Meet the Spammers 750
DaveAtFraud writes: "It took a little digging to find an on-line copy of this article that I first saw in my treeware daily newspaper. Thanks to the Salt Lake City Tribune for having it on-line. According to the Spamhaus project, a handful of people are responsible for 90% of the spam that clogs you in box. This is your chace to hear from them and what they have to say is quite interesting. If you don't think the filters and blacklists work, one spammer whines, "My operating costs have gone up 1,000 percent this year, just so I can figure out how to get around all these filters." Stopping spam is simply a matter of economics. When its uneconomical to send spam, people will stop sending it."
There ought to be a law... (Score:3, Interesting)
The article claims this... and yet we see big spam houses fighting anti-spam laws left and right everytime they're proposed in the legislature for a state. And I seriously doubt they comply with the current anti-spam laws in the few states that have them -- since all they have is an email address and no state of residence information.
Frankly, I'm for a reasonable anti-spam law (one similar to the junk fax law, which has worked well). Obviously it's not as clear cut as junk faxes -- with them you can find out who sent you the junk. Spammers routinely obfusacate their information as mentioned in the article. I'm tired of the amount of spam I get, and unless you run your own mail server (something not viable for the vast majority of the Internet populace, and not even viable for the majority of the geeks) there's no way to block it.
Not that blocking really helps -- the bandwidth has already been consumed. The only thing blocking does is automagically delete it for you. I'd like the bandwidth back personally.
Re:And yet... (Score:4, Interesting)
Not exactly. You won't see well established companies sending spam (ever received spam from IBM?). Spam is most of the times for fraudulent/make money quick products. If 1/10000 people fall for it these companies still make a profit and they don't care if they piss off the other 99.99% since they wouldn't be buying anyway.
Spammers fight back (Score:5, Interesting)
Yesterday I received a funny email that one of my clients was spamming. This email seemed to come from spamcop.net. What was starnge it was close to but not exeactly the warning typically sent by spamcop. So I sent them an email and here is the reply:
Spamcop spam is forged
Starting appoximately 12 noon EST 06 Aug 2002, spam purporting to be from spamcop (abuse@julianhaight.com) began being sent in an attempt to 'get spamcop in trouble'. This is a standard spammer tactic (joe job).
These messages were not sent by spamcop, and the claims made in them are false. Please disregard the email and/or block the originating IP address - 206.161.21.66 (cais.net). This IP has been blocked by SpamCop's blacklist since June. It appears cais.net is not responsive to complaints - their phone number (877-427-3368) leads to a computerized system with no attendant. It *may* be safe to block all of cais netspace: 206.161/16.
Please do not block mail from julianhaight.com or spamcop.net. If you cannot block by IP address, it is safe to block the origin email addresses, ( 'abuse@julianhaight.com', 'webmaster@julianhaight.com', 'webmaster@spamcop.net', 'abuse@spamcop.net') as no legitimate mail should be sent from these.
If you would like to contact someone at spamcop about this, you can send email to deputies@admin.spamcop.net. But please refrain from doing so. We are aware of the problem, and we are doing what we can to limit the damage. Unfortunately, since we're not responsible for sending it, there is little we can do to stop it.
More information on this career spammer is available from spamhaus.org
- SpamCop mgmt.
As you can see at least one spammer seems to be fighting back. You can also fing this on the web at http://www.julianhaight.com/forgery.shtml (I did not link directly to the site for obvious reasons. Maybe I should not even put this up?)
Mabey we should teach them a lesson and start refusing any connection from those IPs....
A bunch of dictators (Score:1, Interesting)
It also seems that the way the spammers are making money is by selling a few cds with millions of email addresses which multiplies the problem.
Re:Economic (Score:2, Interesting)
So it should be
Die idiots die!
a web-marketing company came to me... (Score:3, Interesting)
what they 'said' (they make me understand the concept, but they never explicitly said it) was something like:
"We could send information about your company to users that could potentially be interested in your product, using some lists of e-mail addresses..."
And they asked for a price. Which wasn't that big.
So here is how spammers get paid: by convincing marketers that spam "might" be poiting customer attention to a website/product. And marketers go trying to convince CEOs and those who buy their services.
After all, spammers gets a little amount of money: why not try that, if it will cost you only few hundred bucks? from a company point of view, that's nothing.
And here the spammers get more and more money.
