Slashdot Mirror
Confession For Two: A Spammer Spills it All
defender writes "Rejo Zenger, well known Dutch anti-spam activist, recently had a very frank talk with a (now retired) spammer. He got information as to how and why S. Pammer started, where and why he was kicked out, who helped him get his bulletproof hosting, his open proxy mailings etc. It gives a nice and concise view of what the costs for a smalltime spammer are. About 200 Euros for the hosting and ability to spam at least half a million addresses (in a months time). That's for a turnover of 6 times and a net profit of well over twice those initial spam-related costs. Complete with screenshots, of course."
Comment removed based on user account deletion
... a 'how to become a spammer' article.
bash: rtfm: command not found
How about paying those vigilant individuals? maybe yahoo or hotmail could pay them?
Hmmm. Net profit of over 400 euros a month, eh? Wow, that will buy a lot of champagne and BMWs! Yeah, that's worth having everyone on Earth hate you.
If all this should have a reason, we would be the last to know.
He's earned 523 Euros which in America = close to 1000 dollars (no I don't have a currency converter).
Job Paying $8/hr * 40/hrs week = $1280 or about $1,000 after taxes, that's the average rate of your Starbucks Coffee guy in the United states, and the money is legit!
Mid level computer programmer (or someone like me) = $50k/year or $3,000/month after taxes.
In short it's getting pretty damn tough for the Spammers I see. The harder we make it, and pretty soon Spamming will just be unprofitable I hope. In the meantime my advice to this spammer = get a real job...even Starbucks Coffee guy is better than what you're doing.
...in bed
Most orders seem to have been made on impulse: they are done during or immediately after the spam run.
And I'd have thought they'd engage in long, thoughtful consideration before trying an experimental manhood-enhancing product, mortgaging their home, choosing a Third World bride, or deciding which bestiality DVD set to purchase?
The coolest voice ever.
is a "pyramid scheme" of sorts. People who may or may not be the most adept at technology or business get the idea to spam. They pay the more "gifted" people at the top money for things like addresses and hosting etc. These are the people who are really cleaning up on spam and should probably be the ones that the authorities go after, cept that they usually hide in places (Russia, Hungary, China etc)where it's hard to enforce international laws, esp. spam laws. Even if we go after the little guy, there will probably be more to take his place, the lure of such "easy money" is too great for some people.
On a side note, it is kind of interesting the comment about bounced mails. My university disabled my account(because they thought I was no longer a student, even though I was) for about 2 months. As soon as I got it re-activated, the spam started flowing in like water again. Amazing.
Reading this article gave me a good idea (Although, it's probably been done before)
Would it be possible to set up to send spam through one of those sites to numerous address you set up? Then, after you recieve the spam, you could block those proxies(being relatively certain that they're zombified machines)
Yes, you would have to spend a bit of cash up front, but it seems (at least in principle) to be a fairly accurate way to find spam relays.
My $0.02..
-Bucky
Every time I get one of those "Mic.ro sofT Sof1w.are cheap!" emails, I am always tempted to start some Linux spam.
"For a low, low fee I can show you the best software site on the internet, everything from operating systems, to office suites, to graphics programs can be yours for free. Yes the sourceforge is a wonderful place. To find out, please send CowboyNeal your first born."
This guy is only making a small profit, and the way he did his business wasn't really taking advantage of the "investment".
Shouldn't he be selling more products, ie he paid EURO$388 for the CDs, he should have used the same CDs for many more products at once, and each of them will guarantee the same readership of 30%.
Rock that crushes, Paper & Scissors that don't matter.
...would appear to be in the production and sale of address lists.
l @mx.tldd
Seriously, it would be trivial to write a script to generate e-mail adresses (actual reachability is a moot point). All you would need is a list of registered DNS names with mx records, and a list of names (nationality doesn't matter either: as many nationalities as possible). Then just run through the common variables
firstname.lastname@mx.tld
lastname.firstinitia
first6charsoflastname.firstinitial@mx.tl
and so on....
Costs to burn the CD
Yup, that's where the real money is....
If no one behaves, it's useless.
But if most behave, a few have a huge incentive to misbehave.
They key is to increase the penalties for misbehaving so that there is no incentive.
I guess he hasn't heard of the White Pages....
Link
Have a look at the botton of the screenshot pay a visit for the "Send Safe" home page.
