Spamfighting Since the Death of MakeLoveNotSpam? 352
vacuum_tuber asks: "The now-defunct Lycos anti-spamsite screen saver, MakeLoveNotSpam, was extremely well received despite the whines and hand wringing from the no-one-should-ever-actively-defend-themselves crowd. There was speculation after its demise that Open Source spam-punishing tools would emerge. Other tools such as SpamVampire, LadVampire (punishes fake bank sites), Spam Research Tool and others were mentioned with increasing frequency, but there has been no coherent followup to gauge what people are doing since the death of the Lycos screen saver. What are you doing that you think is effective in punishing spammers or their spam-site sponsors?"
Simple solution... (Score:4, Funny)
Re:Simple solution... (Score:2, Funny)
We could hunt down and execute the SOB's that pollute inbox with Cheap Meds and Penis Enlargement adds.
Re:Slashdot Hypocrisy (Score:2)
WHY, YES. YES IT COULD.
The best way (Score:5, Insightful)
Re:The best way (Score:4, Funny)
Re:The best way (Score:2)
Re:The best way (Score:2)
But if she doesn't know how to harden a system then someone else will have to do it for her at least the first time.
Do you fix everything in your car (no matter how non-trivial) that breaks? No, you take it to a mechanic.
Educating people about securing their systems is one thing, but expecting everyone to become a security expert is quite another.
Re:The best way (Score:2)
Re:The best way (Score:3, Insightful)
Heck, even that probably wouldn't work. I can see it now, a window pops up saying:
ALERT!
"You currently have port 25 o
Re:The best way (Score:3, Insightful)
Agreed. One of the things that the /. community needs to understand is that some people are incapable, unwilling or just don't have the time to worry about their computer. In general, the /. community is quite intolerant of people who are unaware of what is going on in their computers. I had a tech support friend who used to tell customers that the problem is a "ID-10-T" error. E
Re:The best way (Score:2)
Nice thought, but you obviously haven't been in this situation. I once made the mistake of building my parents a system and realized the HELL that is tech support x100.
Will you also teach her to ignore the fear of new and different things? Will you teach her that it's okay to make mistakes and "break" things as long as she learns?
Been there, tried that, still haven't ful
Well... (Score:2, Funny)
Re:Well... (Score:2, Insightful)
Re:Well... (Score:2)
ObWalMart (Score:2)
Re:Well... (Score:2)
The next 40-odd stakes should be spread around at your disgression.
Re:Well... (Score:2)
Don't join the mob (Score:4, Interesting)
Cooperation and user persistance has pushed spam already to the fringes of the Internet. Spammers have to just compromissed machines and other criminal methods to spread their messages.
Making them a victim will only make it harder to push them out, and it will take away resources from the actual problem: People buy the crap offered by spam! Spam is no longer free. If people would just stop buying based on spam, the problem would solve itself.
No sympathy for the spammer... (Score:4, Insightful)
So what you are in effect saying is that people who hawk too-good-to-be-true investment schemes and storcks shouldn't be punished? People are gullible, people are going to continue to be taken in by their greed, ignorance, or even illness.
I think these parasites should be taken down. Whether you agree with Lycos or not, I commend them for at least bringing this possible solution to the spotlight.
Re:No sympathy for the spammer... (Score:2, Insightful)
Its important to keep the rules simple. Otherwise you will lose cooperation among ISPs. DDOS is bad. Spam is bad. Lets cooperated and stop both.
Re:No sympathy for the spammer... (Score:2)
ISP's who have spammers as customers are just spammers one step removed. It should be costly to ISP's to knowingly have spammers for customers. ISP's generally charge for bandwidth usage and I
Re:Don't join the mob (Score:2)
Dan East
Re:Don't join the mob (Score:2)
Fringes? That's like saying everything outside of the asteroid belt is in the fringes of our solar system. Is McDonald's a fringe restaraunt? Wal-Mart's are always parked on the fringes of towns, does that count too? Large SUVs are owned by people in the upper fringes of the income bracket, and yet they still use most of the gas.