What I think would be needed is an article on some business-oriented magazine (say, the Economist, the Harvard Business Review, the Wall Street Journal) that explicitly *tells* CEOs and other managers WHY AVOIDING SPAM MAKES YOU SAVE MONEY (sound like a spam mail, doesn't it?
Like talking to them with their own language. No need to talk about bandwidth, e-mail, filtering, regexp. Just concepts.
Is anyone willing to help me write such an article? maybe someone with connections in such business-oriented newspapers...
Re:I feel so sorry for this guy (Score:4, Interesting)
Relentless anti-spam vigilantes have hounded the 35-year-old head of Empire Towers Inc., plastering Cowles' home address and phone number all over the Web. Spam recipients call to tell Cowles how they feel.
"These people will go to the lowest depths," said Cowles, of Bowling Green, Ohio. "I have some phone clips that would make you sick."
Ahem...
You want to talk about going to the 'lowest depths'?
Tom Cowles - a personal encounter (Score:2, Interesting)
On some of the worst days, we got well over 1.000 (one thousand) bounces!!! (that is: spam that *did not* go through to the recipient). So, his frickin spam did cost *us* money, plus reputation - because all the hatemail that bastard complains about went to *us* not to his sorry ass (like a 1mb hires jpeg with a "fuck you spammer" message - great, we didn't send that out, thank you very much).
And, being in europe there is hardly much I can do against a US spammer.
Luckily, after three weeks he stopped (he is probably misusing some other small companys name right now). I really hope this guy gets shut down for good. (There is hope - he is on criminal trial says' his "stalkers" website:
http://www.toledocybercafe.com/ivtg/
The next step? (Score:3, Interesting)
Worm spamming. An outlook worm, which spams: it would connect to a website, get it's "instruction" (spam messages), then send itself along with the spam messages, to your outlook address list.
Now, which filter will be able to trap that, as it will always go to and come from legit addresses???
Scary.
UUNet/WorldCom Still At It After 5 Years (Score:2, Interesting)
Re:Excellent news! (Score:2, Interesting)
Not true (Score:2, Interesting)
> stop sending it
This is not true. As the rate of spam drops, the response rate to the spam that does get through rises, as does its value. So basically, adding filters makes it economical to send spam to the few market survivors who will be able cover their costs and make a profit on the amount they charge their clients.
Next Level (Score:3, Interesting)
What we need is software like this. (Don't ask, mine isn't ready for release, and I don't code "collaboratively" -- I do it for my own amusement).
Ratboy.
How to really get rid of spam (Score:2, Interesting)
So now I have a whitelist with addresses of my friends, co-workers and the mailing lists that I have subscribed to. Those emails will get to my Inbox directly - the rest will get filed to a spam folder and an autoreply is sent to the sender telling them how to get through the filter. This requires the sender to read the autoreply and do what it says.
It works.
Time for some blatant self-promotion: my .procmailrc can be found from here [holviala.com].
Re:This is *why* we need laws! (Score:3, Interesting)
To really attack the issue, I think we need to first stop labelling everyone involved as a "spammer" when there appears to be a hierarchy of culprits, including:
1. The ISP that provides refuge for spammers.
2. The spam enablers that provide the software, lists, and sometimes mailing services.
3. The spammer who may be an independent jerk, or who may be misled and effectively taken advantage of and pimped out by a #2 organization.
4. The people who actually buy their products.
Most spammers (#3) are just idiots that will probably keep on trying regardless of whether they ever make money, and there's a new one born every minute. It's #2, the spam enablers (or spam pimps, perhaps?), who should be the most vilified and attacked. They're the ones making money off of spam regardless of whether anyone actually buys it or make money and they present much larger targets. With empty promises of wealth, they take advantage of the idiots who make up #3 by taking their money in return for mailing lists and sometimes actually sending out the spam. Many of these "clients" are probably people with legitimate and sometimes severe mental health problems (hence non-commercial spam about aliens and time travel) who might never be diswayed by legal means without eliminating the means.
Like prostituition, strong laws should be made against this kind of pimping activity (spimping?), both directly, and at the ISP (#1) level. Also, maybe an ISO 9000 type practices and auditing standard for ISPs can be developed and widely publicized. This might require that an AUP include certain anti-spam requirements, and/or that the ISP takes responsibility for bulk mailing. ISP's might be encouraged or even forced to restrict bulk mailing to lists that can be independently confirmed to be opt-in and/or have a verified individual who will sign-off to that effect (under penalty of law), and to label all bulk mail with a certain identifier etc.
