Spamfighting Since the Death of MakeLoveNotSpam?

vacuum_tuber asks: "The now-defunct Lycos anti-spamsite screen saver, MakeLoveNotSpam, was extremely well received despite the whines and hand wringing from the no-one-should-ever-actively-defend-themselves crowd. There was speculation after its demise that Open Source spam-punishing tools would emerge. Other tools such as SpamVampire, LadVampire (punishes fake bank sites), Spam Research Tool and others were mentioned with increasing frequency, but there has been no coherent followup to gauge what people are doing since the death of the Lycos screen saver. What are you doing that you think is effective in punishing spammers or their spam-site sponsors?"

Simple solution...

[ActionJesus]

Just chop their heads off. See how well they spam if they cant see their monitor.

Re:Simple solution...

[3chuck3]

I Agree, I would like a wealthy eccentric to set up us unemployed Sys Admin with Licenses to Kill and Living expenses ALA Martin Blanke In Gross Point Blanke.

We could hunt down and execute the SOB's that pollute inbox with Cheap Meds and Penis Enlargement adds.

The best way

[nilbog]

The best way to fight spam is to go home and turn off your mom's zombie computer...

Re:The best way

Duh, slashdotters are home, in the basement. That should be go *upstairs* and turn off their mom's zombie computer.

Re:The best way

[ravenspear]

But that's where the education part comes in. I agree that more of that is needed. With cars, problems are easy to recognize because you can hear or see that something is wrong. With spam, it happens in the background so most people aren't aware. Unless M$ builds something into the operating system that makes it easy to spot security problems, it's going to be hard to educate everyone.

Heck, even that probably wouldn't work. I can see it now, a window pops up saying:

ALERT!

"You currently have port 25 open and your outgoing data rate is 1.2 mbps on that port. Are you sure this is what you want?

::user clicks ok, returns to browsing pr0n::

Re:The best way

[utlemming]

Educating people about securing their systems is one thing, but expecting everyone to become a security expert is quite another.

Agreed. One of the things that the /. community needs to understand is that some people are incapable, unwilling or just don't have the time to worry about their computer. In general, the /. community is quite intolerant of people who are unaware of what is going on in their computers. I had a tech support friend who used to tell customers that the problem is a "ID-10-T" error. Even though we may know how to fix a computer, upgrade Windows to Linux or whatever FOSS OS that you choose, doesn't mean that we should be intolerant of people that don't know about computers. I am sure that there are many mechanics who feel the same. Case in point -- I would never, ever pay for someone to fix my computer. But I do know how to fix my brakes, change my oil and do just about any mantience on my car; it may take me a while to accomplish a task, but it isn't worth it to me. Some people that use computers are the exact same way. They don't want to fix a computer themselves or learn how to do it because it just isn't worth it to them. I made a $100 because a person didn't want to learn how to fix their computer. Fine by me. But when it comes to changing my oil, I'll happily fork out $35 because I don't want to bother with. The best that we can expect is to train people about basic maintence. The real burden for securing computer is for those of us that have the skills to do it. We're starting to see the nessesity for responsable programming and security in computer systems. Simply put, we need to stop complaining about the unaware computer users and implement systems, designs and policies to make it easier on the user to have a secure system, while protecting the computer and the internet at large. Let's drop the "I am a geek, and therefore superior attitude."

Well...

[rasafras]

A solid wooden stake usually does the trick. Make sure it's the heart, though...

Re:Well...

[SirTalon42]

The groin generally gets the message through better.

Don't join the mob

[IntenetStormCenter]

The vigilante mob created by Lycos was nothing more then a publicity stunt gone wrong.

Cooperation and user persistance has pushed spam already to the fringes of the Internet. Spammers have to just compromissed machines and other criminal methods to spread their messages.

Making them a victim will only make it harder to push them out, and it will take away resources from the actual problem: People buy the crap offered by spam! Spam is no longer free. If people would just stop buying based on spam, the problem would solve itself.

Fight Spam with Spam! Spam Spam Spam

[Brainboy]

I've been spamming the spammy spammers with my anti-spammer spammer. My spam scripts is well suited to spamming spammy spammers with spam. Spaming spammers is the best way to get them to stop spamming. Infact sometimes I use other spammer's spam to spam the spammers.

Now I'm off to eat my breakfast of spam, eggs, bacon, and spam.

Make it illegal.

[koreaman]

Make spam illegal, that is the only real way to stop it.

Write your congressman, if you have some free time try to meet with one of them and lobby them. Few people know how remarkably easy it is to get your congressman to sit down and meet with you.

