Slashdot Mirror
I, Spammer
PCOL writes "The Washington Post is reporting on testimony before the Senate Committee on Commerce, Science and Transportation by Ronald Scelson, an eighth-grade dropout and self-taught computer programmer from Louisiana, who claims that he sends between 120 million and 180 million e-mails every 12 hours, that he can break sophisticated software filters 24 hours after they are deployed, and that he has no choice but to resort to forging the sender information in his bulk e-mail so he can be anonymous and maintain his connection to the Internet. He added that he obtained all his addresses legally and that AOL gladly sold him the company's entire customer directory which Ted Leonsis, vice chairman of AOL, did not deny." It's a tough life. Here's another story about the Senate committee meeting.
Hello Pot, this is the kettle, you're black!!
AOL is a bigger part of the problem vs being a bigger part of the solution.
With great power, comes great responsibility.
"This must be a Thursday, I never could get the hang of Thursdays."
Dear God, I hope the committee saw through this pathetic little charade. Last time I checked, I had no oblighation to pay to receive advertising; I had no right to force others to pay the cost of carrying that advertising; I had no right to force others to put up with the deluge of complaints about that advertising.
And if he's right about AOL selling him their membership list and spamming their members (and AOL VP Leonsis' weasel words about "letting members opting out" does nothing to make me think otherwise), all that means is there are two assholes there instead of one. It doesn't give him any moral high ground.
But at least there's the proposal for a "federal antispam SWAT team". I'd pay good money to see a live video stream of that take-down.
Carousel is a lie!
while ($AOL)
{ $AOL=shoot_self_in_foot(with_gun);}
This sort of confirms that most spam is sent by a small group. Take this sucker out, and a massive amount of spam drops off the planet. Do it with enough prejudice, just to make sure nobody takes over the vacancy.
Why do people bother with doing crap like this? Just because they can? This guy has the mentality of a script kiddy. Someone find his info and organize a snailmail spam-a-thon.
Ok, another spammer, joy, so when are we going to start getting lists of those who HIRE these urchins? I frankly would love to start re-routing all the spam that comes to me BACK to the idiots who hire spammers. Oh, and how about some postal addresses on these spam-buying scumbags too, eh?
I wonder if anyone inside of AOL has run the numbers to figure out
and compared that to the amount of revenue that they get from selling out their customers.
Scelson tries to make the argument that what he does is no different than other advertisers who send their adverisements through the US mail.
Unfortunately he, like all other spammers, completely misses the point that the two are not related. When LL Bean sends its catalog to you it costs the company X cents to do so per each catalog.
When Scelson sends out his 180 emails a day it costs him X cents in total. However, it costs all the ISPs whose bandwidth he and others chew up X dollars per email. Thus, he is offloading the cost of doing business to the people who are receiving the email.
This reminds me of the old postal system in the UK. In days gone by it was the receiver who had to pay to accept the piece of mail. If they didn't pay the mail was returned. It is only in recent history that the mail system is such that sender pays.
I wonder if Mr Scelson would be happy if all the advertisers who send him their mailings would tell him he has to pay to get those things whether he wants them or not.
Why do I have this knot in my stomach as Congress prepares legislation to stop spam? Remember when they 'deregulated' the cable industry and all our rates went up? I know it is possible to go from bad to worse, but what is after that?
Some people have a way with words, others not have way.
Scelson, who said he does not distribute mail containing pornography, said one of his biggest clients sells a package of anti-virus computer software called Norton SystemWorks at cut-rate prices. Officials at Symantec Inc., which makes the Norton software, said in an interview that although they have not seen the package Scelson's client is selling, other similar offers that they have tracked down have proved to be counterfeit.
I get 1-2 Norton SystemWorks spams a day. If they're from this fucker, let's hope the Symantec people are able to find out where he lives, and sue him into oblivion.
sulli
RTFJ.
There is NO way he bought the AOL address information from AOL.
One thing to keep in mind when talking with spammers is that they always lie. They lie to themselves ("everything I do is legal", "I am forced to hijack open proxies") and they lie to everyone else ("Here's the information you requested").
The career spammers are, indeed, bold enough to even lie to the US Government, face-to-face. Too bad the US Government is usually totally cluefree when it comes to the spam problem, so these conmen get away with lieing to senators.