Would somebody PLEASE just kill those fuckers?
To sell such a program should be considered a crime for itself!
And have a look at the testimonials... Gosh... we are doomed.
My favorite alternative to replacing SMTP is to adjust the penalty for activities like this guy S.Pammer to be "head mounted on a stick". There is lots of data that says that a majorit of all spam is sent by the top 200 spammers; kill them all in greusome ways, and they are unlikely to have followers :-)
Crispin
----
Crispin Cowan, Ph.D.
CTO, Immunix Inc.
I am pleased however that more proactive steps are being taken by organisations such as Spamhaus in addressing the problem by both a technology and policy driven approach in combatting the problem. And that more prosecutions are happening. But I don't see the tide being turned anytime soon.
As for the internet dying, I don't see it. There is now to much commercial interest in it for corporations to sit idly by and do nothing about SPAM and other problems we encounter on the internet. Even our governments misguided steps at regulation, show that the internet is here to stay. It may transform in the future but I don't see it dying just yet.
The problem with spam is it's much harder to catch spammers than illegally polluting factories where disgruntled workers, regular inspections and so on can be used for enforcement. Spammers are hard to catch since they operate through intermediaries in other countries and fly beneath the radar, and because the legal tools to fight spam have been very slow to catch up. And there need to be government organizations dedicated to tracking down and prosecuting spammers, like there are for polluters.
/me gets back from looking at the screenshot...
...
:)
i'm banning 213.10.0.0/16
-jk
this guy is "normal" non-tech user.
he used all 'download and run' services, he built nothing himself.
I think the real money being made here is providing these programs and websites for them to use and also the lists.
This is interesting stuff to consider and would make an interesting business model to create spamware for the spammers and then feed the data to places like spamhaus etc.
anime+manga together at last.. in real time.
Seriously, just off the top of my head I can think of one much-needed business in my (very small) local town that this spammer guy could set-up and he'd make 10x what he made from spamming. Oh and I've just thought of another one.
The world is full of money-making opportunities if you stop thinking about money and start thinking about what people *want* and what useful products and services you can provide. I'm pretty sure you'll find that those opportunities are more profitable than all but the most serious financial crimes.
Unfortunately it will always be profitable, at some level, to spam with the current email setup. The can is open and it will always remain as much of a problem as unwanted callers and junk faxes. Heck, at some point I'm peckered by street vendors trying to sell me something and I find them annoying too.
:). The .01/email type of setup simply won't catch on (hopefully :), but even with "Caller-ID" email somebody, somewhere will still try and spam you at the cost it needs to get the bandwidth. Clever spammers will continue to rape Windows boxes and instead of DIRECTLY sending out the messages properly send it through the subscribers "registered" and "authentic" mail server -- and if they're smart send out a message every 3 minutes now and forever. Times 5,000 infected computers and I'd bet you could still get the message out and make a buck doing it.
:), harvesting messages to spam traps (their game is a doubled edged sword :), and a little filtering I see maybe a couple of messages a month. Maybe. My logs show a very different story though...
;].
I'm no fan of Microsoft, but their efforts -- coupled with whatever other "standard(s)" are incorporated will go a long way to squelching the issue in short order. Yeah, like many of you I'm sitting here waiting for the "right" standard to catch and implement it into my Linux & BSD servers (and soon to be OS X running the same software
TODAY by simply blocking IP's (spam me once from any IP and that IP will never talk to me again, rule #1
Caller-ID email added into the mix and I could whack 'em and stack 'em even faster -- so it will be on par with the number of soliciting phone calls I get [one maybe every six months
Did the Honey Pot Hunter link on the screenshot get anyone else's attention?
screenshot
It seems to me that there is some level of sophisitication to these spammer sites. I'm guessing they are really ripping off the poor shmucks who sign up.
what? what I thought we were in the trust tree in the nest, were we not?
support@send-safe.com
good@send-safe.com
techsupport@send-safe.com
orders@send-safe.com
For pre-sale only questions please call 813-747-9677.
heh heh heh, not for "pre-sale only" anymore.
Not in my case; I don't pay extra to receive telemarketing calls or junk mail. Nor does the telephone company or post office block my driveway so I cannot drive to work in the morning. However, spammers have hit my mail server so hard that it cut off my connection to the outside world, preventing me from working from home.
