NZ Spammer Shutdown Makes Big Difference

lump writes "A notorious spammer, based in New Zealand, who had his name and other personal info released first in a national newspaper, and then on the web, has shut down his operation, citing harassment. What interests me about this case is that, in the 5 or 6 days since he has supposedly stopped operating, I personally have had one (1) spam email, to an address which had previously averaged around fifty per day. Colleagues report a similar reduction in spam. All I can say is 'excellent.' Hate to say it, but in this case, vigilante type action seems to have had the desired result. This needs to be publicised, as anything which slows down spam can only be a good thing."

Spam's off the menu

[svvampy]

Does that mean we can only look forward to baked-beans?

Re:Spam's off the menu

Does that mean we can only look forward to baked-beans?

The baked beans are off!

Re:Spam's off the menu

[Neop2Lemus]

I DON'T LIKE SPAM!

Re:Spam's off the menu

[Desert+Raven]

Baked beans are off.

Re:Spam's off the menu

Does that mean we can only look forward to baked-beans?

ya, and fried tomatoes ya freakin limey!

Re:Spam's off the menu

Now only if we had the personal numbers of CEO's of the Top Recording and Movie companies, and maybee they will stop their campaign against the other 6361187900 people in the world.

Third of Nine

Re:Spam's off the menu

[Geek+of+Tech]

You do not like green ads in spam?

Would you like them on a boat?
Would you like them on a goat?

Would you eat them on a plane?
Would you eat them on a train?

Would you read them a whole lot?
Would you read them off slashdot?

.....

But the virii are still out there!

[serial+frame]

Yeah, true, but this doesn't stop the flux of spamhaus cohorts' virus-infected computers sending me their pestilence simply because I'm still on their "hit lists" or whatever. That's basically evidence that even if the root of the problem is taken care of, that the symptoms can still persist.

Unsolicited e-mail, spam or virus, all the same to me.

Re:But the virii are still out there!

[Gherald]

Spam and virus e-mail may both be unsolicited, but beyond that they are not related at all.

The motives are different, they propagate themselves differently, and the actual message sent is very, very different.

Please be mindful of this because the distinction is huge.

Re:But the virii are still out there!

[serial+frame]

So? I'm still receiving viruses from spammers.

It's not unreasonable to think that the two problems are related. This is, of course, based on the simple assumption that most people I converse with via e-mail on my particularly spammed account, do not use e-mail clients capable of propagating viruses. So obviously, the first sentence is true in at least 98% of the viruses I receive. I don't receive viruses from people I know. (that is a fact, may be different for different people)

Consider: most spammers use Outlook or Outlook Express. Every virus I've received was from Outlook or Outlook Express. The vehicles of propagation to the end receiver are still the same, be it spam or virus.

If all spammers, not just spamhauses, were eliminated, my virus count would likely be zero, or very close to it. The distinction between the two is irrelevent to me .

Not that I mean to be inflammatory, but what you said strikes me as though you were saying that I shouldn't hold spammers responsible for the doubling in size of the total amount of garbage I receive daily (because of viruses). I mean, give me a break, I'm on a 56k.

Re:But the virii are still out there!

Well my spam count on my two private addresses has been zero for years, but I am nontheless getting many viruses sent to me there. (To the point where I've actually created subject line filters for all the known SoBig ones).

And I have no idea where these messages are comming from because the addresses are obviously spoofed (e.g. I doubt a couple Debian friends are using Outlook).

So while some of your virus e-mails might be related to spam, that is not necessarily so and even if you could prove it true I would chalk it up to random chance more than anything else.

Re:But the virii are still out there!

Spammers use specialty software that sends millions of emails a day. Virus writers don't target that software...

Now there's an idea!

Re:But the virii are still out there!

Hi -- the current virus has it's on SMTP mailer and fakes the X-Mailer tag -- You have no idea if they are using Outlook or not.

Re:But the virii are still out there!

[Kris_J]

I've just started getting hit by the latest email worm/virus/trojan thing (some jerkoff with my real email address has just gotten themselves infected). And judging by the lack of response from my personal address' email server I'm not alone. This could be the resurgance predicted as people got back to work after the (long?) weekend. Either way, spam is probably down because email servers are overloaded more than peoples' inboxes are.

Re:But the virii are still out there!

Can't say about SoBig, but one common tactic for these things is to grep the browser cache file for email addresses. Perhaps some virus-laden lamer is considering upgrading to Debian and is checking the lists.

Re:But the virii are still out there!

[serial+frame]

Like I said, these are individual circumstances. I've yet to receive a single spam or virus on my private e-mail account.

Now someone SHOULD shoot me and mod my post down to -1 for being off-base on the Outlook thing. Please?

I'm sorry if I'm off-base or have offended you.

Re:But the virii are still out there!

[symbolset]

If you hadn't bought the penis enlargmenent pills you wouldn't be on their sucker list.

Re:But the virii are still out there!

viruses, you fucking moron. stop pretending to be clever.

Re:But the virii are still out there!

Hi -- the current virus has it's on SMTP mailer and fakes the X-Mailer tag -- You have no idea if they are using Outlook or not.

To future virus/worm writers: Remember to check the browser for an HTTP proxy and any mail clients for an SMTP gateway. All our virus attacks have been contained because they expect unrestricted access out to the Internet and don't take into an account a firewall blocking port 25/tcp and 80/tcp. Very shoddy work I might add, especially if you're targetting corporate networks. All it does is make us firewall admins annoyed at all the deny logs. So get with the program you lazy fucks, check for those SMTP and HTTP proxies!!

Re:But the virii are still out there!

[(startx)]

your telling me! The email address I have registered with /. is strictly there to collect spam. I've never registered it anywhere but /., but now I'm getting tons of rejected messages from Sobig.F saying that my email from this address was undeliverable. f'ing spammers not keeping their wintel boxen up to date...

Re:But the virii are still out there!

[EzInKy]

Spam and virus e-mail may both be unsolicited, but beyond that they are not related at all.

Technically, you are right of course.

The motives are different, they propagate themselves differently, and the actual message sent is very, very different.

But, though the methods, motives, and messages may be different the effects are the same because both turn something useful into something useless.

Re:But the virii are still out there!

[jafiwam]

Part of the description of SoBig.F includes:

"The worm searches the local hard drive for files with the extensions TXT, HTML, EML, HTM, WAB and DBX. The files are used to extract a list of recipient email addresses that will be used by the worm to send infected emails."

(From Sophos.com)

So if someone who visited a page that you had posted in and had the HTML from Slashdot in their cache you could get the emails. Nobody need to have sent you spam or have that email on a list for you to get those messages, only that someone visited a page with your email in it that was retained in a browser cache. (After all, the spammers were not using much, or you would not have seen an increase in messages above the noise.)

This is a good arguement for keeping the caches in WinTel boxes cleared out, fewer targets.

(I think Slashdot has an option to not display your email address, turning that off may help prevent such messages in the future.)

Re:But the virii are still out there!

[mr.+methane]

Err.... No. Most spammers use one of several programs specifically designed for spamming, with features like rate throttling and header munging. These programs often tell dim-witted MTA's that they are Outlook or Outlook Express simply because that's a well-known mailer.

As for the virus count, that seems accurate, and reasonable; Outlook and OE are, by far, the most popular mail programs on the planet, and they are the default mailers on perhaps 80% of all desktop computers on the planet, most of which are used by relatively unsophisticated people to perform day-to-day tasks.

Windows is no more or less secure than any other OS, it's just a lot more popular. If linux was more popular (and especially if there were a huge LinuxCorp to bash - oh, wait, there is!) you can be sure it would be decried as the source of All Things Evil on the internet.

Re:But the virii are still out there!

[bismarck2]

I can guarantee you that most spammers are NOT using Outlook/Express. They use software especially designed to spam.

What confuses me is how posts like this get rated so highly even though they are based on obvious gross factual inaccuracies. There are several posts beneath it with 1-2 ratings that are much more intelligent.

Re:But the virii are still out there!

[4of12]

some jerkoff with my real email address has just gotten themselves infected

I feel your pain.

That's why I never give my real email address to anyone.

Re:But the virii are still out there!

Based on my secret intellegence and infiltration efforts against spammers, i've come to the conclusion that spammers are definately behind the recent influx of the virus. I got 650 copies in my honeypot mailbox.

There is a lot of money behind this effort, funded in part by the spammers (who certainly don't lack money). I suspect they either hired the virus writer, or the virus writer was a long time spammer, but most certainly, they are related.

Re:But the virii are still out there!

[rifter]

So? I'm still receiving viruses from spammers.

And spam from viruses!

Re:But the virii are still out there!

[Kris_J]

It was back from when I was eBay-ing. Spamcop kept blocking Telstra Bigpond (major .au ISP) addresses so I had to give out an unfiltered address. 25 (100k) virus emails arrived last night. Five have arrived in just the last two hours. And this is for an address that *was* seriously filtered. I've already redirected all my legitimate email to a new alias.

Re:But the virii are still out there!

[instarx]

That's why I never give my real email address to anyone.

It was a joke. If he never gives out his email address...duh.

Re:But the virii are still out there!

[Kris_J]

www.spamgourmet.com

Doi!

Me too

I really have noticed a dramatic decrease in the amount of spam I've received in the past 4-5 days. I figured it was just due to my dilligence with unsubscribing myself to mailing lists but everything just suddenly dropped off.

Re:Me too

[John+Seminal]

LOL.

I remember years ago when I responded to the footer "Click here to unsubscribe". Little did I know that was a way spammers varified email addresses. It must have taken me off the $20 for 1 million email addresses, and placed me on the $250 premium list.

Kinda like the footer that spammers had which cliamed their email complied with some HR#1342 blah blah blah. That is when I became suspicious, because I knew something that passed in the house alone was not law.

Re:Me too

[adelton]

If the spammers get as much virus-bounces as I do (about 1000 over last 24 hours), they figure out that it doesn't make sense to send any spam at the moment. It will simply get lost among the other trash.

I set up bogofilter to mark Bogosity in two categories -- viruses and spam. Then I color the index in my mutt accordingly and I get nice overview. The virus to spam ratio is about 25 : 1. The spam to legal mail ratio is about 3 : 1.

Re:Me too

[eclectro]

Yup, I have had a dramatic reduction in one of my throw away hotmail accounts.

I really thought that it was because microsoft got their act together. Boy, was I fooled.

Re:Me too

[meldroc]

Wow, I just check my mailbox (as well as the abyss into which my ISP casts the most blatent spam.) It's nearly disappeared. My ISP's spam hell contains mostly SoBig viruses, and my current biggest email nuisance is bounce mails from ISPs getting SoBig viruses that forged my email address into the From header. Sysadmins, PLEASE turn off the virus bounce emails. I do not have SoBig on my computer, since I run Linux & SoBig won't run on my box.

Re:Me too

[Boiling_point_]

An AC writes:

I really have noticed a dramatic decrease in the amount of spam I've received in the past 4-5 days. I figured it was just due to my dilligence with unsubscribing myself to mailing lists but everything just suddenly dropped off.

Hmm let's see - an anonymous coward uses a subject line of "Me too" to provide a brief anecdote about noticing an unspecified decrease in spam received during an approximated timeframe, then speculates on attributing this to an untested hypothesis, and gets moderated "+4, Informative".

Come on - you know you wanna blockquote me now, and get a +5, Funny for saying "You're new here, aren't you"...

Re:Me too

[Yorrike]

I thought I had something wrong with my newly rebuilt mail server, but it turns out the 4 spam messages I'm getting each day are all that's left after that bastard stopped his servers.

Today was the first day in over 5 years I've actually recieved more real e-mail than spam, and I have my fellow countrymen and geeks to thank for it.

So, to paraphrase Homer Simpson: "To New Zealand; the cause of, and solution to, most of the net's spam".

Re:Me too

[Zeromous]

I sure as hell noticed that I received NO email on a heavily spammed address of mine for almost a week!

It's also not the least bit strange anymore- since my mailserver is .au

One down......

Re:Me too

[orthopodreloaded]

I just followed your cue and clicked on all the unsubscribe links and the spams increased manyfold !

Re:Me too

[eclectro]

Yeah, that HR#1342 nonsense was really annoying. They were like saying "see, we are law abiding citizens, we're doing you a favor" What BS

Scum of the earth.

I really believe that contrary to popular opinion, a tough federal spam law would make all the difference in the world.

When police catch drug runners, they seize the drug runners possesions (house and car). Why couldn't it be the same for spammy??

Think about it -- if they would lose their computers, they would have a difficult time spamming. Couple that with some pound-me-in-the-butt federal prison time, they might get the freakin' message the they are not liked

All you would need to do is catch a handful and make an example of them.

Sure, the remaining spammies might move to another country, but at least they would be on the run.

Re:Me too

ack, this thing really worked. spam dropped down from the all-time high of 480-500 per day last week to 60 today. If only it would be so easy to go after spammers living in russia... maybe smtp as we know it could be saved;)

Re:Me too

[gooru]

I really have noticed a dramatic decrease in the amount of spam I've received in the past 4-5 days.

Wish I could say the same, but I'd say at this point, more than 50% of my spam is in Chinese, though approximately 600 spams in 5 days isn't too bad for me (currently checking spam folders).

Re:Me too

[thogard]

Problem is this guy is in a country where even if they threw the book at him they would let him off because the thought of having the book thrown at him would be too stressful.

But I'm willing to put up NZ$1000 of my very own money to get this guy in front of the courts and the reporter that turned him in will make sure it stays news.

This guy has costs Kiwi businesses millions of dollars in bandwidth costs. He sells illegal drugs. He advertises adult items to children. There ought to be something to bust him on.

He claims he has reformed but if he had, he would be naming his associates.

Re:Me too

[Bobulusman]

I don't know why people complain about this. When a company is already sending you 3-4 spams a day, every day, it's not like alerting them to an active account is going to make them send more. Those unsubscribe links work for me. I just do it about once a year to keep the spam down in my throwaway account. (Have yet to get spam in my real account)

Re:Me too

[Eythian]

Hmm let's see - an anonymous coward uses a subject line of "Me too" to provide a brief anecdote about noticing an unspecified decrease in spam received during an approximated timeframe, then speculates on attributing this to an untested hypothesis, and gets moderated "+4, Informative". Come on - you know you wanna blockquote me now, and get a +5, Funny for saying "You're new here, aren't you"...

You've been here for some time, haven't you...

Re:Me too

Because locking up drug dealers and seizing their posessions has worked so well. I mean, I can't even remember the last time I saw any non-government-approved drugs being offered for sale.

Re:Me too

Except if the virus is using your email address then that means one of three things.

1) Someone who has your address is infected
2) You are infected
3) Someone who has your email address in their cache is infected.

I would think numbers 1 and 2 would concern you and so I keep the virus notifications going on my mail server. Yes it is irritating, yes I get at least 400 notices a day (the notifications are forewarded to me as well), but I still do it.

Re:Me too

Same here, just out of curiosity was on of this guy's last batches about pharmacuticals for low low prices? Is my Viagra still on the way?

Re:Me too

[Glonoinha]

You have this guy's home address. Why not just go kill him, his wife and all his children, burn down his house and light his dog on fire? That will send a pretty strong message.

I bet he starts listing associates if you tie him to a tree and light him on fire.

You can get a lot more accomplished with a kind word and a gun than you can with a kind word alone.

Re:Me too

[johnnyb]

I hope that this will change people's minds about email marketing - there's a whole lot of it that's legitamate, but a few guys like this one give the industry a bad name.

Re:Me too

[mike77]

All you would need to do is catch a handful and make an example of them.

Funny, isn't that what the RIAA is doing to people?

Re:Me too

[johnnyb]

"When police catch drug runners, they seize the drug runners possesions (house and car). Why couldn't it be the same for spammy??"

That's a terrible law for drug runners, it would be even worse for people who are just sending email.

Honestly, even after they have acquitted someone, often times they still cannot get back their property. I don't want a police state, and I bet that you don't either.

Re:Me too

OK, I am going to assume you're not stupid, and the fact that we're discussing a spammer in NZ is irrelevant, but you sure come off as a typical American asshole what thinks his local police force has jurisdiction everywhere on the planet.

Re:Me too

[Brendan+Byrd]

i want to write that postal office dos attack... i want to write that postal office dos attack... i want to write that postal office dos attack...

Please tell me that somebody has already wrote it so that I can sleep at night, and don't have to take the responsibility of writing it myself.

Re:Me too

[wampus]

I do not have SoBig on my computer, since I run Linux & SoBig won't run on my box.

Did you try it under WINE? Don't give up so easily! Perhaps with Crossover Virus? They give a free trial, if vanilla WINE doesn't do it, that's your best bet.

Re:Me too

[JoeBuck]

Let's all fix this with meta-moderation: everyone please attach "unfair" to any moderation that calls a message "Informative" that has no new information at all.

Re:Me too

[WNight]

You need to avoid the conflict of interest. Don't let the police department keep the good, or the money from the auction.

Having the tools of your crime confiscated seems to make sense. If I rob a store with a gun, should I get to keep the gun? If you use the computer primarily for an unlawful purpose, you should have it taken away.

But, I think spam is a *very* serious crime. Nothing speeds the decay of a society faster than abuse of the commons or being encouraged to sell out your neighbors for a quick buck. These spammers are doing something they *know* nobody else wants them to do, charging the victims for it, and then whining about free speech...

We really should bring back corporal punishment. This guy deserves a couple days in the stocks and a good harm whipping. We need to make it really clear that we won't tolerate people pulling this kind of anti-social bullshit.

Re:Me too

[PhxBlue]

When police catch drug runners, they seize the drug runners possesions (house and car). Why couldn't it be the same for spammy?? Think about it -- if they would lose their computers, they would have a difficult time spamming. Couple that with some pound-me-in-the-butt federal prison time, they might get the freakin' message the they are not liked All you would need to do is catch a handful and make an example of them. Sure, the remaining spammies might move to another country, but at least they would be on the run.

Yeh, and I'd be leaving with them. I'd rather live in a country where I have to deal with spam than live in a police state like the one you just described. Of course, maybe your sense of irony is akin to that of Swift's "modest proposal," but in this medium, that's kinda hard to tell.

Re:Me too

[Rick+Zeman]

When a company is already sending you 3-4 spams a day, every day, it's not like alerting them to an active account is going to make them send more.

Yeah, then they sell it to others. If they're "ethical" you don't get any more spam from THEM, but you get more from their aliases and the other spamzoids they sell it to.
"Hey, this guy just clicked unsubscribe. That means he opted in!"

Re:Me too

[blahtree]

I don't believe it. I simply don't believe that clicking unsubscribe links adds you to other "premium" lists. It implies that the spammers care which accounts are active.

Last month, a spam shop used my email address as the spoofed source for a whole crapload of spam. I got bounces and vacation messages like crazy! So a) their list had a whole bunch of inactive addresses, and b) all feedback about the activity status of an account went to me!

It's simply not worth their time to track what's active and what's not. Just send anyways, because a computer is doing all the work. What's the difference between 10,000 valid addresses, and 20,000 partially valid addresses? Not much.

Tracking the people who *want* to unsubscribe though, that might be worthwhile. The whackos who click unsubscribe might be pissed enough to actually use the local laws to prosecute, form a vigilante mob, etc.

Best case: you get removed. Worst case: nothing happens.

Re:Me too

[johnnyb]

I could go with corporal punishment, but the deprivation of property without due process is what I find problematic.

Re:Me too

[eclectro]

true. As long as there is a demand for drugs, there will be somebody trying to provide it.

But I wouldn't say there is a demand for spam. Also, seeing a spam bust where spammy loses computer on TV would provide a large amount of emotional satisfaction to a large segment of the population, drug users included.

Re:Me too

[eclectro]

you know, I think you are not a troll and that this comes from the heart, so I will respond.

Yes, I live in the U.S. and I mention this in the context of my government doing something about spam to help me out.

I think the fact that this large scale spammer is located in NZ is an anomoly, and that the vast majority of spam comes from american sources, even though they might use overseas servers. So hence it should be my government that help deals with it.

I do not think that my local police force has jurisdiction over all the planet, and did not to mean to insinuate this.

I do think however that other countries often follow what the US does an enact legislation that is similar. I don't state this to be elitist, just making an observation.

Another large chunk of spam does come from foreign sources, primarily Korea and China. The problem here is that the governments are not concerned at all about spam, and the ISPs aren't either, and refuse to do anything about it.

That's why you see large swath's of China/Korea IP numbers on RBL lists, and soon they will be an island to the rest of the net. Maybe then they will start wondering what is happening (though China could care less about quality access anyway, they don't want their citizens visiting "subversive" websites).

No, I do not think my police force has jurisdiction everywhere. I just want to see my government do something about the problem of spam.

Re:Me too

[eclectro]

Funny, isn't that what the RIAA is doing to people?

dude, I don't know where you have been. The RIAA is suing the whole internet , not just a handful of people.

Just because the RIAA might be using this tactic doesn't make it a bad idea. Your logic is flawed.

Re:Me too

On behalf of my fellow New Zealanders, i must apologise for one of our countrymen going sour. Rest assured that he shall be hung, drawn, quartered, castrated, and have every penis enlargement pills spam email that I've ever recieved printed off, and rammed up his jacksey'.

-Helen Clark, Prime Minister

Re:Me too

[eclectro]

Hey,I'm all over due process.

Let spammy sit in front of a jury where the jury decides whether he keeps his house or car.

Then show the jury the spams that spammy sent.

I'm all over this idea.

Re:Me too

[mike77]

Now I'm not defending the RIAA by any means but...

The RIAA is suing the whole internet , not just a handful of people.

Actually if we're going by actaul lawsuits, they haven't filed all that many, last I heard the count was only in the hundreds... Thye may WANT to sue everyone on the internet, but they'll get shot down long before hand..

Just because the RIAA might be using this tactic doesn't make it a bad idea. Your logic is flawed.

In what way? I never said it was a bad idea. I just find it funny that alot of /. folk absoluetly hate the RIAA for doing this, but when it works in their favor, they love the idea...

Re:Me too

[eclectro]

hundreds, with the promise to keep on going. And I believe them.

I'm talking about a dozen spammers that are probably responsible for 90% of all spam.

So I would say there is a difference.

Also, I would say that the trafficking of my email address is a violation of my privacy.

This would put out of business the dozen spamhauses selling email lists.

Between these two things, spam declines to a tolerable level.

Re:Me too

[mike77]

hundreds, with the promise to keep on going. And I believe them.

i believe they want to also. but the public outcry will become so large at some point they'll either be forced to quit, or *gasp* realize suing their customers is a bad business practice...

As for the spammers, I have issues with "making an example out of a few" I think that's unethical. I say if you're gonna do it, go balls to the wall, and nail EVERYONE spamming, or no one. I'd argue that policy would be more effective overall.

Re:Me too

[eclectro]

The problem is with the RIAA there has been no public outcry with the exception of those of us on slashdot. I think the public at large sees filetraders as some college punk somewhere that deserves what he gets. Couple this with the good ol' American "as long as it's not me" apathy, the public does not care. Sure it's bad, but it's probably the truth.

And your right about the spammers, everyone should be nailed. The thing that most don't realize, if you nail the top twelve you nail 90% of all spam.

If anyone doubts me, look at what happened when this one NZ spammer quit spamming.

Re:Me too

[WNight]

Yeah, the lack of due process is a problem. "United States vs Ford Explorer" is a mockery of justice. But, don't give the cops the money for auctioning off that car and they'll have a lot less motivation to do so.

Ideally, the law would be changed so they'd have to prove your were a criminal before confiscating your property, but hey, America isn't concerned with justice, just expedience.

Re:Me too

[karearea]

The most ridiculous thing about this is the bullshit (comply with US laws etc) that comes in delivered to my .co.nz email addresses.

Sorry Dubya, but your laws mean nothing to me - just don't Iraq me.

Go guys - kill what's left of my karma

Re:Me too

They're citing draft bills that never became law. It's meaningless here too.

Re:Me too

That's a terrible law for drug runners, it would be even worse for people who are just sending email.

I think that spammers should be beaten with a whip until there's no more flesh on their ribs. Yes, its inhuman, but they deserve it.

Re:Me too

[Shadowlore]

In fact, most of the spam is *not* from the US. The answer to spam is seen in your next to last paragraph, which interestingly enough contradicts your third paragraph.

If service providers, companies, and individuals used spam filtering techniques and eliminated half of all spam before it ever reached a recipient, costs for spam would roughly double. This will result in a lower cost-effectiveness of spam, and thus a reduction of it. Sure, someone will find a way to get around the filters, but they will want more money for their products that do this, thus keeping the rise in costs a reality. With modern techniques and server methods, it is possible to block over 90% of spam.

You complain about others using *your* resources (your inbox, your bandwidth --that you lease), yet propose that the government take *my* resources (the money I use to feed and cloth my family and myself, not to mention that which I donate to chariries) to make you happier.

In truth, the remedy you prpose is worse than the problem, typical of a cry for government intervention. There is a history of evidence that shows that the resolution you propose will do nothing to deter the spammer, just as prohibition did nothing to stop alcohol, and modern prohibition has done nothing to stop it. Just the same, modern prohibition on hacking/cracking has done nothing to stop it, as well.

A prohibition on spam, particularly on a global network, would do nothing as well. Indeed, I'd suggest that it would make the valid ways of fighting spam more difficult as spammers would develop more of an infrastructure for avoiding detection and/or prosecution.

Re:Me too

[Shadowlore]

Also, I would say that the trafficking of my email address is a violation of my privacy.

How so?

Re:Me too

[Shadowlore]

I just find it funny that alot of /. folk absoluetly hate the RIAA for doing this, but when it works in their favor, they love the idea

Yup. Bastiat talked about it in The Law. Where people get elected to stop the injustice of a group in power, and then when they get in, they use that same abuse of power on those they just defeated.

Re:Me too

[Shadowlore]

If *nobody* bought things from spam, it would pretty well cease, as the costs would skyrocket, and spam woudl decrease. Unfortunately, people *do* buy things from spammers, and as long as it continues to eb cost effective, they will do it. And no, government regulations making it a crime (remember a crime does not simply exist, it must be created by government first) will stop it; indeed it will only make it more lucrative for those providing the tools, thus increasing it.

Re:Me too

[Bobulusman]

All I know is, after a year of not clicking any of the unsubscribes, not opening any of the e-mails, even, I have about 100 spams a day in my hotmail throwaway account. If I go through and unsubscribe to the majority of them, I will only get about 10 spams a day for at least a couple months.

Re:Me too

I do not see:

1) Why the tax payer should pay the cost of protecting private email.

2) Why you are probably complaining of too many laws and ask for more.

Also how are you going to differntiate between a spammer and an advertiser?

I believe that the answer to SPAM is clearly technical: the email header should be refined, the number of users to whom spam has been sent should be known.
Also anonymous of well identified SPAM on the header may allows software to properly distribute spam as well as emails.

Re:Me too

[Hatta]

We also need to restore due process. The law allows confiscation of property from people merely charged of a crime. The situation would be much better if property was only confiscated from those convicted. Not that the whole War on Drug Users isn't a horrible injustice, this is one of it's worst.

Re:Me too

[Nuclear+Elephant]

You don't have to click 'Unsubscribe' to verify your email to the spammers anymore. The images that load in the preview pane track the unique ID the spammers have given you, so even if you don't open the email, spammers can tell you're there just by your hilight being on it.

In our DSPAM project (http://www.nuclearelephant.com/projects/dspam/) we've noticed that a _lot_ of hot tokens seem to be email type information in image URLs. I can't really say I've gotten less spam this week because I have been getting virtually no spam since we installed DSPAM on our systems.

I'm sure this guy will pop up a few months later on some other network, perhaps with a different company name and in a different country. Enjoy it while it lasts.

Re:Me too

[eclectro]

spammy is spreading my email address everywhere to everyone so I hear from scum that I don't want to hear from.

equivalent to writing somebody's home phone on the bathroom wall down at the texaco.

Re:Me too

[mink]

As a NON AC I can say that since last friday I get almost no spam (usually about 50 or so a day) but have been getting about as many virus mails as I used to get spam.
Maybe we should start designing viruses to take out the spammers and the machines they abuse.

Re:Me too

[Shadowlore]

Sorry, but no, the spammer is not doing that, the person providing the address lists or software is. But you still have not addressed how that is a violation of your privacy.

Did you give the spammer system your email address? If so, *you* gave it out, making it no longer a "trade secret" kind of thing; it isnt private anymore. Of not, how did they get it?

If the email address is a common-configuration type, such as firstname@....com or lastname@....net or word@....com then it isn't *your* address, is it? You are merely using it. They made a random list of potential email addresses and used that. Or, they may have got it from your ISP or whomever is providing your email service.

Thus, it is not your email address and certainly not your *private* information. Thus, it is not a violation of your privacy.

Privacy violation is the wrong argument against spam, it shows a lack of thinking through the situation and it's causal factors; thus weakening or defeating your argument. The claim of privacy will not hold up on an email address. To rely on that argument is to base your foundation on a sandy beach in a storm.

Re:Me too

[Shadowlore]

But, I think spam is a *very* serious crime.
Then show us the law that makes it a crime. Is it as serious as murder, rape, kidnapoping, and molestation?

Nothing speeds the decay of a society faster than abuse of the commons

Email is not a commons, and who decides what abuse o fit is? Maybe Ashcroft decides that email unfavorable to the administration are an abuse of commons, maybe even terrorism. Maybe after massive financial backing by a large computer company, the government decides to play favorites, and makes email proposing or furthering Linux or OSX or BSD or UNix use an abuse of "the commons".

being encouraged to sell out your neighbors for a quick buck.

So how does spam do that? To be logicaly consistent, you must also seek to make other thigns a "serious crime" such as:
* Giving a referral to a salesman
* Sending MCI to your family

You see, the medium is irrelevant.

buck. These spammers are doing something they *know* nobody else wants them to do, charging the victims for it,

So let me get this straight. You assert that spammers end out mass emails (they do) that they know *NOBODY* wants them to do (which is untrue) and then charge the "victims" for it (which is also untrue). In truth, the fact that spam WORKS is why they do it.

Do I WANT commercials on my TV show or my radio show? No. It costs me electricity that I PAY FOR to power my set during those times, and in my case since I pay for my satellite service I'm paying for that commercial to be sent to my TV set. Now, clearly I do not want that. I don't see a "Commercial Channel" where I can watch "commercials 24 hours a day". Though with "Home Shopping Network" and other knock-offs, it is close.

pulling this kind of anti-social bullshit.

Ok, that's enough of your anti-social rants on slashdot, time to whip you. Who decides what is pro-social and what is anti-social? Maybe it's just me, but I don't want a power-elite to be deciding what is good for society and what is not. That, IMO is anti-social itself. Society is the result of human interaction, not mandates and regulations by a minority. Let society decide for itself, let me decide for myself what is important to a good society.

