Confession For Two: A Spammer Spills it All 389
defender writes "Rejo Zenger, well known Dutch anti-spam activist, recently had a very frank talk with a (now retired) spammer. He got information as to how and why S. Pammer started, where and why he was kicked out, who helped him get his bulletproof hosting, his open proxy mailings etc. It gives a nice and concise view of what the costs for a smalltime spammer are. About 200 Euros for the hosting and ability to spam at least half a million addresses (in a months time). That's for a turnover of 6 times and a net profit of well over twice those initial spam-related costs. Complete with screenshots, of course."
Comment removed (Score:5, Interesting)
Re:Green Economics and the Net (Score:4, Insightful)
Re:Green Economics and the Net (Score:5, Interesting)
Maybe we should treat other economic bads (e.g., pollution) in such a way: subsidize the non-production thereof.
Re:Green Economics and the Net (Score:3, Interesting)
Taxing excessive pollution is rather common in Europe. Unfortunately actually paying people for doing the opposite is not
Re:Green Economics and the Net (Score:3, Insightful)
Classic prisoner's dilemma (Score:5, Insightful)
If no one behaves, it's useless.
But if most behave, a few have a huge incentive to misbehave.
They key is to increase the penalties for misbehaving so that there is no incentive.
Re: (Score:3, Funny)
Re:Classic prisoner's dilemma (Score:4, Insightful)
IMHO, it would only take three or four spammers being found beaten to death in an alleyway somewhere, to scare off the majority of the Ralskys of the world. That would just leave the serious mafia types, and getting rid of them would be very tricky..
This would only escalate violent methods. The big spammers who make the serious buck would just hire bodyguards, personal guards or would be compelled to make deals with actual organized crime. The guy in this story was a small timer and stopped after a while. But if there were angry people on the streets ready to beat him up maybe that would've prompted him to look up the local gangs or mobsters and pay a protection fee. Now where would that go next?
The secret to stopping spam (Score:3, Insightful)
Re:Classic prisoner's dilemma (Score:3, Insightful)
Re:Classic prisoner's dilemma (Score:3, Interesting)
Am I the only one who thinks your avereage spammer could take 3 or 4 average slashdot dweebs on at a time?
Anytime there's a story about spammers, there's unending comments about how somebody is going to kill them/kick their ass.
I've met spammers and I've met Slashdot nerds, and I think you guys (slashdot nerds) are in trouble.
Re:Classic prisoner's dilemma (Score:5, Insightful)
You are assuming that most people make rational decisions when deciding if some thing is "worth the risk". If you try and compensate for a low risk of getting caught by increasing the punishment then people will just think that they will never get caught. Its called "personal positive bias", similar to the way people play in the lottery even though it isn't strictly speaking "worth it".
Re:Green Economics and the Net (Score:2)
Re:Green Economics and the Net (Score:5, Interesting)
My favorite alternative to replacing SMTP is to adjust the penalty for activities like this guy S.Pammer to be "head mounted on a stick". There is lots of data that says that a majorit of all spam is sent by the top 200 spammers; kill them all in greusome ways, and they are unlikely to have followers :-)
Crispin
----
Crispin Cowan, Ph.D.
CTO, Immunix Inc. [immunix.com]
Re:"Nothing comes from violence..." (Score:5, Interesting)
> You can't even be vaguely serious with what you are saying.
I'm not the OP, but as someone who's called for spammer abuse on so many occasions I feel totally qualified to reply. Do I frequently shout "death to spammers!" and imagine Scott Richter being serially molested by the '76 Raiders? Yes. If I had Alan Ralsky tied in front of me with a bat in my hand, would I cave his skull in? Of course not.
But I'd sure think about it.
And, depending on the state of my inbox that morning, he might walk out with a severe limp.
I'm not a violent person, but spammers sure bring out the black thoughts in me. Why? Because at the core of it they're just *rude*, and that's maddening to me. Imagine this dialogue...
"I am a spammer. I will clog inboxes, I will waste the bandwidth of countless ISP's, and I will force countless thousands of dollars to be spent on support that could be easily avoided. I will send pornography to children, I will taunt truly lonely people by making them think that they have a secret admirer, and I will help people in dire financial straits sink further into debt by promising them spectacular returns on garbage investments. I know that my messages are unwanted, as evidenced by the elaborate and unethical means by which I operate, but I will send them anyway. When I press this button I will harass, inconvenience, and annoy literally millions of people. With each email I send, I confirm that for a few dollars in my pocket I will rob countless others of their time, their money, and the promise of what the net used to be. But I am a spammer, I am an asshole, and I don't care."
Now imagine that coming out of Ralsky's smug face as he stands in his mansion.
And imagine that bat in your hand.
You don't want to swing? Not even a little?
Re:Green Economics and the Net (Score:5, Interesting)
I am pleased however that more proactive steps are being taken by organisations such as Spamhaus [spamhaus.org] in addressing the problem by both a technology and policy driven approach in combatting the problem. And that more prosecutions are happening. But I don't see the tide being turned anytime soon.
