Slashdot Mirror
A Day with an ISP Spam Investigator
scumbucket writes "Network World Fusion has an interesting article about an abuse investigator for ISP Earthlink and his job of tracking down spammers. It's nice to see that major ISP's are making an effort to shut spammers down and kick them off of their networks."
Not very much.
But even assuming they only made 50c per 1000 emails, when you're sending out 10+ million emails per day that's still $5,000+ per day or $1,825,000+ a year. Even at 1c per 1000 mails they still make $36,500+ per year.
I think you have your %'s off a tad. I've consistantly seen stats that put spam of US origin at 70% or higher!
:(){
Never underestimate rule #3 of spam.
It would be cool if it didn't suck.
Presumably you have a Gmail account,
...
and do not object to Google's policies
But many of us will not send mail to gmail.com
Problem 1: Gmail is nearly immortal
Google offers 1 gig of storage, which is many times the storage offered by Yahoo or Hotmail, or other Internet service providers that we know about. The powerful searching encourages account holders to never delete anything. It takes three clicks to put a message into the trash, and more effort to delete this message. It's much easier to "archive" the message, or just leave it in the inbox and let the powerful searching keep track of it. Google admits that even deleted messages will remain on their system, and may also be accessible internally at Google, for an indefinite period of time.
Google has been spinning their original position in press interviews, and with an informal page described as "a few words about privacy and Gmail." When we see fresh material from Google, we check the modification date at the bottom of the terms-of-use page and privacy page for Gmail. If these dates are still April 6 and April 8, we know that nothing has changed. Google can modify these pages too, any way they want and whenever they want, unilaterally. But at least these two pages carry slightly more legal weight than other pages, because Google should attempt to notify users of significant changes in these formal policies.
A new California law, the Online Privacy Protection Act, went into effect on July 1, 2004. Google changed their main privacy policy that same day because the previous version sidestepped important issues and might have been illegal. For the first time in Google's history, the language in their new policy makes it clear that they will be pooling all the information they collect on you from all of their various services. Moreover, they may keep this information indefinitely, and give this information to whomever they wish. All that's required is for Google to "have a good faith belief that access, preservation or disclosure of such information is reasonably necessary to protect the rights, property or safety of Google, its users or the public." Google, you may recall, already believes that as a corporation they are utterly incapable of bad faith. Their corporate motto is "Don't be evil," and they even made sure that the Securities and Exchange Commission got this message in Google's IPO filing.
Google's policies are essentially no different than the policies of Microsoft, Yahoo, Alexa and Amazon. However, these others have been spelling out their nasty policies in detail for years now. By way of contrast, we've had email from indignant Google fans who defended Google by using the old privacy language -- but while doing so they arrived at exactly the wrong interpretation of Google's actual position! Now those emails will stop, because Google's position is clear at last. It's amazing how a vague privacy policy, a minimalist browser interface, and an unconventional corporate culture have convinced so many that Google is different on issues that matter.
After 180 days in the U.S., email messages lose their status as a protected communication under the Electronic Communications Privacy Act, and become just another database record. This means that a subpoena instead of a warrant is all that's needed to force Google to produce a copy. Other countries may even lack this basic protection, and Google's databases are distributed all over the world. Since the Patriot Act was passed, it's unclear whether this ECPA protection is worth much anymore in the U.S., or whether it even applies to email that originates from non-citizens in other countries.
Google's relationships with government officials in all of the dozens of countries where they operate are a mystery, because Google never makes any statements about this. But here's a clue: Google uses the term "governmental request" three times on their terms-of-use page and once on their privacy page. Google's language means that al
The 'cost of spam' is not the cost of spam filters, extra storage, etc. The cost of spam is the cost to the end user of having to figure out which mail is real and which is spam.
