Confession For Two: A Spammer Spills it All

defender writes "Rejo Zenger, well known Dutch anti-spam activist, recently had a very frank talk with a (now retired) spammer. He got information as to how and why S. Pammer started, where and why he was kicked out, who helped him get his bulletproof hosting, his open proxy mailings etc. It gives a nice and concise view of what the costs for a smalltime spammer are. About 200 Euros for the hosting and ability to spam at least half a million addresses (in a months time). That's for a turnover of 6 times and a net profit of well over twice those initial spam-related costs. Complete with screenshots, of course."

Comment removed

[account_deleted]

Comment removed based on user account deletion

I can see it now

[wangotango]

Spammer's Cookbook.
Should make the NY Times Bestseller list in a matter of days along with a few more Euros.
Not funny, and likely to happen.

Re:I can see it now

[actiondan]

Remember, the book wouldn't have to actually be accurate in order to sell - it would just need to promise to tell readers what they need to know in order to spam effectively.

In fact, the book could quite easily lead prospective spammers down a route that will get them quikcly caught and shut off...

The book could make a lot of money from people who want to spam their way to riches _and_ help to make sure that such people get identified and stamped on early in their (hopefully short) careers.

Hmm, better that I make the money with a fake spamming guide than some real spamming expert...

Would it be wrong to scam people who want to become spammers?

Dan.

Baiting?

[bucky0]

Reading this article gave me a good idea (Although, it's probably been done before)

Would it be possible to set up to send spam through one of those sites to numerous address you set up? Then, after you recieve the spam, you could block those proxies(being relatively certain that they're zombified machines)

Yes, you would have to spend a bit of cash up front, but it seems (at least in principle) to be a fairly accurate way to find spam relays.

My $0.02..

Re:Baiting?

[DoctorPhish]

Why pay money? Set up the target addresses on a domain with no real mail users, have all the messages rejected, and record the ip addresses of all connecting smpt servers. They don't charge you for undelivered mail, after all ^_^

Re:Baiting?

[torinth]

A few problems:

1) Your single message may only go out through one or two proxies. Remember that the spammer you hire has other jobs running, and has many choices as to how to distribute the load.

2) Spam proxies are generally short-lived or part of a dynamic pool of addresses that it might not be appropriate to block. Some are also just corporate machines that were poorly administered (open relays). You may inadvertantly block regular people from getting email to you.

3) It would be easier to just buy a list of proxies and block them, if you really want to go that route.

4) Generally speaking, you'd provide a third-party spammer with a message and maybe a set of target criteria, not an email list. If you had a list and a message, you could just use a mailing list manager. The spammers value comes from the vast quantitity of addresses.

Not a true example?

[fembots]

This guy is only making a small profit, and the way he did his business wasn't really taking advantage of the "investment".

Shouldn't he be selling more products, ie he paid EURO$388 for the CDs, he should have used the same CDs for many more products at once, and each of them will guarantee the same readership of 30%.

The real money...

[j3ll0]

...would appear to be in the production and sale of address lists.

Seriously, it would be trivial to write a script to generate e-mail adresses (actual reachability is a moot point). All you would need is a list of registered DNS names with mx records, and a list of names (nationality doesn't matter either: as many nationalities as possible). Then just run through the common variables

firstname.lastname@mx.tld
lastname.firstinitial @mx.tld
first6charsoflastname.firstinitial@mx.tld
and so on....

Costs to burn the CD
Yup, that's where the real money is....

Re:Mr. Bw,

[Omnifarious]

I haven't looked at the site. But the world needs a good way of accounting for 'unrealized externalities' in a reasonable way. That's the way to manage the environment and keep capitalism around at the same time.

I think this is, in general, a really hard problem. Partly because sometimes, we don't understand the costs of some activities until they've been going on for a long time. Like DDT, for example. It seems like a wonderful pesticide, and we used it for years before it became clear that it had an enormous hidden environmental cost that hadn't previously been accounted for.

I think, for spam, the problem is much easier. You can use bandwidth costs, and estimate the costs of the wasted human time and attention and come up with a reasonably accurate estimate.

