Slashdot Mirror
HOWTO: Annoy a Spammer
Bob writes "I think everyone by now has heard of the millionaire spammer Alan Ralsky. Here's a follow-up to the previous story. It seems that since the story was posted, people have signed him up for every advertising campaign and mailing list out there. And he doesn't like it." They're talking about this Slashdot story.
Maybe that is what should happen to script kiddies and hackers. They should be dos's to death!
I'm all for extrme methods when extrme methods are used against me.
Only 'flamers' flame!
Best schadenfreud since Pets.com and eToys going out of business.
This is one way to deal with spam, but if you spam a spammer, you will become a spammer (...) So @ the end the whole internet will slow down. I think we can better look for better alternatives.
"The test of the morality of a society is what it does for it's children." -Dietrich Bonhoeffer
Every time I sign up for a ridiculous required acct, say to iMesh, I use an email address of a domain that sends spam so that when the account is spammed the spam is sent to another spammer.
Cyclical spamming!
"Ralsky is indeed annoyed. He says he's asked Bloomfield Hills attorney Robert Harrison to sue the anti-spammers."
How does he plan to identify who to sue? And is he really going to pay to have his lawyer track down the 300+ slashdot users who posted "anti-Ralsky posts"? This just seems silly.
Most people would die sooner than think; in fact, they do.
Spam is profitable if ~.004% of the recipients respond (and buy the product). .004% from responding.
It is impossible to stop this
Is Spamming profitable when 100-1000% of the spams get replies?
If a company sees that it loses several thousand dollars in bandwidth costs, broken equipment AND the people who want to buy can't place orders, AND the spammer demands unreasonable amounts for the millions of replies, said company MUST stop paying for spam. When enough companies stop, spam will stop.
Time to set up a SLASHDDOS effect.
You all realize that this whole thing will blow up into some media thing. I bet in the end he'll write a book titled Spam Wars or some crap like that and make even more money than he did spamming....
An open reply to Alan,
Alan,
Sue me bitch. I don't give a care. For years now, you and your have somehow gotten my email and sent me all sorts of shit that takes my time from me. My time is money, and if you want to go down that route, then go ahead.
You take my time, I'll take yours. You can sue the anti-spammers all you want, but your dumb ass will smaked so hard your head will spin and will take you another 5 years just to get over that.
So sue bitch. You take my server space, my bandwidth, and my time and force me to clean up the shit you leave on the internet.
If you don't like it, leave us the hell alone, or find a better way of doing your "job"
"Bastard operators don't win...anyone can win. Bastard operators win and TOTALLY demoralize. That is REAL winning."
"He's going to sue whom? He has to find them first. And then prove that they did it. And prove that he is suffereing damages."
Hopefully when he thinks about that, he'll realize the fundamental problem with a business like that: There's no verification process.
Let me give you an example: I did an experiment with Slashdot a few weeks ago. I created a brand new, never before used email address and made it visible in my info w/o the anti-spam armor. Within days, I was on a mailing list for volunteer fire fighters. Volunteer Firefighters? I'm reaaaaaaaaaaally curious how I ended up with that. heh.
It's too easy to sign up anonymously. Because of that, it's too hard to sue somebody over a stunt like that. Want my opinion? Blast a few other people in the same way until they realize that the only way to deal with this problem is to make the signup process more secure. When that happens, (hopefully) we'll see less unsolicited advertisements.
Maybe I'm too optimistic.
I recently received my first off-color spam email at my "main" address (three years, pr0n spam free). There was a "remove-me" link to a blind web-page, but that seemed beyond foolish. I almost just deleted the email, but realized that I didn't want to leave this unanswered.
I opened the html body, then did a whois search on all six domains in the email. Four were owned by the "sender." One was for the content company, another for a payment processing company. I also looked up Virginia spam laws. There is one, section 18.2-152.4: Computer Trespass. It states
A. It shall be unlawful for any person to use a computer or computer network without authority and with the intent to:
7. Falsify or forge electronic mail transmission information or other routing information in any manner in connection with the transmission of unsolicited bulk electronic mail through or into the computer network of an electronic mail service provider or its subscribers.
The offense is a class 6 misdemeanor. In addition section 152.12 has civil relief and damages of legal fees, court costs, and the greater of actual damages or $10 per email (limited to $25,000/day) payable both the receiver and the email provider.
I replied, as the postmaster of my domain, that the email was unwanted, and I was not to receive any transmissions in the future to any emails in this domain. I sent the email to the admin contact of each domain, and to the return-to addressee with a return receipt. I notified them that, should I not receive a response from the return-addressee, the email would be assumed to include "falsified mail transmission information" and would be in violation of the applicable Virginia statute.
A week later I received an inquiry from the payment processor asking for the email body in order to identify the spammer. A day after sending the body text, I received a nice email from the same company, apologizing for the inconvenience and informing me that the spammers account had been frozen, as he was in violation of his terms of service.
