SPAM: Has Sandbox.Com Violated Its Privacy Policy? 20
e4 asks: "Okay, I admit it. I'm a fan of fantasy football. I've been playing various forms for about a decade now. With the huge surge in online fantasy football leagues in recent years, some friends and I decided to give Sandbox a try. I read their Member Agreement and their Privacy Policy. I could see that Sandbox was built around marketing gimmicks, but they had opt-out check boxes for most of it, so I went ahead and signed up. I started getting junk mail from them almost immediately. I wrote several e-mails to various Sandbox addresses, politely complaining about the problem. Most of them were ignored. Eventually, I got a response that seemed to explain what happened. It turns out they have two different unsubscribe lists: one for Sandbox.Com and one for Sandbox.CNNsi.Com. I was 'inadvertently' added to the second one. So I unsubscribed from those too. More spam. More e-mails. More ignoring. Still more spam." With all of the new SPAM laws in place, what is the best method of getting those laws applied to the services that still haven't learned to play nice with unsolicited e-mail?
"What do I do now? They have clearly not lived up to the promises in their privacy policy, and they don't seem to care. Aside from filtering the spam and never visiting their site again, what other options are there? We hear a lot about anti-spam legislation, but has any of it actually seen the light of day yet?"
Vigilante-Spam-HOWTO (Score:1)
Somehow they aren't violating laws that would get them jailed. Taking one of them to court costs money and is sensless while they bombard your mailbox and patience. They are violating a law not too popular in today's media. I'm talking vigilante justice. Trial by fire. Judgment is always swift.
Its a war. War is cold. Clearly things up to this point are not working out in your favor. Apply your social skills and pick up the phone (calling collect just shows you care.) A few words to thier partners and investment relations really do count. Do the damage where it will hit them the most. Speak to thier staff. Tell the poor schmuck his kid needs to be picked up from the principal's office for chewing gum in class. Rattle the nerves good.
Legalize the death penalty for spammers. Vote GWB!
Spam filtering... (Score:1)
Blacklisting doesn't work anymore. I've instead switched "accept all mail unless message contains" to "reject all mail unless message contains" and only 1 or 2 spams can now ever slip through. The ones that do slip through just let you laugh at how well the filter works.
Basically, whip out procmailrc. Put a rule at the end that matches any address and have it redirected to say, ~/mail/spam. Then, above it, put rules that save specific e-mails from going to the spambox. The first rule checks to see if your e-mail address is in the from, to, or cc field. The next rule checks to see if any of the mailing lists that you're subscribed to are in the from, to, and cc fields (mine looks like * ^(From|To|Cc).*(linux-kernel|freebsd|vorbis) etc.
Also, I know that whenever I do catch a spam with an 800 number in it, I make sure to call them a few times and leave angry messages. Maybe they'll think twice about spamming 15 million e-mail addresses if every one of them called their 800 number, eh? :)
Re:Rules of Spam again (Score:1)
It's just as easy to register a domain and have all of the mail forwarded to you, then you don't have to set up new aliases - you can jsut set up your mail software to filter out messages addressed to the bogus addresses when you're done with them, and you've got the log files ot check and see if what addresses are being rejected. It's fun, and you get the joy of rejecting mail.
Re:Rules of Spam again (Score:1)
Re:Spam filtering... (Score:1)
I wouldn't want to go into court as the defendant, especially when my defense was, "Well, they sent me x emails!" It just doesn't seem solid.
--RJ
Rules of Spam again (Score:2)
1) Spammers lie.
2) If you think a spammer's telling the truth, see Rule #1
3) Spammers are st00pid.
Canonical example - I will no longer do business with Travelocity, who spammed me after I ordered a ticket through them and made very sure to click on all the "no, leave me alone you assholes" buttons. Upon reporting the spam to them, I was assured I'd be removed in what appeared not to be a form-letter -- and of course, I got spammed a few weeks down the road.
Whenever you say "shut the fuck up and stop spamming me", marketers imagine that they hear the words "except for things your marketing department thinks I really really really do want".
Marketers lie. It's in their DNA.
Never give a valid email address to any company for any reason.
From now on, I do all my travel purchaes through another company, and I use an expendable yahoo.com dropbox for order confirmations. So far, this company hasn't spammed me, but when (not if!) they do, I'll simply switch to another company. And another dropbox.
Re:General spam-fighting question (Score:2)
http://www.arin.net/cgi-bin/whois.pl?queryinput
http://www.arin.net/cgi-bin/whois.pl?queryinput
its at&t...have fun
General spam-fighting question (Score:1)
I recently got a spam (sent by a temporary AOL account, now disabled) that directed me to a web site hosted on http://12.45.166.9, a generic NT4/IIS box. DNSLookup revealed no domain name for anything in 12.45.166.* where *=0 through 16. Without a domain name I can't do a WHOIS. Without a WHOIS I can't make their lives miserable by calling them at home in the middle of the night (or whatever I decide to do).
A TraceRT revealed that the router immediately upstream from them is 12.124.217.10, but neither it nor its relatives have domain names either. So I can't WHOIS on their ISP, which is even more important since I want to get them shut down.
I guess the main problem is that I only know how to Whois based on a domain name, not an IP address. Suggestions?
