Spammers often regard responses to their messages—even responses like "Don't spam me"—as confirmation that an email address is valid. Likewise, many spam messages contain Web links or addresses which the user is directed to follow to be removed from the spammer's mailing list. In several cases, spam-fighters have tested these links, confirming they do not lead to the recipient address's removal—if anything, they lead to more spam.[citation needed]
Sender addresses are often forged in spam messages, including using the recipient's own address as the forged sender address, so that responding to spam may result in failed deliveries or may reach innocent e-mail users whose addresses have been abused.
In Usenet, it is widely considered even more important to avoid responding to spam. Many ISPs have software that seek and destroy duplicate messages. Someone may see a spam and respond to it before it is cancelled by their server, which can have the effect of reposting the spam for them; since it is not a duplicate, the reposted copy will last longer.
End-user techniques
Posted in on by
There are a number of techniques that individuals can use to restrict the availability of their e-mail addresses, reducing or preventing their attractiveness to spam.
Detecting spam
Posted in on by
People tend to be much less bothered by spam slipping through filters into their mail box (false negatives), than having desired e-mail ("ham") blocked (false positives). Trying to balance false negatives (missed spams) vs false positives (rejecting good e-mail) is critical for a successful anti-spam system. Some systems let individual users have some control over this balance by setting "spam score" limits, etc. Most techniques have both kinds of errors, to varying degrees. So, for example, anti-spam systems may use techniques that have a high false negative rate (miss a lot of spam), in order to reduce the number of false positives (rejecting good e-mail),
Detecting spam based on the content of the e-mail, either by detecting keywords such as "viagra" or by statistical means, is very popular. Such methods can be very accurate when they are correctly tuned to the types of legitimate email that an individual gets, but they can also make mistakes such as detecting the keyword "cialis" in the word "specialist"; see also Internet censorship#"By-catch". The content also doesn't determine whether the email was either unsolicited or bulk, the two key features of spam. So, if a friend sends you a joke that mentions "viagra", content filters can easily mark it as being spam even though it is neither unsolicited nor sent in bulk.
The most popular DNSBLs (DNS Blacklists) are lists of IP addresses of known spammers, open relays, zombie spammers etc.
Spamtraps are often email addresses that were never valid or have been invalid for a long time that are used to collect spam. An effective spamtrap is not announced and is only found by dictionary attacks or by pulling addresses off hidden webpages. For a spamtrap to remain effective the address must never be given to anyone. Some black lists, such as spamcop, use spamtraps to catch spammers and blacklist them.
Enforcing technical requirements of the Simple Mail Transfer Protocol (SMTP) can be used to block mail coming from systems that are not compliant with the RFC standards. A lot of spammers use poorly written software or are unable to comply with the standards because they do not have legitimate control of the computer sending spam (zombie computer). So by setting restrictions on the mail transfer agent (MTA) a mail administrator can reduce spam significantly, such as by enforcing the correct fall back of Mail eXchange (MX) records in the Domain Name System, or the correct handling of delays (Teergrube).
Detecting spam based on the content of the e-mail, either by detecting keywords such as "viagra" or by statistical means, is very popular. Such methods can be very accurate when they are correctly tuned to the types of legitimate email that an individual gets, but they can also make mistakes such as detecting the keyword "cialis" in the word "specialist"; see also Internet censorship#"By-catch". The content also doesn't determine whether the email was either unsolicited or bulk, the two key features of spam. So, if a friend sends you a joke that mentions "viagra", content filters can easily mark it as being spam even though it is neither unsolicited nor sent in bulk.
The most popular DNSBLs (DNS Blacklists) are lists of IP addresses of known spammers, open relays, zombie spammers etc.
Spamtraps are often email addresses that were never valid or have been invalid for a long time that are used to collect spam. An effective spamtrap is not announced and is only found by dictionary attacks or by pulling addresses off hidden webpages. For a spamtrap to remain effective the address must never be given to anyone. Some black lists, such as spamcop, use spamtraps to catch spammers and blacklist them.