Re:Spammers are middlemen (Score:2, Interesting)
Re:I think... (Score:3, Interesting)
But it doesn't stop there. It is bad enough that end users are abused in this fashion, but the distribution channels for the spam is just exceptionally bad. It is one thing if they had to foot the bill for mail servers and associated bandwidth, but instead they are scanning for open relays to *exploit* for their mail capacity and bandwidth usage. I was called in by one company with mediocre IT infrastructure, enough to be dangerous. They called saying that over the last few days mail through their server was taking hours to get anywhere, if it got anywhere at all. Well I go in and find it is an open relay, and the thing had 400,000 queued messages, among which there where about 350 legitimate messages to retrieve. I closed the exploit, and eventually recovered the messages of interest for them, but they lost a lot of time because of it and their bandwidth charges were really high because of it. Spammer's are doing wrong and they know it, why else hide behind other companies resources?
free enterprise?? With a price... (Score:3, Interesting)
He uses other peoples systems to spread his crap. He forgets that all this spam clutters up many mail servers and screws people who have to pay for their time on line.
This is not a crime, but talking to a 7 year old on line is? Hmm to me this would be one step away from pedophilia(did I spell that right?). What is the difference is you unknowningly send a 7 year old an email that has a URL to a porn site and says things like watch 2 girls do f***, or see cindy take it up the a**, and pedophilia?
Personally if I was their ISP I'd ban them from using my service. I know some ISP's do that. Maybe what we need is a list and take this list to the ISP and get them to ban these people from getting online. No service to spamers is a policy that some already have, if there was a list of people (maybe what is on the .org website that I can't get to right now) then we'd have less spam.
I'm not sure about the rest of /. but I am tired of my mailbox filling up with spam. I do like my new filters though, much of it goes straight to the trash. I still wish my ISP would let me set up my own personal filter rules on their system. Just for my own mailbox, so that I could delete some of these spam messages like the ones that have korean character sets that automaticly go to my trash on my local machine. This would actually cut my spam downloads by about 70%.
Hit them where it (financially) hurts. (Score:2, Interesting)
What would happen if people did the following:
1) We went to every advertised site sent to us by a piece of spam to give them a nice dose of the slashdot effect. I'm sure that their ISP would slam them with increased bandwidth charges incurred by this level of activity.
2) While you are there study what their product is and give their customer service department a letter stating what you liked about their product or service and what you didn't like about their product or service. Then tell them that you recieved a piece of spam and have effectively put them on a blacklist and will never purchase from them. Ever.
3) Find the home state of the advertised site and submitted complaints to the State Attorney General for their behavior. If your state has anti-spam laws show them how they violated them (I live in Washington) and ask them how to get your $500 per unsolicited e-mail. If the SAG got overwhelmed by complaints they might do something about it.
4) This is unethical (like spam isn't IMHO) and illegal (like spam isn't IMHO) but hack the site into oblivion. Backdoor the place and use it for a DOS on the spam generating sites.
Not that anyone will actually DO this, but I am thinking about doing this for my hotmail account. If someone hits my home account I DO some of the above items. A typical e-mail looks like this:
To the SysAdmin at phat.co.nz:
Your server may have been hacked or spoofed. Here is the information.
To the SysAdmin at freelance.docspages.com:
You are having unsolicited e-mail for your server being sent out.
------- FORWARD, Original message follows -------
Date: Thursday, 25-Jul-02 09:54 AM
From: postmaster@myisp.com \ Internet: (postmaster@myisp.com)
To: talinom \ Internet: (talinom@myisp.com)
Subject: Delivery failure (philmoss@phat.co.nz)
--103578/1720/1027616055/MailSite/mail.myisp.com Content-Type: text/plain
Your message has encountered delivery problems to the following recipient(s):
philmoss@phat.co.nz
Delivery failed
550 : Recipient address rejected: This user does not have an account here (MTA:imta10)
No recipients were successfully delivered to.