Re:Impulse purchases

[tekiegreg]

Ok let's analyze that statement if they impulse buy x on impulse:

Manhood enhancing product: Hopefully the end result of a disastrous manhood enhancing products is the destroyed ability to procreate, so spam customers can't begat more spam customers, W00T!!!

Mortaging their home on impules: Worst case scenario their home is repo'd, gets harder to fall for spams when you don't have a home to check your email for spams in.

Third world bride: Oh dear god don't go there on impulse buying a woman...*shudder*

Bestiality DVD set: Well that's low risk, but still you get ripped off with a soft-core porn video?

Re:Green Economics and the Net

[Crispin+Cowan]

The costs these fucktards incur upon everyone else leaves us with a wasteland. If it weren't for vigilant individuals spending their free time trying to fight the problem, the internet would probably die

And praise be to those vigilant individuals. However, it is not that the Internet would die; more like this crappy insecure non-authenticated protocol called SMTP would die. The only problem with just pre-emptorily killing it ourselves is that it would cost many $billions to replace it.

My favorite alternative to replacing SMTP is to adjust the penalty for activities like this guy S.Pammer to be "head mounted on a stick". There is lots of data that says that a majorit of all spam is sent by the top 200 spammers; kill them all in greusome ways, and they are unlikely to have followers :-)

Crispin
----
Crispin Cowan, Ph.D.
CTO, Immunix Inc.

why oh why

[sinner0423]

journalists iconify these assholes making them out to be some sort of innocent guy, genius, or otherwise. bottom line is, they're breaking the law, and pissing me off. let *ME* interview one of these guys, you'll surely see a dissection of a spammer.

whose with me? we'll set up some fake wired interview, and just beat them down, hoping they go tell the tale of horror to all of their buddies.

private funding sent a passenger jet in to near-orbit for a little bit over 20 million. i'll do this for 10 million, and a g-mail invite.. we will travel around the world, kicking spammer ass, guido squad style. take no prisoners. all in the name of national security, of course.

Re:It seems like spam

[McDutchie]

Every day I get dozens of delivery attempts at an address I used to run a listserver on, which has been invalid since 1998. No human has *ever* been behind that address. The spambags do not care about invalid addresses.

Re:Green Economics and the Net

[halowolf]

I'm not trolling, (and I'm not have a jab at every BL project out there) but these "vigilant individuals" also create problems of their own as they counter the problems of SPAM, blacklisting without accountability and the like. Their actions can also degrade the quality of the internet. I'm not saying do nothing but sometimes doing a knee-jerk reaction can be just as harmful. The word vigilant, is too close to vigilante for my comfort :)

I am pleased however that more proactive steps are being taken by organisations such as Spamhaus in addressing the problem by both a technology and policy driven approach in combatting the problem. And that more prosecutions are happening. But I don't see the tide being turned anytime soon.

As for the internet dying, I don't see it. There is now to much commercial interest in it for corporations to sit idly by and do nothing about SPAM and other problems we encounter on the internet. Even our governments misguided steps at regulation, show that the internet is here to stay. It may transform in the future but I don't see it dying just yet.

213.10..

[apachetoolbox]

/me gets back from looking at the screenshot...

i'm banning 213.10.0.0/16 ...

-jk :)

Is the spammer really selling 'Spam'?

[ErnstKompressor]

Slightly over half a year ago, S. Pammer received spam advertising canned meat. When his order arrived, he saw the name of the supplier on the tin. When he checked the web site of that supplier, he noticed that the cost price amounted to circa a fifth of the price he had paid to the spammer. Reckoning that he could make a quick buck this way, S. Pammer started his own, comparable web site.

This can't be for real...

Anyone know how to get started with refi spam?

Refi = refinance. Or anything dealing with loans? I'm not interested in being a spammer, but I would like to take extreme advantage of these guys who depend on spammers. Reason is, supposedly the loan guys pay up to $50 for each unique lead that responds. Hell, I could "respond" myself via dialup (new IP each time you connect) four times a day, for a cool $200 daily. This wouldn't take but an hour of my time at the most. Add in different loan vendors, and one could rack up EASY money quick.

Re:Green Economics and the Net

[Satan's+Librarian]

So now it's being made criminal, but even within the bounds of current law, you can receive a lot of marketing email. Don't misuse the word criminal, please.