Proletariat of the world, unite to kill spammers. Remember to shoot knees first, so that they can't run away while you slowly torture them to death
In Soviet Russia, I ruled you
I think I have it. If we get the spammer's postal address, and the postal address of those who hired him, maybe we should just print out all the spam we get and sent it to the one who hired him postage due. :)
As an added bonus use the spammer's postal address as the return address.
Let's say 10 million emails per hour (lowest), 1% response rate (lowest), that's 100,000 responses per hour! That means that over the course of a year, we are talking about 876 million responses. Divide that by the 165.75 million internet users in the US, and we learn that each and every one of you respond to him 5 times per year!
Well, maybe he spams the entire world. I have no idea how many internet users there are in the world, but let's say it is something like one billion. That means everyone responds to him almost yearly! Amazing! Now I only have one question: those responses, are they sales or deaththreats?
People need to guard their email addresses in the same way they practice safe sex. Don't go sticking your email address just any old place ...
Ok, that was bad. The exceptions are cases where your ISP screws you and sells your name (like those sorry AOL customers had happen to them) or people who use brute force address guessing algorithms.
Although I think the legislation being considered is a good first step --
Nothing really beats good filtering. I put together a server side filtering process using a Mail::Audit. I support several end users who can administrate their mail rules (e.g. block if subject has "viagra" or if sender is spamboy@jizzmop.com, etc.) using a web based interface and MySQL back-end. People can share rules as well. It's working pretty well for everyone. Additionally, Mail::Audit allows you to tap into the RBL which essentially will give you an "unlisted number" - only those you have expilicity granted permission to recieve from can reach you. Sounds extreme, but I get ZERO spam.
... is here. He must not be doing all that well if he can't scrape together the dough to get his fat ass out of Slidell, Louisiana, a town I had the misfortune of driving through a year ago and whose only redeeming feature is the Lake Ponchartrain bridge/causeway leading out of it and to New Orleans.
Can't you see that everyone is buying station wagons?
Lol.
This article is 20 minutes old, I am suprised his home address, phone number, ssn, shoe size and EQ account info aren't already posted.
"Sig free in '03!"
Here's a proposal, as it seems like the world is moving closer to 'whitelist' (reject by default) method of spam combatantcy. Perhaps there should be a global whitelist set up, where a user signs up, and must verify their mail address, then the mail address is MD5 hashed and stored in a database. Recipients recieve an email from this sender they simply hash the from address and check to see if the hash exists in the database. If it's present the mail is accepted, if not, rejected. Solves the problem of invalid from addresses always used in spam, as well as solving the problem of preventing data-mining of such a 'whitelist' database by spammers (as it contains only checksums).. And it solves the problem of being able to recieve messages from people you haven't personally explicitly whitelisted; ie. old friends from highschool, aquantances with new email addresses, etc..
Whaddya think?
-- Greg
Slashdot, would a spell-checker for posting be too much to ask? It's not rocket science!
Why isn't this the same crime as handing someone an ID card which says you are someone you are not?
He claims that he "has no choice but to resort to forging the sender information in his bulk e-mail so he can be anonymous".
Isn't that a bit like saying that when I was 19, I had no choice but to resort to forging my driver's license so I could buy beer?
MORTAR COMBAT!
he has no choice but to resort to forging the sender information in his bulk e-mail so he can be anonymous and maintain his connection to the Internet.
Is that like bank robbers being forced to don a mask so they can remain anonymous and maintain their 'business operations'?
I've had one of my email addresses used as a reply to: for quite a few spams. A real PITA. Not only did that address get the standard spam, it get bounces from nonexistent recipients. Sometimes in the hundreds per day, as the result of dictionary attacks on various ISP's. On top of that, you get the indignant replies from pissed off people.
Blatant forgeries in commercial email headers should be made illegal.
He has two addresses, (assuming these are both him).
/. community like to show this guy what we consider spam?
These were the only Ronald Scelson's in Louisiana and considering they are both in the same city I would say it's fairly certain.
Ronald Scelson
211 Martin Lane
Slidell, LA 70458
Ronald R Scelson
1711 W Hall Ave
Slidell, LA 70460
Would the
and several dimensions away, Satan scraped the icicles from his beard and once more begged God to turn the heat back up. "Okay, so a spammer told the truth, but it only happened once, and it was an accident, it's not my fault, can I please have some frickin' heat down here already?!?!"