Fight Spam with Spam! Spam Spam Spam (Score:5, Funny)
Now I'm off to eat my breakfast of spam, eggs, bacon, and spam.
Make it illegal. (Score:5, Funny)
Write your congressman, if you have some free time try to meet with one of them and lobby them. Few people know how remarkably easy it is to get your congressman to sit down and meet with you.
Re:Make it illegal. (Score:5, Insightful)
Or like making identity theft illegal has stopped phishing scams.
Or how making unauthorized access to a computer illegal has stopped spam coming from compromised machines.
Re:Make it illegal. (Score:2, Funny)
Re:Make it illegal. (Score:2)
You have the right to bear arms to overthrow wicked governments, but you never will.
I have the right to walk down the street more freely than you but even a bunch of Ruperts can break into parliament to protest about bad laws!
Re:Make it illegal. (Score:2)
The real "only real way" to stop spam is to make it unprofitable. Don't ask me how though.
Re:Make it illegal. (Score:5, Funny)
You mean we should flood their mailboxes with offers for viagra and penis enlargement?
Re:Make it illegal. (Score:3, Insightful)
Re:Make it illegal. (Score:2)
No, a legal solution. (Score:5, Interesting)
Even though spam may be international, the foreign companies can be sued. When you send spam into the USA (or the particular state) you are subject to the laws of the USA. After I sued Global Web promotions [barbieslapp.com], the FTC sued them and siezed their funds. Even though they are in Australia, they are doing business here by sending spam.
Re:No, a legal solution. (Score:2)
Re:Make it illegal. (Score:2)
Not only a US problem, but it is primarily a US-based problem. 42% of spam originates from the US.
Re:Make it illegal. (Score:3, Insightful)
China, India, other up-and-coming high-tech nations have thousands upon thousands of unsecured mail servers and Windows
Re:Make it illegal. (Score:2)
I don't think my congressman has alot of clout in african countries that are run by warlords.
Re:Make it illegal. (Score:2, Insightful)
Yeah... Murder is illegal too... (Score:3, Insightful)
The spammers are a symptom of a much larger problem. Don't get me wrong - I wouldn't mind seeing them strung up too - but I'd rather see the CEO of some penis enlarging / Viagra-distributing company do some hard time with big guys...
Re:Make it illegal. (Score:2, Insightful)
Funny? (Score:3, Insightful)
No joke here! (Score:2, Funny)
I don't punish spam. (Score:4, Insightful)
Best way to punish spam is by keeping your friends AND foes aware of what to not pay attention. In the end, hopefully, they'll make less profit. Nonviolence resistance demands patience and is a slow process but always shows progression.
Re:I don't punish spam. (Score:2, Interesting)
Re:I don't punish spam. (Score:2, Insightful)
I agree.
Why waste effort on this? Just make it a rule: Don't ever, ever buy anything from an unsolicited email. I've got the same rule for phone solicitation - If your company EVER pisses me off by calling me at supper or on my day off or whatever, I won't buy from you. period. I don't care what you're selling. I'm not interested.
If there is no positive response, phone/email spam becomes an expense rather than a revenue generator. The 'invisible hand' of the market place will get rid of it.
Spamvampire works (Score:5, Interesting)
Re:Spamvampire works (Score:4, Informative)
Re:Spamvampire works (Score:2)
Re:Spamvampire works (Score:4, Interesting)
But, I give up. I cannot convince someone who can't see beyond their own nose. Instead, I'll make this perfectly clear. I don't send spam, but if I ever get DDoSed by any of these holier-than-thou anti-spam vigilantes, I will do all I can to see the full force of the law fall upon them. You'd be no better than a script kiddie, and subject to the same punishment as far as I'm concerned.
Vigilante justice soils the good name of the anti-spam groups out there that are working hard to help the world control the spam problem. Attacking spammers with DDoS only changes them from being a criminal into being a victim, and we do not want that.
Re:Spamvampire works (Score:2)
The sword of Justice cuts both ways.
