Slashdot Mirror
FTC Encourages Consumers to Forward Them Spam
Burl Ives writes "See this CNN Article. 'The FTC encourages consumers to forward any spam they receive to the e-mail address uce@ftc.gov'. I'd say if they've posted their e-mail on the web, they are probably getting as much as the rest of us already, which isn't to say I'm not hoping to see some discussion of using the statistical spam sorters to auto forward a lot to them in encouragement..." I've been using SpamAssassin for some time now with excellent results. Perhaps now I need to have my spam folder auto-forward to the FTC as well.
I like the idea of forwarding the spam, but the question remains what will they do with it?
For instance, Yahoo Mail has a feature where you can forward Spam to their Yahoo! Customer Care department. Yet, you don't know what happens.
I don't know if this is a "feel good" attempt at showing that they are handling spam or they actually run some super secret program and change their spam variables.
I'd like to see what the FTC is doing with the spam sent to them. Are they going to start a black list? Will they take action against the spammers?
I'd say if they've posted their e-mail on the web, they are probably getting as much as the rest of us already
.gov e-mail address.
most spammers are smart enough not to spam a
my pet machine
Should I forward my spam even though I'm not American?
Heh, FTC slashdots self.
- SMJ - (It's not just a name: it's a bad aftertaste.)
...we find FTC commissioners have suddenly become very thin and rich with enourmous penises, we will know they got the spam.
To use with spamassasin username is "cartman"
.forward /usr/bin/procmail -f- || exit 75 #cartman"
.procmailrc
:0fw /home/cartman/SpamAssassin/spamassassin -P -c /home/cartman/SpamAssassin/rules
:0:
/dev/null
/cartman
bash-2.05$ cat
"|IFS=' ' && exec
bash-2.05$ cat
LOGFILE=/home/cartman/proc.log
|
* ^X-Spam-Status: Yes
Yeah and lets stay anonymous not to be a carma whore...
- SMJ - (It's not just a name: it's a bad aftertaste.)
I'm using spampal for Windows with Outlook. i have the filters set up to forward it to the ftc and delete the email. Spampal is avalable here.
In America we are imprisoned by our fear of them.
i've been doing this for about a year now. can even remember where i read about it for the first time...
Acts@core.mailboks.com Acrux@core.mailboks.com Adam@core.mailboks.com Adar@core.mailboks.com Ada@core.mailboks.com
The question is, how much would you pay to have somebody delete a spam message? If it's 1 cent, and if the person could kill one every 5 seconds (which seems pretty reasonable ... I don't even read the whole subjectline before deleting most spam), then we are at about 7 dollars an hour. Given that this is not a high-skill task that could be done from the home (possibly in the third world, where $7/hour is a very high wage), we may have a new industry here.
For less than the price of a coffee per day, a user gets spam-free email, and somebody else gets to pay the rent.
Of course, there is a downside: somebody might pay the anti-spam folks money to look the other way on some messages. And there is a privacy concern.
So, am I nuts?
I'm sure the FTC won't act on singular items; however, if they get 5,000 of a single spam -- that's probably a pretty good indication that it is indeed spam and should be examined more closely.
Lets say you work for a large company, with say 10,000 people. 10,000 people * 10 spams a day (low number, but lets go with that for now) = 100,000 spam emails a day. Thats a lot of spam. Now, lets say that each spam is about 10kb. 10kb * 100,000 spams = 1000000kb, or (1000000/1024) 976 megabytes of spam. Almost a gig of spam a day.
.15 * 976 = $146.40. That may not sound that much, but over the course of a year that makes out to be about $53,436.
Now your company does not have a free pipeline to the internet. Lets assume for the sake of argument that they have to pay by the meg. Lets (wildly) assume that your company has to pay 15 cents per megabyte of traffic through their ISP.
