Slashdot Mirror
From Artist To Spam-Hunter
I am Kobayashi writes "Wired has a story about Andy Markley, a graphic artists, whose business domain name was spoofed by infamous spammer Eddy Marin and used to spam thousands of people. After the incident recurred at a new ISP, and at the risk of his business and sanity, Markley fought back. He tracked down Marin through several spoofed email addresses and several hi-jacked servers, and eventually was successful in getting Marin's current ISP to shut down his account. Too bad he was a graphic artist and not a professional bounty hunter...."
Get 10,000,000 more of these guys and major domains will start accepting mail from innocent bystandards like me that are unlucky enough to be on small subnets again.
You can't judge a book by the way it wears its hair.
Spamming is such a dirty business that most spammers will commit some illegality somewhere. Their character is rarely that of a saint. And most ISPs will do anything to keep a spammer off of their bandwidth. So if you go after a spammer, there will probably be some dirt to smear him with somewhere.
Here we see the Spammer in his native environment, lets pull his network connection and see if we can get him rialed up. Crikey, look at em dial tech support!
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Verio is notoriously spam- and crime-friendly. So much so that I wouldn't be surprised if their management sold their children out to child pornography websites.
As for convicted coke dealer Eddy Marin, he deserves horrible and painful death for his actions. It's sad that no one has taken him out yet.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
Wow, what a revenge! This has all the exciting hallmarks of the most boring story in the world. He shut down a single ISP account. I'm stunned!
I hope the author isn't holding out for a script-writing deal for anything starring Chuck Norris or Lorenzo Lamas. It's hardly going to get rapped about by Dre, is it?
From Artist to Spam-Hunter to zzz...
'Thats they exact same thing a banana wrench monkey.'
If you want to do the same thing as this guy, try using SpamCop. Paste the entire email (with headers, duh) there, and it will backtrack the message to where it originated. It will tell you which company it came from, which one is being advertised, etc. For the especially lazy, it will also allow you to send a carbon-copy form letter to all parties involved. Best of all, it's free. Consider donating though, it's worth it.
Qualified candidates must be professional bounty hunters with verifiable experience and verifiable references.
Yes, my name is Boba Fett and I worked for a Hut called Jabba -- this was a long time ago and in a remote galaxy. During my tenure with Jabba, I successfully tracked and captured Han Solo, wanted for failure to pay back a sizable loan.
I'm fully familiar with the use of various weaponry, grappling hooks, and personal rocket packs. I have also done consulting work for Mr. Vader, a well known businessman who spearheaded the creation of a large spherical space station.
References available upon request.
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
So, this is identity theft. Why cannot spammers be prosecuted for assuming somebody elses "identity" and doing business/making money at the expense of others? This practice is illegal and there must be a legal precedent, yes?
Visit Jonesblog and say hello.
i expected a "and he torched the spammer's luxurious mansion in revenge" kind of ending... :(
Finally, something to fill in the ????? in my
- Linux
- ?????
- Profit!!
business plan. Now I don't have to hide my email address(es) anymore!-- Stu
/. ID under 2,000. I feel old now.
Most can't do anything about it coming into their networks. Going out yes, but coming in, there is nothing that can be done unless every single customer agrees that spam should not reach their mailbox. See in order to add those kinds of rules to a router, it has to correspond to all. No ISP is going to update multitudes of routers to add one rule for one person.
MoFscker
It would be great if governments like the U. S. gave 15 million dollars to a new force to track down spammers. The penalty for spamming is now 5 years in federal jail. 50 million people signed up for the national no-call list. I bet millions would back such a SPAM squad. It is too bad the government doesn't seem to care.
Again, working at an ISP, we cannot dictate what a user can or should not receive. He should have installed filters.
I think he was having email spoofed to look as though it were coming FROM him, so that people were bitching about him sending it, when he wasn't. I believe this is referred to as a Joe Job.
