Slashdot Mirror
Anti-Spammers Wage E-War
ncstockguy writes "To its credit the Hartford Courant followed up with a second article this time from the perspective of an anti-spammer." The first story was about the life and times of a spam king.
← Back to Stories (view on slashdot.org)
From the article:
"They are every fly-by-night artist that ever wanted to place a tiny little ad in the newspaper and get away with it," Frederick said. "I have yet to see one legitimate product advertised in an e-mail that I didn't ask for."
Never thought about it before until now, but I don't recall ever having ever seen one either...
Sign me up for the war, want revenge for this, feel free to advise.
A feeling of having made the same mistake before: Deja Foobar
Yes, most ISPs terms say that you can't send spam. That's not enough. The terms should mandate a fee of $1 for every email address you send to if it is determined you sent spam. That way, if they want to send out spam their credit card would automatically get charged. Make the spammers pay for sending out their junk.
to stop spammers.
I have an account I purchased from spamcop.net. I never used the email address onything (i've never even checked it) and it's bounsing spam every day.
Spammers hack systems to get accounts, they harvest them, they buy them (illegally) from state agencies. These people are scum and I consider it my right, duty and priviledge to take them out whenever and wherever I can find them.
I am in the process of building a snort utility specifically designed to track down the home IPs of spammers (in the US at first).
I won't go into details on what I plan to do when I get some, but rest assured it will be neither pretty nor legal.
My $0.02 will always be worth more than your â0.02, so
All an ISP has to do is inform their customers that any e-mailings of over 50 addresses will be reviewed and placed on hold for the customer to acknowledge that it is indeed their e-mail going out. After it is acknowledged, if it is an advertisement or spam, that e-mail will cost 1 or 2 cents for each address it's being sent to.
Unfortunately, this doesn't address the torrent of spam from China, nor the Nigerean Millions waiting for a bank acount spam, But at least it would be a start.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
I used to work in the industry, and while we'd never send mail on the 80-million-a-day scale that some of these guys do, we'd certainly send half-a-million in a given day, to broadly scattered email addresses. We always made a specific point of keeping the email small (under 1K) and it was *very* clear who the source of the message was (never luv384j6@h0tmail.com).
The mail itself invited the recipient to sign up as a mystery shopper, which would give them the opportunity to get paid to evaluate services in their local neighborhood.
Unfortunately, in a world of snake-oil salesmen, we took a lot of grief for the approach, even though it still paid for us to do it. Because the offered product (which was really a part time job offer) was legitimate, we never attempted to disguise the identity of the source. Bounced mails were automatically flushed from the database. Removal requests were honored. The advertising business was tracable. (Our address, phone number, president's name and industry association registration was on the first web page link in the message.) But because of all the charlatans out there, we were taken to be just one more instance of spam -- which in some sense we were, but with at most a tiny fraction of the rudeness which permeates the practice.
People will say that spam is the same as junk snail mail, but it's not. "Legitimate" junk snail mailers will happily bear the cost of sending their messages, knowing that they are advertising a legitimate product or service. Spammers push that expense off on the people receiving their message.
To further the theft of services concept, an overwhelming majority of spam is sent through open or unsecured mail relays. This means that people who have no legal right to use those services are using them, much like someone who splices into an apartments building's cable tv system to get free cable. And as I always point out in my spam complaints, there's always this little gem:
-----
Darwin is an evolutionary OS...
--
Apple hardware still too expensive for you? How about a raffle ticket?
Come to the University of Mars! Classes starting soon!
Yes. They do.
Scott Adams in the Dilbert Future actually hit the nail on the head on this topic.
Suppose you spam 1,000,000 e-mail addresses, and 1/2% are stupid enough to fall for it. That's 5,000 responses, from people willing to fork over money for your bogus or not-bogus product.
Given the cost of spam, it's no surprise it's so prevalent.
Beware typoes.
> "People are going out there and
> tracking it back down to the source,"
> Mozena said. "Without that constant
> fight, things would be a lot, lot,
> lot worse."
Does anti-spamming really work? The administrators and users of SpamCop, SpamAssassin, etc. should back off for one 24-hour period. Let the spam roll in. If it truly would be a "lot, lot, lot worse" without spam-fighters, the happy fallout will be that thousands of indifferent users who respond to spam with "JHD" (Just Hit Delete) will see how bad it's become. Maybe they'll join the spam-fighting ranks, or at least demand a solution.
-- This
Due to the massive abuse, e-mail may simply become a thing of the past. I am gradulaly moving to a web form and dropping e-mail. To write me, visit my page and fill in the online form. I'll soon no longer have an inbox.
