Slashdot Mirror
Spammers Sue Anti-Spam Groups
SuperBanana writes "The Register reports in a story today that spammers have banded together under the name EmarketersAmerica.org to sue various anti-spam groups- days before a large conference on spam hosted by the FTC(which will be attended by many spammers). Anti-spam groups think the timing is not by coincidence, but believe the move may backfire because they will be able to countersue and get access to spammer's internal documents. By the way, if you're wondering who these guys are, check out Spamhaus's directory of top spammers."
Here is what one of America's leading sports pundits has been writing:
Elliott Harris, Chicago Sun-Times: "A fan in Massachusetts, upset at Fox's decision to replace auto racing with Red Sox baseball, faces the possibility of a year in jail for sending more than 530,000 e-mails that shut down Fox's Web site in 2001. Hey, who knew a NASCAR fan would know spam was anything other than something to eat?"
Why do I h8 apple?
I found out about this from a friend(Hi Scott!) after I submitted the article. He put it best:
"It is classic... misspellings, copy + paste problems...He named rediculous people as defendents, including the brother of one anti spammer, who apparently lives in Italy and doesn't care about spam at all."
http://chickenboner.com/felstein/slapp.pdf
Please help metamoderate.
So, as a followup to this, from the SPAPHAUS website "90% of all spam received by Internet users in North America and Europe is sent by a hard-core group of only 180+ individuals"
It just goes to show how a few incredibly selfish individuals can bring chaos and ruin to society. It obviously does not take many to bring huge costs to business and government, so why is it so hard to prosecute these few individuals for abuse of the internet and indirect theft from business and government (taxpayer) coffers, especially if they are known?
Visit Jonesblog and say hello.
These days everybody and their dog has a lil website somewhere.
Let's say we ditched the email concept, and messaging just involved people going to eachothers websites and dropping a note via webform. To reply, you simply click the link back to the senders message webform etc...
Then to ensure we don't have web crawling bots auto submitting spam through the forms, you add a dynamically created GIF/jpeg file with a 5 letter code embedded that the subitter needs to type for the form to submit.
Then, problem solved no? Christ the email protocol we've been using for the last 20years is ready for the shitter in my opinion.
--Zuchini
The Spamhaus link already doesn't work (at least not for me, YMMV).
.... send more emails.
What's really amazing isn't that spammers continue to spam but that they continue to find people who are willing to pay them to do so. Have you ever read what an email marketer considers fair results? 2% of the emails you buy will be viewed (viewed meaning that someone actually generated an http request based on the HTML inside). How do they guarantee this? If they fall short, they will
This is an amazing comment on the ineffectiveness of spam. More than 98% of all spam messages are deleted unseen (or bounced). Of the remaining 2%, some of those were only "viewed" in the sense that they had active focus when the receiver hit delete. Of those that generate actual click-through, how many generate sales?
How stupid does someone have to be to buy an "email marketing campaign?" One could get better results by sending your $1000 to a local charity and putting out a press release.
Spam --- built on ignorance and stupidity.
Let's annouce this to the taliban
All the spammers at one big event, perfect target, haha!
Posting useless rant since 2003.
blacklisting IP addresses of the plaintiffs, libel, invasion of privacy, the publication of allegedly false information and "intentionally interference with a contract".
Allright the blacklisting is allright because the user is requesting those sites to be blacklisted. Don't know about invasion of privacy (probably publishing the names and addresses), publication of false information (isn't that libel?). Finally "intentionally interference with a contract".(well at least it's spammer english:) there was never any contract in the first place and is just the user trying to avoid harassment. I'll be very surprised if this goes anywhere then again we may not have the whole story, remember the register isn't exactly an impartial newssource.
I stole this Sig
It also seek damages of $75 million (plus interest and costs) against the defendants on five separate counts: blacklisting IP addresses of the plaintiffs, libel, invasion of privacy, the publication of allegedly false information and "intentionally interference with a contract".
.
1) Blacklisting is not a crime. One does not have to accept email from everyone if they don't want to. It is a courtesy, not a right.
2) Libel? Bwahahahahaha! Sorry, couldn't contain myself. Anyway, if it looks like a duck, walks like a duck and quacks like a duck. .
3) Invasion of privacy? You mean like you invade our email boxes every day?
4) Kinda like you folks do promising huge male organs or enlarged tatas knowing full well none of your products or services will work.
5) What contract? I never agreed, verbally or otherwise, to receive email from any of you contrary to your vehement claims to the contrary.