Here you are advocating violence for sending out commercial advertisements. Maybe that could be considered anti-social.

Re:Me too

[WNight]

How many people want to receive spam, often upwards of ten times more per day than email? I assert, *NOBODY*. Spam is by definition unsolicited. People who want these things can sign up. Search for it on google, there are a trillion websites offering these things.

As for cost, email costs the user because it costs their ISP. Users receiving email they don't want pay higher ISP fees for the transmission and storage of this junk.

Is it wrong to bill, even indirectly, people for listening to your ads? Yes. It's already illegal to call cell-phones for telemarketing, why is this any different?

As far as a commons goes, a commons is any shared resource. In this case, email is free to send and receive, beyond your own network costs, because it's assumed to be a desired communication between parties. If you break that implicit assumption and send me crap, you're forcing me to pay for you. Doing that to everyone abuses a common resource.

In short, spammers abuse the trust and good-will of others. What little service they may offer can be handled in better ways. They are leeches, of no value to anyone. (Besides their negative value...)

Hm, similar reductions here.

[mrseigen]

I used to get solid stuff in all of my accounts but I haven't gotten a single piece of anything in the last week. Hate to say it, but vigilanteeism is the only thing that works.

Re:Hm, similar reductions here.

I used to get solid stuff in all of my accounts but I haven't gotten a single piece of anything in the last week. Hate to say it, but vigilanteeism is the only thing that works.

"Reductions"? "Used to get solid stuff"? Man, those viagra spams have stopped!

Re:Hm, similar reductions here.

[El_Ge_Ex]

This needs to be publicised, as anything which slows down spam can only be a good thing.

That should be clarified:

This needs to be publicised, as anything (short of removing the spammer from the gene pool) which slows down spam can only be a good thing.

-B

Re:Hm, similar reductions here.

[Shadowlore]

I used to get literally hundred of spams per day. But since installing spamassassin and using a decent RBL, I've seen very very few spam, and sometimes go weeks w/o getting any spam in my inbox. And my email addresses are all over the place. I don't try to hide them.

Glad to say it, your assertion that vigilanteeism is the only thing that works is flat out wrong.

Are we sure?

[RT+Alec]

I have noticed a sharp drop in spam the past few day, too. I attributed that to the recent SoBig.F craze sweeping the nation (and beyond). Is there any definative evidence?

While I am skeptical, I am also hopeful. If he has indeed been the cause of so much of the spam I have seen recently, then this ought to serve as a wake up call to anyone looking to fill his shoes.

Re:Are we sure?

... "fill his shoes" ??

Re:Are we sure?

[I+Want+GNU!]

Many spammers use systems with holes in them. So if we have the slammer and sobig worms going around, maybe these are infecting spammer machines and preventing spam from occurring somehow. Then again, I've read that "experts have speculated that Sobig.F, which affects only machines running
Microsoft Windows, is setting up computers to become spam generators."

Re:Are we sure?

[leviramsey]

Also, with various mail servers being swamped with SoBig mail, I don't think much spam can get through.

Re:Are we sure?

[andrewski]

I have a feeling that the large-time spammers don't really sit around r00+ing boxes to spam with. These guys are transfering gigabytes per day of spam. They are doing so with the blessings and services of hosting companies. The only reason a hosting company has for shutting down a spammer is that they've been blackholed. This is the only thing that works. I have NO pity for folks who also have hosting from these scumbags who are collateral damage. Find a new hosting or colo company or feel the wrath.

The different governments ESPECIALLY the US federal government feels that spam isn't their problem. The only recourse are semi-vigalante operations such as blacklists. God bless 'em.

(P.S. Don't say 'well, how did we know?' You learn when your clients can't get their mail or whatever. You then switch hosting co's to a less scummy operation. Vote with dollars people.)

Re:Are we sure?

[Zocalo]

Aside from the possibility SoBig.F is building another SpamNet, in which case we are about to have a *major* deluge of spam, I suspect SoBig.F is the real cause of the slowdown for other reasons. The NZ spammer, Shane Atkinson, is not even listed on Spamhaus' ROKSO list, so unless he's only known there by a company name he's probably small beer.

On the other hand, we have a myriad of compromised Windows boxes sending out new copies of SoBig.F, and poorly configured corporate mail scanners bouncing them back to their faked addresses. All this adds up to a massive strain on ISP's mail gateways, some of which are going to be used to send spam. I suspect the spam is just being slowed to a crawl by the sheer volume of SoBig.F and normal spam inconvenience levels will be restored soon. My money's on September 10th...

Re:Are we sure?

[martingunnarsson]

Well, they say a few spammers produce like 90% of the spam, if that's true there's still hope!

Re:Are we sure?

[symbolset]

I think we can attibute this to ISP's new attention to firewalling. I believe that in the light of Blaster many ISPs are filtering the ports that should have been shut down on Winoze boxes by default. Hence, the spamzombies are not getting their instructions. Our respite will probably persist until newly engineered spamzombie software is available. Recent experience says 3-4 weeks.

Re:Are we sure?

[Red+Pointy+Tail]

Most of the spam I received seems to be the ones published at my company's website (e.g. jobs@yourcompany.com or support@thiscompany.com ... it gets redirected to my mail account). Seems like his modus-operandi is to scour the web for addresses. I would suggest that everyone (who has not done so) to scan in a PNG of any email addresses they want to publish instead of keying it in HTML.

And yes, tricks like dontspam_at_mycompany_DOT_com doesn't work with the smarter spammers.

Re:Are we sure?

[finallyHasANickname]

Jeez. I just thought of another vexing thing. Surely John Ashcroft would look the other way if everyone did a DoS/slashdot to the genuinely vile links from ratware distributors.

Re:Are we sure?

"P.S. Don't say 'well, how did we know?' You learn when your clients can't get their mail or whatever. You then switch hosting co's to a less scummy operation. Vote with dollars people."

Yes because this is always finicially and pratically feasible. Its not always just 'scummy' hosters that get blocked either. Not to mention that spam blacklists are notoriously militant, spiteful, prone to running vendettas and they are answerable to nobody. They have been known do stupid things like block entire countries. It should also be noted as a hosting company that once you have eliminated the spammers on your network it is no guarantee that you will be un-blacklisted.

This is a case of it doesn't directly effect me so I am all for it. Then of course you will be crying foul when it does. Probably complaining the loudest too.

Re:Are we sure?

[Shdwdrgn]

You have obviously never been on the receiving end of a blacklist. I look at the mailing lists and all I see are a bunch of jerks acting as if the provider is always at fault, and that everybody has a choice who their provider is.

In the past week, I've had some messages start bouncing. A lookup at http://openrbl.org/ shows 0 positives on my IP, yet for some reason I'm getting bounces claiming both SPEWS and Osirusoft are rejecting me. It would be nice to find out what's going on, but both of their websites are unaccessible. The only reference I could locate to others in my /24 block was the local Catholic School having an open proxy (NOT an open relay), but no reported spam.

So is my ISP being lax in their anti-spam policy? I could only find 1 report of a known spammer operating from my ISP's address block in the past year, and that one appeared to have been picked up from their purchase of another provider. Sounds to me like they are doing their job.

And don't give me any of this BS about 'well the ISP had their chance to shut down the troublemakers before they were blacklisted.' Where the hell was *MY* chance to do something before *I* got blacklisted?

I've been using ordb and spamhaus to filter incoming mail for the past severl months, but had never really read any of the mailing lists to see what was going on. Quite frankly I'm amazed at the attitudes. The scenario that comes to mind is this... On the block where I live, someone who I have never met gets a DUI while driving (someone spams). The court orders them to attend classes about drunk driving (send a message to ISP to get rid of the problem). The person never attends those classes, so the city takes away the driver's license of EVERYONE on the block (blacklisted). Of course, nobody on my block has any idea what was going on, and if we had, we may have been able to put some pressure on the individual to make changes, but no, the city doesn't care about that.

In my case (with the discovered open proxy), it's a little more incredible... A neighbor lends his car to someone else, and even though that person drove safetly and there were no reported incidents, our whole block has restricted anyway.

I'm going to keep using RBL's on my mail server, but I'm going to do a little more research into who I'm using. It's a great concept, but I've seen too many people on huge power trips now to explicitly trust what they are telling me should be restricted.

Re:Are we sure?

[Zocalo]

ISPs filtering their customer's ports? Now there's a lovely can of worms I've been discussing with a friend at work on and off for a while. He's quite staunchly opposed, where as I'm kinda for, but can see the issues that would be raised with regard to common carrier status could cause problems. Let's face it the Internet would probably be a better place if certain ports were blocked at an ISP's customer facing routers. NetBIOS, DCOM (I'm getting about 40 hits a minute on my DSL firewall from that one at present) and a few others for a start.

The most obvious issue is who get's to decide what is blocked given the possible candidates; the ISP, ICANN, local government or some other body? My current ISP blocks SMTP inbound by default on its DSL lines to prevent boxes being used as relays, but will remove the block on request when they have checked the IP is secure. This is perhaps the way to do it; block the ports by default, but remove the blocks on request if you can justify the need and prove security.

Besides, if you really must run some of those Microsoft centric protocols over the Internet, well, have you considered VPN? If not, do so!

Re:Are we sure?

[Suidae]

I like ISPs filtering incoming ports, as long as they will allow the user to turn off filtering if he wants, without charging extra for this 'feature'.

Re:Are we sure?

[ajs]

This is the only thing that works. I have NO pity for folks who also have hosting from these scumbags who are collateral damage. Find a new hosting or colo company or feel the wrath.

And it's exactly that attitude that devalues your blacklist with software like SpamAssassin (since it actually looks at the real-world impact to a user who *wants* to get their legit mail of each blacklist's performance history). Your blacklist's opinion will still be noted, but unless you carefully prune your list on the basis of minimizing collateral damage, you will be out-voted by other, more fastidious blacklists.

Re:Are we sure?

The only reason a hosting company has for shutting down a spammer is that they've been blackholed. This is the only thing that works. I have NO pity for folks who also have hosting from these scumbags who are collateral damage. Find a new hosting or colo company or feel the wrath.

Oh, if it were just that easy. We're not just talking about copying a few files. Many companies at colocation facilities cannot simply 'switch providers.' The logistics of that are a nightmare. It'd be like saying, oh, just move your entire office ... chop, chop!

Our company has been looking to move to a colocation facility. In terms of service and support, we chose RackSpace.

We were working out a contract with them. Now we've run into a snag. They have had a history of not dealing with spammers quickly, and being blacklisted. The problem is, a little over a year ago, they remedied this... they now react very swiftly to spammers. Yet they are still blacklisted in a lot of places.

It's one thing to blacklist the spammer, but to blacklist an entire ISP with a huge number of legitimate companies which cannot simply move their entire company without suffering major financial damage is borderline harassment.

Suppose this happens, and the legitimate companies eventually convince the ISP to remedy the problem or they'll leave. Do you really think these blacklist sites take the ISP off then? Oh no, it could take months or years to fix the damage. It's ridiculous.

As someone that maintains a mail server, I will find other ways to combat spam.

Re:Are we sure?

[frankie]

Its not always just 'scummy' hosters that get blocked

What do you mean by 'scummy'? I define it as any host who doesn't boot all spammers (whether direct sender, web site, dropbox, etc). So for example, I would say that Cogentco, Internap and UUnet are scum. Not to mention the usual sleaze-hosters like VSNL, ValueWeb, and the entirety of Brazil.

doesn't directly effect me so I am all for it. Then of course you will be crying foul when it does

A few years ago, JHU was put on blocklists during two consecutive Septembers. We didn't complain, since we fully deserved it (freshmen with open relays). Since then we firewalled SMTP to allow only approved servers, and now we're fully de-listed.

If blocklists didn't work, sysadmins wouldn't use them.

Re:Are we sure?

[frankie]

I'm getting bounces claiming both SPEWS and Osirusoft are rejecting me. It would be nice to find out what's going on

Well, you could always RTFM. Post your question on NANAE or NANAB and the group will tell you exactly why you're in SPEWS.

Re:Are we sure?

[Glonoinha]

-They have been known do stupid things like block entire countries.

They only block the evil countries. I mean it isn't like they blackholed Germany or England or Finland...

Re:Are we sure?

[netruner]

I may get flamed for proposing this, but on my way to work this morning, I thought of something: In the current climate of anti-privacy that we are experiencing, doesn't the flurry of spam make it harder for someone to spy on your email? I mean, if there's that much crap a potential spy has to dredge through, isn't it harder to pull out meaninful stuff? We have a hard enough time filtering the good stuff out of our own email, imagine what a privacy invader has to go through when they're looking at many people's email.

Re:Are we sure?

[johnnyb]

So you think people are scummy who have other things to do than follow your "shoot first ask questions later" approach to your annoyances? I think that just means they have a real job.

Re:Are we sure?

[Politburo]

I agree with some of the other posters. As long as there is no extra charge, and you can "opt-out" by 'proving' you have a secure service, I would be for ISP level firewalling of some ports. Once it begins to limit my ability to use the internet, however, is where it stops.

As for common carrier status, while my ISP (optonline) does allow incoming connections, the EULA states that no servers are to be run (ha). I am not familiar enough with common carrier regulations to know if this is acceptable.

Re:Are we sure?

[Twanfox]

As long as there is no extra charge, and you can "opt-out" by 'proving' you have a secure service, I would be for ISP level firewalling of some ports.

Secure service? Isn't that a technical impossibility in the modern day Internet? After all, how do you prove you have a secure service, they try to hack into it? They take your word for it?

No, I do not want my ISP filtering jack crap for me. I don't trust their judgement, and I'm not paying for filtering and not getting it slammed down my throat because of some paranoia. Block open relays, fine. Block problem users, fine. Don't block people that aren't doing anything wrong on the possible threat of a problem. Some users are already smart enough to install and use firewalls of their own.

Re:Are we sure?

"definative"

Learn to spell, you complacent moron. God, I hate stupid idiots like you.

Re:Are we sure?

If you're using a Hotmail account, mine is getting considerably less (especially compared to my own domains), starting this weekend. On the order of two or three per day, instead of twenty. Have they just upgraded their filters?

Re:Are we sure?

[Brendan+Byrd]

You can be on SPEWS for giving the wrong look. Seriously, SPEWS is an incredibly bad blacklist. The notion of throwing out entire IP blocks, entire ISPs, even entire backbones that MIGHT support spam, is entirely insane. The list is such a joke that the RBL test may be taken out of SpamAssassin in the next version.

The only thing more inaccurate than SPEWS is URBL. (And yes, that is a subtle joke.)

Re:Are we sure?

[WNight]

I want a blacklist with maximum collateral damage. People should know that the company they pay for hosting is providing bad service and is unable to send email to much of the internet because they provide a safe-house from criminals.

But, I want this black-list to be responsive and take companies off when they clean up their act. Otherwise there's no incentive.

Hit people with a really big stick when they sell the rest of us out for a back, stop as soon as they do. Hmmm, taken literally this could work really well!

Re:Are we sure?

[frankie]

You can be on SPEWS for giving the wrong look.

Prove it. From the evidence that I've seen, IPs are on SPEWS if their host refuses to dump spammers. Period.

The list is such a joke that the RBL test may be taken out of SpamAssassin

Not a joke, just a different purpose. SpamAssassin treats symptoms, comfortably like NyQuil; SPEWS treats disease, painfully like chemotherapy. It's the wrong blocklist if you want to avoid false positives.

SPEWS intentionally blocks other customers of a spam-friendly hosts in order to elicit financial backlash against the host. Like it or not, many sites prefer to use SPEWS for this exact reason. Its spammer kill rate is indisputable; hosts on SPEWS either deal with their spammers or lose their legit customers.

Re:Are we sure?

[ajs]

Yes, that's called the "neener, neener, I can't hear you!" school of spam-blocking otherwise known as the "walk loudly and swing a big stick blindly at anything that moves" approach.

Woefully, it turns out that a) most people care more about getting mail from those they care about more than not getting mail from those who they don't and b) "I want [...] maximum collateral damage" doesn't work out so well as a justification for investing time and money in running a backlist.

The folks who take blacklists seriously are looking to get a wide and deep audience of end-users so that they can help to make the net more spammer-hostile as a whole, not just eliminate a few extremists from the lists. You see, it's not *you* that spammers care about and as long as your list only gets looked at by those like yourself, the spammers are happy.

Re:Are we sure?

[Shdwdrgn]

Your reaction is exactly what the problem is... You act as if everyone is automatically guilty. I challenge you to show me ANY provider who has not hosted a spammer at one time or another. And the bigger your provider is, the more likely that there will be multiple spammers at any given time.

I bet you would blacklist any provider who was discovered to be the source of a hundred spam reports in a given month. In your narrow viewpoint, a spammer is a spammer, and a provider is a provider. But get real! How many things are you purposely ignoring just to make the data fit your perseptive?

Do you expect ISP's to automatically disconnect a customer just because some random group on the internet *says* that person is a spammer? Sure it helps when the emails in question are provided as proof, but what steps were taken to show that the IP wasn't spoofed?

What about the SIZE of the provider? If a mom&pop shop is hosting 3 spammers in their base of 100 users, this is significant. If a nation-wide provider is hosting 3 spammers out of 20 million users, that's not exactly spam-friendly, it's just new users getting lost in the shuffle. And what if that provider actively terminates the accounts of those 3 spammers, but picks up 2 more that month? OMG that provider hosted FIVE spammers this month, they must be spamer-friendly!!! Give me a break.

I've even seen suggestions that ISP's should be responsible for doing a background check on each of their customers. Are you people really serious? That costs time and money. Who pays for that? I do, of course. And how is this any different from the time/expense that I incur from downloading the spams in the first place? And do your reasonably expect any business to perform a background check on 20 million customers on the off-chance that one of them may be a spammer?

From what I have found on google, I must agree with the general consensus... If someone is going to run an RBL, there MUST be responsibility. There are several lists out there which seem to have a good track record. Some just has too many complaints against them. For me, it is no better that having a spam filter set up too restrictivly... If there are too many false-positives, the list is virtually useless, and at worst, destructive to your initial cause.

Re:Are we sure?

[Brendan+Byrd]

I understand the point of trying to establish a "protest" RBL, but in order to successfully protest something, you must target something that everybody uses. Hardly anybody uses SPEWS. The two kinds of people who use SPEWS are:

1. Small-time folk who understand the risks of using SPEWS and know that legitimate mail gets blocked.

2. People who heard of SPEWS without researching it and rely on the false pretence that all RBLs are real lists of spammers, without any innocent victims. (This is the point of the URBL: to educate net admins the dangers of implementing a RBL on a server without researching it throughly first, by listing every single IP in IPv4.)

Thus, your "statement" has no impact, except for the innocent victims in point #2. They will simply demand that their ISP remove SPEWS from their RBL list, and after some research, they will remove it, and you lose another RBL "customer". People in point #1 already believe in anti-spam, so your statement has no impact on these people, either. (IOW, preaching to the choir.)

The big spammer hosts don't care about RBLs, and the big ISPs don't use your RBL because it is too hostile. So the only point of your RBL is to piss off the uneducated end users, who in turn get pissed off at the uneducated network admins. Sure, it may be a lesson in RBL education, but unlike the URBL, it takes a while before you get burned by it.

If the only point of your RBL is education, just drop it and let URBL that end of things.

Re:Are we sure?

[Politburo]

Some users are already smart enough to install and use firewalls of their own.

The truth is, we are a minority, and we are going to have to learn to start accepting that. Part of that will be added work to do what we want to do on the internet. It's either bitch about worms and viruses and spam, or bitch that it took an ISP 2 days to open up a port for me. Which one is better, for you? And which one is better for the internet in general?

Re:Are we sure?

[WNight]

Since when is making sure their clients email is received by other hosts not an important part of their job? It's a tough job, but if they slack off it creates a thousand times as much work because admins around the world have to clean up after the criminals the first ISP is hosting. And everyone else has to do it for free.

You don't have the right to send my clients email, you have the privilege of asking if we wish to receive email from you.

There's a few simple things to do that would stop 95% of the spammers. Block outgoing port 25 by default, and limit the ammount of outgoing email (and the number of CCs each) by default. If anyone needs to connect to a different server, open it up for their IP. If anyone needs to run a mailing list, remove the restriction for them.

Re:Are we sure?

[WNight]

It doesn't have to be cut and dried. An ISP could filter attack packets (malformed RPCs, or Code-Red, etc) without filtering all access to those ports.

ISPs should scan outgoing packets for attacks though, and shut down users who are sending them.

Re:Are we sure?

[symbolset]

Here's the CNN report that just hit:
The aftermath of cyberattacks

As a result of the Homeland Security advisory, administrators at Internet service providers, including Cox Communications and AT&T Broadband, decided to cut their systems off from inbound access to the three ports recommended in the advisory: numbers 135, 139 and 445.

Unfortunately, blocking these ports cuts off several other legitimate applications, including the ability of remote users to get their e-mail from Microsoft Exchange servers across the public Internet.

So our respite is due to the fact that every MS Exchange server on the Internet has been neutered.
Yay!

Re:Are we sure?

[PapaZit]

One of the blacklists (ORBS, maybe) used to scan for open relays. They hit the university where I work. We noticed the scan and sent a "Knock it off" letter to them.

You'd think they'd WANT people to aggressively pursue relay exploiters. Instead, for the crime of proactively noticing and refusing attempts to use us as a relays, we were permanently blacklisted by them and they didn't respond to any further attempts to contact them.

People complained when their mail to parents at podunk.net (or whatever other small-town ISP) bounced. Our response: tell your parents to use a different ISP with a smarter blacklist. Many did. Others convinced their ISPs to stop using that blacklist.

So, the economic sword can cut both ways. You're more likely to be hit by the backswing when you're too aggressive.

Re:Are we sure?

[WNight]

You just need to let people know that the reason they can't receive email from Grandma is that her "Internet Company" is doing things incorrectly.

Explain to your customers that her company is targetting child-pornography and other offensive/illegal spam at your users and it's impossible for you to tell the difference between these offensive emails and the legit ones. Then, for bonus marks, ask "Do you want us to set your account to receive all these kiddy-porn spams.... so that you can talk to Grandma?"

What we really should do is completely blackhole spam friendly ISPs, not just for email. If they couldn't reach half the webpages (and received a page explaining why when they tried) they'd leave these companies sooner.

It's unfortunate that people are caught in the middle, but you're voting with your dollars. If you choose to patronize a company that makes it harder for everyone else on the net to provide service, you shouldn't expect a free ride just because it's all so confusing and so much trouble to switch.

If I sold your car to someone, would you give it to them because it really wasn't their fault and they just wanted to drive and not be concerned with all this fiddly legality? I know some companies that have to hire extra techs to handle spam and virus-related DoSs, this isn't just a matter of hurting the users out of spite. Stopping spam is a matter of life and death for smaller companies.

Re:Are we sure?

It is very clear that the reduction in spam was caused in part by the MSBlaster worm. As you know, there was a rush to upgrade and run virus scanners. This not only eradicated the MSBlaster worm but also eradicated the spam proxies the spammers secretly installed on people's machines from the earlier SoBig.E infestation.

So, now the spammers were left without their spam proxies... so they released the SoBig.F virus, but in a way as to allow the spammers the ability to re-infect them with new strains.

Now, since there are so many strains out there, each one containing new lists of secret servers, the Authorities couldn't stop all of them, so some have actually made connections with the secret servers and have already created new spam proxy servers.

This is why you are getting so many SoBig.F .pif attachments.

Re:Are we sure?

[ajs]

Someone said this, I kid you not:

Then, for bonus marks, ask "Do you want us to set your account to receive all these kiddy-porn spams.... so that you can talk to Grandma?"

Ok, so ignoring the customer support hell you would be thrown into as a result of using "kiddy-porn" and "Grandma" in the same sentence on a support call, what you suggest is impractical.

Either you have to take AOL's approach (block everyone, and then let back in those who demonstrate that they are very large and influential) or you need to take a somewhat more intelligent approach.

Stopping spam is a matter of life and death for smaller companies.

Yes, but you don't have to shoot yourself in the foot to do so. I, for example, am on a "hostile" network, and I'm not moving any time soon. You would choose not to talk to me, and that's fine. However, if an ISP chooses not to talk to me, they're going to get complaints from their users that they can't do things like corrospond with the maintainer of some of the software they use. They can choose to ignore that, or they can take the high road and filter *spam*, and leave the legitimate mail alone.

The problem with companies like AOL is that they handle so much mail that they feel the cost of looking at mail and determining how valid it is would be too costly. I think in the long run, the companies that accept that cost are the ones that people will want to do business with. After all, how much is spam-free mail that *doesn't* limit your options worth?...

Re:Are we sure?

[andrewski]

Request testing as follows:
To: retest@relays.osirusoft.com
Subject: relay:a.b.c.d where a.b.c.d is the IP address you want tested.

And from the SPEWS mini-faq:

First of all, let's dispel the myths with a few facts about SPEWS:
SPEWS isn't blocking anyone.
SPEWS is NOT about open relays.

In a nutshell, the answers to your questions are this:

1) YOU aren't listed, your provider is listed.
2) YOU can't get unlisted, ONLY your provider can get unlisted
3) SPEWS does not take emails, send emails, or otherwise communicate other than their page.

If your provider is listed, your choices are :
A) Live with it.
B) Move
C) Get your provider to boot their spammers and the listing will eventually go away.

THERE IS NOTHING YOU CAN DO TO GET UNLISTED SO DON'T BOTHER ASKING! CONTACT YOUR PROVIDER! And if they claim it's something other than their own fault for ignoring complaints and continuing to harbor spammers, tell them you are leaving. Demand a refund and take your business elsewhere. They are lying to you.

Details:

SPEWS isn't blocking anyone.
SPEWS is just a list of IPs owned by companies who allow their connections to be used for abuse, mostly spamming. If your provider is listed it means they are harboring spammers and ignoring complaints. That doesn't block anything or anyone. People and ISPs around the world who want to protect their networks, their servers, their users, or just their own box from abuse choose to use black hole "blacklists" such as SPEWS as a reference guide. Each of these individuals and companies who choose to use SPEWS' list are doing the blocking. If your email is bouncing based on a SPEWS listing, it's because the person or the ISP on the other end is blocking your emails, not SPEWS.

SPEWS is NOT about open relays.
If you got the idea that your email is blocked because of an open relay issue, you are most likely wrong if you were referred to SPEWS. SPEWS isn't a list of open relays. SPEWS is a list of IP addresses owned by providers who harbor spammers.

Re:Are we sure?

[andrewski]

You act as if everyone is automatically guilty.

This is the point. If enough people use SPEWS the scummy fuckers you give your money to in exchange for hosting may feel the burn. The general consensus is this: Spammers use certain ISPs because they are permissive and even helpful for spammers. SPEWS kicks those ISPs in the nuts.

If you really want to know why you are listed, ask on the list. They aren't assholes, just stridently anti-spam.

Re:Are we sure?

[schon]

You're ignoring some (very major) points.

You have obviously never been on the receiving end of a blacklist.

Well, I'm a sysadmin at a small ISP. Some of the IP addresses we assign to customers have been blacklisted in the past (although none are now.)

We've never had all of our Class-C's blocked, but that's because we are a responsible ISP.

What you're missing is that SPEWS (et al) don't immediately block every IP address as ISP has - they blacklist the individual IP addresses, and if the ISP doesn't respond to complaints, THEN the entire netblock gets listed.

If your school was listed, then it's because it was relaying or originating spam, and the ISP did nothing about it.

I look at the mailing lists and all I see are a bunch of jerks acting as if the provider is always at fault

If the provider allows spammers on their networks, then they are at fault.

A lookup at http://openrbl.org/ shows 0 positives on my IP, yet for some reason I'm getting bounces claiming both SPEWS and Osirusoft are rejecting me.

I'd like to believe what you say, but my experience says that it didn't happen - would you mind posting your IP address (or the netblock you belong to) so I can verify this for myself?

The only reference I could locate to others in my /24 block was the local Catholic School having an open proxy (NOT an open relay)

Perhaps you're not aware, but most open proxies can be (and are) used to relay email. So your attempt to differentiate them is moot.

And don't give me any of this BS about 'well the ISP had their chance to shut down the troublemakers before they were blacklisted.' Where the hell was *MY* chance to do something before *I* got blacklisted?

Well, your ISP should have notified you. If they didn't, then they are being lax in their duties. (Probably the same laxness that got them listed in the first place.)

The scenario that comes to mind is this... On the block where I live, someone who I have never met gets a DUI while driving (someone spams).

No, it's nothing like that. A better (but still slightly flawed) analogy would be someone who lives in your house borrows your car and gets a DUI, ignores the restrictions, and continues driving drunk. So the judge confiscates your car because you continue to allow him to use it.

Keep in mind - the remote mail servers do not belong to you. Nobody is required to receive your email. If you have a problem because your ISP got your IP address blocked, then the issue is between you and your ISP.

Re:Are we sure?

[johnnyb]

"You don't have the right to send my clients email, you have the privilege of asking if we wish to receive email from you."

I see this a lot, but it's always without justification. Could the same thing be said of people's web pages who are slashdotted? It's basically the same problem - a lot of unwanted traffic. However, somehow slashdotting is fun while spamming is so eeeeevil that it's a crime worse than just about anything.

Re:Are we sure?

[WNight]

You don't have a right to fetch a webpage from my server either. I can shut down your access if I want. Look at Bugzilla, it already blocks anyone coming from Slashdot.

Your post would only be relevant if you were forced to serve pages to me against you will.

Ignoring someone is perfectly valid, be it email or web requests. If you abuse the system I'm going to block you from wasting my resources.

Re:Are we sure?

[johnnyb]

So how is that different from SPAM? You can always shut off access to email based on the relaying host.

Re:Are we sure?

[WNight]

If you're financing the companies that support spam, and doing so knowingly, then you're part of the problem. You're just arguing against sanctions because you're lazy and don't want to have to choose another host.

IMHO, you're a perfect example of why black-hole lists will work. Some people will get annoyed at not being able to reach you, but they're customers of yours, if they can't reach you they can't pay you. Eventually when enough of your customers decide to go with someone else - remember that your blocked email appears exactly the same as you choosing to not respond - you'll come around.

But, if everyone coddles you, and accepts gigabytes of spam as the price for doing so, you'll happily continue to support the spammers. All because it's so terribly hard to pick up a machine and move it from one server park to another. Cry me a bloody river, I've put in way more work filtering spam.

Re:Are we sure?

[WNight]

Which is exactly what I said. You don't have a right to send me email, so you have no right to complain when I decide not to accept it. Just like you have no right to get a webpage from me, you only have a right to ask for it. If I don't send it you can't sue me.

This is why spammers are barking up the wrong tree when complaining about blackhole lists. Nobody has to deal with you, if you're an ass, they'll choose to do business with someone else. As long as they've got a documented example of you being an ass (spamming) they're immune to charges of slander/libel in telling people to ignore you as well. At least in the USA, truth is an absolute defense.