Of course, thats just in internet feed charges. Assume that it takes the average person one second to read and delete a spam. With an average of 10 spams a day, thats ((10,000 * 10)/60) 1666.67 minutes per day, or 27.78 hours per day wasted on spam. Say the average person makes $20 dollars an hour, or about $40,000 a year. 27.78 * 20=$555.56 a day in lost time. Over a year, thats $202,777.78 in time lost to spam. Ouch.
So all those penis enlarger and diet spams are costing your company $256,000 a year. Multiply that by all the companies in the world that get spam, and you have a major financial burden
If that's what they want, that's what they'll get -- a daily helping of the contents of my Spam folder, courtesy of Cloudmark's SpamNet.
This is old news (26th April 2001).
Unselfish actions pay back better
Now that I use Sneakemail, I worry a lot less. So far, all those sites where I was worried they'd sell my address haven't done so. Occasionally one will crawl through Mozilla's Bugzilla, but not a lot so far. Just because the FTC is collecting Unsolicited Commercial Email doesn't mean they're going to do a lot about it. They're mostly going after the big cases of fraud and pyramid schemes. Its the people that are willing to pay $60 for a bottle of water that will cure all that ails them that are the problem.
echo "uce@ftc.gov" > ~/.forward
Outdoor digital photography, mostly in New Engl
"Note - This is NOT Spam - you posted to one of our FFA sites or added yourself to the list. This is a one-time email transmission...no removal is necessary. Click Remove button to be removed: Remove"
LOL
Is this really necessary? Personally I'd think a much better approach would be to simply set up test accounts (not with .gov, but I mean on AOL, local ISPs, etc) and reference the email on a couple of webpages, and perhaps in a usenet posting. They will, without any doubt, very quickly get every spam that everyone else gets, without getting hundreds of thousands of duplicates of each and every spam. This idea of forwarding all spams, either a request or some people who have mentioned that they do this by default, is just a grotesque waste of internet resources, doubling or tripling the damage a spam does.
Having said that, spam is grotesquely out of control: My hotmail inbox now gets about 90 spams a day, and while Hotmail's spam filter catches most of them, I still have a noise floor as a dozen or so make it into my inbox every day (and conversely I have to go through the Junk Mail folder every week or so as real emails get stuck in there, particularly when associates or friends use subject lines like "BTW").
Heck, it even made it into a slashdot poll
I just recieved from SPAMCOP.NET what I suspect might be 'SHAKEDOWN Email.'
I own a domain but do not operate it. (I will not disclose the domain because that just makes me a target so you will forgive my lack of being specific on this.) My email server will recieve email for this domain, but there is no active use for it. My server has no open relays.
They sent me an email saying there has been or are complaints. This is the smaller part of the email. The rest of it is advertising services to me... SELLING ME THINGS and delivering propaganda.
When a bulk of the email contains advertisment of services and only a small portion of it delivers vague and unsupported information, I have to believe it's SPAM.
Is this a standard practice for SPAMCOP.NET?
As much as I hate spam, I won't turn to the FTC or any other government agency to resolve the problem.
If you think the Net should be as autonomous as possible -- and that the government should not be allowed to restrict the free flow of information -- then you can't have it both ways and go running to the government when that flow of information is to your annoyance rather than to your benefit.
though i'm generally opposed to the death penalty, i wouldn't mind if it were only applied to spammers and virus-releasers.
Sorry, but it looks like someone beat you to the idea.
And a major financial incentive -- for your ISP. I'd happily pay a premium for an ISP that provides spam-filtering.
.
I'm not interested in perfect -- just cut down the bulk by 75% to 80% or so. False positives are bad, so avoid those.
This is NOT an issue where the government -- any government -- need to get involved.
Come ON people! You really want the same organizational paragon of efficiency that runs Amtrak and the U.S. Postal Service regulating e-mail? Are you, as a Slashdot reader, that inept that you can't properly configure a Junkbuster/Spamassassin Proxy?
If this costs so damn much money, then it is an opportunity for you to provide consulting services
With all the "let the government regulate it" talk, you'd think this was France and not the U.S.A.
Learning HOW to think is more important than learning WHAT to think.
