced emails a day, effectively mailbombing his account. With a pay-per-minute 56K modem as his only internet access, it wasn't a pretty sight.

    The spammers that sends this stuff out, who identify themselves as 'Global Advertising Systems' and 'Universal Advertising Systems' claim to be based in Billings, MT. You may have seen some of their handiwork in your own mailbox with subjects like 'Increase energy levels', 'Become a Judgement Processing Professional', 'Child Support-Investigator'. They're very effective at covering their tracks - the only contact information is PO Box, telephone and fax numbers in the US, plus disposable eMail address and a snail-mail PO box in Aruba if you want to be 'removed'. All the mail originates in the Phillippines (with the obligatory faked additional headers added) then gets punted out through open relays around the world. Complaints to the ISPs in the Phillipines get no reply or bounced.

    Fortunately, I'm lucky enough to have DSL, so I was able to filter the stuff out and forward it on to another account - OK if you've got the bandwidth, but not a proper solution.

    The scary bit is that it seems like there's no other defence against this kind of activity. The ISP hosting the domain's POP box sympathised, but said they couldn't do anything to delete this incoming junk before it was delivered. UK & Billings, MT police and the FBI said no crime had been committed and taking private legal action across the Atlantic is a bit out of the reach of a one-man recording studio. My friend's frustrated reaction to another attack this week has been to dump the domain and move elsewhere with a new .com.

    If anyone else has any more information on these b*st*rds or ideas for wreaking revenge I'd be interested to hear.

    1. Re:The other evil of Spam by twoflower · · Score: 2
      The result was that, for a period of about two and a half weeks in January, David was receiving over 1000 bounced emails a day, effectively mailbombing his account.
      1000 a day? Uh, we got joe-jobbed twice, averaging 13 million bounces a day. I think your friend got off lucky.

      Twoflower
      --


      --
      Twoflower
  29. Spam spam spam etc by Merovign · · Score: 3, Interesting

    Well, I think asking the government for help here is a little counterproductive. Given the Government Nature, the solution will be shortsighted, intrusive, expensive, and will exclude rational thought. In short, they'll probably:

    Declare a national moratorium on e-mail while a congressional steering committee holds a conference to determine the nature and extent of the problem.

    Industry and Community Leaders who have never actually sent or recieved an e-mail will be called in to consult, as well as a couple of Hollywood Celebrities.

    A proposal will be made to Nationalize e-mail under the State Department.

    Objections from Civil Liberties Profiteers Inc. will lead to a "compromise" proposal to place control of e-mail services with that well-known private organization, The Post Office.

    New "Spam Free" e-mail will cost $0.34 each, and take 3-5 days to deliver, but you can pay $3.00 and have a guarantee of delivery... in 3-5 days.

    A new congressional committee will congratulate the Post Office and themselves for eliminating SPAM!!! And hold hearings to examine the new problem of "unsolicited e-mail."

    Okay, that's a _slight_ exaggeration.

    But seriously, the obvious ways to help are:

    1. Very Public Boycotts of companies that use Spam tactics.

    2. Encourage use of Digitally Signed E-mail.

    3. Encourage efforts by ISPs to block e-mail from "repeat offender" sites.

    4. Encourage the "securing" of open relays.

    None of these methods involve letting politicians write laws which include new taxes, new power, or new public swimming pools named after them.

    And by the way, given the nature of Enya's music and Eminem's "anti-music," I imagine that if they were to actually meet, the resulting music-anti-music reaction could deafen an entire medium-sized city.

    1. Re:Spam spam spam etc by Peyna · · Score: 4, Insightful
      1. Very Public Boycotts of companies that use Spam tactics.

      I have yet to receive SPAM from a company I could even Boycott. Since I don't regular buy goods or services from Jerry's Triangle Scheme, or Joe-Bob's Porn site, a boycott isn't going to do much. Maybe if Subway started spamming me I'd stop going there, but I don't get any SPAM from any companies I've ever even heard of before.

      Actually, I think all the SPAM I get can be put into a few categories:

      There's your get-rich-quick SPAM, covering a myriad of pryamid schemes and others. Then there's your 'insider information' SPAM telling you what stock to buy. 'Porno SPAM' speaks for itself. 'Weight loss and Sexual medicine' group has to be one of my favorites. You can lump the rest into 'actual seems like they're trying to sell me something' group or the 'wtf is this?' group.

      --
      What?
    2. Re:Spam spam spam etc by sqlrob · · Score: 2
      2. Encourage use of Digitally Signed E-mail.

      So what? Spamboy gets a cetificate from some third world country with lax laws. There is already a booming market for tax havens, ship registration (Liberia an Panama!), so why not certs?

      Because even if the cert itself is invalid, it's going to cost much more time to send spam. Where it is easy to send 1M identical or near identical messages, how much horsepower does it take to send 1M individually signed messages?