Re:Make it illegal.

[sqlrob]

Like making drugs illegal has stopped drug abuse.

Or like making identity theft illegal has stopped phishing scams.

Or how making unauthorized access to a computer illegal has stopped spam coming from compromised machines.

Re:Make it illegal.

[flyingsquid]

Write your congressman

You mean we should flood their mailboxes with offers for viagra and penis enlargement?

Re:Make it illegal.

[FatRatBastard]

And now that handguns are illegal shootings in DC have all but disappeared....

Re:Make it illegal.

[Ph33r+th3+g(O)at]

Sure, because the overseas hackers find U.S. broadband connections easy to compromise. And the "bullet proof" hosting is almost all in China and Korea.

Re:Make it illegal.

[Feanturi]

I know you're being funny, but that might be a seriously good idea. Dump a whole lot of paper in their offices. Send a letter as you would normally, describing your grief and then, as examples, give hardcopies of every spam you've received in the past week.

Re:Make it illegal.

[Zigbigadoorlue]

I believe that the only way to stop the proliferation of spam is through user education, not only about why one should fall for spam but also how to take care of their computer. Making spam illegal is just another way of limiting freedom of speech. Spam is speech just like yelling at passing pedestrians about the coming apocalypse is speech; illegalizing spam would be just as morally corrupt as illegalizing proselytism.

Re:Make it illegal.

[ScrewMaster]

That's pretty much irrelevant. If there's one thing spammers are, it's adaptable, and if the United States becomes an untenable host nation they'll simply move on. I might point out, however, that that 42% figure isn't too meaningful either: that much spam may or may not originate here, but it sure as hell doesn't all go direct from the spammer's domestic server to the target mailbox.

China, India, other up-and-coming high-tech nations have thousands upon thousands of unsecured mail servers and Windows machines to zombie. And hey ... even if we really do generate 42% of the world's spam here, that still means 58% of that crap is coming from somewhere else! A few years back AT&T and some other bigboy backbone providers cut mail service from China for a short period because of the volume of spam coming from China. Any way you slice it, this is an international problem, and it won't go away just because Congress passes the Can Spam Act II or something equally useless.

Re:Make it illegal.

[vandan]

Living on US aid? You haven't even been outside of your own state, have you?

The rest of the world certainly does not 'live on' US aid. The paultry amount of aid that the US offers largely goes into the coffers of military dictatorships that the US actively supports. And ALL US aid comes with a dick rammed up your arse in the form of requirements from the WTO, World Bank and IMF.

You must have a *very* warped take on reality if you think the people of the 3rd world bum around waiting for their next food-drop from the US, and surfing the net looking for new exploits to attack your PC with. Are all people in the US really as stoopid as you? The mind boggles.

Re:Make it illegal.

[FatRatBastard]

But violent crime (per 1000 head of population) is worse in the UK. I believe England and Wales have just topped the charts for industrialized nations in that statistic. And ~50% of all burglaries there are home invasions (i.e. the residents are home during the robbery), as compared to about 15% here. You tend to have problems like that when you take away the right for a person to defend himself in his own home.

(Second hand knowledge of this as my cousin in Bristol did time for defending his house from career criminals with a knife).

I don't punish spam.

[Man+in+Spandex]

SPAM punishes itself by giving an "evil" image for their company.

Best way to punish spam is by keeping your friends AND foes aware of what to not pay attention. In the end, hopefully, they'll make less profit. Nonviolence resistance demands patience and is a slow process but always shows progression.

Re:I don't punish spam.

[wwahammy]

I agree with nonviolence resistance and am a firm believer in it but I think using these people's bandwidth is the epitome of nonviolent resistance. You basically bother someone till they HAVE to change something (i.e.: SCLC's bus boycott, Gandhi's march to the sea, etc.) Of course I don't htink the term for this is nonviolent resistance because that really is for something much more serious but that concept fits.

Re:I don't punish spam.

[Anonymous+Luddite]

I agree.

Why waste effort on this? Just make it a rule: Don't ever, ever buy anything from an unsolicited email. I've got the same rule for phone solicitation - If your company EVER pisses me off by calling me at supper or on my day off or whatever, I won't buy from you. period. I don't care what you're selling. I'm not interested.

If there is no positive response, phone/email spam becomes an expense rather than a revenue generator. The 'invisible hand' of the market place will get rid of it.