While we're on the subject, if you are such legitimate people selling legitimate products and services, why do you find it necessary to put misleading subject lines in your email, spoof your email headers and use open relays to send your spam? One would think that fine, upstanding businesses as yours wouldn't need to resort to such actions.
Can I pleeeeeease join this lawsuit? Please? Pretty please? I promise I won't bankrupt all of you. I'll just take half of what each of you and your businesses are worth.
But...
It's not that simple. The same laws that govern one thing cannot always be easily applied to other things. Things aren't so black and white. Think of it like "hackers". A "hacker" goes to prison longer than, someone who does, what we consider, a worse crime.
The internet and computers are a new realm. There is very little that is tangible, other than the hardware and the electricity.
This might pan out nicely.. but that's why we fight the DMCA and support anti-spammer laws, right? Because our laws have to change.
-
ping -f 255.255.255.255 # if only
Here's the full dope on Eddy Marin, spammer, and why South Florida (especially Boca Raton) is now a haven for spammers.
r es s&searchString=209.203.192.0%2F19
Eddy uses a front company, "PG&C Leasing Inc." (aka lauderdale.net) to disguise his activity. This company buys the bandwidth for him to spam through. He then sets up dummy companies to act as "customers" of PG&C. If the heat gets too hot he'll "terminate" a "customer". Of course the spam just continues under another name.
He's operated like this since 1998. He's had a long time to develope a reputation among his spamming pals, and since he brings money into the local economy, Boca Raton loves him.
Here's just ONE of his netblocks:
http://www.senderbase.com/search?searchBy=ipadd
The bulk of the spam from that netblock is from "OmniPoint Marketing". If you've been paying good attention. Spam also goes out from "justdous.com, prefersavings.com, dealstwoyou.com, and tlck.net". These are registered to things like "M.M.COMMERCE,INC", and "OptIn LLC" (which is Terry Williams, another Eddy Marin flunkie)
stealthemail.com ??? Give me a break!
--Og
They are in California. They are suing California for their anti-tobacco ads.
o +c alifornia+sue
http://news.google.com/news?hl=en&q=anti+Tobacc
It's worth quite a bit, actually. Guys like Eddie Marin, "probably the world's largest smammer," didn't get there as a result of an ego trip, but through his profit motive. There's money to be made in spam.
Getting rid of the top 180 spammers in the world wouldn't eliminate spam, any more than "getting rid of" the top 20 auto makers would rid the world of new cars. They are both competitive industries, with new suppliers waiting in the wings. Guess which industry has the lower cost of entry barrier? Making it more difficult for spam to break through the filter will only enourage more technologically advanced, more prolific spam; it's just a slightly higher cost of entry. However advanced the technology behind the anti-spam filters become, is exactly how advanced the anti-anti-spam filters will be.
There's gold in them thar spam.
Spam will not go away until it becomes unprofitable: either stop responding to spam with your checkbooks, or start collecting a (small) toll on each email received. Where there's profit to be had, the profit motive will always succeed.
The cure for cancer is coming: Reovirus
I think this guys's description of a request for a spamming program sums up his intentions:
"Well i have a proxy scanner that gets socks proxies, port 6588 and 1080, I need you to code a proxy mailer that will utilize this proxy. Will have an interface, random subjects, encoding, random fields, and ability to pass most mail filters and very good speed too..
My proxy scanners put the proxies on a http file so you need to make the mailer use cron jobs to get the proxies every 5mins or so.. Well who can do this, lets talk more."
can anybody find out who this guy is?
And the link:
Proxy mailer
So what would it take to file a class action suit on behalf of all users and ISPs? There have to be a large number of users who've missed important mail because it was buried in spam, or who've had to change the email address to get away from it, with the time lost to get everyone they care about switched. And as a small ISP, for the first time in 18 years, I'm in need of upgrading my system for performance reasons, because of the load spamassassin is putting on it dealing with all the f***ing spam it gets. Not to mention a domain that expired because the renewal notice got filtered and the time spent installing mechanisms to cope with it. I think I alone could argue for about $15K in actual damages, and I'm small potatoes. I just last night installed Active Spam Killer and I'm going to start migrating to it so that anyone who wants to send me mail that I don't know has to ask first. This is the world these assholes are making for us.
You should write a honeypot that looks like a relay but dosn't forward any but the first message sent to it. Running a few thousand of those will do more to fight spam than generating bad addresses.