Re:Spamvampire works (Score:2)
The only gray with websites is if the linked page was involved with thr spamming. Although if the spam said "get a l0an" and linked to "Trepalium's place in cyberspace," I don't think anyone would be fooled. Usually you can point out a spam website [asymptotic4brim.com] though. I'd only be worried if you were into loans, pills, or degrees.
Unsolicited Commando (Score:3, Informative)
My solution (Score:5, Funny)
Sending xmas cards to inmates about to be released from prisons in their state with the spammers name and home address as the return address with sincere hopes that they will come visit once they get out. Plus I get to use up all these extra xmas cards instead of packing them away for next year.
Turn images off (Score:3, Informative)
Re:Turn images off (Score:2)
1. You don't get Mail from Spammers
2. You don't get Mail from Morons sending Text-Mails as HTML with Outlook or similar programs
Stop buying spamervertised products (Score:2, Redundant)
Re:Stop buying spamervertised products (Score:2)
Re:Stop buying spamervertised products (Score:2)
Two approaches.. ban buying, hit the websites (Score:5, Interesting)
Another method is to hit the spammer's website... consider this perl fragment:
while (1)
{
- $sock = new IO::Socket::INET (
}- Proto => 'tcp',
);PeerAddr => 'website',
PeerPort => '80',
Reuse => 1
$sock->autoflush(1);
push @sockArray, $sock;
Naturally, the above code is for educational purposes only and is not intended to be used in anger
Re:Two approaches.. ban buying, hit the websites (Score:2)
Re:You forgot some lines (Score:3, Informative)
Be aware, it may have to go through several errors before resuming operation.
Post URLs here (Score:5, Funny)
Re:Post URLs here (Score:3, Funny)
http://www.yourstuffdepot.com [yourstuffdepot.com]
http://circumflex.killadwareco.com [killadwareco.com]
http://thestuffonlines.com [thestuffonlines.com]
http://www.diet45.net/ [diet45.net]
http://irh.net.yourpillsweb.com [yourpillsweb.com]
http://pnatay.fortherest.info/amite/CD/ [fortherest.info]
http://www.lending-now.com [lending-now.com]
http://cutrate-loan.info/ [cutrate-loan.info]
http://www.baby30.com/ [baby30.com]
http://backplate.lowerprice.info [lowerprice.info]
http://adipren13.com/
http://mymddcanlbrlskvofyvq.goquote.info
http://www.platinumwellnessplace.com/a/ [platinumwe...splace.com]
http://benz.sears.netbussinessk.c [netbussinessk.com]
One Stop Shopping! (Score:3, Funny)
Thank you, Slashdot!!!
A hypothetical... (Score:5, Funny)
Re:A hypothetical... (Score:5, Funny)
Re:A hypothetical... (Score:2)
Re:A hypothetical... (Score:3, Funny)
What about - (Score:4, Interesting)
Doesnt have to be permanent, just cut it off and request the user run ad-aware/spybot/a decent virus scan and away they go......
-thewldisntenuff
Re:What about - (Score:2, Interesting)
Still, if properly implemented, it's a great idea. Instead of cutting them off, drop any repeated, zombie-looking packets. Anything else, redirect it to a local site hosted by the ISP, for customers only.
It should read something along the line of..
"Our monitoring system
Re:What about - you don't have to force us! (Score:2)
Re:What about - (Score:2)
Respond to them (Score:5, Interesting)
Give them info that at least looks real.
If you give them your real phone number, then you can keep them on the phone line for 1/2hour (if you've got a headset), while you play your favorite game.... then tell them you hate spammers.
Even if you don't give them your real time, it forces them to verify the data. People pay for info from those spams because it's mostly good data. from people who want mortages.
If you keep the S/N ratio from spams higher than random cold-calling, then the spam's useless.
For stuff like cheap viagra, it's mostly an attempt to get them to annoy their credit card company. or just wasting their time. If we (slashdot) can each get spammers to waste 10 seconds of their time, that's some number of spammer man-years. If we can each get them to waste 10 seconds a week, they're out of business.