As for the internet dying, I don't see it. There is now to much commercial interest in it for corporations to sit idly by and do nothing about SPAM and other problems we encounter on the internet. Even our governments misguided steps at regulation, show that the internet is here to stay. It may transform in the future but I don't see it dying just yet.
Re:Green Economics and the Net (Score:3)
This is the most civilized way of handling any annoying situation:
1) Confront the annoying person directly, and politely.
2) If 1) fails, inform his superiors or some authority that can punish him for his misdeeds.
3) If 2) fails, try again.
4) If 3) fails, inform said authorities that if they cannot deal with the problem properly, you will take matters into your own hands since they are clearly not doing their jobs.
5) If 4) fails, bury the fucke
Re:Green Economics and the Net (Score:3, Insightful)
I get my email bounced sometimes because AOL and some other ISPs have blacklisted mine; meanwhile I still get tons of spam. So I'm getting screwed by both the spammers and anti-spammers.
Re:Green Economics and the Net (Score:4, Insightful)
As current events go, I can quite easily and unreasonably extend this analogy to the actions of coalition forces in Iraq, with such things as prisoner abuse. But I suppose we shouldn't go there. I better not as I wouldn't want to be labelled as a troll.
Re:Green Economics and the Net (Score:3, Insightful)
So ISPs that allow criminal activities on their network shouldn't have to accept the consequences of their actions, that being that no legitimate networks want their traffic?
As current events go, I can quite easily and unreasonably extend this analogy to the actions of coalition forces in Iraq,
Re:Green Economics and the Net (Score:5, Insightful)
Okay. Let's take a hypothetical ISP, we'll call it "Vertigo" or "Qworst" or "SpewYou Net", doesn't really matter. They allow their customers to engage in unethical, criminal activities. Not only do they let their customers spam, but they also allow their customers to use proxy hijacking to illegally hide the true location of their webservers by using hijacked machines as web proxies. They let their customers engage in DDoS attacks against anti-spam websites without action. They are openly abusive toward people who report the abusive activities of their customers, to the point of threatening lawsuits.
Now lets say that an organization -- an anonymous organization -- publishes a list of known crime-ridden ISPs run by corrupt management. They support the claims of the list with documentation of the criminal activities of the ISP's customers. This list is then used by responsible ISPs to block all traffic from the crime-ridden ISPs, since the ISPs who voluntarily use these lists have decided that they do not want to trade packets with known criminals.
Now let's say that you are a "legitimate" customer of SpewYou Net (now WorldCon). You're not actually doing anything unethical, you just happen to be giving money to a company that openly enables criminal activities in exchange for network space. Unfortunately, you discover that -- because your ISP has allowed their IP space to become a cesspit -- no one wants to trade packets with you.
Who is at fault here? The people who compiled the list of IP addresses owned by crime-friendly ISPs, the ISPs that voluntarily choose to reject your packets, or your ISP for allowing the netspace that they rent to you to become so undesirable to the outside world?
I agree that it's unethical to allow antispam activities that cause harm to third parties. I'm just a little better at assigning appropriate blame.
Re:Green Economics and the Net (Score:5, Insightful)
The problem with spam is it's much harder to catch spammers than illegally polluting factories where disgruntled workers, regular inspections and so on can be used for enforcement. Spammers are hard to catch since they operate through intermediaries in other countries and fly beneath the radar, and because the legal tools to fight spam have been very slow to catch up. And there need to be government organizations dedicated to tracking down and prosecuting spammers, like there are for polluters.
Re:Green Economics and the Net (Score:3, Insightful)
either we WANT a system that is monitored and every packed is tracked (ala big brother, 1984, the current US DMCA-Patriot Act version of things) OR we must create a self-managing system that provides accountability and protection from fraud.
spamhaus seems to be a step in the right direction, but the direction that microsoft and the various big companies seem to
Re:Green Economics and the Net (Score:3, Insightful)
Re:Green Economics and the Net (Score:4, Insightful)
of course every american isn't the same, but every american isn't in control of the largest military force the planet has ever seen either
Re:Mr. Bw, (Score:3, Interesting)
I haven't looked at the site. But the world needs a good way of accounting for 'unrealized externalities' in a reasonable way. That's the way to manage the environment and keep capitalism around at the same time.
I think this is, in general, a really hard problem. Partly because sometimes, we don't understand the costs of some activities until they've been going on for a long time. Like DDT, for example. It seems like a wonderful pesticide, and we used it for years before it became clear that it had an
Re:Green Economics and the Net (Score:5, Insightful)
Not in my case; I don't pay extra to receive telemarketing calls or junk mail. Nor does the telephone company or post office block my driveway so I cannot drive to work in the morning. However, spammers have hit my mail server so hard that it cut off my connection to the outside world, preventing me from working from home.
When a spammer takes advantage of a poorly secured system belonging to another person without permission and forges the e-mail addresses of other innocent people not involved in spamming, I will use the word "criminal". I know of no better way to summarize fraud, theft, and trespass.