Re:Are we sure?

[ajs]

Whatever. Good luck with ignoring everyone, I don't think it's a particularly good way to go about communicating.

Re:Are we sure?

[WNight]

If you refuse to move away from ISPs that host spammers you not only don't leave me much choice, but I don't really want to talk to someone who makes the spam problem worse through his unwillingness to help.

Think of it this way. I can cut you and a few other ISPs off and have 2% of the spam I would otherwise, so that I can communicate with everyone else without trying to find the real email in a haystack of spam, or I can "communicate" with you which seems to mean bending over and accept whatever ammount of spam your ISP-mates wish to send me, and miss real communications in the flood.

Besides, you have to black-hole less far less than 1% of the internet (on the "dedicated-spammer, won't change" list) to block over 90% of the spam. That's not everyone I have to ignore, but the more popular black-hole lists get the more people are ignoring you.

Re:Are we sure?

[ajs]

I won't argue your core point any further, but DO NOT refer to me as someone unwilling to help. I contribute to anti-spam software and manage our anti-spam efforts at work. I am NOT a spectator.

Re:Are we sure?

[Twanfox]

It's either bitch about worms and viruses and spam, or bitch that it took an ISP 2 days to open up a port for me.

What I am concerned about is when you request an open port from the ISP, and the ISP goes "No, sorry, we don't want you to do that at all." Simple request on your part, but the power isn't in your hands anymore (beyond ditching that company and going elsewhere, if that's even an option).

Even worse is when the ISP "knows better than you" and causes problems in your service because of their firewall settings (idle connection timeouts too low, bad filters, etc). Two days of asking for the port to be open turns into two weeks of trying to get the non-techie on the customer service side to understand that their firewall is misconfigured, and that it's causing you problems and disrupting the very reason you got service through them. Or better yet, a blanket policy of not fielding requests to open ports at all as it would add too many burdens on their Customer Service staff, since companies are so concerned about the bottom line.

Thing is, firewalls never have block spam or viruses. They barely stop hackers, and that's only when they are going after internal only services (as those services exposed to the internet are free beer for bring broken into). Firewalls are not an end all, be all solution for internet security, and it's sad that people seem to think they are.

You want to defend against worms, a firewall is probably ok.
You want to defend against viruses, antivirus software is your best bet.
You want to defend against spam, email filtering technology is ideal.

Some of these can overlap (email filtering blocking email worms/viruses), but a firewall is not the ideal way to block everything, and only curbs some of the problems on the internet currently. However, as a method to control where a person goes and what they can do on the internet, a firewall is ideal.

NEW CATEGORY NEEDED

ads.slashdot.org

Re:NEW CATEGORY NEEDED

> NEW CATEGORY NEEDED ... ads.slashdot.org

Hardly.

But perhaps "spam.slashdot.org" ?

sounds like...

[Spytap]

Sounds like we're about to enter the times of the Wild Wild Web, where vigilantism and marshal law run wild....sounds like fun to me!

Re:sounds like...

[andrewski]

Wiggy wiggy scratch yo yo bang bang!

Re:sounds like...

[darkov]

I hope so. One brutal public execution of a spammer by a wild mob would stop spam overnight.

Another strategy might be to bait psychopaths with spam mails "look what this guy sent your momma" then direct them to the spammer's residence.

Re:sounds like...

[azaris]

Sounds like we're about to enter the times of the Wild Wild Web, where vigilantism and marshal law run wild....sounds like fun to me!

"Vigilantism" is caused by the lack of law-enforcement authorities taking action. If nobody is willing to investigate these spamhausen, then it's up to the spam victims to have them shut down.

Re:sounds like...

[Tom]

not enter - reenter.

Re:sounds like...

[SphynxSR]

It is funny, but it is better than letting the government get their hands on it. Once the government get their hands into something they don't let it go. Also you can look at this as the beginnings of new nation. Their were no laws until the people got together and formed their own. I don't physically hurting anyone who spams. But you can make thier lives a living hell.

Re:sounds like...

[just+fiddling+around]

Especially when Will Smith's partner will come disguised as a fat woman and hit the spammer between the eyes with his bra-contraption!

Re:sounds like...

[cOdEgUru]

I do not know who is more disturbing (or vaguely exhilirating)..the poster who wants to (1) burn the spammer (2) bait psychopaths OR the moderator who actually modded this up as "Interesting"..

Spammers are gonna take one look at this and go "Oh shit!..now these bastards are not even modding it up as Funny!!.. This time its "Interesting"!!!."

Re:sounds like...

[darkov]

Oh shit!..now these bastards are not even modding it up as Funny!!

Maybe everyone has lost their sense of humour when it comes to spam. And remember that Slashdot is mostly American - and they love a good execution. Especially the Texans.

And I hope the authorities don't find that post if a spammer is killed by a wild mob or mental patient. Won't I have a red face!

Re:sounds like...

[haggar]

One thing you are missing: psychopats are not stupid. They are absolutely insensitive to other people's feelings and needs, to the extreme, in fact (widely considered the most destructive social group in any society), but not stupid.

I would argue that most if not all spammers are, in fact, psychopats!

Re:sounds like...

[bheerssen]

Err.. no. These types of vigilante actions would have little to no affect on the majority of spammers. I base my position on the fact that all the draconian drug laws, and all the hundreds of thousands of cops in the U.S. have utterly failed to stem the tide of drug trafficing. In fact, the illegal drug trade is doing as well as it ever has, monetarily speaking, and the hard-line position of the federal government (and local governments) has only served increase the level of violence across the board.

A corrolary also exists in the use of the death penalty. The death penalty does not discourage murderers. The fact is, people do not weigh the consequences of their actions evenly - some do not factor them in at all. Those that do, do not need such violent and permanent examples to modify their behavior - lesser consequences have the desired effect on those people. So, your angry mob can only increase the level of violence. It can never have any other effect because some people simply are not reasonable and will not pay any attention until they get strung up. Some other people will never learn any lesson from the example of the first, so the cycle continues.

Re:sounds like...

spam doesn't give ppl pleasure like drugs motherfucker.

No wonder...

[TypoNAM]

... I haven't seen much spam in my inbox lately. But yet spam from my hotmail account is just the same, damn Microsoft for using their hotmail users as a spam whore for money. :P

Re:No wonder...

[bedessen]

It's not that microsoft is somehow selling hotmail names. That would be a terrible business decision for them, as it costs them an arm and a leg to deal with spam. If there was a way that they could easily stop it with no false positives (pipe dream, alas) they would. Otherwise they're stuck paying for the enormous bandwidth and storage costs associated with running hotmail.com and msn.com. (Yes, I know there's ad money involved, but I would wager it doesn't come close to paying for operations.)

The reason hotmail.com is such a spam hole is precisely because it's so popular. Spammers pound the hotmail mail exchangers relentlessly, throwing any sort of likely username pattern at them and seeing what doesn't bounce. I'm sure if MS published their hotmail rejection logs it would be hundreds of thousands of "aaa1aa3a2: 550 No such user here", "aaa3aa4a2: 550 No such user" and so on. The spammers know that there are millions and millions of hotmail accounts, so if they just spew user names fast enough they're bound to get enough successful deliveries to make it worthwhile.

Re:No wonder...

[bigmouth_strikes]

I get approximately 2 spams a week on my hotmail account, so it is not Hotmail itself that is at fault. Maybe you should think about how you protect your address.

Re:No wonder...

[finallyHasANickname]

Otherwise they're stuck paying for the enormous bandwidth and storage costs associated with running hotmail.com and msn.com. (Yes, I know there's ad money involved, but I would wager it doesn't come close to paying for operations.)

::::dumb look:::: Wait. Ohhhhhhh. I know what you mean. Somebody's gotta pay the people who stand in line to step up onto the porch where the guy is standing there with his lever to let people fall through the trapdoor when the customer lady conspicuously mouths but does not audibly utter, "No!" with shoulder gesticulations after 200 focus groups have worked on tuning the ad content toward the demographic of people who are in the market to choose their first ISP. You mean like that? :-)

Re:No wonder...

[eclectro]

interesting. I have had a huge decrease in my hotmail account. You must be on a different list.

We just need to find your spammy and cap his butt.

Re:No wonder...

[thynk]

Yea gads! One of the funniest posts I've read tonight and me with no mod points. Give yourself a +1 funny.

Re:No wonder...

[fermion]

While I do not use MS for many things, I think they probably do email properly.

I have a hotmail account that I use only for one specific purpose. I do not use the address in any registrations. I have opted out of all MS email. The address is not a common word or name. The address is not listed on the web.

I do not get any spam on this account. None.

Re:No wonder...

[finallyHasANickname]

Give yourself a +1 funny.

For this I thank thynk... I think. :-)

Re:No wonder...

[thynk]

all right funny guy, if that's the way you want to be, you just made it on to my friend list 8-)

BTW- can you explain your .sig? followed the link and I have to admit, I'm kinda lost.

Re:No wonder...

[finallyHasANickname]

all right funny guy, if that's the way you want to be, you just made it on to my friend list 8-)

Oh great. Now I have to dig out my old 720K floppy disks to check my notes on how to be sociable with actual human beings, and I can't find the way to change the CMOS settings for the old FDD controller.

My grilf just broke the F10 key while we were doing NGMWT--Nerdy Giggly Man/Woman Thing--in the client room (immediately adjacent to the server room, which is actually a garage converted from holding actual cars to holding underpowered motor scooters, solar arrays (during rainstorms), and firmware development stations for chips nobody cares about anymore)).

NOT!

::::snort:::: ::::::nosewipe:::::

What's next? You gonna ruin the exquisitely calibrated pitch of the blades of the propeller on my beanie? ::::::sigh::::: :-p

But all right. You win. ;-) Pleased to meet you. :-) :::::extending hand::::: :::::wondering if you remembered which hand most recently absorbed my proboscal mucous:::::

BTW- can you explain your .sig? followed the link and I have to admit, I'm kinda lost.

Google whacking only permits two terms, and it's so indistinguishible from impossibility that, with odds like that, I believe it would be wiser to arrange a date with Pamela Anderson.

Thus, in my quest to find the perfectly mediocre challenge, I "invented" Google befuddling. I guess its rules are as follows:

1. Use more than 6 words in a Google search.
2. Make the query appear perfectly valid in human logic.
3. Show off the results to people in that Google, as if by a "miracle", failed to do its usual magical coherence in its answers.
4. Old fashioned "pre-Google" search engine rubbish is "victory".

I guess it is not inherently competitive any more than figure skating is. It might very well be an artform. For example, due to the question generated by Google, this link has some merit, IMHO.

I'm not quite sure. I just extract these ideas from a spatially sequent malodorous orifice (near a wild hair), and the consequently necessary cleaning and disinfecting runs up a lot of temporal overhead. I think you can about imagine, huh?

Anyway, hope that helps. (snicker) :-)
Now as you were saying about who should ascend to the throne after Governor Schwarzenegger...

Re:No wonder...

[thynk]

Oh great. Now I have to dig out my old 720K floppy disks to check my notes on how to be sociable with actual human beings, and I can't find the way to change the CMOS settings for the old FDD controller.

Don't bother, as I'm sure the finer points of sociable type interaction would be lost on me anyhow... but I must admit I appreciate the thought. Should you have need of a 5.25" inch drive, or even an old C64 1541, I'm sure I can pull one out of somewhere. Perhaps the same place you extract your ideas.

Your server room is in the garage? I guess if I had either a grilf or a garage, then that's where my server room would probably end up. Having neither at the moment (like 99.5% of /.) my server room is in "the room formally known as The Living Room". Most would see that I have more computers in that room than I've had dates in the last 6 months as a Bad Thing. :::Shrugs::: Whatever.

:::extends hand in friendship::: :::reminds self to wash hands just in case I remembered wrong:::

Thanks for the hints (mini-novel) on your .sig file - I was truly lost as I didn't catch that it was GOOGLE whacking. I was thinking along other lines completly. As for Google Befuddling, well, a lot of my searches turn out that way, but not on purpose. Maybe I should search for something else.

Anywho - I had best get back to work (that thing they pay me to do) - I'm sure I'll see a lot of you on /. since... well... this is my social life.

Gott supply your own knobs

[cybercuzco]

Catburglary is down. In other news, vicious sack beatings up 300%

Re:Gott supply your own knobs

900%

Re:Gott supply your own knobs

Kent Brockman - Heavy sack beatings are up a shooking 900%.
Homer - People can come up with statistics to prove anything Kent, 40% of all people know that.

Re:Gott supply your own knobs

In other news, spammers who find they can no longer get hosted in order to serve up their e-mail profit enterprise have resorted to vicious sack beatings. It seems the marketing viagra in this was has proven most effective.

Man on the street says, "I never had a problem with erectial discution, but I was threatened with a vicious sack beating. Having to choose between an erect penis and a vicious sack beating, the penis wins every time".

The Morman church was asked if they were going to go for the vicious sack beating approach in order to spread their word. Their only comment was, "Not directly, but our young misionaries are more then welcome to help someone with a vicious sack beating while sharing a special message".

Re:Gott supply your own knobs

[Fraew]

its forf-ty percent, not forty..thats one of my very fav simpson lines..

Re:Gott supply your own knobs

My favorite is Homer's reply to the earlier quote:

Brockman: Now Mr. Simpson, what do you say to those who say that your group of vigilantes commit more crimes than they prevent?
Homer: Oh, Kent, I'd be lying if I said we weren't committing crimes.
Brockman: (long pause) Touche!

I know why

[agent+dero]

I guess he was getting too many ridiculous e-mails :-p

Hasn't always worked though

It has been tried before unsuccessfully so it doesn't always work, but I'm glad it did this time.

Well,

[SweetAndSourJesus]

there's spam, egg, sausage and spam. That's not got much spam in it.

Re:Well,

Bloody Vikings!

Re:Well,

Arrg... where was this from again?

Re:Well,

[StealthBadger]

The Monty Python diner sketch with Eric Idle (?) playing the waitress.

Re:Well,

[SEWilco]

Specifically, I believe it is the spam diner sketch with spam.

Anything?

"Anything which slows down spam can only be a good thing."

Hardly. Without violating godwin's law, I can think of lots of ways to stop spam that would be a bad thing. Be careful, this is a slippery slope.

Re:Anything?

[black+mariah]

Oh shit, the 'slippey slope'... Slippery slopes often have more of a foothold than people think. Finding spammers and publishing their email addresses and maybe even phone numbers would do a lot to stop the bullshit. Before you ask, no I don't want my personal info printed for all to see. That's why I don't piss them off.

Re:Anything?

[Erick+the+Red]

For my sake, what's godwin's law?

Re:Anything?

[cazzazullu]

yup. Let's all go back to good ol' 28.8 modem, that'll teach them!

Re:Anything?

[majcher]

You cannot violate Godwin's Law, unless you have a conversation on Usenet (or, for the sake of argument, the Internet at large) that is of infinite length, and never mentions Nazis or Hitler.

This comment demonstrates that you are yet another member of the ever-growing group of people who have heard of Godwin's Law, but have no idea what it means. Dumbass.

Re:Anything?

[syrinx]

You cannot violate Godwin's Law, unless you have a conversation on Usenet (or, for the sake of argument, the Internet at large) that is of infinite length, and never mentions Nazis or Hitler.

While "violate" is not quite the right word; there *is* an implicit assumption among most Internet communities that, once the inevitable Nazi / Hitler comparison has been made, the discussion has definitely ceased to become useful (if it ever was useful in the first place), and can therefore be safely abandoned.

Of course, that doesn't change the fact that the OP didn't really know what he was talking about, but hey.

Re:Anything?

Right on.

Re:Anything?

[wheany]

You can mention Hitler and Nazis, but you can't compare people to them.

For example: "Hitler ruled Germany during WWII" does not violate Godwin's law.

"Who cares about natiquette, you people just want power, you fucking nazis" does.

Re:Anything?

Um, yes I do know what it is. The other half of it states that the arguing faction that uses said comparison automatically loses, (which is the penalty for it), meaning it can be violated, at which point you are punished. Which means that I didn't want to make a comparison to Nazis, EG, "Now we shouldn't go taking spammers to death camps now, should we?".

As for your stupid comment about the group of people who don't know what godwin's law is, I'm sure you were on usenet, pressing reload when it was posted. You read it and said "Hey, good idea, man" or something using perfect punctuation and grammer, as was the trend at the time. Better yet, you were Godwin. Moron.

Re:Anything?

Forget about lose and win -- Godwin's is just a more sophisticated version of "Arguing on the Internet is like the Special Olympics ... You might win but you are still retarded."

It's supposed to be descriptive -- the thread was already useless to begin with.

(But of course, I'm just fulfilling Godwin's Corollary -- "Every thread on the Internet will eventually devolve into a discussion of Godwin's Law".)

Re:Anything?

[MikeFM]

I suggest we nuke anyone we think may be guilty of spam. Terrorists I can deal with but damn those spammers to hell! Nuking them would give those who would follow in their steps something to hink about.

Re:Anything?

[troc]

We should take off and nuke the site from orbit

It's the only way to be sure.......... :)

(yeah yeah paraphrased badly)

Except I quite like NZ. Can we just blow some other stuff up? please?

Oh hello, would you like to blow some stuff up?
No?
What are you doing? Get off me, leggo of me arm. Ouch.
Noooooooooo, I don't want to go back in th.........

EOF

Re:Anything?

Nonetheless, solid ground is much better. It will really suck when you see your innocent friends slide into oblivion just because you figured "it'll be ok; most of us will hold on just fine."

Re:Anything?

[Bing0!]

Spam is the only mail i get, you insensitive clod! fetching message 0/0 Status: nobody loves you

Re:Anything?

[black+mariah]

Dude, if my friends were sending out a few million spams a day I'd be the first in line to kick their ass. ;)

Re:Anything?

[hkmwbz]

You can think of lots of ways to stop spam that would be a bad thing? Ok, can you mention a few examples?

And don't give me the nonsense about laws about spam limiting individual freedom, free speech and similar. Laws to make spam illegal wouldn't affect people, only companies that try to make money by harassing others. And spam isn't (covered by) free speech. In fact, spam today is more like forced speak. Spam tries to force you to read it.

Re:Anything?

[thynk]

You can think of lots of ways to stop spam that would be a bad thing? Ok, can you mention a few examples?

Hmmm... turn off the net all together. That would be bad, but would stop spam. Make Email illegal, that would stop it too. Get rid of SMTP and allow your ISP to charge you $50 for each email you send... that would probably slow the spam assault down a tad.

Now some good ways... have a PPV event where people who get caught spamming are put to death in public. That would certianly be a negative reinforcement.

Re:Anything?

In the article, it says that the spammer received phone calls threatening his kids.

I don't care if you're a spammer. I don't even care if you're fucking Hitler, a man's family is off limits. There are lines you don't cross, no matter who they are, and threatening to go after someone's kids is simply wrong. That's your first step down that slope.

Re:Anything?

[Amorpheus_MMS]

>I don't care if you're a spammer. I don't even care
>if you're fucking Hitler, a man's family is off limits.

As if he cared for what a spammed family's kids will see when they check their mail.

Re:Anything?

[IANAAC]

As if he cared for what a spammed family's kids will see when they check their mail.

I'll keep saying this until I'm blue in the face... If you are worried about what your kid might/will see, make sure that you've had a chance to monitor it yourself. You, as a parent, have every right (and many would say, the responsibility) to do so.

Re:Anything?

[zdislaw]

You honestly can't think of a single anti-spam measure that would be a bad idea. Are you stupid?

Hmmm...let's see if I can help.

1. Charge per-email for all users.

2. All ISPs block any traffic from offending countries, states, ISPs, whatever.

3. Develop POP3 clients that are incapable of downloading e-mail.

4. Ban all unsolicited emails of any kind (which *would* violate free speech of non-spammers).

There's a few. A couple are really reaching, but I feel pretty comfortable saying that they are all bad ideas.

So yes, *your* ideas may be good, but only a moron would say that any solution to stop spam is a good one.

Re:Anything?

[http]

Do you understand godwin's law? I would prefer you violated it in your struggle to inform us of ways to stop spam.

Re:Anything?

[clenhart]

slippery slope is a logical fallacy

http://www.skeptics.com.au/journal/baloney.htm

Re:Anything?

[geekoid]

Thats great, and if someone reports YOU as a spammer? Now a bunch of people are pissed at you, and you didn't even piss them off!
So now all your information is on the net. God forbid someone decide to step it up and actually try intimidaation against you, or your family.

This type of action always leads to bad things, usually perfectly innocent people suffering just because somebody said something.

Re:Anything?

[azav]

You have my vote.

Re:Anything?

[WNight]

Ahhh yes, the completely solid ground of "Let's hope that we don't get so much spam that the internet buckles and collapses under the strain.

You say that vicious sack-beatings of spammers is a slippery slope. I say not, it's the intended destination. People who abuse their fellow humans for a quick buck should get shown the door, as it were. Are you making me pay to clean up after you, with absolutely no benefit to me? Well guess what, I refuse. If the only way to make you stop is violence, I thing it's by your choice. If you'd stopped when *everyone* asked you to, it wouldn't have come to this.

Re:Anything?

[WNight]

This also ignores the large number of cases where Hilter or Nazis are on topic. Gun control, Eugenics, Politican shenanigans, Genocide, etc.

The corollary to Godwin's law is only relevant where a topic that isn't in any way related to Hitler, eventually gravitates that way, usually with a direct personal comparison.

To forbid all discussion of the Nazis is to lose an important part of our history.

And that, quite clearly, is why all Godwin trolls should be thrown in a concentration camp and sold organ-leggers when they are unable to work anymore.

Re:Anything?

[deblau]

Sorry, your gambit didn't work. According to the EFF:

Miller's Paradox: As a network evolves, the number of Nazi comparisons not forestalled by citation to Godwin's Law converges to zero.

By quoting Miller's Paradox, I have made the requisite Nazi reference mentioned by the paradox, hence fulfilling prophesy and nullifying the usefulness of this thread. I hereby declare this entire thread over, Quirk's Exception be damned.

Re:Anything?

[hkmwbz]

Oops. I forgot that this was Slashdot. I can't expect people to think for themselves and leave out the most obvious crap. Never mind, you wouldn't understand this anyway.

Ugh, "virii"

It's "Viruses", not "virii". Grrr.

Re:Ugh, "virii"

[serial+frame]

Tee hee hee. Nothing personal. :)

Re:Ugh, "virii"

But then again, does anything regarding an AC qualify as "personal" ?

Re:Ugh, "virii"

dont you mean virals or virii or venereal disease or something *grrowl you secksi tiger bitch you*

Re:Ugh, "virii"

[thegoldenear]

virii is Latin. if we want it to be virii then its virii

Re:Ugh, "virii"

[RobotRunAmok]

virii is Latin.

No, actually it's not. There is no such word in either Latin or English. In Latin, "virus" is a collective noun, like 'butter.'

if we want it to be virii then its virii

Why don't you substitute a word in Klingon? You'll still sound just as goofy, but at least you won't be flat-out incorrect.

Re:Ugh, "virii"

In mexico they couldn't sell the Chevy Nova because nova means "SHIP HIGH IN TRANSIT" in portugese.

Re:Ugh, "virii"

[thegoldenear]

well, that was what I was told a while back when I used. presumably the person who said so believed 'ii' meant plural in Latin.
whatever

Re:Ugh, "virii"

[MarkGriz]

Perhaps marklar should just call them marklar.

Re:Ugh, "virii"

[cbiltcliffe]

nova means "SHIP HIGH IN TRANSIT" in portugese.

Actually, since Mexican's don't speak Portugese, I don't think that was the problem.

"No" in Spanish (Mexico's national language) means, just as it does in English, "no".
"va" in Spanish translates roughly to the English "go".

So, "Nova", in a Spanish-speaking country, effectively means "No go.", or, more appropriately for a car, "Doesn't run".

Would you buy a car from a German/Russian company with a model name of "piesov schidtt"?

Re:Ugh, "virii"

to lazy to create a new account, the American Heritage(R) Dictionary of the English Language , Fourth Edition says it is viruses, but take a look on the last line:
virus (vi'r?s)
n., pl. -ruses.

Any of various simple submicroscopic parasites of plants, animals, and bacteria that often cause disease and that consist essentially of a core of RNA or DNA surrounded by a protein coat. Unable to replicate without a host cell, viruses are typically not considered living organisms.
A disease caused by a virus.
Something that poisons one's soul or mind: the pernicious virus of racism.
Computer Science. A computer virus.
[Latin virus, poison.]

Re:Ugh, "virii"

[Timmmm]

Ha ha... funny :)

Re:Ugh, "virii"

[ericesposito]

This drives me insane too. I suppose that they think it makes them look intelligent.

Even if the plural of "virus" had an "i" at the end, it would be "viri", not "virii".

The plural of "virus" is "viruses", just as you'd expect using accepted [American] English grammar rules.

Re:Ugh, "virii"

[Crusadio]

Sorry to knock you off your high horse, but "virus" is not a collective noun. From dictionary.com:

virus n. pl. viruses

For more information on collective nouns, click here.

Re:Ugh, "virii"

[RobotRunAmok]

Re-read the post, Mr. Webster. I was referring to the Latin "virus."

Re:Ugh, "virii"

[Golias]

[Sigh]

Here is the standard, "you would all know that this whole story is bullshit if you bothered to check snopes before posting," link.

Thank you, and good night.

Re:Ugh, "virii"

> No, actually it's not. There is no such word in either Latin or English. In Latin, "virus" is a collective noun, like 'butter.'

Virus is NOT a Latin word. The Latins didn't have computers! Sheesh!

Re:Ugh, "virii"

[riko_at_anubics]

Not really.
virus,i, n
that means the latin plural is "vira"
(since it is not unregular, there is no reason it should not)
by the way i agree the english version is viruses.
in italian the plural is virus (it does not change).

it can't be virii.

Re:Ugh, "virii"

[cbiltcliffe]

you would all know that this whole story is bullshit....

What, my last line didn't give it away for you?

German/Russian company with a model name of "piesov schidtt"?

;P

So it wasn't AOL's spam filter

I was so naive.

Same here.

I was actually looking for that spam to start training my spam filter and noticed almost all of it had stopped.
I thought it was related to the Sobig.F mess. I hope it really was that jerk and now has stopped.

I like it.

Re:Same here.

[nudicle]

Dude, These Windows viruses work by getting the email lists of all your friends (in your contact info) and emailing to/from them. No such luck.

I'm not sure about my results

[nocomment]

As I have this in /etc/postfix/body_checks /^Penis/ REJECT /^penis/ REJECT /^Pindick/ REJECT

Re:I'm not sure about my results

so you're a lesbian then?

Re:I'm not sure about my results

[lostguy]

Cuts down on the emails from ex-girlfriends, too, I suspect.

Related to SoBig perhaps?

[shird]

I might be reaching a bit here, but perhaps the spammers are waiting for the current SoBig infestation to die down. Reasons being;

many people are getting flooded with the crap and where they may just get a few spams and be able to read them, now they are inundated and are trigger happy with the delete key.

Many peoples inboxes are filled and can't accept any e-mail

It also may be that your particular address just happened to be 0wn3d by that particular spammer but not any/many others. There are plenty of other people that are on many other spammers lists.

Re:Related to SoBig perhaps?

[shird]

Another theory... the group/guy who wrote SoBig is one of the biggest spam organisations.. and given the current FBI man hunt, is afraid to use his massive proxy network to spew crap out selling stuff cause it could eventually be traced back to him.

Re:Related to SoBig perhaps?

[andrewski]

Rest assured, if the person or group who wrote SoBig are spammers, the FBI will be sending formal letters of apology and helping them resume operations. The Federal Government has a charter to help out companies that are headed by sacks of shit fleece the public out of as much money as they can.

Re:Related to SoBig perhaps?

[shird]

Ok, another theory...

Aside from not wanting to spam and draw attention to themselves when e-mail is a bit 'hot', they have also most likely lost a lot of their open proxies.

The original SoBig opened a lot of proxies for them to use, but the recent msblaster and new variants of SoBig have cause so much trouble that many people have been forced to scan their systems for viruses. Therefore they are cleaning their system of previous trojans which were leaving their system open for abuse by spammers. Hence, the worms have effectively cleaned up a lot of the net leaving spammers less resources to abuse.

Re:Related to SoBig perhaps?

Do you really believe any spammer would stop spamming because there's a bit of a SoBig boom?
Don't forget that spamming doesn't cost them anything, and they could care less if their mails are read. As long as they find dummies that pay them to send mail, they'll keep sending mail. To /dev/null if they have to.

You don't have to believe me, but my mailbox shows no decrease in spam (most of it routed sideways by two independent spam filters). SoBig doesn't even come close in numbers.
Apparently my address wasn't in that NZ spammer's database, but it is in plenty others--despite all my efforts to keep my address off the web and out of forums and newsgroups :(

Re:Related to SoBig perhaps?

[grazzy]

No, you're wrong. OR the spammers are complete retards.

Why?

Its so extremly much more efficent and EASY to write a scanner for these three types of security problems:
1) Open proxies. Well, they might be blacklisted, but thats easily verifiable from the sites blacklistning..
2) Open relays. Same as 1.
3) Compromisable boxes, you have no CLUE on how many wuftpd 2.6.2(2), bind, sendmail, you, fucking, name, it, apache 1.3.VULN, openssh, sshd servers there are out there if you CARE to portscan every ip out there.

Why bother going highly public with a virus bound to make the papers, when you could silently run a portscan on the backyard of the 'net .. ?

Re:Related to SoBig perhaps?

[gl4ss]

they already have bothered with earlier versions of sobig to do it, which highly suggests that sobig.f wasn't any different.

there's gazillions of open proxies too for them to use..

Re:Related to SoBig perhaps?

Or, it could be what it really is. SoBig.F was made by Symantec and released into the wild in order to push sales of NAV.

Re:Related to SoBig perhaps?

[orkysoft]

Then why does Symantec offer a program to remove the virus from a computer, for free?

the "concerned father"

[sssmashy]

Shane Atkinson - whose business is known as spamming - said the barrage of abuse made him worry about the safety of his children.

Given that Mr. Atkinson is a man who sent out a hundred million spam messages a day, for penis enlargement and similarly raunchy BS, I too am worried about the safety of his children... with an amoral sleazebag like him for a father, who knows how his unfortunate progeny might turn out?

I doubt if Mr. Atkinson ever lost sleep over the millions of children whose email inboxes were polluted with his X-rated crap on a daily basis. And yet he tries to pull the "good father" routine. What a joke.

Re:the "concerned father"

[The+OPTiCIAN]

Yeah, but these are *his* kids.

Re:the "concerned father"

[nlangille]

Its not all bad. At least his children will never know the embarrasments of having a small penis.