Enforcing technical requirements of the Simple Mail Transfer Protocol (SMTP) can be used to block mail coming from systems that are not compliant with the RFC standards. A lot of spammers use poorly written software or are unable to comply with the standards because they do not have legitimate control of the computer sending spam (zombie computer). So by setting restrictions on the mail transfer agent (MTA) a mail administrator can reduce spam significantly, such as by enforcing the correct fall back of Mail eXchange (MX) records in the Domain Name System, or the correct handling of delays (Teergrube).
Anti-spam techniques
Posted in on by
To prevent e-mail spam, both end users and administrators of e-mail systems use various anti-spam techniques. Some of these techniques have been embedded in products, services and software to ease the burden on users and administrators. No one technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate e-mail vs. not rejecting all spam, and the associated costs in time and effort.
Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by e-mail administrators, those that can be automated by e-mail senders and those employed by researchers and law enforcement officials.
Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by e-mail administrators, those that can be automated by e-mail senders and those employed by researchers and law enforcement officials.
What not to do about spam
Posted in on by
There is one cardinal rule to remember when dealing with spammers and rogue sites: we must hold the high moral ground.
Therefore, when dealing with a spammer or a rogue site, don't:
Threaten violence or vandalism;
Mailbomb the site;
Mailbomb the alleged spammer, who may be an innocent third party such as myself;
Ping-storm or SYN-flood the site;
Hack into the site;
Try in any way to bring the site down illegally. And above all else, don't use spam to fight spam. This also applies in Usenet - don't follow up to spam postings, lest your posting also become spam.
Therefore, when dealing with a spammer or a rogue site, don't:
Threaten violence or vandalism;
Mailbomb the site;
Mailbomb the alleged spammer, who may be an innocent third party such as myself;
Ping-storm or SYN-flood the site;
Hack into the site;
Try in any way to bring the site down illegally. And above all else, don't use spam to fight spam. This also applies in Usenet - don't follow up to spam postings, lest your posting also become spam.
Should I hit "remove"?
Posted in on by
A lot of the spam that we get and that people write to us about comes with instructions on how to "remove yourself from our list". Yet, more often than not, the remove instructions don't work. Why is this?
Basically, you've just experienced what many call "rule #1": Spammers lie.
Remove lists don't work. Even the United States government has noticed this: "We are also working on (spam) cases that involve claims that you can opt out, when in fact what clicking on the link to unsubscribe will do is simply verify that you have a valid e-mail address, so that you can then get lots of spam instead of a little," said Howard Beales, director of the FTC's Bureau of Consumer Protection. In this story, Computerworld of New Zealand documents an experiment in which they demonstrate that remove lists really don't work.
Don't waste your time trying to jump through the spammers' hoops. Plenty of people have documented the fact that not only do remove lists not work, they do exactly what Mr. Beales says: they verify to the spammer that your e-mail address is good, and so then they put it on the premium CD and sell it to the next spammer for even more money.
In one case, an anti-spammer went to a remove-list web site and noticed that he'd been removed from the list, supposedly, even though he hadn't given them his address. So, he went into debugging mode, using telnet to access the raw HTML of the server directly, and discovered that it just gave you the same answer no matter what. In other words, the whole thing was a complete and utter fraud. Some spammers put more effort into their fakery, but in the end it comes down to the same thing: it does you no good to follow the removal instructions.
Basically, you've just experienced what many call "rule #1": Spammers lie.
Remove lists don't work. Even the United States government has noticed this: "We are also working on (spam) cases that involve claims that you can opt out, when in fact what clicking on the link to unsubscribe will do is simply verify that you have a valid e-mail address, so that you can then get lots of spam instead of a little," said Howard Beales, director of the FTC's Bureau of Consumer Protection. In this story, Computerworld of New Zealand documents an experiment in which they demonstrate that remove lists really don't work.
Don't waste your time trying to jump through the spammers' hoops. Plenty of people have documented the fact that not only do remove lists not work, they do exactly what Mr. Beales says: they verify to the spammer that your e-mail address is good, and so then they put it on the premium CD and sell it to the next spammer for even more money.
In one case, an anti-spammer went to a remove-list web site and noticed that he'd been removed from the list, supposedly, even though he hadn't given them his address. So, he went into debugging mode, using telnet to access the raw HTML of the server directly, and discovered that it just gave you the same answer no matter what. In other words, the whole thing was a complete and utter fraud. Some spammers put more effort into their fakery, but in the end it comes down to the same thing: it does you no good to follow the removal instructions.