It's a shame he hadn't sent me a couple hundred emails at once, so I could have filed in civil court for a couple of grand. Spending 30 minutes to piss him off is worth my time, but filing in court for $10 isn't.
Is it just my observation, or are there way too many stupid people in the world?
Screw catalogs. Sign this guy up for magazines. Every magazine you get has those annoying little cards to subscribe. Most of those have a "bill me later" box to check. Check it, fill in Ralsky's info, and enjoy.
Check out the background a little bit. From the original article:
So it seems Ralsky is the one who has engaged in illegal activity. Further:
So he also has a history of fraudulent business practices in multiple other businesses before coming to SPAM.
Now from you:
This example is of a company trying to get a law changed to make it legal for them, and only them, to hack into other people's computer systems. The people who signed Ralsky up for all this junk mail did not enter his home or his systems, did not illegally release any information that was not pulicly available, and did not violate -- nor attempt to have changed -- any laws preventing what they did.
How exactly is this the same?
Nope, no sig
Are you talking about snail mail or email opt-in? For email opt-in, it's pretty easy. You send the subscribee a confirmation mail containing a random number string, and if they send it back (just hit 'reply' and quote the whole thing) they're confirmed.
The only way to spoof this is to gain access to the victim's mailbox, so you can receive the confirmation mail with the random number in it. And if you have access to the victim's mailbox (or a router in between, etc) there is nothing that can prevent opt-in spoofing, short of everyone having pgp or some other pki, with a web of trust spanning the whole world. Like that's ever gonna happen.
"How can you claim that you are anti-crack, while still writing a window manager?" — Metacity README
It's called a Dogbert complex.
I know somebody that is a spammer. He makes a LOT of money doing it. I tell him every time I see him how much he is hated by the 'Net community. He makes about $300,000 a year though. I asked him if HE hates spam. he says no. He has Spam Filters on his email box(Spam Assassin, etc) . He says that he doesnt want the people who put up spam filters...he recommends it to everybody..he wants the people who don't have it, and they will always be there. He makes money from companies who pay him. They say it works. Throw spaghetti at the wall, eventually some will stick. He has promised me that he takes out my friends emails from his list. :)
If you're not a Liberal in your 20's, then you have no heart.If you're still a Liberal in your 30's you have no brain.
Personally, when I get spammed and it makes it's way through my filters, I take the time to scavenge their email, site, and any related service/marketing providers and grab every email address I can find. Then I go to all the lists of "click-here-to- unregister" sites and I pump them all in. That way they all wind up on the most natorious spammers lists there are! ;-)
Life is good...
Slightly OT, but there is a similar effort regarding the Total Information Awareness initiative being run by John Pointdexter. (I mean, Pointdexter is running the initiative, not the similar effort).
Basically the idea is that Matt Smith is going to publish in a consolidated place all information on John Pointdexter that is available publicly/legally, in order to demonstrate just how thoroughly scary the TIA project could be.
(Background: the TIA is yet another US government database project to track "undesirables", with the definition of undesirables being left alarmingly vague, and without a defined scope as to the usage of the gathered information...)
Slightly off topic question here. I know of a spam center here in my city that i'm quite sure is larger than the one this guy is running. They have dozens of servers doing nothing but email spam, 24/7. Wondering how i could convince someone to do a bit of investigative reporting into this place, and expose what's going on in our little town... The people I know who work there hate it, but they claim it's got to be the largest spam provider in the world.
Shit... this psychopath lives right next to me. Well, um, OK, down the street (1 block) away from me.
*huddles in corner, whimpering. Please don't slashdot my house too!*
.noitacidem deen uoy siht daer nac uoy fI
Build a program/milserver, that automatically takes any mail sent to it, and sends out a polite reply asking for more informainon to be mailed to a bogus snail mail address, and maybe a phone callback. Vary the message every day, so they cant catch on. Any replies sent to the box get a different message, insisting on snail mail. How much bandwidth would this suck? ANd how may of these would have to be set up inorder to take down the spam industry? if they got 10% bogus replies, would that be enough?
All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
I've read before that the government can't prosecute spammers because they're not really doing anything "wrong." I was just thinking.. if the federal government regulates interstate trade, the internet is a big tool of that, and spammers send extraordianry amounts of data over the internet, could the government bust them for "interfering" with interstate commerce?
Doesn't really matter why its done, the end result is the same. He's signed up for stuff he never wanted, just like the rest of us.
His lawsuit is claiming harrasment; so its ok if someone wants to give me a great deal on crap i don't want, but its not ok when people are trying to make a legitimate point? Frankly, i don't see the difference. If this is harrasment for him, then its harrasment for me.
What if Slashdot did an Ask Alan Ralsky? We could make sure that he is truly enjoying all the oportunities that he's being presented with. Maybe CmdrTaco can call during dinner for an "informational survey."
You think he'd actually answer the questions?
