Slashdot Mirror
Confession For Two: A Spammer Spills it All
defender writes "Rejo Zenger, well known Dutch anti-spam activist, recently had a very frank talk with a (now retired) spammer. He got information as to how and why S. Pammer started, where and why he was kicked out, who helped him get his bulletproof hosting, his open proxy mailings etc. It gives a nice and concise view of what the costs for a smalltime spammer are. About 200 Euros for the hosting and ability to spam at least half a million addresses (in a months time). That's for a turnover of 6 times and a net profit of well over twice those initial spam-related costs. Complete with screenshots, of course."
Comment removed based on user account deletion
... a 'how to become a spammer' article.
bash: rtfm: command not found
Most orders seem to have been made on impulse: they are done during or immediately after the spam run.
And I'd have thought they'd engage in long, thoughtful consideration before trying an experimental manhood-enhancing product, mortgaging their home, choosing a Third World bride, or deciding which bestiality DVD set to purchase?
The coolest voice ever.
is a "pyramid scheme" of sorts. People who may or may not be the most adept at technology or business get the idea to spam. They pay the more "gifted" people at the top money for things like addresses and hosting etc. These are the people who are really cleaning up on spam and should probably be the ones that the authorities go after, cept that they usually hide in places (Russia, Hungary, China etc)where it's hard to enforce international laws, esp. spam laws. Even if we go after the little guy, there will probably be more to take his place, the lure of such "easy money" is too great for some people.
On a side note, it is kind of interesting the comment about bounced mails. My university disabled my account(because they thought I was no longer a student, even though I was) for about 2 months. As soon as I got it re-activated, the spam started flowing in like water again. Amazing.
Every time I get one of those "Mic.ro sofT Sof1w.are cheap!" emails, I am always tempted to start some Linux spam.
"For a low, low fee I can show you the best software site on the internet, everything from operating systems, to office suites, to graphics programs can be yours for free. Yes the sourceforge is a wonderful place. To find out, please send CowboyNeal your first born."
If no one behaves, it's useless.
But if most behave, a few have a huge incentive to misbehave.
They key is to increase the penalties for misbehaving so that there is no incentive.
I am pleased however that more proactive steps are being taken by organisations such as Spamhaus in addressing the problem by both a technology and policy driven approach in combatting the problem. And that more prosecutions are happening. But I don't see the tide being turned anytime soon.
As for the internet dying, I don't see it. There is now to much commercial interest in it for corporations to sit idly by and do nothing about SPAM and other problems we encounter on the internet. Even our governments misguided steps at regulation, show that the internet is here to stay. It may transform in the future but I don't see it dying just yet.
Not in my case; I don't pay extra to receive telemarketing calls or junk mail. Nor does the telephone company or post office block my driveway so I cannot drive to work in the morning. However, spammers have hit my mail server so hard that it cut off my connection to the outside world, preventing me from working from home.
When a spammer takes advantage of a poorly secured system belonging to another person without permission and forges the e-mail addresses of other innocent people not involved in spamming, I will use the word "criminal". I know of no better way to summarize fraud, theft, and trespass.
When I write free software and distribute it for free (with my e-mail address in the documentation so people can contact me or know that I contributed to the project) and I receive spam, how does your argument make sense? There are hundreds of thousands of computers with my e-mail address stored in credits files somewhere; how does this keep the Internet free?
how to invest, a novice's guide
So the 2000+ pieces of spam I get in my mailbox every week, that causes me to miss important messages occasionally because the filter gets them and they get lost in the noise, the several meg ads that tie up my connection for many minutes at a time as they download one after another, all of that is doing me no harm?
I never asked for spam, I never asked for my email to be used as a forged address (a recent development, so now I get complaints and counter spam too). Also I've never bought from a spammer.
These people ARE NOT direct marketers, they are CROOKS, using the bandwidth -I- pay for, to harrass me with things I do not want. And I have no real legal recourse to stopping them because I can afford to sue these hundreds of people. (If I could even find out who most of them were).
And again, please do not tell me they are not doing me any harm while I'm receiving spam complaint messages because some BUTTWIPE is forging my email address on their messages. It's no fun looking at having to change an email address that you've used for almost a decade, and all the associated grief that causes.
This story illustrates that the profitability of spamming is not that great. It would be even less profitable if spammers e-mail address books were even more polluted by bad addresses. And spam would be even less profitable if spam-using sites were innudated with mail.
I wonder if we could kill two birds with one stone. Littering the web with dummy e-mail addresses that include the domains of spam-supported sites. That way, the sites become overwhelmed by inbound mail traffic. It would be a version of this or, better yet, this using real domains of spam-using sites (from a blacklist service). E-mail addys such as sdadhja@viagraspammer.com, eywheh@viagraspammer.com, wywhdi@viagraspammer.com would both cost the spammer and the site that is using spam.