When a spammer takes advantage of a poorly secured system belonging to another person without permission and forges the e-mail addresses of other innocent people not involved in spamming, I will use the word "criminal". I know of no better way to summarize fraud, theft, and trespass.
When I write free software and distribute it for free (with my e-mail address in the documentation so people can contact me or know that I contributed to the project) and I receive spam, how does your argument make sense? There are hundreds of thousands of computers with my e-mail address stored in credits files somewhere; how does this keep the Internet free?
how to invest, a novice's guide
So the 2000+ pieces of spam I get in my mailbox every week, that causes me to miss important messages occasionally because the filter gets them and they get lost in the noise, the several meg ads that tie up my connection for many minutes at a time as they download one after another, all of that is doing me no harm?
I never asked for spam, I never asked for my email to be used as a forged address (a recent development, so now I get complaints and counter spam too). Also I've never bought from a spammer.
These people ARE NOT direct marketers, they are CROOKS, using the bandwidth -I- pay for, to harrass me with things I do not want. And I have no real legal recourse to stopping them because I can afford to sue these hundreds of people. (If I could even find out who most of them were).
And again, please do not tell me they are not doing me any harm while I'm receiving spam complaint messages because some BUTTWIPE is forging my email address on their messages. It's no fun looking at having to change an email address that you've used for almost a decade, and all the associated grief that causes.
Remember, the book wouldn't have to actually be accurate in order to sell - it would just need to promise to tell readers what they need to know in order to spam effectively.
In fact, the book could quite easily lead prospective spammers down a route that will get them quikcly caught and shut off...
The book could make a lot of money from people who want to spam their way to riches _and_ help to make sure that such people get identified and stamped on early in their (hopefully short) careers.
Hmm, better that I make the money with a fake spamming guide than some real spamming expert...
Would it be wrong to scam people who want to become spammers?
Dan.
Spam is fundamentally identical to telemarketing and direct postal mail.
With the minor exception that direct marketting postal mail generally doesn't come "postage due," and telemarketers usually don't call collect. With spam, significant cost is incurred by those receiving the spam--more so, in fact, than it costs to send it in the first place.
There is no real comparision between traditional forms of direct marketting and spam. A far better example is unsolicitied advertisements sent to your fax machine (which, by the way, is illegal.)
What part of "shall not be infringed" is so hard to understand?
Marketing email directly from a company I do business with is one thing (acceptable, if annoying). Crap for viagra, home mortages, etc. is another. Most of the spam is very misleading anyway, and targetted towards old people that are easily manipulated (e.g. the mortage spams with the 'I spoke with you this morning' headers). That's borderline.
The crap with the viruses setting up spam relays is criminal.
If only that worked. Unfortunately, simply for the fact that I run a few domains and actually find it helpful for people to be able to contact me without unraveling a mangled email address (hence, I put my email up) - it gets harvested and abused. I can turn off the TV if it annoys me (actually don't currently own one) - I can't turn off the spam w/o loosing my business communication.
I've never bought something from spam, nor do they even get the satisfaction of those stupid image-link bugs getting pinged. Unfortunately, I can't stop the people they take advantage of from falling for their scams, any more than I can make the Citibank phishing expedition and Nigerian 419 scams unprofitable.
About 20 spam/day make it through the filter right now, with another 50 or so going to the spam bin. I get 5-10 legit emails per day. Bayesian filtering is dead now with the random garbage-spewers, so I need to test and install another solution on the server end (until the last 6 months or so, client filtering worked best for me - now it sucks ass). My life shouldn't revolve around dealing with spam. But I'm going to need to spend time on it anyway now.
Since I haven't spent much time on it, it *has* cost me more than time. I had a contract offer go into my spam bin, because the random words horked the bayesian filtering so badly. It wasn't the only false positive I've had, but it's the first time the delay before cleaning the spam bin cost me something - a contract. That just sucks.
I write code.
That's very insightful. Given that spam is an overall economic bad, you can somewhat offset the production of spam by spending money for its removal. Or you could spend money so that it is never produced in the first place.
Maybe we should treat other economic bads (e.g., pollution) in such a way: subsidize the non-production thereof.
Visit their website. /dev/null
Look at all the pages.
Maybe do a wget websuck to
Look for Contact forms, and fill them out.
If it is a Mortgage scam, fill out the forms with random stuff, or put in the name and addresses of known spammers.
