Rep. Bill Jones Thinks Spam is "Innovative"

GMontag writes "Wired is running this story:Candidate: Spam in Every Pot about candidate-for-governor Bill Jones' spam campaigning. The most telling quote: "Jones spokesman Darrel Ng said the e-mail wasn't spam, commonly defined as unsolicited commercial e-mail. Ng instead classified Jones' non-commercial mass-mailing as an "innovative way to use the Internet.'" Another interesting item: "An examination of the e-mail sent out by the Jones campaign revealed forged headers. The e-mail, purportedly sent from an MSN.com address, was actually routed through the server of an elementary school in Chonnam, Korea.""

And the surprise is?

[Gogl]

I can't help but think "so what?". This seems to me to be very standard political spin. A politician uses spam to try to further his campaign, and then defends it as "innovative" just because email spam *is* new in the domains of campaigning. Obviously anybody with a brain can say "it's not innovative unless the concept is new, not the application". By his logic I could spam for saving purple elephants and be "innovative".

It's just playing with words and being a political spin doctor. I, for one, am only surprised that email spam has not been used for campaigning earlier.

Kick him out of Office and bankrupt him.

[www.sorehands.com]

His spam may not have violated California law, but may have violated the TCPA (the junk fax law).

If your computer has a fax modem attached, a printer attached, and fax software, then it is a fax machine for the purpose of the federal definition.

What you should do:

• File lawsuit against him for $500 against him and the campaign.
• Work as hard as you can to ge the word out that he is scum, that abuses the computer equiptment of schools (if that is true), and help his opposition.

Lets make an example of this SPAM scum.

This is not legal advice until I go to law school, graduate law school, pass the bar, and confirmed that your retainer check cleared.

Spamming for dumbasses

[t0qer]

Uhh, this isn't a troll, it's a true story and it might shed somelight on how spam operators do their dirty deeds.

About 2 months ago I had the chance to take a road trip with one of my best buds to go see his father down in bakersfield. For those that don't know what bakersfield is, it's a shithole of a dirty little town somewhere between Sacramento and LA on the I5.

Now if it's a shithole of a little town, why would I in my right mind want to go there, sleep on a floor for 3 days, and eat crappy food. Well, my friends dad *supposidly* had a T1 line going into his apartment and was running spam operations from that. I told my friend that's bullshit, Ma bell don't run T1's to anything but businesses, i've ordered enough of them to know.

We got down there, I was expecing to walk in, and find a wirespeed DSL modem or something. Upon closer inspection I found a CSU/DSU and a cisco 2500 router. Holy shit this guy really did have a T1 line. I started talking to him about the legal/social ramifications of his business. After about 30 minutes of talking to him I could tell, he got a hair up his butt one day thinking spam was going to be a big money maker for him, paid someone to set him up and that was it. Not only did he not have a clue that hijacking someones SMTP server is bad, but he said SMTP servers that don't run open relays are interferring with his ability to do business and started screaming "ITS MY RIGHT TO SPAM AND ANYONE WHO TRIES TO STOP ME IS INTRUDING ON MY AMERICAN RIGHTS TO RUN A BUSINESS"

I stopped talking to him after that. He just would not accept that using someone elses server without their permission is just plain wrong. Anyways...

He started trying to talk me and my friend into getting into the business with him. I told him it would be a conflict of interest for me because I am a sysadmin of course, but I would be more than happy to watch him work to learn for myself.

His network consisted of 6 win98 machines, 1 BSD box that he had no idea what it did. They ran some windows GUI based tool called SMTPscan. Basically it had 2 boxes to input your IP range into, it would scan that range and report back usable servers. I can't remember the actual name of the program he used to send the mail with, but I remember him pasting that list from SMTP scan into it.

Also to note was his lack of a true list management system. His remove e-mails pointed back to a hotmail account so his main server would be isolated from any attacks. He would manually go into his hotmail account. These removes did nothing though, let me explain it from his point of view.

Basically when your remove yourself from a spam list, it's just for that spam. The spammer still has a list for some new product that he hasn't sent out yet, if he hasn't sent it out how can you be removed?

So this guy maintains a list of 4,000,000 e-mails and ALLWAYS spams to all of them. Legally he's found a loophole to cover his ass and can happily spam the same list as long as he's selling something different.

I just wanted to post this so everyone would know, spammers aren't really the most technically minded people. To them it's
1. Spam
2. ****
3. Profit

While to us it's
1.Spam
2.Flood someone elses server, slander some legit company by relaying pr0n spam. Eat Bandwidth
3. Profit

I hope you enjoyed this post, please mod accordingly if you did.