... the FCC starts looking into spam. The main problem isn't the shady business practices that spam often advertises, the problem is that spam happens. Period.
All the Federal Trade Commission can do is try to treat one of the symptoms, not the problem.
Does this only apply to Americans, or does the FTC cover elsewhere/entire Internet/world?
What if your in America and the spam comes from China?
I thought one of the police jobs for the federal governemnt was investigating and arresting people for committing fraud. Why aren't they doing it to spam businesses?
Most people are pissed about spam because its unwanted email and the popular focus has been on limiting or controlling unwanted email. I think this is misguided, because the spammers (both the freelance mail senders and those who do their own sending for their own products) tend to join forces with the more legitimate direct marketing community and bring the debate about stopping spam to a standstill.
I think a better tactic would be to go after the products and services being sold via spam. IMHO nearly all (95%?) of them are fraudulent or illegal. If you eliminate the fraud businesses behind the spam, I think the spam itself will dramatically lighten up.
Going after the people that send the mail is also very difficult since you don't know where they are and many spams are impossible to track the origin. But in order to sell something you have to at least be reachable enough to be paid, and that should make it much easier and less resource intensive to find the fraudsters and put the screws to them.
While I like the idea that getting rid of the unsolicited email in and of itself, I think its also the least effective way to get rid of spam.
Here is my very effective (IMHO) Postfix spam filter to be added on /etc/postfix/main.cf file.
. txt
http://cs.stadia.fi/~pkoistin/postfix-spam-filter
NO WARRANTY!
You can forward email scams to them at the West African Fraud Letter address. The RCMP webmaster said "This is now a general account for all scam letters."
I do the same thing that Sneakmail does, just on my own domain. I caught somebody recently: Ticketmaster.
I ordered tickets on a Wednesday or Thursday for a concert on the Saturday. I received spam from a third party at the email address I'd provided on the following Monday or Tuesday. I Spamcop.net'ed them and deleted the email alias.
In future, I'm going to wander down to the actual venue box office if I can... it's just too bad that on the occasions that I can't, that the only alternative choice is Ticketmaster.
Their intergration of Spam Assassin into an Outlook component is great.
I use it at home and even bought licenses fr the office as well.
The software is well worth the money.
nuclear iraq bioweapon encryption cocaine korea terrorist
> I think I'd start [forwarding spam to Yahoo] if they
> sent me a summary monthly
I had exactly the opposite problem. Earthlink has an address where you can forward spam, and every time you do, they send you an acknowledgement message! I was diligently forwarding all of my spam to them, in the hope that it would eventually cut down on the number of unwanted messages that I receive... until I realized that I was effectively doubling the number of unwanted messages I received. One for the original spam, and one for the ack.
Then I carefully read their web page about forwarding. The only people they are going after are the ones that use Earthlink's own facilities to send spam. Like any significant spammer is going to do that in today's environment.
So I have come to the conclusion that ISPs sometimes provide a place to forward spam so they will appear to be doing something, and so that people can feel like they are doing something to eliminate spam.
The FTC may have similar motives -- it wouldn't be the first time that a U.S. government agency did something solely for the PR value -- but let's hope that's not the case.
This has already been done in France the email adress is spam@cnil.fr.
So many people did the forwards that the mailbox was Full almost everyday. They thought One person could deal with all the mails : they were wrong so they updated the mailbox and said they'll carry along with thos forwarded mails.
The results from these mails will permit to create a law to ban spamming in France, thus starting something in the EU, that would force a EU law for Spam.
none Yet.
It's a trick to get you to open and read your spam, to promote the US economy!!! Don't fall for it!!!
That slightly modifies the argument, but makes no essential difference. Each employee spends a certain percentage of the time doing actual work and the rest in "down time" (resting, chatting, going to the can, etc). Spam does not magically increase an employee's percentage of "up time"; hence, if an employee spends (for example) 60% of the time up-and-working, the cost of spam in arkham6's argument can be multiplied by 60%.