Spamvampire works

[DogDude]

I use Spamvampire almost constantly. It works great. It sucks up their bandwidth, and while it doesn't DOS them, it does make the business of spam a hell of a lot less financially viable. I regularly pound on spammer sites (the sites actually selling the garbage) for a few days, then the site dies. Now, there's no way to know if it's because these sites are only designed to be live for a week or so at a time, or if I really am hitting them in the pocketbook, but I'd like to think that it works. At the VERY least, it makes me feel better knowing that somebody is going to be very shocked when they see their bandwith bill at the end of the month. And, the info that the guy who wrote the SmapVampire scripts concerning the 97% billing is very true, so the results he describes are actually quite realistic.

Re:Spamvampire works

[Matt+Perry]

I use Spamvampire almost constantly. It works great. It sucks up their bandwidth, and while it doesn't DOS them, it does make the business of spam a hell of a lot less financially viable.

Wouldn't local, transparent HTTP proxies put in place by ISPs, such as DSL and dialup providers, prevent SpamVampire from being effective?

Re:Spamvampire works

[Trepalium]

Seems that way, doesn't it. Why wait for the courts and laws to come into effect when we can be judge, jury, and executioner? Then again, the submitter of this story wrote to me, "There never seem to be any real cases cited, only hand-wringing by people who have not been joe-jobbed but who seem more concerned with hypothetical joe-jobbing of unnamed, unknown others that no one can point to". When I did name some specific joe jobs (such as the SpamCop and Spamhaus joe jobs), there was no reply, predictably.

But, I give up. I cannot convince someone who can't see beyond their own nose. Instead, I'll make this perfectly clear. I don't send spam, but if I ever get DDoSed by any of these holier-than-thou anti-spam vigilantes, I will do all I can to see the full force of the law fall upon them. You'd be no better than a script kiddie, and subject to the same punishment as far as I'm concerned.

Vigilante justice soils the good name of the anti-spam groups out there that are working hard to help the world control the spam problem. Attacking spammers with DDoS only changes them from being a criminal into being a victim, and we do not want that.

Unsolicited Commando

Nice tool to jam spammers...http://www.astrobastards.net/uc/

My solution

[nizo]

What are you doing that you think is effective in punishing spammers or their spam-site sponsors?

Sending xmas cards to inmates about to be released from prisons in their state with the spammers name and home address as the return address with sincere hopes that they will come visit once they get out. Plus I get to use up all these extra xmas cards instead of packing them away for next year.

Turn images off

[Neil+Blender]

Turn images off. And filter on <img src=. And tell your Mom to.

Two approaches.. ban buying, hit the websites

[speculatrix]

Why don't we consider the complete opposite: make it illegal to buy from spammers - kill the revenue stream, kill the spammer's business, stop the spam.

Another method is to hit the spammer's website... consider this perl fragment:
while (1)
{

• $sock = new IO::Socket::INET (
• 
  
  • Proto => 'tcp',
  • 
    PeerAddr => 'website',
    PeerPort => '80',
    Reuse => 1
    
  );
  $sock->autoflush(1);
  push @sockArray, $sock;
  

}

Naturally, the above code is for educational purposes only and is not intended to be used in anger :-)

Post URLs here

[Quixote]

and this motley crew shall /. into oblivion...

Re:Post URLs here

[AnonymousCowheart]

Ok, heres what SA has caught for me (I stripped the unique URLs):
http://www.yourstuffdepot.com
http://circumflex.killadwareco.com
http://thestuffonlines.com
http://www.diet45.net/
http://irh.net.yourpillsweb.com
http://pnatay.fortherest.info/amite/CD/
http://www.lending-now.com
http://cutrate-loan.info/
http://www.baby30.com/
http://backplate.lowerprice.info
http://adipren13.com/
http://mymddcanlbrlskvofyvq.goquote.info
http://www.platinumwellnessplace.com/a/
http://benz.sears.netbussinessk.com/at
http://0rderdrugs.com/meds/

please click the hell out of these!

A hypothetical...

[Shadow+Wrought]

If a spammer and a phisher were both drowning in a pool, and you only had enough time to save one, would get lunch or go for a walk?

Re:A hypothetical...

[SmurfButcher+Bob]

I'd tell them I'll save them both... after I've finished checking my email.

Re:A hypothetical...

[Lehk228]

C) I'd pee in the pool

What about -

[thewldisntenuff]

Forcing ISPs to turn off/temporarily disable the accounts of zombied, 0wned, computers? Isnt that where most of the spam comes from? How much spam could be stopped that way?

Doesnt have to be permanent, just cut it off and request the user run ad-aware/spybot/a decent virus scan and away they go......