Two wrongs don't make a right, but three lefts do.
You, sir, are clearly a filthy stinking spamming scumbag, or a troll, or both. However, for benefit of the lurkers out there who might actually be misled by your lies, I'll take some time to refute them:
... and not one of them has paid a penny to me, or to my clients, for any addresses they find. The only person paying anything to anyone is me, for the bandwidth they're using in order to gather those addresses, and my clients, who (like all end users) are the ones who end up paying in the end.
Spam is fundamentally identical to telemarketing and direct postal mail.
Spam is nothing like telemarketing or direct postal mail. It is fundamentally identical to telemarketing to your cell phone where you have to pay for airtime. It is telemarketers calling collect and no option to hang up, postage due junk mail with no choice to refuse to pay.
The money telemarketers pay for those calls goes to the companies that carry the network traffic, namely the local and/or long distance phone companies. The telemarketer pays for the network resources they use.
The cost of handling bulk mail is less than what the Post Office charges to send it. The profits the Post Office makes from the bulk mailers pay for the hardspace "network" resources for everyone else.
Spammers do not pay for the resources they use. I've seen recent figures as high as 4 out of 5 emails sent are spam. To look at it another way, this means that if your ISP allocates $10,000 of their revenues to buy some new mailservers, then you, their customer, are only getting the benefit of $2,000 worth of new hardware; the other $8,000 is spent to deliver spam. Since that money is coming from you and other subscribers, then your ISP either has to raise your rates or not give you the increase in service they otherwise would have. If $1 a month out of your bill goes for hardware upgrades, you're getting 20 cents worth and the rest is going to deliver spam.
Spam in no way subsidizes the Internet. The spammers are not paying for the resources they use. They are forcing other people to pay to handle traffic that they do not want. They are forcing every ISP out there, from the big backbone providers to SouthPodunkNet, to shoulder the cost of their advertising. The only money a spammer pays to actually support the network is the cost of a cheap dialup account somewhere. All the rest is paid to other scum for things like lists of email addresses, access to innocent people's hijacked computers, etc. But he is using 10^6 or more of the network resources as everyone else.
When you give your email to a website operator, and that website operator sells it, that money is what keeps your content cheap or free.
Very, very, very few addresses used for spam are those given voluntarily to a website operator. In fact, out of the hundreds of email addresses I've used with various websites and companies, I've gotten spam at exactly one: the one I gave to iBill. The vast majority of addresses used by spammers are extracted from web pages, forum posts, domain registration information, and just about anywhere else.
I watch spammers' spiders scanning domains that I host
Then there are the dictionary spams. Some hijacked computers in Brazil have been bombarding one of my domains all day with spam to random non-existant addresses, trying to find some that get through. People who don't even exist certainly didn't give their email addresses to anyone!
As it happens, I'm the webmaster as well as host for a site with a fair bit of free content, so I think I am in a position to know something of the economics of it. It works like this:
Neither I nor my client has ever received a single penny from a spammer. This particular client happens to have a mailing list (extremely opt-in, and protected like the vault at Fort Knox) for a newsletter. If he should wish to sell it to a spam list vendor, just how much would a list of under a hu
Spam is not a matter of 20 mails a week, it is a matter of hundreds a day and rising. A friend of mine whose email address was compromised by being listed on his college website recently had to abandon that address, and try to contact everyone who knew him to give them his new one, because he was getting 500+ spams a day: over 99% of his email.
The cost of sending snail mail keeps it to a reasonable level. It also means that it is generally very tightly targeted. For example, I subscribe to a gardening magazine, so I get seed catalogs. I do not even have a penis, so I have very little use for penis enlargement pills, let alone fake Viagra and pictures of naked women (with or without horses involved). But because there is effectively no cost to the spammer, I am bombarded with advertisements for all of the above.
Okay, who owns send-safe.com?Gah! The Russian Mob! Well, I'm all for killing spammers, but in SOVIET RUSSIA spammer kills YOU!
Okay, who owns that netblock?Canadians! Back-bacon eating, toque-wearing, Stanley-Cup-losing Canadians. I'd rather take on 25,000,000 Canadians any day than mess with the Russkie Mafia.
Now, who hosts www.send-safe.com?Hmmm...I knew UUNET would pop up somewhere. There are a couple of MTI Software results on Google; one sells support and service for OpenVMS systems, the other sells bulk e-mail software. I think it's the latter...Florida. It figures. First in spam, first in hanging chads, first in the hearts of the nation.
So, to sum up, we have an Axis of Evil: Russians, Canadians, and Floridians, all conspiring to deploy Weapons of Mass E-mail Destruction. Gimme a couple of days to throw together a Powerpoint presentation for the UN Security Council and maybe we can get a posse...err, a coalition together.
k.
"In spite of everything, I still believe that people are really good at heart." - Anne Frank