Spammers do more than spam
Posted in on by
In addition to all of the bad things spammers do to your mailbox and Usenet, they are also dishonest and unethical. Spammers have been documented as stealing other site's domain names via forgery - both Reply.Net and Concentric Networks have been hit this way. Indeed, Outernet, Inc. was actually attacked by one such spammer.
12 Sep 2001 - Spammers are soliciting donations for relatives of the victims of the 9/11/2001 terrorist attacks on the USA. We at spam.abuse.net do not believe that any of these relatives will see any of that money.
The spammers have a new trick - they supply an offshore phone number that you are supposed to call to be removed. The call costs $2 per minute. Sometimes they play a tape directing people to CAUCE, in what appears to be an attempt to discredit us. See an example.
-->One trick the spammers tried is to set up fake anti-spam sites, or to forge e-mail from anti-spam organizations such as CAUCE. Neither CAUCE, as an organization, nor any anti-spammers, as individuals, are soliciting or accepting donations of money or any other valuable consideration. Another earmark of just such a forgery is use of a throw-away or invalid e-mail address. If you see a supposed anti-spam e-mail or a web site that is asking for money, it's a fake. Report it to your nearest anti-spammer and the National Fraud Information Center.
page
defunct 5 July 2000 SHM --> dead link 5 July 2000 SHM -->Spammers lie to their customers. For example, Quantum Communications claimed to Mass Music, an innocent customer, that they'd send a mailing to people who'd asked to receive info about new products and services, not to thousands of unwilling spam recipients. Now Mass Music's made thousands of new enemies who will never buy from them after to being spammed, due to Quantum's misrepresentations.
Another, similar, lie is to sell someone a mailing list and tell them that the people on it want advertising e-mail. Most of the time, the list is one of the same old spam lists that's been around five years. There are a very few lists of people who've signed up for ads, but they're small, targetted, anot not cheap. Any large list purporting to be of people who want any kind of advertising e-mail is a fraud.
Spammers also cheat their suppliers. A number of ISPs have admitted that many or most of their spammers never pay for their service. This is especially true with the spammers who use free trial accounts with a provider to send their spew. It's obvious in those cases that they never intended to pay.
Further, as the "Global Communications" 809 phone fraud shows, con-men and thieves are gravitating toward massive spams as a way to perpetrate their crimes. For more information on fraud and scams, see the National Fraud Information Center, Internet ScamBusters or the Commodity Futures Trading Commission.
Scamsters are spamming fake contest "entries" also. When one of them was called on it, they subscription-bombed the person who did it. See the whole story.
Another typical claim is to spam offers for "free" web pages. Peter da Silva has a list of legitimate offers of free Web space.
Recently, someone forwarded me a spammed web site registry offer. They claimed they had a list of high-profile customers, including The New York Times, Iams and Inc. I forwarded a copy to The Times and received a call early the next morning not only disclaiming a connection to the spammer, but letting me know that they were ordering the spammer to stop using The Times' name in their advertising. See The Times' follow-up e-mail to me. My correspondent contacted Iams - see their response - and Inc. - their response. In a final fillip, the spammer is now being investigated for fraud - false advertising.
Spammers are also not above inventing their own testimonials. The Cybertize E-mail home page includes a bunch of quotes. The first one, allegedly from The Internet for Dummies is, according the the book's author, a complete fabrication and utterly opposed to his actual opinion about spam, and we have our doubts about the rest of the purported quotes.
E-mail spammers are even damaging Usenet. See Peter da Silva's story about getting e-mail spams after posting to Usenet for a short while. The sort of activity he describes scares people away from participating in Usenet.
Lastly, chain letter spams are not just rude, annoying, and spam. If there is money exchanged, they're illegal in the United States according to the United States Postal Service. For the definitive word on "Make Money Fast" chain letters, see the MMF Hall of Humiliation. See also what other users are saying about MMF, and take a look at some information on Pyramid schemes on Usenet. Additionally, you can now report apparent tax fraud and schemes to make unreported income to the IRS. net-abuse@nocs.insp.irs.gov should be used to report them. Use hotline@nocs.insp.irs.gov to report threats against the IRS or its employees, attempted bribery, or any other attacks on the integrity of the tax system. Do not use it for general spam complaints, and especially do not use an automatic filter to send mail there.
