Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Day In The Life Of A Spammer

Posted by ryuzaki0 on from the pay-it-forward dept.

kaip writes "Internetnews.com has a story of a spammer. The individual sends 60 million spam emails for four days worth of work and claims that one in 19 of AOL users clicks the links in his mortgage spam (this number should however be taken with a grain of salt, see rules 1 and 2). Maybe not everybody has heard of the Boulder Pledge... The article also tells how the CAN-SPAM Act, which legalises spamming, is turning the US into the spam haven of the world. Currently, 86 percent of the total spam volume is coming from the States."

4 of 313 comments (clear)

  1. Bush signs CAN-SPAM -- Kerry didn't vote for it by Deeper+Thought · · Score: 0, Offtopic
    Interesting that President Bush approved CAN-SPAM. At least Kerry wasn't dumb enough to vote for it.

    For my money/vote, CAN-SPAM is a MUCH bigger issue than what someone did in Vietnam 30+ years ago.

  2. Re:If everyone greylisted spam would die by fmaxwell · · Score: 0, Offtopic

    Well the alternative to that is to do nothing and let email devolve into a largely useless waste of resources and time.

    There are many other alternatives.

    1. Legislation with real teeth and active enforcement of the legislation is one alternative.
    2. Amending the junk fax law to specifically include faxes is another. That would let you sue spammers and get $500-$1500 per message. Sure, you won't catch them often, but $500-$1500makes tracking them down worthwhile to many people.
    3. Get ISPs to block port 25 outgoing. That closes off one delivery method.
    4. Get the big guys to block overseas IP blocks that host spammers. If Chinanet's traffic was dropped into the bitbucket for hosting spammers, my guess is that there would be a lot of spammers looking for new hosts.
    5. Encourage the adoption of SPF. For every domain that adopts SPF, that's one less that the spammers can forge e-mail from. (For those reading along, SPF designates, through DNS, what IP addresses are authorized to send mail from a domain. Thus, if MSN published an SPF record with all of their mail servers and some spammer in Korea tried to forge an MSN sender address, his spam would be rejected by all systems that did SPF testing).

    Do you really think people would have a problem with greylisting? email is not instant messaging. There are other applications for that.

    Yes, I do. There are countless times that I have been on the phone with someone and we sent a file, while talking, through e-mail. There weren't convenient FTP servers. We did't have instant messaging accounts. Nor did we want to try to move a 1, 2, 3mb, or larger file through IM. Many businesses specifically block IM because it's a distraction, potential source of viruses, and yet another application that they don't want to deal with supporting. The business can automatically tack on confidentiality notices to e-mails, can scan them for spam, can scan for viruses. Those tools are in their infancy for IM -- if they exist at all.

    The beauty of e-mail is that it serves the user's schedule. If I am at my computer, I can see, and respond to, messages instantly. If I'm not, the message will be there when I return.

    True, with the setup I have at home at the moment I still have to process all the spam. But I don't look at it since it ends up segregated from my regular email and mailing list traffic.

    That's great and I'm glad that it's working out for you. But we would need almost universal adoption of effective anti-spam measures at the client side to have that be a solution. Spammers don't care that one in one hundred people has effective anti-spam filtering. They probably weren't going to get clicks from those more savvy users anyway. Until the average user doesn't see the spam, it will still be profitable to send it.

    It is amazing how cheap congress critters go for now a days. Maybe we should take up a collection and buy a few for our own use.....

    Sadly, that's not a bad idea.

  3. Re:If everyone greylisted spam would die by fmaxwell · · Score: 0, Offtopic

    Legislation if it ever comes to pass, which I doubt, will not have the teeth needed to really solve this problem. Or it will create such a burden on normal usrs of email that it will in itself make email useless.

    Why? The junk fax law has teeth, allows for individual right of civil legal action, and has drastically curtailed the number of junk faxes being sent. And it hasn't burdened normal users of faxes at all.