-thewldisntenuff

Re:What about -

[maskedbishounen]

And then half of their users will, if I can use the term here, /. the telephone system trying to get through to their ISP, demanding to know how, what, and why. If you thought tech support jobs at ISPs were bad before, just you wait...

Still, if properly implemented, it's a great idea. Instead of cutting them off, drop any repeated, zombie-looking packets. Anything else, redirect it to a local site hosted by the ISP, for customers only.

It should read something along the line of..

"Our monitoring system has indicated that your computer has been infected with an internet virus, trojan, or worm. To prevent any harm to your privacy, computer, and personal information, we have temporarily disabled your account.

To clear this up as quickly as possible, below we have a wide ranging list of detection programs and simple instructions on how to clean up most problems. If you need further help, please use the form below of contact our support at ..."

Basically, forcing self-help to those that need it. Seems a whole lot better than "call us after you're secure" to me.

Respond to them

[Stephen+Samuel]

This is especially usefull for things like Mortage sites.

Give them info that at least looks real.
If you give them your real phone number, then you can keep them on the phone line for 1/2hour (if you've got a headset), while you play your favorite game.... then tell them you hate spammers.

Even if you don't give them your real time, it forces them to verify the data. People pay for info from those spams because it's mostly good data. from people who want mortages.

If you keep the S/N ratio from spams higher than random cold-calling, then the spam's useless.

For stuff like cheap viagra, it's mostly an attempt to get them to annoy their credit card company. or just wasting their time. If we (slashdot) can each get spammers to waste 10 seconds of their time, that's some number of spammer man-years. If we can each get them to waste 10 seconds a week, they're out of business.

It's using the statistics of spamming against them. They currently get about 1million-1 response ratio with a very high signal-noise ratio. If we can get that up to 1000-1 with a 1-1000 signal-noise ratio, then they'll drown in their own garpage.

Re:Respond to them

This is also what is best to do with telemarketers, if you have time. Ask lots of questions. Get lots of information. Waste as much time as you can.

BTW, remember that they called you. When they won't take no for an answer, hang up. Yes it is rude, but it the telemarketers who is being truly rude, forcing you to take drastic action. So, they called you. Take to them. Find out the pitch. Find out what they are wearing, if they had a good night sleep. How many kids they have. Get references. Have fun.

Re:Respond to them

and i love it too. I comb their site and post virtual orders, contact info, customer surveys (its dangerous to ask my opinion about spamming ;) and grab all the customer support and sales email addresses and un-subscribe them to their own spammer, as well up to 50 other address collection sites (i keep a current list). That way they get their own spam (and much more) and get a taste of what their own dollars are doing to me. That way they can DoS themselves with spam.

Yea, it takes time to be a pain in the neck, but it feels so good. Am I an addict? Nah, compulsive, vengefull, and @n as$-h0l3 maybe...

8^>

No sympathy for the spammer...

[Chordonblue]

"...the actual problem: People buy the crap offered by spam! Spam is no longer free. If people would just stop buying based on spam, the problem would solve itself."

So what you are in effect saying is that people who hawk too-good-to-be-true investment schemes and storcks shouldn't be punished? People are gullible, people are going to continue to be taken in by their greed, ignorance, or even illness.

I think these parasites should be taken down. Whether you agree with Lycos or not, I commend them for at least bringing this possible solution to the spotlight.

Re:No sympathy for the spammer...

[IntenetStormCenter]

of course they should be taken down. And they are being taken down at faster and faster rates. But DDOSing them is the wrong way. First of all, you take down an ISP in addition to the spammer, but in addition the ISP may now have to help the spammer to defend itself in order to keep other innocent customers online.

Its important to keep the rules simple. Otherwise you will lose cooperation among ISPs. DDOS is bad. Spam is bad. Lets cooperated and stop both.

Yeah... Murder is illegal too...

[Chordonblue]

...but it still happens, sometimes almost unchecked in foreign countries. How is this really going to help unless you target the companies USING spam to hawk their goods?

The spammers are a symptom of a much larger problem. Don't get me wrong - I wouldn't mind seeing them strung up too - but I'd rather see the CEO of some penis enlarging / Viagra-distributing company do some hard time with big guys...

wget+bash + SPAM = Fun

[cluge]

Or

LWP + PERL + SPAM = Fun

Take your pick, for something simple like a website that is hosted on compromised machines, simply loop the address through wget, use the output of ps -aux | grep wget | wc -l to keep the system load down to something reasonable - like 50.

