Rep. Bill Jones Thinks Spam is "Innovative"

GMontag writes "Wired is running this story:Candidate: Spam in Every Pot about candidate-for-governor Bill Jones' spam campaigning. The most telling quote: "Jones spokesman Darrel Ng said the e-mail wasn't spam, commonly defined as unsolicited commercial e-mail. Ng instead classified Jones' non-commercial mass-mailing as an "innovative way to use the Internet.'" Another interesting item: "An examination of the e-mail sent out by the Jones campaign revealed forged headers. The e-mail, purportedly sent from an MSN.com address, was actually routed through the server of an elementary school in Chonnam, Korea.""

And the surprise is?

[Gogl]

I can't help but think "so what?". This seems to me to be very standard political spin. A politician uses spam to try to further his campaign, and then defends it as "innovative" just because email spam *is* new in the domains of campaigning. Obviously anybody with a brain can say "it's not innovative unless the concept is new, not the application". By his logic I could spam for saving purple elephants and be "innovative".

It's just playing with words and being a political spin doctor. I, for one, am only surprised that email spam has not been used for campaigning earlier.

Re:And the surprise is?

[phyxeld]

I, for one, am only surprised that email spam has not been used for campaigning earlier.

I'm very surprised anyone would want to use spam for political purposes. It's just stupid. Your average spammer doesn't care about his reputation, so it doesn't matter that 95% of the people who see their message will angrily throw it away. Politians, however, live off of their reputation. They can't afford to piss off that many people at once.

I'm sure this guy is regreting it. I mean, his website is blackholed right now, a few days before the primary! And this guy was supposedly "net savy"....

Don't think this will be the only one...

[No-op]

I hate to say it, but I think we're going to see much more of this kind of mentality coming from our elected officials (and candidates). You have to realize they farm this sort of thing out, and to them it's all a broad spectrum of marketing/contact/fundraising/etc.

I doubt the candidate in mind was even aware of what was going on, but when confronted he responded as you would expect any politico to respond. doublespeak and warm fuzzies, with a handful of buzzwords.

Hopefully there will be a day when there is a representative we can stand behind- the only way we can get there is for all of us to make our voices heard, and to use the system to fight the system. as many have said before, make phone calls or write actual letters spelling out WHY you feel something is bad, and rational reasons as to why they as your elected representative should be against something.

my 2 cents. have a good weekend!

Fast Forward to October

[Tyler+Eaves]

In a new state record, Candiate Bill Jones received only 1 vote. Many blame his poor showing on the fact the he hired his campaign spokesperson because he promised to "Get Vote$$ fa$$t"

SPAM!

[PopeAlien]

Shouldn't this be under the category "Its funny, laugh"?

But many who received Jones' e-mail are not California residents. Some aren't even U.S. citizens. Evidently, the address harvester used by Jones' vendor assumed that all e-mail addresses containing ".ca," a suffix that identifies a Canadian domain, belong to California residents.

Well, clearly if he could get the much coveted Canadian vote he'd win by a landslide..I bet the Canadians aren't voting for any other Californian Politicians. I don't know why no one has ever tried this before. How innovative!

My Bill Jones experience

[zsazsa]

I submitted my page on Bill Jones's spams a couple days ago, and it was rejected:

2002-02-28 00:58:56 California Gubernatorial Canidate Resorts to Spam (articles,spam) (rejected)

Anyway, I'm not bitter. Check out my page on it anyway: http://polpo.org/jonesspam/. Basically, I pick apart the mail and the "click here to remove yourself from our list" page (which involves some novel Javascript-based HTML obfuscation) and find out who one of the spammers might be.

After talking with some people about this and doing a simple Google search I found that he's been doing this for a couple months now, with MSNBC doing this story on it in December. They have a followup story here.

By the way, don't count on Bill Jones's office writing you back when you complain to them about the spam. I haven't recieved a response yet.

Ian

Kick him out of Office and bankrupt him.

[www.sorehands.com]

His spam may not have violated California law, but may have violated the TCPA (the junk fax law).

If your computer has a fax modem attached, a printer attached, and fax software, then it is a fax machine for the purpose of the federal definition.

What you should do:

• File lawsuit against him for $500 against him and the campaign.
• Work as hard as you can to ge the word out that he is scum, that abuses the computer equiptment of schools (if that is true), and help his opposition.

Lets make an example of this SPAM scum.

This is not legal advice until I go to law school, graduate law school, pass the bar, and confirmed that your retainer check cleared.

Lest we forget...

[fobbman]

A properly filled-out ballot is an innovate way to show your disgust of these practices.

Spamming for dumbasses

[t0qer]

Uhh, this isn't a troll, it's a true story and it might shed somelight on how spam operators do their dirty deeds.

About 2 months ago I had the chance to take a road trip with one of my best buds to go see his father down in bakersfield. For those that don't know what bakersfield is, it's a shithole of a dirty little town somewhere between Sacramento and LA on the I5.

Now if it's a shithole of a little town, why would I in my right mind want to go there, sleep on a floor for 3 days, and eat crappy food. Well, my friends dad *supposidly* had a T1 line going into his apartment and was running spam operations from that. I told my friend that's bullshit, Ma bell don't run T1's to anything but businesses, i've ordered enough of them to know.