  30. Effective fighting against spam... by quigonn · · Score: 5, Informative

    No matter who they are, fight them with razor! razor is a distributed, collaborative spam detection and filtering network, and it rocks. I hardly get any spam anymore, and if I get one, I can report it to the network, and other razor users won't see that email anymore.

    --
    A monkey is doing the real work for me.
    1. Re:Effective fighting against spam... by Daniel · · Score: 2

      The wonderful thing about razor, of course, is that absolutely anyone can report spam. Meaning that, well, within a few days of my trial run of razor, it had marked several legitimate messages as spam (while, I might add, missing about 90% of the real spam that I get)

      I've been trying spamassassin now, and it seems to work very well -- aside from its tendency to forkbomb the system if I download more than about 40 emails at once. ("fork: resource temporarily unavailable"...fun)

      Daniel

      --
      Hurry up and jump on the individualist bandwagon!
  31. Re:Terrorism laws by Technician · · Score: 2

    Only when spamming gets to a puppet master
    It has.. Most consider e-mail as a useless novelty and refuse to use it as a total waste of time. They never see spam anymore. Don't believe me? E-mail someone and see if you get an inteligent response. Maybe, just maybe you will get some sort of generic reply from a flunkie in the office, but you won't get your congressman. I know I tried and only got bounced mail back. Box was full for several weeks. (David Woo from Oregon) I quit trying.

    --
    The truth shall set you free!
  32. Of COURSE it's profitable by MillionthMonkey · · Score: 2

    Spam represents an incredible value for the money. It has very little cost, incurs little legal risk, and can reap great rewards. There are many business plans like that, but with the exception of spam, they're all RICO predicates (in the U.S.).
    When things reach a certain level of profitability they become recognized as crimes and laws are passed criminalizing them. Spam is only legal because nobody's ever seen anything like it before. People easily confuse spam with a First Amendment issue, so it will take a couple years, but by the time the average email account receives 20,000 spams a day, public anger will eventually boil over, reaching a point at which one of several things will happen:
    -SMTP and email in general will be supplanted by some more restrictive protocol that isn't as useful to the spammers for theft of services. (Hopefully this protocol will be open and not controlled by a ruthless monopoly.) Nobody will communicate via email anymore because all emails are assumed to be spam. As fewer people rely on it, more and more network paths will become closed to SMTP traffic until it reaches the point where most emails bounce once they leave their local network.
    -Sending spam no longer means you lose your 30 days free trial and have to find another ISP serving your trailer park. Instead, your door is busted down by people with scary guns and flashlights and handcuffs, and you're held without bail in a real jail cell with real iron bars, maybe with a new roomate who's 581% happier now that you're there.

    The solution will probably be technological rather than legal, just because of jurisdictional problems- even though the legal approach is obviously the one that socially makes the most sense. It's a real crime. But unless all the nations of the world sign a treaty to cooperate in investigating, catching, and prosecuting these idiots, they'll just keep finding more open relays in former Soviet republics.

  33. feed them to SPEWS by 1gor · · Score: 2, Informative

    Experience shows that blocking SPAM at source is impossible today. The fight should be directed at beneficiaries of spam (clients of spammers). And the only effective remedy is blocklists like SPEWS.

    Your friend could fight the spam indirectly if he persuaded his ISP (demon.co.uk) to adopt SPEWS filter. That would block mosf of ISPs that host spam beneficiary sites from demon.co.uk. When ALL their clients lose access to this large European provider (demon) - then ISPs would definetely notice and take action against the spammers. If not too late for themselves... (check out this tearfull public apology from a spammer at news.admin.net-abuse.email).

    --
    --
  34. Wait till you get the latest mobile phones by mattr · · Score: 4, Insightful
    Don't know how big phone spam is in the West, but in Japan it is so bad, the government is trying to make a law against it.

    You see, mobile phones ring or vibrate when they get spammed. It's worse than ordinary spam because email addresses are usually the same as your phone number, giving an easy target to spam programs.

    My friend has two phones registered with slightly different names, and they ring within 10 seconds of each other, about once an hour or so. His FOMA (3G, streaming video) phone is real special. It does a pirouette on his desk because it is vibrating so strongly.

    Imagine it. Everyone who has these phones (millions) gets this ringing all the time, even in the middle of the night. DoCoMo recently offered custom mail addresses to combat it but still..

    1. Re:Wait till you get the latest mobile phones by mattr · · Score: 2
      Yes, the recipient is paying for all this spam I believe. Of course young people seem to get most of the spam. Probably more people have email through these phones in Tokyo than other types of accounts. But apparently you cannot set the account to automatically forward the email to some procmail equipped account on a different server.

