Spam Research Six Month Report
Zoomer writes "Every day, millions of people receive dozens of unsolicited commercial e-mails (UCE), known popularly as 'spam.' Some users see spam as a minor annoyance, while others are so overwhelmed with spam that they are forced to switch e-mail addresses. This has led many Internet users to wonder: How did these people get my e-mail address? In the summer of 2002, CDT embarked on a project to attempt to determine the source of spam. To do so, we set up hundreds of different e-mail addresses, used them for a single purpose, and then waited six months to see what kind of mail those addresses were receiving. The results offer Internet users insights about what online behavior results in the most spam. The results also debunk some of the myths about spam." Update: 04/12 15:47 GMT by CN : About a minute after this went live, I found that michael posted this earlier. Mea culpa.
They mentioned that no spam was received from emails listed in the WHOIS database...
I'd be interested in seeing a study for companies that harvest snail mail addresses from the database.
I've received junk snail mail from every shady company on the face of the planet when I register a new domain or when it's up for renewal...plus I've even received phone calls (back when I used a real phone) about "we're ready to setup your web hosting and web design. Call us back immediately!" Persistant bugger, too...he kept calling back.
It's interesting to see those results. While I knew that spammers
harvested e-mail addresses from Web Sites, I didn't realize the
magnitude of it.
of the 10,000 spam messages they received over the six month period,
8,609 of them were from simply posting it publicly to a web site. I
always opt out of the subscription services where I can, and most of
the time I avoid posting any of my e-mail addresses publicly, now I
will redouble that effort.
They had some really useful suggestions also, my favorite was using
multiple "disposable" e-mail addresses and forwarding them to a main
e-mail address that you keep private. When you sign up for a site,
create a new disposable e-mail address and use that. If you start
getting spam from it, just shut off that disposable e-mail. That is
incredibly good advice.
I like the idea of disguising or masking your e-mail address,
although I think using HTML characters or a "Human readable"
equivalent is something that spammers will easily be able to
circumvent if the practice becomes widespread. They don't bother now
because not many people do it.
What I would like to see is a standard practice of generating your
posted e-mail address into an image. This would make it
*significantly* more difficult to harvest e-mail addresses in mass,
while remaining easy for a single use of sending someone an e-mail message.
Doug Tolton
"The destruction of a value which is, will not bring value to that which isn't." -John Galt
DMCA regulates something that is strictly my own business, like do I watch my DVD under Windows or under Linux? If you send spam, you are making it a million people's business.
I tend to talk to people I know on the phone and just check my e-mail once per week to see if anyone sent a message about my programs. Even if you are right, I have to sit for 14 minutes doing nothing except deciding which messages with "Hi, Oleg" subject to open. And I deleted quite a few legitimate messages because I didn't recognize the address.
By the same token, if I went to sleep at 4am I won't want to have a chat with a telemarketer at 9. So I end up turning off my phone until I wake up and possibly missing calls from friends. And I don't want my physical mailbox to overflow just because I went on a one week trip during the holiday season. But spam is definitely the worst.
Communication between people is good. I should be able to publish my postal address, my phone number and by e-mail on the web and invite people to contact me if they looked at my stuff and want to chat. Remember when shareware came with a README file with all kind of contact information to send $15? I actually got a few nice snail mail letters with checks.
Spam has destroyed our ability for this kind of casual communication. People sending it or selling the products advertized make very little money compared to the value of our time or forced changes in our behaviour. It's time to stop them using technological, political or cultural methods, whatever works best.