Although the logistics of such a plan are always complicated, why not author laws that would hit spammers where it really hurts: their financial institutions!? Since you can buy the shit from these bastards, you should be able to determine where the money is going. So make laws that would seize any such moneys that are a direct result of SPAM activity?
Hell even put the onus on Visa/MC/AmEx so that they are charged with dealing with the financial fallout! Do you think even the idiots who buy shit form SPAM would buy again if they were charged double for their purchase (once from the spammer and again from the credit card company for the penalty)? Sure there are bugs in the plan as is, but stopping SPAM from the technical side is difficult (if not impossible), so lets make it financially infeasible!
"1984" was ment to be a warning, not a guidebook. You hear that Kim Jong-il!? BushCo?!
Now I know I will get flamed for saying this, but when flyer distributors come around, does anyone beat their ass or track them down.
No, but that's an idea worth considering..
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
A scenario: Someone damages you, but it is hard to figure out who it was. You spend money and/or time and track them down. You succeed, and sue them.
Can you include the cost of tracking them down in the damages you are suing for?
Can you sue for more than your actual costs, to account for the risk you took that you'd be unsuccessful in tracking them down (hence your time/money would be gone with no possibility of being repaid)?
Quattuor res in hoc mundo sanctae sunt: libri, liberi, libertas et liberalitas.
How might people who receive faked messages track the messages to a source with minimal effort?...
This is more than just sending off a single email to a scantly watched abuse email.. This means getting hold of a real person and explaining, realistisay, what sort of legal liabilities they might be open to if they continue to support the spammer's actions. (Hacking laws, aiding and abetting, Trademark infringement and vicarious liability) often fit in there.
If more people would do this, life would get a lot harder for spammers.
Free Software: Like love, it grows best when given away.
100 E-mails a day could hurt some of us that have legitimate businesses that also have a monthly newsletter that requires we send hundreds of E-mails every month. We send each individually and do not bcc or cc the entire list (automated program). So, everything can't be black or white -- on or off. We need to allow legitimate use of mass E-mails while controlling spam at the same time.
Banjo - The more I know about Windoze, the more I love *nix
Not necessarily. Most web hosting companies that I have seen will give you X (or unlimited) number of e-mail accounts for your domain. They also have the option of creating a "default" account, where all e-mail sent to the domain goes, if it didn't end up in one of the mailboxes that you explicetely created. This can be useful, since you can just give out random account names at your domain on a whim, and know that all of the e-mail sent there will end up in the same place. It also acts as a backstop to prevent some customer of yours having their e-mail bounce because they got the account name wrong. No e-mail to your domain will ever bounce. It also means you don't have to set up all the default e-mail addresses that people take for granted as being active in a domain (root, webmaster, postmaster, abuse, etc.)
The downside of this is that if a spammer spoofs a totally random e-mail address within the victim's domain, the bounce messages and pissed off replies will end up in one big heap in the victim's default e-mail account. I suspect that's what happened in this case, because there was no evidence that the spammer was pissed at the guy to begin with.
Default e-mail is also a big pain in the ass when a spammer tries a dictionary attack on a domain in order to find valid e-mail addresses. That's when the spammer sends e-mail to a@yourdomain.com, aa@yourdomain,com, aaa@yourdomain.com, ad nauseum. If you have a default e-mail address, *all* of these spams will be delivered. Say goodbye to your disk quota!
I had exactly the same thing happen to me.
The spam in question was a pharmaceutical firm, and one morning I got just about 50 'undeliverable mail' messages with my email address as the sender. I never got any complaint letters, and it hasn't happened since (that was about Sep 21, 2003 give or take a day).
I figure I never got the flak because no one ever comes to my site anyway...
Michael in Toronto
Cheers, Michael From sunny Toronto
There's nothing wrong with dealing coke.
Spamming, on the other hand....
