Mapping the Spam

demaria writes "The folks at cluelessmailers.org have made a map of spam. It shows the relationships among spammers and other entities (legitimate or not), including organizations that track spam, advertises with, shares addresses, emails through, and all sorts of other data. I can't imagine how hard it was to put this together, it looks like a giant circuit design layout, but shows just how big and interwoven the spam problem is."

Good job /.!

[realdpk]

Linking to a page with a 870+KB image is really lame. Could have at least linked to a page that just described what the map was, so the user could click on to the map. Save cluelessmailers.org some big money.

Re:Good job /.!

[cetan]

Well, I'm happy to give up some bandwidth for these guys, it's a cool map. Here's a mirror.

http://www.cetan.com/mirrors/spammap.html

No need to mod me up, I'm not a karma whore.

Re:Good job /.!

No need to mod me up, I'm not a karma whore.

Actually, do mod parent up so those of us who browse at 3 can see the mirror when the site gets slashdotted.

Re:Good job /.!

[cetan]

Ok, that's a valid point. Do many browse that high? I browse at +1...maybe that's too low.

Re:Good job /.!

[DustMagnet]

So why didn't you provide a link like this overview or like this smaller version or even a google cache.

It seems to me, that you comment is really extra lame.

Re:Good job /.!

[Zathrus]

I'd guess that a lot of people browse at +3 - I do. It means that you have to be modded up at least once to get past the filter, which is a decent first-pass move.

If I'm interested in responses or the parent I'll click down, but that's about it.

Re:Good job /.!

[jimmcq]

There is a preview of the map at http://www.cluelessmailers.org/spamdemic/mapprevie w.html
Google cache

Re:Good job /.!

i browse at -1 all the time. i love the different trolls and other silliness that transpires at the lower levels, plus unmodded ac's have some interesting things to say.

but i also like spam, dont really see what the big fuss is. deal, people. its like walking down the street and having someone ask me for money. a lot of people really freak out, but i dont see what the big deal is, all you gotta do is say no and move on.

Re:Good job /.!

I browse at +3, too. Too much crap otherwise.

Re:Good job /.!

shut up.

Re:Good job /.!

[realdpk]

You're right. I was critical without providing anything constructive. Feel free to mod me down or whatever.

Re:Good job /.!

[gughunter]

Three or four spams a day isn't bad to deal with. But three or four hundred a day (due to people who randomly type your domain name in registration prompts all over the Internet) is a real pain!

Re:Good job /.!

I'll eat your liver with some grits and a nice goatse chianti.

But seriously-- You can give AC's and the "Troll" mod category an automatic bonus, too.

PS:BSD is dying.

Re:Good job /.!

[CMBob]

Thanks! I've never had a site that needed mirroring before... And now I understand how generous the folks are who offer to do it. Would you mind if I include a link to your mirror on the CM site? I'm thinking of putting up an interim page in place of the full size map that explains what's up, along with links to mirrors and the original page. Thanks again! ...Bob Bob West Clueless Mailers Webmaster

Re:Good job /.!

But I don't want any SPAM. [Vikings begin to sing the spam song.]

Sorry, couldn't resist.

Re:Good job /.!

[cetan]

Sure thing. Feel free to do that.

Re:Good job /.!

[Sj0]

Personally, I find that the signal to noise ratio for spam is WAY to high in my hotmail box(I don't use it anymore, and I got it back when it was just hotmail sans MS), to the point where I wade across hundreds of spam messages(many with decieving subject headers) before I hit an actual message.

Re:Good job /.!

[orthogonal]

You're right. I was critical without providing anything constructive. Feel free to mod me down or whatever.

Why does this sound like something straight out of the Cultural Revolution? I'm not criticizing, it just struck me.

Re:Good job /.!

I haven't been able to load it at all, not from ANY site.

my fovorite

[bool]

ha! my favorite has to be the one at the top over towards the right... thefreesite.com. It was submitted to them by someone from that address! Spammers are even trying to advertise on spam maps... guess the really are a clueless mailer.

Re:my fovorite

[CMBob]

I'm not sure, but I think the one you're referring to mentions that the spammed email address was submitted by someone to a mailing list via that website, not that a spamvertized site was submitted to CM.

But I'm glad you're enjoying it!

...Bob

Bob West
Clueless Mailers Webmaster

Spam will be gone, in 100 years.

[purpledinoz]

I think spam will be erradicated, in about 100 years. Spammers are scum, and they should be shot, then deported. I wonder if we can use this map to somehow take out spam.

Re:Spam will be gone, in 100 years.

[Amazing+Quantum+Man]

. I wonder if we can use this map to somehow take out spam.

Sorry dude, but nuking spammers doesn't work.

Re:Spam will be gone, in 100 years.

Sorry dude, but nuking spammers doesn't work.

I think he wrote "I think spammers will be erradicated"
not "I think spammmers will be irradiated".

Re:Spam will be gone, in 100 years.

[TheCyko1]

Spammers are scum,

Yes, yes they are

and they should be shot,

Yes, yes they should

then deported.

Most of them are probably already in other countries, but if you mean offa the earth then yes, yes they should

Re:Spam will be gone, in 100 years.

hanging is too good for them, burning is too good for them, they ought to be cut in to little bitty pieces and scatted to the four winds...

Re:Spam will be gone, in 100 years.

[amuro98]

Eew...why'd you want to do that?

I'd rather they be stored deep underground along with those barrels of radioactive waste.

Re:Spam will be gone, in 100 years.

[hplasm]

Cut into little bitty pieces, then canned in jelly and sent back to the shops of Spamland as sp... well you can guess..

Re:Spam will be gone, in 100 years.

[User+956]

hanging is too good for them, burning is too good for them, they ought to be cut in to little bitty pieces and scatted to the four winds...

People in Hawaii seem to like spam.

Spam Definition Question #@ +1; Patriotic @#

Does the mapped spam include all of the misinformation generated by

George W. Bush
and company?

Thank you and have a nice day.

Re:Spam Definition Question #@ +1; Patriotic @#

[CMBob]

Not yet... But the RNC may one day soon make it onto the Map. They've been hitting me once a week or so. Not very smart, are they? ...Bob Bob West Clueless Mailers Webmaster

When can I buy the Thinkgeek Poster?

[swagr]

I need a comment so here it is.

Re:When can I buy the Thinkgeek Poster?

[Anonymous+Crowhead]

Download the .eps file and take it to Kinko's. Have them print it on one of their big color printers for posters.

Re:When can I buy the Thinkgeek Poster?

[RetroGeek]

This sig is a waste of 32 bytes.

Um, no, it is a waste of 39 bytes. You forgot to count the opening and closing italics tags.

Re:When can I buy the Thinkgeek Poster?

[*xpenguin*]

Um, no, it is a waste of 39 bytes. You forgot to count the opening and closing italics tags.

I used to have a sig that referenced to how many bytes my sig had but people kept bitching about it so I removed it.

Re:When can I buy the Thinkgeek Poster?

[swagr]

The way I see it, the italics tags aren't really a waste. Everyone loves italics, we can never have enough.

Use italics freely and enjoy them.

Spam scissors

[restauff]

Now we just need some giant E-scissors to cut some of those lines. I wonder if that map would allow a person / group to take some sort of preventitive action against the spammers (aside from avoiding subscribing to the names on the map)

Re:Spam scissors

restauff wrote: Now we just need some giant E-scissors to cut some of those lines.

More commonly known as a back-hoe ;)

Now they know we know

[EverlastingPhelps]

The only problem with this is that it lets the spammers know how much they need to change their MO to slide under the radar. I did get a warm feeling from seeing all of it though.

"You are going to let them in here? They're gonna see everything! Waaaeeeh, they're gonna see the big board!"

akamai? doubleclick? zdnet?

Some big boys (last time I checked their stock
prices was 1999 ... so they might not be so big)
are in on this.

Too complicated

[fabiolrs]

good lord I feel more confused looking to that than looking to my computers motherboard! :((

Re:Too complicated

Simple version:

Greedy Idiots --> Internet --> You

Re:Too complicated

you know that's the first thing that came to my mind.. obviously the processor is called "virtumundo", then there are north- and southbridges around nearby. on the left there's probably the memory bus and pci is lower.. what's on the top i'm not quite sure, maybe some unimportant miscellaneous integrated chips.

Thanks

[cOdEgUru]

For giving me all the domain names that I need to block out.

Wish there was some way I could block out that stupid Hotmail email begging for money to increase account size.

Re:Thanks

I just block hotmail, yahoo, aol, msn and excite entirely (literally).

Re:Thanks

You can. Just ditch your hotmail account.

Map of Spam

[CaffeineAddict2001]

The country of spam is surrounded by the "White Gelatin Coast", it is divided into various sovereign mystery meat nations. How this country was formed is unknown and best left a mystery.

Re:Map of Spam

[getter_85]

to the south of the country of spam lies the country of grinded assorted pig organs

what no hotmail

[oliverthered]

All the spam i get mapps through hotmail, and it's normally from msn

In Case It's Slashdotted

[goldspider]

In the inevitable event that thousands of simultaneous requests for an 870k+ file Slashdots the site, I'm going to post the entire image here in ASCII format.