According to Spamhaus:
d en cefile=1070:
http://www.freedomforum.org/speech/1999/10/20laspa m.aspa ge8.htm ln ths/Feb98 /feb23pr1.htm
(http://www.spamhaus.org/rokso/search.lasso?evi
ABUSERS: Ronald R. Scelson
[Birthdate: 12-11-71 or 72, New Orleans, LA, married]
avsrscelson@aol.com / cajunspam@aol.com / avsrscelson2000@yahoo.com / dff@yahoo.com
Amy Hoolahan [wife/sister?]
43 CYPRESS MEADOWS LOOP
SLIDELL, LA 70460 US
Home: (504) 646-2225
Work: 504-649-6248
PHONE NUMBERS: 888-365-0000 ext. 1648 / 800-242-0363 EXT. 2427
888-724-3108 x5413752
504 781 8117 / 504-957-1037 / 504-847-1232 / 504-649-7751
504-781-6615 / 504-649-6248 / 504-781-6655 / 504-831-1595
504-646-2225 / 504-641-0876
FAX: 504 641 0810 / 504-456-0995 / 504-781-6615
MORE INFO: Connelly sues to keep spamming:
http://www.frc.org/legal/lf99j05.html
http://www.mediainst.org/digest/fall1999/p
Wife Florence Fox sued for Nu-Skin Pyramid Scheme:
http://www.attorneygeneral.gov/press2/mo
Me, I'm thinking some letters of marque and reprisal are the answer...
What a strange bird is the pelican, his beak can hold more than his belly can.
(emphasis mine) I think it's a brilliant suggestion. If the Burns-Wyden bill is passed, then I can easily filter my mail to stop spam I don't want to see. I don't think that my ISPs should be blocking email that may be spam but follows these rules. The filters in Eudora and Outlook Express are powerful enough to stop all spam I am not interested in receiving if I know for a fact that the forged header problem vanishes. I think it's a great compromise.
Don't blame me - I voted for Howard Dean. http://dean2004.blogspot.com
If you want to get your slogan and company name out there fast, it makes sense to use the Internet and email systems.
If you want to attract and retain a loyal customer base, it absolutely doesn't make sense to use spam or other annoying methods of advertising on the Internet.
As an example: I work for a company that owns one of the major online travel sites. A few weeks ago, we had an all-company conference call, and one of the members in my group pointed out that another online travel site had recently stepped up its advertising via popup ads on web sites. He asked why we weren't annoying the consumer with popup ads. The leader of the call replied, "I think you just answered your own question." He explained that while popup ads may be effective, they don't make any friends among consumers and they don't build loyalty.
If popup ads have such a negative impression, don't you think unsolicited commercial E-mail has a much more negative impression on the Internet population? Here's a hint: The spammers who sell Viagra (r), Viagra substitutes, penis extension pills, mortgages, and other spamvertised products almost never reveal their real business name. They hide behind throwaway e-mail addresses and make themselves untraceable to their audience.
Would a business concerned with consumer loyalty really have to hide themselves? My local grocery store doesn't have to hide from me. Neither does Target, Borders, Best Buy, or any number of bricks-and-mortar retailers. Amazon.com doesn't have to hide from me, nor do any of the online travel sites. Yet the spammers pushing penis pills don't dare reveal who they are, where they work, how I can contact them, or anything traceable.
I would rather trust a spammer than a lazy computer programmer to get a job done, that's for sure. It's not about being nice, it's about being a hard worker. Stupid isn't forever, but lazy is.
I think you're trolling here, but in case you aren't: That "hard work" relies on hijacking other people's resources. It relies on deception and lies to push a product to people.
(Disclaimer: This is not the opinion of my employer, of course.)
An officer of a company should not make a statement without ensuring it is correct. Or taking reasonable means to ensure it is correct.
When a specific claim is made, like this there are a few options.
1. No statement at this time, or no comment.
2. Suggest that this didn't happen. This is against our standard policies.
3. Investigate the statement, and then comment on it's accuracy.
4. Say we did no such thing, without checking. This is reckless, and a responsible person should not do so.
I know it sounds weaselish, but you MUST not make a statement when you do not have the information to justify it. You can get in a lot of trouble for lying.