When I write free software and distribute it for free (with my e-mail address in the documentation so people can contact me or know that I contributed to the project) and I receive spam, how does your argument make sense? There are hundreds of thousands of computers with my e-mail address stored in credits files somewhere; how does this keep the Internet free?
Re:Green Economics and the Net (Score:4, Informative)
Nope, it's the other way around. Bulk snail costs the postal service very little to process. It's delivered to the sending post office sorted by zip code and pre-coded; basically, all the system has to do is truck it where it's going and put it in the right bag. Your last birthday card, on the other hand, had to be picked up from the snailbox by a carrier, its address deciphered, bar-coded, sorted by destination, etc. For doing all of that, basically everything but the hauling and final delivery, they get a discount of a whopping six cents -- 30.9 cents instead of 37 cents. Bulk mail supports first class, not the other way around.
Re:Green Economics and the Net (Score:3, Informative)
Actually, that is incorrect [usps.gov]. First class is low volume and collected in many places. Bulk mailings are high volume and usually collected at either one location or several locations regionally (like national periodicals). Bulk mailings for the USPS must meet strict guidelines. The more guidelines a mailing meet
Spam is not Destructive? Bull... (Score:5, Insightful)
I never asked for spam, I never asked for my email to be used as a forged address (a recent development, so now I get complaints and counter spam too). Also I've never bought from a spammer.
These people ARE NOT direct marketers, they are CROOKS, using the bandwidth -I- pay for, to harrass me with things I do not want. And I have no real legal recourse to stopping them because I can afford to sue these hundreds of people. (If I could even find out who most of them were).
And again, please do not tell me they are not doing me any harm while I'm receiving spam complaint messages because some BUTTWIPE is forging my email address on their messages. It's no fun looking at having to change an email address that you've used for almost a decade, and all the associated grief that causes.
Re:Spam is not Destructive? Bull... (Score:4, Insightful)
However it is illegal to randomly call people (becouse you might get a cell phone and then they pay for the call) but spammers do exactly that (often knowing they are getting a cell phone, the person is paying for it and maybe even knowing exactly how much they pay per e-mail or SMS)
Your not allowed to telemarket to a persons place of work but there again spammers clog work e-mail often quite aware the address is for costummers.
Spammers will always do exactly what is illegal in the marketing counterpart.
Why? Becouse spam isn't restricted. It's illegal for amature radio to relay marketting messages as such your no longer able to have your internet e-mail over amature radio as ONE spam message would put a whole bunch of people at risk.
Telemarketing, junk mail, signs and billboards all have laws restricting what you can say where you can say it and when you can say it.
In every case if someone dosen't want you advertsing to them you are legally bond to STOP and should you ever sell a list of "confermed contacts"(people who said "leave me alone") you are in some deep doodoo.
Unless you use spam. With spam all thies things are everyday business. You can adevertise services you can't provide just to collect names. You can misrepresent yourself in every way.
To me it's a close race between spam and those wonderful "free seminars" but spam wins and the worse scum.
No matter what you never have to actually READ the whole spam and no matter how high pressure it is spam will never be as bad as seminars in high presure sales.
However seminars pay through the nose to set up shop and the junk mail they send out is applicable to all those wonderful laws spammers can ignore.
and with spam the receptiant pays (directly in some cases) clogs up everything and almost never anything you'd ever want.
All time favoret spam: Tech support services junk mail sent to a Linux admin list.
With the ecconomy the way it is remind a whole bunch of admin they can be cheaply and easly replaced what a smart thing to do and a way to NOT get mugged at night by a certen geek who can't get an admin job so he works as a night watchmen and tends to rant on slashdot...
I'll shut up now.....
Re: Direct mail is not Destructive? Bull... (Score:5, Interesting)
The cost of sending snail mail keeps it to a reasonable level. It also means that it is generally very tightly targeted. For example, I subscribe to a gardening magazine, so I get seed catalogs. I do not even have a penis, so I have very little use for penis enlargement pills, let alone fake Viagra and pictures of naked women (with or without horses involved). But because there is effectively no cost to the spammer, I am bombarded with advertisements for all of the above.
Re: Direct mail is not Destructive? Bull... (Score:3, Funny)
Dumbass.
smash.
Re: Direct mail is not Destructive? Bull... (Score:3, Insightful)
I pay for traffic.
80% of my traffic is mail.
50% of my mail is spam.
Therefore, 40% of my bandwidth costs are spam.
Comprende?
smash.
Re: Direct mail is not Destructive? Bull... (Score:4, Interesting)
a. not forge addresses and headers
b. not repeatedly try to get around the filters that those of us who don't want spam set up.
However, my oppinion on all direct marketting is that it should be banned - it is intrusive, I never asked for it and no matter how many times you ask the marketters not to contact you they still do. I make a point of never buying anything from anyone who has tried to direct market to me. I wonder if anyone has done any research on how many customers companies lose through direct marketting (obviously it's offset by the morons who respond to the marketting but I'd still be interested to see the results of such research).