Actually, it's worse than that, because spam selectively comes from "up time" -- that's when you check your mailbox.
The time spent typing smiley faces? There goes Luxemburg. =)
Bad analogy. Unless it is customary at your place of employment to include smiley faces in business communications, those come out of "down time", and hence cost nothing.
/. If the government wants us to respect the law, it should set a better example.
For me, the killer app for using Linux at home was fetchmail / IMAP / procmail / SpamAssassin. I was using POP3 to download email from several accounts, into mail clients at home and at work. I was tired of re-downloading the same messages, and of sorting the messages into folders in one place and having those changes not reflected other places.
So I set up my Linux server, which up to that point didn't do much except NAT, to fetchmail my messages from various accounts, run them through procmail and Spamassassin, and then publish the messages via IMAP. Now my email is accessible from anywhere, through an IMAP client or over the web (running IMP) or through ssh/pine. It's filtered for spam and sorted into folders, and I can back it up easily.
I wish Mozilla mail supported addressbooks stored in IMAP folders, but instead I have to run an LDAP server (way overkill) to manage contacts. IMP's address book component, Turba, is just about the only LDAP client which acts like a sensible contact manager and allows adding / editing entries.
I'm serious when I say this is a killer app for me. Before, I could have replaced my Linux server with a NAT router and not really missed it. Now it's essential to the way I work and communicate.
I've found spamassassin to be mediocre with detecting spam. I get about 95% spam identification rate, but with about 10% false positives.
For example, I'm a quite active Usenet poster, using "[something]@expires-[year][month].[mydomain]" as my email address. "expires-200209" means the entire subdomain will be kicked after Sep 30. After that time, the spammer won't find a MX record for that subdomain and has no possibility to annoy me with his junk.
For legitimate correspondents, I'm telling them email adresses with a subdomain which will never expire or only very far in the future.
Running the risk of having my cute web server /.'d until it blows the whistle, here is a more detailed draft.
DocSnyder.
As for what they are going to do with it--us not-so-paranoid people would expect them to use it to generate a "paper trail", a collection of evidence, for the location, apprehension, and prosecution of said spammer. We who are paranoid may worry about the government taking a sudden interest in us when they discover we exist, but I would tend to think that argument is well worn and a little unfounded anyway.
Nevertheless, it's always nice to see it happen when the public gets a startling revelation of what they really have at their disposal--lots of people simply don't know, and since they don't know, they can't very well take proper advantage of the tools afforded them as US citizens.
Now, if you go look at Spam Laws you'll see the US has been considering a few federal bills, but haven't gotten anywhere yet. But a lot of states do have laws in effect--whether these have had stood up in court is another question...
The fallacy here is in assuming that every employee exists in a continual "on-and-working" state from the moment she sits down at her desk. Under such an assumption, 10 seconds spent doing something else equals 10 seconds of quantifiable production loss.
...
Ten seconds spent doing something else don't result in 10 seconds less of X.
No, not generically, but in the case of spam it does.
I spend a certain amount of time at work going through email. I have to. We use it for a lot of critical communications, and spam or no, it is more efficient for those purposes than phone, memo, or face to face.
So yeah, I will still blink, zone out, go to the bathroom, smoke 'n joke (or in my case, coca-cola and joke), whatever. But I will also waste time with spam. It is additive; it replaces time that I would be productively communicating.
Oh well, I bill all my time and it is a cost of doing business. My employer will save money if they can stop it.
Pyramid-schemes with peoples' real addresses are a good example of things to forward.
Print these out and send a copy to Postmaster, their city/zip. Make sure they know why you're sending it to them, i.e. make sure they can see the address of the person in their town. Depending on the postmaster, they can get in quite a bit of trouble for doing this.
I pledge allegiance to the flag...
of the Corporate States of America...
How many times do I have to opt out if a million businesses decide to take up spamming over the course of the next year or so. Sometimes I get over a dozen different copies of exactly the same spam from exactly the same sender, sent to a dozen different email addresses. These are legitimately different addresses because they have different roles. Of course a spammer won't know they go to the same person. But sending spam to them is essentially OFF TOPIC because their role isn't to respond to advertising.