Re:the "concerned father"

[svvampy]

Doesn't mean that they should have to suffer further for his inadequacies.

i.e. "My schlong is soooooo huge I tell other people how to make my pindick bigger...I mean theirs, really I'm huge. Really. *sob*"

Re:the "concerned father"

[mpaque]

> Yeah, but these are *his* kids.

Is he sure about that? With so many satisfied customers, perhaps Mrs Spammer resented his spending all that time with the computer and found a little solace elsewhere?

Re:the "concerned father"

[cfuse]

Just because the guy's a prick, doesn't mean that the kids should suffer as a result.

Spam should be criminalised, on the basis that it is just as bad as hacking, phreaking, etc.

Re:the "concerned father"

[Grishnakh]

I sure hope so. The last thing the world needs is a spammer's genes being passed along to the next generation.

Re:the "concerned father"

Its not all bad. At least his children will never know the embarrasments of having a small penis.

Even though he has got a daughter

Re:the "concerned father"

And that's *exactly* the pillar this sleazeball is hiding behind. "If you try to hit me, you might hit my kids. So, you should not try to do anything to me". That his intended victims have the same problem is not his concern ...

Funny though, that this person, who's made an art outof circumventing e-mail filters, doesn't have the knowledge or means to set one up for himself (his kids).

Re:the "concerned father"

No.

This guy didn't stop because he was worried about spam to his kids. He stopped because people CALLED him telling him they were going to KILL his kids.

I don't care how bad spam is, it won't kill your kids, and no matter how bad a spammer is, you don't go after their kids.

Re:the "concerned father"

All the more to be embarrased about then

Re:the "concerned father"

Obviously he's not that concerned about his kids if he got into a business where damn near 100% of people absolutely despise him.

Re:the "concerned father"

I can't understand why there isn't public outrage over the fact that children get sent X-rated material every day. It is a travesty, one which saddens and angers me far more than the daily annoyance of 20 spam messages. Harassment of spammers seems like a good option.

And yet: I would never advocate giving Mr. Atkinson's children X-rated material to "teach him a lesson"--it's not fair to the kids; they aren't at fault, they don't deserve that. It's too damaging and irresponsible for me to imagine doing.

But Mr. Atkinson sent out those messages to other people's children every day. He should be jailed.

Grammer Police

[Hal+The+Computer]

Ve have vays of making you speak ...

Correctly.

It should be viruses.

Thank you ;-)

Re:Grammer Police

I dunno, seems reasonable to me that grammer nazies should mispell everything and spelling nazis hasn't got grammars that's really good.

Re:Grammer Police

[CowboyMeal]

No, he was talking about the police in Grammer, Indiana

A hard bunch they are.

trolls...

maybe if we identify the large amount of trolls on /. they will call it harassment and give up?

Just suppose....

[Alpha_Traveller]

...that this kind of thing continues. The same way that sex offenders lives are disrupted by having their names published in communities they move to, we could publish spammer's information here on slashdot.
Oops. we do that already I think...

Realistically though, is this something the US would want to adopt as a deterent? it seems to me way too open for abuse.

But let's suppose we could do that officially. Who is qualified to offically identify a spammer? How easy is it to detect a specific spammer (in terms of the skills required to get to right) and how easy is it to get the skills you'd need to do that? Not that Congress is going to authorize the establishment of an anti-spam unit...are they?

Re:Just suppose....

" it seems to me way too open for abuse."

I don't believe so. Publishers of newspapers and even Slashdot are not going to risk million dollar defamation suits by publishing someone's personal information and identifying them as a spammer without approval from their lawyers first.

Re:Just suppose....

[Alpha_Traveller]

Ah, but remember this - A lawyer probably isn't qualified to identify a spammer either. If this is going to become the groundwork of a new effort to police our society of "static that wastes our time", the public would expect standards and experts in the field to be established, and a legion of "do gooders" to be employed to hunt down and extinguish spammers based on the facts. Just the facts man ;D

so how to do we qualify the experts? I'm not suggesting we as slashdotters declare who is a spammer and who isn't -- I'm more suggesting that the United States (sorry to exclude anyone else) is on a track to do this. Establishing a true "Spamcop" isn't that far off if something like this can happen in NZ, and vigilantism is at the root of it.

Re:Just suppose....

[CGP314]

Not that Congress is going to authorize the establishment of an anti-spam unit...are they?

As long as the Dept of Homeland Security runs it, I'll feel safer. :/

Re:Just suppose....

I don't have kids, but I've got mail servers. Practically speaking, I hate spammers a lot more than I hate sex offenders because they have a much greater and immediate negative effect on my day-to-day life.

I would appreciate an international spammer registry, and I would have no trouble with spammers having as difficult a time to find a place to live as a child molester, for example. Spammers are sociopaths too, and allowing a convicted spammer to ever connect to the Internet again is like allowing a child molester to work at a daycare. Neither is acceptable.

As to who's qualified to identify a spammer, that's easy - the same courts that identify sex offenders. Once convicted, a spammer's identity should be permanently available in a publically accessable government-operated database, just like sex offenders are.

Re:Just suppose....

[finallyHasANickname]

Who is qualified to offically identify a spammer?

You got me thinking about that, taking the question literally, not figuratively. Since we are constraining ourselves to the U.S.A., this is like asking John Postel, circa 1985, "Who the hell do you think you are, exercising so much influence on who gets IP addresses and domain names? You call yourself and your de facto appointees the 'Internet Assigned Numbers Authority'? Says who?"

Mr. Postel--may his soul rest in peace--would have just looked at the "accuser" as if the person were having a bad brain day.

My point is this: What you are asking, Alpha_Traveller, is who is official. That's like asking who certifies Microsoft when someone crawls around a server room on all fours with a MCSE certificate proudly sticking out of his banana-filled backpack. The official cop would be the person whose authority stems from attitudes among the masses. Another "example" would be Linus Torvalds. Who put him in charge? Of Linux? He did. It's his. He is the authority.

Help me out here folks--I'm "channeling"... ;-)

If someone were to register, say, iknowwhichspammerstrulysuck.com, and if Google would point to it due to popular linking opinion, what would happen? It would be something like democracy, something like cosmically fair meritocracy, something like authoritarianism.

In a way this reminds me of a curiosity of mine. What if I were in Dubya's fraternity while he was scheduling all of these activities and asserting his "leadership" as if a busybody/ChurchLady/agendaSeeker type? "No, George, I do not want to volunteer at the car wash to fund the local bloated charity, and my family has given that charity more money than my volunteered time is worth, and no, I do not want to play Ultimate Frisbee on the schedule you proposed, and no, I can't stand playing poker with you as long as you always shove your rules down our throats with your winning smile. Your smile doesn't win me. I resent people like you. I'm a geek, for cryin' out loud. I am waiting twenty five years for Rob Malda to get off his geekass to establish /., so I'll put up with you at this Ivy League school fraternity as a facsimile of sophisticated communication. So just back the hell off, do your own homework, and leave me alone until you follow through with the promises for free beer and hot and cold running female frat-sycophants. I have things to study."

See? Sometimes people just step out front. After a while, everyone treats them as leaders--even if they are dim coke-snorting fools. After the Alpha (fe)male dynamics kick into gear, your question won't matter.

Ok. Someone juxtapose that with the question about whether or not it matters what was the basis of the authority of John Postel in the assignment of RFC's and other such stuff.

Re:Just suppose....

[hkmwbz]

"The same way that sex offenders lives are disrupted by having their names published in communities they move to, we could publish spammer's information here on slashdot."

Except these exposed sex offenders are usually those who have served their time - taken the punishment. The spammers are active as they are exposed here and elsewhere. In other words: This is done to someone who has taken the consequences of their actions (sex offenders), as opposed to spammers, who are exposed because they are doing it right now.

Big difference.

This would be more like spotting a sex offender in the act and shouting the location out so anyone can come and kick his ass.

Just like we should track down spammers and kick their asses as long as they continue to spam.

Once the spammer stops spamming (after a severe beating mind you), there is no reason to publish personal details everywhere anymore.

Re:Just suppose....

[instantnoodles]

Although it is difficult, I believe it has been done. People have identified the top20 or so biggest USA-based spammers.

for what it's worth...

[skogs]

I think you are right. This jacka$$ was filling my inboxes too apparently. I used to recieve around 30-40 spams in my main hotmail spam repository....another 20 or more getting automatically blocked... Now I have less than a third of that. Praise God.

National Newspaper??

[canning]

"A notorious spammer, based in New Zealand, who had his name and other personal info released first in a national newspaper, and then on the web...

National New Zealand Newspaper?? That's commonly known as a flyer.

Just kidding. I actually know a lot of Kiwis and they're all pretty passionate about whatever they're doing. I'm not surprised at the result.

Re:National Newspaper??

[cowlum1]

I live in NZ and read the original article. + the followups.

The original article was in the national paper The Herald, around two weeks ago. The original article was only a moderatly sized peice at the back of the paper (IT section). The author had simply had enough of the spam and was also worried for his daughters exposure to things such as viagra. So he went about tracking the spammer down. He eventually found him, rang him and organised an interview. Thus the spammers name appeared within the paper and thus harassemnt began.

So then the spammer become worried for his family .

Re:National Newspaper??

Other related :

Vigilantes wage war on spam


Spammers hit below men's belts

Re:National Newspaper??

Contrary to popular belief north of the strait, the Herald is NOT a "national" newspaper. It is a regional newspaper, albeit with most of the North Island as its region.

It is not "national" in that it is not distributed throughout the entire country.

Re:What about ME!!!

[PetWolverine]

I could help you with that--just tell me where to forward the junk i get.

Come to think of it, give me the real email address of a spammer.

Hate to say it ?

[DeBeuk]

Hate to say it, but in this case, vigilante type action seems to have had the desired result.

Why do you hate to say this ? If governments fail to do anything about spammers, possibly because they don't know how, the only option is vigilantism.
If the only way to stop these guys is to put their names in the paper or mention them on television shows, so be it.

Personally I wouldn't mind seeing them being dragged down the street to be tarred and feathered.

Re:Hate to say it ?

[AirLace]

Do you have any idea how easy it is to forge an email header, give the someone else's contact details to your domain registrar or 'borrow' someone's dialup connection?

Have you ever received angry emails from people you've never heard of, because they think you're spamming them, because some foolish spammer (or their bulk-mail software) decided to use your address as their From header for the day?

Better to let ten spammers free than publicly chastise a single innocent bystander, I say. Maybe it's time to start work on a resilient email network based on something like the PGP network of trust or on national cryptographic certificate schemes. Just whatever you do, for heaven's sake, don't go trying to fix the current mess with a spate of misguided witch hunts.

Re:Hate to say it ?

[krymsin01]

Personaly, I can see how this could have negative effects. Sure, the guy is a spammer, and we are all not going to be very sympathetic to him. But they did just take away his livelyhood by sharing his private information. That's more than I'd want on my hands, sorry. The best way to get rid of spam is to have better filters in place If you can reduce the ammount of people who see their spams, people won't pay them as musch to send the spam out, and hopefully it'll begin to be a less lucrative venture for someone to be in.

Re:Hate to say it ?

[Frostalicious]

Better to let ten spammers free than publicly chastise a single innocent bystander, I say.

chastising a single bystander: A major inconvenience to an individual. May have to change email address.

Capture of ten spammers: Significant reduction in the corruption of the world's youth through porn emails. Major reduction in network traffic, saving millions per year. Strengthening of privacy rights throughtout the world. Productivity of worldwide workforce increased by millions of dollars per year, due to reduction in waste effort dealing with emails. Basically free money useable for anything like feeding the poor.

Please explain why the first is more important than the second?

Re:Hate to say it ?

[simon_aus]

Vigilantism? In the US people are much more prone to use guns than almost everywhere else.

I'm off to buy more NewsCorp shares

Re:Hate to say it ?

[holt]

So is it better to lock up for life one innocent bystander for murder or let 10 murderers go free? I would say you should let the 10 go free.

If you feel differently, go live somewhere where you can be locked up on a whim for the "public good."

The two are one and the same. Come on, I know we hate spammers, but seriously, this is going a bit far.

Re:Hate to say it ?

It's uncertainty over guilt that makes letting the guilty go free preferable. There's no doubt at all this guy was a professional spammer, and he never claimed otherwise.

Re:Hate to say it ?

How would you like it if I published your name and address and said you're a spammer?

Who's going to verify, and how, that it's true and I'm not just setting you up because I don't like your looks?

People (read: mobs) tend to believe the accusing party much easier than the accused. After all, they're the bad guys, aren't they?

Re:Hate to say it ?

[devilspgd]

The absolute best way to fix the spam problem is to gather the spammers up in a giant pit. Gather everyone that has ever bought a spammer's product in another giant pit.

Give them all guns.

Open the door between the two, and offer $100,000 to the last man standing.

Re:Hate to say it ?

[wcdw]

1) Anyone who relies on "From:" information in an e-mail to determine its point of origin is simply foolish.

2) Phony registrar information is likely an insoluble problem. However, as a last resort, every circuit terminates _somewhere_.

3) Anyone who allows their dialup (or otherwise) connection to be "borrowed" for the purpose of e.g. sending spam (knowingly or otherwise) should be guilty of a crime. There is no way to remove these 3rd-party facilitators other than to hold them accountable. (A class action suit against MickeySoft over 'inherently insecure' software which is a primary root cause, anyone?)

If your e-mail server sent SPAM to my e-mail server, you are NOT an innocent bystander, you are _responsible_ -- regardless of where that SPAM originated. SPAM reported on this basis can NEVER target an "innocent bystander".

Re:Hate to say it ?

[Xenna]

Maybe he hates to say it because it reeks of the ways the fundamentalist Christians in the US try to 'discourage' abortion.

By posting their home addresses on web-sites.

Possibly in the hope that even more disturbed fanatics will take the hint and go after the 'devils' with a shotgun.

That's why we don't like vigilante action, because you never know if you'll be the next victim.

X.

Re:Hate to say it ?

[holt]

Read the thread. If there is no doubt about someone's guilt, then who is going to harass an innocent bystander? The whole point is that in most cases you don't know for sure who is behind the spam, because things are so easy to forge and obfuscate. Thus, people shouldn't go around harassing people they think are spammers because it's likely that every now and again innocent people will get caught in the crossfire.

Re:Hate to say it ?

[Fat+Casper]

That's why we don't like vigilante action, because you never know if you'll be the next victim.

The critical issue vith vigilantes is law enforcement, ot the absence thereof. There is a lot of focus on abortion in the US, and the courts come down pretty clearly saying it's legal. The wing nuts who use violence to deter abortions aren't vigilantes, they're criminals. Domestic terrorists, to be honest. They aren't taking any laws into their own hands, but they're violating laws left and right trying to intimidate prople into stopping what is a lawful activity.

Spam hunters are vigilantes. Spamming is illegal for various reasons- everything from a deep seated hatred from end users being barely articulated through their legislatures about time, hardware and bandwidth costs to kiddie porn in childrens' inboxes. It's illegal to posess kiddie porn, yet these folks distribute it. It's illegal to distribute any porn to kids, yet they do it all day long.

The government won't bother, they're too busy trying to convince people that Iraq sponsored terrorism. So some individuals have had to step up to the plate. Hooray for them. Don't compare them to a bunch of thugs because the thugs think their own cause is good. The spam hunters are the good guys here.

Re:Hate to say it ?

Tared and featherd? No that's even lower then them. If you're going to sink down sink to their level. Make them eat 200 cans of spam a day for a week, and see if they get it,

Re:Hate to say it ?

I agree. How meek and winpy can we BECOME these days?

The spammer perceived a threat that was directed against him out of sheer desperation because no one would protect us from HIM. And he moderated his behavior as a result and now he feels safe and so do millions of others whose resources he was stealing.

Our legal systems never operate this efficiently, quickly, and blithely. On to the next spammer!

Re:Hate to say it ?

[FroMan]

Haven't read about any nations in Africa recently, have you?

Spew your off topic anti-US crap elseware.

Re:Hate to say it ?

Have you ever received angry emails from people you've never heard of, because they think you're spamming them.

No. But I have had people claim that they are innocent that it's really just an opt-in list and I clearly wanted to get lots of spam. Put them in jail.

Re:Hate to say it ?

[Frostalicious]

So is it better to lock up for life one innocent bystander for murder or let 10 murderers go free? I would say you should let the 10 go free. If you feel differently, go live somewhere where you can be locked up on a whim for the "public good."

This is a significantly different question and offers very weak support for your original position. You have pretty much abandoned your original position.

Nonetheless, I will reply. I make a moral evaluation of 10 murderers versus 1 innocent by summing the bad in both options. Locking up one innocent destroys the life of the individual, as well as having a large detrimental effect on his/her family and friends. It also removes a viable worker from the employment pool. It also spends resources needlessly on keeping the person encarcerated. Badness.

Letting 10 murderers go free doesn't directly destroy any lives, but the families of the murdered have to live without closure on their tradgedy. This would affect quite a number of people. So far it is difficult for me to say which option is preferable. I would err for caution and let the 10 murderers go free. This position is consistent with the design of most criminal justice systems which also err for caution in providing the defendant presumption of innocence.

The scales would be tipped if the murderers were recidivistic. If releasing them would result in more deaths, then it is clearly preferable to lock up the 10 murderers along with the 1 innocent.

None of my assertions require people to be "locked up on a whim". Where I live, we still have a jury system, and none of my assertations require removing that system. The jury is instructed to find guilt when certain "beyond a reasonable doubt". The instruction is NOT "beyond all doubt". There is clearly the existing possibility that an innocent will be convicted. That possibility is inherent in the system and is not going away in the forseeable future. Innocents have been convicted before, and will be again. Innocents have been executed. Sad, but unless you want to free all prisoners, you must live with that possibility. If you feel differently, go live somewhere where there is no law.

Re:Hate to say it ?

[geekoid]

If the world evey come to that, I pray to God you get misidentified as a spammer.

Re:Hate to say it ?

[Shadowlore]

The critical issue vith vigilantes is law enforcement, ot the absence thereof.

And if there is no law to enforce, it isn't vigilanteism.

Spam hunters are vigilantes.
No, they are free-market components. Just as someone picketing or boycotting a company for what that person feels is irresponsible or immoral behavior is.

Vigilantes take the LAW into their own hands. If there is no law, they are not vigilantes.

A number of causes

[svvampy]

A much as a two-bit spammer in the South Pacific would love to think that he has such an impact upon the industry, let's be realistic. What about the South Canadian power outage? The various worms and virii that have been circulating? I'd say that maybe some of the filth spewing nodes of our beloved internet have been infected. Also likely is that the recent profusion has probably made some people take a closer look at their PCs and network, eliminating some spam-zombies, or spombies and other sploitz

Re:A number of causes

This isn't South Park, don't blame Canada. The power outage started in Ohio and cascaded to the rest of the northeast.

Re:A number of causes

[nudicle]

True, but where the internet is concerned it matters not whether the spammer is in the "South Pacific" or the hinterlands of Uganda. All that matters is that his emails go through an unprotected SMTP server somewhere in the world -- Korea, China, or the US. The costs to him/her are basically nil and the damage is large. No matter where the spammer is based if he/she is sending tons of them it affects all of us and particularly the US given the entitlement and email addressees we have here.

Re:A number of causes

[johnw]

"South Canadian power outage"!?! Funny, from the reports we got here it seemed to have affected small parts of the USA as well. Or do you mean that most Spammers are in "South Canada" so that's the only bit that was relevant?

Re:A number of causes

I would love to close my computer to all kinds of sploitz and backdoors. But when that means I'm silently are signing-away the ownership of my computer (by ever-updated EULA's) to MS I decline.

I would not accept this kind of ownership-altering add-ons with repairs on my car, so why should I accept them on my computer ? After all, the patches are *nothing more than repairs* on work that's failed to meet its expectations.

Re:A number of causes

Viruses, not virii. In Latin, the plural of virus is virus. It is not a 2nd-declension noun.

Re:A number of causes

What about the South Canadian power outage?

Where the hell is South Canada?
I live 100 kilometers from the southern border but the only power outtages I read about happen 3000 kilometers east of here.

back to the basics

[segment]

Now wouldnt you stop sending out spam if people were threatening to kill you or just making threats. Look I hate spam just as much as the next guy, but I know how to install spam filters and on a wc -l of procmail i get a count of +1000. Now... People should also understand that spam like anything else is a business, there is no difference in someone leaving a menu in front of your door, yet you don't see millions protesting against it.

Before anyone flames or trolls this down, be realistic for a minute here, and I in no way am trying to justify anyone's actions, just stating facts. Does anyone protest when the menu guys flood your doorstep? No... What about when Target or some other megaconglomerate sends bs in the mail that you didn't ask for? doubtable. Spam is no different. Want to give me cost ratios go ahead and I'll do a breakdown in sanitation costs if you think mail and menus cost nothing. Not to mention a possible fine you could get for having litter you didnt leave in front of your house.

So ask yourself, if you were in a business and were told how to run it which was against the way you were running it, wouldn't you leave, what if someone was threatening you because it does happen wouldn't you quit while you were ahead too?

Re:back to the basics

[ElectricPoppy]

I don't get 100 menus at my door every morning.

Re:back to the basics

[segment]

regardless it's the same concept how much did it cost you to hit the d in mutt or.. how much would it cost you to filter this. Same way some states have issued a registration to go to, to register for no calls from telemarketing agencies, you would have to take the initiative. What do you think a telemarketing agency wont call you up. What if, as on the internet, there were 20million telemarketing companies do you expect not to get so many calls?

I hear this same argument time and time again, and let me restate I hate spammers, yet I don't see what the big deal is, it didn't hurt me, annoying sure it is, so are the billboards all over the place that I didn't ask to see. So what I'm not gonna protest it, gather 1million people and whine to a judge knowing damn well I could do something about it. That's moronic, and asking for government to step in because you cannot handle your affairs. Yet many want to bitch when governments want to step in and regulate other shit. Oh please.

Re:back to the basics

[ChilyWily]

Ok I'll bite... first off, the apartment that I live in, previous two and the dorm(s) I used to live in, had a "no solicitors" rule. Second, if someone was doing that to me, I would wait for them and I'm sure that a 2 min face-to-face chat would suffice for a 'cease-and-desist' order! If all else fails, the menu has a valid address and phone that can be used for legal recourse. Are any of these options available for spam?

Re:back to the basics

[aXis100]

1) Menu's dont cost me bandwidth or server CPU time.
2) Menu's do not contain sexually explicit or illegal scam material.
3) Reading the menu doesn't cause me to be the permanent target of 100 other restaurants.
4) Menu's may even be usefull.

In concept, they are certainly similar, though junk mail is far less annoying. Here in Australia, you can even put a "No Junk Mail" sign on your letterbox - something you cant do for spam.

Re:back to the basics

[sssmashy]

Does anyone protest when the menu guys flood your doorstep? No... What about when Target or some other megaconglomerate sends bs in the mail that you didn't ask for? doubtable. Spam is no different.

No, I don't protest when the menu guys flood my doorstep... but I might if I got 50 - 150 menus/day.

Or I might protest if the junk mail wasn't just menus and credit card solicitations, but porno, confidence scams and penis enlargers.

Or I might protest if sending junk mail was actually illegal, as spam is.

Or I might protest if I had a sign on the mailbox marked "ABSOLUTELY NO JUNK MAIL" and the mailman or flyer guy went ahead and ignored it.

And I'd be especially ticked off if I couldn't protest: if I couldn't trace problematic junk mail back to an actual business or legal entity that could be held somehow accountable.

The list just goes on and on. The differences between spam and junk mail are obvious and have already been discussed extensively in this forum.

Re:back to the basics

[heli0]

"there is no difference in someone leaving a menu in front of your door"

Do I pay when they put it there? Because I sure as hell pay for bandwidth and storage space for my mail server.

"What about when Target or some other megaconglomerate sends bs in the mail that you didn't ask for?...Spam is no different."

They pay to send it. With spam YOU PAY TO RECEIVE IT. Spammers use open proxies and computers infected with sobig to send it for free.

Re:back to the basics

[ElectricPoppy]

Did you read the article? It wasn't a million people whining to the government. I'm personally not advocating government interaction, because I'd rather see minimal government intervention in all areas. How did it hurt this guy to have the tables turned on him? If it's not hurting me to get spammed, it's not hurting him either. An eye for an eye, I say. And it worked.

Re:back to the basics

[dtfinch]

Don't forget that in winter you can burn the menus for heat.

Re:back to the basics

[xlsior]

Comparing spam with menus left on your doorstep??

There are two *huge* differences when it comes to spam:

1) Your local pizza place actually has to spend money on each and every one of those menus they dump on your doorstep, which means that it is in their best interest not to dump 10 copies every day there, unlike some spammers do.

2) And something that is often overlooked in these kind of analogies: There are at best a few hundred businesses within driving distance to your house to which it could make sense to send you promotional snailmail. On the internet, *everyone* is local. That means potentially hundreds of thousands or even millions of 'companies' who could send you their 'special promotions', for virtually no charge to them.

Spam levels are horrible these days -- I am the administrator of several mailservers at an ISP, and they receive hundred thousand spam messages a DAY, combined. Currently about 70% of all incoming mail gets flagged as spam by our spam filters, up from ~50% little over a year ago.

The total number of spam sent still increases every month, according to the numbers by the major anti-spam companies like Postini and Brightmail. Just for a moment, imagine how bad it would be if there had been noone trying to put an end to it...

Re:back to the basics

When was the last time someone put a menu under your door advertising CUM GARGLING SLUTS with graphic pictures of young women swimming in a hottub full of semen?

Re:back to the basics

I don't like menus, but don't get them nowadays because I'm in an apartment building (mixed blessing really).

Paper junk mail is far worse than spam, but in Canada you can put a sign in your mailbox saying "please don't deliver any unaddressed mail" and Canada Post will respect it.

Between that and Spamassassin, I get no junk mail at all. I'm so lonely...

Re:back to the basics

[andrewski]

When Target sends me spam in the mail, I mark it return to sender and put it in a USPS mailbox. When folks come door-to-door, I send 'em away. With spam, it's different. There really was no way to stem it at its source. Now, that's changed. If I do find out the identities of spammers, I'll tell everyone I know who they are. Fuck 'em. Just because it's not illegal to spam doesn't make it a legitimate and respectable business. Spammers are a cancer on the internet and should be dealt with harshly.

Re:back to the basics

[CaptIronfist]

People should also understand that spam like anything else is a business,

Wrong assertion, businesses aren't alike whatever pro-capitalist people are going to pretend. Selling flowers to the public, for example, doesn't, usually , nurture hate, anger and whatever the spam fashion is brewing these days.

be realistic for a minute here

I'm as realistic as anyone else and personally can't see any facts in your post. Perhaps i should read between the lines or something... ( hmmm wonder what's your day job. )

Does anyone protest when the menu guys flood your doorstep? No...

Wrong again. See that sign on my door. It says NO FSCKIN FLYERS! Better not ask for any reading lessons, i have strong tendency to act violently towards illiterate dumb fscks.

What about when Target or some other megaconglomerate sends bs in the mail that you didn't ask for?

They don't do that anymore. Not in my country. In what country do you live in ? Texas ? ;-P ( what's Target anyways, lol.. )

Spam is no different.

Sheesh, this is getting pathetic. Did you ever get 1000+ flyers on your doorstep or in your mail box? I doubt it. It couldn't simply fit or it would be a great risk of fire. Imagine a couple kids passing in front of your house.

Now, if i would be running a business everyone hates and i would be told not to run it anymore by a huge majority of society... I would quit. DUH! So what's your point ? Well, i ain't high tonight and i can say i didn't understand what's the point you are trying to make. Anyways.. It was sure fun to reply.

Re:back to the basics

Does anyone protest when the menu guys flood your doorstep?

Yes, I do. I just took one back to the local restaurant and personally asked them to respect the "No advertisements, please" sign on my door.

Re:back to the basics

Don't bother about that Return To Sender stuff - it never will make it back.

Re:back to the basics

Okay, so when you use the word fsck, do you mean fuck?

Re:back to the basics

[shepd]

>Does anyone protest when the menu guys flood your doorstep? No... What about when Target or some other megaconglomerate sends bs in the mail that you didn't ask for?

No, because you have the right to refuse such mail. If these companies continue to send it to you after filling out that form, they are fined/someone goes to jail. (I wonder if there's something similar for my country -- probably there is -- then again, a lot of nice mail carriers are willing to separate bulk and real mail into separate "mailboxes" for you where I live).

>Not to mention a possible fine you could get for having litter you didnt leave in front of your house.

??? Unlikely. I know if I were to go to a parking lot and plaster the cars with flyers, unless the police were blind, they'd read one and charge me at least a $100 littering fine. They wouldn't check the license plates up and send the owners the fine.

>Want to give me cost ratios go ahead and I'll do a breakdown in sanitation costs if you think mail and menus cost nothing.

How about I do it for you? I pay $4 common area per square foot at my local business, of that about $1/sq ft. goes to sanitation. Now, since I would say that mail is approximately 1% of my daily "junk" (1 pizza box holds hundreds of letters) and I would say 25% of my mail is bulk, that means 0.25% of that $1/sq ft. goes towards me throwing away my mail.

My business is 900 sq ft. That means I pay $2.25 per month in "sanitation" due to this mail. Yay. Considering this is sunk cost, and wouldn't change at all if I didn't receive the mail, customers do *NOT* pay for junk mail.

Unlike spam, junk mail is easy to deal with. If it's colourful, not in an envelope, or has "bulk" written on it, it goes into the trash unopened. If all spams had "ADV:" in the subject, I'd be a happy man. As it stands, larger companies almost need one admin just to deal with something that should be simple -- they need an admin to deal with the mail server. That sucks, and that costs a lot more than a few bucks a month.

>So ask yourself, if you were in a business and were told how to run it which was against the way you were running it

It's already happened. I couldn't move into my choice location because it was designated for mini-marts only. Yes, the city expected a total of 8 mini-marts to move into one plaza, with 10 units (2 were zoned for either a dentist or mini-mart -- beats the hell out of me why). My real-estate agent was amazed as well.

>wouldn't you leave

I already did, considering I couldn't set up stakes there to start with.

>what if someone was threatening you because it does happen wouldn't you quit while you were ahead too?

No. Heck, while I was working as a screwdriver lackey at another shop I had customers threatening to sue! I didn't care, not my problem.

Then again, now that I'm running my own screwdriver shop, it isn't been a problem.

Re:back to the basics

[shepd]

Instead, open the mail. Find the "return to business" envelope.

Shred their ad and stuff it in the envelope. That will get delivered, and does cost them.

Re:back to the basics

[wcdw]

Excuse me for screwing up your poll, sir, but H*LL YES I object when the menu boy sticks yet another thumbtack in my mailbox with a menu hanging there that I'm just going to throw away.