Let's assume it takes a user only 1 second to determine if a piece of mail is spam, and deal with it, and let's assume the average user's time is worth $20 per hour. A million spams then cost the users:
$5555 = 1 second * 1 million / 3600 seconds in an hour * $20
You're right, the ISPs scared of being blacklisted. But they also view (correctly) keeping spam volume down as part of the service they sell. I know I have given up on some ISPs because of spam volume.
You mean this?
The ISP's are not really serious about fighting spam. It does not cost them that much and they are probalby making money due to spam. So the only incentive they have to do anything about it is when the level of spaming gets to the point they are about to be blacklisted then they take action.
If they were really serious about curbing spam they would implement greylisting and greet_pause features in their MTAs. Both of these would block 99% of the spam being sent. The remaining spammers would then be much easier to track down since they would have to be running full blown MTAs which could then be blocked.
So why don't they do this? Because it does not make them any money and would cost them a little money to implement and maintain such features.
Ultimately the only way to eliminate spam is to make is unprofitable to the spammer. One option that I have never seen discussed is to track down the idiots that actually buy from spam and take their machines away and sterilize them so they don't reproduce.
Now Zapp, you may ask: "What has that to do with anything?"
If you really don't know what staunch dfenders of free speech the Scientolgy[tm] "Church" is you might find some interesting reading at this link.
If you want to dig deeper then Xenu can guide you.
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
I work for an ISP, and we keep a seperate database with passwords in the office(i.e. not on our servers). the passwords are indeed hashed on our servers. people simply forget their passwords too much. bear in mind that we do not allow users to change their own password.
Earthlink's accounting database (Midas) allows all the agents a clear view of account passwords. Unless the QA guidelines have changed since I worked there, the password is acceptable as confirmation that the person calling in is actually the account holder and is allowed to make changes or obtain information about the account in question. And I believe that's the main reason why. There's also secret words and the last four digits of credit card information, but there were plenty of times where the person I talked to wouldn't have that information for one reason or another. (Set the secret word 2 years ago, wife has the credit card, etc.)
At Earthlink, absolutely. Earthlink's commitment to user security is absolutely non-existent. It's easier for them to manage with un-encrypted passwords: it's much faster and cheaper in tech time to tell someone their old password on the phone, or give it to the nice FBI man who asks for it, than to have to deal with encrypted passwords and reset passwords for people and send them the *new* password safely. Earthlink will take ease of management over genuine security any day: that kind of behavior is built into the WISE management guidelines they follow, although after all the complaints about the Scientology management techniques they don't call them WISE anymore. If you think I'm kidding, look into the background of Sky Dayton and their original CTO, who jumped out of a building on L. Ron Hubbard's birthday when he went back to college.
"I don't understand why all the focus on ISPs."
Because, unless you have a peering agreement, you are connecting to an ISP.
"You call the phone company (any phone company) and say you want a data T1 connection."
Okay. That's a chunk of money and it has a physical connection point that is recorded. It is completely different than a dial-up account.
"They give it to you and give you some IP addresses."
From their block. That means that they are your upstream provider. If someone complains about your behaviour, they will complain to your upstream provider who will then cut you off (or not).
"They do not process email for you, they do not give you web space and they do not respond to complaints about what you are doing with your T1."
They do respond to complaints about what you are doing.
"I expect this holds true for any sort of data connection from a telecommunications provider that is not providing any additional services, which means if you call SBC to get an OC48 they aren't going to ask you what you plan to do with it."
That is correct. They will not. But you ARE plugged into THEIR network.
One end of the line terminates at your location, the other end terminates at the phone company's location.
So, traffic coming from your line goes through the phone company's network. And people can see who licensed that IP range to you. They will complain to your upstream provider.
Rush mentions that in one case he realized that the suspect was using a sports password scheme, does that mean that these people working at the ISPs can view our passwords?
It depends entirely upon the ISP, but yes, at most large ISPs, employees can view your password. It makes tech support MUCH easier when dealing with stupid people. If this bothers you, call your ISP and ask them, and if they don't encrypt their passwords, switch to an ISP that does.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;