It's using the statistics of spamming against them. They currently get about 1million-1 response ratio with a very high signal-noise ratio. If we can get that up to 1000-1 with a 1-1000 signal-noise ratio, then they'll drown in their own garpage.
Re:Respond to them (Score:2, Informative)
BTW, remember that they called you. When they won't take no for an answer, hang up. Yes it is rude, but it the telemarketers who is being truly rude, forcing you to take drastic action. So, they called you. Take to them. Find out the pitch. Find out what they are wearing, if they had a good night sleep. How many kids they have. Get references. Have
Re:Respond to them (Score:3, Interesting)
Yea, it takes time to be a pain in the
wget+bash + SPAM = Fun (Score:5, Interesting)
LWP + PERL + SPAM = Fun
Take your pick, for something simple like a website that is hosted on compromised machines, simply loop the address through wget, use the output of ps -aux | grep wget | wc -l to keep the system load down to something reasonable - like 50.
Another fun game is when the spammer/phisher wants some personal information. Use LWP to walk through the order stages or web pages. Then give them the information that they asked for.
Name - Don't you know
Address - don't you wish you knew
City - not yet
State - that one
zip - 12345-678
Special order instructions:
Don't ever e-mail me again, ever, please. I'm begging you. In fact I'll be nice, i'll only send this very same message once for each attempted spam delivery. So far the machine that delivered this message has also made 150,000 connections, to try and deliver messages to users that don't exist.
Add random garbage to through off simply filters. Rinse and repeat until messages stop coming to you
Using the host command, with the name servers that show up in the whois. Walk the dns. It's trivial to repeat until server stops responding. Especially if the server is another zombie.
Tactics usually prove good at stopping sites hosted on compromised broadband connections. These machines generally have upload limits that run out quick. Sites hosted in China or Russia seem to have more bandwidth and can take more of a load. I only know this because I read around. I would never, ever advocate such a thing as returning the spam I receive to the spammer via his web sites order page. Doing what is suggested would probably get you in trouble.
My solution? Baseball bats, but my lawyer has told me that they may be illegal as well.
cluge
So it depends on who is doing it? (Score:2, Insightful)
Yeah, um, right. Say the same thing in regards to the RIAA trying to prevent music piracy and you'll hear endless howls from the
If you want anyone to remotely take you seriously, you will have to first drop the double-standard.
Cost balance (Score:2)
I think that if it's the recipient who is (automatically) pulling down the web sites pointed to by the URLs, then this could not be considered retribution. If ins
Re:Cost balance (Score:2)
Go check out my cool site!
http://craigbuchek.com/
And whammo, you get screwed and you did nothing wrong but piss off an asshole. It'd be bad enough wading through the responses and bounce messages (if I use your real email as the return addy) but to get your site whacked on top of it?
That is the one biggest drawback to an active defense, imho. It WILL target innocents at som
snail-mail spam right back at ya! (Score:4, Interesting)
How to stop spam... ? (Score:2)
Re:How to stop spam... ? (Score:2)
Hand Wringing (Score:4, Insightful)
No war, no innovation (Score:2, Insightful)
Forward the spam to the BSA (Score:3, Interesting)
So I parse the links, removing the filler, isolate the links, then go to BSA's site, and fill out their piracy form. I provide the isolated links, along with the entire email itself including headers, so that they can investigate the spamvertisement themselves.
Then I add a few words of encouragement at the bottom. Three words are generally enough, you can figure out your own slogans as a substitute.
Keeps the BSA busy, their minds on other things, minimizes the amount of trojaned software that clueless users download via spam if BSA actually takes action to close the sites or go after site owners, and lets me kill some time.
I've been thinking of ratting out the criminals selling "pirated" software on Craig's List to the BSA piracy line as well. Maybe I'll make that the next step. It'll keep cheap "pirated" windows software off people's computers, and perhaps give the prospective buyers more incentive to use FOSS/Linux instead. Or at least OpenOffice on Windows, which makes it easier to get them on FOSS/Linux platform later.