Because most of the actual monetary cost of sending the spam has already been incurred by the time you filter at the client. The message has already been transmitted from client to server to server to server to client over the internet, consuming bandwidth. It has already occupied disk space. Even the end-of-the-server-chain, pre-client filters like SpamAssassin only alleviate the last link in that bandwidth-bonanza (to-client).
.procmailrc to deal with all kinds of situations, but Joe Schmoe email user shouldn't have to learn complex regular expressions.
That spam email should never be sent, period. It should not ever proceed across the internet whose bandwidth is being paid for by millions of users, providing benefit to the sender. It should never touch the hard disk of a server.
In addition, it simply takes too much sophistication for the VAST majority of email users to properly set up filters. A simple [ADV*] -> Trash filter would delete some email that quite honestly some users want -- special coupons from Amazon.com for repeat customers, for example. Those emails would by (proposed) law have to have the [ADV] tag on them. So then you add another filter above the Trash filter to allow ADV from Amazon through... and so on, and so forth.
Pretty soon the hassle of organising your filters has exceeded the hassle of having to just click 'delete' to spam (for the average email user). I can easily enter a new expression in my
MORTAR COMBAT!
"I'm probably the most hated person in this room," said an unapologetic Scelson
An impressive claim, considering that he was testifying before Congress.
Can we stop with the cut-and-paste of text from the WaPo site? The site seems to be extremely well architected to handle high demand, and has never been Slashdotted as far as I know.
"And this is my boy, Sherman. Speak, Sherman." "Hello." "Good boy."
I guess that explains statements like the following, that display his keen insight into our system of government:
"But carriers should be held accountable when they submit to anti-spam groups. Terminating services to companies' such as my own without any legal reason to do so is not the democracy that we should all be living."
Jackass, if you're reading:
1) This is not a democracy. We're a democratic republic. There's a big difference.
2) Forcing someone else to provide you a service is neither freedom, nor related to a democracy. In fact, that would be contrary to freedom.
3) Claiming you're FORCED to forge email addresses because of "bullying tactics" is akin to claiming you were forced to break into my house and dump junk mail on my desk because I refused delivery.
Apparently you think America is all about you, and that you somehow have a level of freedom that compels others to act according to your wishes.
Rot in hell, dickhead.
I've grown used to logging on in the morning, deleting 20-50 spams that made it through my ISP's filter, then reading the 1-10 valid messages.
Until a few days ago...
Then I started getting bounced messages showing up in the inbox. First a dozen or so, and now 300+ per day. Some unscrupulous bastard put my e-mail address as the return address on those damned "Penis enlargement" spams and sent out a coupla hundred thousand. All have a different name ("Buffy", "Steve", "Frank", etc.), but all with my e-mail address.
I've had that address for nearly 10 years, which is the reason I put up with spam on it, but now I'm going to have to kill it all because some moron (the messages originated in China according the to headers) picked my name at random to hide behind.
-- stream of did I lock the front door consciousness
I have been looking at the source of my spam lately, and, although the email addresses are always forged, the body of the messages nearly always point to some website.
What we should do is have a way to automatize the slashdotting of these sites. The resource cost for every recepient is very small, but is very high for the target web site. If the site is run directly by the spammer, then that's great (he get's to pay the bandwidth bill). If it is run by the spammer's client, then that's even better. If it is hosted on a free non-commercial facility, it will wake them up and will make them find a way to make their users accountable.
So how to do this in a very user-friendly and convenient way ? /dev/null. The app should have a funny user interface, that let's you know when a target host becomes unavailable (victory ! another one bites the dust !), etc. The downloadable list of target hosts should be maintained by a trusted source (it could be GPG signed for example), maybe mailed to you though a MixMaster remailer to avoid spammer suing the originator.
Make a distributed-computing application, very light-weight, that runs on every platform. You should be able to set the maximum bandwidth you want to use (the default could be very low, like 5kbps), when it should start and stop, etc.The app will go and fetch a list of URLs of images or HTML pages on the target servers, and start downloading them to
This could make all the Spam issue a lot more fun !
"He boasted that in 24 hours he could crack sophisticated software filters designed to block spam."