Marketing email directly from a company I do business with is one thing (acceptable, if annoying). Crap for viagra, home mortages, etc. is another. Most of the spam is very misleading anyway, and targetted towards old people that are easily manipulated (e.g. the mortage spams with the 'I spoke with you this morning' headers). That's borderline.

The crap with the viruses setting up spam relays is criminal.

If you want to avoid spam, do the same thing you'd do with advertising on TV: stop taking advantage of its products. Either buy content at a high enough markup that operators needn't sell your address, or use publically funded content. But don't expect to eradicate internet advertising while still getting everything for free. It just can't work that way..

If only that worked. Unfortunately, simply for the fact that I run a few domains and actually find it helpful for people to be able to contact me without unraveling a mangled email address (hence, I put my email up) - it gets harvested and abused. I can turn off the TV if it annoys me (actually don't currently own one) - I can't turn off the spam w/o loosing my business communication.

I've never bought something from spam, nor do they even get the satisfaction of those stupid image-link bugs getting pinged. Unfortunately, I can't stop the people they take advantage of from falling for their scams, any more than I can make the Citibank phishing expedition and Nigerian 419 scams unprofitable.

About 20 spam/day make it through the filter right now, with another 50 or so going to the spam bin. I get 5-10 legit emails per day. Bayesian filtering is dead now with the random garbage-spewers, so I need to test and install another solution on the server end (until the last 6 months or so, client filtering worked best for me - now it sucks ass). My life shouldn't revolve around dealing with spam. But I'm going to need to spend time on it anyway now.

Since I haven't spent much time on it, it *has* cost me more than time. I had a contract offer go into my spam bin, because the random words horked the bayesian filtering so badly. It wasn't the only false positive I've had, but it's the first time the delay before cleaning the spam bin cost me something - a contract. That just sucks.

It's criminal because...

[bani]

99.999999% of it is sent via relay rape and compromised machines = criminal trespass, theft of service, unjust enrichment.

the internet survived just fine for a long time without spam. to say spam subsidizes the internet is bullshit -- it raises the costs for everyone and thus makes the internet more expensive, not less. spam isn't a subsidy -- it's a tariff.

spam is destructive because of innocent third parties who are destroyed in the wake of these miscreants sending out their get-rich-schemes and penis pill advertisements.

and these criminals are getting more and more outrageous in their actions. recently a spammer hijacked a california city government network, redirecting them to his own servers where he hosted porn sites and sent out spam. the entire city government network was shut down, utterly destroyed, until they managed to get it back.

if spam is not such a big problem, i'll just forward you all of mine, then.

Re:Green Economics and the Net

[bersl2]

That's very insightful. Given that spam is an overall economic bad, you can somewhat offset the production of spam by spending money for its removal. Or you could spend money so that it is never produced in the first place.

Maybe we should treat other economic bads (e.g., pollution) in such a way: subsidize the non-production thereof.

Time is running out!

...That is only half million spams a month.

The pro's due that IN A SINGLE DAY!

Well, as the pros continue to ratchet up the numbers of spam sent, they continue to dilute the value of each spam. This ensures more will spammers will retire.

Let's say two years ago, a spam would bring, on average, $0.01. Sending 100,000 would return $1,000. He could do it with a cable modem.

Last year, the spams were now worth $0.0001. He's losing a lot of spam in filters. He now needs to send a ten million mails to get his thousand bucks. He needs a T1 or two to do it, as well as more machines. He needs to proxy, and move around his spamvertised sites more often.

This year, spams are worth $0.00000001 apiece. He now needs to send 10 billion spams to make a thousand dollars. 99.9% of his mails never reach the Inbox. 99% of what makes it is filtered at the client level. He now needs a t3 and a bank of machines to send it. His relays are RBL'd and he needs to hijack priavte machines - potentially a huge bust. He needs costly offshore hosting just to get a week or two in on his spamvertised sites. His old standbys - porno sites -- are laying low due to being deactivated for spamming. His clients are mostly openly illegal things like casinos, drugs and warez. He needs to proxy like a motherfucker; the FBI is coming down hard on spammers, nailing guys like Carmack for federal prison time.

At this rate, things don't look good for next year. He will need terabytes of bandwidth. He will need supercomputers. He will need to actually live in Russia, instead of pretending to.

my problem with spammers..

