Slashdot Mirror


Spam and the Law Conference Report

Cowards Anonymous writes "The Guardian has a story about a spam and law conference, recently held by the Institute for Spam and Internet Public Policy, in San Francisco. The conferences are usually attended by anti-spammers, from the major ISPs, and spammers; and are an attempt to bring the two sides together. The article's author notes 'It's oddly intimate, watching the spammers and the anti-spammers mill around each other like this. It feels like a temporary ceasefire in a vicious war that to most of us seems to be a stalemate.' Also in attendance was infamous spammer Scott Richter, or 'high volume email deployer' as he wished to be called on his recent Daily Show appearance. Surprisingly the anti-spammers didn't tear Richter to pieces with their bare hands."

5 of 145 comments (clear)

  1. Scott Richter: A "Good" Spammer? by LostCluster · · Score: 4, Interesting

    Well, true, spammers are among the lowest forms of human life and deserve the status. However, at least Scott Richter is willing to do something that most other spammers won't... admit that he does it and is willing to talk about it.

    Let's face it, he's willing to explain his motivations and disclose his tactics. Most spammers take great lengths to hide their identity, and are scared to even tell their family what they do for a living. Even if we don't like what he does, at least he's willing to help us attempt to understand the problem. If anybody proposes an anti-spam system, he'll at least do us the favor of pointing out how it's not going to work before we waste our time on it.

  2. The first step to getting rid of spam by Slashdot+Hivemind · · Score: 5, Interesting

    Is admitting it comes from America. A quick glance at any spammer blacklist shows a clear majority of them live in Florida, but American politicians and lawmakers still push the line that it's an African and Asian problem.

    1. Re:The first step to getting rid of spam by LostCluster · · Score: 4, Interesting

      Florida has an interesting power of attracting rich-yet-lowlife characters who have managed to be declared scum yet have avoided being put in jail.

      The key is that unlike other states, Florida has no value limit on what you can claim has your "homestead" when you are claiming bankruptcy. That is to say, you could own a multi-million dollar home and have billions in unpaid debt. You won't be able to own much else in your own name, but you can keep your homestead. With only a few exceptions, creditors simply can't force you to sell your homestead in that state.

      That's why spammers live in Florida. Pass all the civil liabity laws you want... you can't touch anything they have. You have to make spamming a crime in order for them to be worried.

  3. Next time by azav · · Score: 4, Interesting

    Next time we know a meeting like this is coming up, we send a representative and photograph each of the spammers and post a "Most wanted" web page with each spammer's photograph and address.

    Then put up forms that can be printed out ala "wanted poster" style and have volunteers post the wanted posters all over the spammers' towns.

    Expose them and run them out of where they live. Make their lives as hard as they make ours.

    --
    - Zav - Imagine a Beowulf cluster of insensitive clods...
  4. Making it expensive for spammers by KalvinB · · Score: 4, Interesting

    Aside from from the bandwidth (which who knows what kind of bulk rates they get on that) the most expensive part of spamming is buying domains.

    And the kicker is that HTML doesn't allow you to obfuscate an URL. The best you can do is character codes but that's one to one so not effective.

    What I do is harvest URLs from spams and then add them to the rule file for my mail server. It's a mostly automated process to avoid accidently filtering out non spam domains like w3c.org or yahoo or whatever that occasionally end up in spam e-mails along with real spam domains.

    You can click the link on my sig and then there's a link from there to see the current rule file my server uses. Since I added in web-mail with spam reporting, this is going to be even easier since spams will have a unique subject line and a to address that has no legitimate uses.

    Instead of trying to sort out which e-mails to my real addresses were spam or not, I just log in, report them and then it's a simple sort by to address to find all the spam to filter links out of. There's probably around a thousand filtered domains which equals several thousand dollars worth of domains.

    If you're worried about people snooping around on your connection, OpenSSL is comming soon for web-access.

    If you have a fully TLS enabled e-mail client you can do secure POP3 and SMTP already. Thunderbird has TLS capabilities for SMTP but not POP3 for some reason. Pegasus Mail is fully compatible. Apparently there's no clear standard as to whether the client should just use the standard 110,25 ports with encyption (what my server supports) or use alternate ports. Thunderbird is quite convinced you absolutely must use a fixed alternate port for POP3.

    For most people, it'll probably end up that the web access is the most secure way to use Indie-Mail.

    Ben