Same for the car lookup stuff (How in the world do they make money?)
Keep them busy and waste their time.
If everyone who received a spam visited the site just once I doubt they would be able to afford the bandwidth.
And, just an afterthought on a different note, do most spammers report their spamming income to the tax man? Has anyone ever tried to nail a spammer for tax evasion?
Just thinking about these asshats really burns my toast!
Howdy Doodly Doo!
Anybody want some Toast?
This story illustrates that the profitability of spamming is not that great. It would be even less profitable if spammers e-mail address books were even more polluted by bad addresses. And spam would be even less profitable if spam-using sites were innudated with mail.
I wonder if we could kill two birds with one stone. Littering the web with dummy e-mail addresses that include the domains of spam-supported sites. That way, the sites become overwhelmed by inbound mail traffic. It would be a version of this or, better yet, this using real domains of spam-using sites (from a blacklist service). E-mail addys such as sdadhja@viagraspammer.com, eywheh@viagraspammer.com, wywhdi@viagraspammer.com would both cost the spammer and the site that is using spam.
Two wrongs don't make a right, but three lefts do.
Actually, I would argue that using an open mail relay without concent of the owner of the system it runs on is a criminal act. You have no right to use a system someone else owns without their consent, and if you do so, that is a criminal act. In fact, that defines a great number of criminal acts, appropriating someone else's property for your own use. Be it computational resource or physical one, it is still criminal.
Previously, spammers just used an insecure mail exchange that someone else used, abusing the system. Now, they have worms hack into unsuspecting systems and set up mail relays of their own. These two relays are fundamentally the same.
The only way this would be identical to direct mailing or telemarketing is if, god forbid, they ran their own servers and sent their massive spam blasts. If they did this, then it would not be a criminal act. They won't, however, because that would mean that it would be trivial for most people not wanting spam to blacklist their servers.
I don't believe that "Internet Direct Marketing" can work. Think about it. Many people don't like direct marketing tactics. It's crap in the mailbox that goes right in the garbage. Many many people do not like telemarketing, so much that the telemarketing industry fought tooth and nail to prevent the one tool that could punish and block their attempts to push random promotions onto the masses. Spamming is the same tactic in a new medium, except that unlike direct mail and telemarketing, it uses YOUR resources reguardless if you read the email or not (pick up the phone, open the direct mailer) and you have the potential for much more control over rejecting all kinds of spam at once, and the spammers cannot handle that.
The next time I hear about a spammer spilling his guts, I expect *real* guts from a real spammer.
Oh yeah, screenshots included !
"Whoever would overthrow the liberty of a nation must begin by subduing the freeness of speech."--Benjamin Franklin
You, sir, are clearly a filthy stinking spamming scumbag, or a troll, or both. However, for benefit of the lurkers out there who might actually be misled by your lies, I'll take some time to refute them:
... and not one of them has paid a penny to me, or to my clients, for any addresses they find. The only person paying anything to anyone is me, for the bandwidth they're using in order to gather those addresses, and my clients, who (like all end users) are the ones who end up paying in the end.
Spam is fundamentally identical to telemarketing and direct postal mail.
Spam is nothing like telemarketing or direct postal mail. It is fundamentally identical to telemarketing to your cell phone where you have to pay for airtime. It is telemarketers calling collect and no option to hang up, postage due junk mail with no choice to refuse to pay.
The money telemarketers pay for those calls goes to the companies that carry the network traffic, namely the local and/or long distance phone companies. The telemarketer pays for the network resources they use.
The cost of handling bulk mail is less than what the Post Office charges to send it. The profits the Post Office makes from the bulk mailers pay for the hardspace "network" resources for everyone else.
Spammers do not pay for the resources they use. I've seen recent figures as high as 4 out of 5 emails sent are spam. To look at it another way, this means that if your ISP allocates $10,000 of their revenues to buy some new mailservers, then you, their customer, are only getting the benefit of $2,000 worth of new hardware; the other $8,000 is spent to deliver spam. Since that money is coming from you and other subscribers, then your ISP either has to raise your rates or not give you the increase in service they otherwise would have. If $1 a month out of your bill goes for hardware upgrades, you're getting 20 cents worth and the rest is going to deliver spam.
