Slashdot Mirror
Spam Replacing Postal Junk Mail?
TheOtherChimeraTwin writes "I've been getting spam from mainstream companies that I do business with, which is odd because I didn't give those companies my email address. It is doubly strange because the address they are using is a special-purpose one that I wouldn't give out to any business. Apparently knotice.com ('Direct Digital Marketing Solutions') and postalconnect.net aka emsnetwork.net (an Equifax Marketing Service Product with the ironic name 'Permission!') are somehow collecting email addresses and connecting them with postal addresses, allowing companies to send email instead of postal mail. Has anyone else encountered this slimy practice or know how they are harvesting email addresses?"
Every time I buy something on-line I have to provide my billing address so now the e-mail address I use and possibly more (can it read cookies?) is known to the vendor who can turn around and sell that information to others. How easy is it for some Javascript or something to poke around for e-mail addresses when you are at a site? Also, my e-mail providers know my address - i.e. yahoo, google, aol, apple and comcast. Could they be selling that information? I wouldn't be surprised.
Very often, people confuse simple with simplistic. The nuance is lost on most. - Clement Mok
I have my own domain- EVERYONE except family gets a different email address
one gets caught by spammers- the address gets killed.
I understand gmail allows using a + in the address line to sort mail in a similar fashion
googleid+identifyingstring@gmail.com and you still get it-- only you know the source.
every day http://en.wikipedia.org/wiki/Special:Random
I use 2 emails, one for spam and one for private mails.
Now both my emails are full of junk, but while google spam option are working my old yahoo email is beyond saving.
Just keep clicking on "this is spam". It's not worth your time to understand why it's happening, and even if you do understand, you will find out it's impossible to avoid.
Hell, I can't even check my old SMS because it's full of spam.
Love many, trust a few, do harm to none.
first person I would suspect is the ISP or your webmail
without knowing any details of even the country your in it's kind of hard to guess...
but ISP's use deep packet inspection and even easier I am guessing you fill in your email address for their webmail and they bill you...
regards
john jones
I just handle electronic spam like normal junk mail. Hit Ctrl+P and then throw the damn thing away. Good riddance.
I use a special domain name which maps all aliases (*) to my mail box. Nearly every email I use for online purchases or registrations is custom for that site so when I receive email from an unexpected source I can trace it back to where I originally used it. I also always opt out of companies sharing info. I recently caught out SCE having passed my email to a government energy program and called them out on it. If I get spammed on one 'channel', I can reroute it to the /dev/null mailbox.
Although it would be best if email marketers were simply swallowed by the earth and sent directly to wherever it is the bad people go, if they are going to continue annoying us then I would prefer that it be through email and not postal mail. At least with email they are competing on our playing field where we have a decisive technical advantage in filtering. If the choice is between them stuffing my post box with paper or trying to stuff my inbox with spam (they will fail due to ThunderBayes among others. What's the word? Thunderbird) then I say bring on the spam, we are ready.
What's happening here is that there are companies that aggregate profile information, and they're able to link your email to your profile information. They then sell append services so the marketing company can add that email to your existing full name and address (FNA).
It is wrong for companies to append an email address and then market to it.
Companies do a lot with their (your?) customer data, including hygienization, appends, completion, profiling, etc. Most of this happends under the sheets, and most customers don't really want to know the details.
However, I advise clients to NEVER use an email append service for a variety of marketing and spam/technical reasons. Most clients will listen, some will choose not to. However, I'm seeing that more stupid companies will forge forward like its nothing, and companies with dwindling budgets are too suckered in by the cost savings.
Its only going to get worse.
Once again, GMail is my solution to this. Prior to GMail, I used spamgourmet to keep my inbox clean. The oldest email I have used to get 30,000 emails per month that were all SPAM. Right now, it's getting about 11,000. (I haven't really used that address in a long time.
I have had maybe 10 SPAM emails in the last year make it to that inbox. (It's hosted under Google Apps.)
So once I found out how well Google's SPAM filters work, I quit caring about giving out my main email address. I give it to everything now, and if a company SPAMs me, I just mark it as SPAM. When enough people do that, it seriously hinders their ability to contact their legit customers, and they learn a valuable lesson.
There's a little bit of fallout from people who use the SPAM button incorrectly, but I think Google does its best to account for that, too.
"If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
Everytime I got a new email adres, there is always that one clueless git that adds my address to one of those cute 'send something funny every week' sites.
Never got that funny, but the spams just starts flooding in.
Now I'm a lot more picky about who gets to see my real address. The rest goes to my temporary catch-all of the month.
Your post advocates a
( ) technical ( ) legislative (X) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(X) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(X) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
(X) Jurisdictional problems
(X) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
(X) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
(X) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
( ) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
(X) Nice try, assh0le! I'm going to find out where you live and burn your
house down!
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
It's a service called an "email append", offered by the major credit reporting companies. The purchaser gives them a list of names and addresses, and the credit reporting company finds matches with email addresses. They send an opt-out mailing, and the email addresses of everyone who doesn't opt-out are returned to the purchaser.
There is a trash can right next to my mailbox, which enables me to deal with paper spam about as easily as the electronic kind.