--103578/1720/1027616055/MailSite/mail.myisp.com
Content-Type: message/delivery-status
Content-Disposition: attachment; filename="DSN3D402D35.txt"
Reporting-MTA: dns; mail.myisp.com Arrival-Date: Thu, 25 Jul 2002 09:54:13 -0700
Final-Recipient: rfc822; philmoss@phat.co.nz
Action: failed
Status: 5.0.0 (Permanent failure - no additional status information available)
Remote-MTA: dns; sitemail.everyone.net
Diagnostic-Code: smtp; 550 : Recipient address rejected: This user does not have an account here (MTA:imta10)
--103578/1720/1027616055/MailSite/mail.myisp.com Content-Type: message/rfc822
Received: from [216.58.208.124] (unverified [216.58.208.124]) by mail.myisp.com
(Rockliffe SMTPRA 4.5.6) with SMTP id for ;
Thu, 25 Jul 2002 09:54:13 -0700
Message-ID:
To: Phil Moss
Subject: Re: hey!
Date: Thu, 25 Jul 02 09:57:42 -0500
From: talinom
X-Mailer: E-Mail Connection v2.5.02
-- [ From: talinom * EMC.Ver #2.5.02 ] --
I do not know how you acquired my e-mail address as I guard it very closely , however I am a member of Washington State and will use our anti-spam law:
http://search.leg.wa.gov/wslrcw/RCW%20%2019%20%20
Chapter 19.190 RCW on http://search.leg.wa.gov/pub/textsearch/default.a
to assist should this action be insufficient.
I would also like to be removed from any list of any related or subsidiary companies or organizations you may have associations with. I may require contacting some of the people listed below (information found courtesy of the Internet) should my request be unheeded.
I do not tolerate unsolicited e-mail and will prosecute them to the fullest extent of the law when I find the cause of the matter.
I apologize for my bluntness and rudeness in this matter, however I never requested that this e-mail be sent to me.
The information regarding the phat.co.nz domain is as follows:
registrar: Domainz
domain_name: phat.co.nz
domain_DateCreated: 12-Apr-2001 00:00:00
domain_DateLastModified: 19-Apr-2002 14:26:02
holder_name: Adam Jones
holder_contact: Adam Jones
holder_phone: 021 128 6780
holder_fax: .
holder_email: kraven@inspire.net.nz
holder_address: PO Box 12002,
holder_addr_citycountry: PALMERSTON NORTH, NEW ZEALAND
technical_contact: InSPire Net Limited
technical_contact_phone: +64 6 357 8559
technical_contact_fax: +64 6 353 1154
technical_contact_email: domains@inspire.net.nz
technical_contact_address_line_1: PO Box 4387
technical_contact_address_line_2: Palmerston North
ns_name_1: ns2.inspire.net.nz
ns_ip_1: 203.79.89.3
ns_name_2: ns1.inspire.net.nz
ns_ip_2: 203.79.89.2
The information regarding freelance.docspages.com is: Administrative Contact:
NOC NOC
PO Box 11289
Zephyr Cove
NV US
89448
noc@ideaflood.com
Phone: 7755887862
Fax: 7755887823
Technical Contact:
NOC NOC
PO Box 11289
Zephyr Cove
NV US
89448
noc@ideaflood.com
Phone: 7755887862
Fax: 7755887823
Billing Contact:
NOC NOC
PO Box 11289
Zephyr Cove
NV US
89448
noc@ideaflood.com
Phone: 7755887862
Fax: 7755887823
-------- REPLY, Original message follows --------
Date: Thursday, 25-Jul-02 03:41 AM
From: Phil Moss \ Internet: (philmoss@phat.co.nz)
To: Kevin Moore \ Internet: (talinom@myisp.net)
Subject: hey!
Hi there,
How's it going?
If you need help with your last project (or have some free time and want to pick up some freelance work) check out http://freelance.docspages.com
Hope this info could be useful to you:-)
Sincerely,
Phil Moss
**This email is intended exclusively for the addressee(s) named above and may contain privileged and confidential information. If you are not (among) the intended recipient(s), you may not copy, utilize or distribute any of the information contained herein. If you have received this email in error, please notify us immediately via return email and delete the original from your mailbox. Thank you.
-------- REPLY, End of original message --------
Spammers, Read This! (Score:3, Interesting)
It's only a matter of time before legislation similar to this gets passed by Congress targeting unsolicited e-mail advertisements (AP writes an article about the problems of spam, it's an election year... you do the math). Change your line of business soon, unless you want to see if you can break that record...