Spam in no way subsidizes the Internet. The spammers are not paying for the resources they use. They are forcing other people to pay to handle traffic that they do not want. They are forcing every ISP out there, from the big backbone providers to SouthPodunkNet, to shoulder the cost of their advertising. The only money a spammer pays to actually support the network is the cost of a cheap dialup account somewhere. All the rest is paid to other scum for things like lists of email addresses, access to innocent people's hijacked computers, etc. But he is using 10^6 or more of the network resources as everyone else.
When you give your email to a website operator, and that website operator sells it, that money is what keeps your content cheap or free.
Very, very, very few addresses used for spam are those given voluntarily to a website operator. In fact, out of the hundreds of email addresses I've used with various websites and companies, I've gotten spam at exactly one: the one I gave to iBill. The vast majority of addresses used by spammers are extracted from web pages, forum posts, domain registration information, and just about anywhere else.
I watch spammers' spiders scanning domains that I host
Then there are the dictionary spams. Some hijacked computers in Brazil have been bombarding one of my domains all day with spam to random non-existant addresses, trying to find some that get through. People who don't even exist certainly didn't give their email addresses to anyone!
As it happens, I'm the webmaster as well as host for a site with a fair bit of free content, so I think I am in a position to know something of the economics of it. It works like this:
Neither I nor my client has ever received a single penny from a spammer. This particular client happens to have a mailing list (extremely opt-in, and protected like the vault at Fort Knox) for a newsletter. If he should wish to sell it to a spam list vendor, just how much would a list of under a hu
First of all, the cost of spam has never fully been paid by the spammers. Back in the days of Open SMTP relays such the most of the actual cost of the bandwidth was payed by people giving out service for free, because it was cheap and made the internet easier to use by all. Thus spammers stole took free resources and squandered them.
And secondly, spammers never had to pay for the download bandwidth. Imagine if the post office made you pay half postage for every single letter you recived, and someone sent you 10,000 messages. Your choices is either paying thousands of dolars, or forgetting about ever getting postal mail again.
But this is exactly what happend. A mailbox full of spam for a dialup user meant wasted modem time, which whent for as much as $2.95 an hour.
know you don't want to believe that, but it's true. When you give your email to a website operator, and that website operator sells it, that money is what keeps your content cheap or free.
I've never given my email address to a website tht sold it (with the exception being the LA times. But by then I was smart enough to use unique addresses for everything, and all the mail from them gets deleted automaticaly).
Most websites make money by advertizing, not by selling information. On my website, I advertize various pay services, and when the small persentage of people intrested in that service buy something, I get a cut. Some services work pay per click, or by impressions.
Thats the way the vast majority of websites make money. Anyone selling email addresses should be shot.
autopr0n is like, down and stuff.
Spam is not a matter of 20 mails a week, it is a matter of hundreds a day and rising. A friend of mine whose email address was compromised by being listed on his college website recently had to abandon that address, and try to contact everyone who knew him to give them his new one, because he was getting 500+ spams a day: over 99% of his email.
The cost of sending snail mail keeps it to a reasonable level. It also means that it is generally very tightly targeted. For example, I subscribe to a gardening magazine, so I get seed catalogs. I do not even have a penis, so I have very little use for penis enlargement pills, let alone fake Viagra and pictures of naked women (with or without horses involved). But because there is effectively no cost to the spammer, I am bombarded with advertisements for all of the above.
For residential users, who do not pay a per-GB bandwidth transfer fee, spam costs nothing more than time just like telemarketers.
Where does that residential user's ISP get the money to buy the hardware and bandwidth to handle all that spam? The 4 out of 5 emails that their customers would do anything to avoid? Someone has to pay for it. Two words: end users. Just because you don't pay per GB for bandwidth doesn't mean you're not paying for it. It all gets worked into the monthly bill.
The other people who make money, of course, are the people selling the Herbal Fake Viagra or whatever the product of the week is, because their costs are significantly less than what they're paying the spammers that sell it. Mortgage brokers who pay spammers for leads may be winning or losing - spammer-generated leads are likely to be low quality. Pr0n sites sometimes make money and sometimes lose it - they have to generate enough material to get people to actually pay them rather than just looking at the free sample material, and ISPs often charge them more because they're a high-bandwidth business that's highly likely to fail.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
When he says that the meat comes from the former Soviet Union, the cheapest food I know of [having lived in Lithuania], seems to come from Belarus or Ukraine, especially from the region around Chernobyl.