...or I'm not.

He thinks the problem is spam

[fabiolrs]

"I can't imagine how hard it was to put this together, it looks like a giant circuit design layout, but shows just how big and interwoven the spam problem is."

The only problem I see here is understanding that damn giant thing! :))

Re:He thinks the problem is spam

[fishbowl]

"I can't imagine how hard it was to put this together, it looks like a giant circuit design layout, but shows just how big and interwoven the spam problem is."

Truly spoken by someone who has never seen a sexchart.

When I first read the story title...

[dmarien]

I got this sick feeling of joy, and the hairs on the back of my stood up... Maps to the companies which send out spam?

I'm driving to each and every one of em, and hurling bricks through their windows...

errr wait...

Re:When I first read the story title...

[Unknown+Poltroon]

Step 1) Put on gloves.
Step 2) Hurl bricks.
Step 3) ......
Step 4) Big profits.

Re:When I first read the story title...

[CMBob]

CluelessMailers.org does not endorse the use of violence, including Denial of Service attacks.

But thanks for thinking of us.

...Bob

Bob West
Clueless Mailers Webmaster

Re:When I first read the story title...

What's your position on shoving turds through their mailbox?

Re:When I first read the story title...

[Fluid+Truth]

Bricks? Don't you think it'd be more appropriate to hurl tins of processed meat products?

Re:When I first read the story title...

[Phrogman]

Place a note on each brick stating "This is not an unsolicited brick, according to US Statue..."

:D

Re:When I first read the story title...

[DavidTC]

Note the difference between endorsing something and comdemning it, or even the difference between endorsing something and simply condoning it. ;)

We will head out to beat them to death, knowing that we lack your seal of approval, but that you basically have no problems with it. ;)

Spam problem

[PhysicsGenius]

There is no way to "fix the spam problem". Claude Shannon proved decades ago that noise is inevitable in communications. Spam is noise on a data channel. Measurements suggest that the amount of spam we are seeing is slightly higher than the nlog(n) amount that Shannon predicted. This is probably due to people responding to their spam emails because, whether in jest or not, this relabels them as data instead of noise. The same goes for people who forward their spam to services like SpamCop--you are only clogging the network even more, please stop.

Re:Spam problem

[zaren]

yeah, let's stop filing complaints about spam, let's just let them do whatever they want to abuse the network... you might as well have said "Just Hit Delete" like all the spammers want you to do.

-----
Apple hardware still too expensive for you? How about a raffle ticket?

Re:Spam problem

[PD]

If we can't get rid of the noise, then we should at least change the nature of it. I'd rather not have SPAM noise which requires my active use of the delete function. Much better is line noise which can be automatically corrected by analysis of redundant information.

So, don't be so fatalistic about spam. You should be actively working to convert the noise that is hard to deal with into noise that can be automatically dealt with.

Re:Spam problem

[Zeinfeld]

Claude Shannon proved decades ago that noise is inevitable in communications.

He did no such thing. Shannon's law demonstrates that the information bearing capacity of a communication line is limited by the signal to noise ratio.

It is quite amusing to see how such basic observations are transmorgaphied by the game of Internet chinese whispers.

Spam will be addressed as a problem as soon as the pain barrier becomes high enough. With PKI it is possible to identify an email sender by means of a digital signature. The current problem being that there is no good way to locate public keys bound to email addresses. There is a lot of good work going on in this area, in particular the W3C XKMS group recently discussed a working draft that describes a mechanism for accessing public keys via DNS SRC records.

So under this system what would happen is that when you get email from them the email client would scan your address book to see if they were on your approved sender's list. This would probably include the individuals you know (Cmdr. Taco etc.) and also whole domains (ai.mit.edu) you might trust. if the mail is not in the list it goes into the 'low priority' pile.

There are email clients that do this at the moment but the spammers are using counter measures, such as scanning email list archives and sending out SPAM with fake sender addresses taken from the archive. With PKI and a means of determining whether the person actually has a public key or not this type of filtering becomes much more robust. Incidentally the mechanism does not require S/MIME to work, it can also be used with PGP.

To deploy the solution all we need to do is to persuade email client writers to support XKMS register and locate functions and ISPs to provide XKMS services along with their existing SMTP server. Oh yes and finish the XKMS spec I guess.

Re:Spam problem

[kwerle]

That's a terrible analogy.
Why is spam 'noise'? Just because you don't want to see it? If that's the case, how is forwarding spam to spamcop any different than trying to apply a filter to a signal to try to cut out the noise?

As for fixing the problem of spam via email, I use ASK, which has fixed the problem for me (to the tune of 99.9%).

Re:Spam problem

[Zathrus]

There is no way to "fix the spam problem".

There certainly isn't if you're fatalistic and don't look for solutions.

Claude Shannon proved decades ago that noise is inevitable in communications

Ignoring the abundant misunderstanding of Shannon's research (hey, go read here and you'll already know more thant he poster), to call spam noise on the data network is an amazing stretch. Spam is not noise. Spam is data. If you took the spam off the network some other crap that nobody wanted wouldn't magically fill the spot.

I also deeply question your off-the-cuff nlogn value for spam. Let's just take my Hotmail account as an example. It receives roughly 200 spam emails a day. They average 8k each. So that's 1.6MB of spam per day per user. Now, there's 118 million Hotmail accounts. Assume that a mere 1% of them get this much spam. That's 1,888,000 MB of spam. Daily. To Hotmail alone. That's nearly 2 terabytes of capacity. Daily .

Now lets start throwing in Yahoo! mail, AltaVista mail, juno, excite, etc. etc. etc. and start counting numbers. It's scary. Very, very scary.

If anyone can actually provide real numbers for how much bandwidth is consumed by spam, please do. I did a Google search a couple weeks ago and came up empty. Lots of sites referring to it consuming "great amounts of bandwidth", but no hard numbers.

Re:Spam problem

[doorbot.com]

With a decent ruleset for Sendmail and an array of RBLs, I haven't gotten any spam at my "main" address in quite some time. Eventually I want to implement SpamAssassin for additional protection. The most important thing is to reject messages while in the SMTP conversation! Do not accept them and then forward to /dev/null.

I'd like to thank Pacific Bell, however, for the barrages of spam I get there. I don't even bother to check the account more than once a week since I know it's just spam.

Re:Spam problem

[fmaxwell]

Spam is not "noise". It is e-mail abuse. It is not randomly caused by electromagnetic or other interference. It purposely injected into the e-mail stream. It contains specific messages and is delivered to specificied recipients. You act like it is some kind of natural phenomenon. It's not.

Claude Shannon said that communications channels have a source of noise (i.e., interference or distortion) which changes the message in unpredictable ways during transmission. What a spammer sends to me does not change other messages in unpredictable ways. It does not distort other messages. Spam is simply a source of unwanted messages.

If we stop complaining, we reduce the cost of spamming and it increases. Period.

Re:Spam problem

[Grax]

Well my idea won't fix it but it would make keep the spammers from faking their headers in certain ways. With the described method on the linked page you could stop unauthorized use of your domain name as the return address in a spam or worm message provided you and the destination mail server had this plan implemented.

http://www.vorteon.com/papers/spam_reduction_throu gh_dns.html

Re:Spam problem

[LinuxIsDyingGuy]

Another excellent troll from physicsgenious. What happened to the particle accelerator sig tho?

Re:Spam problem

[letxa2000]

The most important thing is to reject messages while in the SMTP conversation! Do not accept them and then forward to /dev/null.

I did that just last month. I modified my Sendmail server to analyze the content of incoming messages. It actually looks at the content of messages. It's amazing how predictable most spam is and how easily it can be tossed based on simple filtering.

The main difference is that when Sendmail is in the "DATA" phase and detects filterable content it hangs up right then and there.

My spam on my 8-year-old email account has dropped from like 40-50 per day down to about 5. Works great and looking at the Sendmail log to see how many times I hung up on spammers gives me a nice warm fuzzy feeling.

Re:Spam problem

[_ph1ux_]

Hey - hope you dont mind - and dont care if you do... but im gunna copy your sig. thanks!

Re:Spam problem

[Sloppy]

Claude Shannon proved decades ago that noise is inevitable in communications.

Heh, I love stuff like this. Someone needs to start a collection... Heisenberg proved you can't know anything, Einstein proved that everything is relative, Godel proved you can't prove or disprove blah blah blah. Just keep twisting and perverting it all until it gets unrecognizable. And just when it becomes so utterly meaningless -- it is then a perfect tool for any argument, a perpetual motion machine made out of spinning coffins.

Re:Spam problem

[AndroidCat]

I also deeply question your off-the-cuff nlogn value for spam. Let's just take my Hotmail account as an example. It receives roughly 200 spam emails a day. They average 8k each. So that's 1.6MB of spam per day per user. Now, there's 118 million Hotmail accounts. Assume that a mere 1% of them get this much spam. That's 1,888,000 MB of spam. Daily. To Hotmail alone. That's nearly 2 terabytes of capacity. Daily .