Life moves pretty fast; if you don't stop and look around once in a while, you could miss it. -FB
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
I've read worse. Actually doing those subscriptions with that vial content, *bill me later*, and getting the address off by one or two houses so the neighbors get it "by accident" ! That would be horrible. I read it somewhere.
As a highly-ranked post in an earlier thread stated (http://slashdot.org/comments.pl?sid=47045&cid=482 8450), that's the whole point. What he does is not illegal, but is just as wrong -- if not MORE wrong, since it costs the RECIPIENT to receive the mail, and because it cannot be filtered en masse once a day. It is both easier to send spam e-mail and more intrusive. This form of harassment may be illegal, but clearly demonstrates the principle for why what he does should also be made illegal.
I'm glad I didn't get involved, because I'm too stupid to have done this without getting caught. But I'm glad someone else did, because it was the right thing to do -- maybe not equivalent in degree to the Boston Tea Party, but equivalent in kind.
It would really surprise me if deep down any of them REALLY believed that defense for the reasons I stated. Kind of like deep down Hilary Rosen KNOWS that it's wrong to hack into private citizens computers for sake of corporate profit.
C'mon, there are other ways to annoy spammers, heres two I've heard of being used to good effect, both involve contacting those who spam you.
.au) who reguluarly has spammers spend over $20 US to send large packages of advertising material, which he promptly bins. This hits spammers where they hurt. In the pocket.
.au).
First way (less vicious): Contact the spammer, tell them you're interested, but would prefer to have hardcopy material - pamphlets, etc. Delivered to your PO box.
I have a friend (in
Second way (more vicious): Do nearly the same thing, but say you'd rather communicate via the postal service. Ask for some information plus reply paid cards (I believe these exist in the US, I've never seen them in
Wait with baited breath for the reply paid cards.
Once you recieve them, find a nice large, heavy brick, bundle it up, and mail it back to the spammers. They get billed for the cost of sending the large, heavy, package.
Apparently this approach works in the US, or so an american friend told me. Their email addresses got removed from quite a few lists after a few iterations of this scenario.
A little overkill never hurt anybody.
Since we have his address anyway, can somebody get a picture of the pile of junk stacked up outside his house?
And I wouldn't worry too much about a lawsuit. He'd need a really good lawyer to avoid setting a legal precedent that could then be used against him.
Calling their 800 number and listening to the pitch costs them money in at least 3 ways:
1. 800 number calls are billed to them
2. It will take up the time of sales people
3. If enough people do it, eventually real customers may not be able to get through.
:) umm... Don't do anything illegal... it makes you as bad as the spammers. there, i'm covered
If there's a snail address listed, send an inquiry to their services... Probably should use a P.O. box for this, so you don't clog up your personal mailbox. Anyway, this would hurt them even more. They've got printing fees, whatever fees for employees making & processing the information, and mailing fees to deal with.
The only problem with this, is that it targets people that use the spamming services... but then again, aren't they just as bad as the spammers?
I'm not sure how legal any of those ideas are... If enough people did it though, it might be somewhat effective
As something of a disclaimer.... dunno if it's necessary, but i wanna save my ass if at all possible
Bryan
Things I have started doing recently include: Mixing up the junk mail so that, for example, Company A receives some junk from Companies B and C in the reply envelope. This way, it's not even useful to them as they cannot simply re-mail the returned items.
One thing I intend to start doing in the future is partially filling out the forms that come with the materials I send back, but, for example, writing VOID where the signature is supposed to go or something. This way, someone will start entering data only to discover that it's bullshit... Or putting X's in all the little boxes and writing "Wasted your time!" Where the signature is supposed to go. Stuff like that. Oh yeah, I always rip my name and address off the documents so they don't know who's doing it. What a waste of time for that company! Hey, they wasted my time. I'm wasting their's back.
(The fine print: I don't actually do any of what I just said I do. It's a joke. Don't take it seriously. Just leave me alone.)
I don't know what the world 30 years ago was like. I doubt you do either other than from what you read or see on movies. However I don know I am sick and tired of people whining about how things were so much better way back when. I'll bet the people of yesterday were no different basically than people of today. I will also bet some people like yourself 30 years ago were bitching about their current state of affairs and how much nicer it was 30 years before your ideal time.
Johnny Cash basically said the same thing I'm saying right now but a lot more eloquently in his autobiography. God, I'm tired of people whining about the "good old days."
This guy is way out there
Good point. The same thing that happens if I leave my ISP. The next person who picks "jojo@myisp.com" is going to get a ton of spam. No fault of anyone ('cept the spammers who guessed the username), but it will be rolling in.
They invest in a wood stove and allow the snail-mail spammers to heat their house for the winter - like I did.
Unfortunately, a certain percentage of the material in junk mail is not cleanly burnable, so you'll have to toss that. If you live in an area where you're required to pay per-bagload for trash disposal, this is probably a losing proposition.
"Can't you see that everyone is buying station wagons?"