Until the FTC (and this may require Congress to do this) adopts the principle that opting *IN* is required first, and that I should not have to go to the trouble to opt out if I never opted in in the first place, then as far as I'm concerned, any actions by the FTC is misguided and useless.
now we need to go OSS in diesel cars
The flaw in this design is spammers will eventually figure it out. Three years ago I set up an email box on my own server with my own domain (so it would not be subject to an ISP or webmail provider giving it out). I never put the exact address online. Instead, I put a munged form of it online with things like "nospam" added. Guess what. It got spammed. Spammers figured out how to remove "nospam" from the address. That's now built in to spamware (some doesn't remove the "-" if I use name-nospam). It won't be long (maybe a year at most) after your method becomes popular for spammers to figure out how to detect and modify it to get through. And soon after that, the spamware will know how.
The only way to do this is with a scheme that makes it next to impossible to guess the base form, or an alternate form. For example, take the MD5 checksum of the date, along with a secret string you don't tell anyone, and use the first few characters as that email address. You can use it in the subdomain or the left-hand-side.
What will be needed will be a set of these pre-generated so the mail server already accepts them, and you store them in your PDA or other places where you can readily access them, and record who got which address.
The key is to provide no means for predicting what address can be used to bypass the filters.
now we need to go OSS in diesel cars
Whoops, forgot where I was....
i was doing this over four years ago
and gave up because I saw absolutely NO results.
this address seemed to be just a black hole. maybe with the additional press it will start working again.
Use my userscript to add story images to Slashdot. There's no going back.
it's only fraud if they people selling the product KNOW they're lying. If they believe some pill or gadget really will make your dick 6 feet long, then no fraud. And how can you prove they DON'T believe that?
I'm the stranger...posting to
most spammers are smart enough not to spam a .gov e-mail address.
I really doubt this. You'd think they'd be smart enough to not send spam to any 'webmaster@' addresses, since whoever gets mail to that address has the greatest chances of being someone is willing and able to block their messages from getting to ALL the other users at that domain... however I see more email addressed to webmaster@domain than any other address that is forwarded to me. Presumably, because they know it will be a valid address at almost every domain, and/or they just spider them from web pages and put no further thought into it.
Although, I haven't seen much being sent to 'abuse@', so most of the spam software authors probably made some cursory filtering rules when they first started making their stuff, but I doubt '.gov' was in them. Only a very tiny percentage of .gov users would actually have the authority/ability to take action against spammers anyway, and there's bound to be some potential customers among the rest of them. That's the whole point of spam: not putting too much thought into the recipients. Gather hundreds of millions of addresses en mass, blast out millions of emails every day, a couple % of the recipients will buy the crap you're selling. Another couple % of the people will get downright pissed at receiving your junkmail, but they don't matter as long as you're making money. If you start getting too nitpicky about who you're sending to, then it starts to resemble real work and isn't as profitable...
They have been doing this for years now.. It could be as long as 5 years uce@ftc.gov has been accepting spam. Talk about your old news. And all the slashdot drones eat it up like it's some kind of spam revolution.. "Wow, Uncle Sam will help us fight spam! Gee whiz!"
My favorite email address to use is:
abuse@(upstream provider of domain making me register)
I disable sigs...do you?
I don't think we really need to be forwarding all of our spam to the FTC. They will just use it as statistical evidence further regulate things. I would prefer to keep governmental agencies out of my life and my e-mail whenever possible. If that means deleting some spam everyday then I am willing to do that. The best thing you can do is just not support businesses that spam and eventually they will decide it is not a good form of advertising.
FoundNews.com - get paid to blog.,
I spent a year in Iraq looking for WMD and all I found was this lousy sig.
Note the bit about removal lists
From EmailMiners@excite.com
Reply-To EmailMiners12@excite.com
New email lists 9-1-02 - Plus removal data!