You get 200 a day? Wow, on average I get 20-30 a day and I Usenet post unmunged with it. Ah wait, I'm filtering Korea and a few keywords. And perhaps whacking a few spammers over the years has got me on some "Do NOT spam" lists? :^)

Bottom middle

Re:Spam problem

[Zathrus]

You get 200 a day?

Yup. I pissed off someone and they retaliated by adding my email address to every spam list on the face of the earth.

Eventually I'll setup my own domain and spamfilter, but until then I just deal with it. Hotmail's junkmail detection and filters cut out about 60% of it, but I still get 30-40 pieces daily. Used to cut out more, but then I hit the limit of 250 filters. And I do filter by domain.

Re:Spam problem

[mixbsd]

transmorgaphied by the game of Internet chinese whispers

Explains all the Chinese spam we're getting, then.

Re:Spam problem

[AndroidCat]

Ah well, you're probably getting Zathrus, Zathrus and Zathrus' email too. (But not Zathrus' mail.)

Re:Spam problem

[pjrc]

... when you get email from them the email client would scan your address book to see if they were on your approved sender's list.

That's nice if you only communicate with people you already know. Not so good if you have a public website, a company, or you participate in public forums (like slashdot) and people you do not yet know will make contact with you.

Re:Spam problem

[Zeinfeld]

That's nice if you only communicate with people you already know. Not so good if you have a public website, a company, or you participate in public forums (like slashdot) and people you do not yet know will make contact with you.

That is a problem, however my first priority is to try to do what I can to take what we can definitively identify as signal.

If you get a signed email from an unknown source it could be spam or it could be signal. In my corporate email client I would configure it to automatically presume that email with source addresses in the domains sun.com, microsoft.com, cisco.com, ibm.com etc. that is signed to not be spam.

If an email came that was signed and was not from the whitelist it would be put into an 'unidentified' queue. Initially none of the spam would be signed and a signature alone would be sufficient authentication. However that is not going to last forever as a sorting mechanism.

One thing that you could do is to reply to the sender with a note saying 'your email is in the pending queue, please return this confirmation message if you are not a spammer, i don't like scum who send spam'. Although a spammer could sign their messages and respond to the return messages doing so would be much more expensive and technically problematic, especially if we make it hard to automate the replies. It is also something that we could introduce a law to prohibit false replies.

The other part of the puzzle is that commercial communications would be separately identified. So if IBM wants to send me an invoice for the web server service they provided me with their invoice is signed and marked as an invoice. If IBM want to then send me some information on some additional service they might want to offer me it would be signed and marked as SPAM but would also have a tag to indicate what sort of spam it was. So offers for HGH, penis enlargement, Breast enhancement, nigerian letters etc. can head straight for the bit bucket while I might actually read a PR newsletter that I signed up for from Microsoft or Red Hat. But those message would go into my 'low priority folder'.

There are a bunch of other hacks that can be used. For example we might use PGP style community key signing to establish the authenticity of key holders. Or we might use commercial PKI CAs to authenticate key holders. While anyone can lie to a CA and get a certificate under false pretenses, it is also possible for CAs to revoke certificates.

In the long run I think we will see people signing their email routinely to bypass spam filters. The cost of obtaining a certificate will be low enough not to notice because they will be issued in bulk through channels such as the ISPs, but people who want to use PGP will still have that option.

Re:Spam problem

Hey physicsgenious it looks like you're the inevitable 'noise' on the Slashdot channel.

Re:Spam problem

[fmaxwell]

Heisenberg proved you can't know anything

Are you certain?

Re:Spam problem

There is a proposal for making SPAM a lot more troublesome to create...

Dan J Bernstein creator of qmail has a protocol change to reduce the cost of spam to isp's and receivers and put the onus on the sources to cut down.

Heres an overview... Internet Mail 2000

Re:Spam problem

[dubl-u]

The same goes for people who forward their spam to services like SpamCop--you are only clogging the network even more, please stop.

I think you're just trolling, but in case you aren't, here's the difference:

I go to a fair bit of trouble and expense to maintain my networks. I get to decide what happens with it. Spam is a parasitical use of that network, something I don't want. The reporting of spam is one of the things I do want. If I feel that it's clogging my network, I can stop anytime; I can't do that with spam.

Spam is noise on a data channel.

Uh, no. It's not like spam is some weird radio interference problem or some quantum effect. Real humans write and send every spam. They do it because they think they can make money at it.

This is not an inevitable consequence of the existence of a communication channel. Spam was negligible for many years; it wasn't until around the time of September That Never Ended or maybe the green card spam that I recall getting any. Since then it has grown explosively, so that for many people it outweighs regular mail. Ignoring it in hopes that it will go away or level out is about as smart as ignoring a suppurating wound.

Re:Spam problem

[roybadami]

One thing that you could do is to reply to the sender with a note saying 'your email is in the pending queue, please return this confirmation message if you are not a spammer, i don't like scum who send spam'

Take a look at TMDA

Re:Spam problem

I still think the Fake Spam Club has the right idea. Generate and distribute enough legitimate looking but in fact bogus spam, and thus discredit and disempower all spam. Like introducing sterile fruit flies into a population.

Re:Spam problem

ignoring the problem is also a solution. But it will not work. As html emailers are used more and more. Outlook express has done more to harm the way we get email than you think. It not only RUNS html by default. It will not even let you turn it off. Because it looks 'icky' WHO cares. There are web bugs in almost every single one these days. they open a 1x1 gif or some cgi script and tag your email as 'read'. How do you think they verify those emails as active? No bounce also would be an active. However IF enough people did not resopond to them eventually they will run out of money. As they will find no one will advertise with them as their crap dont work. But guess what. If you get 1 hit out of a 1000 it DID work...

Now what would be interesting for that map is some people have been setting up their own domains. They have also been using different emails at every site they type one into. So they can track who it came from. If they combined that with this map you could probably see who screwed up, or at least where it was trolled from.

Re:Spam problem

[DavidTC]

I'm having trouble grasping the concept of 'legitimate looking spam', or, for that matter, 'non-bogus spam'.

I contend myself with bogus replies to spam when bored. I've wasted several hours of different spammers' time. Then, at the end, explain you were just leading them on because they spammed, and you will, in fact, continue to call them up occasionally, or have your friends do that, and express bogus interest in their products for the next several months.

Now, after you're told them that, hang up and never call again. Don't actually do that, it would legally be harrassment. (Though, of course, I've always wanted to harrass them, and, at the same time, 'unsubscribe' from their list, and if they claim I'm harrassing them, hey, they won't stop emailing me.)But you'll have them questioning every single call from then on, and possibly assuming some legit customers are doing the same thing. This plan works even better the more people who do it, too.

Don't give up if they don't have a toll-free number or a webform, either. Call up their toll business line collect and say just say your first name. Half the people will just accept the charges.

Re:Spam problem

You could probably do it now if you wanted to throw away the possibility of getting a usable bounce. Just sign the Message-ID and mangle that in your envelope sender line. The recipient unmangles it, runs gpg --verify, and handles it based on the key that was used to sign it.

This means your mail would be 'from' <some-really-long-string-of-base64-junk@example . om>, but it would probably pass unmolested through most relays. Obviously it would be less of a hack to just do it as another argument in the SMTP transaction, but good luck making everyone implement it. To really work, you need something that can slip through the ancient mailers that aren't being upgraded regularly.

By the way:

It is quite amusing to see how such basic observations are transmorgaphied by the game of Internet chinese whispers.

Purple monkey dishwasher.

Re:Spam problem

[Zeinfeld]

Take a look at TMDA [sourceforge.net]

The problem there is that people^h^h^h^h^h^hSPAMers are bypassing the address book hack by forging emails with sender lines taken from mailing lists.

What we need to do is to organize a SPAM summit and develop a comprehensive strategy for addressing the issue. Paul Vixie recently made some good proposals. However if SPAM is to be defeated we really need to have more than a single fix.

Re:Spam problem

[OsamaBinLogin]

yeah, I think the solution(s) will involve stuff like this:

1) everybody has incoming email filters
2) Stuff from people you know gets modded up, spammers can't really fake this.
3) Suspicion points mod an email down. Suspicion points such as the word "penis" in the subject.
4) As time permits, you can scan some of the maybe-spam.
5) Email from your long lost Kindergarten playmates, pfft, sorry, they get tossed.

I like the idea of requiring anybody on the non-approved list to reply again to verify that they are human. Spammers have blood of reptile just beneath their skin.

Let's try this out BEFORE implementing a widespread PKI thing.

Where's the Asian spammers?

[tshoppa]

It's a fascinating site, a really cool map.

But where are all the Asian spammers? I'd guesstimate that I get 30 or 40 foreign-language spams apparently from Taiwan, Malaysia, and India every day. It's more than half of all the spam I get now.

Re:Where's the Asian spammers?

[EvilBudMan]

Right! I get quite a few with gArbAge characters in them and a lot of Russian p0rn0. I think we have a lot of people here going to porn sites and giving them our email at work. Maybe that's how they get it. Maybe the spammerz crawl for it. I don't know but we get mostly porn and a bunch wanting to make this thing or that thing larger. Don't they know that everybody's stuff and thingy's here is big enough?