    Blocking port 25 outgoing while it would be effective it would also block a large number of people that run their own email servers that are not used for spamming.

    AT&T had this correct years ago: Block port 25 by default and, if a customer requested that the block be removed for legitimated (i.e., non-spamming) reasons, then AT&T removed the block. Way less than 1% ever requested that the block be removed. That takes care of Harry Homeowner and his infected PC. But I pay for business class service so that I can have no ports blocked and a static IP. Others can, too.

    SPF is a good idea and I would also like to this widely implemented. Hopefully this will eventually catch on.

    Agreed. I have an SPF record on my domain.

    As to the issue you have with greylisting the benefits can be had with as little as a two minute delay with no real difference to using a 30 minute delay. Also if you are working closely with another group you would most likely have their email server white listed which means there would be no delay.

    Good points. I'll have to do some more research and consider this further.

    Barring the universal adoption of effective anti-spam measures at the client

    -- which we know won't happen --

    I think having the ISPs implement greylisting would be the quickest and surest way to deal a massive blow to the spammers.

    But for how long? I bet that the spammers would quickly adapt. Greylisting relies on spammers using the "fire-and-forget" methodology, wherein they they attempt to send the spam to one or several MX hosts for a domain, but then never attempt a true retry as a real MTA would. I'd bet that they'd quickly adapt if many ISPs started using this and the end result would be no real reduction in spam, but a significant delay for all users of e-mail.

    As a side note, I find the confidentiality statements tacked on to email laughable. I can not see such a thing being held up in court of law as valid in any way.

    Agreed, but companies like to tack them on anyway, so they'll resist mediums (like IM) which make that impractical.

    Not sure about everyone, but I have seen a significant increase in spam over the last 8 months.

    Agreed. The YOU-CAN-SPAM Act has emboldened spammers. Just as individual state laws in Washington, Virginia, and California were starting to put the pinch on the spammers, the YOU-CAN-SPAM Act basically neutered most state laws -- at least in the eyes of the spammers.

    So which congress critter do you want to buy? :)

    It's a tough call. Boucher is the closest to our views vis-a-vis the DMCA, RIAA, MPAA, etc., meaning that it wouldn't cost as much, but he's already probably voting our way. Orrin Hatch and his ilk have already been bought by big media, so they are no longer on the market. We'd have to find a moderate with no real position in these matters, who looks like he'll have staying power (no sense in buying a one-termer), has some chance to get on important committees, and is actively writing legislation. (Yes, I really do think that our enemy analyzes the situation just that way.)

  4. Re:If everyone greylisted spam would die by fmaxwell · · Score: 0, Offtopic

    With junk faxes there is a way to clearly identify the sender, they can be tied to a phone number. With email that is very difficult to do. Unless you can clearly tie the email to an individual you would not be able to prosecute and punish the sender.

    Follow the money. Spam is sent to make money. There will be a web page, phone number, etc. attached to it. I've successfully tracked down spammers, gotten their home phone numbers, etc. It's not something that you can do most of the time, but it can be done and you don't have to catch every criminal for laws to be effective. It's the fear of being caught.

    I think Comcast recently blocked port 25 on a large portion of their network.

    It was my understanding that they were still doing the old whack-a-mole game of only shutting off port 25 after they receive complaints.

    Ah! How to foil spammers that adapt to greylisting? That is when the longer delay has to be used in combination with an RBL system. The idea is that when the spammer trys the first time you temporarly reject the message. During that delay the spammer continues on and hits a number of spam traps which gets the IP address added to an RBL system. The next pass at your system you start to let the message in but check it against an RBL which flags it as spam now. The message is then rejected.

    I don't doubt that it would have success, but it's fairly compute-intensive and still subjects the RBL lists to DDoS attacks by spammers. That's been a problem up to now and will continue to be.

    I really think that the right answer is wide distribution of SPF, legislation with teeth backed up by enforcement and rights of civil action, default blocking of port 25, and DNS redirection of spammers' web sites. That would be a good start.