The BSA is the greatest thing since sliced bread. Without them, why would most Windows users migrate to Linux? Because its a better platform? Bahhh! They don't even know they're running Windows, let alone why Linux is better or not.
Forward the spam, but not just to the BSA (Score:5, Informative)
You can tell where the spam comes from; or at least identify the web sites they are spamvertizing. Yes, it is sometimes a BPITA - hence why I use spamcop to help auto LART the headers/email for me. I know with squirrel mail any spam you can auto forward to your spamcop account to be LARTed.
Normally I LART anything that gets past the spam filters, thinking that anything that does get caught is by the big spamhouses. I also report my spam to the Feds for action:
"FTC" uce@ftc.gov,
"US Postal Inspectors service" fraud@uspis.gov
These folks ask for spam, to either tweak their anti-spam tools or for internal investigation:
"junk_brightmail.com" junk@brightmail.com,
"SendUsSpam" spam@sendusspam.com,
"Spamarchive" submit@spamarchive.org,
"Spamrecycle" spamrecycle@chooseyourmail.com,
Specific countries have anti-spam efforts:
"Spam from China" spam@ccert.edu.cn,
"Spam from Korea" spamcop@kisa.or.kr,
As already mentioned - any spam offering grey market (aka cheap) software?
"BSA" software@bsa.org,
"SBA" piracy@spa.org
Any 419 scams?
"419@nigeriapolice.org" 419@nigeriapolice.org,
"Central Bank of Nigeria" info@cenbank.org,
"thoselads_scamorama.com" thoselads@scamorama.com,
"Treasury Nigeraian scam reporting" 419.fcd@usss.treas.gov
Child pr0n?
"FBI" iitf.tampa@fbi.gov,
"FBI_Child_porn" complaints.detroit@fbi.gov
Any stock or securities spam?
"cyberfraud@nasaa.org" cyberfraud@nasaa.org,
"nasd Penny stock fraud submittal" ombuds@nasd.com,
"Securities fraud SEC" enforcement@sec.gov
Any food or drug spam?
"FDA_Complaint" webcomplaints@ora.fda.gov,
"FDA_Complaint2" webmail@oc.fda.gov
FYI: there are some anti spam groups I am a member of, where a little bit of research dug up these agencies. It is easy enough to set up an auto forward on your spam folder to report & LART the spammer scum.
HTH!
no-one-should-ever-actively-defend-themselves dept (Score:2)
Just FYI.
Visiting the URLs (Score:2)
Does this not confirm to the spammers that the address they're hitting is valid? MOST of the spam I get passes some form of variable passed, presumably to uniquely track me.
I'd be very angry if my ISP's mailserver was clicking these links for me.
Sure, if done enough, this will completely ruin the idea of tracking people through link-clicking. But in the period between now and when it's fully-implemented, won't it just make
Hey, STUPID (Score:2)
No one complained about defending yourself, they complained because fighting abuse with abuse is:
stupid
in many cases illegal
in some cases against the wrong party.
DoSing someone's server is illegal in the US. Had Lycos tried it on my allocation, they would have been null routed as soon as I found out about it.
Attacking someone's web site is not defense. Even if they are a spammer, it doesn't make it righ
My payback? SPAMHAMMER 2.0 (Score:5, Interesting)
Eventually, the phishing scams came out. And the mortgage quotes were flowing in. And I got tired of all of them. And I remembered SpamHammer.
So, a LOT of searching of the old file-tree to find it, a little tweaking, and V2.0 was born. This new version supports everything needed to pump tons of crap into any site, POST or GET, cookies or not. I spared no feature - from random emails, random name permutations from the USCB, junk mailing addresses that'll pass a city/state/zip xref, random credit card numbers with proper checkdigits, and even stuff picked from lists (think of med sites). Mortgage quoters want leads? Here, have a million. Just don't bitch when the lenders refuse to pay for those leads. Phishers want accounts and passwords? No problem - with the added benefit of DOSing the target host. Free viagra? Oooo... I get wood just thinking about it... here, have a hundred thousand orders for random crap on your site.
