Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-Spammers Wage E-War

Posted by michael on from the no-quarter-asked-or-given dept.

ncstockguy writes "To its credit the Hartford Courant followed up with a second article this time from the perspective of an anti-spammer." The first story was about the life and times of a spam king.

9 of 418 comments (clear)

  1. Never actually noticed.... by theRhinoceros · · Score: 5, Interesting

    From the article:

    "They are every fly-by-night artist that ever wanted to place a tiny little ad in the newspaper and get away with it," Frederick said. "I have yet to see one legitimate product advertised in an e-mail that I didn't ask for."

    Never thought about it before until now, but I don't recall ever having ever seen one either...

    1. Re:Never actually noticed.... by pmz · · Score: 5, Interesting

      One other thing to look our for is HTML email (gack!) with loads an image from the spammer's site. There's usually some id tag sent with the image request so that the spammer gets confirmation on your email address just by reading the email.

      Ugh. This is the absolutely worst aspect of HTML e-mail. Just by sending you an unsolicited HTML e-mail, a company can get your browser model and version, whether JavaScript and Java are enabled, your IP address and hostname, the operating system, and roughly where you are located in the world (sometimes down to the city). First, they know you check your e-mail; second, in one click, you just provided a wealth of marketing information; and, third, they can tailor their future e-mail to your system's security vulnerabilities.

      Does anyone know of cases, where e-mail was used to install spyware on the client?

      Whoever first concieved of HTML-based e-mail should cower in shame for lack of foresight. And all those who chose to implement HTML-based e-mail clients should also cower in shame. HTML-based e-mail is simply irresponsible. I'm simply tired of people who insist in making their e-mail pretty, while unknowingly sacrificing their privacy and security.

      --
      Healthcare article at Kuro5hin
  2. I feel so used... by ackthpt · · Score: 4, Interesting
    Someone used my email address (I live in California) to spam people, I received a number of bounces in my mail box. The spammer's phone number is in Washington state and I did a little review of the Washington state law (a helpful link, but not sure it helps me. Further, the Washington AG's site isn't currently accepting complaints due some vulnerability (guess who probably took a crack at exploiting that?)

    Sign me up for the war, want revenge for this, feel free to advise.

    --

    A feeling of having made the same mistake before: Deja Foobar
  3. How to Stop Spam by fortiter1 · · Score: 4, Interesting

    Yes, most ISPs terms say that you can't send spam. That's not enough. The terms should mandate a fee of $1 for every email address you send to if it is determined you sent spam. That way, if they want to send out spam their credit card would automatically get charged. Make the spammers pay for sending out their junk.

  4. Some of us go to great lengths by SkyLeach · · Score: 4, Interesting

    to stop spammers.

    I have an account I purchased from spamcop.net. I never used the email address onything (i've never even checked it) and it's bounsing spam every day.

    Spammers hack systems to get accounts, they harvest them, they buy them (illegally) from state agencies. These people are scum and I consider it my right, duty and priviledge to take them out whenever and wherever I can find them.

    I am in the process of building a snort utility specifically designed to track down the home IPs of spammers (in the US at first).

    I won't go into details on what I plan to do when I get some, but rest assured it will be neither pretty nor legal.

    --
    My $0.02 will always be worth more than your â0.02, so :-p
  5. Why bother fighting? Here's why by zaren · · Score: 4, Interesting
    "It's really theft of services. It uses my connection, my equipment and my in-box, which I pay for," Roth said. "With postal mail, the sender pays for it. With spam e-mail, the receiver pays for it. Big difference."

    People will say that spam is the same as junk snail mail, but it's not. "Legitimate" junk snail mailers will happily bear the cost of sending their messages, knowing that they are advertising a legitimate product or service. Spammers push that expense off on the people receiving their message.

    To further the theft of services concept, an overwhelming majority of spam is sent through open or unsecured mail relays. This means that people who have no legal right to use those services are using them, much like someone who splices into an apartments building's cable tv system to get free cable. And as I always point out in my spam complaints, there's always this little gem:

    Advertising via unsolicited e-mail is trespass to chattel and theft by
    conversion. That was established in Federal court in 1996/97 in Compuserve
    vs. Cyberpromo, heard in US District Court in Ohio by one Judge Graham.
    Spammers routinely also use third-party relay, which is outright theft of
    services and a violation of the Federal Computer Crimes Act, to wit,
    unauthorized access to a computer system.