We are not opposed to Commerce
12 Sep 2001 - Spammers are soliciting donations for relatives of the victims of the 9/11/2001 terrorist attacks on the USA. We at spam.abuse.net do not believe that any of these relatives will see any of that money.
The spammers have a new trick - they supply an offshore phone number that you are supposed to call to be removed. The call costs $2 per minute. Sometimes they play a tape directing people to CAUCE, in what appears to be an attempt to discredit us. See an example.
-->One trick the spammers tried is to set up fake anti-spam sites, or to forge e-mail from anti-spam organizations such as CAUCE. Neither CAUCE, as an organization, nor any anti-spammers, as individuals, are soliciting or accepting donations of money or any other valuable consideration. Another earmark of just such a forgery is use of a throw-away or invalid e-mail address. If you see a supposed anti-spam e-mail or a web site that is asking for money, it's a fake. Report it to your nearest anti-spammer and the National Fraud Information Center.
page
defunct 5 July 2000 SHM --> dead link 5 July 2000 SHM -->Spammers lie to their customers. For example, Quantum Communications claimed to Mass Music, an innocent customer, that they'd send a mailing to people who'd asked to receive info about new products and services, not to thousands of unwilling spam recipients. Now Mass Music's made thousands of new enemies who will never buy from them after to being spammed, due to Quantum's misrepresentations.
Another, similar, lie is to sell someone a mailing list and tell them that the people on it want advertising e-mail. Most of the time, the list is one of the same old spam lists that's been around five years. There are a very few lists of people who've signed up for ads, but they're small, targetted, anot not cheap. Any large list purporting to be of people who want any kind of advertising e-mail is a fraud.
Spammers also cheat their suppliers. A number of ISPs have admitted that many or most of their spammers never pay for their service. This is especially true with the spammers who use free trial accounts with a provider to send their spew. It's obvious in those cases that they never intended to pay.
Further, as the "Global Communications" 809 phone fraud shows, con-men and thieves are gravitating toward massive spams as a way to perpetrate their crimes. For more information on fraud and scams, see the National Fraud Information Center, Internet ScamBusters or the Commodity Futures Trading Commission.
Scamsters are spamming fake contest "entries" also. When one of them was called on it, they subscription-bombed the person who did it. See the whole story.
Another typical claim is to spam offers for "free" web pages. Peter da Silva has a list of legitimate offers of free Web space.
Recently, someone forwarded me a spammed web site registry offer. They claimed they had a list of high-profile customers, including The New York Times, Iams and Inc. I forwarded a copy to The Times and received a call early the next morning not only disclaiming a connection to the spammer, but letting me know that they were ordering the spammer to stop using The Times' name in their advertising. See The Times' follow-up e-mail to me. My correspondent contacted Iams - see their response - and Inc. - their response. In a final fillip, the spammer is now being investigated for fraud - false advertising.
Spammers are also not above inventing their own testimonials. The Cybertize E-mail home page includes a bunch of quotes. The first one, allegedly from The Internet for Dummies is, according the the book's author, a complete fabrication and utterly opposed to his actual opinion about spam, and we have our doubts about the rest of the purported quotes.
E-mail spammers are even damaging Usenet. See Peter da Silva's story about getting e-mail spams after posting to Usenet for a short while. The sort of activity he describes scares people away from participating in Usenet.
Lastly, chain letter spams are not just rude, annoying, and spam. If there is money exchanged, they're illegal in the United States according to the United States Postal Service. For the definitive word on "Make Money Fast" chain letters, see the MMF Hall of Humiliation. See also what other users are saying about MMF, and take a look at some information on Pyramid schemes on Usenet. Additionally, you can now report apparent tax fraud and schemes to make unreported income to the IRS. net-abuse@nocs.insp.irs.gov should be used to report them. Use hotline@nocs.insp.irs.gov to report threats against the IRS or its employees, attempted bribery, or any other attacks on the integrity of the tax system. Do not use it for general spam complaints, and especially do not use an automatic filter to send mail there.
We are not opposed to Commerce
Why is spam bad?