[josepha48]

.. is when they start forging email addresses. Like sending email to me with my own email address.

Its kinda like faking where a letter is sent from and who you are at a bank. Its forgery, and fraud. Personally I think people that do this that get caught should end up in jail or shot.

Re:my problem with spammers..

[Just+Some+Guy]

.. is when they start forging email addresses. Like sending email to me with my own email address.

I recently told Postfix to reject any SMTP session that start with "HELO $foo", where $foo is my public IP (I'm behind a NAT) or my domain name or any hosts in the domain, and the source is not in fact a machine on my LAN (or someone using authenticated SMTP to send an outbound message). I've also started rejecting all email that fails SPF - that is, email that specifically violates the alleged sending domain's SPF policy.

In other words, if I catch you lying about who you are, especially if you're claiming to be me, then you can't talk to me anymore. It's amazing how quickly my maillog is filling with reject messages from those two filters and how quickly the load average on my mailserver is dropping.

Email Addresses...

While the whois info isn't going to be helpful for much (In Soviet Russia....)

Why not let 'em know you care?

E-mail Service Responsible for support@send-safe.com General
Support All pre-sale questions, etc. techsupport@send-safe.com Send-Safe
Developer Troubleshooting and technical questions about Send-Safe, Proxy Scanner, Proxy Hunter good@send-safe.com Verifier
Support All questions about Verifier software orders@send-safe.com Order process Any questions about order status

On second thoughts (retraction)

[Andy+Smith]

Parent post was a case of an Internet person commenting on the real world. As soon as I posted the comment I instinctively started thinking about the hypothetical business I mentioned, and it's obvious that 1000% profit would be downright impossible to achieve. I still think the spammer guy's an idiot/scum if he's only making 2x/3x profit by *spamming* but apologies for letting my ego run away with me.

Re:Green Economics and the Net

[torinth]

Actually, I would argue that using an open mail relay without concent of the owner of the system it runs on is a criminal act. You have no right to use a system someone else owns without their consent, and if you do so, that is a criminal act. In fact, that defines a great number of criminal acts, appropriating someone else's property for your own use. Be it computational resource or physical one, it is still criminal.

I completely agree. My post was referring to spammers who are following the letter of the law. Theft is criminal, fraud is now criminal, using stolen addresses is now criminal, but sending direct marketing to public email addresses is not criminal.

The only way this would be identical to direct mailing or telemarketing is if, god forbid, they ran their own servers and sent their massive spam blasts. If they did this, then it would not be a criminal act. They won't, however, because that would mean that it would be trivial for most people not wanting spam to blacklist their servers.

But they do, because it's not so trivial to blacklist them. You blacklist IP's, not servers, and IP's can be passed around. In fact, you can even pay people to host spambots on their home computers. There are plenty of people eager to receive a few tens of dollars a month for no effort of their own. The spammers, even the legal ones, are lightyears ahead of intuitive thought on this topic.

In fact, here's something that everybody forgets: spammers don't want to spam you. Their interest isn't in using your resources, it's in turning a profit. Vehement anti-spammers don't buy the products and services advertised in spam, so why would they bother advertising to them?

What we really need is a registry of spam-unfriendly email addresses. I know it sounds ridiculous, because you think spammers will just use the list to hit you even more... but it's not. If they can go from a 1% success rate using a purchased list to a 15% success rate by easily subtracting a list of known anti-spammers, they'll do it.

Heck, a reputable group like the EFF could host an anti-spam email list and do the subtraction internally so that the spammers never need to see the list...

1) EFF aggregates list of spam-unfriendly addresses.
2) Spammer submits prospect addresses to EFF.
3) EFF returns list minus spam-unfriendly addresses.
4) Spammer only markets to the rest of the list.

They're not evil. They're capitalists.

Re:Green Economics and the Net

[UnrepentantHarlequin]

You, sir, are clearly a filthy stinking spamming scumbag, or a troll, or both. However, for benefit of the lurkers out there who might actually be misled by your lies, I'll take some time to refute them:

Spam is fundamentally identical to telemarketing and direct postal mail.

Spam is nothing like telemarketing or direct postal mail. It is fundamentally identical to telemarketing to your cell phone where you have to pay for airtime. It is telemarketers calling collect and no option to hang up, postage due junk mail with no choice to refuse to pay.