    -----
    Darwin is an evolutionary OS...
    --
    Apple hardware still too expensive for you? How about a raffle ticket?
    --
    Come to the University of Mars! Classes starting soon!
  6. The answer by Technician · · Score: 4, Interesting

    Due to the massive abuse, e-mail may simply become a thing of the past. I am gradulaly moving to a web form and dropping e-mail. To write me, visit my page and fill in the online form. I'll soon no longer have an inbox.
    As inconvienient as that is, it fixes most of the problems of the e-mail system. Mostly it will not accept any bulk mail from anybody.

    --
    The truth shall set you free!
  7. I just can't do that by Sycraft-fu · · Score: 5, Interesting

    Unfortunately I can't afford to be quite so idealistic. I've had people call/mail me that are offering services that I someday want to use. I wouldn't have internet accesses if I went by that motto since the cable company, the phone company and Sprint (they do wirless internet here) have called me to try and sell me stuff. Unlike SPAM, I find that people are actually offering me (or at least are companies that have offerings) something that I want. I don't think I've ever bought from a sales call, but I've bought form companies that make them.

    However I find SPAM very different from telemarketing/bulk mailing for several reasons:

    1) The telemarketers/mailers are 99.9% of the time legit bussinesses offering legit products. When Cox calls to sell my high speed internet access, they aren't playing around, they can and will make good if I want. When I get a book of coupons in the mail, I can really go and use those for the products on them. SPAM is fradulant so often it's not even funny.

    2) Also, with classic methods, the sender pays. The company calling me is paying for the long distance time, the mailer pays postage. It doesn't cost me anything other than wasted time (and there is plenty of stuff that does that). SPAM costs me money, which makes me angry.

    3) However BY FAR the most imporant reason in my mind is that when you ask a telemarketer/bulk mailer to quit, THEY WILL. Since they are real, legit bussinesses and DON'T want to get sued, they'll obey they laws and stop contacting you if you tell them they have to. When a telemarketer calls you, ask to be placed on their do not call list, they have to maintain one and you can sue tehm if tehy call you again (unless you buy something from you, then you have a bussiness relationship so they can contact you if they like). Also a lot of companies get your address from teh credit reporting beuarues. SO call up Equifax and ask them to stop giving it out. They'll tell you what you need to do (submit a request in writing I think) and then they will, and pass it along to the other two.

    It really is the unrelenting, fradulant nature of many spammers that gets me. For the longest time I got a ton of spam from a place that wanted to allow my bussiness to acept credit cards. Well the thing is I don't HAVE a bussiness, and I already have service to accept cerdit cards anyhow. No matter, these assholes spammed me 2-6 times PER DAY. And of course they didn't say who they were or anything, just asked you to e-mail them (to a yahoo address) with a name and phone number to call.

    Stuff like that really pissess me off, I eventually had to resort to a technical solution to make them stop. However when AT&T long distance was pestering me (about 1 call every 2 weeks) I just told them to put me on a DNC list and I've never heard form them since.

  8. Re:problem with opt-in by Nonesuch · · Score: 4, Interesting
    sugrshack writes:
    ndeed this sounds like a noble and fair approach, but it's much more of an ideal-typical fantasy; one of the big problem of the so-called "opt-in" lists is that once you are on one, you can never get off; largely because the "companies" (read: spammers) that gather these addresses, sell them to others. This is why they do it in the first place.
    My solution

    Get your own domain 'sugrshack.org', and set up an MX record for 'lists.sugrshack.org' pointing to some static-IP Unix-like machine where you can set up a virtual SMTP domain (e.g. Qmail).

    When you visit ZDNet and subscribe to their mailing list, you subscribe as 'zdnet@lists.sugrshack.org'. When a mailing list starts selling your address and refusing to honor unsubscribe requests, you simply stop accepting email for the one address 'zdnet@lists.sugrshack.org', and the problem is solved.

    There are a few complications to this approach. The biggest hassle I have is that I do need to post to several lists that restrict posting to 'members only', which means I need to adjust the 'From' address on outgoing messages to reflect the address with which I subscribed.

    I don't have to worry about forgetting what address I used when subscribing, as Qmail will included a 'Delivered-To:' header for each message received to a virtualhost/alias.

    Another drawback is that I get even more spam than before (identical spam runs addressed to each of many aliases). However, spam sent to 'expired' aliases is easily filtered out and discarded.

    --

    I do not deploy Linux. Ever.