As inconvienient as that is, it fixes most of the problems of the e-mail system. Mostly it will not accept any bulk mail from anybody.
The truth shall set you free!
Unfortunately I can't afford to be quite so idealistic. I've had people call/mail me that are offering services that I someday want to use. I wouldn't have internet accesses if I went by that motto since the cable company, the phone company and Sprint (they do wirless internet here) have called me to try and sell me stuff. Unlike SPAM, I find that people are actually offering me (or at least are companies that have offerings) something that I want. I don't think I've ever bought from a sales call, but I've bought form companies that make them.
However I find SPAM very different from telemarketing/bulk mailing for several reasons:
1) The telemarketers/mailers are 99.9% of the time legit bussinesses offering legit products. When Cox calls to sell my high speed internet access, they aren't playing around, they can and will make good if I want. When I get a book of coupons in the mail, I can really go and use those for the products on them. SPAM is fradulant so often it's not even funny.
2) Also, with classic methods, the sender pays. The company calling me is paying for the long distance time, the mailer pays postage. It doesn't cost me anything other than wasted time (and there is plenty of stuff that does that). SPAM costs me money, which makes me angry.
3) However BY FAR the most imporant reason in my mind is that when you ask a telemarketer/bulk mailer to quit, THEY WILL. Since they are real, legit bussinesses and DON'T want to get sued, they'll obey they laws and stop contacting you if you tell them they have to. When a telemarketer calls you, ask to be placed on their do not call list, they have to maintain one and you can sue tehm if tehy call you again (unless you buy something from you, then you have a bussiness relationship so they can contact you if they like). Also a lot of companies get your address from teh credit reporting beuarues. SO call up Equifax and ask them to stop giving it out. They'll tell you what you need to do (submit a request in writing I think) and then they will, and pass it along to the other two.
It really is the unrelenting, fradulant nature of many spammers that gets me. For the longest time I got a ton of spam from a place that wanted to allow my bussiness to acept credit cards. Well the thing is I don't HAVE a bussiness, and I already have service to accept cerdit cards anyhow. No matter, these assholes spammed me 2-6 times PER DAY. And of course they didn't say who they were or anything, just asked you to e-mail them (to a yahoo address) with a name and phone number to call.
Stuff like that really pissess me off, I eventually had to resort to a technical solution to make them stop. However when AT&T long distance was pestering me (about 1 call every 2 weeks) I just told them to put me on a DNC list and I've never heard form them since.
I've started to have a much more aggravating problem -- spammers using the email address of an old account of mine for the From: of their spam! I know because undeliverable mails are being returned to me. Is it just me, or is this a new low even by spammer standards?
I'm in the middle of dredging through the headers trying to figure out what the company ultimately responsible is, but even if I manage to find out, I'm not sure what to do with the information. I want blood.
Any suggestions?
don't think it's a problem? just try joining your local chamber of commerce and see how much junk mail you'll receive every day! Even if you quit, it keeps coming in. My house is a mess.
I can't believe it's not lard!
Get your own domain 'sugrshack.org', and set up an MX record for 'lists.sugrshack.org' pointing to some static-IP Unix-like machine where you can set up a virtual SMTP domain (e.g. Qmail).
When you visit ZDNet and subscribe to their mailing list, you subscribe as 'zdnet@lists.sugrshack.org'. When a mailing list starts selling your address and refusing to honor unsubscribe requests, you simply stop accepting email for the one address 'zdnet@lists.sugrshack.org', and the problem is solved.
There are a few complications to this approach. The biggest hassle I have is that I do need to post to several lists that restrict posting to 'members only', which means I need to adjust the 'From' address on outgoing messages to reflect the address with which I subscribed.
I don't have to worry about forgetting what address I used when subscribing, as Qmail will included a 'Delivered-To:' header for each message received to a virtualhost/alias.
Another drawback is that I get even more spam than before (identical spam runs addressed to each of many aliases). However, spam sent to 'expired' aliases is easily filtered out and discarded.
I do not deploy Linux. Ever.
The article talks about a SPAM Swat team ; and the concept of that is absolutely rediculous. When it takes teams of people to shut down spammers, the Spammers have won. That might work for the time it takes to do the article - but it is not a 'sustainable' activity. These SPAM swat teams aren't going to exist forever.
What needs to happen is the Email protocol needs to be re-written. It was originally developed in RFC822 to be an open standard that could take on many forms and purposes.
Today, we know how Email is used intricately, and the protocol can easily be re-written to *ENSURE* Spammers do not have the ability to automate spamming.
My company is re-writing the protocol over the next year or so ; and our changes will made available to the world.
Ace