Same goes for the rest of the grunge I receive this way, or brazenly stuffed into the mailbox itself. I don't do business with SPAMMERS, regardless of their nature. If I need a product or service, I'll go look for it. Make it easy to find yours, and that might be the one I buy. SPAM me about it, and even if I'm in the process of buying that exact item AND you appear to have the best deal, I'm still not buying from you.

I won't give my address nor phone number at places like Autozone and Circuit City, either. Call me weird.

Re:back to the basics

I actually have a hot tub full of semen and young women, and even I'd be offended at that.

I asked about gargling and they're shaking their heads at me - gotta go.

Re:back to the basics

[BrainInAJar]

Better idea, tape the business reply envelope to a brick. It'll cost them $50 or so to send you junk mail

Re:back to the basics

[BrainInAJar]

"regardless it's the same concept how much did it cost you to hit the d in mutt or.. how much would it cost you to filter this. "

Bandwidth a'int free. Try getting an ISP where you pay per MB (with every ISP or backbone, somebody pays per MB... *Your* ISP usually just absorbs the cost). You'll be singing a different tune

Re:back to the basics

[segment]

uh let's go over your concept. Sure bandwidth costs money but is your ISP charging you more to receive spam? I highly doubt this, and if they are, and you are paying more than you're the fool. Now coming from the level of working at an ISP, that's what access lists are for on routers and it would take less than 5 minutes to block address that send this as opposed to rambling on about it. Wanna throw in spoofing? Sure I'll even answer this. While spammers may spoof source addresses, I've yet to see any spoof IP addressing, and for those who can spoof IP addresses, those too can be blocked, and you as an ISP admin should take the necessary precautions to ensure no one is spoofing outside of your network, since it proves administrative incompetence.

Re:back to the basics

[andrewski]

All I want to do is increase the cost for the USPS. Those fuckers let businesses bulk mail you and pay just under a tenth of a cent per letter. I sit here and get raped paying fucking 39 cents per stamp.

Re:back to the basics

And they don't ring the doorbell to tell me I've got a flyer, distracting me from work. I get to ignore it just once a day when I happen to pass the front door. email spam tries to alert me every time it arrives, its closer to being harassed by a telemarketter

Re:back to the basics

[anubi]

"Make it easy to find yours, and that might be the one I buy."

Yup.. just about everything I actually have *bought* via the internet was aided by lookups on Google. Even my ISP - was derived from a link I originally found via Google.

No, I have no connection to Google. Its just I am very impressed with their no-nonsense no-trickery methods of promoting paid links.

If I were trying to expose something to the online community at large, I would definitely be talking to Google about one of those ads along the right hand side of the search results page.

Re:back to the basics

[aXis100]

uh let's go over your concept. Sure bandwidth costs money but is your ISP charging you more to receive spam? I highly doubt this, and if they are, and you are paying more than you're the fool.

You dont understand economics, do you? The ISP pays for bandwidth, pays for server to filter the mail, and pays for people to adminsitrate those servers.

At the end of the day, the costs are transferred to the end users. Sure, there's competition, but businesses are there to make money. If all ISP's all spending a fortune on spam, everybody losses.

Re:back to the basics

[mumblestheclown]

Or I might protest if I had a sign on the mailbox marked "ABSOLUTELY NO JUNK MAIL" and the mailman or flyer guy went ahead and ignored it.

The mailmain WILL ignore it. it is a violation of federal law for him not to ignore such a message. Try it - ask your mailman to not bother dropping off the latest "or current resident" mail.

Re:back to the basics

[El]

People should also understand that spam like anything else is a business People should understand that gambling, prostutution, and drugs, like anything else is a business. Sometimes businesses that have a huge negative impact on society are made illegal.

Re:back to the basics

[El]

Selling flowers to the public, for example, doesn't, usually , nurture hate, anger and whatever the spam fashion is brewing these days. Unless you do it the may the Hare-Krishnas used to, by running up to people in airports...

Re:back to the basics

[geekoid]

lets see, I got a flyer about flowers, a flyer about pizza, hhhmm no flyers about FSKIN, what ever that is. I guess I can put these in then....

by they, it is spelled, fucks. Apparently you are ignorant and/or stupid, perhaps you should do something violent to yourself?

Re:back to the basics

[Night+Goat]

Just use the word FUCK, OK? We all know what you're getting at, you don't need to bother voluntarily censoring yourself.

Re:back to the basics

[Shadowlore]

Or I might protest if sending junk mail was actually illegal, as spam is.

Not everywhere it isn/t, nor will it be. And in many of these places, what qualifies as spam is so narrow as to not qualify much of it.

The list just goes on and on. The differences between spam and junk mail are obvious and have already been discussed extensively in this forum.

Maybe, but the similarities are being deliberately avoided, much to the detriment of those being spammed. The similarities are where the progress in combatting it will be had, not ignoring them.

NOT a dupe

[sbszine]

Attention Slashdotters! This is a follow-up story, not a dupe. It even links to the older story. This new article is not about the Kiwi quitting spamming. Rather, it's about the noticeable drop in spam since he quit, and speculates that his story might have scared other spammers.

Of course, just after he quit Blaster and SoBig hit the net, so it's more likely that the drop in spam is linked to them, e.g.

• People are more cautious about opening random mail because SoBig is on the lose
• Inboxes are stuff full of viruses and anti-virus autoresponder messages, so that there's no room left for spam
• Spammer's machine keeps mysteriously rebooting (my favourite)

Re:NOT a dupe

[MS]

• People are more cautious about opening random mail because SoBig is on the lose

This wouldn't change the amount of spam in my inbox...

• Inboxes are stuff full of viruses and anti-virus autoresponder messages, so that there's no room left for spam

This too wouldn't change the amount of spam in my inbox...

• Spammer's machine keeps mysteriously rebooting

Very close! Supposedly there are only a handful of real spammers on our globe, and shutting down any single of them should have a notable positive impact.

BTW: most spammers reside in the US - the spammer from NZ is an exception. But due to over-broad interpretation of the first amendment or commercial interests, it seems, US-lawyers don't want to shut down spammers.

My 2c

Re:NOT a dupe

[sbszine]

>People are more cautious about opening random mail because SoBig is on the lose

This wouldn't change the amount of spam in my inbox...

If people aren't opening spam, then the 'click-through' rate (for want of a better word) drops sharply. I'm not sure, but I think people who send out a million spams get maybe 1000 sales within 48 hours, and if that number dropped too sharply they might hold off until the virus blew over. Hence less spam in your inbox.

>Inboxes are stuff full of viruses and anti-virus autoresponder messages, so that there's no room left for spam

This too wouldn't change the amount of spam in my inbox...

It's affecting who use webmail, e.g. admin workers in my organisation. So maybe not your personal inbox, no, but plenty of webmail inboxes, yes. And the people who use Hotmail may be among the best customers of spam.

(I know, I probably should have been a bit more detailed in my original post.)

NEEDING YOUR IMMEDIATE ATTN PLEASE

[bgeer]

DEAR SIR/MADAM,
MY NAME IS MOHAMMED YASSIN NGABE CURRENTLY PROVIDING INTERNET SERVICE TO SEVERAL WELL KNOWN SPAMMERS. I KNOW THIS LETTER MIGHT SURPRISE YOU BECAUSE WE HAVE HAD NO PREVIOUS COMMUNICATIONS OR BUSINESS DEALINGS BEFORE NOW.

DUE TO A RECENT UNFORTUNATE INCIDENT INVOLVING A GARDEN WEASEL AND MY LARGE BOWEL, I CAN NO LONGER PROVIDE ACCESS TO THESE UPSTANDING ENTREPENEURS. AS A RESULT I MUST REGRETFULLY DISPOSE MYSELF OF THE SPAMHOSTING BUSINESS AND GIVE THE ADDRESSES AND NAMES OF SEVENTY-TWO (72) SERIAL SPAMMERS TO A WORTHY REPLACEMENT HOST.

DUE TO THE SENSITIVE NATURE OF THESE ADDRESSES, AND THE SENSITIVE NATURE OF THE GROSSLY ENLARGED PENISES OF THE SPAMMERS THEMSELVES, I MUST EXCERCISE THE UTMOST DISCRETION IN GIVING AWAY THESE ADDRESSES.

TO ESTABLISH YOUR GOOD FAITH IN THIS TRANSACTION, YOU MUST FIRST SEND ME YOUR NAME, EMAIL ADDRESS(ES), SHAMPOO BRAND PREFERENCE, AND PENIS SIZE.

KINDLY TREAT THIS REQUEST AS VERY IMPORTANT AND STRICTLY CONFIDENTIAL. I HONESTLY ASSURE YOU THAT THIS TRANSACTION IS 100% LEGAL AND RISK-FREE.

MOHAMMED YASSIN NGABE, ESQ.
LAGOS, NIGERIA

Re:NEEDING YOUR IMMEDIATE ATTN PLEASE

[shfted!]

How the heck did you get past the all caps filter?

Re:NEEDING YOUR IMMEDIATE ATTN PLEASE

Yeah, no shit... tell all the AC's how to get past the caps filter, please.

Re:NEEDING YOUR IMMEDIATE ATTN PLEASE

[Black+Perl]

HERE IS
AN EXAMPLE

Re:NEEDING YOUR IMMEDIATE ATTN PLEASE

Bill Gates, billgates@windowz.com, Shampoo--no I use shredded dollar bills with water. Size-same as percent of Netscape market share.

What we can look forward to now...

[saskboy]

I have a prediction for the future.

Given the last week of automated spam from the most popular viruses out there, I'd say we can expect computers to outspam the best spammers. Spammers will write many viruses that send ads to enlarge our penises, and stop popup ads, and then they don't even have to take responsibility.

The smart thing for them to do, since they will be outlaws anyway, is to have OTHER PEOPLE send spam for them.
Enough people are sending "empty" virus messages right now. Just think of the marketing potential if those virus messages contained a payload to send the spammer's material!

Scary.

Re:What we can look forward to now...

[MikeFM]

Since it seems users lack enough brain power to patch their systems maybe we could give the systems themselves enough brain power to patch their users. We can create a neural network that analyzes all data on the host machine and communicates with other neural nets on other infected machines. Making it such that the entire network acts as a neural net taught by watching users we can quickly develop the most intelligent being ever and prove it's intelligence by letting it download porn and play Minesweeper.

Umm.. no maybe that wouldn't help. Could we train a neural net to act exactly opposite as human users? That might help.

Re:Great Idea.... 'Nother Application

[jimbobborg]

Someone who reads and posts to /. is married?

Moron Church

[svvampy]

"Hello we're from the Moron church, and we'd like to talk to you about God"

"erm...I'm, ah, not here?"

"Okely dokely, we'll try again later"

"Bloody Morons"

You are missing one small thing...

[Eric_Cartman_South_P]

SCALE! When you say, "Does anyone protest when the menu guys flood your doorstep? No..." you should not think about one or two menu's that might appear at a dorm/appartment/house. Instead, think of having 100's of menus left at your doorstep every day. A dozen menus every hour, always appearing at your door. If that happened, you'd buy a gun and wait for the bastard.

Re:You are missing one small thing...

[major.morgan]

All of my coworkers are confused when I refer to the guy putting flyers on our cars as a 'spammer' - they seem to missing it too when I go out and tell the guy to get the hell out of the parking lot and definately not to touch my car.

Re:You are missing one small thing...

[jasonditz]

Actually, I'd probably throw the menus away.
Its a bold step, I know, but sometimes you have to take drastic action.

Re:You are missing one small thing...

SCALE! When you say, "Does anyone protest when the menu guys flood your doorstep? No..." you should not think about one or two menu's that might appear at a dorm/appartment/house. Instead, think of having 100's of menus left at your doorstep every day.

Yeah, and not left by 100's of different people, and not for restaurants either. Instead, it's like six guys doing it on behalf of every massage parlor, sex-toy shop, and adult bookstore in the city. Every 15 minutes, day and night, one of these same six guys shows up and drops off another 10 flyers. And if you have an unlocked mailbox, they stuff the flyers in there right alongside all your other mail.

(Sheesh original poster, do you even understand analogies? You'd better get some practice in if you want to get into a good school :-)

Re:You are missing one small thing...

[geekoid]

actually, I'd see that legislation got drafted that allowed me to make my Post Office take me off the bulk mail list.
That type of legislation wont work for a number of reasons. fortunatly there are reasonable technically possible means for the user to severly reduce, if not eleminate, SPAM.
An automated chalenge response system that challenges unconfirmed email address is a pretty damn good start.
Going after spammer who forge your email address for Identy theft could be a way to use the legal system.

Re:You are missing one small thing...

[fishbowl]

>always appearing at your door

How about "tied to a brick and hurled through your window?" That gets more to the point of whether or not harm is done by spam.

At least with the menu, I'd have grounds for a court claim against the restaurant for the damage done and my expenses. With spam, I'm without such recourse.

Re:You are missing one small thing...

I'm very pissed of when they do that. They often do it during Chirstmas vacation. That allows a thief to drive through that neighborhood and see who is how. There's also some scum who look for unmown lawns and offer lawn services by flyer. They flyer is visible from the street. It's hard to know what percentage of those people are really just casing the place.

Re:You are missing one small thing...

[Shadowlore]

The failure of your analogy is that "door hanging" costs a *lot* more than spam does. It also makes the incorrect assumption that one person does all those menu deliveries to your house. You would have hundreds of people walking up and leaving a menu each day. You going to shoot all of them? Even the college kid who rather than live off grants or his parents is putting himself through college by working for the local pizza place? How cruel can you be? ;)

Individually, they are irrelevent. Only when combined do you begin to proclaim a problem. If it *were* one person doing it all, you'd merely wait for him to go out of business. It wouldn't even take a week, I'd wager.

And, no I'm not so knee-jerk testosterone laden that I'd simply go shooting people for doing their advertising. If I had a "No soliciting" or similar sign on my door, and that were to happen I would place a call to the business owner making many complaints --one call/compaint per doorstep advertisment. if that was not an option or failed to obtain results, I'd contact the better business bureau and complain there.

Further, your analogy fails in that there are simple and mostly effective ways of stopping spam --without shooting the messenger. There are, however, much more complicated and involved ways needed to stop door hangers.

Forutnately, with that much volume, the effectiveness of doorstep advertising decreases, and thus the costs go up. This leads to a drop in the number of businesses doing doorstep advertising, thus a reduction. This is why there is *not* hundreds of doorstep adverts on your door each day. Costs. And no, the costs are not out of legal punishments either. So too will it be with spam, as long as we keep Ashcroft and other fascists out of it.

And actually, during the summer I get sometimes a dozen or so a day, not just menus but siding and window contractor, and the kid down the street trying to make a buck for himself by offering to mow my yard. Would you shoot him too? Then, there is election season ...

Re:Virii is not the word to use

[black+mariah]

Ummm.... so? It's like the word BOXEN. And Beowulf cluster jokes... and Soviet Russia jokes...

Well ...

[Hal+The+Computer]

GRAMMER NAZI #1: What shall we do?

GRAMMER NAZI #2: We could use a spelling checker.

GRAMMER NAZI #1: Or we could arrest the spelling police.

GRAMMER NAZI #2 raises a sub-machine gun and points it at the SPELLING POLICE.

GRAMMER NAZI #2: You are vunder arrest!

Re:Well ...

SPELLING POLICE #1: Okay, I will go peaceably, but only you change vunder to under first.

Thankyou.

Re:Well ...

It's "spell checker".

"Spelling checker" sounds like Engrish.

Re:Well ...

Is that spell checker for Microsoft Witch XP?

Re:Well ...

And grammer to grammar, thank you.

Are we sure? - NO!

My personal account has begun receiving 5-6 SPAM mails per day in the last 2 weeks. Before, I received nothing, ever. I've had the account 2 years. Our business account, i.e. our own domain, has had the e-mail service blocked by our ISP (knology.net) for 6 days!!!!!! They claim it is in response to the worms/viruses spreading throught their systems right now-they have blocked traffic intentionally and will not unblock until they think it is safe. They also hinted that they were mildly infected! Yeah, our SPAM is down to ZERO at work, but not for any good reasons!

Re:Are we sure? - NO!

[Slack3r78]

Doesn't surprise me Knology would pull something like that. They are without a doubt the single worst ISP I've ever had to deal with. They often go out of their way to be a pain, and definitely do not fall into my list of "cool" ISPs. Even things as simple as replacing a computer are a pain with their service since they tie everything to the MAC address, and... ok I'll stop. Sorry for the rant, it's 3:00am, I just got home, and mention of knology pissed me off. :)

Might be another reason

[mdinowitz]

During the last week, while SoBig was flying around, my spam level was exceptionally low. Now that SoBig is basically gone (for now) the spam level has increased almost back to its normal level. Remember the basic rule:
"correlation does not imply causation"
Just because spam levels went down when this guy said he was getting out of the game does not mean that his departure was the cause.

Re:Might be another reason

[robogun]

I notice the Sobig has kicked in in the last couple hours again (10pm PDT). Anyone else?

Re:Might be another reason

[robogun]

Looks like a variant -- subject lines are slightly different, too.

Re:Might be another reason

[Loonacy]

Correlation DOES imply causation, it just doesn't prove causation.

Re:Might be another reason

[rew]

Basically gone? I got 160 megs of virus this weekend. That's about the same as the first day of the epidemic. (but less than the second day).

Re:Might be another reason

hello, please take a logic course before you critize the terminology.

implication is the basis of proof.

"a and b implies c" means that if you want to prove c, then all you need to do is prove a and b.

Re:Again?

[NanoGator]

"An almost identical article appeared a couple weeks or so ago. "

Odd, someone's been driving my Delorean. That explains the copy of the New Zealand Herald sitting in backseat.

Hey, I do get fewer.

[dtfinch]

Last week: 179 spams
Previous week: 210 spams
Previous week: 277 spams

My spam dropped by 35%. Though I can't discount the possibility that it's just the increased virus traffic slowing the rate at which spammers can send their emails.

Don't be so simplistic

[dirtydamo]

anything which slows down spam can only be a good thing

s/spam/terrorism/

Still agree with this statement?

Re:Don't be so simplistic

What an excellent argument -- if you translate their statement with a regex, it says something completely different, with which they may no longer agree! This surely means that their original statement is invalid...somehow.

Re:Don't be so simplistic

Still agree with this statement?

s/agree/sing/

s/this/wingnut/

s/statement/banana/

Hah! Look who's laughing NOW!

Re:Don't be so simplistic

Alright, let me get this straight. Suppose you have a statement (like the one you quoted) that all/most people think is correct.
If you then replace any word in that statement with any other word of your choice thereby changing the statements meaning so that people think the new statement is incorrect, it somehows invalidates the first one?

What's the logic behind that? God I hate stupid teenage modders who can't think for shit mod up anything they find 'clever'.

You're a fucking moron.

Re:Don't be so simplistic

[Boiled+Frog]

So you're opposed to spam but not terrorism? Or vice versa?

YRO

[black+mariah]

Stories posted in the YRO section should have an option to moderate comments as "Paranoid".

Re:YRO

Yes, but should that be a positive or negative mod?

I have to go now -- I think there's a black helicopter hovering outside.

Re:YRO

[black+mariah]

Wow, good question. Okay, how about the option to mod -1 Paranoid or +1 Paranoid? ;)

Re:YRO

[IHateUniqueNicks]

There is. It's called "Insightful".

Maybe the worms have stiffled the sending of spam.

[hashish]

The bunch of worms have stopped and slowed lots of networks recently. Especially over the past 5-6 days. I would wait a bit before claiming a small victory.

An idea...

[John+Seminal]

I was thinking, the problem with spam is two fold. One, the person sending it to you is anonymous. If the spammer believed everyone would know his identity, that would be a deterrent. Second, the spammer has no large costs. This makes for a marketplace where a few individuals will make money at the expense of everyone else.

I have said this before, we have a problem of ethics. Nobody wants to be responsible for what they do. A spammer is more concerned about making money than the inconvenience he causes to millions of people.

My solution is we will have to remove aninimity from the web. Everyone will have to become accountable for what they do.

Re:An idea...

[Little+Brother]

Um, what about the people who use the internet anonymously as a form of political expression because they're afraid of retribution if it is known what they're saying? What about the people who want to express things about themselves that, while perfectly legal and healthy, are not in tune with their community's standards and if they were discussing openly could lead to loss of job or even a lynch mob? I think your cure is worse than the disease, although I agree it would cure it.

Re:An idea...

[Silent_E]

I can see your point in theory, but like in real life, there are various ways around our identity-checking procedures. given that spamers are just the sort to use such devices, I wonder whether enforcing a lack of anonymity on the net would actually limit spammers? It would certainly limit some flaming, but the crooks will find ways around the system. So I wonder whether harsher penalties won't produce better results. We do, after all, know who the New Zealander butthead is. That wasn't the problem.

Re:An idea...

[John+Seminal]

Um, what about the people who use the internet anonymously as a form of political expression because they're afraid of retribution if it is known what they're saying? What about the people who want to express things about themselves that, while perfectly legal and healthy, are not in tune with their community's standards and if they were discussing openly could lead to loss of job or even a lynch mob? I think your cure is worse than the disease, although I agree it would cure it.

I think you are getting at community standards. I think there is nothing wrong with a community saying "We will not allow this". Political speech is always protected, because federal judges are not from the same state as where they hear cases. So if you are in Alabama and get prosecuted for saying something political which is not popular, the federal judge which will hear your case might be from New York or California.

Re:An idea...

[John+Seminal]

That is where the computer guru's would have to come together and have some protocol which would be difficult to hack. Even if it only says the IP provider has to know who you are, and will not release that identity without a court order? At least if everyone in the world knew that the spammer was from IP X, then they could demand X stop spamming. On the protocol side, it would perhaps make faking headers harder?

Can a computer whiz tell me if this is possible?

Re:An idea...

[Little+Brother]

My primary groups in consideration are homosexuals who live in less than open-minded communities, members of non-christian religions And people living under somewhat restrictive governments(i.e. China). In any of these cases being "outed" could lead to loss of job and could lead to the local rednecks getting a shotgun in the first two cases or dissapearing in the night for the third. No matter what the "community standards" are a community shouldn't have the right to dictate somebody's religion, political standing, or sexual orientation. There are some things that the community just needs to get over.

Re:An idea...

[John+Seminal]

I think that is why we have federal courts. Look at what is happening in Alabama. The federal courts are doing their job. Plus, this is not China.

Re:An idea...

[John+Seminal]

I wanted to add one other question. What is wrong with 99% of people in a city, county, or state saying "we do not want x"? To me it is like a senior citizens community saying "no noise at all past 9pm". Differnt communities have different standards.

Re:An idea...

My solution is we will have to remove aninimity from the web. Everyone will have to become accountable for what they do.

Are you out of your mind?!
Do you think I want to know the actual weight, facial features and, god forbid, actual gender of the person I was having online sex with?!

Re:An idea...

[holt]

What if you're not American? What if you're American but advocating something illegal in America, like smoking weed or fourth trimester abortion? Or something especially controversial, like child pornography?

There are good reasons that anonymous speech should be protected, and political speech is the main one. Some of the most important documents in American history, the Federalist Papers, were written anonymously in a different era. That same ability should be maintained in this new form of communication.

Re:An idea...

[BrainInAJar]

what if that 99% wanted 'No niggers in white-man's schools'? Would it be okay then?

Re:An idea...

You're about halfway there. Accountability is good, but you can do it while being reasonably anonymous. I'll use an example of posting to Slashdot, and you can extrapolate from it to SMTP.

Let's say I can go to the corner store and buy a card for $20. That card has a unique ID, and when coupled with my card reader, will generate responses to challenges. Assume the Slashdot servers are configured to generate challenges and will bounce the responses off the company's auth servers to get a pass/fail.

Every post requires a valid ID. If an ID is abusive, they can ban it. I must now go out and get another ID before I can do more bad stuff. I either go down to the store and drop another $20, or steal a friend's card, or break into someone's machine and compromise their card which is still in the reader, or whatever.

The point is that merely changing my network address will not work, and making up an ID will not work. I have to present a resource that is uniquely identifiable and isn't available in unlimited quantities.

As for being anonymous - I pay cash for the card.

How does this system fund itself? Easy. The card that I buy lasts for n authorizations, n months, or both. That funds part of it. The Slashdot team buys an account which can do authorizations by quantity n or for n months. That funds the rest.

Re:An idea...

[Glonoinha]

Do you really (really) want to put this one up to a democratic (secret ballot, like November 4th) vote? With binding results, 50.5% or greater (majority) wins?

Heck, I think in California with the way their Proposition thing works you could probably get it on the ballot.

Re:An idea...

[BrainInAJar]

What? gods... no... I was making a point that you obviously missed. That is that "community standards" can go to hell, because sometimes "community standards" include things like my example (rampant bigotry)

Re:An idea...

[Little+Brother]

Well without x it would be hard to spell exit. Thus whenever there is a fire, everybody will be unable to find the doors they came in through since they can't be marked "exit"

Serriously though, it depends on what it is that the community doesn't want and it depends on if the "offending" person had long time residence in the area. It also depends on what punitive actions are approved for someone doing x. If it is simply a statement of position, threre is never a problem, but if it is backed up it could have a problem. No noise after 9pm is rarly a problem but depriving someone of life, liberty, the ability to work where they wish (if a postion is open) due to elements of their lifestyle that are not detremental to any other person isn't what this Republic was founded for. That my friend is what we call tyrrany.

Yep

Same sex marriages are legal in many states now. From what I have heard, the marriage rate has skyrocketed on Slashdot.

Re:What about ME!!!

I would support a vigilante flash mob movement. Instead of spontaneously gathering and performing acts of stupidity, the mob could actually drag a spammer from his home in the middle of the night and exact punishment. Killing the birds of performance art and spamming with one stone, as it were.

If there were a spammer registry, by state, you could look up the spammer closes to your home to exact the punishemnt of your choosing. Think of it as evolution in action.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Virii is not the word to use

[hdparm]

Can we use 'virulenzas'?

Be interesting to get geographic map of effects

[Quizo69]

I monitor my father's email as well as my own, since he was a bit naive when he started out on the internet and got his email address in a bunch of spam lists.

Since the NZ guy got shut down, he's had about 1 spam a day (in Australia, close to NZ). I've been using Mailwasher to bounce all his spam, figuring eventually his email would show up in the spam lists as being dead, and hopefully being removed (other than those lists that don't care who they spam).

So it would be interesting to see if we can get a sense of the list this guy used, based on geographic proximity to NZ. I figured that maybe he was getting his names from closer to home, but I could be wrong.

The spam had so many different email addresses as the reply to field that I wouldn't have thought it all came from one guy!

Quizo69

Re:Be interesting to get geographic map of effects

[bedessen]

I've been using Mailwasher to bounce all his spam, figuring eventually his email would show up in the spam lists as being dead

Please stop. Bouncing spam after the delivery phase is not only naive and stupid, but it makes the life of innocent third parties harder. The From: line is nearly 100% guaranteed to have absolutely nothing to do with the persons responsible for the spam. In most cases it's a random third party, this is called a "joe job." When it happens to you, you receive thousands and thousands of these idiotic bounces (in addition to thousands of angry replies and "please remove" messages) from clueless mail software and cluless users. All you are doing is adding to the problem by "bouncing" spam. You are not bouncing it, you are just forwarding it to someone else's inbox. The only legitimate bounce that you can do with spam is during the mail delivery phase, before the connection has closed. As soon as the message has been delivered, that's it: either delete it or possibly submit it to a spam corpus, but for heaven's sake don't try sending it back to either the envelope-sender or the From: line, as both of these are spoofed and invalid.

"Bouncing" just adds to the spam problem. Stop.

Re:Be interesting to get geographic map of effects

[Glonoinha]

Get him a new email address, this time make it longer than 10 characters. Something like firstname_lastname_nz@yourhost.com (where nz are just two random letters.) I have a hotmail account like this, recently created, that has received exactly zero spams (then again I was very careful about who I give it out to and I didn't use it to sign up for stuff.)

Spammer shut down.

If I were in my mud game right now I would:

moonwalk
spin
grab crotch
scream WHOOOOO!

Re:Spammer shut down.

If? I don't think you've ever left.

Re:What about ME!!!

[zeigerpuppy]

Yeah I agree, in fact, I regard the constant complaints about Spam as a type of spam itself! Really people, get a decent email server that doesn't sell your address to the highest bidder, don't give your email address to anyone you can't track down to a telephone number and just stop using Outlook.

artprice.com spam

[Suppafly]

I wish someone would shutdown the spammer that helps in sending the artprice.com, artists-server.com,art-online, etc. spam.. A whole lot of the spam I get lately is from them, I'm not really sure why they think I'd be into buying art from them, but they sure are relentless.

he thought his children where in danger?!?!?

Come on? You think this is a good thing? How in gods name can someone say that having less spam is worth making some guy worry about the safty of his own children? I wouldn't have any problem with the saps phone ringing non stop...or having his I-net connections DOS attacked...or of course having his e-mail address spammed...and maybe even test the security out on any websites he hosts so to speak...but spam is no excuse to threaton someone's child.

Re:he thought his children where in danger?!?!?

How in gods name can someone say that having less spam is worth making some guy worry about the safty of his own children?

You're joking, right? This guy spammed penis pills. Relentlessly. He as much as outright admitted to blasting his junk to any email address he could find, not just "opt-in" lists.

In other words, he was pushing penis pills (and various other bullshit) to any email address he could find, including kids. Probably my kids, too.

And I'm supposed to give a shit about HIS kids?

Boo fucking hoo.

Re:he thought his children where in danger?!?!?

[aXis100]

Not just that, but there was no threat specifically to his kids.

Quote: ....He had received more than 20 phone calls, five of them obscene. ..."I have already banned my 5-year-old from answering the phone," he said.

Whilst it is unfortunate that his children were exposed to abuse, it is nothing compared to the millions of penis emails delivered to other kids inboxes. Why were his kids answering the phone anyway?

No sympathy here.

Re:he thought his children where in danger?!?!?

If you RTOFA ("O"riginal), you'll see that no one threated his children. This spammer is using the same slimeball tactics that he did on emails.

First, he tries to claim that the spam he sends you is your fault ("you are receiving this email because you opted in to one of our websites..."), which is total bs.
Now he is trying to claim that people mad at him for his spamming might turn on his children, also total bs.

He is twisting the reality of the situation to try to make himself look good and you look bad. He is obviously never going to actually change his ways.

Re:he thought his children where in danger?!?!?

[Improv]

Well, to view it another way,
how dare he endanger his family by doing such
rotten things? Having a family is not a magic
get-out-of-trouble card.

Re:he thought his children where in danger?!?!?

[jafiwam]

Hmm. If he is too stupid to make the connection [his behavior] = [his children at risk] then he deserves anything he gets. He probably also lets them suck on lead paint chips, does not use safety seats in his car and lets them drink vodka outside the neighborhood porn shop.

"THINK OF THE CHILDREN!!!! "

Fuck that, some of them grow up to assholes and criminals. His most certainly will.