Posted in on by
Q. Why do we get soooo upset when we receive E-mail which was not requested?
There are several reasons:
The free ride. E-mail spam is unique in that the receiver pays so much more for it than the sender does. For example, AOL has said that they were receiving 1.8 million spams from Cyber Promotions per day until they got a court injunction to stop it. Assuming that it takes the typical AOL user only 10 seconds to identify and discard a message, that's still 5,000 hours per day of connect time per day spent discarding their spam, just on AOL. By contrast, the spammer probably has a T1 line that costs him about $100/day. No other kind of advertising costs the advertiser so little, and the recipient so much. The closest analogy I can think of would be auto-dialing junk phone calls to cellular users (in the US, cell phone users pay to receive as well as originate calls); you can imagine how favorably that might be received.
The ``oceans of spam'' problem. Many spam messages say ``please send a REMOVE message to get off our list.'' Even disregarding the question of why you should have to do anything to get off a list you never asked to join, this becomes completely impossible if the volume grows. At the moment, most of us only get a few spams per day. But imagine if only 1/10 of 1 % of the users on the Internet decided to send out spam at a moderate rate of 100,000 per day, a rate easily achievable with a dial-up account and a PC. Then everyone would be receiving 100 spams every day. If 1% of users were spamming at that rate, we'd all be getting 1,000 spams per day. Is it reasonable to ask people to send out 100 ``remove'' messages per day? Hardly. If spam grows, it will crowd our mailboxes to the point that they're not useful for real mail. Users on AOL, which has a lot of trouble with internal spammers, report that they're already nearing this point.
The theft of resources. An increasing number of spammers, such as Quantum Communications, send most or all of their mail via innocent intermediate systems, to avoid blocks that many systems have placed against mail coming directly from the spammers' systems. (Due to a historical quirk, most mail systems on the Internet will deliver mail to anyone, not just their own users.) This fills the intermediate systems' networks and disks with unwanted spam messages, takes up their managers' time dealing with all the undeliverable spam messages, and subjects them to complaints from recipients who conclude that since the intermediate system delivered the mail, they must be in league with the spammers.
Many other spammers use ``hit and run'' spamming in which they get a trial dial-up account at an Internet provider for a few days, send tens of thousands of messages, then abandon the account (unless the provider notices what they're doing and cancels it first), leaving the unsuspecting provider to clean up the mess. Many spammers have done this tens or dozens of times, forcing the providers to waste staff time both on the cleanup and on monitoring their trial accounts for abuse.
It's all garbage. The spam messages I've seen have almost without exception advertised stuff that's worthless, deceptive, and partly or entirely fraudulent. (I include the many MLMs in here, even though the MLM-ers rarely understand why there's no such thing as a good MLM.) It's spam software, funky miracle cures, off-brand computer parts, vaguely described get rich quick schemes, dial-a-porn, and so on downhill from there. It's all stuff that's too cruddy to be worth advertising in any medium where they'd actually have to pay the cost of the ads. Also, since the cost of spamming is so low, there's no point in targeting your ads, when for the same low price you can send the ads to everyone, increasing the noise level the rest of us have to deal with.
They're crooks. Spam software invariably comes with a list of names falsely claimed to be of people who've said they want to receive ads, but actually consisting of unwilling victims culled at random from usenet or mailing lists. Spam software often promises to run on a provider's system in a way designed to be hard for the provider to detect so they can't tell what the spammer is doing. Spams invariably say they'll remove names on request, but they almost never do. Indeed, people report that when they send a test ``remove'' request from a newly created account, they usually start to receive spam at that address.
Spammers know that people don't want to hear from them, and generally put fake return addresses on their messages so that they don't have to bear the cost of receiving responses from people to whom they've send messages. Whenever possible, they use the ``disposable'' trial ISP accounts mentioned above so the ISP bears the cost of cleaning up after them. I could go on, but you get the idea. It's hard to think of another line of business where the general ethical level is so low.
It might be illegal. Some kinds of spam are illegal in some countries on the Internet. Especially with pornography, mere possession of such material can be enough to put the recipient in jail. In the United States, child pornography is highly illegal and we've already seen spammed child porn offers. Any one of these six would be enough to make me pretty unhappy about getting junk e-mail. Put them together and it's intolerable.