--toq

Re:Spamming for dumbasses

[Darkling-MHCN]

This too isn't a troll.... and is also based on real life experiences. Although as I actually have an alternate and probably unpopular positive view of using email for marketing purposes I probably will be modded accordingly.

I have worked with a group that does "email marketing". Is there a difference between this and spam ? Some would say no....

But I would say yes for the following reasons:-

1. They use their own servers and their own network and pay for the bandwidth required to send the emails.

2. They have a policy that all their clients should have fully qualified (opted in) lists, any client found to be breaking this rule becomes an ex-client. As they are in Australia this would be in breach of the privacy act, and they have no wish to be associated with criminal activity no matter how petty.

3. Their clients aren't selling viagra, or university degrees, they run legitimate businesses that have been in business for years. Most of them have products that are totally unrelated to internet, and use email to replace sending faxes or sending out brochures or an event calendar to clients who have a desire to receive this information.

4. They actually have a remove option that actually does get you removed from the list. And to prove they do have a genuine concern for the recipients of emails. They are currently adding web interfaces that will give email recipients control over what clients they wish to receive email from.

Now it's obvious there are some cowboys out there and many of them probably do not fully understand the consequences of their actions, or the foolishness of annoying the people you're trying to do business with or in this case get votes from, which is roughly the same thing as far as I understand the US political system. I also think that their is obviously something that needs to be done about these people as they damage not only themselves but also the people in this business with some integrity who try and play by the rules and do the right thing.

Email marketing has the ability if properly regulated and controlled to give marketers unprecedented value and give customers unprecedented service. It also has the potential to save thousands of tree's by avoiding the wasteful use of paper to disseminate information. Have you ever wanted to opt out of receiving a brochure stuffed in your letter box, a little hard isn't it ?

Is it such a bad thing if email is used for marketing ? Or do we think that all marketing is evil ? How many things do you currently have enjoy in your life that you wouldn't have if it weren't for marketing ? Hmm.. movies like The Matrix, TV series like star trek ?

I think it's unwise to make huge generalizations and often people are too quick to use the word SPAM, which seems to have become a word more dirty than most other 4 letter words.

So does anyone else think that there is some place for email marketing ? Isn't the dissemination of information what the internet was originally designed for ?

Teergrube and Reverse Teergrube DDOS for KR, RBL?

[billstewart]

If you google for Teergrube (German for "Tar Pit"), you'll find several implementations that happily sit on Port 25 (either on machines that don't run their own SMTP servers, or perhaps are called out by the real sendmail when receiving mail from a known spammer) and answer v...e...r.....y.....s....l....o....w.....l.....y, with lots of delays and perhaps some try-later error messages. The usual application for Teergruben is to place a bunch of spambait addresses out on your web sites for the spammer's harvesting system to find, since any mail addressed to them is obviously spam, and log the senders' machines so you can track them down. The theory is that if somebody's sending out a few mail messages to real people and mistakenly send to you, responding slowly isn't a problem, but if they're trying to send thousands of spams per minute, and each of the N simultaneous outgoing SMTP sessions they can maintain keeps running until it hits one of the thousands of tarpits waiting for them, they'll use up all their capability waiting for tarpits to respond and be unable to bother real people, and thus they DDOS themselves. If they're abusing mail relays, and spreading the load around, that's a bit rougher, but each mail relay can also get bogged down. Also, dialup or open relay IP address that gets caught in the tarpit is one you can add to the blacklists on your real mail server, though you probably don't want to do that for non-dialup machines that aren't running relays, because they may simply have bad users (e.g. AOL has spammers, but also has your mother-in-law, so you don't want to block all mail from AOL.) You may not have a current DUL for Korea, but if you don't expect to get mail from anybody in Korea, or the mail goes to one of your spambait addresses, you can trap them too.

That works nicely if enough people do it, especially if they spread around lots of spambait addresses. But what about an active response - if you receive mail from an open-relay machine (either on the RBL, or one that you test, e.g. yet another Korean school box), you could send it ten simultaineous messages, v...errr....y...s....l...o...w..ly. Not enough to flood it, or kill it permanently, but enough that if it's trying to spam N destinations at a time, it will have some fraction of them tie up a few percent of its incoming SMTP capacity, and therefore quickly block its relay capability.

It's a bit dodgy, and you need to check your ISP's acceptable use policy to make very sure you're not violating it, but it's basically a scale attack which won't harm any systems that have real people sending out real mail, might bother real systems sending out real mailing lists (so obviously don't do this to systems you subscribe to), but will interfere with abused machines being abused by spammers as well as with spammers using their own machines directly.