IANAL, but if this guy has as much evidence as he claims to against this spammer, he needs to sue the spammer. The spammer is knowingly committing an act that he knows will cause damage to the business that he is effectively "impersonating". He is doing it to turn a profit from an illegal activity. If proof of this act is available, the victim here could be looking at a pretty stout judgement. If this guy made $750,000 spamming people last year, there's a good chance he'll be able to find an attorney who will pursue this on a contingency basis.
And IIRC, I'm pretty certain the victim can sue the spammer from his home state (especially nice since the spammer is on the opposite end of the country).
What has *science* done?!? -- Dr. Weird (ATHF)
- Bayesian filters (or similar) on the SMTP servers, analyzing and SPAM-rating e-mail on a line-by-line basis, as it is inbound to the server.
- Packet-by-packet connection throttling of all connections to the SMTP server, based on the current SPAM-rating of the open connection.
All mail will get through. There are no false-positive or false-negative issues to deal with. There are no freedom-of-speech issues to deal with. But SPAM works only because of VOLUME and this will drastically reduce the volume of SPAM that a server can send, making spamming unprofitable.Not my idea -- someone else suggested the scheme a while back. I wish I could remember/locate a reference.
This is from my previous post on the subject, and outlines my plan for eliminating spam, worldwide.
... no problem. Just give us your email address and we'll PayPal you the money. Don't have Internet? No problem: we'll get you the money. My research indicates that, if my plan were to be implemented on a sufficiently wide scale, we could expect to see the end of Spam by next Friday.
Now, fifty to one hundred thousand dollars per spammer may seem excessive, particularly as these people are already intrinsically worthless. However, if you look at the numbers, the worldwide savings that will accrue from not having to accommodate spam will be dramatic, and will far outweigh the actual disposal costs. Furthermore, I am sure that once the ball is rolling, we can count on additional help from our friends and allies around the world.
Of course, some of our {ahem} less-enlightened neighbors might object to our putting out what might appear, at first glance, to be a "hit", or contract, on their nationals. But as soon as senior bureaucrats, heads-of-state, industry leaders and their secretaries begin to notice the comparative emptiness of their in-boxes, I firmly believe that they will quickly come 'round to our way of thinking.
Offer a reward of, say, $50,000 for every bona-fide spammer brought in alive, and double that if he has already assumed room temperature. The beauty of my scheme is that it, like the Internet itself, knows no borders. If someone successfully manages to capture or whack outright a spammer in, say, Nigeria
The higher the technology, the sharper that two-edged sword.
It really isn't obligatory at all. Really. I swear. In fact, it's highly discouraged nowadays since it's not in the least bit funny anymore.
Only a slashdot poster such as yourself can pound a joke so hard and for so long that even a great Simpsons' line makes me queasy when I read it. But I have to hand it to you -- you, my friend, are clearly the master of pounding it long and hard. But please don't feel obliged in any way.
You can take a rest any time and no one will miss it. Except for possibly your local Kleenex(TM) and/or hand lotion distributors.
everything in moderation
WCG.net, and told the tech support staff what had been happening. Within a few hours, Marin's account had been canceled.
/24s. Then they feign this concern by "shinning" on those who complain about their dubious customers. Why don't someone ask them about Wholesalebandwidth.com/Optigate?
c efile=1114
Baloney! It is likely that they told Marin to change the domain name before Markley sues and WCG loses their big bonus blood money.
But WCG sounded sincerely surprised to find out the infamous Eddy Marin was one of their customers."
Rule #1! Williams Communications Group is notorious for continuously providing bandwidth to spammers with dirty
Anyone who wants to know about Marin and his scum operation can see it on Spamhaus.org:
http://www.spamhaus.org/rokso/search.lasso?eviden
!@#$% whole-grain cereal. When I want fiber, I eat some wicker furniture. - G. Carlin
This is a great story which I genuinely enjoyed reading. I laughed out loud more than once.
That said, please be very careful if you choose to follow the "Let's Get Brutal" link provided at the end of the linked site. Do yourself a favor and resist all temptation to click on the "Rodona Garst Breast Size" link there, as it is only a little less offensive than goatse.cx.