I wonder if there is a geographic map somewherz? Maybe we could send the FBI after them for stealing my bandwidth. All 49K of it. ##%(0)-

Re:Where's the Asian spammers?

[Hollinger]

I get a bunch of these too.
What's sad about this is that I've figured out the korean characters for "advertisement," by trial and error, and automatically filtered all that junk out of my mail.

Re:Where's the Asian spammers?

[Anne+Thwacks]

After spending £400,000 on research, I can now reveal that "They are in Asia",

WIth a big enough research grant, I might be able to uncover more details.

Re:Where's the Asian spammers?

[ceejayoz]

Or, if you can't read oriental languages, you could do it the easy way and just block any e-mail with oriental characters in them...

Re:Where's the Asian spammers?

[bpfinn]

Amen to that. I get a ton of spam from Korea, and I can't even read Korean. Even worse, it's all HTML spam, so my email client dutifully goes and grabs a bunch of images from Kornet and Pubnet. I guess it's hard to opt-out if you can't read & write in the language. :(

Re:Where's the Asian spammers?

Probably putting "loud pipes" on their Civics. It's all about the "Azn" pride, you know. Crappy cars, poor spelling, and wannabe-gangsta clothes... what a glorious culture!

Re:Where's the Asian spammers?

[cybercuzco]

Not only that, but the ones that do list a "opt out" address actually subscribe you to their mailing list when you click on it. First of all, I dont buy from spammers, second of all, even if i did I dont know what they are trying to sell me

Re:Where's the Asian spammers?

[CMBob]

Well, I had to start somewhere...

Like the Map says, it's by no means a complete picture. I just started with one email, then another, and began finding connections.

Asian stuff generally gets nuked immediately; I rarely even bother reporting it anymore.

*sigh*

...Bob

Bob West
Clueless Mailers Webmaster

Re:Where's the Asian spammers?

[jonadab]

No two people get the same set of spam exactly. (I get the Asian
stuff too, but I have friends who say they don't, though they do
get plenty of other spam.) It all depends on where your address
goes out, who harvests it, and whom they sell it to.

I have tenatively concluded that there's a ring of
interrelated Asian spamhausen that share addresses with
one another. They appear to have fewer addresses than
the spammers elsewhere in the world but compensate by
sending LOTS of mail to each address. If you get on
their lists, you can expect to receive HUGE amounts of
the stuff (several an hour on the same topic, sometimes).
They mutate all forgeable headers on a daily basis, so
the only effective ways to filter these are either by
Received: header (using IP ranges -- their servers
migrate across all the IP addresses they have available,
and reverse lookup fails on basically all of them) or
by content. I've found that it's quite effective to
filter out any messages sent in character sets that
I can't read anyway.

Re:Where's the Asian spammers?

[dmiller]

Was the map automatically generated or hand drawn? If it was auto-generated, what software did you use?

Re:Where's the Asian spammers?

[paulwomack]

block any e-mail with oriental characters in them

Care to drop a clue on how to do this in mozilla(1.0)? I'd like to filter on character set, but I can't (AFAIK)

BugBear

Re:Where's the Asian spammers?

[funky+womble]

I'm sure there are people in Korea who don't read English who've received reams of spam from the USA over the years... You can drop quite quite a lot of it by filtering on =ks5601 etc. in subject lines.

Where spam comes from

[Salden]

I was expecting to see a map like this. Except that the parts that aren't labeled in that pic would be labeled from SPAM.

attention script kiddies, hackers, crackers, etc

[paradesign]

alright men (or otherwise) heres the battleplan,
you have the map,
weve located the enemy,
now take them out!

do it for the good of the net, and may the Force be with you.

Damn, that's some map!

[FreeLinux]

Not only is it huge. Not only is it /.ed. But, it also made X11 run my CPU utilization up to a steady 97%.

Re:Damn, that's some map!

[hikeran]

Hey! i got it.. if we all clicked on all the ads and links in spam email would we /. them? if so .. would it technically be a dos attack? hehe ... another way to stop spam i guess..

Re:Damn, that's some map!

Actually it is more of a denial of cash attack... The advertisers pay by the click-through and page view, but no revenue would be generated. Of course, this would be a perfect job for distributed computing..

Re:Damn, that's some map!

[davburns]

Hey! i got it.. if we all clicked on all the ads and links in spam email would we /. them? if so .. would it technically be a dos attack? hehe ... another way to stop spam i guess..

Except that about half of the spam I get has links that include identifiers to verify which email address resulted in loading the page. (As far as I can tell, that's the only reason for some of the Korean spam.) So, doing that would make spam more efficient, and also be a selling point for the spamware sellers ("Be carefull! You might get so much responce it takes down your server!")

Re:Damn, that's some map!

[Ben+Hutchings]

CPU usage should go up to 100% for as long as it needs to. Do you think your CPU needs breaks? Is it not cooled properly?

*Points at China*

[Jon+Howard]

Damn, I was wrong!

Another map idea

[parad0x01]

I think a map of the slashdotting of cluelessmailers.org would be just as interesting.

Excellent... more companies for the shitlist

Ah good... Having already blocked pretty much every advert and bit of spyware on the net, I now have a good list of spammers to blackhole too...

I've got my own private little world now. Free from advertising, spyware, msnbc, search.microsoft.com, media guide.... all gone...

And now.. spam too... all gone...

Thank you cluelessmailers :D :D :D

C&D

[scotfl]

Let's start a pool on how long it takes those tentatively linked to, and the indirect spammers (grey boxes) fire out the Cease and Desist letters.

I say tommorrow (no self-respecting /.er could be a spammer, right?).

Re:C&D

[Stoutlimb]

"I say tommorrow (no self-respecting /.er could be a spammer, right?)."

How many geeks on Slashdot have self-respect?

.

Re:C&D

[CMBob]

Nothing official yet...

I actively solicit input from those who are mentioned on the CM site, in any context. I want the information on the site to be 100% accurate.

There have been a few marketers who have contacted me to correct some things, and I've gladly changed them.

Got a note today from a service provider which mentioned the word "slander", referring to, IIRC, a simple notation that read something like "company X sends email through service Y". They said they've already terminated the spammer, and they want their mention removed. I'm more than happy to make note that the spammer has been nuked.

I want to make sure that everything on the site is factual, and I'll change any and all errors and clarify anything that needs clarification.

After all, inaccurate info on the site wouldn't help in the credibility department, eh?

...Bob

Bob West
Clueless Mailers Webmaster

Mirrior

[Huogo]

http://www.5light.com/spamdemicmap.gif

And we can't even slashdot it!

[adam613]

This is no fun. The map graphic is so big that we can't even slashdot the site because there isn't enough bandwidth.

Hard to follow

[pgpckt]

Wow, I do have to give props for the people that put this together. It is really well detailed. I don't quite understand exactly what they are trying to say about the relationships though. Are they just trying to say that these are the routes and sites that make spam possible? If so, it seems a little moot to me. Real world example: Hiways may make it possible for , but it isn't the highway's fault. We should target the people responsible. Perhaps we should also target the middlemen, but I prefer to go for the source.

I personally use spamassasin to filter my mail. It works great for me, so my problem is solved. I suppose the ultimate way to treat spam is by getting the end consumer to ignore it. Oh well, just a thought.

On a personal note, I have a new journal entry today. Take a look, it is about duplicity in a certain American law.

Re:Hard to follow

[CMBob]

Well, the Spamdemic(SM) Map is meant to focus more on *potential*, with its connection among both companies that have and haven't spammed. The point is that with so many relationships afoot, all entities involved really need to be sure that their privacy and permission standards are solid, else the unauthorized propagation of info like email addresses can become even worse than it is.

What you're looking at is also only part of the site; the main page deals with domains and companies that actually have sent unsolicited commercial email... Some of which are saying "We never send unsolicited email." The intent of listing these companies is to encourage users to encourage the mailers and marketers to re-examine their policies, and to rethink just what exactly entails "permission."

Although there are lots of companies out there who are knowingly spamming, there are many who have no idea they are. This is largely due to folks joining co-registration networks that accept the submission of unconfirmed email addresses.

Unfortunately, some opportunists are abusing some of these networks and submitting addresses without the owner's permission... and collecting as much as $0.65 per address, or more.

Education is Clueless Mailers' intent... not punishment. There may be some entities who are deserving of punishment, but with the mixing of slean lists with dirty ones, and the unwitting intermingling of "white hats" with "black hats", it's getting tougher all the time to tell who's spamming on purpose, and who's just a victim of a list seller.

Here's hoping that more mailers and marketers take a hard look at their policies, and the policies of the companies they're doing business with.

...Before my inbox gets totally clogged with spam.

...Bob

Bob West
Clueless Mailers Webmaster

CmdrTaco - ever figure out that flag issue?