The money telemarketers pay for those calls goes to the companies that carry the network traffic, namely the local and/or long distance phone companies. The telemarketer pays for the network resources they use.

The cost of handling bulk mail is less than what the Post Office charges to send it. The profits the Post Office makes from the bulk mailers pay for the hardspace "network" resources for everyone else.

Spammers do not pay for the resources they use. I've seen recent figures as high as 4 out of 5 emails sent are spam. To look at it another way, this means that if your ISP allocates $10,000 of their revenues to buy some new mailservers, then you, their customer, are only getting the benefit of $2,000 worth of new hardware; the other $8,000 is spent to deliver spam. Since that money is coming from you and other subscribers, then your ISP either has to raise your rates or not give you the increase in service they otherwise would have. If $1 a month out of your bill goes for hardware upgrades, you're getting 20 cents worth and the rest is going to deliver spam.

Spam in no way subsidizes the Internet. The spammers are not paying for the resources they use. They are forcing other people to pay to handle traffic that they do not want. They are forcing every ISP out there, from the big backbone providers to SouthPodunkNet, to shoulder the cost of their advertising. The only money a spammer pays to actually support the network is the cost of a cheap dialup account somewhere. All the rest is paid to other scum for things like lists of email addresses, access to innocent people's hijacked computers, etc. But he is using 10^6 or more of the network resources as everyone else.

When you give your email to a website operator, and that website operator sells it, that money is what keeps your content cheap or free.

Very, very, very few addresses used for spam are those given voluntarily to a website operator. In fact, out of the hundreds of email addresses I've used with various websites and companies, I've gotten spam at exactly one: the one I gave to iBill. The vast majority of addresses used by spammers are extracted from web pages, forum posts, domain registration information, and just about anywhere else.

I watch spammers' spiders scanning domains that I host ... and not one of them has paid a penny to me, or to my clients, for any addresses they find. The only person paying anything to anyone is me, for the bandwidth they're using in order to gather those addresses, and my clients, who (like all end users) are the ones who end up paying in the end.

Then there are the dictionary spams. Some hijacked computers in Brazil have been bombarding one of my domains all day with spam to random non-existant addresses, trying to find some that get through. People who don't even exist certainly didn't give their email addresses to anyone!

As it happens, I'm the webmaster as well as host for a site with a fair bit of free content, so I think I am in a position to know something of the economics of it. It works like this:

Neither I nor my client has ever received a single penny from a spammer. This particular client happens to have a mailing list (extremely opt-in, and protected like the vault at Fort Knox) for a newsletter. If he should wish to sell it to a spam list vendor, just how much would a list of under a hu

Re: Direct mail is not Destructive? Bull...

[UnrepentantHarlequin]

Spam is not a matter of 20 mails a week, it is a matter of hundreds a day and rising. A friend of mine whose email address was compromised by being listed on his college website recently had to abandon that address, and try to contact everyone who knew him to give them his new one, because he was getting 500+ spams a day: over 99% of his email.

The cost of sending snail mail keeps it to a reasonable level. It also means that it is generally very tightly targeted. For example, I subscribe to a gardening magazine, so I get seed catalogs. I do not even have a penis, so I have very little use for penis enlargement pills, let alone fake Viagra and pictures of naked women (with or without horses involved). But because there is effectively no cost to the spammer, I am bombarded with advertisements for all of the above.

Why dont law enforcement agencies run honeypots?

[jonwil]

Basicly, FBI etc runs an "open relay" that is really a honeypot gobbling up the SPAM.

Leave it going for a while and from there, trace back to the spammers themselves via the logs.

Re:Green Economics and the Net

[MMaestro]

However, it is not that the Internet would die; more like this crappy insecure non-authenticated protocol called SMTP would die. The only problem with just pre-emptorily killing it ourselves is that it would cost many $billions to replace it.

