Slashdot Mirror
Spamfighters Get A Hold Of Spammers' Incoming Mail
Karin Spaink writes "On July 3 2003, cyberangels.nl was obtained by Spamvrij.nl, a Dutch foundation fighting spam. Previously,
the domain was owned by the infamous Cyberangels, who are majorly involved in spamming. Cyberangels felt forced to drop the domain when the ground under their feet got too hot after BBC journalist Andrew Bomford connected Dutch ISP Megaprovider to Cyberangels.
Since the MX-records for cyberangels.nl now point to spamvrij.nl too, they get all Cyberangels' incoming mail: bounces, spam complaints and what have you. Have a peek: what kind of mail does a major spammer receive in the course of three days? By now, they have a
very precise answer: 6305 mails. Spamvrij.nl published an analysis of those mails on its site."
"Introduction: 6305 mails in (basically) one day
;-)
We received 5880 bounces and forwards
We received 12 spams for @cyberangels
We received 40 attempts to annoy Cyberangels
We received 371 complaints about Cyberangels
We received 2 business mails"
In other words, they received 12 spams and 413 legitimate emails (not counting the bounces). That can't be right; everyone knows that most inboxes have a ratio of spam/non spam that is more like 413:12 rather than 12:413. Liars!
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Is how few emails were for business. I assume this category would include responses to spam. Maybe I do not understand the story, and the CyberAngels people were merely responsible for sending the spam (for other people), and if anyone responded to the offers in the mails it would go to an non-CyberAngels address. Or possibly redirected to a website, where they could make a purchase. Yeah, as I type out my thoughts, the reason for the dearth of business emails becomes clearer.
.0003%, and insanely high (compared with other forms of direct marketing), like 5%. People can argue for one side or another, but I need more evidence than conjecture to begin to understand the problem. If the response rate is already very low, then relatively simple technological solutions would probably suffice to drive them low enough to make spam unprofitable. If the response rate is high, it is going to take a lot of effort to fix this problem, possibly involving a redesign of the email system.
I had hoped for some accurate stats on the actual response rates to spam. I have heard rumors flying around that they are insanely low, like
Glad to see these spammers were shut down, but we need more insights into the way they operate in order to shut them all down.
Well, if the owner of a domain changes, then mails intended for the previous owner will inevitably be mistakenly sent to the new owner.
I very much doubt that this could be validly considered illegal in this sense. Immoral...that depends. If you sign up with an ISP and end up with a mail address that used to belong to someone else, it'll be difficult for you to determine which mails are intended for you without reading them.
A solution could be to have a time (e.g. 6 months) during which a domain can't be reassigned after the previous owner has abandoned it, so that potential senders will get their mails appropriately bounced and realize that the address is no longer valid.
Spammers intressts me, I hate them. But I do wounder how much the company buying the spamming service actualy to earn in the end. For ones I contacted a company about there wounderful product, and said I was intressed in buying some. My idea was to get hold of a real life person, to send my "I live in a country where its illegal to spam people, so you guys broken the law!".. But ofcourse I didnt mention that on "intressed in your products" mail I sent them (on there official sales email from there site).. Now whats realy make me confused is that they never wrote anything back.. So..
1. Spam me
2. Ignore me if I want to buy there product
3. ???
4. Profit!
The sheer volume of messages must mean that most spammers are out for only one thing: credit card information. And the best way to get those is to run some scripts to strip out the necessary information. I cannot believe that they can take the time to actually parse out the information by hand, figure out which non-existent product they are selling, and sell anything. 6,000 per day would be 8 seconds per message in a 12-hour day, more or less. I have heard that 40-60 percent of spammers never ship any product, just take a bite out of your credit card and move on. This goes a long way toward confirming that suspicion.
LOL so you say the now have lots of data on someone (spam e-mail) and got it through an amusingly simple and old tactic. We have a word that: sabatage. Let the spam companies go bankrupt
What I can't believe is that they didn't get more *dictionary* attacks than that, I mean, ba@cyberangels.com should have gotten spammed like crazy with such a short username.
Could it be that since they have so little non-spam-related activity that spambots didn't up the domain? I'm completely guessing here, but the ratio does seem incredibly wrong.
-Looking for a job as a materials chemist or multivariat
I'm pretty happy about that. According to an article in The Register, One of the board members of spamvrij.nl is Karin Spaink, very likely the same Karin Spaink who has been involved in the battle against $cientology.
Taking on spammers nd $cientologists. Damn. She's got guts.
I suppose the question to you would be how is it illegal? The burden of proof falls on the accuser not the defender. As far as I know there are no federal laws regarding email as there are for regular postal service mail. If you can think of something this violates then let us know.
One line blog. I hear that they're called Twitters now.
rtfa:
if in one day ba@cyberangels receive almost 6000 mails from people who are smart enough to figure that they get bounces because their addresses have been abused by a spammer and who then proceed to redirect those bounces, you can begin to image the volume of bounces that spamruns create, of the sheer volume of those spamruns themselves, and of the that traffic spam creates for decent providers.
translated:
This is not from normal bounces, this is from people whose e-mail was abused and set a forward on the bounces to cyber angels, OR (less) from people who had more intelligent bouncers, and bounced to the correct domain.