You have been warned.
everything in moderation
No one does spam filtering at routers.
There are filters and blocklists, but they have nothing to do with
routers. Long ago particularly egregious spammers were blackholed at the
router level, but that hasn't happened for years.
No ISP can stop all spam, but given enough resources we can stop most
of it. The problem is usually somewhat like you allude to, that there
is a certain set of people with an absolute horror of a non-spam
message being bounced. They claim "loss of email", and thereupon close
their ears.
But there is a more insidious foe, the scan-and-delete error.
Most admins today have two basic ways to stop spam -- blocking and user-
based filtering. Blocking rejects spam detected (via filter or
blocklist) and puts the onus on the sender to re-establish the
communication. User-based filtering puts the onus on the recipient to
review their spam folder and look for "false positives".
And there are three ways to play your two tools.
1. Little or weak filtering or blocking means communications are lost as
people have scan-and-delete errors due to battle fatigue from their
daily fight with spam in their mailbox. Much legitimate email is
lost, and it is lost and *neither party knows it was never read*.
This collateral damage is spread over every part of the net,
spam-friendly or no.
2. Aggressive filtering and tagging for dropping in the user's "spam"
folder means that legitimate communications are tagged as false-
positives. People usually don't scan their spam folders carefully,
because such a high percentage is spam. Again, legitimate email is
lost and *neither party knows it was never read*. This collateral
damage is spread over every part of the net, spam-friendly or no.
3. Aggressive rejection of email via blocklisting causes some legitimate
email to be rejected. However, that collateral damage is limited to
spam-friendly parts of the Internet. The sender knows full well it
was not read and can re-send the message via another channel if it is
important. This knowledge also allows them to take action to correct
blocking errors; and heightens awareness of who is not doing their
part to fight spam.
To me, selecting #3 is a no-brainer. When legitimate email gets lost,
the sender knows it was not received. And it is almost all lost from
networks participating in the massive denial of service attack on the
Internet at large that is spam.
AOL, for example, does a simply outstanding job of making sure spam is
not sourced from their network. They don't allow spam hosting of any
kind. I *never* want to lose mail from them. Same with Earthlink, MSN,
and Hotmail. They deserve that consideration due to their effort. If my
users lose mail from them due to scan and delete errors, I have not done
my job. I would much rather have them lose email from the people who pay
the spam-friendly providers. (And no, folks, those fake hotmail.com
addresses in the From line don't mean they source spam.)
You can do filtering at the MTA level too with rejections, but I don't
do that except with filter settings that have a near-zero false-
positive rate.
First Noah's Flood of spam, then isolation and even blame, and now his server gets Slashdotted to death ;).
. ~/.sig
So what ever happened to that great idea of including RMX records in zone files? It would 100% eliminate spam like this (which accounts for the vast majority). I haven't heard anything frome either qmail or sendmail implementing it.. which sucks.
See, the reason I'm so big on this, is because I consulted at implementing this at Shadango.com (a new, free, filtering service). We started performing reverse lookups and you would NOT believe the filtering success. It was like day and night. So seriously.. try implementing that on your mail servers and see what happens. And if you're just curious and want to see how effective it can be, check out the implementation at Shadango.com
-Fatty
The spammer was forging mail from one of my domains. Since the domain name was a registered trademark, I had some extra leverage. ISPs have a "safe harbor" for E-mail content, but not for trademark infringements.
I ignored where the mail was coming from, and concentrated on where the money went when you placed an order. The spammer had two phony "billing companies", with phony addresses. Accepting credit cards without providing a valid business name is illegal in many states, so, by sending appropriate letters to the ISPs that hosted his billing sites, I was able to turn off his income stream. The sites reappeared on other ISPs, but with some work, I was able to get his domain registrar to lock some of his domains.