We got down there, I was expecing to walk in, and find a wirespeed DSL modem or something. Upon closer inspection I found a CSU/DSU and a cisco 2500 router. Holy shit this guy really did have a T1 line. I started talking to him about the legal/social ramifications of his business. After about 30 minutes of talking to him I could tell, he got a hair up his butt one day thinking spam was going to be a big money maker for him, paid someone to set him up and that was it. Not only did he not have a clue that hijacking someones SMTP server is bad, but he said SMTP servers that don't run open relays are interferring with his ability to do business and started screaming "ITS MY RIGHT TO SPAM AND ANYONE WHO TRIES TO STOP ME IS INTRUDING ON MY AMERICAN RIGHTS TO RUN A BUSINESS"

I stopped talking to him after that. He just would not accept that using someone elses server without their permission is just plain wrong. Anyways...

He started trying to talk me and my friend into getting into the business with him. I told him it would be a conflict of interest for me because I am a sysadmin of course, but I would be more than happy to watch him work to learn for myself.

His network consisted of 6 win98 machines, 1 BSD box that he had no idea what it did. They ran some windows GUI based tool called SMTPscan. Basically it had 2 boxes to input your IP range into, it would scan that range and report back usable servers. I can't remember the actual name of the program he used to send the mail with, but I remember him pasting that list from SMTP scan into it.

Also to note was his lack of a true list management system. His remove e-mails pointed back to a hotmail account so his main server would be isolated from any attacks. He would manually go into his hotmail account. These removes did nothing though, let me explain it from his point of view.

Basically when your remove yourself from a spam list, it's just for that spam. The spammer still has a list for some new product that he hasn't sent out yet, if he hasn't sent it out how can you be removed?

So this guy maintains a list of 4,000,000 e-mails and ALLWAYS spams to all of them. Legally he's found a loophole to cover his ass and can happily spam the same list as long as he's selling something different.

I just wanted to post this so everyone would know, spammers aren't really the most technically minded people. To them it's
1. Spam
2. ****
3. Profit

While to us it's
1.Spam
2.Flood someone elses server, slander some legit company by relaying pr0n spam. Eat Bandwidth
3. Profit

I hope you enjoyed this post, please mod accordingly if you did.

--toq

Re:Spamming for dumbasses

[Darkling-MHCN]

This too isn't a troll.... and is also based on real life experiences. Although as I actually have an alternate and probably unpopular positive view of using email for marketing purposes I probably will be modded accordingly.

I have worked with a group that does "email marketing". Is there a difference between this and spam ? Some would say no....

But I would say yes for the following reasons:-

1. They use their own servers and their own network and pay for the bandwidth required to send the emails.

2. They have a policy that all their clients should have fully qualified (opted in) lists, any client found to be breaking this rule becomes an ex-client. As they are in Australia this would be in breach of the privacy act, and they have no wish to be associated with criminal activity no matter how petty.

3. Their clients aren't selling viagra, or university degrees, they run legitimate businesses that have been in business for years. Most of them have products that are totally unrelated to internet, and use email to replace sending faxes or sending out brochures or an event calendar to clients who have a desire to receive this information.

4. They actually have a remove option that actually does get you removed from the list. And to prove they do have a genuine concern for the recipients of emails. They are currently adding web interfaces that will give email recipients control over what clients they wish to receive email from.

Now it's obvious there are some cowboys out there and many of them probably do not fully understand the consequences of their actions, or the foolishness of annoying the people you're trying to do business with or in this case get votes from, which is roughly the same thing as far as I understand the US political system. I also think that their is obviously something that needs to be done about these people as they damage not only themselves but also the people in this business with some integrity who try and play by the rules and do the right thing.

Email marketing has the ability if properly regulated and controlled to give marketers unprecedented value and give customers unprecedented service. It also has the potential to save thousands of tree's by avoiding the wasteful use of paper to disseminate information. Have you ever wanted to opt out of receiving a brochure stuffed in your letter box, a little hard isn't it ?

Is it such a bad thing if email is used for marketing ? Or do we think that all marketing is evil ? How many things do you currently have enjoy in your life that you wouldn't have if it weren't for marketing ? Hmm.. movies like The Matrix, TV series like star trek ?

I think it's unwise to make huge generalizations and often people are too quick to use the word SPAM, which seems to have become a word more dirty than most other 4 letter words.

So does anyone else think that there is some place for email marketing ? Isn't the dissemination of information what the internet was originally designed for ?

Re:Before everyone goes off half-cocked here...

[Tackhead]

> Before everyone goes off half-cocked here about how political spam should be illegal, I'd like to gently remind people to think of the potential consequences to our society of banning any form of political speech, regardless of how tacky it might be.

If Bill Jones had spammed from Bill Jones' machine, and paid Bill Jones' ISP to deliver the outbound spew, you might have a point.

But according to the article, Bill Jones didn't do that. According to the article, Bill Jones raped an open relay in Korea. That is, he sent an SMTP transaction to a server (a server on which he had no authorized access), and commanded that server's MTA to deliver multiple copies of his spew to recipients in California and Canada.