I have discovered a truly marvelous sig, unfortunately the sig limit is too small to contain i
Several things point to this being a joke. If it's not a joke, their lawyer is the most incompetent lawyer on the planet.
I have difficulty believing that a lawyer coud really have drafted this crud.
First, address harvesting bots typically don't parse text looking for the representation of email addresses. They are strictly interested in mailto: urls. Embed your addresses inside anchor tags.
That said, you might want to consider adding some cover text between those anchors. Add some headings and other webby stuff. I don't know if the harvesting bots are smart enough to recognize honeypots, but if they try you don't want to be giving them anything recognizable as a fake link farm.
You also should consider a robots.txt file. Apparently some address harvesters seem to like using those to discover pages such as addressbook.asp, etc. They certainly manage to ignore them when it suits them.
Next, remember that they only find your honeypot via links. Make sure all your pages have a link to your honeypot (and don't use the words "honeypot" or "spam" in the link), as well as links from any other webmasters who might wish to perform a good deed. And of course, your honeypot pages should all interlink with each other. After all, if links to address lists point to other valuable address lists, they're even more valuable, right?
Other than the fact that the author took LaBrea off the web due to fear of his state's misinterpretation of the DMCA, a "tar pit" like LaBrea can be a useful tool in which to mire the spammers. PeachPit is another one I remember. I don't know if you can incorporate delays and slowness in an .asp, but it could be another valuable approach.
If you want to judge your success, include a link to a valid "spam-only" email address somewhere in your generated page. If it starts getting spam, you'll know your honeypot is catching flies.
Finally, I wouldn't doubt that these spammers have at least one techie who read Slashdot. Posting "Here's my honeypot" to this guy is simply going to get your hostname blacklisted among other spammers. They won't harvest you once they discover you, and any further work you do will be for naught until you bring up a new, unrelated site. As an added non-bonus, they may automate their robots to blacklist any site that refers to a known honeypot. At least I know I would do these things if I made my money selling harvester bots to spammers.
But you've got the right idea and I think your heart is in the right place. And what you're doing is certainly harmless to anyone but spammers. Good luck, and don't forget to keep a log of visits to your page.
John
If the spammers are banding together to fight anti-spammer groups, it probably means that those anti-spamming measures are effectively interfering with their business model. Maybe those 550 rejects are actually causing them some pain.
I've been very happy with my sendmail configuration, where I'm using blacklists and whitelists (/etc/mail/access) and a collection of realtime blocking lists. I had almost given up on recreational computing because of the sorry state of my inbox, but now things are better.
I think it's time for us to better document & pomote the use of these measures so that more people are sending them 550's, instead of quietly deleting their garbage.
The "cue the foo posts in 3, 2, 1..." posts will commence with no subsequent foo posts in 3, 2, 1...
Since I read the news group, it has become clear to me that these spammers do not seem to understand the trouble they are in. I don't think their plan for them to have a sockpuppet lawyer file a frivolous lawsuit against the anti-spammers around the time the anti-spammers are at the FTC conference is going to help. Makes me wonder if their absurd logic for this was that in doing so they would run the FTC conference, the anti-spammers would be either intimidated, put off going the conference to handle the lawsuit, etc.
.
Here is a list of some things that will probably bite the spammers in the ass both the suit and conference:
Pulling all sorts stunts like this before the FTC conference, not the kind of stuff they should be doing when they are going to be "debating" in front of the FTC. You can guarantee this stuff will be brought up and made reference to and it will harm them.
The spammers statements made in news groups, mail , im etc. To see what I mean just read Brendan Battles's usenet posts here and here
Illegally obtaining an anti-spammers personal information. Despite what the morons think, posting it every where online does not make it public. Anti-spammers rely on legally obtained public information, which is intended for things such as suing spammers for violating anti-spam laws, and the anti-spammers do not endorse or support the harassment of spammers.
Sending anti-american joe jobs using not only known anti-spammers email addresses, but giving their personal info such as phone numbers, addresses, etc.
The people they are suing and claim to be spews are not spews, and no one knows who spews is. They only provide a mirror.
They do not "mangle" email nor do they block it, they provide a list of IPs of known spammers and spam supporting isps.
The spammers inept attempt at DoSing these list sites. They where sloppy and the anti-spammers know who did this.
ETC
The list can go on so lets just leave it at that. I can say things will be very interring next week, I wouldn't be surprised if they try starting more shit up.
Could the guy buying all those penis pills, RC cars and septic tanks be indentified and net-quarantined? (Or shot, that works too.)
One line blog. I hear that they're called Twitters now.