Or theres the worst case scenario system which most people never even dream of happening. Completely locking and disconnecting servers while distrusting everyone you haven't met in real life/someone you can walk up to and punch in the face. In this scenario, there is nothing free 'free' on the net since everyone assumes it'd be abused for evil rather than good (free Yahoo/Hotmail accounts?). No one would visit Slashdot in fear of the site tanking and then having their IP addresses sold to make what little money they can to break even. Public game servers would be non-existant in fear of being hit by a /. effect causing bandwidth costs to skyrocket. Online shopping would go bankrupt since no one would trust putting their credit card information online. Blogs would become non-existant since everyone would be paranoid of one another (whens the last time you gave out your real life phone number to someone you met less than 5 minutes ago on the internet?).

In otherwords, without the establishment of a 'few good guys' the internet would devolve into a hellhole of distrust, the very foundation of the internet in the first place. Its not about money, remember people did is decades ago for a fraction of what they would've gotten today (ie. billions to make Microsoft look like an internet startup). Its all about the belief that none (to few) people will ever use the software like Internet Explorer to brainwash children into believing the Holocaust never happened. Its all about the belief that Slashdot won't turn into a site where terrorists can hide and recieve secret messages to one another. Etc, etc...

A few big ones, many small wannabees

[billstewart]

The Top 200 spammers on Spamcop's ROKSO list are probably mostly making a lot of money, except the ones who've recently dropped out of sight (Anybody gotten spam from OptInRealBig lately? We may have killed them.) But there are a lot of smalltime wannabee operators like this columnist's S.Pammer who think they'll make money fast, get ripped off buying shoddy spamware products like that disk of 60% useless names, and either lose money or make less than they could working at MacDonald's. And if you _are_ big and successful, you need to worry about hiring lawyers to defend you against multi-million-dollar lawsuits and hiring hackers to get around anti-spammer techniques and hiring actual professional money-launderers to get your ill-gotten cash out of Nigeria.

The other people who make money, of course, are the people selling the Herbal Fake Viagra or whatever the product of the week is, because their costs are significantly less than what they're paying the spammers that sell it. Mortgage brokers who pay spammers for leads may be winning or losing - spammer-generated leads are likely to be low quality. Pr0n sites sometimes make money and sometimes lose it - they have to generate enough material to get people to actually pay them rather than just looking at the free sample material, and ISPs often charge them more because they're a high-bandwidth business that's highly likely to fail.

Re:Green Economics and the Net

the commons is polluted because the polluter doesn't pay the cost of the collective damage he does. Just like pollution, the solutions all require some sort of government regulation.


No, they don't.

But they do require an educated populace that agrees to, for the good of all, not do business with companies that pollute. If the company goes out of business they can't pollute, can they?

Unfortunately, most people in the US (and the world) are stupid. They care more about saving a few cents today than about saving the environment so they (or their children) can breath tomorrow.

Cie la vie.

Re:Honey Pot Hunter?!?!?

[violet16]

Here's the actual link:

http://www.send-safe.com/honeypot-hunter.php

Or click.

You can download their programs free

[billstewart]

If their web site is working well enough to poke around on, you can download their programs for free. There's the main send-safe program, some harvester stuff, a "honeypot detector" for finding anti-spammer honeypots, email address verifiers, etc. The stuff looks like it only runs in demo mode (limited number of addresses per run, etc.) unless you buy a license code. The terms of use talk about not using it to illegally spam, but don't say anything about not reverse engineering it (though I haven't tried installing any of the software.) It'd be interesting to see what tools they use for detecting us, and how we can work around them, and of course all that downloading burns their bandwidth, which they're probably paying for by the megabit.

Re:Speaking of the subject of spam...

[pherthyl]

I actually did get spam today trying to sell me Redhat Linux 7.3 for 60 bucks. I dunno what they're smoking.

I know it sounds crazy and impractical

[SComps]

One of the things I noted in the article was that the bulker only gets "charged" if the email is accepted. Why not begin actually accepting the messages for those that show up in the RBL's, but dumping them after the final "OK" just never sending them onto the final recip?

That doesn't help server load, or bandwidth, but in the end, bulker "A" will get "billed" for sending all these great and informative pieces of crap, and the end result is the same as if we'd refused it with a message they'll never really see, only with this they'll pay for it--small as the cost may be.

Re:Green Economics and the Net

[Max+Romantschuk]

Maybe we should treat other economic bads (e.g., pollution) in such a way: subsidize the non-production thereof.