Another fun game is when the spammer/phisher wants some personal information. Use LWP to walk through the order stages or web pages. Then give them the information that they asked for.

Name - Don't you know
Address - don't you wish you knew
City - not yet
State - that one
zip - 12345-678

Special order instructions:

Don't ever e-mail me again, ever, please. I'm begging you. In fact I'll be nice, i'll only send this very same message once for each attempted spam delivery. So far the machine that delivered this message has also made 150,000 connections, to try and deliver messages to users that don't exist.

Add random garbage to through off simply filters. Rinse and repeat until messages stop coming to you

Using the host command, with the name servers that show up in the whois. Walk the dns. It's trivial to repeat until server stops responding. Especially if the server is another zombie.

Tactics usually prove good at stopping sites hosted on compromised broadband connections. These machines generally have upload limits that run out quick. Sites hosted in China or Russia seem to have more bandwidth and can take more of a load. I only know this because I read around. I would never, ever advocate such a thing as returning the spam I receive to the spammer via his web sites order page. Doing what is suggested would probably get you in trouble.

My solution? Baseball bats, but my lawyer has told me that they may be illegal as well.

cluge

So it depends on who is doing it?

[the+angry+liberal]

The now-defunct Lycos anti-spamsite screen saver, MakeLoveNotSpam, was extremely well received despite the whines and hand wringing from the no-one-should-ever-actively-defend-themselves crowd

Yeah, um, right. Say the same thing in regards to the RIAA trying to prevent music piracy and you'll hear endless howls from the /. crowd about how hacking/DDoS is illegal and should be a punishable crime.

If you want anyone to remotely take you seriously, you will have to first drop the double-standard.

snail-mail spam right back at ya!

[Pretbek]

Posting the physical address of a spammer on /. and asking people to "please not sign him up for all the snailmail-spam you can find because that is so impolite" seems to have worked well in the past. Well, it worked at annoying the spammer, that is. I don't know if the amount of sent spam actually declined.

Hand Wringing

[fm6]

MakeLoveNotSpam, was extremely well received despite the whines and hand wringing from the no-one-should-ever-actively-defend-themselves crowd.

Hand wringing? Like all vigilantes, you love to emphasis your own macho attitude and the supposed wimpiness of your detractors. Whereas the real issue is the collatoral damage.

Re:Make them use the products that they spam

[ZeroExistenZ]

So spammers would be crushed under their massive erect penisses...

No war, no innovation

[seachnasaigh]

The Lycos thing was an interesting sortee, but on a day-to-day basis? I'll keep doing what I do now: learn, build better filters, make it harder for the stuff to get through, defeat the purpose, drive their numbers down a fraction. I'm a systems admin; my users don't see much spam, largely because I've spent months tweaking the filters to stop it, building better code into my SpamAssassin, etc. Does it annoy me? Not really. It keeps me employed, and it makes me think, actually. A wise man once said, rather coldly, that without war there would be no innovation. (I'm paraphrasing). Largely, that's true I think ... though he didn't say anyone had to actually be killed. This is a war; spam, phishing, viruses ... they've made us all grow up, realise that the 'net isn't a toy any more, and stretch ourselves just a bit to make it safer, faster, etc. Yes, this doesn't help your Mum's computer, but one day it will. I'm not going to say spam is good, but I will say I think it was inevitable, and that our reaction to it can in fact turn out to be beneficial.

Forward the spam to the BSA

For the spam that sells software, I parse the html code (kmail shows the code, not the rendered page) for links to the spam sites selling the software. It's almost always Microsoft Office, Macromedia Dreamweaver (and/or Flash and I forget the other Macromedia software), Adobe suites, Intuit's Quicken or QB, Symantec's software, AutoCad (?) and a few other regulars I can't remember right now. Almost always, the software includes the big ones above, and sometimes a few others.

So I parse the links, removing the filler, isolate the links, then go to BSA's site, and fill out their piracy form. I provide the isolated links, along with the entire email itself including headers, so that they can investigate the spamvertisement themselves.

Then I add a few words of encouragement at the bottom. Three words are generally enough, you can figure out your own slogans as a substitute.

Keeps the BSA busy, their minds on other things, minimizes the amount of trojaned software that clueless users download via spam if BSA actually takes action to close the sites or go after site owners, and lets me kill some time.

I've been thinking of ratting out the criminals selling "pirated" software on Craig's List to the BSA piracy line as well. Maybe I'll make that the next step. It'll keep cheap "pirated" windows software off people's computers, and perhaps give the prospective buyers more incentive to use FOSS/Linux instead. Or at least OpenOffice on Windows, which makes it easier to get them on FOSS/Linux platform later.