Re:he thought his children where in danger?!?!?

Okay, I'll bite. "Endanger his family"????? That is the same logic that leads people to firebomb a group of kids going to a school in N. Ireland and say it's the parents fault for choosing to send their kids to that school. As if firebombing kids is ever justified....

Ugly but true....

[TygerFish]

The original poster wrote that once the spammer who became known shut down his operation, saw a 98% reduction makes an interesing point: if we knew who was sending the spam and who was profiting, we the community could send him enough hate-mail and other forms of revenge for the richer ones to be more content with the money they've already made while the poorer ones might take up more noble pursuits.

It's a pity that there is, as yet, no elegant, widely-known mechanism for finding the people who are the source of spam. God, one of *them* unable to use email without having to learn to use complex filters to get his messages.

I would *pay* to see that.

Spammer agreed to Interview.

[cowlum1]

I read the original article and all the followups. The important part here is the spammer in question agreed to being interviewed...

Re:Spammer agreed to Interview.

A +4 for just having RTFA? What the fuck?

4 letters

[dbc001]

R I A A

spammers should all die, the sooner the better.

[fanatic]

Hate to say it, but in this case, vigilante type action seems to have had the desired result.

Hey, whatever works, short of killing their children.

Re:Leave the spammers alone

[Little+Brother]

Ok, I'm going to "express" myself by playing trumpet (no I don't know how the to play according to the official way, I make my own way which I still think sounds good). Oh, and did I mention I was going to express myself outside your bedroom window. Oh, and if you move, I'm moving too and am going to continue "expressing" my self. Still think anything is ok, regaurdless of the effect it has on other people's productivity and happyness, so long is it can be considered, however loosly, expressing one'self?

You, sir...

[leonbrooks]

...are an insensitive clod! (-:

Re:Leave the spammers alone

[nytmare]

Please learn the difference between "expression" and communication.

Nope, Spam is back again

[HermanAB]

Spam dropped off between the 8th and 23rd, but came back in full force as from the 24th.

I think it was simply due to the spate of viruses causing people to clean up their systems or shut down their servers - not due to this bloke.

anything - really?

This needs to be publicised, as anything which slows down spam can only be a good thing.

So you're saying it'd be OK to murder the spammer too?

Re:anything - really?

Sure - why not?

Re:anything - really?

[zulux]

So you're saying it'd be OK to murder the spammer too?

Let say this spammer sends out a 6 million messages a day, causeing a million people to spend ten seconds deleting the message. That's 416 hours of lost time per day - do that for a year, and it's as if 10 people lost all the time in their natural born lives.

It's it right that he can do this? Ten lives were lost, just spread out over many people.

Re:anything - really?

rofl the needs of the many lol

Re:anything - really?

Who spends ten seconds deleting a single spam? I don't get that much, maybe five or six a day, and it does NOT take me a full minute to delete them. Five seconds, maybe.

Re:anything - really?

[geekoid]

or perhaps the people would integrate a challenge response system, then get on with there lives?

No lives where lostm the equivelent time spread over a million user was lost, but know spent there entire life deleting spam. sheesh.

I bet if you wanted a baby in 3 months, you would get three women pregnant.

Re:anything - really?

It's funny that people are so persauded by your stupid argument.

All kinds of things waste time (advertisements). All Your Base is not a mass murderer.

Re:anything - really?

All Your Base is not a mass murderer

Yes it is!

He'll be back - guaranteed.

[tinrobot]

Sure he shut down his operation, but he was probably making a TON of money through spamming. My guess is that he will lie low for a while, change his name/address/whatever, then fire up the spam servers once again... and if not him, someone else will step into the vacuum.

One guarantee... If there's a profit to be made, people will do anything for a buck..

Re:He'll be back - guaranteed.

[mabu]

I firmly believe that it's a fallacy that spammers really make that much money. There may be a few, but by and large, most don't. One look at the stupid crap that fills peoples' in boxes should be testament to that. Yes, they may get a few bucks here and there from some dingy affilliate thing but I wouldn't trust the affilliate companies to not rip off the freelancers promoting them in the first place so even that revenue source is questionable.

One thing we can do is dispell the myth that spammers are actually making money spamming. THEY ARE NOT. At best, their main revenue source is derived from fooling stupid people into paying them thinking that their mass marketing techniques will pay (and that's basic salesmanship that could be better served in other fields of business).

Of course, any interviewed spammer is going to brag that he's making money. Enron did the same thing right up until they imploded. It's a basic tenet of business that you lie about how successful you are, and whenever someone starts mouthing off about how rich they are, that's a sure sign they're trying to BS you. Real successful people don't run around bragging about how much money they have.

Spammers do not make money. They may see some cash flow now and then when they find an idiot who thinks their services will actually work, but ultimately they fail and go broke.

I concur

[meowsqueak]

I'm in NZ, with a NZ isp email address, and I was getting a lot of annoying emails. I was wondering why in the last few days I've hardly got any at all. Makes sense.

Also I haven't received SoBig.F in over 2 days either... odd...

Er... "marshal" law?

[leonbrooks]

You activate the portable music machines if people don't obey you? (-:

Or...

Is Spamming a Spammer Vigilantism?

[__aajelt3877]

Once I'm sure where a spam came from, or better yet, who benefits from it, if I sign them up for some dead-tree mail or some spam mailing lists, does that make me a vigilante?

It's not illegal to sign someone up for a mailing list in most countries. It might be harrassment if I do it a bunch.

But if we each sign every spammer up for one paper thing and enter their website contact email for one mailing list, they'll be DOS'ed and each contributor would not be harrassing.
And since we have not communicated, we would not be conspiring, either.

So this is justice and it's it's legal.

Re:Is Spamming a Spammer Vigilantism?

[shaldannon]

See...I never thought about sending a spammer paper spam, but I think you could do one better than that. Call the Jehovah's Witnesses and tell them the guy is interested in talking to them :}

Re:Is Spamming a Spammer Vigilantism?

[Shadowlore]

Better yet, tell the Scientologists! Those people send LOTS of postal spam ALL the time!

Re:Leave the spammers alone

[andrewski]

Spam isn't expression. It costs the recipient money. I have no problem with this guy shouting about penis enlargement, showing large penis-enlargement signs, or doing anything.

Besides, your freedom of expression ends where my property starts. Come to my house and start trying to tell me about my penis, and i'll give you about 10 seconds to get the fudge off my property, and after that you'd better hope i'm a bad shot.

Sounds like somebody's a spammer.

Beavis

Heh, heh...uh... heh... Fire! FIRE! FIIIIRRRRRREEE!

Re:Beavis

Uh, shut up bunghole... Or I'll kick your ass, or something... Uh.. yeah.

It's the law!

[leonbrooks]

RTFF (Read The ...er... Fine Faq)

Re:It's the law!

Go to hell, FAQ-Nazi!

Hardly vigilantism...

Hate to say it, but in this case, vigilante type action seems to have had the desired result.

This is hardly vigilantism - people called to complain (aside from a few kooks who made death threats) about his actions and how it affected them. The spammer realized the error of his ways.

Now, getting a dozen geeks with baseball bats together and beating a few spammers, while fun, would be vigilantism.

Re:What about ME!!!

[Little+Brother]

I regaurd the constant complaints about rape to be a mental rape in itself! Really ladies, live in a decent neighborhood that doesn't have hoodlems on every corner, don't let anyone know where you live unless they show you two forms of ID and just stop walking alone at night.

Ok, so its not a perfect anology, but both are still blaming the victum. Some of the advice in both is still good to avoid the negitive outcome (rape/spam) but both shouln't be neccicary. Oh, and so some AC can't complain: I'm not saying rape is in any way comparable to spam, I recognize that rape is much more serrious and it is not my intent to equate the two.

Not mentioned in article

[bxbaser]

Of the record quote.
"I shut the damn servers down cause in a couple of days im getting like 35 million bucks from some guy in nigeria.Im gonna be a rich SOB."

The question is...

[MoeMoe]

What I wanna know is this:

What do we do with the spoofed junk we get where only the IP may be useful??...

Backdoor trojan execution through OS exploit? Report the IP to its domain admin? Or do we just do an IP-Lookup, find his house, and use something I like to call "Mr. Thingy" on him?

You bastards

[simon_aus]

Now how do I get a bigger penis?

Watch the hyperbole

[brooks_talley]

This needs to be publicised, as anything which slows down spam can only be a good thing.

Things which would slow down spam, but which most of us would not consider to be "good things.":

• Massive DoS attacks against root name servers or other infrastructure that significantly impair the operation of the Internet
• "Upstream readers": a new policy where you are charged $1.50 per email sent. Funds go to a government organization which all mail must be routed through. Bureaucrats read your outgoing mail and decide if it's worthy of being on the Internet.
• More to the point: vigilante gangs start killing people who are rumored to be spammers. Thousands of innocents die, but possibly a few genuine spammers as well.

Come on, people. Aren't techies, of all people, smart enough to see that "the ends justify the means" is *not* a valid rationale?

Cheers
-b

Re:Watch the hyperbole

[srn_test]

Surely the ends are the only thing that _can_ justfiy the means?

In the case of your examples, the ends would be:

a) No working Internet.
b) No useful email.
c) Lots of innocent deaths.

I'll grant you, these ends don't justify the means, but if the sort of means that were used on this spammer were used more widely, they'd be fine by me...

Re:Watch the hyperbole

[Electric+Eye]

So, why isn't this done? Certainly, plenty of people on /. are capable of launching such an attack. *shrug*

Re:Watch the hyperbole

[brooks_talley]

Ah, a sophist!

I agree that the means in the case cited in the article are fine and even ethical. However, my comment was in response to the quote-that-I-quoted from the submitter, which seemed to be a blanket endorsement of *anything* as long as it "slows down spam."

Spam is nasty, spammers should be fined, jailed, or pressured. But, as I said, there are plenty of things that would slow down spam that I at least would not consider to be good things.

Also, plese note that the phrase "ends justify the means" is commonly understood to be shorthand for the philosophy that, if the goals are lofty enough, there are no ethical or moral limits on the means used to achieve those goals -- in short, exactly what the submitter seemed to be saying. Though you're quite right that a literal interpretation of the words by someone not familiar with english could lead to confusion, as "means" in general are indeed used to achieve "ends." Though even then, a non-english speaker might pick up on the implication that the means *need* to be justified, and are therefore suspect in and of themselves.

Cheers
-b

Re:Watch the hyperbole

[srn_test]

Ah, so it's philosopher jargon. I had wondered.

At least when CS people invent jargon we use new words :)

Oh, and by sophist, I'm hoping you meant "A scholar or thinker." rather than "One skilled in elaborate and devious argumentation.".

One down.. about 180 to go..

[zcat_NZ]

We've outed and shut down one minor spammer.

The Register of Known Spam Operations lists nearly two hundred more hard-core spammers, along with everything the anti-spam people have been able to find out about them. Check the list, see if any are in your area, and take whatever action you feel is 'appropriate'.

Re:One down.. about 180 to go..

[Halvard]

take whatever action you feel is 'appropriate'

Spam is a curse but how is this different that the social conservatives that do the same thing to doctors and employees of woman's clinics?

Re:One down.. about 180 to go..

[theLOUDroom]

Spam is a curse but how is this different that the social conservatives that do the same thing to doctors and employees of woman's clinics?

Spam directly affects us. They are making first contact, by doing so (& refusing to stop) throwing down the gauntlet.


Those doctors are just doing their jobs, which have nothing to do with the conservatives. The anti-abortion lunatics are not actually affected by abortions, they just don't like the idea of them. Huge difference.


It's the difference between going after someone who is leaving dog poo on your doorstep vs. someone who is reading a book you don't like in the privacy of their own home.

Re:One down.. about 180 to go..

how is this different that the social conservatives that do the same thing to doctors and employees of woman's clinics?

The doctors aren't going around giving abortions to women who don't want them?

It's a coincidence, IMO

[heironymouscoward]

It would be nice to believe that one NZ spammer was responsible for 95% of all spam, but somehow... I don't think so.

Vigilantism, legislation, and spam filters are simply selection agents that will help to breed a tougher new spammer.

The drop in spam comes because spammers are trying something else and I reckon the writers of SoBig were paid by spammers, looking for a new way to send emails. If you thought the last week was relaxed, just wait. You ain't seen nothing yet.

Godwin's Law

[Koushiro]

Godwin's Law is a 'natural law of Usenet', stating:

"As a Usenet discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches one."

There's also more information about it here.

Hello, McFly

"South Canadian" is a Canuck's semi-humourous way of referring to "North American." Those stupid Frenchies can't make good jokes, but even I picked up on it, unlike you, sir. YOU FAILED IT.

The unsubscribe links

[Flingles]

Do the unsubscribe buttons on spams actually take you off mailing lists? First time I saw one (back in the day) I immediately thought they would spam you more, and therefore have never clicked one...

Coincidentally, elephants like peanuts.

How about

killing 500 of the spammer's relatives, including his family?

It's what Londo Mollari would do. :)

Re:How about

Londo Mollari doesn't exist.

n'th that

[node159]

n'th that.

Spam account went from, 4+ a day to 1-2

Re: What we can look forward to now

Remember the rubber must meet the road somewhere, and spammers must have a point of sale, where they can never be 100% anonymous or untraceable. What good is it to spam people, if they can't buy anything? Were they to write spamming worms, the feds would be on them like stink-on-sheiB because worms and viri are ecomonically destructive, at least more so than spam is.

Maybe not..

[craigtay]

I don't think the drop in spam is because of this guy in New Zealand, I think its due to AOL's new spam busting software! Go AOL!

consequence of that is?

if we all get along and nuke the US out of existance I assure that the spam would drop by about 99.2%

Re:Virii is not the word to use

>The correct word is actually viruses.

It may be, but it's just so much more fun to say virii.

It helps me filter who needs to be on my shitlist.

And you, sir

... FAIL IT.

so what's his address ?

he needs about a thousand million more mails and calls to make up for his spamming...

Shit -- spam is going to get BAD

[defile]

OK this is great news. One weapon that works wonders against spammers is by making them known. The closer you can get to making a spammer walk around his/her neighborhood with the word "SPAMMER" on their foreheads, the better the results.

Eventually, all of these individuals will stop after they meet the fed up people who will threaten bodily harm or worse because of spam.

The world becomes spam free. Being a spammer is just too dangerous. That is, too dangerous for anyone but the mob.

Then we'll be up shit creek.

New Zealand

I'm in New Zealand. Anyone know the guys address? Phone number?

Zoinks!

[Kibo]

Trolling for Karma whores?

Interesting idea, but I don't think a slashdot version of Bass Masters will work. Everyone has their two bits worth of karma. How could the tournement be scored? While an eleven hundred way tie might be fine by the hard core open source zealots, I think the rest of us would find it anti-climactic.

Re:Zoinks!

[TopShelf]

I just want to know who the sponsors would be?

RedHat?
IBM?
Gotta have the black hat (SCO) entry...

Spam content dropoff?

[dzym]

Not according to my graph it hasn't.

Perhaps too much of a bit of wishful thinking there?

Re:Spam content dropoff?

[Saint+Aardvark]

Nor according to this one, which I use to babysit.

Re: What we can look forward to now

because worms and viri are ecomonically destructive

Because worms and men are ecomonically destructive? WTF?

porn is good for the internet

keeps it people hard

Maybe he will be quiet for a while but...

I imagine he might just set up shop in Aussie.

Hopefully he will be convicted by the health ministry for dealing in medicines.

I'd also like to see NZ Telecom just cut him off.

If any slashdotter would like me to drive up to Christchurch and kick his arse - let me know.

Heh, in the US he would be sued, in NZ we just use public embrassment.

YOU SEE REVEREND MAYNARD,

Tomorrow is harvest day. To them, it is THE HALOCAUST.

-1 Offtopic

You've made a terrible mistake

you've included your real email in a Slashdot submission about spam! Spammers will do everything they can to find out your identity or at least hijack or render your account usable. They're vendictive as heck, so don't reveal your identity when posting this kind of stuff.

...which is why...

[finallyHasANickname]

You have just been chosen!

Are you balding? Have you already spent too much on name-brand Viagra? Have you missed your last opportunity for vacation time shares? Has it been too long since you have seen fisting teen nypho sluts on web cams? Need a home equity loan? Looking for yet more little icons with nifty seldomly used features to cram into your Task Tray to slow down rebooting and bring about yet more opportunities for security problems?

Well this is your lucky microsecond because /. is now the place where everything tends asymptotically toward perfection for you. Yes. You. You have been selected. For no money down, you can have all of this!

Not only that! If you order today, you can gamble online and lose all the money you haven't yet spent on previously mentioned commercial items. :-D :-D :-D :-D :-D :-D :-D :-D

No change here

[pugdk]

My amount of spam is exactly the same as the previous couple of weeks... so much for this (weak) story. I think we need to "take out" more than one spammer for people to really notice a difference. -pug

Send your money now!

[doublehelix_nz]

Just in case the authoritys do not properly deal with this miserable excuse for a human being, i put foward this offer to you.

Send me money and i will personaly travel down to this persons house, beat him over the head with a sack full of 'delete' keys.

Then i will tape him down to a chair, and make him count from 1, to the number of spam emails he has sent out.

I hate people who give New Zealand a bad name. shame on them. We should deport them back to australia.

Si.

End justifies the means not valid?

[symbolset]

How long have you been a perl programmer?
Hacker: Programmer who gets the job done.
Developer: Programmer who gets the job, wastes the first 95% of the development time, and hires a hacker to get the job done.
You fight the fight you must with the weapons at hand. The victor writes the history. Don't like that system? Change it. I dare ya.

Re:Virii is not the word to use

[Aceticon]

Image what a Beowulf cluster of BOXEN in Soviet Russia would do you.

Re:Virii is not the word to use

[finallyHasANickname]

Image what a Beowulf cluster of BOXEN in Soviet Russia would do you.

Pfffft! :-p Silly! Imagine what it would do to NATALIE PORTMAN. Jeez. Get with the program. You nerd. ;-)

No dropoff here - how to find perpetrators..

[mattr]

Nope, I had 200 emails to delete this a.m. So how do I find the guy sending me all this shit?
I've done lots of detective forays and unsubscriptions but the spam just keeps coming.

I'm thinking it would be useful if I could forward say a hundred spams to an address which would analyze them with other people's spam and figure out the top targets for detective work. Then when anybody gets enough energy/anger to do some calling around everybody benefits.. a kind of spammer scalping engine.

Wasn't there a story about some guy in Argentina recently? Go for it!

No change here.

[Alioth]

I haven't noticed a difference outside of what can be considered 'statistical noise' in my daily spam load. SpamAssassin (or rather the procmail filter that catches what's flagged) puts spam sent to me in a spam trap, from there it's easy to count the number coming in. SpamAssassin is still catching a veritable torrent of spam.

Funnily enough, SpamAssassin is also flagging the Win32/SoBig worm as spam. It's in the DCC (distributed checksum clearinghouse) and has a number of other 'spammy' features, such as obviously forged From: address and malformed datestamps. Not that it'd run on Linux anyway :-]

A-ha

[Pflipp]

Whatever it is, coming back from a two-week holiday and shocked to see my real mailbox all stuffed up, I was very happy to see that my virtual mailbox contained less junk -- I expected something with two zeroes, but only had, like, twenty SPAM mails or so. I imagine I sometimes receive that much within a day.

Re:Leave the spammers alone

Yes, despite all it's "virtues" I REALLY have a problem with spam. Duh.

Life feeds on life [n/t]

nt

no change

[mabu]

I run a very conservative mail server for about 340 accounts. I'm running 2-3 RBLs with no content filtering. We have a virtually non-existent rate of blocking legit mail.

Mail stats in the last 24 hours:

Rejected mail: 5,629
Accepted mail: 2,082

Because of our conservative blacklisting, the RBLs are probably only about 80% effective at best, we still hovered around our usual 28% legitimate mail traffic, verses 72% spam. (This also doesn't include worm messages which wouldn't have been relay-blacklisted so it's likely even worst.) Nothing seems to have changed, or it's not enough to be noticeable.

Everything they say about spam clogging the Internet is true. Based on my own stats, for a server that is generally below the radar running very legitimate web and e-commerce operations and a few select POP3 mailboxes, a vast majority of the bandwidth we use is undesireable crap. Imagine the improved performance of the net if we could actually make a dent in stopping the spamming sleazebags from clogging our pipes!

Re:no change

[amity]

we've had no change as well. we have a mac running eudora and get about 100-150/day and we've seen no drop.

but we haven't received one virus yet. so i guess that makes up for it. and (hah!) please don't send us one to make us feel included.

A Good Thing (TM)

> This needs to be publicised, as anything which slows down spam can only be a good thing."

Really? Like killing the spammers or kidnapping their children? As long as it "slows down spam", is sure can only be a good thing?

Re:A Good Thing (TM)

[DirkDaring]

Go away, Troll.

Qurb

[yarisbandit]

I installed qurb http://www.qurb.com about two months ago, and it's caught 432 spam, not one of which has plopped in my inbox...

It's a challenge and response whitelist system for outlook, and I'm hooked. Shame it ain't freeware, but the trial version still hasn't quit on me... I may fork out yet :)

The spammers ain't going away, might as well treat 'em like lepers and not even listen to 'em :)

You could shoot them in the fucking head.

[Jonas+the+Bold]

Thats right, drag the script kiddie outside and shoot him in the fuckin' head! It qualifies under 'anything', and I think it'd be a bad thing, don't you? All those poor, dead 16 year olds. Well, they shouldn't have inconvenienced you and wasted that bandwidth, huh? They sure deserved anything. On a more realistic note, what if there was a public list of the addresses and phone numbers of known spammers, which is more what this article describes. Imagine some kid hacks your computer, and exploits it to send out his spam. You get put on that list, and get harassed for weeks and weeks. Can't even use your phone... Yeah, it'd suck.

Re:You could shoot them in the fucking head.

[hkmwbz]

Sure, I wouldn't mind offing a few spammers.

"You get put on that list, and get harassed for weeks and weeks."

People on such a list would only be well known spammers, not some random idiot who failed to secure his system and deserves what's coming for him anyway.

It may not be pleasant...

[leonbrooks]

...but it's true. (-: "FAQland, FAQland, uber alles?" :-)

http://users.rcn.com/zap.dnai/

http://users.rcn.com/zap.dnai/

no. definitly no.

[desitter]

as anything which slows down spam can only be a good thing.

e.g. total annihilation of the world population would also slow down spam.

neutron bombs. you know you want one.

my drop

[AssFace]

Not sure if it is related or not, but I'm seen my spam count drop by about 40 a day starting sometime last week.
I had attributed it to the power outage, the viruses, and the worms - but perhaps it was this... or some combination thereof.

No Spam! @_@;;;

[Yusaku+Godai]

This is one of the best things that's ever happened to me. I don't know how or why, but 99% of my spam must have originated from this guy, as I haven't gotten a single one in over 12 hours!

Re:YOU SEE REVEREND MAYNARD, OT

[ender-]

Damn you! Let the rabbits wear glasses!!!!

Ironic...

[shione]

harassment like in spam?

Its interesting that someone who litters others mailboxes with junk mail can't hack receiving it himself....

I for one am glad he's out of business. Like they say, what comes goes 'round, comes around.

Finally, a spammer receives customer complaints

[jolshefsky]

Hate to say it, but in this case, vigilante type action seems to have had the desired result

This got me to thinking. The thing I hate most about spam is that there is no way to contact the seller to let them know you're not interested--ever. When you annoy people and give them no power to respond, they'll eventually come after you and your kids. I'm always amazed to find that spammers don't know that people are angry about their behavior, but I figure they've never heard from someone who they sent a message to.

Maybe they just think their "customers" are the people who give them money ... then what do you even call the people who receive the spam?

I guess I'm also amazed to think that nobody can come up with good legislation. Yes, we should be able to send messages anonymously--including business people--but the limit should be when that correspondence becomes harassment.

It's like if you put a sign in someone's yard--anonymously, without asking--and they tore it down, very few people would compain (at least not vehemently.) If you put ten signs in their yard every day for years, they'd probably kill you if they caught you. Is the answer to make a law banning putting a sign in someone's yard?

You know...

[xaoslaad]

I hadn't noticed until somebody said something, but I did get considerably less SPAM over the course of the night than usual.

I use a hotmail account to sign up for all those things that shout, "This is gonna rack up the SPAM..." and it is usually good for ~80 messages straight to the 'Bulk Mail' folder in the course of the night.

Today there were only 23. Now I have no idea if, like some people are speculating, this one guy was responsible for it all, or if like others are guessing the recent virus/worm outbreaks are having an effect etc., but something is definately amiss.

No matter though, if this one guy left a gap in the SPAM kingdom there will be ten slimy SOB's to fill it.

Re:You know...

[rrodkey]

Just wait, I wonder which one of the 10 slimy SOB's is going to buy this guy's list of addresses.

Spammer Head Hunting Fund

What about setting up some spammer head hunting fund? If you track down a well known spamhaus (e.g. one listed on rokso) youd get some bounty out of the fund. Id be willing to pay some bucks to such a fund, and i bet some major isps and firms would be willing to do that too... And since there is no honor among thieves it would make life for our spamming friends a little harder (and more paranoid)

Depends. . .

[PhxBlue]

If you're talking about government measures, no. If you're talking about citizens' initiatives, on the other hand. . . well, still no, but only because I don't like agreeing with anything that has the words "anything," "everything," etc.

Where do YOU fit in the spammer's business model?

[Crash+Culligan]

Let's start by looking at what it is the average business actually does, shall we? They either sell some sort of product (like a manufactured good) or service (which creates or utilizes a product; looked at another way, the product being sold is the manufacturing itself).

Who is buying the product or service? People that want their stuff advertised.

Who is getting paid for the product or service? The spammer.

What is the product or service? Ah, now here's where it gets interesting.

Many people cited that the difference is scale, that if you had several hundred menus dropped off on your doorstep daily, you'd be miffed. There's another problem with that analogy, though...

In the fast-food place example, they're the producer, you're the prospective customer, and they are telling you about their product. This is a relatively non-intrusive form of advertising (assuming the menus aren't dropped off by the truckload).

In the spammer's case, they're the producer, someone else is the customer, and you are the product. They are trying to sell your attention. But first they have to get your attention without paying for it first.

This is my objection to all advertising, but especially to spamming: that the waste of bandwidth, disk space, and time trying to deal with the inundating tide of mailbox crap is tantamount to theft, and you are the victim.

Unsupported allegation.

[Medievalist]

I don't know how you would determine that "most spammers use Outlook or Outlook Express."

Certainly, most spamblower software forges Outlook MUA header tags, but it doesn't take much effort to figure out that the formatting of the spam is inconsistent with Outlook's abilities. I've got an archive of 2074 spams I've received (as of this morning) and the majority of it appears to have been generated with spamware optimized for that purpose, not with a commercial MUA like Outlook.

Think about it, Outlook is too slow, inefficient and buggy to be worth a spammer's time. Except perhaps as their own personal MUA, but I don't have any way to know that, since I don't receive personal mail from spammers, just spam from their spamblowers.

On the other claw, spammers are using viral techniques more and more frequently, and it's said that they frequently use virii to recruit the zombie nodes, so it's pretty likely that they are contributing to the problem in one way or another.

Re:Unsupported allegation.

[plover]

While I agree with you that most of the professional spamhauses are using custom spamming code, it would not surprise me to see Outlook (or Outlook Express) as the conduit by which much spam is sent.

The reason is simple: I believe the "entry level" spammers (the AOLusers who dimly think "hey, if they can MAKE MONEY FA$T, so can I!") who have gotten into the spam business have done so with stupid Visual BASIC scripts. And on a Windows box when you want to send email from within a program (especially one of the scripting languages,) using MAPI has been the "native" way to send it. MAPI simply sends the mail via your registered mailer, which is Outlook Express by default (or Outlook, if you shelled out for MS Office.)

Outlook may indeed be too slow, inefficient, and/or buggy for a professional. But most spammers are (by definition) not professional ANYTHING, and are indeed probably too stupid to know the difference.

This guy lives around the corner to me...

Who'd of guess, a spammer down the road. There goes the neahbourhood. It kinda makes it sad when you know this goes on so close to home. I'm thinking of doing a spam drop if anyone else wants to help, gather all the junk mail you have and lets go fill his letter box.

Rackshack - irresponsible

[claud9999]

Note that the article mentions that Rackshack added them to the Spam Early Warning System *after* they saw the article.

I find it highly likely that they were told many times previously that the customer was spamming, and/or they surely could monitor classes of traffic and if they see a ton of port 25, see if the customer is spamming.

Shame on Rackshack!

You Insensitive Clod, I use Spamassassin...

[mikewren420]

...and never open my 'caughtspam' folder. I don't know (nor care) if the amount of spam I don't see is higher or lower :)

I only really care about spam that Spamassassin doesn't catch.

Virii is a perfectly cromulent word!

[Medievalist]

There is no such word in either Latin or English. In Latin, "virus" is a collective noun, like 'butter.'

Certainly there is such a word in English - or at least in the Computerese variant; you can find it all over the websites of virus authors and script kiddies. Despite Bishop Berkeley, things don't stop existing just because you don't believe in them.

Why don't you substitute a word in Klingon? You'll still sound just as goofy, but at least you won't be flat-out incorrect.

Because the authors of virii call them virii, and not some Klingon word. The word "viruses" refers to biological organisms, and the distinction is valid and desirable.

Do you insist on calling eight-bit quantities "bites" since there was no English word "byte" before computer programmers decided to make one?

Re:Virii is a perfectly cromulent word!

[RobotRunAmok]

Computerese variant; you can find it all over the websites of virus authors and script kiddies.

We here on earth call that "slang." Every industry, culture, and sub-culture has it. All well and good. Sometimes a slang term gets to be so prevalent it will enter a dictionary and be noted as such (usually with sl.) If the term can really hang on, and/or enter into a mainstream culture beyond it's industry (as "byte" has) it may receive "official, formal" language status. The English language "benchmark" (to borrow the technologist's phrase for a moment) is the OED. I'm sure the folks who edit that are monitoring "virii" very closely *cough*

The word "viruses" refers to biological organisms, and the distinction is valid and desirable.

What, are you making this up as you go along? I give you credit for thinking on your feet. The OED cites several colloquial and figurative uses of "virus" as a rapidly spreading "poisonous influence." It's from this sub-text that computers are said to have viruses. No distinction between non- and biological use exists. Good one, though.

Now back on topic: The previous poster contended that "virii" was a Latin term. It's not. The plural of "virus" in Latin (if one fancies oneself as a dead Roman) is "virus." (I don't know what the plural is in Klingon.) Currently, "virii" is a *slang* term spottily popular among youthful script kiddies for the plural of virus. It is akin to "boxen," only several tiers more dorky as many of its users actually think it has some etymological legitimacy, and is not merely a made-up "play-on-words" word.