This is an effective tactic. If you file an "incorrect whois data" complaint with the Internic, and the registrar can't contact the domain owner, the domain goes to "locked" state. Then, if you get the hosting company to dump them, they can't move the site. In this case, the spammer operated his own DNS servers (triply redundant, on different ISPs), so I had to get all of them kicked off various ISPs.
By now, I'd had this guy kicked off ISPs from Dallas to London to Sao Paulo. This was made easier by the fact that he was paying for much, if not all, of his hosting with stolen credit card numbers. Since his porno sites generated credit card numbers, he could keep signing up for new hosting accounts with his customer's credit cards. That doesn't work once the ISP knows who to look for.
Finally, the guy retreated to his home ISP in St. Petersburg, Russia, where he apparently felt safe. That took a while to crack. I found out that the upstream provider used by the small St. Petersburg ISP was a larger telecom company in Moscow. That company was in the process of doing an initial public offering on NASDAQ. I talked to their investment people in New York, and eventually received a call from the Russian telecom's CEO. It turned out that we had some friends in common, and that he knew about the small St. Petersburg ISP as a known problem.
With that connection, I had some discussions with the St. Petersburg ISP, which kicked off the spammer. He came back with new accounts the next day. I got those accounts closed. This went on for several weeks. Finally, after some additional prodding, the St. Petersburg ISP shut the guy down and kept him shut down.
It's been months now, and the spammer's content is nowhere that Google can find it, so he seems to be out of business.
The key to dealing with spammers is to follow the money. While dealing with this problem, I talked to bankers, the people who developed his billing system, and a company to which he'd outsourced web design. Eventually, a picture of the spammer emerged. This was basically a one or two person operation devoted to stealing credit card numbers. Once I knew that, getting cooperation in shutting the guy down was reasonably easy.
Trademarking your web site name gives you some additional legal options, and is definitely worth the $450 or so it costs. When you raise a trademark issue, the problem escalates to the ISP's legal department, and you're no longer dealing with the customer service people.
Once you get to the legal people, and fraud is involved, you can point out that the ISP, once informed of the problem, is knowingly aiding and abetting a fraud scheme. This usually results in quick action.
It's always useful to check business license and corporate filing data. If you find a Whois entry for Phonycorp, Inc. at a Mail Boxes Etc. address, find out whether the company has a business license (where required) and is registered as a corporation in the state. If they don't, they're doing business illegally. So report them to the IRS, the state tax authorities, and the local authorities. ("Hello, City Assessor's Office? I'm trying to locate the offices
Not that I would dispute the accuracy or honesty of someone who makes a living from such activites as spamming and (apparently) dealing coke... but...
Ya suppose all this money Eddy likes to gush about in interviews comes from an activity other than spamming? Wouldn't spamming make a great way to launder income. Its already a shady, though not entirely illegal business. It wouldn't be too odd to have a customer base that's a litle difficult to trace. And it would explain a solid income without any apparent labor, contacts, or business partners.
(not that this little conspiracy theory has plenty of holes - but hey, that's not the fun of it)
3. Aggressive rejection of email via blocklisting causes some legitimate email to be rejected. However, that collateral damage is limited to spam-friendly parts of the Internet. The sender knows full well it was not read and can re-send the message via another channel if it is important. This knowledge also allows them to take action to correct blocking errors; and heightens awareness of who is not doing their part to fight spam.
Anyone who reads somethingawful.com knows that this isn't necessarily the nobrainer that you think it is. They had a particular problem where people would be able to sign up for their forum accounts, but they could not be mailed back with the activation because of the SPEWS blacklist determining that the part of the internet SomethingAwful belonged to was Spammerville, USA. This meant that 10-20% of the people who tried to get a forums account couldn't be mailed back, and SomethingAwful could even mail them back to explain why!
Here's a nice link for the angry rantings of Zack "GeistEditor" Parsons on the subject. Yes, we should fight spammers at every turn we get, but the "collatoral damage" means that some people can't even find out why they never get a reply from their girlfriend/grandparents/long lost friend.