So isn't that in violation of the DMCA? Or am I stretching it? If he said he could get around them then its different but he specifically said he could crack them.
The Registry of Known Spammers has his contact information, including emails, snail address, toll free phone numbers, etc. Lameness filter prevents posting the whole thing, but here's a peak at it.
http://www.freedomforum.org/speech/1999/10/20laspa m.aspa ge8.htm ln ths/Feb98 /feb23pr1.htm
ABUSERS: Ronald R. Scelson
[Birthdate: 12-11-71 or 72, New Orleans, LA, married]
avsrscelson@aol.com / cajunspam@aol.com / avsrscelson2000@yahoo.com / dff@yahoo.com
Amy Hoolahan [wife/sister?]
43 CYPRESS MEADOWS LOOP
SLIDELL, LA 70460 US
Home: (504) 646-2225
Work: 504-649-6248
PHONE NUMBERS: 888-365-0000 ext. 1648 / 800-242-0363 EXT. 2427
888-724-3108 x5413752
504 781 8117 / 504-957-1037 / 504-847-1232 / 504-649-7751
504-781-6615 / 504-649-6248 / 504-781-6655 / 504-831-1595
504-646-2225 / 504-641-0876
FAX: 504 641 0810 / 504-456-0995 / 504-781-6615
MORE INFO: Connelly sues to keep spamming:
http://www.frc.org/legal/lf99j05.html
http://www.mediainst.org/digest/fall1999/p
Wife Florence Fox sued for Nu-Skin Pyramid Scheme:
http://www.attorneygeneral.gov/press2/mo
AKA: RONALD SCELSON (NETBLK-FON-106771046442576)
43 CYPRESS MEADOWS LOOP
SLIDELL, LA 70460 US
SCELSON, RONALD (RS928-ARIN) RSCELSON@AOL.COM
5049571037
It shows
And all this time I thought the bad english in the spam I get originated from Asia.
After dozens of attempts to get AOL to implement the most rudimentary outgoing filters on their Email system, and getting ZERO response, I have regretfully informed our user base that we will no longer accept any Email emanating from any machine with an AOL.COM IP address.
.orgfor details) and their mail relays have sent hundreds of viruses into my domain.
They are breaking the rules of the Internet (see: SMTP RFCs) by improperly implementing postmaster@aol.com (see rfc-ignorant
I have asked all AOL users at my site who wish to continue emailing their home addresses from work to get a new service provider and given them two months to do so. I have recommended several small local ISPs to them that I know provide good service and never allow easily detected virii like Yaha, Klez and SoBig to transit their mail hubs.
We, fellow slashdotters, can use our enormous power as administrators of email hubs to get AOL's attention - since it seems more civilized methods are useless. The social contract of the Internet is simple; play by the rules (i.e. implement the required RFCs) or you are not part of the community.
Junk mail is usually paid for using bulk pricing systems, subsidized by the rest of the postal audience.
I'm afraid you have it backwards. Bulk mail, even at its reduced rate, is what allows you to send a letter at 39 cents. Bulk mail is presorted so as to make processing time for the post office almost nothing. Your letter with sloppily written address actually takes time to be read and sorted.
ALso, the USPS is a government sponsored monopoly but it doesn't receive any tax payer dollars. It is self funding.
Finally, large glossy catalogs are very expensive for companies and they are not typically sent to people who haven't shopped in the store before or requested the catalog specifically. They therefore are not in the same category as snail spam.
ALso, the USPS is a government sponsored monopoly but it doesn't receive any tax payer dollars. It is self funding.
Not only that, but it's even older than the government. The post office was concieved under the Articles of Confederation, before the current government under the Constitution. And not only did it pay for itself, but it was once the primary source of revenue to fund the government.
Don't label something "offtopic" unless you know the topic well enough to tell what's on topic.
Do you honestly think Congress gives a good goddamn about spam? Congressman don't have to deal with this shit; their lackeys do.
This issue isn't about killing spam - it's about using spam as an 'issue' to kill anonymity online. It's yet another attempt by the government to throttle what remains of our privacy, and spam is a very convenient complaint to base this sort of legislation on.
Thanks but no thanks. I'll take the spam in exchange for privacy. My privacy is far more important than any government attempt to curb unwanted email, especially when it's just a ruse to eliminate what few rights I have left.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?