The BSA is the greatest thing since sliced bread. Without them, why would most Windows users migrate to Linux? Because its a better platform? Bahhh! They don't even know they're running Windows, let alone why Linux is better or not.

Re:OpenBSD's spamd seems like a good idea

[kd3bj]

At jtan.com we have used spamd for about a year. We use it with an dynamic honeypot system to automatically identify and tarpit spammers.(We have publised this spamtrapd system as OSS).

All spamd/pf does, for those of you that don't know, is to stall the spam sender by sending replies v-e-r-y s-l-o-w-l-y using a daemon that runs alongside sendmail. The OpenBSD pf packet filter is used to redirect data away from the real SMTP daemon and to spamd. Some people call spamd a tarpit.

Typically we have about 200-300 spammers in our tarpit at a given time, with a mean time of stalling at a few minutes. At the end of the stalling, we send a 550 rather than a 450 -- a 450 temp fail IMHO is irresponsible and causes more problems than any spammer-punishing benefit it might have.

I'm not sure tarpits are punishing anyway. Rather tarpits reduce the effectiveness of the spamming by tying up the senders in the tarpit rather than sending more junk to people.

I assume that spammers are wise to tarpits. We see a large number of disconnects within a few seconds. Of course, lots of folks program a HELO or multi-recipient delay in their MTA. That is a complementary technique that helps tarpits be even more effective. The longer it takes for spammers to tell that they are tarpitted, the less spam they can send.

My payback? SPAMHAMMER 2.0

[SmurfButcher+Bob]

A long (long) time ago, I came home to find my wife pumping some online poll, somewhere. Vote, click, wait, back. Vote, click, wait, back. It seems that Marvel was running a "who's the coolest X-Man" poll, and the various fan-groups were doing their damndest to win. Since I wanted my computer back, SpamHammer was born. With a dynamic array of winsocks, it'd allocate as many as the target server could handle, and repeat the voting that you'd "taught" it xxx times. It did well, to the order of a thousand or so per minute if the target could handle it. I must say, the pained expressions on the faces of the various people who were NOT in my wife's fan-group was worth every minute spent coding it, if only I could have seen them. An army of them would spend an hour pumping in a few thousand votes... I'd throw in 10k votes in the time it'd take to make a cup of coffee. It was a few years ago, but it was the type of user-torture that lasts a lifetime.

Eventually, the phishing scams came out. And the mortgage quotes were flowing in. And I got tired of all of them. And I remembered SpamHammer.

So, a LOT of searching of the old file-tree to find it, a little tweaking, and V2.0 was born. This new version supports everything needed to pump tons of crap into any site, POST or GET, cookies or not. I spared no feature - from random emails, random name permutations from the USCB, junk mailing addresses that'll pass a city/state/zip xref, random credit card numbers with proper checkdigits, and even stuff picked from lists (think of med sites). Mortgage quoters want leads? Here, have a million. Just don't bitch when the lenders refuse to pay for those leads. Phishers want accounts and passwords? No problem - with the added benefit of DOSing the target host. Free viagra? Oooo... I get wood just thinking about it... here, have a hundred thousand orders for random crap on your site.

I'm not sure why, but there's something satisfying about getting a "write failure: access denied" after pumping a few million POSTs into a site, consisting of every major field being 32K each. The only thing more satisfying is knowing that certain med-sites simply email the order to an in-box... here, have a big pile of 1Meg emails.

No, a legal solution.

[www.sorehands.com]

I just returned from serving about 12 lawsuits on Avtech direct. With enough people suing spammers under their state's laws, it will tend to reduce much of the spam -- by making the spammers pay for spammers.

Even though spam may be international, the foreign companies can be sued. When you send spam into the USA (or the particular state) you are subject to the laws of the USA. After I sued Global Web promotions, the FTC sued them and siezed their funds. Even though they are in Australia, they are doing business here by sending spam.

Putting "cloaking service" operators in jail

[Animats]

RegisterFly, a service which "cloaks" domain registrations by using RegisterFly's contact information in place of the actual registrant, may be committing felonies by so doing.

From the CAN-SPAM act:

• Sec. 1037. Fraud and related activity in connection with electronic mail

  `(a) IN GENERAL- Whoever, in or affecting interstate or foreign commerce, knowingly-- ....

  (4) registers, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages from any combination of such accounts or domain names, ....

  "or conspires to do so, shall be punished as provided in subsection (b)."

