MonsterHut Jammed for Spam

DeAshcroft writes "Manhattan Supreme Court Justice Lottie E. Wilkins has ordered MonsterHut, its CEO Todd Pelow and CTO Gary Hartl to stop behaving badly. The New York Post has a story on the ruling. The suit, brought by New York Attorney General Eliot Spitzer in May 2002, alleges that MonsterHut sent over 500 million messages, fraudulently claiming that they were opt-in, and ignored at least 750,000 requests by consumers to be taken off their lists. Newsday also has coverage. The AG has an official release on the case. Penalty hearing is scheduled for Feb 11, 2003."

HOW TO Deal With Chinese Spam

[Amsterdam+Vallon]

The government just ordered all ISPs in China to start monitoring email for subversive phrases and the like, so I started replying to Chinese spam with little replies of the form at the end of this spam. Might be a useful tactic on companies who think that unsolicited email is "just regular advertising."

"Jack(export manager)" wrote:
>
> Dear Sir
> How are you .
>
> We are a lighting factory in China ,It is glad
> to introduce ourselves to you:
>
> I am XUBIN (Jack) , XUBIN is my chinese name , you can just
> call me Jack !! , I am export manager of [deleted] ,
> China, our group have four factory
[snipped]
>
> Here is our company profile :
>

[Rest of sales talk snipped]

(And now, the reply)

Thank you for your coded order. The weapons and ammunition will ship by way of the usual route in ten days, and you already know our secret Swiss bank account number to wire the payment to.

It is a pleasure doing business with you for so long, and I hope your cause will prevail. I am new to this particular computer, so I hope the encryption is working and the monitoring authorities cannot read what I am sending you.

Long live the Falun Gong! Free Tibet!

Best regards, Your arms supplier

(from http://www.netfunny.com/rhf/jokes/02/Feb/spam.html )

Re:Very easy solution

[mistered]

Actually it's not a very easy solution, since in most cases "the provider which sent it" can be very difficult to determine. The From: address is completely useless, of course. You can track back through the Received: headers to find (most likely) an open relay that send the spam to you. More than likely it's in China and complaints to its owner will do nothing. Spammers also like open relays that don't add useful Received: headers (i.e., don't put the IP address in) so good luck finding out where the spam really came from.

"ignored" - hardly

[AssFace]

ignored at least 750,000 requests by consumers to be taken off their lists.

I'm sure they didn't ignore them - they use those responses to determine that they now have a confirmed live e-mail address which is worth more than a bunch of e-mail addresses that nobody checks.
so I'm sure they don't just ignore them - they likely instead do just the opposite and have much interest in those 750,000 responses and gave them a little extra attention... like logging them in their database as "live" or something like that.

All I have to say about this is 1) I wish I had thought of it all in 1995 - could have made a bundle and 2) SpamAssassin rules!

DON'T REALLY DO THIS

[socratic+method]

While the parent post is quite funny, I would seriously recommend that no one actually take this route to cut down on spam. It is very possible that such a reply could get someone/someone's family killed. In China, it isn't like it is in the West... there may not be an opportunity to refute such charges before an impartial court. Couple a technically illiterate local government agency with the language barrier, and you could make some awful big trouble for a (relatively to the crime) innocent person.

sm

Re:How long

[Zeinfeld]

Before all these spam companies just move off-shore to avoid litigation ?

Have you been to Grand Cayman? Would you want to actually live there?

Moving the data center operations of a spamhaus offshore does not prevent prosecutors charging owners living in the US. If the criminal activity takes place in the US they can prosecute in the US.

It is quite likely that the offshore havens can and will prosecute also. Hosting SPAM senders does not bring anywhere near the amount of revenue that the traditional offshore industries of banking and shipping do. Any country that is in the offshore game is anxious to ensure that it does not draw unwanted attention to its current scams by allowing high profile criminal activity. You don't get much more high profile than businesses that anoy millions of people an hour.

Offshore havens are not by and large lawless, in fact the cayman islands sells itself on the fact that as a result of its British administration it has a government and banking system that have very high integrity. Cayman is not going to do anything to threaten that reputation and its existing business. So that leaves the spam senders with places like Congo, Nigeria and Afghanistan where the civil government has collapsed (though few 'libertarians' seem to want to live inthose countries).

Moving data centers offshore is in any case a high cost and would be a significant barrier to entry for new spam senders. If you have to move to a jurisdiction where the civil government is corrupt costs are going to rapidly spiral out of control.

The 'regulatory arbitrage' stuff is all about ideological commitment rather than analysis.