New Version Released 9-1-02
Bonus Removal Lists
New September Edition Just Released
Over 15 Million Fresh ACTIVE Email Addresses
We stress FRESH and NEW
FREE BULK EMAILING SOFTWARE INCLUDED
Requires multiple smtp's
Have you purchased email addresses in the past only to find that you always buy the same data from multiple companies?
You will not get that here. We are the prime source and weed out "CD Sellers" from our order. (We know who they are, at least most of them.)
We have spent WEEKS verifying, and testing all of the addresses on our New September Edition CD ROM which is fully loaded with over 15 million current and ACTIVE email addresses.
There will be a new verified version each month!
This CD is full of highly responsive individuals.
This NEW CD just hit the market and we are the prime source. We will only be selling 100 copies of the each new edition.
This is it! The best email address data in the world!
Bonus - Yes you will get some software! Not the high dollar software but software that can get mail out and it is called mailpusher!
Bonus 2 - Our HUGE removal database 25 Million Removes! We are adding as a bonus all of ouir removes from the past 3 years of mailing. You can wash you other lists with these removes!
Includes FLAMERS, HACKERS, AND MEAN ANTI SPAMMERS!
Get these people of of your list ASAP!
This CD is HOT and we are placing a limit on the orders so get your order in today!
At only $220.00 this CD is A Bargain!
Fax Orders To 1-702-973-6667
How To Order
To rush order this "New September Email CD" simply
fill out the order form below and fax it to our 24 hour order line at:
FAX ORDER LINE 1-702-973-6667
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
Dust up your french and read the details here.
By the way Spamgourmet is the ultimate weapon for giving a self-destructing address to websites that require one for registration without getting spammed in the process. It's tested and approved by yours truly.
http://www.somebaudy.com
SpamAssassin Pro makes the 50-100 spams I get each day to my dozen or so different addresses a NON-ISSUE !
A spam filter that works. Problem Solved.
The FTC encourages consumers to forward any spam they receive to the e-mail address uce@ftc.gov'. [Emphasis mine.]
NO. This is not true: They are prosecuting the chain mail sending people, and they sollicit forwarding of those types of SPAMs.
I bet the FTC is very happy about this SlashDot posting.....
Roger.
A larg precentage of spam is advertsing illegal services or scams.
:)
Examples: All those get rich quick scams especally the piramid scams that were done on-line and in e-mail long before the famous grean card spam.
Viagra with out prescription or with a rubber stamp prescription.
Etc.
The non-scam spam I get is:
Porn spam (Now if it was any good they wouldn't need to spam in the first place)
Printer toner spam
Windows software spam (However it's lower quality than whats already available for free for Windows anyway.. and usually compleatly useless to me, or occasionally piracy so it fits in the illegal catagory again)
And spam marketting (However they usually make false clames)
Even the lagit spam tends to make outragously false clames. When ever I try and verify a clammed business relationship I find the other party is absolutly denying it or in a few cases "Anyone who buys our products is a business partner including you"
Spam has proven to be far more expensive than it clames to be (Sorry but when people say "Good bye I'll never use your services again" it's a major loss...)
The advantage is the FTC dosen't watch spam for illegal stuff like scames, false advertising and outright illegal offers (Hay if people sold wepons grade plutonium today they'd be spamming Sadam Husain)
So my guess is the FTC is looking spam over for illegal stuff and going after them.
It's a good idea and will likely get an FTC report to congress saying "Well umm it's pritty much all illegal anyway" while halling all the spammers off to jail..
I don't actually exist.
Oh, and one more thing, telemarketing does not add to the GDP at all. If anything it takes away from it. There is no creation of value in telemarketing (or any marketing for that matter). If we don't spend the money on something the telemarketers are hawking on us, what do they think we're going to be doing with it? Burn it?
I won't be crying at all the day (not likely to ever happen for the very reasons you describe) they make telemarketing illegal. I will definitely be celebrating. Then I'll be worrying about the consequences of that stupid law.
now we need to go OSS in diesel cars