  (2) a fine under this title, imprisonment for not more than 3 years, or both, if-- ...

  (B) the offense is an offense under subsection (a)(4) and involved 20 or more falsified electronic mail or online user account registrations, or 10 or more falsified domain name registrations;

The CAN-SPAM act is soft on spamming, but tough on spam-related fraud. That can be useful.

Note the "or conspires to do so" clause. Knowingly assisting in a criminal offense satisfies the legal definition of conspiracy. "Cloaking services" are in deep trouble if they knowingly provide that service for a spammer. Unlike ISP's, there's no "safe harbor" for them.

As for the "knowingly" part, whenever you find a spam associated with a "cloaked" domain, send a note to the cloaking service, and post that you've done so to some public spam forum that's indexed by search engines. That will put them on record as knowingly cooperating in a criminal conspiracy. The next person who gets a spam from the same party will have that information as legal ammunition.

When you've got that info, report it as Internet fraud..

Report addresses to abuse desks

[dragonman97]

For 419ers and other spammers that tell you to correspond with them via Yahoo! or other free e-mail services, I strongly recommend reporting them to the abuse department for that provider. This can cause innocent fools from being able to actually contact the 419er, and if the success rate drops, then perhaps some of them will quit, if it's not worth their time. Yahoo! and others do not need their name further tarnished as being supporters of these scams, so cutting them off can only be beneficial to them.

Wasting the bandwidth of these phishers only hurts the Internet, by wasting resources. Do keep in mind that the sites may be using stolen credit cards, and the ISPs will lose money on overspent bandwidth bills when the CC company halts payment.

Forward the spam, but not just to the BSA

[IrishMASMS]

There are a few organizations & companies that would love for you to forward on your spam; and Spamcop [http://www.spamcop.net/] would love to help you LART the headers & spam web hosts.

You can tell where the spam comes from; or at least identify the web sites they are spamvertizing. Yes, it is sometimes a BPITA - hence why I use spamcop to help auto LART the headers/email for me. I know with squirrel mail any spam you can auto forward to your spamcop account to be LARTed.

Normally I LART anything that gets past the spam filters, thinking that anything that does get caught is by the big spamhouses. I also report my spam to the Feds for action:
"FTC" uce@ftc.gov,
"US Postal Inspectors service" fraud@uspis.gov

These folks ask for spam, to either tweak their anti-spam tools or for internal investigation:
"junk_brightmail.com" junk@brightmail.com,
"SendUsSpam" spam@sendusspam.com,
"Spamarchive" submit@spamarchive.org,
"Spamrecycle" spamrecycle@chooseyourmail.com,

Specific countries have anti-spam efforts:
"Spam from China" spam@ccert.edu.cn,
"Spam from Korea" spamcop@kisa.or.kr,

As already mentioned - any spam offering grey market (aka cheap) software?
"BSA" software@bsa.org,
"SBA" piracy@spa.org

Any 419 scams?
"419@nigeriapolice.org" 419@nigeriapolice.org,
"Central Bank of Nigeria" info@cenbank.org,
"thoselads_scamorama.com" thoselads@scamorama.com,
"Treasury Nigeraian scam reporting" 419.fcd@usss.treas.gov

Child pr0n?
"FBI" iitf.tampa@fbi.gov,
"FBI_Child_porn" complaints.detroit@fbi.gov

Any stock or securities spam?
"cyberfraud@nasaa.org" cyberfraud@nasaa.org,
"nasd Penny stock fraud submittal" ombuds@nasd.com,
"Securities fraud SEC" enforcement@sec.gov

Any food or drug spam?
"FDA_Complaint" webcomplaints@ora.fda.gov,
"FDA_Complaint2" webmail@oc.fda.gov

FYI: there are some anti spam groups I am a member of, where a little bit of research dug up these agencies. It is easy enough to set up an auto forward on your spam folder to report & LART the spammer scum. ;)

HTH!

Spam Traps.

[qualico]

I get a lot of spam attempts on my kevin@qualico.ca email.

Using scripting, I've made myself a nice little spam trap.
If you test mail.qualico.ca, you'll see its an OPEN RELAY!

BUT, if you try to use it...your email will be dissected and automatic abuse notifications sent to the upstream ISP of the target site, the injecting IP's ISP and any other IP listed in the email.
Further, reports are sent to all the major blackhole listing sites.

Very effective at shutting down sites because the instant reporting reduces the time spammers rely on between site switching.

I've been responsible for taking down a lot of sites and will continue to fight spam with every tool at my disposal.