      This seems dumb and limiting the development of a new market, but then again who knows how much the phone company is making off the literally billions of spams going out.. I'm hoping this may change as the client-side opens up more.

  35. Shutting Them Down by Anonymous Coward · · Score: 2, Insightful
    Does anybody else wonder who these people are, ...

    Actually, many of the folk in news.admin.net-abuse.email know just whom they are.

    ... and what are the odds of having them shut down for good?"

    Not very good at this time. They are not breaking any laws in most places. (Making the falsifying of "From:" addresses a felony would fix that. Making use of open mail relays w/o permission a misdemeanor at least would help.) And they frequently move from dialup ISP to dialup ISP as needed. The bigger spammers get "pink" contracts (read: "we'll allow you to spam as long as the heat doesn't get too bad and nobody finds out about this contract") with big-name ISPs that many admins are unwilling to block (Qwest and Sprint are frequently at the top of The Spamhaus Project's "Top 10" list. Verio has received a lot of unfavourable mention in news.admin.net-abuse.email of late).

    The best things you can do, in my opinion, are:

    • Complain about every spam you receive. But make sure you're complaining to the right places. Make the complaints civil, but firm.
    • Block spam as best you can. Yes, no blocking mechanism is perfect. There will be some false hits. Learn to live with it. I have. My bosses and cow-orkers have. The alternative is unthinkable. Block it even if it means black-holing entire /16 blocks of IPs. Even if it means black-holing entire ISPs. Or even countries.
    • Refuse to do business with spam-friendly ISPs. Check with the good folk in news.admin.net-abuse.email and consult the "Top 10" list at The Spamhaus Project. (We recently switched ISPs at one site because our old ISP was becoming unbearably spam-friendly.)
    No, there's not much that can be done to "shut them down for good," but you can make the effect of their spamming as ineffective as possible and make the ISPs that support spammers as unprofitable as possible.

    SPEWS, by the way (mentioned in the article), is having a tremendous effect on spam-friendly ISPs :-).

  36. And the 12 most common types of spam scams are... by bihoy · · Score: 2
    For more information check out the FTC site or file a complaint online.

    "FTC Names Its Dirty Dozen: 12 Scams Most Likely to Arrive Via Bulk E-mail"

    Business Opportunity Scams

    Making Money By Sending Bulk E-Mailings

    Chain Letters

    Work-At-Home Schemes

    Health And Diet Scams

    Easy Money

    Get Something Free

    Investment Opportunities

    Cable Descrambler Kits

    Guaranteed Loans or Credit, On Easy Terms

    Credit Repair Scams

    Vacation Prize Promotions

  37. Why ? by DABANSHEE · · Score: 2

    It works.

    My brother did the exact thing to some businesses that have fucked with him, over money.

    & guess what? They stopped fucking with him. Mind you the looping faxes were only a small part of a whole military style operation.

  38. Re:I have an idea.... by nstrom · · Score: 4, Insightful

    It's already being done. If you're interested, run one yourself -- every spam message trapped by a honeypot is a spam message that doesn't get to its recipients. Brad Madison runs one on a university VAX machine and Michael Tokarev runs one in Russia. Both are fairly heavily trafficed by spammers.

    See Brad's page Fighting Relay Spam for more information on running your own SMTP relay honeypot.
    See posts like this one to see that these honeypots are working.

  39. Re:How to solve spamming, worms, email trojans, et by AMK · · Score: 2
    There's also Dan Bernstein's Internet Mail 2000 proposal,
    where mail messages are stored on the sender's computer until the recipient retrieves it. This would mean that recipients don't pay for
    disk space or bandwidth, senders do, and getting a spammer's account
    pulled would result in all their spammed e-mail disappearing.

    But good luck getting everyone to adopt a new mail protocol...

  40. Still....... by DABANSHEE · · Score: 2

    ......I think most of the companies that get sold on the idea of utilising a spam agency don't make anything out of it either.

    They're like popups - no one clicks popups & they annoy the fuck out of everyone, but corporate marketeers assume they work because they assume people wouldn't hire popup agencies unless they do work, so they jump on the bandwagon & sign on with some popup agency too. But I very much doubt that they add to the bottom line the vast majority of the companies paying for the popups. Mind you the agencies might make a bit of dosh out of it.

    That's why the bottom fell out of the banner add market - the corporate world relised that on average banner adds just don't add to the bottom line (ie they generally don't increase turnover, turnover of tangable products that is), consequently what many websites get for each banner add is less than 1% of what they were getting just 18 months ago.

  41. Re:DMA Opt Out by CharlieG · · Score: 2

    Hi,
    I'm not SURE about the DMA's email opt out list, but I do know for a fact that their snail mail out out list _IS_ legit!