There are several reasons:
The free ride. E-mail spam is unique in that the receiver pays so much more for it than the sender does. For example, AOL has said that they were receiving 1.8 million spams from Cyber Promotions per day until they got a court injunction to stop it. Assuming that it takes the typical AOL user only 10 seconds to identify and discard a message, that's still 5,000 hours per day of connect time per day spent discarding their spam, just on AOL. By contrast, the spammer probably has a T1 line that costs him about $100/day. No other kind of advertising costs the advertiser so little, and the recipient so much. The closest analogy I can think of would be auto-dialing junk phone calls to cellular users (in the US, cell phone users pay to receive as well as originate calls); you can imagine how favorably that might be received.
The ``oceans of spam'' problem. Many spam messages say ``please send a REMOVE message to get off our list.'' Even disregarding the question of why you should have to do anything to get off a list you never asked to join, this becomes completely impossible if the volume grows. At the moment, most of us only get a few spams per day. But imagine if only 1/10 of 1 % of the users on the Internet decided to send out spam at a moderate rate of 100,000 per day, a rate easily achievable with a dial-up account and a PC. Then everyone would be receiving 100 spams every day. If 1% of users were spamming at that rate, we'd all be getting 1,000 spams per day. Is it reasonable to ask people to send out 100 ``remove'' messages per day? Hardly. If spam grows, it will crowd our mailboxes to the point that they're not useful for real mail. Users on AOL, which has a lot of trouble with internal spammers, report that they're already nearing this point.
The theft of resources. An increasing number of spammers, such as Quantum Communications, send most or all of their mail via innocent intermediate systems, to avoid blocks that many systems have placed against mail coming directly from the spammers' systems. (Due to a historical quirk, most mail systems on the Internet will deliver mail to anyone, not just their own users.) This fills the intermediate systems' networks and disks with unwanted spam messages, takes up their managers' time dealing with all the undeliverable spam messages, and subjects them to complaints from recipients who conclude that since the intermediate system delivered the mail, they must be in league with the spammers.
Many other spammers use ``hit and run'' spamming in which they get a trial dial-up account at an Internet provider for a few days, send tens of thousands of messages, then abandon the account (unless the provider notices what they're doing and cancels it first), leaving the unsuspecting provider to clean up the mess. Many spammers have done this tens or dozens of times, forcing the providers to waste staff time both on the cleanup and on monitoring their trial accounts for abuse.
It's all garbage. The spam messages I've seen have almost without exception advertised stuff that's worthless, deceptive, and partly or entirely fraudulent. (I include the many MLMs in here, even though the MLM-ers rarely understand why there's no such thing as a good MLM.) It's spam software, funky miracle cures, off-brand computer parts, vaguely described get rich quick schemes, dial-a-porn, and so on downhill from there. It's all stuff that's too cruddy to be worth advertising in any medium where they'd actually have to pay the cost of the ads. Also, since the cost of spamming is so low, there's no point in targeting your ads, when for the same low price you can send the ads to everyone, increasing the noise level the rest of us have to deal with.
They're crooks. Spam software invariably comes with a list of names falsely claimed to be of people who've said they want to receive ads, but actually consisting of unwilling victims culled at random from usenet or mailing lists. Spam software often promises to run on a provider's system in a way designed to be hard for the provider to detect so they can't tell what the spammer is doing. Spams invariably say they'll remove names on request, but they almost never do. Indeed, people report that when they send a test ``remove'' request from a newly created account, they usually start to receive spam at that address.
Spammers know that people don't want to hear from them, and generally put fake return addresses on their messages so that they don't have to bear the cost of receiving responses from people to whom they've send messages. Whenever possible, they use the ``disposable'' trial ISP accounts mentioned above so the ISP bears the cost of cleaning up after them. I could go on, but you get the idea. It's hard to think of another line of business where the general ethical level is so low.
It might be illegal. Some kinds of spam are illegal in some countries on the Internet. Especially with pornography, mere possession of such material can be enough to put the recipient in jail. In the United States, child pornography is highly illegal and we've already seen spammed child porn offers. Any one of these six would be enough to make me pretty unhappy about getting junk e-mail. Put them together and it's intolerable.
Subscribe to:
Posts (Atom)