Most of the direct marketting I receive is completely untargetted:
Mailshots - I get both junk addressed to me (even though I'm registered on the Mail Preference Service) and stuff hand delivered (no, oddly I'm not interested in selling my house... especially since there is a bloody "sold" sign outside indicating that I only just bought the place)
Telemarketting - luckilly most of the telemarketters actually take notice of the Telephone Preference Service register and I don't get too many of these... I still occasionally get cellphone companies phoning my cellphone (which is still on contract - I can't change provider for another 10 months) asking if I want to switch provider.
Spam - oddly enough I'm not interested in making my pen!5 big.g3r - it's just fine as it is thank you.
SMS spam - all those people who claim that charging per email would prevent email spam take your lessons from SMS spam - the operators pay per message there and there is still a huge amount of untargetted crap delivered to my phone even though it's been illegal since December 11th last year. The messages also usually arrive in the middle of the night and wake me up (I have to have my phone turned on when I'm on call)
I am also having problems with the reverse-billed SMS services - technically you have to subscribe to them, but I have never subscribed but have been receiving reverse billed SMS messages. My operator won't do anything about it and tell me I have to contact the company sending the messages (who never answer their phone), so instead I have to contact ICSTIS, who's phones are always busy. Orange have told me there is no way for me to block reverse billed SMS messages and that if I refuse the pay the bill then they will cancel both my handsets and record a bad debt on my credit record. Nice industry - I hate them more than the email spammers.
Re:Green Economics and the Net (Score:5, Insightful)
With the minor exception that direct marketting postal mail generally doesn't come "postage due," and telemarketers usually don't call collect. With spam, significant cost is incurred by those receiving the spam--more so, in fact, than it costs to send it in the first place.
There is no real comparision between traditional forms of direct marketting and spam. A far better example is unsolicitied advertisements sent to your fax machine (which, by the way, is illegal.)
Re:Green Economics and the Net (Score:3, Informative)
Where does that residential user's ISP get the money to buy the hardware and bandwidth to handle all that spam? The 4 out of 5 emails that their customers would do anything to avoid? Someone has to pay for it. Two words: end users. Just because you don't pay per GB for bandwidth doesn't mean you're not paying for it. It all gets worked into the monthly bill.
Re:Green Economics and the Net (Score:4, Interesting)
Marketing email directly from a company I do business with is one thing (acceptable, if annoying). Crap for viagra, home mortages, etc. is another. Most of the spam is very misleading anyway, and targetted towards old people that are easily manipulated (e.g. the mortage spams with the 'I spoke with you this morning' headers). That's borderline.
The crap with the viruses setting up spam relays is criminal.
If only that worked. Unfortunately, simply for the fact that I run a few domains and actually find it helpful for people to be able to contact me without unraveling a mangled email address (hence, I put my email up) - it gets harvested and abused. I can turn off the TV if it annoys me (actually don't currently own one) - I can't turn off the spam w/o loosing my business communication.
I've never bought something from spam, nor do they even get the satisfaction of those stupid image-link bugs getting pinged. Unfortunately, I can't stop the people they take advantage of from falling for their scams, any more than I can make the Citibank phishing expedition and Nigerian 419 scams unprofitable.
About 20 spam/day make it through the filter right now, with another 50 or so going to the spam bin. I get 5-10 legit emails per day. Bayesian filtering is dead now with the random garbage-spewers, so I need to test and install another solution on the server end (until the last 6 months or so, client filtering worked best for me - now it sucks ass). My life shouldn't revolve around dealing with spam. But I'm going to need to spend time on it anyway now.
Since I haven't spent much time on it, it *has* cost me more than time. I had a contract offer go into my spam bin, because the random words horked the bayesian filtering so badly. It wasn't the only false positive I've had, but it's the first time the delay before cleaning the spam bin cost me something - a contract. That just sucks.
It's criminal because... (Score:3, Interesting)
the internet survived just fine for a long time without spam. to say spam subsidizes the internet is bullshit -- it raises the costs for everyone and thus makes the internet more expensive, not less. spam isn't a subsidy -- it's a tariff.
spam is destructive because of innocent third parties who are destroyed in the wake of these miscreants sending out their get-rich-schemes and penis p
Re:Green Economics and the Net (Score:5, Insightful)
Actually, I would argue that using an open mail relay without concent of the owner of the system it runs on is a criminal act. You have no right to use a system someone else owns without their consent, and if you do so, that is a criminal act. In fact, that defines a great number of criminal acts, appropriating someone else's property for your own use. Be it computational resource or physical one, it is still criminal.
Previously, spammers just used an insecure mail exchange that someone else used, abusing the system. Now, they have worms hack into unsuspecting systems and set up mail relays of their own. These two relays are fundamentally the same.
The only way this would be identical to direct mailing or telemarketing is if, god forbid, they ran their own servers and sent their massive spam blasts. If they did this, then it would not be a criminal act. They won't, however, because that would mean that it would be trivial for most people not wanting spam to blacklist their servers.