    My wife works for one of the larger junk mail companies out there in names selection, and trust me, the watch that list, and even if you would be "perfect", they pull your name from the mailing! (Ditto if you contact them directly)

    They have 4 reasons for this:
    1)If you went through the effort to opt out, they KNOW you mean it
    2)People who opt out don't buy (see profit motive)
    3)It costs quite a bit to do those snail mail mailings, so they don't want to spend money sending mail to folks who won't buy (see #2)
    4)The DMA insists on it! The DMA is NOT kidding when they say they will drop members for abusing this

    The problem is, most of the fly by nights (and most email spammers are fly by nights compared to the big junk mail houses) don't belong to the DMA, or even care!

    I'd bet that if you got spammed by American Family Publishers - the Ed McMahon folks - now out of the sweepstakes business - and asked to be removed, you would be! Ditto a Sears, Lillian Vernon, etc (all large catlog companies). They are used to dealing with opt out, and have procedures to deal with it. It doesn't always work (yes, database cleanups have caused problems, and fines have been issued)

    The problem is the scammers and small shops that don't care

    --
    -- 73 de KG2V For the Children - RKBA! "You are what you do when it counts" - the Masso
  42. Re:Who are they? by Tackhead · · Score: 2
    > I've been wondering who the "known criminals are for many years. If you know who these dastardly no-goods are, please respond to this message and put my mind at ease. Thank you.

    ROKSO is your friend.

    Poke around groups.google.com in news.admin.net-abuse.email.sightings or news.admin.net-abuse.email to find out who your pet spammer is. Learn.

    Punch your pet spammer's name into ROKSO. Learn more.

    Many of these individuals have prior convictions for fraud. Some may still be on probation. Why the FTC has ignored them for so long is utterly beyond me.

  43. anti-spam resource for qmail users by Silas · · Score: 2

    I maintain an anti-spam resource for the qmail community, which I will now shamelessly plug: http://www.summersault.com/chris/techno/qmail/qmai l-antispam.html

  44. Re:What is the bigger outrage? by swb · · Score: 2

    Prison rapes are not rare. During a legislative internship in college I toured a maximum security prison. The head doctor of the prison said they sew up about 3-4 rectums every month, presumably from people raped badly enough to require stitches. Ouch.

    And lets question the idea of consent. If I tell you you have a choice between being sodomized or beat to shit, how long until you "consent"? At least if you consent, you may get a chance to smear some lotion on to prevent a trip to the infirmary.

  45. Er - on what planet is this again? by Scooter · · Score: 2, Insightful

    "Most of today's email spam, however, comes from a handful of culprits, described by Barry and others as "known criminals"."

    Well I can't speak for anyone else, but the SPAM that lands in my email box every day is largely from large corporations, chain letters (you know the ones that want you to send money to people on a list), and the rest I have no clue about as I can't read Kanji.

    I honestly don't mind a bit of SPAM, but what really gets my goat is when they either claim that I asked for it "here are the results of your feedback form" or such like, or they cite some law from some country I don't live in and claim that this gives them the right to send me mail about whatever rubbish they are peddling. And lets face it - if they're intentions are so honourable, why is the return address always a non-existent hotmail/yahoo account? Then there's the "removeal"options - yeah sure I'm gonna go to some web page and type in my email address - so the spammers can know it's a real email address. Some of them even have the cheek to ask for a receipt!

    The 3rd most prevalent type of SPAM in my mailbox is the laughable fraud attempts - you know the ones typed in CAPITALS usually puporting to be from some dude (usually in Nigeria) in some country's government who has some scam going whereby he needs your bank details to dump several million dollars US into it. I love those ones - they've been around on paper for donkey's years.

    The Herald's reporter must have been out in the sun too long - the world's spam sent by a handful of chavvies - my arse.

  46. Use a UNIX Mail System for Self-defense by billstewart · · Score: 2

    It sounds like your friend, and people in similar circumstances, really needs to get a Unix mail system. If he's got a Unix account at his ISP, then he can use Procmail or similar preprocessing scripts to trash the mail message before putting it in his mailbox, so he doesn't have to download it over a slow link. Alternatively, since he's using a POP mail client, he should retrieve his mail in a headers-only mode, trash the messages that are obviously spambounce, and limit his full downloading to the real messages. A number of mail clients can do that, or again, if he's running Unix at home, he can hack something if there's nothing that does quite the right job.

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  47. You don't understand. by Starship+Trooper · · Score: 2

    35fb trj356u fnsfaedg 5y reh gj wtysdfh adfvqer34t34 gsfbsfbwtrhwtuw u6u 356 u56uaerh fhsfb fsbsvbs shsrbnw thwthw54h 5h wthwrtb wty5hy wthwhgn svfbsgfbsfhwtrhwtry5y y 54y rg argataret y 54y w45y wfgsef ffbsfb

    --
    Loneliness is a power that we possess to give or take away forever