I haven't seen SPF being mentioned yet.
It's a sistem whereby you, the domain-owner, via DNS records, explains what SMTP-servers (their IP adresses) are allowed to send email with your domain in the From: header.
To me it really does look like a way to kill spam, if it were adopted.
"Again, working at an ISP, we cannot dictate what a user can or should not receive."
Horseshit. Go and read your AUP regarding guarantees of service. What you meant to say was, 'If we get caught running false positives it would be embarrassing'.
"He should have installed filters."
Of course he should. That would have stopped the joe-job happening.
What I don't get is why ISPs don't have some method of, say, 'assuming' that someone receiving several hundred bouncebacks is either the victim of a joe-job or actually spamming. What do you think? Reasonable?
So block the service and drop someone a call. Swallow the emails. Tell the person who's account it was that unfortunately everything got caught in the doohickey superspam frobulator and it's another fine service.
As someone that works for an ISP, stop wringing your hands and DO something.
Jesus. This would be like the car industry saying that they couldn't install car alarms because of the inconvienience of people losing the fobs.
"when flyer distributors come around, does anyone beat their ass or track them down."
Nope. I tell them I don't want them, and they respect my wishes. If they continue then I find out where the flyers are from and have a word with them...steadily it goes up the chain until it hits law enforcement.
"Get a filter, and if your ISP doesn't do shit change ISP's."
Dude, the problem isn't the _end-user_, it's the piss-poor hand-wringing produced by every ISP so far that argues that they're a carrier. It's the ludicrously bad handling of complaints and the carriage of stuff from known 'bad' netblocks. It's about ISPs allowing serial rapid-fire ICMP(8) without even a courtesy call to ask if people are running virus checkers.
At this moment in time my ISP (Demon/Thus) has disabled ICMP(8) to help calm MSBlaster. It's a bitch, but it's a proactive approach.
"no one should dictate what someone should or should not receive"
Don't be an ass. That's the kind of free speech bollocks that the marketers use.
Oddly Draconis
Too cynical to live, too stubborn to die.
One spam arrived as I was reading this! And they are still abusing whois/dns. Nice, but this guy has managed to do sweet FA
Relevant supporting evidence attached (my account is hosed, anyway..)
News Story.
-----------
http://www.internetnews.com/
Spam Headers
--
Return-path:
Received: from punt-3.mail.demon.net by mailstore
for johnc@yagc.demon.co.uk id 1A4cHz-0006dB-Fh;
Wed, 01 Oct 2003 08:25:56 +0000
Received: from [24.128.200.166] (helo=h000ae62be489.ne.client2.attbi.com)
by punt-3.mail.demon.net with smtp id 1A4cHz-0006dB-Fh
for johnc@yagc.demon.co.uk; Wed, 01 Oct 2003 08:24:52 +0000
Received: from lcs.mit.edu [59.95.222.125] by h000ae62be489.ne.client2.attbi.com (Postfix) with ESMTP id EDA4562DFCBD for ; Wed, 01 Oct 2003 09:28:33 +0000
Date: Wed, 01 Oct 2003 09:28:33 +0000
From: Tofikequf
Subject: Johnc Receive your Dip1oma 1965936
To: Johnc
References:
In-Reply-To:
Message-ID:
Reply-To: Jolisojap
Sender: Juleka
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Traceroute results
--
3 130.152.80.30 10.121 ms isi-1-lngw2-pos.ln.net [AS226] Los Nettos origin AS
4 198.172.117.161 163.950 ms ge-9-3.a01.lsanca02.us.ra.verio.net [AS2914] Verio
5 129.250.29.136 2.821 ms xe-1-0-0-4.r21.lsanca01.us.bb.verio.net [AS2914] Verio
6 129.250.2.11 6.288 ms p16-7-0-0.r00.lsanca01.us.bb.verio.net [AS2914] Verio
7 129.250.9.210 9.905 ms p4-1.att.lsanca01.us.bb.verio.net [AS2914] Verio
8 12.123.28.130 9.913 ms tbr1-p012201.la2ca.ip.att.net (DNS error)