I don't believe that "Internet Direct Marketing" can work. Think about it. Many people don't like direct marketing tactics. It's crap in the mailbox that goes right in the garbage. Many many people do not like telemarketing, so much that the telemarketing industry fought tooth and nail to prevent the one tool that could punish and block their attempts to push random promotions onto the masses. Spamming is the same tactic in a new medium, except that unlike direct mail and telemarketing, it uses YOUR resources reguardless if you read the email or not (pick up the phone, open the direct mailer) and you have the potential for much more control over rejecting all kinds of spam at once, and the spammers cannot handle that.
Re:Green Economics and the Net (Score:3, Interesting)
I completely agree. My post was referring to spammers who are following the letter of t
Re:Green Economics and the Net (Score:5, Insightful)
Yes, they do. For awhile, I sent spam complaints from an address used for no other purposes - spamcomplaint@ (my domain). That address now receives spam. They havested the address that I used to send complaints about spam, and they use it to send more spam.
What we really need is a registry of spam-unfriendly email addresses.
Spammers have been known to trade lists of known anti-spammers, known spam-trap addresses, and such. Some of my addresses have (correctly) been on those lists. It doesn't seem to lower the spam, though.
Your basic idea is to create a one-stop "do not spam" list. That's been tried by spammers, by anti-spammers, and even the FTC can see that it won't be effective. You, of course, believe this to be a new concept - but that doesn't change facts.
They're not evil.
Yes, they are. That's why I get bounces because they forge my addresses. Almost all spam is sent using forged addresses because these people are dishonest, unwilling to admit who they are, unwilling to deal with the bounces they cause, unwilling to pay their own bandwidth costs. They don't give a shit if they ruin email for everyone else. They'll do anything they can if they think it *might* get them what they want. Just like a rapists decides that he doesn't care if the woman doesn't want to have sex, he does it anyway to get what he wants. Just like a thief doesn't care that he's screwing some honest citizen when he robs them - as long as he gets what he wants. And just like the rapist and the thief, the spammers are evil, out to get what they want, regardless of the damage it does to others.
Re:Green Economics and the Net (Score:3, Insightful)
You're right. Some of them are just too damn stupid to understand that what they are doing is stealing. They're mentally incompetent. I guess that they should be instutionalized rather than jailed.
Re:Green Economics and the Net (Score:5, Interesting)
Spam is fundamentally identical to telemarketing and direct postal mail.
Spam is nothing like telemarketing or direct postal mail. It is fundamentally identical to telemarketing to your cell phone where you have to pay for airtime. It is telemarketers calling collect and no option to hang up, postage due junk mail with no choice to refuse to pay.
The money telemarketers pay for those calls goes to the companies that carry the network traffic, namely the local and/or long distance phone companies. The telemarketer pays for the network resources they use.
The cost of handling bulk mail is less than what the Post Office charges to send it. The profits the Post Office makes from the bulk mailers pay for the hardspace "network" resources for everyone else.
Spammers do not pay for the resources they use. I've seen recent figures as high as 4 out of 5 emails sent are spam. To look at it another way, this means that if your ISP allocates $10,000 of their revenues to buy some new mailservers, then you, their customer, are only getting the benefit of $2,000 worth of new hardware; the other $8,000 is spent to deliver spam. Since that money is coming from you and other subscribers, then your ISP either has to raise your rates or not give you the increase in service they otherwise would have. If $1 a month out of your bill goes for hardware upgrades, you're getting 20 cents worth and the rest is going to deliver spam.
Spam in no way subsidizes the Internet. The spammers are not paying for the resources they use. They are forcing other people to pay to handle traffic that they do not want. They are forcing every ISP out there, from the big backbone providers to SouthPodunkNet, to shoulder the cost of their advertising. The only money a spammer pays to actually support the network is the cost of a cheap dialup account somewhere. All the rest is paid to other scum for things like lists of email addresses, access to innocent people's hijacked computers, etc. But he is using 10^6 or more of the network resources as everyone else.
When you give your email to a website operator, and that website operator sells it, that money is what keeps your content cheap or free.
Very, very, very few addresses used for spam are those given voluntarily to a website operator. In fact, out of the hundreds of email addresses I've used with various websites and companies, I've gotten spam at exactly one: the one I gave to iBill. The vast majority of addresses used by spammers are extracted from web pages, forum posts, domain registration information, and just about anywhere else.
I watch spammers' spiders scanning domains that I host
Then there are the dictionary spams. Some hijacked computers in Brazil have been bombarding one of my domains all day with spam to random non-existant addresses, trying to find some that get through. People who don't even exist certainly didn't give their email addresses to anyone!