I do keep the little response cards with "return postage guaranteed" stamps, though. Those are great for gluing to bricks or other heavy objects you want to dispose of. Drop them in a mail box, and they not only get wind up in a mailbox at the company that spammed you, but that company gets billed for the postage, by weight. The heavier the object, the better!
Email filtering company MessageLabs reports that Egham, Surrey, on the suburban outskirts of London, is the town that receives the most spam in Britain.
"It's not like there's much else to do," said Boris Busybody, 77 (IQ), of Egham Hythe, idly whirling his four-foot penis around his head in a desultory fashion. "Expanding your manhood, growing your breasts, increasing your sperm ... the Lib Dem phone calls get a bit much. That's Doctor Busybody, by the way. My Ph.D arrived last week."
Spam has revitalised the local economy. Mr Busybody has given up cab driving and is now working a lucrative job processing payments from home after he sent them his bank details in response to an urgent security message. "I had that King Otumfuo Opoku Ware II in the back of my cab once. Very generous and helpful fellow."
The Egham Tourist Board has seized the day, with plans for a 50 foot tall penis sculpture at Junction 13 of the M25 on the exit ramp to the town. The sculpture will be encircled by a genuine imitation Rolex and spray a fountain of Spermamax, obtained at a very reasonable rate from a Canadian pharmacy. "You will search an hour for your underwear in the ocean of our spam!" is to become the new town motto.
"I did get a good one the other day," says Busybody. "Barrister Matthew Sergeant Busybody of MessageLabs said we could promote our town to millions of people just by sending them an advance fee to process our incoming email. The stuff they try! 'Scuse me, V!k@grk@ kicking in, got to go have sex again. Sorry."
http://rocknerd.co.uk
Yes, I think you've hit the nail on the head. Experian eMail Append overlays deliverable email addresses onto your active customer file and contacts customers via email on your behalf to obtain permission to communicate with them online.
By "permission" they mean they send you email until you complain. If they happen to pick an email address that is normally not read by a person, they don't get any complaints. (Not that I opt-out of spam; I block it.)
Further on, they state Retain your customers by keeping your brand top-of-mind through consistent, relevant and interactive email communications. Yeah, good luck with that. I know four companies that have just lost my repeat business.
Thanks to all for an excellent discussion.
To understand why this won't work you have to understand how e-mail works. We start from when you hit 'send' in outlook.
Your message first goes to your ISP's or company's outgoing mail server. Let's ignore that for a moment.
That outgoing mail server looks at the recipient- user@domain.com. So it uses DNS (the thing that converts a name like www.google.com into an IP like 74.125.93.147) and asks what the MX (mail exchanger) servers are for domain.com. Domain.com has those listed in its DNS.
The outgoing mail server then connects to the domain.com MX server. It says "i have a message from person@company.com for user@domain.com". If the MX agrees to take it, your outgoing mail server transmits the message, and the MX sends a confirmation that it is accepted. They then disconnect.
If you're running your own mail server, or are using a company mail server, or a different email system, your ISP has nothing to do with this other than moving your packets around.
The point is that email is not a single system that can be changed like raising the fare on the subway. If you're the city and you want higher subway fares, you just reprogram a few thousand turnstiles (all of which you own) and you're done. Email/SMTP isn't like that, SMTP is an agreement, a protocol which millions of networks and servers have chosen to implement. Email is just another internet protocol, no different than AIM, skype, HTTP/wwww, FTP, etc. It's just one of the most widely used protocols.
There is no central authority to enforce anything like e-stamps. For this to be enforced, the domain.com MX would have to say 'please give me a tenth of a cent before I deliver your mail'. The only useful way to handle that would probably be with a 3rd-party clearinghouse for exchanging the 'stamps', so your mail server would say 'i give you stamp ID (long stamp id number)', the destination MX looks that up with the clearinghouse, approves it, then accepts the message for delivery.
For that to happen, both your SMTP server and the recipient's MX would have to be modified to deal with these payments, and optionally require them for mail delivery. There are many different mail server programs out there, this would require all of them to be updated to support payments, and then (heres the hard part) all the people who run them would have to install those updates. Then anybody who runs a mail server would have to do some financial setup to let them accept payments and send payments for email. IE, every random geek and company and IT department and ISP that runs a mail server now has to jump through a financial hoop. If I run my own mail server, does that mean i get 2/3 of the payment (the recipient fee and the ISP fee)? Does my ISP get it even though I'm not using their servers? There will be great resistance to this.
The main issue is, it would *NOT* be transparent, not to anybody. This would be a large, time-consuming and very expensive implementation.
Now let's say best case scenario, lets say you get all the major isps and webmail providers on board (msn, aol, yahoo, google, comcast, timewarner, verizon, cablevision/optimum, charter, adelphia, etc).
Let's say they immediately set up their system to start dealing with these micropayments.
What happens to the (literally) millions of companies in the US and abroad who run thier own mail servers, but whos systems are NOT updated? Can they no longer send mail to all of the above networks, or is there a break in period? If the payments are optional, what incentive does anybody have to adopt them?
Also you say approved senders can send for free. Who is an approved sender? What is the qualification? If it's difficult and expensive, some of the large bulk-mailing companies will try it anyway, and the smaller legit companies are shut out. If it's easy to get one even for a small biz, then the spammers will get them too. If extensive investigation is performed on the applicants, that money has to come from somewhere, so it'll be expensive.
--IronHelix