Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
News

ISPs and Spam Enforcement... 28

mathowie asks: "I've been getting spams from "Benchmark Printing Supplies" for over two years, and I see an Atlanta-based PSInet dialup in the headers every single time. My messages to PSInet's abuse team asking why have gone unanswered every time. How can we stop spammers if ISPs don't take strong steps to hinder these guys from profitability?" Where CAN you go next if your ISP refuses to do something about the growing amount of SPAM in your inbox?
This discussion has been archived. No new comments can be posted.

ISPs and Spam Enforcement...

Comments Filter:
  • Stock market scams: the fcc What in the world does the fcc have to do with that? Isn't that the SEC's jurisdiction? Joseph Malicki
  • If your ISP is willing to join the RBL, and really want to dramatically reduce their incoming spam (as well as spam that may originate from their own systems) they may want to also use the following "databases". Some of these may be "extreme"; but they HAVE cut down the spam that I get dramatically...

    RBL: http://maps.vix.com/rbl/
    DUL: http://maps.vix.com/dul/
    ORBS: http://www.orbs.org/



    https://www.mav.net/teddyr/syousif/ [mav.net]
  • We're currently suing these folks. You can get the details here [bibliotech.net].
  • It seems like that I did not start to receive spam until I started to post on Slashdot

    and ...

    Every spam has a different 'remove email address' meaning that I must be on a million spam lists and me getting off them all is not a tractable possiblity.

    That is because some spammer specialize in email harvesting. Using spider(automated software), they extract string looking like email adress from web page, Usenet news, etc. They then resell this list to other spammer that, in turn, resell it again and so on until you are in the adress book of literally hundreds of spammer. That's why so many people fsck'up their email (addind NOSPAM, REMOVEME, etc.) in the adress they post on web forum and Usenet. Since email harvester can't take the time to manually sort out the invalid email from the valid one, this give a level of protection from automated harvesting and bulk mailing.

    However, this technique is not bulletproof. Using regular expression, a spammer could strip his email list of known "spam stopper" string. Personnally, I prefer the "login at isp dot com" scheme, since the automated email harvesting software are probably looking for "something@somewhere.somedomain". This is not bulletproof netheir, however.

    As I understand this, the most valuable adress are those that are confirmed to be working. Thus, never respond to spam neither to flame the spammer nor to send "remove". This confirm that somebody is reading this mailbox, thus making your adress a more valuable target.

  • I'm gonna flame Concentric Network right here because they USED to control their spam, but no more. I used to be their customer, but I got two spams from another one of their customers (www.traderspain.com) and complained about both of them. The first time they said the problem was solved. The second time they ignored me.

    So, that brings me to the main point. When you find that your ISP cannot control their spam, it's time to leave. I'm no longer a customer of Concentric network, and I tell EVERYONE that I know to stay away, far away, from Concentric.

    The same should go for PSI too! If they started losing customers they would clean up their act. VOTE WITH YOUR FEET. It's the only language that companies understand.

    End of rant.
  • One of the ISP's in Australia has a good idea for this. They own their name in both the .net.au and .com.au domains. One is RBL's and one isn't, you give the Non-RBL one to your friends and your RBL'd one to the web page forms and usenet etc..
  • Don't some US states (Washington comes to mind) have rather strict anti-spam laws? It seems like a good avenue to pursue.
    As for me, I just filter it all out into a "Possible Spam" folder. I filter for messages that don't specifically name one of my email addresses in the headers, so that most spam, which is bcc'd to people, will be caught.
  • In order to really block spammers, RBLs have to take a shotgun blast technique. i'm virtually certain Hotmail and the like are blocked since spammers use them for throwaway accounts. i have friends on those free email providers, and if my ISP suddenly started blocking their mails i'd be up in arms to get them to STOP.

    As for DULs, a good portion of my mail would be blocked by a DUL. Why should i have to use an ISP relay when Linux can run exim and deliver mail itself?

    Yes spammers are a problem, but you have to be careful when you block them that you don't hit normal people as well.

    -----

  • I actually heard one time if an ISP doesn't/refuses to stop illegal activity coming from their ISP, there are 'higher-ups' who you can contact (More then likely their provider of the line) who can give them an ultimadum(sp) to either take action or loose their lines. I think this can also be done through a gov office of one type or another. Sorry I don't have any names, but it's another thing to think about.

    That was pretty uninformative.

    If complaints get no answers or have no action taken on them, you complain the the upstream provider. When you run out of upstream providers to complain to, you still have a few options:

    MMF or anything spam-scam which involves someone else making money off you: report him to the IRS. (spammers are almost all USAn)

    Stock market scams: the fcc.