Now if I could only extend this functionality to Malware and Adware sites.

One Stop Shopping!

[FireBreathingDog]

That list was very helpful. I lost weight, have a larger penis, refinanced my mortgage, and am now hooked on Vicodin.

Thank you, Slashdot!!!

Re:Report addresses to abuse desks (yeah, right!)

[Antique+Geekmeister]

I'm sorry, but the abuse desks almost never do anything useful. They are constrained by the lack of manpower, and they are constrained by ISP policy from doing anything that could ever be considered censorship to avoid losing the "common carrier" protections they currently enjoy.

Moreover, for many ISP's, spammers with "pink" contracts pay good money and help keep pay the ISP's bills. Agis.net tried this, and it wasn't until the Cyberpromo spammers had their upstream routers DOS attacked to death that Agis stopped taking Cyberpromo's checks, despite Cyberpromo's demonstrably criminal and fraudulent behavior.

To an ISP on the edge, a paying customer is very valuable.

Costing the insurance companies not spammers

[SCVirus]

Do you really think these spam servers, websites and there bandwith costs are not fraudulently optained? Your not costing the spammers your costing whoever ends up paying the credit card bill. Probably the credit card company will take up the tab, sometimes the acual person.

Re:Slashdot Hypocrisy

[djeddiej]

Imagine a beowolf cluster of these!

Re:Kill their mailing lists

[SlashdotMeNow]

Instead of showing off your 12 year old IQ why don't you wake up and remember that 99.9% of spam does not have a valid reply-to or from adress and thus those 'mailbox does not exist' messages will go nowhere. Most zombie spam / virus mails these days forge the headers to look like they came from one of your contacts, so MSC will compound the problem by spamming a random friend whenever you get spam.

SandTrap is my tool

[tutwabee]

As a webmaster I decided my associates would not appreciate their email addressses being spammed because they were listed on a website but they still wanted their addresses listed on my website. I decided to develop SandTrap, which is now a SourceForge group. The way it works: 1. bots see an empty HTML link tag in the page source and follow it 2. The page they follow it to has meta tags instructing nice bots not to follow the links on the page (noindex,nofollow) 3. The bad bots of course ignore the warning and follow the links 4. The ip address of the bot is recorded and blocked from the server It's written in perl and I've only used it on one website so far but it seems to work in theory at least. Oh... I also replace at symbols in email addresses with an image of an at symbol. That is pretty fail proof.

Re:Kill their mailing lists

[SlashdotMeNow]

Ok, maybe I'm missing something here.

You are indeed. The 0wned zombie machine is the spammer's friend. By emailing trojans to millions of Outlook users I can 1) Get a massive list of valid email addresses and 2) Recruit loads of PCs to spam others.

I don't use my regular email address for anything on the web. Yet I still get spam. Why? Because someone that had my email address in their contact list got 0wned. I get LOTS of spam that's customised with information gathered this way.

The VAST MAJORITY of spam (everything I've recieved in the last few weeks certainly) comes with forged headers. You can do some research if you want. Send all your spam from all your boxes back to the 'sender' for a couple of weeks and see what happens. Answer? NOTHING. Spammers don't maintain mailing lists. They just supplement them. You can kill your email address for months, and when you create it again I guarantee you'l get spam again immediately.

And about your 'if the address is bogus don't read it' comment. Are you saying that I should send a 'Are you real' reply to every email I get from a new address? That would sure piss off my clients. I know some companies that does that, and it's irritating as hell.

Leave the thinking to the professionals kid.

Funny?

[Captain_Chaos]

It's a disturbing sign of the state democracy is in in America that this has been modded "Funny"...

Re:You forgot some lines

[doublem]

Replying to my own post is bad form, I know, but this version continues executing after fatal errors, and as a result can skim past the autoflush error that killed the last one after 160 iterations or so.

Be aware, it may have to go through several errors before resuming operation.

my @domainlist = ('website1','website2','website3');
use IO::Socket::INET;
my $x=0;
while (1)
{
foreach $domain (@domainlist){
eval{check_site($domain);}; warn $@ if $@;#End eval statement
}#End foreach to loop through domains

print "$x\n";
$x++;
}#End master while to run until program crash

sub check_site{
my $site = shift;
$sock = new IO::Socket::INET (
Proto => 'tcp',
PeerAddr => $site,
PeerPort => '80',
Reuse => 1
);
$sock->autoflush(1);
push @sockArray, $sock;
#print "$site\n";
}#End Sheck Site Sub