As it happens, I'm the webmaster as well as host for a site with a fair bit of free content, so I think I am in a position to know something of the economics of it. It works like this:
Neither I nor my client has ever received a single penny from a spammer. This particular client happens to have a mailing list (extremely opt-in, and protected like the vault at Fort Knox) for a newsletter. If he should wish to sell it to a spam list vendor, just how much would a list of under a hu
Wrong, fucktard. (Score:5, Insightful)
And secondly, spammers never had to pay for the download bandwidth. Imagine if the post office made you pay half postage for every single letter you recived, and someone sent you 10,000 messages. Your choices is either paying thousands of dolars, or forgetting about ever getting postal mail again.
But this is exactly what happend. A mailbox full of spam for a dialup user meant wasted modem time, which whent for as much as $2.95 an hour.
know you don't want to believe that, but it's true. When you give your email to a website operator, and that website operator sells it, that money is what keeps your content cheap or free.
I've never given my email address to a website tht sold it (with the exception being the LA times. But by then I was smart enough to use unique addresses for everything, and all the mail from them gets deleted automaticaly).
Most websites make money by advertizing, not by selling information. On my website, I advertize various pay services, and when the small persentage of people intrested in that service buy something, I get a cut. Some services work pay per click, or by impressions.
Thats the way the vast majority of websites make money. Anyone selling email addresses should be shot.
Wrong (Score:3, Interesting)
And how about that operator being honest and upfront about their selling emails to spammers? Chances are I wouldn't want their content in the first place.
When did it become anything else but fraud to lie about the costs to your customers?
What these fucktards are doing is no less than if I were to advertise "FREE pens!!!" But once you got one, I start showing up at your
just what we need... (Score:5, Funny)
Net profit? (Score:5, Funny)
Re:Net profit? (Score:3, Insightful)
A few big ones, many small wannabees (Score:5, Interesting)
The other people who make money, of course, are the people selling the Herbal Fake Viagra or whatever the product of the week is, because their costs are significantly less than what they're paying the spammers that sell it. Mortgage brokers who pay spammers for leads may be winning or losing - spammer-generated leads are likely to be low quality. Pr0n sites sometimes make money and sometimes lose it - they have to generate enough material to get people to actually pay them rather than just looking at the free sample material, and ISPs often charge them more because they're a high-bandwidth business that's highly likely to fail.
So for a month's worth of work... (Score:5, Insightful)
Job Paying $8/hr * 40/hrs week = $1280 or about $1,000 after taxes, that's the average rate of your Starbucks Coffee guy in the United states, and the money is legit!
Mid level computer programmer (or someone like me) = $50k/year or $3,000/month after taxes.
In short it's getting pretty damn tough for the Spammers I see. The harder we make it, and pretty soon Spamming will just be unprofitable I hope. In the meantime my advice to this spammer = get a real job...even Starbucks Coffee guy is better than what you're doing.
Re:So for a month's worth of work... (Score:2)
Re:So for a month's worth of work... (Score:2)
Re:So for a month's worth of work... (Score:3, Interesting)
I think that its an established fact that there is an endless stream of suckers.
Re:So for a month's worth of work... (Score:5, Informative)
I really can't see why anyone would bother...
Re:So for a month's worth of work... (Score:2)
If you can run this for 2 hours an evening 8 times a month, $650 or $500 Euros doesn't seem so bad... Pardon me if I missed it in the article, but he only did runs every few days, and then he paid his housemates to pack em. It doesn't seem like a business that scales, but it's decent pocket change.
Re:So for a month's worth of work... (Score:2)
you know what's the sad thing? for him it would make perfect sense to just send 10x the emails for 10x profit!
Make it even less profitable (Score:3, Insightful)
Look at all the pages.
Maybe do a wget websuck to
Look for Contact forms, and fill them out.
If it is a Mortgage scam, fill out the forms with random stuff, or put in the name and addresses of known spammers.
Same for the car lookup stuff (How in the world do they make money?)
Keep them busy and waste their time.
If everyone who received a spam visited the site just once I doubt they would be able to afford the bandwidth.
And, just an afterthought on a different note, do most spamme
Re:So for a month's worth of work... (Score:2, Informative)
$8/hr * 40hrs/week * 4weeks/month = $1280. Happy now
Impulse purchases (Score:5, Funny)
And I'd have thought they'd engage in long, thoughtful consideration before trying an experimental manhood-enhancing product, mortgaging their home, choosing a Third World bride, or deciding which bestiality DVD set to purchase?
Re:Impulse purchases (Score:3, Interesting)
Manhood enhancing product: Hopefully the end result of a disastrous manhood enhancing products is the destroyed ability to procreate, so spam customers can't begat more spam customers, W00T!!!
Mortaging their home on impules: Worst case scenario their home is repo'd, gets harder to fall for spams when you don't have a home to check your email for spams in.
Third world bride: Oh dear god don't go there on impulse buying a woman...*shudde
Re:Impulse purchases (Score:3, Funny)
I know I would have...
From the article:
"The tins of meat are bought at a Dutch importer, who in turn buys them from a Belgium importer who buys them in the former Sovjet Union."
It seems like spam (Score:5, Insightful)
On a side note, it is kind of interesting the comment about bounced mails. My university disabled my account(because they thought I was no longer a student, even though I was) for about 2 months. As soon as I got it re-activated, the spam started flowing in like water again. Amazing.