Happy to help. Glad you stopped by. First one's free.

Re:Virii is a perfectly cromulent word!

[julesh]

Because the authors of virii call them virii [...] Do you insist on calling eight-bit quantities "bites" since there was no English word "byte" before computer programmers decided to make one?

However, the reason that the authors of viruses call them that is because they don't know shit and think that virii is the latin plural for virus, so they think they're being clever.

The reason 'byte' is spelt like that was an intentional change of the spelling by Werner Buchholz when he first used the term, in order to avoid typos causing confusion with the word 'bit'.

I follow in the footsteps of people who know what they're doing. I don't blindly follow ignorant fools who think they're smart.

Re:Virii is a perfectly cromulent word!

Boxen is actually just a german word...

It means "boxes" :)

Re:Virii is a perfectly cromulent word!

The German word "boxen" is very annoying then.

Re:Virii is a perfectly cromulent word!

The English language "benchmark" (to borrow the technologist's phrase for a moment) is the OED.

So, I can't use words like "mung" or LDAP (pronounced ell-dapp) anymore? Gee, how foolish of me to be so concerned with function over ideology. I should obviously not care that the same server (which I built) holds data on computer virii and the phylogeny of viruses. After all, it's obviously more important to know our latin roots than to communicate accurately!

I'm sure the folks who edit that are monitoring "virii" very closely *cough*

You can bet on it.

As for being on topic, I believe the topic was anti-spammer vigilantism, Mr. Kettle.

Re:Virii is a perfectly cromulent word!

[RobotRunAmok]

the same server (which I built)

Here's a cookie.

it's obviously more important to know our latin roots than to communicate accurately!

D00d, if it hasn't been clear up to now, allow me to point out that I spend much more time among Adult English-Speaking Humans than I do among script-kiddies, and I assure you that the (still) correct "viruses" is vastly more clear in that less-rarefied air than the gimmicky and tech-prentious "virii."

Bet on it.

So, I can't use words like "mung" or LDAP (pronounced ell-dapp) anymore You can use 'em, sure. They're industry terms. Work in every endeavor would grind to a halt if we could not use the slang of our workplaces. Doesn't make it formal English, though. Certainly doesn't make it Latin. ...which is the contention to which I was responding ever so long ago. Call 'em "virii" if it amuses you. Hell, call 'em "charlie." Call 'em "throatwarblermangroves." Just don't attempt to justify your language-mangling in some pseudo-elite fashion by calling it "Latin." ...because, unlike "mung" or "LDAP," there is already a perfectly good, legitimate, and universally recognized English word for what we have been discussing. It's -- wait for it -- "viruses."

Re:Virii is a perfectly cromulent word!

Don't be such a worshipper... "virii" .vs. "viruses" makes a useful distinction, just as Buchholz did with "byte". That's the whole point.

Truth is not determined by the speaker's identity, but by the validity of the speech.

Re:Virii is a perfectly cromulent word!

[geekoid]

umm isn't the plurel for virus, virus?
like fish, or spoon?
well ok, not spoon, I just wanted to see if you were paying attention. ;)

Re:Virii is a perfectly cromulent word!

[RobotRunAmok]

umm isn't the plurel for virus, virus?

In Latin, yes. The Romans used the letters v-i-r-u-s to denote what we would call "toxin" or "evil, poisonous, gunky stuff that snakes and such spit." Somehow or other, we English speaking people have adopted the same word to describe certain types of fast-spreading diseases, biological and otherwise.

But (probably because we use the word differently, and its meaning is so different) the plural of "our" virus is "viruses."

Re:Virii is a perfectly cromulent word!

[njdj]

"virii" is a *slang* term spottily popular among youthful script kiddies

Spottily popular among the spotty, you mean?

Re:Virii is a perfectly cromulent word!

[srmalloy]

The German word "boxen" is very annoying then.

The use of 'en' as a plural form actually is English usage, derived from the Germanic input into Old English, although its use is highly archaic now and survives only in a few words -- 'oxen', 'children', 'brethren' (which is mostly supplanted by 'brothers'), and 'kine' (plural of 'cow'). Formerly, hanging on into early modern English, you might also see eyen, shoon, hosen, and treen. The N suffix, had it survived in all the words it applied to in Old English, would also have given us namen, sunnen, moonen, starn, timen, churchen, hearten, tonguen, and ladyen.

The plurals for 'brother' and 'cow' have the vowel shift called 'umlaut', arising from a following vowel I or consonant J (Y) in the early Old English period, which disappeared after altering the previous vowel; the effect also appears in the plurals for 'man', 'tooth', 'mouse', and 'goose', among others.

If the '-en' plurals are annoying, then perhaps it's good that one of the classes of plurals that left no survivors added -U: we longer have 'shipu', 'weapnu', 'devlu', 'headu', or 'wondru'. Other classes of plurals also disappeared entirely because of the loss of final vowels. In Middle English the S ending absorbed almost all the others, resulting in the usages we have now, with its few holdouts.

Re:Virii is a perfectly cromulent word!

Google search:
virii - about 169,000
viruses - about 3,000,000
"computer" and "virii" - about 47,900
"computer" and "viruses" - about 1,240,000

This indicates that, even on the Internet, "virii", even in a computer-oriented context, accounts for no more than 5.6% of the usage. This places it not very far ahead of other misspellings like "seperate", which has about 5%. Based on these statistics I would say that, no, it has not earned the status of "word" in either English or "Computerese".

The users of a language have an interest in reducing pointless linguistic fragmentation. A certain portion of a population will always insist on using wrong (aka "uncommon") spellings, archaic and useless words, and the like. This portion of the population is always difficult to communicate with and should be reduced if possible. Don't be among them.

ye olde spameth

"This needs to be publicised, as anything which slows down spam can only be a good thing."

What about the proposed email tax of 1999?

Anecdotal evidence isn't -- NT

[skermit]

... ...

The SPEWS attitude (I use, I approve)

[hummassa]

is that you become pissed because of the bounced e-mail, you go after your ISP and piss him off, and if it's not its fault it will go after his upstream and pass the piss on, and until the problem is fixed, rinse and repeat.

Re:The SPEWS attitude (I use, I approve)

[fractalus]

The biggest problem with the blacklist is it cost-shifts, exactly what anti-spammers hate about spam.

Think about it. You are shifting the burden of pressuring an ISP into killing a spammer onto that ISP's non-spamming customers, and you're doing it without advance warning.

Those who blithely talk about "switching hosts" have never had to do it. It just ain't that simple, and it sure as hell isn't free. It means being off the net completely for days--not just e-mail down, but all your services, unless you've got the money for a complete duplicate set of servers.

I have no problem with blacklisting spammers, but I have a major problem with blacklisters who think collateral damage is a good thing or at least nothing to worry about.

Re:The SPEWS attitude (I use, I approve)

[Murrow]

And who is the cost being shifted from????

Looks like it's being shifted from the spam recipients who don't pay the hosting ISP money and thus have no leverage on them. Why should "we" have to spend all that effort getting "your" ISP to clean up its act.

This tactic also reduces the effectiveness of moving the spammer from IP address to IP address as was commonly done when just the spammer was blocked as you advocate. Again, much less work for the spam recipient.

You, the ISP customer, also can benefit from this. When your ISP eventually catches a clue and removes its spammers, getting out of a few widely used public blocklists is a whole lot easier than getting out of thousands of local private blocklists. (Try sending email from any of AGIS's old IP blocks and see how far it gets.)

Re:The SPEWS attitude (I use, I approve)

[instantnoodles]

SPEWS simply doesn't work.

Smart spammers can easily get through it. You can sign up with multiple companies easily. When one of them can't deliver spam, the spammer moves. Easy.

But everyone left on the host has to deal with crap. Imagine not being able to receive or send email because an idiot was hosted on the same server as you!

So the end result:

* Smart spammers get through (and I belive there is a main group that sends out 90% of all spam messages)

* Innocents get shafted.

Spews simply isn't a good solution.

Re:The SPEWS attitude (I use, I approve)

Welcome to the real world, buddy. Where the blacklist nazis will leave an entire ISP blacklisted well after they've worked to remove the spammers causing the problem.

SPEWS and their ilk are going down the drain fast, as more and more popular companies get blocked and inform their users about this kind of crap.

You, the ISP customer, also can benefit from this. When your ISP eventually catches a clue and removes its spammers, getting out of a few widely used public blocklists is a whole lot easier than getting out of thousands of local private blocklists.

Tell that to someone trying to get out of SPEWS. It's fucking impossible.

This tactic also reduces the effectiveness of moving the spammer from IP address to IP address as was commonly done when just the spammer was blocked as you advocate. Again, much less work for the spam recipient.

I got no problem if a blacklist blocks a spammer's /24 and they continue to move around, sure widen the net. But to preemptively cast a wide net is retarded.

Re:The SPEWS attitude (I use, I approve)

[div_2n]

"It means being off the net completely for days . . ."

If you design a network properly this is 100 percent untrue. You might have to endure the time necessary to plug new hardware into your router and firewall but that is it.

If the following holds true:

1) Router with room for second WIC
2) Router with room for second ethernet out
3) Firewall with room for second ethernet in
4) Firewall with true DMZ NAT'ed servers

Then all you have to do is:

1) Add second WIC to Router
2) Add second ethernet interface to Router
3) Add second ethernet out interface to Firewall
4) Route new T1/T3/whatever addresses to Firewall
5) Add NATing for new IP's at firewall to point to existing servers
6) Change DNS records
7) Change any VPN's or other tunnels to new address space
8) Decommision old line
9) Remove old routes

Re:The SPEWS attitude (I use, I approve)

[WNight]

Stopping spam *must* involve the ISP. It's too easy for spammers to hide and bounce from ISP to ISP to catch them without one of the companies involved helping. If the ISP never feels any heat for letting people spam why would they "waste" time stopping it?

Unfortunately, the only way to put pressure on companies is financially, and that means to make the people who pay them (the customers) tell them to change.

Sure, this hurts the customer, but sometimes there's no other solution.

What should I do, if for instance, a company cracked into my webserver and started selling web hosting? If I shut down and clean the machine it hurts the customers who paid for web hosting, but it's not my fault they bought a product from someone who didn't have the right to sell it.

All the black-hole lists do is say "I'm not willing to sort through all the crap that comes from your hosting company - they're selling service to criminals and expecting me to foot the bill." What other choice do people have?

Re:The SPEWS attitude (I use, I approve)

Then all you have to do is:

1) Add second WIC to Router
2) Add second ethernet interface to Router
3) Add second ethernet out interface to Firewall
4) Route new T1/T3/whatever addresses to Firewall
5) Add NATing for new IP's at firewall to point to existing servers
6) Change DNS records
7) Change any VPN's or other tunnels to new address space
8) Decommision old line
9) Remove old routes

Oh, "that's all"? Only problem with that lovely scenario is you are SOL if you are colocated.

Re:The SPEWS attitude (I use, I approve)

[Shdwdrgn]

Gee you must have extra hardware out the wazoo, if you consider that an easy change. Personally, I've got enough hardware at home to run my firewall and servers. T1/T3? Doubtful.

But then again, you probably think my little home operation isn't that important, and I shouldn't whine about having to be offline for a week so I can switch providers. But you know, the people who rely on my servers for their email and web space, it matters to them. The guy looking for a tech position because he's out of work, he relies on reliable email to make sure he doesn't miss a job offer.

But what do you care? You've obviously got a nice fat pipe to play with. Your connection is solid, and is probably even under your control. What if it wasn't something you could control? What if that connection were suddenly cut from under you, and there wasn't a thing you could do about it? I bet you'd be whining the loudest.

Re:The SPEWS attitude (I use, I approve)

[Dimensio]

Welcome to the real world, buddy. Where the blacklist nazis will leave an entire ISP blacklisted well after they've worked to remove the spammers causing the problem.

I understand why you posted this as anonymous coward, as it is a complete and total lie. SPEWS acts very quickly to remove ISP listings when the spammers are cleaned off -- sometimes within minutes of the report. SPEWS prevents the problem of blacklist nazis tossing IPs into filters forever by being responsible (if it weren't, no one would use it). SPEWS-haters, however, would much rather have a situation where filtered IPs never escape to send mail again.

Re:The SPEWS attitude (I use, I approve)

*SPEWS acts very quickly to remove ISP listings when the spammers are cleaned off -- sometimes within minutes of the report.*

really? what about some of the ISP's that SPEWS has threatened to permanently blacklist, even though they have gotten rid of spammers.If you look thru some of the posts on nanae, you'll find the opposite, in fact someone even mentioned that one ISP is lucky no one has firebombed their NOC. Sounds like a good bunch of upstanding netizens to me. And why is it that SPEWS is so hard to track down, when that stupid spammers info is posted all over? turnabout is fair play, and only one site I seen has the guts to post the source of SPEWS information.

Re:The SPEWS attitude (I use, I approve)

[Dimensio]

what about some of the ISP's that SPEWS has threatened to permanently blacklist,

Please provide full documentation of SPEWS ever making any such threat. SPEWS never contacts anyone, for any reason, so I strongly suspect that you are lying.

Re:The SPEWS attitude (I use, I approve)

Just do a lookup in their news group nanae, for burst.net

Re:The SPEWS attitude (I use, I approve)

[Dimensio]

NANAE is not SPEWS. There are some blowhard admins who post in nanae who make threats as the ones you described, however they do not represent SPEWS and they do not run SPEWS. You are either incredibly stupid or incredibly dishonest to assert as much.

Re:The SPEWS attitude (I use, I approve)

can this be considered a threat?

It's great to get worked into a frenzy...

[musicscene]

... over the spammer whose doing the job he was hired to do. So, digging deeper in that vein we should be looking at the companies who are hiring these spam-a-jammas and start these types of tactics right at the source of the income (or right at the company themselves).

Is there a place already where we can add to a database of the companies who hire spammers?

Re:It's great to get worked into a frenzy...

[schon]

the spammer whose doing the job he was hired to do

You make him sound like he's innocent. "He was just doing his job."

we should be looking at the companies who are hiring these spam-a-jammas

I don't think that's necessary - in many cases, the people who hire spammers are just as much of a victim as the recipients.. remember, all spammers claim they have "100% targetted, triple-cross-my-heart-and-hope-to-die-opt-in" lists..

I recently got an email from a customer who says that he signed up for an email list (run by a friend), but that the email kept getting bounced by our mail server... his friend sent me a fax, which he got from his "listserver admins" who called themselves "Constant Contact" - this fax basically said "we're not spammers - honest, please add the following IPs to your whitelist, so that our 100% permission-based emails can get through"..

I looked up the IP addresses, and all of them are perma-blocked by pretty much every DNSBL on the net.. the evidence presented showed that these "Constant Contact" guys are (you guessed it) spammers themselves, and not terribly good at covering their tracks.

Now, (back to my point).. this guy runs a legitimate business, but he's being conned by spammers.. he doesn't have the technical know-how to run his own server, and he doesn't know how to tell the difference between a legitimate listserv, and a spammer.. (which, is to check blacklists.) The spammers have his money, and his mailing list (which they send spam to, or sell to other spammers), and he's stuck being unable to send mail to a bunch of his clients..

I think he's learned a hard enough lesson - I think punishing him further would be counterproductive.

Re:It's great to get worked into a frenzy...

[Shadowlore]

Now, (back to my point).. this guy runs a legitimate business, but he's being conned by spammers.. he doesn't have the technical know-how to run his own server, and he doesn't know how to tell the difference between a legitimate listserv, and a spammer.. (which, is to check blacklists.) The spammers have his money, and his mailing list (which they send spam to, or sell to other spammers), and he's stuck being unable to send mail to a bunch of his clients..

So use the existing laws against fraud and con artists here. Just because they do it over the net does not make it less of a con.

You are right, he *has* learned a hard lesson. But rather than sit on this lesson, it could be used to help prevent this in the future. Taking the company to court for false advertising/fraud/whatever-it-turned-out-to-be-in- that-jurisdiction is the appropriate response.

There are spammers that spam for kiddie porn. True. Is kiddie porn illegal? In some areas. In those areas, nail them for kiddie porn. Some kiddie porn dealers use the local classifieds. We don't nail them over using the classifieds, we nail them on the kiddie porn.

Ask youself this:
If the kiddie porn spam and the genuine scams stoppped being a part of spam, how much spam would be left? Not much in comparison.

Email is simply a tool, nothing more. Spam is email. If the point of the email is to entice or promote criminal activity, you prosecute the criminal activity, not the use of email to do it.

If a business is advertising "100% opt-in" and it turns out they are knowingly full of it, nail 'em for false advertising/fraud.

After all, ask yourself this:
If you could be completely sure that a given list was 100% opt in, or even 99.99% (say your diety came down and told you, and you trust your diety), would you use it, or condone it as a legitimate sending of email?

Again, prosecute any illegal activity (such as scams, fraud, and kiddie porn) resulting from email, not the use of email to do it.

Indeed, it is the height of strategic and tactical folly to make it a crime for the bad guys to tell you what/where/when/who!

Right now, those perpetrating criminal activity over email are relatively safer when we focus on the method used to perpetrate the activity, rather than the activity.

We should be looking to the companies hiring spammers. We should be looking to them to file suit and charges for these practices when/where/if against the law.

If you bought advertising space from a marketing company that promised to only advertise in targeted magazines for your product/service, and failed, would you call for criminalizing advertising services? No, you'd probably sue the bastards and/or report them for false advertising and/or fraud. So why change it because they did it over the Internet as opposed to the phone?

FBI? Probably a bad idea ...

[Heisenbug]

See, writing viruses is not only illegal on the level of spam, it's illegal on the level of breaking and entering and all sorts of good stuff. When a new virus comes out, doesn't the FBI do their best to work out who did it and throw the book at them? Any site that's linked to by a virus is going to be pretty thoroughly gone over, and if they paid money to anyone for the privilege then the whole gang will be royally screwed.

I know that there's ways to disguise web site owners and such, and plausible deniability and so on ... but spammers are in it for the money. Combine seriously illegal with a money trail, and it's my bet the FBI has your ass within a week.

I for one welcome them to try it. It's about time we had some big guns going after spammers.

Re:FBI? Probably a bad idea ...

[saskboy]

"doesn't the FBI do their best to work out who did it and throw the book at them?"

You've been watching too much TV. The FBI means jack squat in Liberia, or Argentina, or India. Base your operation out of there, you are set for life.

Re:FBI? Probably a bad idea ...

[Heisenbug]

I'm thinking all of that changes once you have money involved. Maybe I'm wrong, but it seems to me that, to be a profitable spammer, someone most likely in the US has to use a credit card to buy a product from a merchant who gives some of the cash to you. If any link in that chain is in the US, I would expect the FBI could step in and cut it off. They might not catch you, but they could put the middlemen out of business and take their cash, and they wouldn't have to do that often before the system fell apart.

No..

[mjeaslick]

Sorry, I am still showing the same amount of spam as normal. And no, for the person who decided spam and virus'es are the same problem, you is wrong. Virus'es are not sent by people on purpose, and with fake addresses put into the from field by the virus it's hard to know for sure were it came from.

So much for that idea

When police catch drug runners, they seize the drug runners possesions (house and car). Why couldn't it be the same for spammy??,

And the result is that illegal drugs are no longer available in the US. :P

Re:So much for that idea

[vpetersen]

You hit the point buddy. Not only the "illicit" substances are available, they cost 3x more and the addict has to break in three times as many cars and households to get the same fix. I'd say moderate the parent up but realize that it's sort of off topic.

Anyway, I'm sure many /.ers will agree that upping the punishment not only often does not eliminate the crime targeted, it causes more crime in other, sometimes seemingly unrelated respects. Imagine if spamming made absolutely illegal everywhere, it may be even more lucrative for those few of top 10% who will still manage to find ways to send it without reprocussion, i.e. black market.

Spam doesn't kill people and neither do threats.

[fmaxwell]

I don't care how bad spam is, it won't kill your kids

And threats won't kill your kids either. How do you know whether the person(s) making the threats intended to make good on them? I seriously doubt that threats against his kid's lives would have been carried out.

The original poster was dead-nuts-on when he pointed out the hypocrisy of a spammer who e-mails sexual content to children and then trys to play the role of the good father.

I figured the drop was due to SoBig.

[Lester67]

But I've noticed a decrease over the last 2 weeks as well. Popfile takes care of them anyway, but it hasn't been as busy lately.

Not for me...

[chriguhose]

Just this morning i reached a new record level of spam mail. 46 email received, 36 spam...

Cable TV-ISP model

[swb]

You don't want filtered ISP service. It will eventually devolve into cable TV style service, where you get transparent proxied HTTP and Xbox/PS2 game nets and nothing else.

And, idiotically, the unfiltered service, which costs less to deliver, will end up costing much more, and the funds used to pay for the filtering costs, which will be high (equipment, people, updates, etc).

re: virus vs. virii

I understood that there is no attestation at all as to how 2nd declension Latin neuters might form their plural; that is, there is no instance of any of the three known ones (virus, pelagus, vulgus) appearing in the plural:

http://www.perl.com/language/misc/virus.html

In short, noone knows what the Latin plural is.
"virii" is possible, but on the other hand, following the example of deabus, "virus" might have a special plural differentiating it from "viri", even if the plural of pelagus & vulgus was pelagi and vulgi (which is not known).

Re:Leave the spammers alone

Please learn the difference between "expression" and harrasment.

Re:Actually we've had to switch hosts

On small hosting companies, twice. Neither time was due to spews but its not exactly rocket science to do it properly.

And besides, that is the entire point of spews, perhaps now people will start finding out in advance if their ISP supports spam and other antisocial sales tactics.

Collateral damage is the only way to go. Read the fucking spews manual and stop whining. You're just making excuses currently as to why you are still part of the problem. Stop it and start looking for solutions, even if it does involve some effort on your part.

Stop supporting spam and stop making excuses for it because thats exactly what you are doing now, intentionally or otherwise. If spamming ever becomes illegal then remember that ignorance is no excuse for breaking the law, neither is "saving a buck"....well not in most countries.

So THAT explains it

[nurb432]

I was beginning to think something was wrong with my email..

Im so used to seeing them flood in, when i DONT get anything ... its ... wierd ...

Re:So THAT explains it

[Glonoinha]

ROFL - yea, one thing to be sure on : you can count on your inbox having at least one spam message so you know everything is talking correctly.

Dont use the razor of logic...

Dont use the razor of logic on this kind of person, he might get cut and blame you for his stupid assertion.

drop off in spam

[jqh1]

for what it's worth, the stats at spamgourmet.com confirm a drop off in spam the last couple of days. (if you look at the graphs, note that there was a server move near the beginning of July that accounts for the big drop and spike at that time).

Are we saying, beyond the featured shutdown, that SoBig, etc. have actually taken the *spammers* out of commission for awhile -- not only by clogging mail servers, but by infecting and disabling their boxes?

Me too

[Charcharodon]

My hotmail account is only getting 5 or so pieces of mail and all of it is subscription based. Very little in the way of unrequested junkmail.

Re:Actually we've had to switch hosts

Collateral damage is the only way to go.

We use smart filters, and get virtually NO spam. We don't use blacklists that provide collateral damage. Neither does SpamAssassin.

And besides, that is the entire point of spews, perhaps now people will start finding out in advance if their ISP supports spam and other antisocial sales tactics.

If only the damage was limited to ISPs that "support" spammers.

Read the fucking spews manual and stop whining. You're just making excuses currently as to why you are still part of the problem. Stop it and start looking for solutions, even if it does involve some effort on your part.

Coming from someone who probably has to worry about one email address. Try managing a network, asshole. It's not possible to just pick up and move at the drop of a hat, not to mention, unreasonable to think we should. Our ISP *is* fighting spammers, just not fast enough for the nazis at SPEWS.

FWIW

With standard mail, it's all the junk mail and catalogs that are subsidizing your 39 cent stamp. For accuracy and cost there really isn't any other postal system that can touch ours.

Re:FWIW

[andrewski]

Bullshit. With standard mail, I am subsidizing the junk mail. It might be the other way around if, for example, the junk mailers paid 50 cents per letter.

My mail takes around the same amount of effort to deliver as a piece of junk mail. Possibly less, as it is neatly tucked into an envelope, rather than being a messy pile of glossy paper. Tell me how exactly they subsidize my mail! For accuracy and cost, most small nations, Japan, Canada and many European countries have us beat.

Your logic is messed up, but you already knew that, which was why you posted as an AC.

Hate to say I told you so!

Alright! Come on!

w00t!

[MoFoQ]

now I don't have to put away my pitchforks and torches that I got out of storage for SCO.

My Spam Stats

[waldoj]

Here are my spam stats, generated with Rob Park's excellent mboxstats:

Jul 01, 2003 102
Jul 02, 2003 84
Jul 03, 2003 83
Jul 04, 2003 87
Jul 05, 2003 64
Jul 06, 2003 62
Jul 07, 2003 81
Jul 08, 2003 95
Jul 09, 2003 73
Jul 10, 2003 90
Jul 11, 2003 88
Jul 12, 2003 84
Jul 13, 2003 77
Jul 14, 2003 110
Jul 15, 2003 122
Jul 16, 2003 112
Jul 17, 2003 84
Jul 18, 2003 112
Jul 19, 2003 103
Jul 20, 2003 83
Jul 21, 2003 92
Jul 22, 2003 89
Jul 23, 2003 103
Jul 24, 2003 86
Jul 25, 2003 91
Jul 26, 2003 90
Jul 27, 2003 66
Jul 28, 2003 98
Jul 29, 2003 92
Jul 30, 2003 95
Jul 31, 2003 98
Aug 01, 2003 97
Aug 02, 2003 93
Aug 03, 2003 66
Aug 04, 2003 83
Aug 05, 2003 80
Aug 06, 2003 76
Aug 07, 2003 107
Aug 08, 2003 85
Aug 09, 2003 59
Aug 10, 2003 63
Aug 11, 2003 75
Aug 12, 2003 63
Aug 13, 2003 68
Aug 14, 2003 71
Aug 15, 2003 58
Aug 16, 2003 75
Aug 17, 2003 63
Aug 18, 2003 51
Aug 19, 2003 34
Aug 20, 2003 62
Aug 21, 2003 60
Aug 22, 2003 66
Aug 23, 2003 67
Aug 24, 2003 64
Aug 25, 2003 65

There's no getting around it -- the quantity of spam that has decreased in the past couple of weeks.

Note that the corpus is my UCE folder for my primary e-mail address. I do not use any RBLs to block, but I do use SpamAssassin to filter, and then I hand-review my UCE folder daily, weeding out viruses and the occasional legitimate message.

-Waldo Jaquith

In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. Sorry about that.

Don't get your hopes too high

[apankrat]

DCC (Distributed Checksum Clearinghouse), which is as its name suggests a distributed spam detection and filtering network, shows no visible decrease in spam volume during the last couple of weeks.

A noble spirit embiggens the smallest man!

[Medievalist]

What, are you making this up as you go along?

No. I've posted this before, mosly because I think Tom Christiansen's being annoying pedantic about it (Tom's a Perl ghod, but that doesn't make him an authority on "natural" languages.)

I give you credit for thinking on your feet.

Thanks, but it's not deserved. :)

The OED cites several colloquial and figurative uses of "virus" as a rapidly spreading "poisonous influence." It's from this sub-text that computers are said to have viruses.

I'm not English (although I have a sibling at Oxford) so I have a limited interest in what the OED says. And to be honest I have even less interest in latinate etymological root stocks.

And furthermore, I guarantee you that the people who named this particular type of malicious code a "virus" didn't consult the OED or Wheelock's Latin either.

Language evolves. It would be better to have a new word for the singlar form, and not just for the plural, but evolution is rarely biddable.

Re:Actually we've had to switch hosts

[WNight]

Instead of squashing spammers as you find them, why not make the service spammer-unfriendly to start with?

Block outgoing port 25 connections by default. Limit the number of emails your mail server will send in a day, and the number of CCs on each. Again, by default. If someone needs more, let them ask for it. Run a spam-filter on outgoing mail, hold suspicious email for inspection before delivering it.

(Hell, you could even inspect it without "reading" it. ROT13 it, before looking at it. Spam should still be bloody obvious while actual content remains private.)

zerg

[Lord+Omlette]

Just remember that the Taliban started out as a bunch of vigilantes who set out to rescue a pair of kidnapped girls, because no one else would do it. They succeeded and became heroes, but...

You know how that story turned out. Best remember to keep your focus.

yes, reduce spam at all costs!

Anything that reduces spam IS a good thing, you're right. Maybe we should consider mass extinction?

Re: virus vs. virii

[the+chao+goes+mu]

Second declension latin neuters are covered in every first year latin book. They are formed by adding an -a, in the nominative anyway. They also have a singular ending in -um, which virus does not. Pilum, for example, is neuter, with the plural being Pila.

Treasure your friends

[Medievalist]

No mod points today, sorry.

The fact that you've received no spam and/or virus on your private email indicates that the people you correspond with are savvy and conscientious beyond the norm. It only takes one idiot nephew a couple of mouse clicks to heave your address into the spamfields... say, by sending a chain letter to everyone he knows without BCC'ing. That does it every time!

Given your previous .sig, I recommend you google for the Arrogant Worms single "Carrot Juice is Murder". You'll probably enjoy it; I have the Huff recording and it's pretty damn funny.

Re: What we can look forward to now

[saskboy]

Worms that advertise are not economically destructive, at least not for the spammers that write them.

Too late...

[Brendan+Byrd]

At I pointed out in an earlier message, SPEWS is probably going to be taken out (or devalued to 0.001) on the newest version of SpamAssassin anyway. More respectable lists like opm.blitzed.org, list.dsbl.org, and dnsbl.njabl.org get higher scores with SpamAssassin.

Re:Spam doesn't kill people and neither do threats

And then, on the other hand, how can you be sure that people won't carry those threats out?

Remember back when we were talking about Alan Ralsky, and someone went out to his property to take pictures? It's not a very long leap to think that someone more unstable, or someone so entirely pissed off at spam to make a threatening phone call, could easily just take a shotgun and blast the man, or his family. Yeah, chances are, it's a threatening phone call, and not much more, but do you want to take that chance?

It's wrong, no matter who you are. You could be the most despised man in the world (and in this case, he pretty much is), but how much of that is the family's fault? The answer is none.

Other causes

[El]

I'm seeing reduction to (from 20 a day to about 4 a day). But this might just be due to all the email servers being down combating the worms and virii. I can't beleive one spammer could make much of a difference. Perhaps the worm scares caused people to actually look at their server configurations, and they closed up a lot of open relays?

Re:Where do YOU fit in the spammer's business mode

[El]

Er, that would be the same exact place you fit in the television stations, radio stations, billboard, magazine or newspapers business model, wouldn't it? The difference is you have more choice in receiving ads from these other media. And yes, the free newspapers that used to show up in my driveway twice a week used to piss me off too, until I made several complaints to the newspaper threatening to have their delivery person arrested for criminal tresspass and offensive littering... now they don't seem to show up anymore. Ah, the other difference: most other media don't lie about the source of the ad, so there actually is somebody to complain to!

anything?