So this is very very small percentage of the total e-mail sent.
I have my own home domain which was setup shortly after college and used (then) to just keep communicating with distant friends. Back in the day UUCP was how it was done for $15/mo which gave me 3 hours of transfers before I had to start paying extra.
:). Hundreds of non-existent users to just harvest spam. Any USENET type postings have a good email for about a week (if at all) before harvesting. Hell, I even like to add in users where they attempted "bob@" that didn't exist.
... we have a problem.
BECAUSE of the spammers I did have to pay extra. Long ago went to broadband type connections starting with ISDN (still backup and my only phone lines) to 10Mbit wireless uplink today (sweet). Funny, but I am STILL paying for the bandwidth and SPAM still annoys the hell out of me personally.
So -- to get it under control I baited the spammers (and still do
Me, myself, and my wife -- here's my stats for the entire month of June:
Outbound (work): 60 (1.74%)
Outbound (personal): 49 (1.42%)
Notes to myself: 89 (2.58%)
Inbound to me: 422 (12.24%)
Inbound to the wife: 14 (0.41%)
System messages: 68 (1.97%)
System ERROR codes: 2 (0.06%)
Just TESTING: 7 (0.20%)
SPAM TRAPPED: 2738 (79.39%)
TOTAL EMAILS: 3449
Um, Houston
<i>It doesn't appear to have any personal emails or anything - just spam for the spammers.</i>i jn.html">evidence</a>.
<br>
This is true for <i>almost</i> all of the mails. There seems to be one of the two business emails included that they use as <a href="http://www.cyberangels.nl/evidence/mailmart
<br><br>
IANA L, so I don't know if it's illegal, but I think it is difficult to say it's not immoral. One could say that the cause justifies the means...
They didn't hijack the domain.
But receiving and publishing private correspondence that's destined for someone else is not. When you purchase a domain someone els used, it's NOT the same thing as purchasing their business from them.. it doesn't automatically entitle you to anything.. other than the domain.
Pretend you moved into an office, and got mail delivered to the previous occupant... it's still a federal crime for you to open that mail if it's not addressed to you. Now, I'm not saying it's necessarily as clear cut with email, but it's the same general thing, and it is immoral.
email as it exists for the most part today, is like sending a postcard. At least that's the rhetoric behind some of the responses from early spammers: "Well someone with that email address opted in for email. Maybe it was the person who had it before you? Don't you want it?" Nobody had this domain before me, thanks.
If they wanted private email, they maybe shoulda used something like PGP or something like TLS to authenticate. I would think that spamvrij.nl didn't get access to any private keys or certificates.
RM
We're not the only country with legal porn and prostitutes I suppose.. although the world famous 'window shopping' in Amsterdam might be rather unique. And for Amstel, well that should be illegal. There's much better beer than that, both in The Netherlands and Belgium.
On a different subject, Karin Spaink was mentioned to belong to the anti-spam group. She is also the one who won the lawsuit that Scientology started against her for publishing excerpts of their trade secrets on the web.
I know this guy personally (posting anonymously for obvious reasons). He got the company from his father, as a birthday present.
He is friends with this guy. And I mean, good friends. There was a third guy (American) who brought them together. The Fluffi Bunny guy was into serious fraud (hell, I've seen it happen first hand, stolen credit cards used in night clubs in London, heavy drugs, etc.).
I am not surprised that now Bevelander is under the spotlight. He was a criminal two years ago when I met him. He is a criminal now.
Spamfighter gets holds of spammers inbox. 99% of it is junk. 1 e-mail is of minor passing interest.
wouldn't matter over here.
email is considered to be much the same as normal mail by law here, and so the same secrecy/privacy laws apply to it.
so, this could(probably would) be a case where you moved in a house and then received mail that was supposed to go the earlier owner of the house. you are not allowed to read through it and do a complete analysis of the psyche of the previous occupant, even if he was a convicted murderer and got hauled out of the house because of that.
that is why there is so much flaming and fury when there's those "employer reads employee emails", because here email(if it is somehow 'protected', with password and what not, meaning that if the employee is under the impression that it is _personal_) is considered just as private as if the employee left a closed letter on his/her desk with his/her name on it, and it would be VERY illeagal for the employer to open it and check whats inside, even if it was companys letter... few heads have rolled because people tried to get information on who made a leak to the press from a tele company over here, undoubtly the leaker used the company owned phone, probably even a company paid gsm subscription. yet, it's enough to send people to jail for just sniffing in the logs who called who.
a letter would be a letter even if it wasn't sent by the gov regulated system(and, internet is prepaid and gov. regulated by the way).
'here' is Finland, and undoubtly many, many other places, where privacy and freedom prevails, if stumbling at times..
world was created 5 seconds before this post as it is.
If that's not possible, couldn't someone just host a database that users could add the name (+address/phone info), url, and offending spam-message to? That way an organized boycott/reverse spam/snailmail campaign could be lodged against those who pay to clog the internet with their muck? I couldn't have been the first person to think of this...perhaps something like this already exists?