Now, if you buy (for example) those add-water-and-heat noodles from the Ukraine, you're going to get a good bit of Cesium(Cs-137?) in it, because -- and this is according to Lithuanian natives, who probably got it in their news -- the Ukrainian government has limits on the amount of Cs that can be in it, but accepts companies taking contaminated grain and mixing it down with uncontaminated grain, to meet the required levels.
Point being, I probably wouldn't suggest that this meat is good to eat, any more than I'd eat lamb from the Scottish moors (sorry, same problem: Chernobyl's Cs-137. It seems that the plants have been recycling the Cs back to the top.)
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
If their web site is working well enough to poke around on, you can download their programs for free. There's the main send-safe program, some harvester stuff, a "honeypot detector" for finding anti-spammer honeypots, email address verifiers, etc. The stuff looks like it only runs in demo mode (limited number of addresses per run, etc.) unless you buy a license code. The terms of use talk about not using it to illegally spam, but don't say anything about not reverse engineering it (though I haven't tried installing any of the software.) It'd be interesting to see what tools they use for detecting us, and how we can work around them, and of course all that downloading burns their bandwidth, which they're probably paying for by the megabit.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
First-class mail rates significantly subsidize the cost of bulk mail.
Nope, it's the other way around. Bulk snail costs the postal service very little to process. It's delivered to the sending post office sorted by zip code and pre-coded; basically, all the system has to do is truck it where it's going and put it in the right bag. Your last birthday card, on the other hand, had to be picked up from the snailbox by a carrier, its address deciphered, bar-coded, sorted by destination, etc. For doing all of that, basically everything but the hauling and final delivery, they get a discount of a whopping six cents -- 30.9 cents instead of 37 cents. Bulk mail supports first class, not the other way around.
Yes, they do. For awhile, I sent spam complaints from an address used for no other purposes - spamcomplaint@ (my domain). That address now receives spam. They havested the address that I used to send complaints about spam, and they use it to send more spam.
What we really need is a registry of spam-unfriendly email addresses.
Spammers have been known to trade lists of known anti-spammers, known spam-trap addresses, and such. Some of my addresses have (correctly) been on those lists. It doesn't seem to lower the spam, though.
Your basic idea is to create a one-stop "do not spam" list. That's been tried by spammers, by anti-spammers, and even the FTC can see that it won't be effective. You, of course, believe this to be a new concept - but that doesn't change facts.
They're not evil.
Yes, they are. That's why I get bounces because they forge my addresses. Almost all spam is sent using forged addresses because these people are dishonest, unwilling to admit who they are, unwilling to deal with the bounces they cause, unwilling to pay their own bandwidth costs. They don't give a shit if they ruin email for everyone else. They'll do anything they can if they think it *might* get them what they want. Just like a rapists decides that he doesn't care if the woman doesn't want to have sex, he does it anyway to get what he wants. Just like a thief doesn't care that he's screwing some honest citizen when he robs them - as long as he gets what he wants. And just like the rapist and the thief, the spammers are evil, out to get what they want, regardless of the damage it does to others.
As current events go, I can quite easily and unreasonably extend this analogy to the actions of coalition forces in Iraq, with such things as prisoner abuse. But I suppose we shouldn't go there. I better not as I wouldn't want to be labelled as a troll.
the current administration and president ARE what the rest of the world sees as far the general outlook of the US, after all it is the economic policies and foreign policy directions that they provide that affect the rest of the world the most.
;}
of course every american isn't the same, but every american isn't in control of the largest military force the planet has ever seen either
Gekido's Lair
My previous posts are in support of measures to stop SPAM but I argued that the methods should be reasonable to stop innocent parties from being hurt. I believe that no amount of harm done to innocent parties is acceptable.
Okay. Let's take a hypothetical ISP, we'll call it "Vertigo" or "Qworst" or "SpewYou Net", doesn't really matter. They allow their customers to engage in unethical, criminal activities. Not only do they let their customers spam, but they also allow their customers to use proxy hijacking to illegally hide the true location of their webservers by using hijacked machines as web proxies. They let their customers engage in DDoS attacks against anti-spam websites without action. They are openly abusive toward people who report the abusive activities of their customers, to the point of threatening lawsuits.