Ignoring the theft-of-service issue that applies to all spam delivered through open relays, the server was on foreign soil -- that is, he appropriated the resources of a foreign government to influence the results of a domestic political event. That sounds like it could be in violation of numerous election finance laws (at a minimum), and a potential diplomatic incident to boot.

I happen to believe that all spam is theft (by conversion) of my mailbox. That is, Bill Jones has the right to speak, but he doesn't have the right to appropriate my resources to deliver his speech.

But even if you choose accept that sort of theft as OK in certain cases, how can you deny that (if the article is true) what he did is anything other than unauthorized access to, and theft of service from (if not a denial-of-service attack on) the Korean high school's server?

Newspeak. It is spam, damnit.

[praedor]

The really telling thing is the forged headers. Even if you could argue the points of political mailings being spam/not being spam, as far as I'm concerned, using a fake email/forged headers makes it spam. Forged email/headers trumps all other arguments. It is spam.

Spam Works!

[Crispin+Cowan]

Hey, spam really can increase your penis size. It has turned Bill Jones into a giant dick! :-)

Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase

CALL THEM

[drDugan]

916-349-2002

they tried to support their actions, citing 1st amendment and an unsubscribe.

I told them to go to hell.

Spot ad

[squiggleslash]

At this election, you're probably worried about how your government is going to spend your money, whether your child is going to get a decent education, whether your candidates actually cares about the issues, or will do anything to get elected. What would you say if one candidate decided to use a primary school's facilities to send out thousands of publicity messages to electors worldwide, many of whom couldn't even vote in that election? What if that candidate didn't pay that school a penny, despite disrupting that school's ability to use its computers while the candidate exploited them? What if this kind of behaviour wasn't just immoral, but probably illegal too in this country, and so the candidate had evaded American law by using a school in a third world country to send out his publicity? And what if that school had never given him permission, but he'd hacked into the school's computer systems anyway, like a common criminal? Representative Bill Jones did exactly that. And what's more, he called his abuse of third world primary children "innovative". At this election, you might want to innovate in your own way, and elect XXX XXXXXX for YYYYYYY, telling Bill Jones that you want someone you can trust. Not a penny pinching computer hacker.

i got this spam...

[kevin+lyda]

...and i live in galway ireland.

and here i thought florida had the weirdest voting laws...

Teergrube and Reverse Teergrube DDOS for KR, RBL?

[billstewart]

If you google for Teergrube (German for "Tar Pit"), you'll find several implementations that happily sit on Port 25 (either on machines that don't run their own SMTP servers, or perhaps are called out by the real sendmail when receiving mail from a known spammer) and answer v...e...r.....y.....s....l....o....w.....l.....y, with lots of delays and perhaps some try-later error messages. The usual application for Teergruben is to place a bunch of spambait addresses out on your web sites for the spammer's harvesting system to find, since any mail addressed to them is obviously spam, and log the senders' machines so you can track them down. The theory is that if somebody's sending out a few mail messages to real people and mistakenly send to you, responding slowly isn't a problem, but if they're trying to send thousands of spams per minute, and each of the N simultaneous outgoing SMTP sessions they can maintain keeps running until it hits one of the thousands of tarpits waiting for them, they'll use up all their capability waiting for tarpits to respond and be unable to bother real people, and thus they DDOS themselves. If they're abusing mail relays, and spreading the load around, that's a bit rougher, but each mail relay can also get bogged down. Also, dialup or open relay IP address that gets caught in the tarpit is one you can add to the blacklists on your real mail server, though you probably don't want to do that for non-dialup machines that aren't running relays, because they may simply have bad users (e.g. AOL has spammers, but also has your mother-in-law, so you don't want to block all mail from AOL.) You may not have a current DUL for Korea, but if you don't expect to get mail from anybody in Korea, or the mail goes to one of your spambait addresses, you can trap them too.

That works nicely if enough people do it, especially if they spread around lots of spambait addresses. But what about an active response - if you receive mail from an open-relay machine (either on the RBL, or one that you test, e.g. yet another Korean school box), you could send it ten simultaineous messages, v...errr....y...s....l...o...w..ly. Not enough to flood it, or kill it permanently, but enough that if it's trying to spam N destinations at a time, it will have some fraction of them tie up a few percent of its incoming SMTP capacity, and therefore quickly block its relay capability.

It's a bit dodgy, and you need to check your ISP's acceptable use policy to make very sure you're not violating it, but it's basically a scale attack which won't harm any systems that have real people sending out real mail, might bother real systems sending out real mailing lists (so obviously don't do this to systems you subscribe to), but will interfere with abused machines being abused by spammers as well as with spammers using their own machines directly.

Hilarious

[CleverNickName]

I got 4 of these spams in 2 days.

The thing that I found equally offensive and hilarious, is that it said "Your email was selected off the Internet based on your voter demographics." My voter demographics?!

Okay, anyone who knows me at all knows that I am about as far from Republican as you can get, and I am about as likely to vote for Bill Simon as I am to cut off my own leg.

So what exactly were they going for, by targeting my "voter demographic"?