[groundhog00]

I think there needs to be appending to the US Flag icon.

i mirrored it in case it�s /.ed

[fabiolrs]

i dont think its gonna stand for more than 10 minutes, but lets give it a try:

http://www.fabiolrs.hpg.ig.com.br/spamdemicmap.gif

mirror, mirror, on the wall

[tedtimmons]

This site was pretty slow to respond- probably because the gif on that page is about 1MB.

So I've mirrored it.

-ted

Re:mirror, mirror, on the wall

[Eric+Seppanen]

If you want to reduce your bandwidth a bit convert that 865KB gif to a PNG. It goes down to 550-600KB depending on the compression level chosen.

Direct Advertising.net

Does anyone have any idea how to get off this stupid list at all. ha, good question, I bet we all want the answer to this one...
Oh well, I can try.

Now i can figure out..

[iONiUM]

Where I have to go to get my University Diploma!

I've a map as well

[adamwright]

Expending my of my coke & chocolate research budget, I've finally managed to map out one of the internets worst DOS offenders...

Slashdot -----> Some poor unsuspecting fool

It's a palindrome

[squarefish]

spam maps

Re:It's a palindrome

Not only that, but MAPS (mail abuse prevention system) is all about anti-spam...

Re:It's a palindrome

There's only one Map.

Re:It's a palindrome

[trentfoley]

spam maps

I almost moderated this as "Redundant" but decided to post instead.

The ubiquitous google cache

[shrikel]

is here. Still takes a sec, though, since the image is so large. I've never seen google getting this close to being slashdotted.

Re:The ubiquitous google cache

[FreeLinux]

It's not Google, it's the gif. I don't know what's in it but, not only is it slow to load it also runs up the CPU utilization. Big time!

Re:The ubiquitous google cache

[ceejayoz]

that'd be because Google doesn't cache images, only the HTML code. It's slow because the image is being loaded off the actual site, so the Google cache is useless.

This map is incomplete

[dbc001]

The map is incomplete - I don't see Bernard Shifman on there anywhere

Re:This map is incomplete

Yeah, and I can't see to find the nice people that have helped me to enlarge my penis.

Re:This map is incomplete

Is that the green card lottery guy who was murdered by some geek?

Re:This map is incomplete

[PrimeNumber]

dbc001 this is Bernard, answer me....
Why are you scared to pick up the telephone ?

I am going to sue you!

Re:This map is incomplete

or the ones who want to enlarge my breasts. If I could actually do that I do not think I would leave the house, as im a guy...

Mod Parent Down

[dmarien]

Spam is not noise, it's unsolicited mail. Was there anything in the above that actually made sense? Just becase this idiot is attempting to sound smart -> and owning the nick 'physics genius' at the same time does not make this dude deserve +4.

I disagree wholeheartedly.

You sound like

one of those little old ladies in a Heinlien novel that want the government to "do something" about how long it takes to send a message to Jupiter. Speed of light (or in this case information theory), you idiot!

Re:attention script kiddies, hackers, crackers, et

Sir! I think i wet my pants, SIR!

Thanks!

[AtariDatacenter]

I forwarded it to all my coworkers, plus a few people that I don't know, but I have their email address. ;)

Re:Thanks!

You send them that file to have their advice!

Re:Thanks!

[apt142]

so you spammed a spam map? ;)

Re:Thanks!

[AtariDatacenter]

But it is perrectly legal! Some of them opted in! And if even 1% of the people who received it really liked it, then it was more than worth it!! The 6% that complained was only a vocal minority.

Oy.

[jpellino]

What a tangled web (sorry - had to). Not as pretty as Bill Cheswick's map, but certainly just as enlightening.

What's the difference?

Call it bojangles, it's still noise.

Good job, no links

[scrm]

Nice work with the map. However, I wonder why they didn't link each box to the site it refers to, to allow the users to conduct their own investigation easier.

Re:Good job, no links

[CMBob]

scrm wrote:

> Nice work with the map. However, I wonder why they didn't link
> each box to the site it refers to, to allow the users to conduct
> their own investigation easier.

Well, there's this little matter of time... It's not my day job. ::G::

I'd eventually like to do that.... But don't hold your breath. heheh..

...Bob

Bob West
Clueless Mailers Webmaster

Brilliant! Hacktivism!

[toupsie]

I agree. Instead of pinging and scanning my servers 24/7, go after the real assholes of the Internet. Script Kiddies, you have the tools, you have the time, you have the disregard for the law, do something worthwhile for a change.

Re:Brilliant! Hacktivism!

[dr_zeus]

I have to agree... crackers, you can borrow my box for a massive DDoS on these guys ;) It's Win2k anyway.

Re:Brilliant! Hacktivism!

[pboulang]

Done and Done.

i noticed that..

[VoiceOfRaisin]

saving this picture as a PNG file saved 300K. of course this is lossless compression as well. maybe someone should tell them about png?

Re:i noticed that..

Imagine if it had been done as SVG--you could actually do something with the text in it.

I mapped SPAM once...

[huckda]

Turned out to look like 2 pieces of white bread with Miracle Whip spread on them, along with 2 pink colored, slightly rectangular shapes about 1cm think...unfortunately there is no screenshot or url to link to because the mapping was consumed shortly after constructed.

--Huck

DoS Attacks

[giminy]

Maybe congress should legalize DoS attacks against all the providers/servers listed on the map. If it works for the RIAA.....

Connectivty and hackers

[Joel+Ironstone]

If I was into distrupting the peace and all I would take a good hard look at this map and determine which connections are the most fundamental.

Generally in these types of partially connected maps, a few nodes exist without which the whole systems shuts down.

Sort of makes one feel like the rebels when they got a map of the deathstar

what's next?

Are they going to do the same for billboards next? TV ads? Junk snail mail? Magazine ads?

I suppose not. It seems only email advertising infuriates people to these levels. Weird.

now that...

they have a map of the source and destination someone ought to go to the source of spam and kill it and show no mercy, like they show no mercy to my email inbox...

Map your own spam :D

[ZaneMcAuley]

VisualWare eMailTrackerPro

http://www.visualware.com/emailtrackerpro/index. ht ml

Bad map, bad! No biscuit!

[Fallingcow]

Trying to view the linked article or any of the mirrors crashes both Mozilla 1.0 and Opera 6.0 on my machine (Linux w/ Ximian Gnome 1.4). Could be because the map is such a big image. just a warning, finish up anything important that you're working on in your browser (like a webmin session to your intranet server... *grumble grumble*) before you try to see the map.

Spam will be eliminated by online payments

[Catamaran]

Eventually online payment systems will be ubiquitous and easy to use and everyone will be using them. When that happens spam will be dead. Email clients will be configurable to require "postage" with any incoming email. The recipient will push a button to "cash the check" if he or she determines that the incoming email is spam.

Re:Spam will be eliminated by online payments

[Catamaran]

ubiquitous ... and everyone will be using them
Hmm, I guess that's redundant. Where is the grammar cop?

Re:Spam will be eliminated by online payments

take a look in the mirror and you will find the grammar cop. Oh and did I thank you for wasting everyones time pointing it out...

Big!

[Whispers_in_the_dark]

It's a good think I upgraded my hard drive last night. Sheesh!

Remeber when...

[chrisbell]

...commercial use of the Internet wasn't allowed? Too bad economics won't support that model.

I want this poster on my wall!

[neitzsche]

Where can I buy a copy of this? Thinkgeek does not seem to have it yet...

Re:I want this poster on my wall!

that is the most pathetic thing I have read all day.

They need to add...

[Robber+Baron]

...gigantic black hole in the middle to illustrate the Slashdot effect!

mirror

[pretzel_logic]

its getting slashdotted so heres a mirror. to the spamdemicmap.gif
loc: SouthEast USA

What about redirecting non-deliverables?

[3seas]

It seems so redundant and inherently error prone to look at a spam map when this very day I have received so far 9 bad mail returns for email spam I never sent out.

Apparently some of them don't even want to receive such information that would remove non-valid email address and so set it up where it spams someone with non-deliverable spam returns.

I'd say the sum total of spam really only helps waste bandwidth (especially since I delete all spam with only reading enough to determine it is spam. like a quick glance at the header)

Isn't it bad enough that IE is default setup to DL a web page for viewing in teh browser, and then again if you print it, and then again if you save it to file?
(I suspect MS IE is not anywhere near as popular as it may appear to be in web traffic requests)

I have to clean my email more often because of all the spam. Last time I found 8 or so megabytes of drive space being eaten up with spam and that doesn't even include the attachments.

Re:What about redirecting non-deliverables?

[CMBob]

The Clueless Mailers site doesn't deal with your everyday spammer... The ones who forge headers and From addresses and such don't really interest me anymore.

It's this trend of legit companies and their vendors getting into the sending of UCE that CM is trying to look at.

To me, that's scarier than the underground guys...

:/

...Bob

Bob West
Clueless Mailers Webmaster

Re:What about redirecting non-deliverables?

EVERY single one of those has a bussness on the other end. If you live in special states you can actually make money off em... The best one to get would be the one who fights you. You could get who they got the message from and sue...

Re:What about redirecting non-deliverables?

I think you should add that comment to the website as it gives a little more insight on why you did what you did.