Taxing excessive pollution is rather common in Europe. Unfortunately actually paying people for doing the opposite is not ;)

"Mic.ro sofT Sof1w.are cheap!" emails

[Serious+Simon]

I simply forward all of these (including full headers) to piracy@microsoft.com. Fighting these spammers is in the interest of MS, let them handle the problem.

Re:So for a month's worth of work...

[junklight]

The thing is that safe-send's business model - is get a sucker who thinks that they can get rich from spam and take their money.

I think that its an established fact that there is an endless stream of suckers.

Re: Direct mail is not Destructive? Bull...

[FireFury03]

If spammers were legitimate direct marketters then they would:

a. not forge addresses and headers
b. not repeatedly try to get around the filters that those of us who don't want spam set up.

However, my oppinion on all direct marketting is that it should be banned - it is intrusive, I never asked for it and no matter how many times you ask the marketters not to contact you they still do. I make a point of never buying anything from anyone who has tried to direct market to me. I wonder if anyone has done any research on how many customers companies lose through direct marketting (obviously it's offset by the morons who respond to the marketting but I'd still be interested to see the results of such research).

Most of the direct marketting I receive is completely untargetted:

Mailshots - I get both junk addressed to me (even though I'm registered on the Mail Preference Service) and stuff hand delivered (no, oddly I'm not interested in selling my house... especially since there is a bloody "sold" sign outside indicating that I only just bought the place)

Telemarketting - luckilly most of the telemarketters actually take notice of the Telephone Preference Service register and I don't get too many of these... I still occasionally get cellphone companies phoning my cellphone (which is still on contract - I can't change provider for another 10 months) asking if I want to switch provider.

Spam - oddly enough I'm not interested in making my pen!5 big.g3r - it's just fine as it is thank you.

SMS spam - all those people who claim that charging per email would prevent email spam take your lessons from SMS spam - the operators pay per message there and there is still a huge amount of untargetted crap delivered to my phone even though it's been illegal since December 11th last year. The messages also usually arrive in the middle of the night and wake me up (I have to have my phone turned on when I'm on call)

I am also having problems with the reverse-billed SMS services - technically you have to subscribe to them, but I have never subscribed but have been receiving reverse billed SMS messages. My operator won't do anything about it and tell me I have to contact the company sending the messages (who never answer their phone), so instead I have to contact ICSTIS, who's phones are always busy. Orange have told me there is no way for me to block reverse billed SMS messages and that if I refuse the pay the bill then they will cancel both my handsets and record a bad debt on my credit record. Nice industry - I hate them more than the email spammers.

Re:Honey Pot Hunter?!?!?

[csk_1975]

Yeah and poor wittle spammy whammy is upset:-

"Honey pots" are fake proxies run by the people who are attempting to frame bulkers by using those fake proxies for logging traffic through them and then send complaints to ones' ISPs.

Frame? WTF? F'ing spammers who the hell is "framing" them? the goddam lumber cartel? Geezus. I think the word they are grasping for is FUCK. ie "Honey pots" are fake proxies run by the people who are attempting to FUCK dirty spammers.

Attack the tools...

[the_olo]

send-safe_DOS.pl flooder:

#!/usr/bin/perl
while (1){
`wget "http://www.send-safe.com" -nc -r -l 0 -k -nH -o /dev/null -O /dev/null`;
}

Then launch 32 simultaneous flooders:

for i in $(seq 32); do (./send-safe_dos &); done;

Wrong

[Moraelin]

"When you give your email to a website operator, and that website operator sells it, that money is what keeps your content cheap or free."

And how about that operator being honest and upfront about their selling emails to spammers? Chances are I wouldn't want their content in the first place.

When did it become anything else but fraud to lie about the costs to your customers?

What these fucktards are doing is no less than if I were to advertise "FREE pens!!!" But once you got one, I start showing up at your place, reading your mail (a RL equivalent of spyware), changing your channel on TV to what _I_ want you to see (adware and spam do a good equivalent of this), and interfering with your phone calls (an equivalent of spam again.) Oh yeah, and start shouting in front of your windows that you better pay for that pen already, you damn freeloading cheapskate. Even though it was advertised as FREE. (Some software advertised as FREE, e.g., RealOne, just loves to behave that way.)