Re:It seems like spam (Score:5, Interesting)
I can see it now (Score:2, Interesting)
Should make the NY Times Bestseller list in a matter of days along with a few more Euros.
Not funny, and likely to happen.
Re:I can see it now (Score:5, Interesting)
Remember, the book wouldn't have to actually be accurate in order to sell - it would just need to promise to tell readers what they need to know in order to spam effectively.
In fact, the book could quite easily lead prospective spammers down a route that will get them quikcly caught and shut off...
The book could make a lot of money from people who want to spam their way to riches _and_ help to make sure that such people get identified and stamped on early in their (hopefully short) careers.
Hmm, better that I make the money with a fake spamming guide than some real spamming expert...
Would it be wrong to scam people who want to become spammers?
Dan.
Baiting? (Score:5, Interesting)
Would it be possible to set up to send spam through one of those sites to numerous address you set up? Then, after you recieve the spam, you could block those proxies(being relatively certain that they're zombified machines)
Yes, you would have to spend a bit of cash up front, but it seems (at least in principle) to be a fairly accurate way to find spam relays.
My $0.02..
Re:Baiting? (Score:5, Insightful)
The problem is what you're willing to give up. Some servers are probably used for nothing but spam, but what about the other servers. What about the servers that belong to small ISPs, hosting companies (which might be used for MANY businesses), etc? Are you willing to assume all that is spam too? You might lose a decent number of ham messages that way.
But you could definatly use it as another input to a spamassassin type filter.
Re:Baiting? (Score:3, Interesting)
1) Your single message may only go out through one or two proxies. Remember that the spammer you hire has other jobs running, and has many choices as to how to distribute the load.
2) Spam proxies are generally short-lived or part of a dynamic pool of addresses that it might not be appropriate to block. Some are also just corporate machines that were poorly administered (open relays). You may inadvertantly block regular people from getting email to you.
3) It would be easier to just buy a
Speaking of the subject of spam... (Score:5, Funny)
"For a low, low fee I can show you the best software site on the internet, everything from operating systems, to office suites, to graphics programs can be yours for free. Yes the sourceforge is a wonderful place. To find out, please send CowboyNeal your first born."
"Mic.ro sofT Sof1w.are cheap!" emails (Score:3, Interesting)
Not a true example? (Score:4, Interesting)
Shouldn't he be selling more products, ie he paid EURO$388 for the CDs, he should have used the same CDs for many more products at once, and each of them will guarantee the same readership of 30%.
The real money... (Score:5, Interesting)
Seriously, it would be trivial to write a script to generate e-mail adresses (actual reachability is a moot point). All you would need is a list of registered DNS names with mx records, and a list of names (nationality doesn't matter either: as many nationalities as possible). Then just run through the common variables
firstname.lastname@mx.tld
lastname.firstinitia
first6charsoflastname.firstinitial@mx.tl
and so on....
Costs to burn the CD
Yup, that's where the real money is....
Re:The real money... (Score:3, Funny)
Production? Seems like you could do it even easier: just buy some other spammer's CD, then redistribute it yourself. What's the original producer gonna do...sue?
Re:The real money... (Score:5, Funny)
Yeah, you're right, people who engage in illegal trades never have any way to get at people who shaft them because what they do is illegal and they can't go to court.
That's why I always steal from drug dealers and money launderers...
Dan.
Re:The real money... (Score:3, Funny)
now, I'd rather spend that 300$ on booze while doing the script to generate the names..
Re:The real money... (Score:3, Informative)
When you say actual reachability is a moot point you're completely wrong. Actual reachability is a very important point.
If a spammer knows that an address is good, that the person on the receiving end reads the messages, and that they're generally interested in the kind of product being pitched, they'll pay a lot more.
If a spammer doesn't know anything about
It looks like S Pammer has met his match (Score:4, Funny)
Link [yahoo.com]
Fscking God! (Score:4, Insightful)
Would somebody PLEASE just kill those fuckers?
To sell such a program should be considered a crime for itself!
And have a look at the testimonials... Gosh... we are doomed.
Re:Fscking God! (Score:5, Funny)
send-safe.com email addresses and custumer support (Score:3, Informative)
techsupport@send-safe.com
orders@send-safe.com
For pre-sale only questions please call 813-747-9677.
heh heh heh, not for "pre-sale only" anymore.
Re:Fscking God! (Score:5, Informative)
Okay, who owns send-safe.com?Gah! The Russian Mob! Well, I'm all for killing spammers, but in SOVIET RUSSIA spammer kills YOU!
Okay, who owns that netblock?Canadians! Back-bacon eating, toque-wearing, Stanley-Cup-losing Canadians. I'd rather take on 25,000,000 Canadians any day than mess with the Russkie Mafia.
Now, who hosts www.send-safe.com?Hmmm...I knew UUNET would pop up somewhere. There are a couple of MTI Software results on Google; one sells support and service for OpenVMS systems, the other sells bulk e-mail software. I think it's the latter...Florida. It figures. First in spam, first in hanging chads, first in the hearts of the nation.