Re:What about redirecting non-deliverables?

Oh no! It's Tim Rue! Holy Cow! I remember you!
Wern't you working on a program called the Vic-20 7/8 years ago?

Ah, finally a use for

That Matrox 512 Triple Head Video Card...I can now view that spam map without scroll bars ;-)

how to avoid getting on The Map

[happyclam]

OK, /., here's a question for you:

I'm not a real network geek (just a regular joe programmer), but recently my email address has been co-opted by a spammer. That is, I've received spam from my own email address. (I of course did NOT send it.)

The question is, how can a regular joe like me prevent this from happening in the future so my domain does not appear on some future version of The Map? I know about the guy who hacked into the spammer's laptop and got all their personal information, but I don't have the skills or access for that.

Re:how to avoid getting on The Map

[BoVLB]

[M]y email address has been co-opted by a spammer. That is, I've received spam from my own email address.

Many spammers now seem to put the recipient as the From address. Presumably this helps the mail to avoid certain filters. So in all probability, you're the only one being spammed from your address.

Re:how to avoid getting on The Map

[duren686]

Actually, I've gotten messages sent to my email address in reply to spam I supposedly sent, from people I've never heard of. Some spammers use harvested addresses in the from line when sending to different people, which makes it all the more confusing.

Re:how to avoid getting on The Map

[Schrodinger's+Mouse]

Most e-mail clients allow you to view IP addresses, hostnames, etc. to find out where the message actually originated. Give the spam itself a good, thorough reading. Then look up any domains on WHOIS, document and research any phone numbers or snail-mail addresses, etc. Basically, figure out how to get in touch with someone.

And then call your cousin in the mafia. The spam will stop real quick.

Re:how to avoid getting on The Map

[lightcycler]

If a spammer's just using your email in the "From" field of an email, there's not much you can do to technically stop them. There are great laws against it (forgery, fraud, misrepresentation, etc.) if you can find out who they are (try to get an IP address, then ask the police for help finding whose it is) but more often than not, you'll get nowhere.

See the linux.org's site for a description of their similar problem (people using *@linux.org as a From address, and people complaining to linux)

If people really do think emails are from you, get into a habit of PGP-signing emails. Let people know that if it's not signed, it's not from you.

Perhaps you might also find a way to autoreply to the people who vent off at you about how evil spammers are. If you get an email with "Re: (your standard spam regexp filter here)", delete it and reply with an explanation. Kmail is good at this, and The Bat on windows (30-day trial) is even better.

So, sign emails. Pity there's not more that you can do.

Re:how to avoid getting on The Map

[deblau]

how can a regular joe like me prevent [my email address being co-opted by a spammer] from happening in the future

Never send anyone, anywhere, an email. Other than that, it's hopeless. Read RFC 822. Welcome to the Internet.

Re:how to avoid getting on The Map

[Bronster]

Many spammers now seem to put the recipient as the From address. Presumably this helps the mail to avoid certain filters. So in all probability, you're the only one being spammed from your address.

The slimeball spammers will probably read this and steal my idea, oh well...

I have implemented a filter check that will automatically pass things from my domain, but only if the Message-ID header contains my domain as well. I also automatically get anything with an In-Reply-To header which contains my domain.

I guess I'll be updating this filter soon enough, as the spammers bypass it. I'm currently running a very restrictive 'whitelist' of people I want to hear of while I go on holiday, but the In-Reply-To header rule seems sane enough, and I hate 'Vacation' messages.

Maybe they should get together with the orbz crew.

[AltGrendel]

A new public blackhole list. There's a thought.

Orbz seems to be over here now.

Are you trolling me?

First of all, crytopgraphy and spam are orthogonal concepts. Second, the "M" in XKMS stands for "Messaging" and by that they mean wireless communications--it has nothing to do with email.

Sounds to me like you are trying to whore some points--somebody mod this guy down.

Re:Are you trolling me?

[Zeinfeld]

First of all, crytopgraphy and spam are orthogonal concepts. Second, the "M" in XKMS stands for "Messaging" and by that they mean wireless communications--it has nothing to do with email.

No it does not.

It stands for XML Key Management Specification. And although there have been discussions on it in many fora, the latest draft uses examples from email. Unfortunately the one on the site is a little older.

Sounds to me like you are trying to whore some points--somebody mod this guy down

Sounds to me like you either don't have a clue and could not be bothered to do the simplest of research or you don't like one of my other posts for some reason but don't have any mod points.

Re:attention script kiddies, hackers, crackers, et

[dattaway]

The map looks like an electrical circuit.

I know how to hook up wires. Big wires, lots of amperage. With high voltage.

Just to be festive, let's charge the circuit on July 4th!

Holy S$%t

[bubblegoose]

Google's been slashdotted...

The final solution?

:0
* ^Received:.*\(.*\.(kr|nl|at|pl|tw|ru|ar|cn|de|jp|t r|it|br|mx|fr|il|ch|za|es|ro
|cz|th|co|id|uk|cl|g rid\.net|broadwing|swbell|algx |adelphia.net|cox.net|shawcabl
e|hinet|3waccess|u swest|charterpipeline|mailsendpr o|concentric.net|cnc.net|teles
tra.n|rasserver)[ \.]
/dev/null

:0
* ^Received:.*\[(200|203|210|211|212|213|202|65.168. 244|80|61|194|216.44.223|208
.153.140|208.153.141 | 62.156|195|206.135.87|62.118.252|216.250.221|207.1 68.105|64
.251.16|216.139.64|24.205.79|208.187.28 | 4.17.142|62.42|65.115.45|64.110|209.197|
62.58.12 5|66.0.55|66.216.86|66.113|154.11|196.32.6 3|218.5.181|217|209.94|209.220
|64.60|207.122.226 |64.57|64.8.46|206.82.128|67.40| 67.41|216.247|65.118|164.77.19
2|165.228|64.71|66 .77|63.64|218.21|209.226|64.251| 204.201|63.218|64.49.64|142.17
9|62.8\.|65.42.190 |62.43|207.154|62.110).*
/dev/nu ll

Useless

[EvilBudMan]

Useless and Clueless is right. 4442 x 2900 pixels and useless. What about HOTMAIL! They don't call it "HOTMAIL" for nuthin.

PMG

[thesolo]

I noticed that several portions of the map are dedicated to PMG and their spamming users. Also, as a subscriber to SpamCop, if I report email that came from PMG, the report goes to a /dev/null'ed email address called "pmg_doesnt_care".

Given just this information, I think one can logically come the conclusion that PMG is nothing more than a Spamhaus, and doesn't care about stopping spam at all.

My question is, if we know for a fact that they allow spam, and probably even encourage it so long as they get paid nicely, isn't there anything we can do about it?! Can we not bring a class-action against them, or something? Surely there must be some recourse against a company/it's users that cost ISPs and end-users money.

Re:PMG

[Erik+Fish]

PostmasterGeneral/Mindshare supposedly has two prominent ex-MAPS people working in their "abuse department" to "clean up" their spam problem. The only problem is that these people of previously sterling reputation in the anti-spam community have been there since last summer or fall (at least) and PMG is still spamming. Last I read the only thing these ex-MAPS people have authority to do is listwash -- they couldn't even manage to remove addresses that were bouncing with 5xx errors!

Try doing a news.admin.net-abuse.email search on PostmasterGeneral, PMG and/or Mindshare "Subject:" headers. There you'll find all the sordid facts and all the high drama (including people breathlessly proclaiming undying loyalty to these obvious anti-spam turncoats).

If you run a mail server you can blackhole PMG with this list of their IP blocks and domains:

pm0.net
mg00.net
ms00.net
mb00.net
64.225.154
128.121.122
128.121.212
128.121.214
128.121.21 5
130.94.149
161.58.135
161.58.160
161.58.202
161.58.239
192.41.14
192.41.38
198.104.179
19 9.236.1
199.236.2
199.236.3
199.236.4
199.236. 5
199.236.6
199.236.7
199.236.8
199.236.9
199 .236.10
199.236.11
199.236.12
199.236.13
199.2 36.14
199.236.15
207.33.16
209.133.65
209.133. 67

Who needs a map?

[cooldev]

It all goes straight to my inbox.

Re:Who needs a map?

[josepha48]

Yours and mine.

Re:Bad map, bad! No biscuit!

Gosh, it seems to work just fine with Windows XP and Internet Explorer 6... maybe you should switch platforms..

not complete

[mlong]

It's a shame they didn't go all the way and track these spammers through their network providers. It would have been interesting to see all the lines going back to worldcom, etc.

BS

[Icculus]

Hrm, anyone see Bernie Shifman on there?

That's not a map of spam

It's a map of Microsoft's new Palladium chip.

Oh wait, that means it IS a map of spam!

-steve
Springfield Fragfest

Re:Bad map, bad! No biscuit!

Could be that you're using Opera and Mozilla. Try using a real browser, like Internet Explorer.

Dear God

[Kichigai+Mentat]

If the Spam problem is truly that bad then something must be done, and I mean at a governmental level. I'm usually very anti-govermnent involvement, but if the spam problem is as bad as it's made out to be, something must be done! .