Re:try this (Score:1)
Do that if you're willing to sue them in Small Claims Court and set a precedent. Don't do it just for the bluff, or it's not worthwhile.
Suing can be a hassle, and I don't know whether you're eager to try it.
Re:General spam-fighting question (Score:1)
As pyrodude pointed out, go to ARIN. It's also available through your favourite command-line or GUI WHOIS tool:
$ whois -h whois.arin.net 12.45.166.9
This'll give you their netblock. If the IP address is not in one assigned to ARIN, ARIN will tell you where else to go to (e.g. RIPE for Europe, APNIC for Asia-Pacific, etc.)
Spam laws site (Score:1)
I'm not normally one to jump on the "sue everyone" bandwagon, but since Sandbox is a reasonably reputable company and not some random, faceless spam operation, pointing this out to them might at least get them to sit up and take notice. You can also complain (or threaten to) to the relevant Attorney General. Actually, that might not be a bad idea anyway, since if they get enough complaints about a company they will look into their practices.
Hit them wear it hurts (Score:1)
I would be a little more linient if they were willing to address the privacy issues. I recently noticed I was receiving email from them that I had not signed up for. So I changed my email address to on that will end up being bounced back to them.
Reporting them to MAPS and giving them proof that you have attempted to unsubscribe yet still receive spam will help to. They will most likely contact Sandbox, and also register as a user to see what comes their way, and what happens when they try to unsubscribe.
If you really want to make their heads turn, contact their advertisers. I don't mean send them an email. I mean find out who within the advertised company purchased the ad run on Sandbox. The point them towards this Slashdot story. Clearly explain to them that they are unreasonable with their email policy, and that it makes those who support them look bad. There are plenty of other web sites for them to advertise with. And when they start having ads pulled, heads will turn.
I genuinely believe Sandbox does not wish to spam people. But because several people within their organization are not doing their jobs (between writing an acceptable email policy and adhering to it, and addressing customer concerns), their users are suffering. Since they don't see the immediate cost of this breakdown, it needs to be waved in front of them in a more noticable way.
Re:General spam-fighting question (Score:1)
type - nslookup
then type - set q=ns
then type the ipaddress backwards.in-addr.arpa
--example--
[mcritch@pliska mcritch]$ nslookup
Default Server: SERVERHIDDEN
Address: ###.###.###.###
> set q=ns
> 10.127.124.12.in-addr.arpa
Server: SERVERHIDDEN
Address: ###.###.###.###
*** SERVERHIDDEN can't find 10.127.124.12.in-addr.arpa: Non-existent host/domain
> 127.124.12.in-addr.arpa
Server: SERVERHIDDEN
Address: ###.###.###.###
*** SERVERHIDDEN can't find 127.124.12.in-addr.arpa: Non-existent host/domain
> 124.12.in-addr.arpa
Server: SERVERHIDDEN
Address: ###.###.###.###
124.12.in-addr.arpa nameserver = dbru.br.ns.els-gms.att.net
124.12.in-addr.arpa nameserver = cmtu.mt.ns.els-gms.att.net
124.12.in-addr.arpa nameserver = dmtu.mt.ns.els-gms.att.net
124.12.in-addr.arpa nameserver = cbru.br.ns.els-gms.att.net
dbru.br.ns.els-gms.att.net internet address = 199.191.128.106
cmtu.mt.ns.els-gms.att.net internet address = 12.127.16.69
dmtu.mt.ns.els-gms.att.net internet address = 12.127.16.70
cbru.br.ns.els-gms.att.net internet address = 199.191.128.105
>
Re:try this (Score:1)
Re:SPAM vs. the other meat substitute (Score:1)
Each time they send you an email, just FAX it back to them, together with a polite note explaining that you have carefully considered their offer, and are not interested at this time.
Just report them... (Score:3)
If not, they'll end up listed, and you can hope that your ISP subscribes to MAPS.
Also, if they have a TRUSTe certification, you can contact that group. TRUSTe is pretty rubber stampish. All it says is that you have a privacy policy and follow it. But it does say that much. And many internet sites won't work with you if you don't have it.
try this (Score:2)
SPAM WARNING: Anyone who sends me unsolicited commercial
e-mail will be charged a $500 fee per message.
Pursuant to US Code Title 47, Sec.227(a)(2)(B), a computer/
modem/printer meets the definition of a telephone fax machine.
Sec.227(b)(1)(C) prohibits the delivery of unsolicited commercial
messages to such apparatus.
Sec.227(b)(3)(C) states that a violation of the aforementioned
Section is punishable by action to recover actual monetary loss,
or $500, whichever is greater, for each violation.
-MSD.dyndns.org [dyndns.org]
"Sucks to your ass-mar"
Re:try this (Score:1)
The fax thing is because not only does it tie up a phone line (thus making it unusable for the time), but that it wastes paper resources as well... something the reciever had to pay for.
A computer/modem/printer (or would that be modem/computer/printer? the order it'd need to go to be a "fax machine"..) doesn't automatically print the stuff, so it's not really a waste of paper.. and I doubt those spams are so ungodly large that you can't still do other things on the line..
But hell, who knows.. you might scare someone into believing it.. heh.
Re:try this (Score:2)
Odds are they'll say the fax paper.
SPAM vs. the other meat substitute (Score:1)
Where Your Vote Should Go [mikegallay.com]