    For addresses, chase up some antispam pages: look for "cancel moose" or "anti spam".

    Also, check out the net.admin.net.abuse.* newsgroup FAQs at http://www.faqs.org [faqs.org]

    dave

  • It seems like that I did not start to receive spam until I started to post on Slashdot.

    When I set up this account, the above email address got persistently spammed from home.net. No amount of complaining worked. I guess home.net aren't too clued in.

    The spam I receive is not to any email address I have, but rather to another dumbqwerty@msn.com, how can this be so???

    You need to look at your "Recepient:" line in the headers. That'll tell you which email address it was really sent to. Most spammers put a fake address in the "To:" field and bcc to their victims.

    Every spam has a different 'remove email address' meaning that I must be on a million spam lists and me getting off them all is not a tractable possiblity. Why can't there be one list that these 'generic' spammers would have to check before doing my inbox?? Perhaps it could be federal law.

    Never, EVER reply to a "remove" address. They only exist to harvest working email addresses.

    Why can't there be a way to 'triangulate' packets to find a physical location for lawbreakers, and give them hard time so other spammers would be scared?? (is scared spammer an oxymoron??)

    Nope, spammers are such lower order life forms that they're incapable of fear. They're about four steps below script-kiddies and have many of the same traits. They don't understand how to do what they do; they're just running someone else's program. Despite the fact that they keep losing accounts (and getting verbally abused if they post 1-800 numbers) they *still* think that spamming works.

    Doesn't MSN and AOL have ways to keep track of ip addresses they assign dynamically, and thus trace spam??

    Yes they do, or at least they have logs and can tell who posted what and when. You need to complain to the right people and send them the full mail headers. Check out http://www.samspade.org [samspade.org] for info on how to track through headers.

    dave

  • *sigh*

    And that's the sad thing. They'll also write off the annoyed emails they get as 'just internet whingers'.

    I live in Hong Kong, where the largest ISP (Hong Kong *Telecom*) nearly got RBLd because they didn't think there was anything wrong with spam...

    dave
  • Appo-loagies.

    I was thinking of SEC, not FCC.

    dave
  • i think the FAQ is at junkbusters.com..gives you tips to deal with this situation.
  • The ISP upstream of them may be a good idea? In the case of PsiNet, I beleive that's Sprintlink. They have an acceptable use policy up at:

    http://www.sprintlink.net/acceptableuse.htm [sprintlink.net]

  • The DUL ("Dial-Up List", or list of dynamic IP pools used by ISPs) was incredibly effective when I implemented it. It blocked a lot of the spam that I couldn't filter out otherwise, and completely eliminated all shotgun-spam*.

    If your ISP is reluctant to implement the other two (several very valid reasons come to mind) I would strongly recommend they consider the DUL. There are no liability, control, or loss of service concerns that could possibly be generated by it.

    * Er, shotgun-spam: a term I (and probably others) use to describe spam sent to a large list of commonly-found usernames. Similar to the concept of a dictionary attack, most of the spam bounces to the sender (usually resulting in a double-bounce, since the sender almost never exists) but a percentage of the spam makes it to accounts that would otherwise not be found on normal spam lists. Ingenious, and terribly evil...
  • I actually heard one time if an ISP doesn't/refuses to stop illegal activity coming from their ISP, there are 'higher-ups' who you can contact (More then likely their provider of the line) who can give them an ultimadum(sp) to either take action or loose their lines. I think this can also be done through a gov office of one type or another. Sorry I don't have any names, but it's another thing to think about.
  • They may be able to ignore one e-mail from you. But what if, say, 100 or 1,000 antispam slashdot readers were all to e-mail them asking them to please stop?

    This may not be completely ethical or legal, since it would bear a small resemblance to a DoS/spam scheme, but I know I'd be pissed if I got spam from the same company for 2 years straight. It would also be sort of hard to prevent false alerts, e.g. false alarms designed to piss off the recipient.

    Possibly you could try e-mailing them with a different address, on a different subject, to get proof that someoene on the other end is listening. Could be an ISP run by slackers who never check e-mail not coming from their own subscribers, because it's just a waste of their time.