However, since the goverment hasn't really done anything, then power to the anti-spam groups that set up these networks and put a stop to this attrocity(Pardon me, I kan spel gud)! Their hardwork shows in my inbox almost daily! I've noticed a dramatic decrese in the ammount of spam I get daily. Instead of 30 messages daily with 27 of them being spam, it's more like 7 messages daily, 4-6 of them being newsletters I've subscribed to and the rest being personal. I salute you!

Kevin Bacon

[Static242]

Did anyone see Kevin Bacon's name on that map? I bet you could draw a link through association to him. Once that is done the map will be complete. Then we will know that Kevin controls that too.

Sigs

IMHO, sigs are too memorable and can be a force for trollspotting.

It's not a spam map

[2names]

It's actually a map of the steps involved to get anything done in Congress.

the SPAMBORG

Something this widespread didn't pop up overnight. There have to have been many technical people involved. Now, 'fess up, /.ers.... have YOU contributed to the creation of the SPAMBORG ????

did you know...

[|||]

.. that 'maps' is 'spam' backwards?

How to stop spam

The map show that the solution is obvious: Kill 'em all and let John Postel sort 'em out.

Map a little old

[Launch]

Did anyone notice that the map version date is 3/25/02? It's a little bit old, plus I still want to know where the African Prince that is coming to america and needs my back account number so he can launder money into the US and in the process make me thousands is sending mail from.

Text version?

Anybody generating a text version so it can be cut/pasted into a block list?

SD6

Is the spam web really SD6 in disguise?

messy

[E1v!$]

With a mess like this, we ought to get bush to declare a "War on Spam".

Graph Layout?

[Grendel+Drago]

Did anyone figure out what kind of software was used for the graph layout? Was it all done manually?

I'm trying to create a project to automagically do some basic graph layout (and ideally export to PS/PDF or PNG) from a PHP script.

I'm sure that was hand-tweaked, but has anyone found any graph layout tools for Linux? Free ones, or at least free-for-educational use, that is.

--grendel drago

Ack!

[lionchild]

Yikes! My head is spinning! That's so HUGE and convoluted, you'd have to be some sort of [Dilbert] Manager from the Marketing Division to understand it!

Quick...must...click......before head...explodes!

This is interesting:

[talks_to_birds]

See: Blacklist

Under "Upstreams", for Freeze.com (listed as a backturner, listpooler, stonewaller):

Rackspace.com > swbell.net

"Rackspace auto-replies to abuse reports, then forwards the complaints to the mailer without taking action. Freeze is a long-time network marketing mailer. Tried to educate them, but they failed to get a clue, even after many emails exchanged, even with top management. So, they go straight to the Bit Bucket. Partner in spam: optinglobal.com (see their listing on this site).."

Rackspace.. Rackspace..

Where have I heard that name before?

OH! I know!

They advertise right here on /.

Gee. I thought they were really cool-geek kinda people.

Now it turns out they're whoring for spammers.

Kinda makes ya wonder, don't it...

t_t_b

Re:This is interesting:

[Erik+Fish]

From what I've read Rackspace has been cleaning up their act recently. I don't know that they've fully graduated from black to greyhat, but something is better than nothing...

chip designs?

[edrugtrader]

isn't that the layout for the new intel chip?

And I thought the Pentium internals were hard!

[MagikSlinger]

Hoooey! I didn't know if I was looking at the map of the relationships between spammers or the internals of a new Intel chip.

What spam?

[Moderation+abuser]

I don't see no steeenking spam.

http://pyzor.sourceforge.net/

Its amazing the web they weave.

[perlyking]

One thing i've noticed is the spammers are actually quite careful with their own contact details.

I've started a little bit of detective work but nowhere even close to these guys, wow. I've started listing the dirty bastard spammers
on my site so they may find their spamming colleagues emailing them shortly :-)

Re:Graph Layout? GraphViz of course!

[dismayed]

GraphViz might help you out...

graphviz is a set of graph drawing tools for Unix or MS-Windows (win32), including a web service interface (webdot). Source code and binary executables for common platforms are available. Graph drawing addresses the problem of visualizing structural information by constructing geometric representations of abstract graphs and networks. Automatic generation of graph drawings has important applications in key technologies such as database design, software engineering, VLSI and network design and visual interfaces in other domains.

There are modules/packages availible for PHP HERE

Check it out... It might be what you're after.

Looking at the map...

[mixbsd]

... it's easy to see just how in-bred all spammers are!

wide

[Kallahar]

Wow, a useful page that is actually larger than my 3 monitor wide desktop! Impressive!

Travis

PNG beats GIF (again)

[Rock]

As a certified PNG geek, I was obligated to convert their original image, "spamdemicmap.gif". Downloading it, I found the size to be 885,452 bytes. The image is 4442x2900 by 48 colors. As a PNG image, the file was losslessy converted to 585,548 bytes. What do you want to bet they would have loved to have this 33.8% bandwidth savings while being slashdotted?

Re:PNG beats GIF (again)

[t]

If you were really a PNG geek you would have known about pngcrush which gets the file down to 540266 bytes.
method 119 for my possibly old version.

Re:PNG beats GIF (again)

[Rock]

I not only knew about pngcrush, I used it. (In protection of my PNG-geek honor, you should know I paid the shareware fee on it when Glenn was so asking).

Method 119 was optimal for me also. My version of pngcrush is 1.5.6. Maybe it is time for me to upgrade. :)

my favorites

[squarefish]

I don't know about your, but most of my spam comes from the following places:

Family
Friends
Pets

CHIEF PIMP?

[muck1969]

Lower third of the map ... just right of center. There's a title that I wish I had ... Chief Pimp

Joe-job

[KjetilK]

Don't worry, anti-spammers are used to this happening, it happens all the time, and people are getting good at knowing when it has happened. In fact, if somebody does it really bad against you, you should be honored, because it means that you really annoyed a spammer. It's a called a joe-job. It's happened to me too. Somebody sent a pr0n-spam in my name.

My map is simpler:

[stokes]

Spammer -> My Inbox -> Trash

Re:attention script kiddies, hackers, crackers, et

[CMBob]

...Actually, I think the map is a fair representation of the state of my mental health after all that research and line-drawing.

...Bob

Bob West
Clueless Mailers Webmaster

Quit Moderating My Posts!!! Please!

[toupsie]

For the record, moderators, I am not Insightful, Informative or Interesting. If I appear to be, it is a complete accident. Just ask any of the college professors that passed me in college to get me out of their programs. I might have posed nekkid in Wired Magazine back in 1995 but that doesn't transfer those labels automatically to my postings.

Moderating the parent post of mine was just a plain waste of moderation points that could have been used on truely Insightful, Informative and Interesting posts. It wasn't funny or insightful. It was three seconds of brain power.

Hopefully, Meta-Moderators will correct this waste of moderation points.

Re:Quit Moderating My Posts!!! Please!

[Subcarrier]

I am not Insightful, Informative or Interesting. If I appear to be, it is a complete accident.

For some reason, I hear the voice of Rachel Dratch screaming: "You're Funny! *chuckle* Funny, Funny, Funny!"

I just got moderated overrated, underrated and funny in one go. In my book, that qualifies as spam.

Re:Quit Moderating My Posts!!! Please!

[toupsie]

I just got moderated overrated, underrated and funny in one go. In my book, that qualifies as spam.

You think that is bad. I just "Trolled" myself according to a moderator on the parent post.

And because it happened to YOU

then logically EVERY hotmail user had the same thing happen. Hint: YAAD.

Re:And because it happened to YOU

[Zathrus]

Going from no spam one day to 40+ pieces a week after this loser got exposed isn't a coincidence.
And, of course, it's grown since then.

Someone will get em'

[larklarker]

It's late. You are in the comfort of your home reading a book or watching TV e.t.c. You feel good, you are confident. Outside the comfort of your home, ah! ahem! things are a wee bit different. Dark clouds have gathered. The wind is howling like a crazed mongrel's ghost.
Bam! The crack of lightning and the following thunderclap is sudden and fierce. A chill goes through your spine. Oh! Shit, You forgot to check you mail from your "anonymous" Yahoo web account. Damn. The last time you checked your Email was last night. In the past 24 hours enough spam would have passed through those filters you spent tedious hours creating.
Those rules. Yeah The rules that you created were cool and you felt the power of God. You felt good. Until you found that some spam still crept though. Then more and then more.
But now it's worse.
24 hours have passed. Your web account has a Email limit of 6 MB. And your know that when your Email store is full - your Yahoo admin dude will just delete incoming emails. Just deletes them without a by-your-leave. And then - yes you know it, The one Email that you wanted is going to come in and get butchered, get shredded and you won't even read it, won't even see it, won't even know. Oh! The heart aches and the brain wants to sleep. Oh! The pain
Shit. With trepidation you take baby steps to your computer. Your computer - that cool computer you bought 18 months ago. You were on the top of your game baby then. Whoa! A 933 Mhz/512 MB/40 GB HDD monster - a bad ass machine with 32 MB NVidia GeForce GTS and a kick ass Turtle Beach Sound Card. DVD and CD-RW and all. For a then justifiable 2 Large.
Now 18 months hence with the latest update on Windows and Outlook, your bad ass monster might as well be a ugly P100 of the last ice age. You Email starts to pour in from the Yahoo account to Outlook. From Yahoo to Outlook. A minute goes by, another goes by. The bile rises within you...