9 12.122.10.25 13.635 ms tbr2-cl3.sffca.ip.att.net (DNS error)
10 12.122.9.137 12.811 ms tbr1-p012501.sffca.ip.att.net (DNS error)
11 12.122.10.5 54.916 ms tbr1-cl1.cgcil.ip.att.net (DNS error)
12 12.122.10.1 78.542 ms tbr1-cl1.n54ny.ip.att.net (DNS error)
13 12.122.9.130 76.257 ms tbr2-p012501.n54ny.ip.att.net (DNS error)
14 12.122.10.21 81.463 ms tbr1-cl1.cb1ma.ip.att.net (DNS error)
15 12.122.11.194 80.896 ms gbr1-p40.cb1ma.ip.att.net (DNS error)
16 12.123.40.97 80.612 ms gar1-p360.cb1ma.ip.att.net (DNS error)
17 12.125.39.214 81.116 ms DNS error
18 24.91.0.42 81.131 ms bar02-p6-0.wobnhe1.ma.attbb.net
19 24.91.0.154 81.628 ms DNS error
20 24.128.190.57 82.081 ms bar02-p4-0.lwllhe1.ma.attbb.net
21 24.147.0.38 82.124 ms ubr01-p2-0.lwllhe1.ma.attbb.net
22 24.128.200.166 97.001 ms h000ae62be489.ne.client2.attbi.com
/usr/games/fortune > ~/.signature
I already had an idea quite like this after reading the story on that spammer from .nz who left the industry after getting harassed because his real identity was made public in some local newspaper... Set up some fund which will pay bounty for accurate and valid information on proven spammers, and set up a directory just like rokso at spamhaus.org. Dont really harass them, just give them the bad feeling that we know who they really are...
sick of sigs... *sigh*
SomethingAwful is a poor example to use in this case. Zack Parsons, in my own hog-fucking opinion, is a child who doesn't understand the basic functioning of email and blocklists and incited the flooding of newsgroup news.admin.net-abuse.email by his idiot subscribers. We saw Zack on the newsgroup and on the above-mentioned page whining like a little girl about his problems.
Oh fucking well. Hosting with a spam-friendly provider could have been avoided. He could have contacted his hosting provider and gotten things straightened out on his own. Inciting his readers to harrass the spam fighters because he got his panties in a bunch over his mail not getting through was a bad move, and I'd think it would be an embarrassment for him.
SPEWS and the "collateral damage" concept are one of the few things that have gotten providers off their asses to remove spammers from their networks. Just because some kid's little chat site gets their mail blocked is no reason for the site's readers to act just like spammers, and probably resulted in somethingawful's mail being even more widely blocked than it had been when only SPEWS was listing it.
The same spammer forged a number of other domains, including mine. I have a page about it at http://www.whitis.com/mypillsrx.htm. There is also another article available at AVN Online.
Eddy Marin, a well known spammer with a history that includes convinctions for cocain dealing, money laundering, and who was involved with pornography, seems to be behind the spam.
In the meantime, his pet lawyer, Mark Felstein, ( check out the cute picture) is suing several people who fight against spam for blacklisting "anonymous members" of his newly created EmarketersAmerica organization, and several anti-spam sites all over are being under DoS attacks.
The spammers are winning because the good guys are playing fair and honest while the spammers have no morals are are making up their own rules.
"Say what? If I filter my mail, how does that in *any way* protect me from some asshole..."
They say that sarcasm is the lowest form of humour, but I like to start low and work my way up to satire, metaphor and allusion when I know my audience is breathing from the nose.
So to make it really obvious, filters wouldn't have helped and the original poster tried to pin the blame on the user for a joe-job.
Thanks for your input.
Oddly Draconis
Too cynical to live, too stubborn to die.