Slashdot Mirror

← Back to Stories (view on slashdot.org)

CDT Releases New Report on Origins of Spam

Posted by michael on from the plumbing-the-depths dept.

Carnth writes "CDT has released a new report based on a six month project entitled "Why Am I Getting All This Spam?" The results offer Internet users insights about what online behavior results in the most unsolicited commercial email and also debunk some of the myths about spam." A very good report - read it. There's also a story about yet another sleazy spammer in Ohio.

12 of 346 comments (clear)

  1. the two things I've seen increase spam for me... by AssFace · · Score: 5, Informative

    1) Sign up on an internet gambling site.
    2) Register a domain name.

    I have multiple domain names and I know for certain that much of my spam originated from either scanning the whois database, or someone selling the e-mail addresses from there.

    I don't gamble, but I noticed that the java applets that were used for 99% of the gambling sites were all from the same place. In other words, if you want to start a gambling site, but you don't want to write software - you can pay to use the java applets of this one company. There is some rebradning that goes on - but in the end, it all goes through their servers and uses their code.
    Because of that, I figured if there were any holes in the software, that would mean a whole crapload of open spots out there. So out of curiosity I registered at a gambling site and then looked at the source (you can get the source from a java applet).
    After that, my spam increased exponentially - the immediate group was spamming me, as well as selling off the address - which then gets repeated over and over.

    I use spamassassin now and I have it tweaked to the point where out of over 100 spams a day, I only have 1 get through - and that is because the code times out and lets it through, not because SA hasn't caught it.
    I first installed it in January and in that time have only had it once grab mail that it shouldn't have - from my mom. I added her to the whitelist and have never had a problem since.
    I use one of the more recent 2.60 versions, have the spam threshold lowered to 3.5, and I have tweaked a few of the score settings. Workds great for me.

    --

    There are some odd things afoot now, in the Villa Straylight.
  2. FTC links on Charles Childs by Randar+the+Lava+Liza · · Score: 5, Informative

    The FTC already filed a complaint and had a preliminary injunction against Childs back in April. See the press release for more information. The article mentions he lives by Riverside drive in an apartment, could be with Linda Lightfoot, the woman mentioned in the complaints with him?

    --
    Life shrinks or expands in proportion to one's courage. - Anais Nin
    1. Re:FTC links on Charles Childs by blibbleblobble · · Score: 5, Informative

      If anyone is having trouble forwarding their postal junk-mail ("Not known at this address: please forward to..."), here's the address again:

      Charles F Childs
      and Linda Jean Lightfoot
      4132 Pompton Court
      Dayton
      Ohio 45405

      Keywords: "Spammer's address, Universal Direct, Pyramid marketing scam", for the benefit of google.

  3. Re:Mirror by delta407 · · Score: 5, Informative

    Argh, Slashdot ate my link.

    http://www.visi.com/~rwglynn/030319spamreport.pdf

  4. How about, "Burn in Hell, Dirty Cop"? by UberOogie · · Score: 4, Informative
    Actually, if you read carefully, this guy was a cop who got fired after being caught selling drugs.

    Yeah, this guy is a real success story to be immitated.

    --
    "Enough of this wretched, whining monkey life." -- Marcus Aurelius, _Meditations_, Book 9, 37
  5. Re:Surprised 'bots are that stupid by KillerCow · · Score: 3, Informative

    I would suspect that many bots convert % symbols now. It would only take a pass through a standard URL encode/decode function.

    There are better obsfucators available.

  6. Re:Spamburgers for Hotmail by SpamJunkie · · Score: 3, Informative

    Are you in your own address book? If so then this is likely the case, an easy trick. And if so then here's a tip for next time: check the email addresses you're getting them from to make sure they aren't in your address book.

  7. spammer's home address by Anonymous Coward · · Score: 5, Informative

    Here's what I presume to be home address of the spammer named in the article.

    ABUSERS: C. Fielding Childs
    cf_childs@yahoo.com
    Bulker's Paradise
    4132 Pompton Ct.
    Dayton, Ohio 45405
    FAX: (937) 275-3741

    ALSO: Charles Fielding Childs, Jr.
    "MAIL ORDER ALLIED COMPANY"
    2936 Melbourne Ave.
    Dayton, OH 45417

  8. In Ohio, SPAM is Illegal! by adamkuj · · Score: 4, Informative

    The Dayton Daily News article discusses Charles F. Childs, an Ohio native. Last year I testified before the Ohio Senate Commerce Committe regarding a proposed spam bill. That bill was later passed into law . Among other things, the bill has opt-out requirements, requires a pre-existing business relationship, and makes it a feleny to forge headers and/or abuse open relays or proxies to send email. I would imagine that Mr. Childs, and another Ohio spammer, Tom Crowles, are in violation of some or all of the provisions of the Ohio spam law. Here's a new get rich quick scheme for you: hire an attorney and start collecting damages from these scum (up to $100 per email plus legal expenses).

  9. Re:My spam research by Fluid+Truth · · Score: 4, Informative

    Very sorry. :-) As long as the mail server is running qmail and you have shell access, you can set up qmail files for any given "extension." .qmail is what happens to mail sent to username@domain.tld. .qmail-yahoo is what happens to username-yahoo@domain.tld

    And, if you want to accept everything that starts with your username, you set up .qmail-default. That will catch everything that isn't just sent to username@domain.tld (that has to be handled by .qmail) and doesn't already have another file handling it.

    So, you can have .qmail which handles mail to just username@domain.tld, a .qmail-yahoo that handles everything to username-yahoo@domain.tld, and .qmail-default which handles everything else that starts with your username.

    This info is pretty much available in the man page "dotqmail" and some info may be found at the author's web site at http://cr.yp.to/qmail.html
    or the Life With Qmail web site, http://www.lifewithqmail.com/.

    --
    Apparently, of the rich, by the rich, for the rich.
  10. HTML copy of the report now available by mclarkcdt · · Score: 4, Informative

    I have posted an HTML version of the report at http://www.cdt.org/speech/spam/030319spamreport.sh tml . Thanks for your interesting comments, I am collecting them for ideas for future research projects. Mike

  11. Re:My spam research by ebh · · Score: 3, Informative
    You left out the best part: If, say, user-ticketmaster@domain.tld (now, why would I pick that as an example?) starts getting spam, create a file called .qmail-ticketmaster in your home directory containing the single line

    |exit 100

    The 100 exit status causes all mail to that address to bounce, not just get sent to /dev/null. And a bounce is the most reliable way to get off a spam list. AFAIK, qmail is the only MTA that allows user-level control of bounces like this.