There is no gravity...the earth just sucks.
So 6305 mails in total, one of which was a valid email from someone wanting to contact them.
Signal to noise ratio of 1/6304
So how is this different to anyones email these days?
Ooh! The Open Source bad analogy! Publishing the spammer's email allows a distributed analysis by spam-fighters world-wide. Possibly someone has information about these criminal activities that wouldn't be connected without access to the emails.
I hope that they checked the legality under Dutch law first, so it's probably/hopefully legal. As to if it was morally wrong or not, I'm still undecided. (Not that I'm not laughing my ass off over it. :^)
One line blog. I hear that they're called Twitters now.
I'd like to find a financial institution that will give me a credit/debit card number for which they will reject all transactions, and they immediately relay to me any transaction data that comes in over the banking network. That would be a big help in finding spammers.
Actually, you'd be amazed what problems you have setting up Spamassassin for someone who works for an Erectile Dysfunction clinic...
Shutting the spammer down took about a month, but ultimately was successful. I got their 24 porno sites, two fake billing sites, and a few other related sites kicked off ISPs from Sao Paulo, Brazil to Brooklyn NY to St. Petersburg, Russia, where they actually were. They've been down for months now, and they are staying down. They don't seem to have come back under a different name; searches for ther subject matter in Google come up empty.
I had the advantage that I own "Downside" as a registered trademark. This gave me some legal leverage.
One useful tactic was to report phony domain registration info to ICANN. Some domain registrars will then lock the domain against changes until the domain owner provides them with valid ID info. If you do that, and you then get them kicked off an ISP, their domain is locked to an ISP that won't host them, and they can't fix it without disclosing their identity to their registrar.
In this case, the spammer had their own DNS server, so they could quickly move their sites from ISP to ISP. But I managed to get all three of the domains that handled their DNS queries locked, then kicked off ISPs, which took down their entire set of sites.
It turned out that the CEO of their ISP's upstream provider in Russia was somebody I knew from the 1980s, so I was able to get even a Russian ISP to cooperate.
You don't have to sit there and put up with this stuff. You can fight back and win.
Check out this page and scroll down to the link labelled Commentator: Telemarketer's View. This woman actually considers the people who hung up on her to be rude. Given that there are so many fraudulent telemarketers who record everything you say and edit together a tape that has you agreeing to buy a three-year supply of alligator repellent, we have to assume that all telemarketers are criminals and that it is unsafe to say anything to any of them. Hanging up on them is simply self-defense. Since telemarketing is even more intrusive than spamming, I don't think anyone will mourn it if it passes without harsher measures.
Regardless of the payment type, I would expect any institution responsible for the brokering of money to have information about the buyers and sellers of said services or products.
Stocks have their regulations and their governing bodies. Banks for Direct Debit are ultimately responsible for who is making wildrawals from our checking accounts. Paypal must eventually disburse payments through something similar.
My point: I'm ready to start pulling all my money out of banks. I've already canceled 2 out of 3 CCs due to unscrupulous behavior of merchants. One was charging me a monthly. When I tried to track it down I got nowhere. I called them up and they couldn't even tell me what products or services they sold! How the hell did my CC validate a purchase without knowing what business these pogos were in? There is no way to block a merchant from issueing a purchase. You can only declare purchases as fraud. Who wants to do that every month? The other CC I canceled, I did so because I started receiving alot of those class-action notifications against them. Hopefully if enough people react similarly, some money hungry executive will start asking why he's seeing a decline in membership. If consumers sit on their fat ass and take it as business as usual, we will continue to see ripoffs.
Some may say the CC are not at fault, but I say they are at fault for not knowing who these merchants are and allowing them to bill consumers. I can no longer trust banks to act in ANY small interest of the consumer.
My conclusion is these spammers are being protected by the prince of dakness. MS and gov chasing phantoms at the misdirection of those that know better, may prolong this war for the profit of all involved. Not for any silly naive principle any of us are hoping for. Shed them.
"Last one in is a rotten goblin!" - Kepp
I go along with the 'Current Resident' model for resolving the legalities of this question. My plaintext e-mail is NOT protected by a password, my POP3 mailbox IS so protected. If I want the MAIL itself protected by a password, I should send it encrypted (privacy assured) and signed (authenticity assured).
BTW, IAAL
utter rubbish
This guy is hilarious.
:) :)
A couple of years ago (the dot com bubble was still hot), the biggest Dutch tabloid newspaper De Telegraaf carried an article about him, in which he portrayed himself as the Next Big Thing (tm) to happen to the internet, likened himself to Uncle Scrooge, Bill Gates etc.
A couple of days later it turns out his "anonymous venture capitalist" is his rich daddy..
And the big and impressive colour picture of him amidst the 19" racks with servers, routers, storage units, ups's, cables etc. was not taken in his company, but was him standing among the gear of his colo company
He was fighting with all of his 50.. oops, 20.. sorry 10, no.. 5 employees, none of whom could program or decently operate a unix system.
In the course of the years his company turned itself into a major slapstick with sysops announcing to peering isps that they were "as of now publicising the following ip-range:
192.168.0.0/16"
(historical!)