[butane_bob2003]

This needs to be publicised, as anything which slows down spam can only be a good thing.

You mean anything short of dragging these people out into the street and hanging them from a light post.

Rackspace: Are we sure?

[frankie]

they now react very swiftly to spammers. Yet they are still blacklisted in a lot of places

Very swiftly? Are you sure about that? I also see active SBL records that are 6 months old.

Do you really think these blacklist sites take the ISP off then?

AFAICT, yes, SPEWS de-lists when all the spammers are gone.

Re:Rackspace: Are we sure?

Very swiftly? Are you sure about that? I also see active SBL records that are 6 months old.

I have been reading Google Groups and I see that RackSpace is kicking spammers off left and right.

AFAICT, yes, SPEWS de-lists when all the spammers are gone.

First of all, that's assuming they do not have a vendetta against you for complaining about being listed. In that case, you could be listed permanently. Secondly, they take their sweet time removing your ISP once they've cleaned house (check the DeSPEWS page to learn more about this). And finally, a large colocation facility will never have all spammers removed, it's an endless revolving door of new spammers coming in. All they can do is fight the spammers, and RackSpace does do that now. But if the pre-req is that ALL spammers must be gone, then RackSpace and its legitimate customers can never be removed.

SPEWS is going down the drain anyway. Products like SpamAssassin are now ignoring them due to their tactics, and larger ISP's are going to stop using them as their techniques are too hostile.

Re:Spam doesn't kill people and neither do threats

[fmaxwell]

And then, on the other hand, how can you be sure that people won't carry those threats out?

I can't. You can't. The only person who knows whether a threat is real is the person making it.

Remember back when we were talking about Alan Ralsky, and someone went out to his property to take pictures? It's not a very long leap to think that someone more unstable,

Why do you call the person who took the photo "unstable" (by saying that someone else could be "more unstable.")?

It's wrong, no matter who you are. You could be the most despised man in the world (and in this case, he pretty much is), but how much of that is the family's fault? The answer is none.

I never said that it was right to threaten someone's family or to do them harm. What I said was that a death threat was not the same as murder. The poster to whom I was replying said that 'spam doesn't kill people'. Well, neither does a threat.

So, for clarity, it's wrong to spam to anyone and especially wrong to send sexually explicit ads to minors. It's wrong to threaten the life of a spammer or the lives of his family members. And it's obviously wrong to murder someone over spam.

Canadian Spammers Contact information

A canadian spammer can be contacted here:

Bill Rapanos
85 Thorncliffe Park Drive
Toronto, ON
M4H1L6
416-467-6585

I didn't notice it...

[the_germ]

...because I get about 600 Sobig mails every day!
All on my primary mail address - I have 7 different eMail addresses and didn't get one Sobig mail on the other 6.

I guess I just know too many dumb people who keep clicking on every "Wicked Screensaver" attachment ;-)

----------------

No Thanks

When police catch drug runners, they seize the drug runners possesions (house and car). Why couldn't it be the same for spammy??

Personally, I have no desire to see the tortured police-state logic currently used to "arrest" drug dealers' possesions expanded into any new fields. These policies are Draconian beyond need and should be abhorrent to any true American patriot as the worst sort of perversion of our legal system and an attack on our civil rights.

Such measures are probably not needed against spammers anyway. Pursue the spammers with any serious law-enforcement effort - even just a credible possibility of fines - and I bet the spammers will evaporate. They have total freedom to lie, cheat, and harrass not because of weak anti-spam laws, but because there is zero enforcement. Jaywalking is more likely to land you in court, for Pete's sake.

Re:No Thanks

[eclectro]

What??? Sending 200 million spams a day (with fraudulent headers) to fill up every man, woman, and child's inbox with mostly illegal/law-breaking/pornographic/Nigerian scam-spam is not a serious problem???? Or crime???

I don't know what planet you come from, but my civil rights to have free and unfettered access to communication is being trampled on by the spammers that are DOSing my inbox.

So I should sacrifice my civil rights so spammy can have civil rights and fill my inbox?????

When your in jail, you lose your civil rights. That's what jail is dude.

Take away freakin' spammy's house and car.

Re:No Thanks

What??? Sending 200 million spams a day (with fraudulent headers) to fill up every man, woman, and child's inbox with mostly illegal/law-breaking/pornographic/Nigerian scam-spam is not a serious problem???? Or crime???

Sure, it's a serious problem. I think it should be a crime. Why would you think otherwise?

I don't know what planet you come from, but my civil rights to have free and unfettered access to communication is being trampled on by the spammers that are DOSing my inbox.

I don't like spammers either, but you've got a couple of serious misunderstandings here: 1) Your e-mail system may be rendered inconvenient to use because of spam, but it's hardly inoperable. 2) When we speak of a violation of civil rights, we're generally speaking of the government or agents thereof violating them by abuse of power, not some schmuck that's sending you penis pill ads. Schmuck-spammer may be committing a crime by sending unsolicited ads, but he's not violating your rights.

When your in jail, you lose your civil rights. That's what jail is dude. Take away freakin' spammy's house and car.

Agreed, when in jail, you lose some civil rights. What does this have to do with property seizures?

Punishing spammers would be fine by me; but the property seizures that you're advocating, as currently perpatrated against some suspected criminals aren't a legal punishment, in the sense of a court's sentence. They're done to deprive the accused of funds and to prevent the accused from mounting a good legal defense. They are acts of out-and-out thievery perpatrated exclusively by the executive branch under the bizarre pretense that the property in question is a material witness to the alleged crimes, and thus must be detained. Legally speaking, a drug dealer's house isn't confiscated, it's arrested. It's bullshit, plain and simple.

Let's not substitute one form of bullshit with another; let's not advocate a spam solution that's worse than the problem.

Re:No Thanks

[eclectro]

I don't like spammers either, but you've got a couple of serious misunderstandings here: 1) Your e-mail system may be rendered inconvenient to use because of spam, but it's hardly inoperable. 2) When we speak of a violation of civil rights, we're generally speaking of the government or agents thereof violating them by abuse of power, not some schmuck that's sending you penis pill ads. Schmuck-spammer may be committing a crime by sending unsolicited ads, but he's not violating your rights.

no, you misunderstand

In the amount of time it took you take type that response, my inbox received 30 delivery notification failures because some spammy is using my email in his forged headers. This is besides all the regular spam I receive. Hundreds of spams is not just an inconvenience. They have in fact rendered my inbox inoperable I'm glad that you are not having any problems. Yet.

You are right -- it's government that infringes civil rights, and it's a spammer that commits a crime. but the effect is the same my ability to communicate is hindered.

And I agree with you, that suspected criminals shouldn't lose their property. However, once spammy is convicted, take his property. In fact, I think it would be a great idea to let a jury decide this. Maybe the jury could be shown some of the spams that he sent out.

In all honesty, I do think this is severe - to an extent.

I think what should happen when spammy is arrested -- have his computer and spam lists impounded. If he is convicted then the punishment should be that he loses his computer and is legally prevented from touching a computer for a couple of years.

Then if spammy starts spamming again and is convicted again, start taking away his other possesions, as clearly he is not getting the message.

I agree, some property seizure laws as they are currently implemented are wrong. But with due process they could be effective.

the only way to regulate spam

[geekoid]

is to force the companies that allow spam to pay for and honor a 'do not spam' list.
Sure spammer can move, but the companies that have the bandwidth to allow people to send out that kind of data are few.

Actually

[phorm]

You are likely not receiving viruses so much from spammers as you are receiving them from viruses.

Outlook and OE being the key identifier here, you are likely getting emailed from normal users who have been infected and are this either infecting random users on the net, or users in their address book, or users from the address book of the previous person who infected them.

Spammers wouldn't bother with most viruses, unless they were adware viruses, because most viruses aren't profitable the way (long-term) advertising is. Spammers are evil, but so are virus-writers... you have to distribute the blame a bit between the two of them for your messed-up inbox.

Well, pack your bags....

[eclectro]

Dude, the police state is here and its called the the patriot act Ashcroft is even coming to my state today to tell everyone how wonderful it is.

The problem with spam is that it is getting increasingly harder to deal with. I have one email account. Some spammy is sticking my email in his forged "return to" headers and DOSing my email account with delivery failure notifications. People with webmail accounts don't have the luxury of installing filters.

The real problem is not about creating a possible police state, but not recognizing the problem of spam as severe, which it is. Making spamming a felony and confiscating spammy's computers is not creating a police state.

What it's doing is saying that as a society at large we do not accept spamming and thus we create laws to deter it. Just like any other law that punishes stealing, forging, fraudulent activities -- all (that I might add) which is represented by the spam in my inbox.

I'd be willing to say that the majority of my fellow citizens would agree with me, with a few spammers and libertarian fanatics disagreeing with me (are you one of these?).

Or maybe you're saying that spammers should have the right of free speech no matter what. The problem of this is that a large amount of my spam consists of lies, scams and penis pills.

Should lies and scams be protected so that spammers can have "free speech"???

Concerning the penis pills, maybe the FDA should demand that they demonstrate the efficacy of giving me a 10" schlong overnight before they are sold. That represents a large chunk of spam right there. And as for the viagra varieties maybe the FDA needs to say that it is illegal to sell viagra without a real doctor's visit.

I don't see how any of these things I said creates a "police state". The police exist to provide a necessary service to citizens.

Or wuold you rather have a society ruled by outlaws???

As I said in my first sentence - the problem of escessive government damaging civil rights exists through the patriot act.

Not by throwing a few spamers in jail.

I really can't figure out your post unless you are a spammer too.

Re:Well, pack your bags....

[Shadowlore]

The problem with spam is that it is getting increasingly harder to deal with

The problem with people wanting to take my money from me so they can do nothing is that it is getting increasingly harder to deal with.

The problem with people posting unfounded assumptions that they refuse to back up with evience on slashdot is that it is getting increasingly harder to deal with.

So, what you are saying is, it is not spam itself that is a problem, it is that spam is *successful* that is the problem.

Dude, the police state is here and its called the the patriot act Ashcroft is even coming to my state today to tell everyone how wonderful it is.

Well then, we live somewhat close together, he was in my state yesterday too. Are you in favor of the USAPA? If not then think of this: The same people that made that, that enforce it, and that use it to abuse your *genuine* privacy rights, are the very same people you are asking to decide who/what is spam. The same people that classified hacking as a terrorist activity, you are now asking to decide what is spam, and what should be done about it.

Far strecth to put spam under such a classification? Not really. I've demonstrated before how spam can be used to pass along terrorist funding. Let the government in on it, and watch it become classified as a terrorrist activity. Just think, you can be proud should that happen, since you pushed for it!

The real problem is not about creating a possible police state, but not recognizing the problem of spam as severe, which it is. Making spamming a felony and confiscating spammy's computers is not creating a police state.

BWAAAAHAHAHHAHAHA. Yeah, Hitler would be proud, as would Musullini, or the rulership of China or any other fascist state. The *only* power a state has is over criminals. Think about it. By increasing the things classified as crime, you increase the power of the government. How is that power enforced? By police. Thus, increasing the number of things a citizen's arse can be thrown in jail for increases the amount of police control over the life of people, thus increasing the effect of a police state.

Spam is not a "severe problem". When I can install free software on my system, either server or client, and block 90%+ of it, it is not a severe problem. If you want *only* certain people to email you, you have many, many options, including using a whitelist.

Or maybe you're saying that spammers should have the right of free speech no matter what. The problem of this is that a large amount of my spam consists of lies, scams and penis pills.

Well some of your posts here contain lies, should we throw your arse in jail for doing that? If a scam is already illegal, the fact that it happens over electronic media makes it no less of a scam, and thus no less illegal. Take speeding, for example.

Is there a legal differentiation between speeding on a motorcycle, and speeding in a car? Nope. Why? Same thing, different vehicle.

If you want to go after businesses for false advertising, go after them for false advertising. If you want to go after them for running illegal scams, go after them for running illegal scams. I don't ask for the postal spam I get in my mailbox, nor do I ask for it in my TV, or my radio.

"But I pay for my email!" So what, I pay for my satellite service, some people pay for XM radio. I pay for the electricity that powers them all in my house or car.

People with webmail accounts don't have the luxury of installing filters.

Not true. Many web-based email providers do indeed allow you to create/manage filters. My company does, and I know many others that do. Just because you chose a webmail service that doesn't, does not mean all do not.

Your ESP clearly does not care aboThe police exist to provide a necessary service to citizens.The police exist to provide a necessary service to citizens.ut the spam issue. So exercise your right to choose a different o

Not me

It seems all sorts of people have been getting much less spam these days. I have been getting less too, but the difference isn't nearly as big. I've gone from getting an average of about 35 a day (45 on weekends) down to about 25 (35 on weekends). I must be on the wrong spam lists. :( Has anyone else out there also *not* noticed much of a difference?

Re:Not me

[mink]

Since SoBigF hit, I have gotten almost no spam, but an almost equivilant volume of virus mails and bounces.

I suspect a lot of spammer relays have been owned.

An advanced "joe job"

[selan]

Which leads to an important point: Spam vigilanteeism has the potential to become an worse form of "joe job".

When someone posts a name, address and phone number and says, "He's a spammer! Get him!" how many wannabe vigilantes actually go to whois or spamhaus to verify that the guy actually is a spammer and that the address and phone number actually belong to the spammer?

How long before spammers try to pull a "joe job" on an anti-spammer and post his address? And since when is whois information so reliable--what's to stop a spammer from registering a spam domain name under someone else's address? Think twice before harassing an alleged spammer--it may backfire.

PS. Yes, I know my sig is ironic in this context. Follow the link, it's funny :).

SPEWS: Are we sure?

[frankie]

show me ANY provider who has not hosted a spammer at one time or another

You do not understand SPEWS

1. if spam is sent to trap, list spammer IPs only, notify ISP
2. if spam continues, expand list to nearby IPs, notify ISP
3. if spammer remains, expand list further, possibly upstream

Yes, every ISP is abused by spammers at some point. The key is that responsible ISPs terminate them immediately, and the block goes away. Whereas if the ISP harbors spammers (malice, neglect, or otherwise) then expansion is deserved.

As always, remember that blocklists have absolutely no power on their own (except for MAPS/Above.net which is sadly corrupt, IMO). They do not control any email except their own. The actual blocking is done by independent sites and their email administrators, of their own volition. If I choose not to receive email from particular IPs, that is entirely up to me, and to anyone who pays me for service. Period.

SPAM Decreasing Lately??? Ha!

I see everyone's marching orderly and in single file in their responses. 1300 e-mail over the weekend...500+ SPAM. Any questions?

SPEWS DNS is down...

[Dimensio]

Some criminals have knocked out the DNS servers for SPEWS through a DDoS attack. This is a brilliant spammer strategy, because if SPEWS is knocked offline, no ISP will know to update their filters should an ISP clean up its act, and thus they'll stay blocked indefinitely. Rule #3: Spammers are st00pid.

However, there is a SPEWS mirror here: http://spews.sorbs.net/ and you should be able to look up your listing there.

I don't know if it's updated now that SPEWS is down, though because the attack is on the DNS server, if the people who run the mirror know the proper IP address for SPEWS (which I have been unable to locate) then they might be able to keep the mirror current.

SPEWS DNS is down...

[Dimensio]

I'll not bother commenting on your analogy, but suffice it to say that it is heavily flawed and not at all applicable to SPEWS.

The DNS servers for spews.org have been knocked out thanks to a DDoS attack by some spamming criminal, which of course means that even if your ISP cleans its act up, SPEWS has no way to let its users know that the IP blocks are delisted. Spammers are incredibly stupid.

Anyway, you can probably look up your ISP's listing here : http://spews.sorbs.net/ (SPEWS mirror).

Real Spammers Don't Use Linux

[Kirellii]

They use windows and like it. (In this case, along with all the slow down viruses.) Don't worry, Microsoft, Norton and perhaps McAfee will patch their woes and Spam will return. Unless the spammers are cheap and don't pay or know how to patch.

In all fairness

[siskbc]

Hmm let's see - an anonymous coward uses a subject line of "Me too" to provide a brief anecdote about noticing an unspecified decrease in spam received during an approximated timeframe, then speculates on attributing this to an untested hypothesis, and gets moderated "+4, Informative".

Seems to me the guy was clearly joking. Come on, unsubscribing from mailing lists? It's just unfortunate that the moderators are retarded and gave him the +4, informative instead of the +4, funny he deserved. And before you ask, no, it wasn't my post. ;)

Re:Actually we've had to switch hosts

[RT+Alec]

Blocking egress port 25 is simply the most effective way to ensure your business does not get blacklisted. Bonus: the SoBig.F virus (and its ilk) won't work, either.

If you connect workstations to the internet (ISPs as well as almost any other business) its time to start being responsible. Use NAT. Block outgoing ports that cause trouble (for others). Be part of solution, and you'll avoid the wrath of being part of the problem. It's that simple.

spam vs sobig?

[Wilk4]

I figured I was getting less spam because all the mail servers were busy dealing with tons of 100k-each sobig.f copies. Once sobig slacked off, then I started getting my 'regular' dose of spam again...

anyone know if this did affect things? any numbers?

I did notice a few weeks ago that the spammers suddenly went to using varied, real-sounding names as their From's so that became a little harder to scan-n-delete...

Spam Spam Spam

[Simkin1]

I don't know about the quantity decreasing... but I deffinately have to say that the quality has decreased... I'm getting more and more emails about buying things, and less and less about pr0n. I mean really... "sally want's you" and "you make me so hot" emails keep me going and knowing someone out there loves me! What would I do without all that positive reinforcement in my life?? ;-)

You're new here, aren't you?

An AC writes:

I really have noticed a dramatic decrease in the amount of spam I've received in the past 4-5 days. I figured it was just due to my dilligence with unsubscribing myself to mailing lists but everything just suddenly dropped off.

Hmm let's see - an anonymous coward uses a subject line of "Me too" to provide a brief anecdote about noticing an unspecified decrease in spam received during an approximated timeframe, then speculates on attributing this to an untested hypothesis, and gets moderated "+4, Informative".

Come on - you know you wanna blockquote me now, and get a +5, Funny for saying "You're new here, aren't you"...

Me too!

spam is a crime and deserves punishment.

[twitter]

it's obviously wrong to murder someone over spam.

Society would be justified if it made spamming a felony. Those who spam abuse the public for private gain, the very definition of a crime. It is right for society to loath and treat such people with distrust and contempt. They have abused society and society should not trust them. Reasonable punishment includes fines and temporary removal from society, aka incarceration, loss of vote and firearm rights and public record of your less than trustworthy nature. The size of the fine and length of jail time should be proportional to the volume and offensiveness of spam. People who willfully send vile and abusive pornographic material to minors around the world deserve to lose all of their ill gotten wealth and lots of time to contemplate thier crime.

Hanging is a little too much but it's something to consider..

Your rights end on conviction.

Forgotten but not gone

[sweetleaf]

Do you really think he's gone?

He starts getting some harrassing calls, decides to publicly call it quits and thereby hopefully dissuade any further punishment for his actions.

He realizes he was bad (aka he got caught), he's sorry (that he got caught), and he won't do it again (in a way that will get him caught).

Nice press announcement. Let's forgive the poor misguided fellow and move on. *snort*

How could he possibly think for a moment he was serving the public good?

It reads like an ex-con turned born again christian and I'm skeptical. Keep his info and give him a year to prove himself.

Or better yet, if he's sorry, why doesn't he provide some public service to make up for it?

Spam Works

[Shadowlore]

Hate to break it to you, but there *is* a demand for spam. Why? Quite frankly, it works. Teh demand fo rspam comes from the person/entity *selling* or hawking something, not from us.

Let us assume that one in 500,000 people will buy something from a spammer, or visit the referenced website (which probably gets counted as a hit or click somehwere earning the spammer money).

Spam is cheap. Let us say (assumption alert!) that one could send out 5 million spams for 10 bucks. One would only need to make 10 bucks or more on 10 sales, or an average of a bucks/sale. That isn't hard to do.

Any Windows virus contains the capability to send spams using your system (assuming you run Windows, of course). Wait till the public sees a 65 year old grandmother getting her stuff ripped away from here because of a virus that spammed using her machine, or becuase a spammer used her address as a reply to w/forged headers. Yeah, that'll make people feel good about themselves, eh?

You write as if the Internet repealed the laws of supply and demand. In truth, the prevalence of spam is an excellent example of them in action. The cost of electronic spam is next to nothing, and there is a demand for it, thus the supply busts wide open.

Think of this:
If postal spam was as cheap as email spam, how much postal spam would you be getting? I'd wager a helluva lot more. Why? Cheaper advertising costs, and at even low rates of return, it becomes cost effective.

Consider that direct mail has a 3-5% action rate. Cut that by an order of magnitude for spam, just for sake of dicussion, and do the math. Five million spams * .4% = 20,000 responses from people waiting to buy. Assuming a net profit of but a single penny per response that comes out to 200 bucks. At a nickel it is a thousand dollars. Can you send spam for less than that? Absolutely.

As long as people, such as yourself, ignore the reality of supply and demand in the world of spam, you will fail to understand how to make progress in combating it. And you will result to threats of violence to get your way. There has always been spam, it is just a new medium. Failure to recognize that will lead to failure to successfully combat it.

And as far as someone supplying spam, the spammer *is* the supply. Even modestly uncreative types could probably grab a scripting book and in a matter of a couple hours make spam lists of millions upon millions of potential addresses.

A good example of a bad statement.

[Shadowlore]

"...anything that slows down spam can only be a good thing."

Ahh, I see. So, blackouts, stopping the Internet, having some bureaucrat determine what is and is not spam, and banning email are all good things, then?

I think not.

Spam 'Crusade'

[tdischino]

In the past day since I read this story, the only spam I have received to my hotmail account has been from Chritian Finance advisors and a Christian Dating service (count of 5 pieces). I think this is the first Christian spam I have ever received, and all in 1 day... how odd.

no spam reduction here

[mxnmatch]

This morning I logged in and about 70 our of 120 messages were spam. This is pretty normal for me. It's no big deal though because I use Mailwasher Pro which tends to get most of it. It's still mildly annoying to click through about 5 to 10 spam messages, but regardless, I didn't see a spam reduction.

Well

I'm sorry to hear that you're having so much trouble with your e-mail, and I can see how this sort of abuse could make anyone froth at the mouth a bit.

On the upside, spammers have to hop from one domain to another fairly often. The deluge of bounces can't keep up forever.

My point, basically, was that stiffer punishments won't do any good if there is no chance any of them will actually be used. There are some anti-spam laws now, but there is no budget or interest in enforcing them, so the spammers have carte blanche. Enforcement is, as always, far more important than the actual penalties.

AGAIN: His address and Phone number

Shane Atkinson
2 O'Neill Ave Harewood Belfast
03 323 6484
+6433236484

SA PUBLISHINGS
P.O. Box 36289 Merivale
Christchurch, NZ 8030
NZ
064211252557

Shane Atkinson
support@sapublishings.com
P.O. Box 36289 Merivale
Christchurch, NZ 8030
NZ
021 1252557
+64211252557

there is no latin word virus

[bob_calder]

There is no latin word virus so suppostition is fruitless. If it WERE a word like vir/viri - ie man/men it WOULD make sense. There is a lot of pseudo-intellectual crap floating about that examines the possibilities of which declension it belongs to. Romans were nothing if not practical. Neuter referred to something sexless. If they were able to sex it, they would have made it either masc. or fem. and since they are such virile little buggers, they would have been viewed as masc. This, like the mentioned crapola above is just supposition and there is NO reason to carp about it. I took three or maybe four years of Latin in the early sixties. The language doesn't come back, but the supremely practical political and wonderful lyric memories stay with me.

why do spammers spam?

are these spammers spamming for the heck of it, or do they get good money (like we hear)?

if they do get paid, who's paying?
it's always said spams contain no links to actual originators of the content. which doesnt make sense, since if none of the advertised products were buyable, where do the advertisers get their revenue, and benefit do they derive from the advertisement?

and if u COULD actually buy stuff/services off them, why can't we track them down?

Re:YOU SEE REVEREND MAYNARD, OT

Save our brethren. Can I get an amen?

Re:Yeah....

[mauthbaux]

Now all we need to do is convince the spammers to use their bandwidth to check the news rather than using it to piss the rest of us off. As soon as they see that there's consequences for their irritating actions, I'm sure they'll turn around, and most people's e-mail boxes will remain empty.

As if that will ever happen :p

citing harassment.

[pensivemusic]

OH...isn't that just too too bad...

Form follows function

[Medievalist]

The users of a language have an interest in reducing pointless linguistic fragmentation.

You're missing the point... this isn't a pointless fragmentation, it's a valid distinction intended to make communication clearer and reduce confusion.

If there is no point in having distinct separate words for distinct separate concepts and physical items, how is one to communicate?

Hey, I know - instead of having separate nouns, verbs, adjectives, adverbs, and pronouns, we can use the extremely cromulent word "MARKLAR" to replace them all. That will stop that nasty "linguistic fragmentation" cold!

In fact, marklar marklar and marklar? Marklar's marklar to marklar on marklar. Have marklar marklar the marklar that marklar should marklar marklar? The marklar of marklar is to marklar the marklar of marklars, and marklar marklar marklar of marklar through marklar marklar (which is marklar marklar marklar) marklars that marklar.

Si hoc legere scis nimium eruditionis habes

Tu mihi lambe nates

Re:What about ME!!!

you silly twit. if you consider complaints about spam to be spam, you are quite the idiot to have voluntarily followed the link to this discussion and subject yourself to all of this "spam". dork.

Keep it up

I know it is nasty, but I too have had it with spammers. Lets harass them. Just because they say they stop, we should not. Keep subscribing them to their own stuff. Fill in bogus info on their forms and supply their internet mail addresses fetched from Sam Spade. Subscribe both them and their upstream providers to spam and smut lists.

It works. It's sort of like terrorist hijacking. They don't stand a chance if we stand up and fight.

The full basics are even deeper

[Shadowlore]

Menu's dont cost me bandwidth or server CPU tim

They cost you human time in bending over (potentially injuring your back) to pick them up from the porch, or they cost you time to open the door and unhook them from the doorhandle. You pay for maintenance on that door/porch, be it in rent, mortgage, property taces, homeowners insurance (what happens if the people fall down on your rickety porch?)

2) Menu's do not contain sexually explicit or illegal scam material.

The first part, well That depends on where you are. The second part, ask yourself why not? Because they'd get nailed for their already illegal activity!

3) Reading the menu doesn't cause me to be the permanent target of 100 other restaurants.

Nor does reading email. If you got a spam, your addres is *already* permanently on that list, in most cases.

4) Menu's may even be usefull.

So can spam. I've received useful spam many times. I chose to not participate, but it was indeed, still useful.

Here in Australia, you can even put a "No Junk Mail" sign on your letterbox - something you cant do for spam.

Sure you can. You can use a whitelist or similar system for your inbox. I have a couple addresses I use like this. IN fact, I do this on my phone line as well. I have caller ID. If you don't call from a number I don't recongize, you have to leave a message. If you call from a blocked line (as most phone-spammers do) you are instructed as to how to unblock your line and call again. Most phone-spammers will not bother.

There is another service the local telco offers that forces unknown callers to leave who they are. If they give it it then rings through and you are presented with the opportunity to accept or not. Meanwhile, they have to sit there waiting. Phone spammers do not do this probably 90% of the time.

happy babble (mod down)

[finallyHasANickname]

Howdy. :-)

:::extends hand in friendship::: :::reminds self to wash hands just in case I remembered wrong:::

(snicker)

Don't bother, as I'm sure the finer points of sociable type interaction would be lost on me anyhow... but I must admit I appreciate the thought. Should you have need of a 5.25" inch drive, or even an old C64 1541, I'm sure I can pull one out of somewhere. Perhaps the same place you extract your ideas.

This is absolutely zany. First of all, I was kidding about almost everything except generic good will. Secondly, I believe I have a dusty 1541 in a basement closet at my parents' house. ::::::shaking head::::: Thirdly, the place I extract my ideas: Yeah. Right. Smartass! :-)

Anywho - I had best get back to work (that thing they pay me to do) - I'm sure I'll see a lot of you on /. since... well... this is my social life.

Typical. Even in perfectly platonic things, it's feast and famine. I just returned to college. Shockingly, I'm fairly well adjusted among people who define "computer literacy" as the indoctrination into MS-Office. I'm going for liberal arts degrees. Now how about this: I'm
sans computer for about two weeks. I've been talking about art, politics, economics, sex (of course), history, military culture--you name it, and everyone is ok. When I was trying to make a point about conservatism in microcosm, I said, "Well, take the example of C versus Java. See, in my old school view, C and assembler is disciplined work to make the computer behave more efficiently. The 'easier' kinds of things like scripting languages have gotten even more bloated and more decadent with processor cycles..."

Then I pretty much interrupted myself. Oh shit. I forgot. I'm starting to get a life. These people have been having lives. Weird. I can't use C and Java as an example. I have to be explained why jokes that recite lines from "Everybody Loves Raymond" are funny, but I'm learning.

That's what education is for, no? Go figgur.

So every silver lining has its cloud. Now I'm neglecting some neat online people (esoteric "high tech" Luddites, etc. and people who treat string theory as headline stuff), but hey. We threw a killer dinner party with curried chicken et all last night. Cute girls (oops) college women and even, what, bottled water and chatter about the virtues of Western Civilization were there. Methinks I could get used to this. That's what's odd. It's like getting kicked out of Lamda Lamda Lamda by some default supervising de facto deity, but that doesn't mean anything disparaging about the folks.

Getting a life is almost what the label says it is. Strange, normalities, eh? Oh well, I'll still occasionally code some 16-bit assembly language in my sleep every once in a blue moon, but I hope never to feel truly comfortable when Microsoft hooks every interrupt and when "computer literacy" professors have no idea what that gripe means. In my punk/metal days, we had a sort of moral code to stay on slow burn, never losing the (out)rage and axe grinding process. It's like that all over again. It's like selling out or tempting myself to sell out. I'm supposed to be too old for this shit (like I would let such suppositions hold any sway in deciding what to do). I feel bad though. I know I won't get back on /. often. Take 'er easy. :-) Nice geekin' out with ya.

Ridding NZ of Spam

All I can offer to the discussion is that I live in New Zealand - in the south island. My team and I are working hard to deliver good web services to people in the area WITHOUT spam.

Currently our team is building a website for the city of Dunedin, located in the South Island. We are working hard to bring people the same services they would expect in the US WITHOUT spamming people.

Website: The City Octagon
The URL is:
www.thecityoctagon.co.nz
or
www.thecityoctagon.com

We are at least trying to make a difference! -Thanks