Oh, and there's no way to opt out of that, for the rest of your life. Except if you move and don't give anyone your new address.

It wasn't in the contract, it wasn't in the fine print, and I conveniently forgot to tell you about it when you registered to get a cheap pen. But hey, you should be grateful. You got something for free. Right?

Would you put up with that kind of annoyance just for a stupid pen you probably didn't really need to start with? Chances are that if you knew up front about the real cost you're about to get, you wouldn't want it. And chances are that if I pulled that kind of fraud IRL, you'd sue the pants off me.

So why is dishonesty and fraud suddenly OK just because it happens online? Since when is having some piece of fucking useless and uninteresting HTML text justification enough for fraud? No, really. I want to know.

Oh, and another thing. You may think that making yet another obscure free site is God's gift to the Net. Don't flatter yourself. Most of those sites are free for a damn good reason: that noone would pay for their content even if it was the last site left on the Net.

Here's your free bit of economic clue for the day: the measure of how much something is worth, is how much people would pay for it. If noone wants to pay, maybe that's your clue that your precious content is worth exactly nothing.

And that goes double for blogs. Now far from me to keep people from doing the HTML equivalent of wanking in public and hoping to actually get some attention. But it always cracks me up to see _some_ of them get all infatuated about how their incoherent retarded whining is some valuable source of public information. Oh puh-lease.

And no, it doesn't give you the right to lie, cheat and sell addresses to spammers to keep your worthless content online.

Re:Green Economics and the Net

[Sj0]

The problem with Kyoto is that it's not nessesarily based on reality. Carbon dioxide emissions as a cause of global warming is only one of many different theories about climate change. Among others, some have noticed that solar flare patterns coincide with climate change far more readily than carbon dioxide emissions, and new work put out also shows that the warm period we're in might be just beginning, and could last as long as 13 thousand years more.

Without a definitive, agreed upon set of facts, we shouldn't go rushing off to change anything. Long before we decrease CO2 emissions(actually, we(civilization at large) already have -- in the past 50 years or so, our CO2 emissions have dropped dramatically), I'd be more interested in continuing to reduce sulphur emissions, since that DOES have a direct impact on the health of humans, and other toxins which have a direct impact on humans.

Re:Classic prisoner's dilemma

[NerdSlayer]

IMHO, it would only take three or four spammers being found beaten to death in an alleyway somewhere, to scare off the majority of the Ralskys of the world.

Am I the only one who thinks your avereage spammer could take 3 or 4 average slashdot dweebs on at a time?

Anytime there's a story about spammers, there's unending comments about how somebody is going to kill them/kick their ass.

I've met spammers and I've met Slashdot nerds, and I think you guys (slashdot nerds) are in trouble.

Re:"Nothing comes from violence..."

[The+Ultimate+Fartkno]

> You can't even be vaguely serious with what you are saying.

I'm not the OP, but as someone who's called for spammer abuse on so many occasions I feel totally qualified to reply. Do I frequently shout "death to spammers!" and imagine Scott Richter being serially molested by the '76 Raiders? Yes. If I had Alan Ralsky tied in front of me with a bat in my hand, would I cave his skull in? Of course not.

But I'd sure think about it.

And, depending on the state of my inbox that morning, he might walk out with a severe limp.

I'm not a violent person, but spammers sure bring out the black thoughts in me. Why? Because at the core of it they're just *rude*, and that's maddening to me. Imagine this dialogue...

"I am a spammer. I will clog inboxes, I will waste the bandwidth of countless ISP's, and I will force countless thousands of dollars to be spent on support that could be easily avoided. I will send pornography to children, I will taunt truly lonely people by making them think that they have a secret admirer, and I will help people in dire financial straits sink further into debt by promising them spectacular returns on garbage investments. I know that my messages are unwanted, as evidenced by the elaborate and unethical means by which I operate, but I will send them anyway. When I press this button I will harass, inconvenience, and annoy literally millions of people. With each email I send, I confirm that for a few dollars in my pocket I will rob countless others of their time, their money, and the promise of what the net used to be. But I am a spammer, I am an asshole, and I don't care."

Now imagine that coming out of Ralsky's smug face as he stands in his mansion.

And imagine that bat in your hand.

You don't want to swing? Not even a little?