So, to sum up, we have an Axis of Evil: Russians, Canadians, and Floridians, all conspiring to deploy Weapons of Mass E-mail Destruction. Gimme a couple of days to throw together a Powerpoint presentation for the UN Security Council and maybe we can get a posse...err, a coalition together.
k.
You can download their programs free (Score:4, Interesting)
why oh why (Score:2, Interesting)
whose with me? we'll set up some fake wired interview, and just beat them down, hoping they go tell the tale of horror to all of their buddies.
private funding sent a passenger jet in to near-orbit for a little bit over 20 million. i'll do this for 10 m
213.10.. (Score:3, Interesting)
i'm banning 213.10.0.0/16
-jk
also.. from reading this article.. (Score:4, Insightful)
he used all 'download and run' services, he built nothing himself.
I think the real money being made here is providing these programs and websites for them to use and also the lists.
This is interesting stuff to consider and would make an interesting business model to create spamware for the spammers and then feed the data to places like spamhaus etc.
So he's a bad person and a bad businessman (Score:4, Insightful)
Seriously, just off the top of my head I can think of one much-needed business in my (very small) local town that this spammer guy could set-up and he'd make 10x what he made from spamming. Oh and I've just thought of another one.
The world is full of money-making opportunities if you stop thinking about money and start thinking about what people *want* and what useful products and services you can provide. I'm pretty sure you'll find that those opportunities are more profitable than all but the most serious financial crimes.
On second thoughts (retraction) (Score:3, Interesting)
Unfortunately (Score:4, Insightful)
I'm no fan of Microsoft, but their efforts -- coupled with whatever other "standard(s)" are incorporated will go a long way to squelching the issue in short order. Yeah, like many of you I'm sitting here waiting for the "right" standard to catch and implement it into my Linux & BSD servers (and soon to be OS X running the same software
TODAY by simply blocking IP's (spam me once from any IP and that IP will never talk to me again, rule #1
Caller-ID email added into the mix and I could whack 'em and stack 'em even faster -- so it will be on par with the number of soliciting phone calls I get [one maybe every six months
Honey Pot Hunter?!?!? (Score:4, Informative)
screenshot [zenger.nl]
It seems to me that there is some level of sophisitication to these spammer sites. I'm guessing they are really ripping off the poor shmucks who sign up.
Polluting Spammers Email lists (Score:5, Insightful)
I wonder if we could kill two birds with one stone. Littering the web with dummy e-mail addresses that include the domains of spam-supported sites. That way, the sites become overwhelmed by inbound mail traffic. It would be a version of this [hostedscripts.com] or, better yet, this [armchairgenerals.com] using real domains of spam-using sites (from a blacklist service). E-mail addys such as sdadhja@viagraspammer.com, eywheh@viagraspammer.com, wywhdi@viagraspammer.com would both cost the spammer and the site that is using spam.
my problem with spammers.. (Score:3, Interesting)
Its kinda like faking where a letter is sent from and who you are at a bank. Its forgery, and fraud. Personally I think people that do this that get caught should end up in jail or shot.
Re:my problem with spammers.. (Score:3, Interesting)
I recently told Postfix to reject any SMTP session that start with "HELO $foo", where $foo is my public IP (I'm behind a NAT) or my domain name or any hosts in the domain, and the source is not in fact a machine on my LAN (or someone using authenticated SMTP to send an outbound message). I've also started rejecting all email that fails SPF - that is, email that specifically violates the alleged sending domai
Next time I hear about a spammer spilling his guts (Score:5, Funny)
The next time I hear about a spammer spilling his guts, I expect *real* guts from a real spammer.
Oh yeah, screenshots included !
Why dont law enforcement agencies run honeypots? (Score:3, Interesting)
Leave it going for a while and from there, trace back to the spammers themselves via the logs.
No, no, do NOT put executable code in DNS (Score:3, Insightful)
Re:Is the spammer really selling 'Spam'? (Score:3, Informative)
Actually, read Ukraine, esp. Chernobyl (Score:4, Informative)
Now, if you buy (for example) those add-water-and-heat noodles from the Ukraine, you're going to get a good bit of Cesium(Cs-137?) in it, because -- and this is according to Lithuanian natives, who probably got it in their news -- the Ukrainian government has limits on the amount of Cs that can be in it, but accepts companies taking contaminated grain and mixing it down with uncontaminated grain, to meet the required levels.
Point being, I probably wouldn't suggest that this meat is good to eat, any more than I'd eat lamb from the Scottish moors (sorry, same problem: Chernobyl's Cs-137. It seems that the plants have been recycling the Cs back to the top.)
Re:Actually, read Ukraine, esp. Chernobyl (Score:4, Insightful)
Re:Don't bother reading the article... (Score:3, Informative)
while true ; do `wget -k -p -m http://www.send-safe.com/ --delete-after` ; done