    SupremeOverlord
  • I recently got what appeared to be a legitimate email offer--figured they got my name from ZDnet lists or something. Turns out it was commonplace spam--addr.com evidently was their web host, and instead of just disabling the domain, they stated why (spam/abuse of account). The downside? There was a story recently where a Latin American site hosted in Chicago was cut off from service and redirected to a porn site. The reason? Unpaid bills the ISP claims, not so the client claims. It's going to be tricky to prove things either way unless more than one account of abuse from independent sources are found.
  • This isn't flame bait, its just that to marketing types, spam simply works. Its a sad truth, but there are millions and millions of people on the net and if only .001% of them respond, then free spam has paid off big. As long as it keeps working, they'll keep doing it.
  • It seems like that I did not start to receive spam until I started to post on Slashdot. Then it seems that everyday I receive a choice piece of spam from ghuhiursgh@msn.com so I too can receive credit cards or pfo456olbg@aol.com telling me I can quit smoking/lose weight/have infinite sales. I understand transistors and how to solder them to a board, and that's what I do for a living. I do not understand the dynamics of tcp/ip (yet anyway). So my questions are;

    The spam I receive is not to any email address I have, but rather to another dumbqwerty@msn.com, how can this be so???

    Every spam has a different 'remove email address' meaning that I must be on a million spam lists and me getting off them all is not a tractable possiblity. Why can't there be one list that these 'generic' spammers would have to check before doing my inbox?? Perhaps it could be federal law.

    Why can't there be a way to 'triangulate' packets to find a physical location for lawbreakers, and give them hard time so other spammers would be scared?? (is scared spammer an oxymoron??)

    Doesn't MSN and AOL have ways to keep track of ip addresses they assign dynamically, and thus trace spam??


  • Doesn't MSN and AOL have ways to keep track of ip addresses they assign dynamically, and thus trace spam??

    yes, and there are other ways of tracing these things too. how come an arrest can be made within seven days of the author of a bad macro virus but no police activity goes into enforcing the laws on the statute books about spam emails?

    surely Spam constitutes a legitimate threat to the effectiveness of the public internet infrastructure? does the NIPC have a view? isn't it only a matter of time before some idiotic spammer decides to use the XMAS.EXEC effect (== Melissa virus effect, for you youngsters) to get a more effective reach for their email?

  • The reason that there is no police activity toward spam is because it unforturnately isn't illegal and they can't prosecute.

    Depending on where you live there are laws in existence regarding spam. Many of these laws themselves do not classify spam as a criminal action, but do provide the basis for civil actions.

    My point is that there are also other laws in existence regarding unauthorized use of computer systems and these are not used sufficiently. When spammers abuse hotmail or an open mail relay to despatch their email, why are they not prosecuted?

  • 1) Contact this company and tell them to stop sending them. Try and word it similarly to how you can deal with telemarketers. Tell them to put you on their "Do not contact" list. As far as telephone goes, once you do that, and they contact you again, it's considered harassment.

    This may or may not work. As usual, do not reply to the "unsubscribe" address that may be given in the e-mail.

    2) Contact *your* ISP. Mine has a simple address to send spam to: spam@erinet.com

    They ask that you forward the message with full headers. What do they do ? I don't know... Block all e-mail from that address or higher up the chain ? Send an automatic message to the "other" ISP ?

    3) This doesn't solve your problem, but at least you won't see the messages anymore. But, use your e-mail program to filter messages from this company and send them straight to your deleted mail. I know you can do this with Netscape's mail program. I only recently started using Mutt, but I'm willing to bet you can do it with it, too.

  • If these jokers are "spam-friendly", then they're surely on the MAPS RBL [vix.com] already; convince your ISP to join the RBL (words to the effect of "I'm really pissed off at this spam, and if you don't do something to stop it, I'll be forced to switch providers; the MAPS RBL is the best way to protect your customers from being harrassed like this.")

    It's important to be as polite as possible.. try to present it as a solution that would help their customer base, as opposed to hurt it (most ISP's cringe at the though that one of their customers might not be able to send/receive email to a particular domain; for whatever reason.)
  • Are you absolutely, TOTALLY certain that you don't have a prior business relationship with these people? If you gave them your email address at some point in the past, and (probably inadvertently) checked one of those annoying "please send me news about our product" checkboxes, then they will feel justified in sending you commercial mail. Furthermore, their ISP will not do anything about it, because it is not UCE, or UNsolicited commercial email.

    If this is the case (and ONLY if this is the case!) I would recommend that you use the removal address they provide. Otherwise, the business won't know to remove you and the ISP will laugh off any complaints they receive. If you ask to be removed and aren't, THEN you will have some ammo for the ISP.

    Just please remember: commercial email, no matter how unwanted, does not equal spam. It's got to be unsolicited.

    Hm, one additional point: Make ABSOLUTELY sure you know which email address the spam is being sent to. A lot of us have acquired countless old email addresses, and it's easy to forget that everything is getting forwarded to your current address. If you ask for the wrong address to be removed, it (obviously) won't work.

    And if they're really spammers? Heh. Draw some blood for me, would you?

I don't want to be young again, I just don't want to get any older.

Working...