SHIT
You see the last message downloaded. It is from the Yahoo admin. You don't even have to read it. The subject header says it all. Life sucks. Your computer sucks. You suck. The admin has warned you that all further messages will be deleted unless you free some of your precious mailbox space.

Sweat beads form on your forehead. You healthy handsome complexion turn pink. PINK! Yeah pink. They say a man comes of age in adversity. When the tough get going, the going gets tough - or some such shit.
You have a mission in life. Bring these miserable spammers to the public view.
You shall not sleep. You shall get em. With your resolve steady and your mind whatever - you know. You make the switch.
You get linux in - you get it in, takes 30 minutes. Hurrah! You connect to the web. Mutt shall save you. You surf.
Slashdot shows up a site.
A MAP OF SPAM.
You knew what need to be done. Oh! Yes you did. Right about the time when those sweaty beads somehow got on your forehead and you became a pink chimp. Now you know how to do it. You are going to get all those miserable spam bast@#ds.
The cat meows. Oh sorry. No cats. The dog barks - more like woofs. Yawn. It 1:30. Need sleep. Got a gawd awful meeting with that sales VP guy. Same old proposal.
Some techie I am. Dirty old man, dirty old sales VP keeps getting personal with all and any chick, and hey even with the cute DBA gal. She sometimes looks at you - boss man. No wonder the company is going down the drain. Clients run away from this sales guy. Revenue is down. Your best buddies are thinking of leaving. DBA gal sometimes looks at you. Only sometimes. Life sucks.

Need sleep. Got a gawd awful meeting with that sales VP guy.
I will let some one else deal with that spam thing. Yeah. Someone else.
Need sleep now. Meeting with bad sales guy. Someone will get those spam guys. Me sleep. Bad VP guy tomorrow.

x10

[vectra14]

hey, where's x10.com??? :)

zoom through this letter

[Ellen+Ripley]

That thing looks like the map Vaughn showed Sidney of SD-6!

This list is so incomplete - whey even bother?

[seigniory]

Not to rain on the parade of all those people that think this information is somehow useful, but it's not even complete - not by a long shot.

What's the point of all this? To prove that you know how to use Visio? I happen to have first hand information about a lot of companies on this list and Mr. West either has things all wrong, or is missing so many things it makes one wonder why he even bothered?

Don't get me wrong, a ot of effort obviously went in to this project, and the logical arrangements are simply put and easy to understand, but still, what's the point? I guess it's a good project to brush up your modeling skills, but the data it models is out of date, incomplete, incorrect, and too fluid for this map to be of any real use to anyone.

And no, I will not divulge my associations with any of these companies except to say that everyone in my oiffice that's seen it has said "dood - how wrong is this?" and "ooh-- look at this - that doesn't happen"

Re:This list is so incomplete - whey even bother?

I can also tell you from first hand experience that the map has many relevant links.

privacy policies

[Aanallein]

Looking at some of the blocks on that map with most arrows poiting to them, I visited those websites and looked at their privacy policies.
I wonder why they even bother having them, but it's a nice way to inform us of everything being done.

For example: eScriptions.net:

eScriptions.net reserves the right to post collected data on eScriptions.net's Web site, or share, rent, sell, or otherwise disclose data it collects to third parties. Any third party to which eScriptions.net shares, rents, sells, or otherwise discloses personal data will be carefully prescreened by eScriptions.net, determined by eScriptions.net to be reputable, and will use the personal data for marketing products and services which eScriptions.net determines, in its sole judgment, that visitors might find of interest.

virtumundo.com:

The Company may receive information about individuals from third parties or from other sources of information outside of the Company including information located in public databases

THE COMPANY MAY USE INDIVIDUAL INFORMATION FOR ANY LEGALLY PERMISSIBLE PURPOSE IN COMPANY'S SOLE DISCRETION. <snip> the Company may change or broaden its use at any time.

THE COMPANY MAY SELL OR TRANSFER INDIVIDUAL INFORMATION TO THIRD PARTIES FOR ANY PURPOSE IN COMPANY'S SOLE DISCRETION.

I particularly like the way they go through excruciating trouble to explain "webbugs" though:

(b) Webbugs. A webbug is programming code that can be used to display an image on a web page (by using an programming function -- see www.www.org for more information), but can also be used to transfer an individual's unique user identification (often in the form of a cookie) to a database and associate the individual with previously acquired information about an individual in a database. This allows Company to track certain web sites an individual visits online. Webbugs are used to determine products or services an individual may be interested in, and to track online behavioral habits for marketing purposes. For example, Company might place, with the consent of a third party website, a webbug on the third party's website where fishing products are sold. When Joe, an individual listed in Company's database, visits the fishing website, Company receives notice by means of the webbug that Joe visited the fishing site, and Company would then update Joe's profile with the information that Joe is interested in fishing. Company may thereafter present offers of fishing related products and services to Joe. In addition to using webbugs on web pages, Company also uses webbugs in email messages sent to individuals listed in Company's database.

*pats his Mozilla that displays html mails as plain text and will not load remote images in mail and news (two seperate functions)*

Who is "W3"?

They call themselves "World Wide Web"--sounds like a transparent attempt to take over the Internet. I think I'll stick with standards like Java, C# and the rest of .NET.

My question is...

[Guppy06]

Does this map have GPS coordinates of the primary spammers for a cruise missile strike?

What would happen if...

I beat the bloody snot out of a spammer? I have happened across the personal information of a rather large spammer in my area (I work for an ISP btw). Where is the best place to post all of his personal information? I have thought about taking some photographs of him, and placing his picture along with his information on the net somewhere.

I have thought about going and talking to him personally... I know who he is.. I don't know him though. Maybe I just aught to place stickers all over his car identifying his as a spammer.... What do you all think, some nice 2'x3' posters glued to his car that say "I am a Spamer"

Hmm...

[vawlk]

Now I know how intel designs their processors.

Looks like Steve Jackson Games' Illuminati Game

[jellybear]

The first thing I thought of when I saw that map was a game of Steve Jackson's Illuminati. Maybe he can make a card game called Spam Wars or something.

Aliases

[Openadvocate]

If you want to do a bit of testing yourself and you have your own mail server..
Everytime you have to (or want to) enter your email adr. for some site / service, create a alias email adr. for it where the name of the email adr. tells you where you used it. (The alias should of course be to you real email)
Then in theory, you should only recieve mails on that adr. from that company/site. But sometimes it's funny how that adr. ends up getting a lot more mails.
But remember to check your from adr. when replying to those mails to get to your aliased adr.

Woah - but what about the porn?

[v8interceptor]

I can't believe someone put that all together... 4442x2900 pixels, ouch.

I can't help but think how much bigger it'd be though if they incorporated all the porn bulkmailers... such as the the ones in Kansas with the barnyards and all the animals... uh oh.

As well, I can't see the University Diplomas spammers on their either...

What this map is missing

[commodoresloat]

It's a cool map and all, but it really needs a big red arrow that says "You Are Here."

The Making of The Map - Anybody know?

Anybody know these guys? It's a great looking drawing, but I wonder what software they used to create it. It looks a lot nicer than my Dia/Visio charts.
-pov

Re:Bad map, bad! No biscuit!

No problems here with gnome 1.4 Mozilla 1.0. Javascript on or off doesn't make a difference. Have you had problems with large files before? If so it sounds like a cache problem. A workaround might be to make sure your cache values are set as high as you can comfortably allow. (Mine is at 131072, or 1/4 my system RAM; the default is something like 4086.) Good luck.

What??? where's the X10 Fricken cam spam

[Presence2]

This spam king should be in the middle, surrounded by red fireworks.

More detailed info on spammers

[Erik+Fish]

If you're serious about learning everything there is to know about the worst spamgangs be sure to check out Spamhaus's excellent Register of Known Spam Operations (ROKSO).

Although the site comes complete with mug-shots for one spammer, nothing I've seen there compares (humor-wise anyway) to the hilarious Tommy Brock--Spammer, thug, exhibitionist page.

Re:Bad map, bad! No biscuit!

[dtungsten]

Trying to view the linked article or any of the mirrors crashes both Mozilla 1.0 and Opera 6.0 on my machine (Linux w/ Ximian Gnome 1.4).

Yeah, did the same thing to me with Mozilla on Mac OS X. IE showed it fine. Mozilla on MS Windows didn't care for it too much eaither (but didn't crash).

Re:Spam problem (Did you mean Benoit Mandelbrot?)

[Procrasti]

I don't know if you were trolling or not, and I'm sure you've read the replies that this is not what Claud Shannon was talking about. Although I don't think its necessarily analogous to spam, no one has pointed out that it was actually Benoit Mandelbrot who said that noise is inevitable in communications. Is this where you get nlog(n)?.