Now lets say that an organization -- an anonymous organization -- publishes a list of known crime-ridden ISPs run by corrupt management. They support the claims of the list with documentation of the criminal activities of the ISP's customers. This list is then used by responsible ISPs to block all traffic from the crime-ridden ISPs, since the ISPs who voluntarily use these lists have decided that they do not want to trade packets with known criminals.
Now let's say that you are a "legitimate" customer of SpewYou Net (now WorldCon). You're not actually doing anything unethical, you just happen to be giving money to a company that openly enables criminal activities in exchange for network space. Unfortunately, you discover that -- because your ISP has allowed their IP space to become a cesspit -- no one wants to trade packets with you.
Who is at fault here? The people who compiled the list of IP addresses owned by crime-friendly ISPs, the ISPs that voluntarily choose to reject your packets, or your ISP for allowing the netspace that they rent to you to become so undesirable to the outside world?
I agree that it's unethical to allow antispam activities that cause harm to third parties. I'm just a little better at assigning appropriate blame.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
If spammers were legitimate direct marketters then they would:
a. not forge addresses and headers
b. not repeatedly try to get around the filters that those of us who don't want spam set up.
However, my oppinion on all direct marketting is that it should be banned - it is intrusive, I never asked for it and no matter how many times you ask the marketters not to contact you they still do. I make a point of never buying anything from anyone who has tried to direct market to me. I wonder if anyone has done any research on how many customers companies lose through direct marketting (obviously it's offset by the morons who respond to the marketting but I'd still be interested to see the results of such research).
Most of the direct marketting I receive is completely untargetted:
Mailshots - I get both junk addressed to me (even though I'm registered on the Mail Preference Service) and stuff hand delivered (no, oddly I'm not interested in selling my house... especially since there is a bloody "sold" sign outside indicating that I only just bought the place)
Telemarketting - luckilly most of the telemarketters actually take notice of the Telephone Preference Service register and I don't get too many of these... I still occasionally get cellphone companies phoning my cellphone (which is still on contract - I can't change provider for another 10 months) asking if I want to switch provider.
Spam - oddly enough I'm not interested in making my pen!5 big.g3r - it's just fine as it is thank you.
SMS spam - all those people who claim that charging per email would prevent email spam take your lessons from SMS spam - the operators pay per message there and there is still a huge amount of untargetted crap delivered to my phone even though it's been illegal since December 11th last year. The messages also usually arrive in the middle of the night and wake me up (I have to have my phone turned on when I'm on call)
I am also having problems with the reverse-billed SMS services - technically you have to subscribe to them, but I have never subscribed but have been receiving reverse billed SMS messages. My operator won't do anything about it and tell me I have to contact the company sending the messages (who never answer their phone), so instead I have to contact ICSTIS, who's phones are always busy. Orange have told me there is no way for me to block reverse billed SMS messages and that if I refuse the pay the bill then they will cancel both my handsets and record a bad debt on my credit record. Nice industry - I hate them more than the email spammers.
http://blog.nexusuk.org
> You can't even be vaguely serious with what you are saying.
I'm not the OP, but as someone who's called for spammer abuse on so many occasions I feel totally qualified to reply. Do I frequently shout "death to spammers!" and imagine Scott Richter being serially molested by the '76 Raiders? Yes. If I had Alan Ralsky tied in front of me with a bat in my hand, would I cave his skull in? Of course not.
But I'd sure think about it.
And, depending on the state of my inbox that morning, he might walk out with a severe limp.
I'm not a violent person, but spammers sure bring out the black thoughts in me. Why? Because at the core of it they're just *rude*, and that's maddening to me. Imagine this dialogue...
"I am a spammer. I will clog inboxes, I will waste the bandwidth of countless ISP's, and I will force countless thousands of dollars to be spent on support that could be easily avoided. I will send pornography to children, I will taunt truly lonely people by making them think that they have a secret admirer, and I will help people in dire financial straits sink further into debt by promising them spectacular returns on garbage investments. I know that my messages are unwanted, as evidenced by the elaborate and unethical means by which I operate, but I will send them anyway. When I press this button I will harass, inconvenience, and annoy literally millions of people. With each email I send, I confirm that for a few dollars in my pocket I will rob countless others of their time, their money, and the promise of what the net used to be. But I am a spammer, I am an asshole, and I don't care."
Now imagine that coming out of Ralsky's smug face as he stands in his mansion.
And imagine that bat in your hand.
You don't want to swing? Not even a little?