I'm not sure why, but there's something satisfying about getting a "write failure: access denied" after pumping a few million POSTs into a site, consisting of every major field being 32K each. The only thing more satisfying is knowing that certain med-sites simply email the order to an in-box... here, have a big pile of 1Meg emails.
Putting "cloaking service" operators in jail (Score:3, Interesting)
From the CAN-SPAM act:
The CAN-SPAM act is soft on spamming, but tough on spam-related fraud. That can be useful.Sec. 1037. Fraud and related activity in connection with electronic mail
`(a) IN GENERAL- Whoever, in or affecting interstate or foreign commerce, knowingly-- ....
(4) registers, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages from any combination of such accounts or domain names, ....
"or conspires to do so, shall be punished as provided in subsection (b)."
(2) a fine under this title, imprisonment for not more than 3 years, or both, if-- ...
(B) the offense is an offense under subsection (a)(4) and involved 20 or more falsified electronic mail or online user account registrations, or 10 or more falsified domain name registrations;
Note the "or conspires to do so" clause. Knowingly assisting in a criminal offense satisfies the legal definition of conspiracy. [lectlaw.com] "Cloaking services" are in deep trouble if they knowingly provide that service for a spammer. Unlike ISP's, there's no "safe harbor" for them.
As for the "knowingly" part, whenever you find a spam associated with a "cloaked" domain, send a note to the cloaking service, and post that you've done so to some public spam forum that's indexed by search engines. That will put them on record as knowingly cooperating in a criminal conspiracy. The next person who gets a spam from the same party will have that information as legal ammunition.
When you've got that info, report it as Internet fraud. [fraud.org].
The Mob... (Score:2)
rj
Report addresses to abuse desks (Score:3, Insightful)
Wasting the bandwidth of these phishers only hurts the Internet, by wasting resources. Do keep in mind that the sites may be using stolen credit cards, and the ISPs will lose money on overspent bandwidth bills when the CC company halts payment.
Re:Report addresses to abuse desks (yeah, right!) (Score:3, Insightful)
Moreover, for many ISP's, spammers with "pink" contracts pay good money and help keep pay the ISP's bills. Agis.net tried this, and it wasn't until the Cyberpromo spammers had their upstream routers DOS attacked to death that Agis
I felt a great disturbance in the Internet.... (Score:2)
Spam Traps. (Score:3, Interesting)
Using scripting, I've made myself a nice little spam trap.
If you test mail.qualico.ca, you'll see its an OPEN RELAY!
BUT, if you try to use it...your email will be dissected and automatic abuse notifications sent to the upstream ISP of the target site, the injecting IP's ISP and any other IP listed in the email.
Further, reports are sent to all the major blackhole listing sites.
Very effective at shutting down sites because the instant reporting reduces the time spammers rely on between site switching.
I've been responsible for taking down a lot of sites and will continue to fight spam with every tool at my disposal.
Now if I could only extend this functionality to Malware and Adware sites.
Costing the insurance companies not spammers (Score:2, Insightful)
"Running Man" Competition? (Score:2)
in which "subscribers/bettors" can help
determine the exact cause of death.
History provides some wonderful examples
of appropriate punishment, most of which
derive from the Middle Ages (draw-and-
quarter, rack, impalement, tar-and-feather,
burn at stake, beheading, hanging, etcetera).
Your vote counts! Vote early and often!
Re:Make them use the products that they spam (Score:5, Funny)
Re:OpenBSD's spamd seems like a good idea (Score:2, Interesting)
All spamd/pf does, for those of you that don't know, is to stall the spam sender by sending replies v-e-r-y s-l-o-w-l-y using a daemon that runs alongside sendmail. The OpenBSD pf packet filter is used to redirect data away from the real SMTP daemon and to spamd. Some people call spamd a tarpit.
Typically we have about 200