FTC contemplating bounties

[Jimemac]

Imagine if this comes true how much more fun us "vigilantes" will have

http://www.msnbc.msn.com/id/5326107/

Jimemac

[dra007]

We oughtta have our spam reports send to FTC automatically regardless of the bounties....I have had enough from spammers, phishers, sex advertized sites and all such criminal scum....

[Wazoo]

The FTC asked Julian to "knock it off" when at one time this was done ... Their servers couldn't keep up with the flow. The assumption is that there is some kind of sorting/analysis done on the incoming, and it just couldn't keep up with the flood of the "automatic" forwards ...

[Guest art101]

Interesting news article, jimemac. I was especially interested in the Direct Marketing Association's take on the idea. Anything the DMA doesn't like is probably something I support.

However, Steve Linford (founder of Spamhaus.org and ROKSO) says "It's a terrible idea" and that gives one pause. The Spamhaus position statement on Can-spam is interesting reading. See: http://www.spamhaus.org/position/CAN-SPAM_Act_2003.html

Wazoo, when you have a sec, more info on the FTC asking SC to "knock it off," please. I set my SC preferences in the web interface to include UCE at FTC dot GOV as a user-defined recipient. I've read on several anti-spam sites that the FTC wants copies of spam reports sent to that address. That address is also listed on the FTC website. Do you know if I should continue to click that checkbox when sending my reports via the web interface?

[turetzsr]

<snip>

Wazoo, when you have a sec, more info on the FTC asking SC to "knock it off," please. I set my SC preferences in the web interface to include UCE at FTC dot GOV as a user-defined recipient. I've read on several anti-spam sites that the FTC wants copies of spam reports sent to that address. That address is also listed on the FTC website. Do you know if I should continue to click that checkbox when sending my reports via the web interface?

Hi, art101,

...You didn't ask for my feedback but FWIW I'm almost certain the answer to your question is that you may continue to send copies of your reports to FTC. IIUC, FTC just asked Julian to turn off an automatic flow of spam reports to their e-mail address.

[Wazoo]

if I should continue to click that checkbox when sending my reports via the web interface

As Steve T stated, your sending of your report should go on if you're comfortable doing that. Explanation would be that (looking at http://alpha.cesmail.net/graphics/spamstats.gif ), your one click to send your copy of your spam is just a tick in time, as compared to the "Max spam 41.6 messages per second" that the FTC servers were choking on <g> (numbers may be different when you look, but it's the thought that counts <g>)

[Guest art101]

Thanks, Wazoo. Your replies made me smile out loud. It's indeed the thought that counts... and the hope we'll reclaim the net someday and live in a spam free world.

[zachariah]

more info on the vigilante idea (from one of my earlier posts):

Its really sad that the US federal law is so lousy and crushed the (short lived) new and beautiful California law against spam.  But, I hope that (under the federal law) at some point reports from SpamCop users are used in court against spammers.  It's nice that we are (at least sometimes) shutting down spammers at the source, but we really need to make it so spam doesn't pay.

I'd still like to see us to heading down a path such as the one suggested by Lawrence Lessig in his article September 16, 2002, A Bounty on Spammers (pdf)

at http://www.lessig.org/content/columns/ which describes his plan.  He even risked his career on his convictions...

from: http://www.philly.com/mld/inquirer/news/ed...ial/5778539.htm

"... last week, U.S. Rep. Zoe Lofgren (D., Calif.) introduced a bill that, if properly implemented by the Federal Trade Commission, would actually work [to eliminate most spam]. I am so confident she is right that I've offered to resign my job if her proposal does not significantly reduce the burden of spam." -- Lawrence Lessig

[btech]

We oughtta have our spam reports send to FTC automatically regardless of the bounties....I have had enough from spammers, phishers, sex advertized sites and all such criminal scum....

I already do. I add uce[at]TC.gov to all my spam reports. Might as well send this spam to "the man" to sort out, since they want to write all these fancy laws about it.

[Guest art101]

Hope that was a typo, brandonplan. It's uce[at]ftc.gov, not uce[at]tc.gov.

[dra007]

There is a consumer complaint form at this FTC web site that gives a different e-mail address:

mailto:spam[at]UCE.GOV

You can set up your reports to forward there!

[Wazoo]

One of my newsgroup postings about that new e-mail address;

=-=-=-=-

> Phone call got the "closed for the day" message, e-mail

> sent asking about the change, why there is no reference

> to the old address, what's the difference, etc. ...This new

> address is on several of the FTC pages, www.ftc.gov/spam

> and sub-links for instance ...

OK, called the 1-877-FTC-HELP number, talked to

three people that have never heard of the new address,

as they also still refer folks to use the uce[at]ftc.gov ...

Their only suggestion was for me to dial up

1-202-326-2830, something like Public Referral

Office and see if they have a clue as to where the

new address might have came from. Being retired

U.S.Army (read that as broke) long distance isn't

an option here ... anyone else want to take on the

task of figuring out where the individual that has

done up the web pages got his/her data?

I've got three e-mails out to various addresses,

one found on a page, one found as tech in the

registration, and of course webmaster .. but

no response from any of them either.

=-=-=-=-

Thus far, no takers on making the follow-up phone call, as the thread went way off topic due to someone wanting to know what cheap telephone company I was using that would require me to dial the US Country code of "1" to reach that office. ????

[dra007]

Have been sending to spam[at]UCE.GOV for a while now. Haven't got a Non-delivery message yet!

[turetzsr]

...Today when I try to add uce[at]ftc.gov as a report recipient, I get back:

uce[at]ftc.gov redirects to spam[at]uce.gov

uce[at]ftc.gov refuses spamcop reports

It worked fine yesterday.

Update 4:10 PM EDT: spam[at]uce.gov does work, though.

[Wazoo]

Finally got an answer from the FTC .... (turns out that art101's "add this address" clicks actually were adding to the "problem" <g>)

Hi:

The reason for the new spam[at]uce.gov address is that the spam stream

to the ftc.gov MTAs disrupts and delays regular employee business

email, especially when there is some kind of processing disruption.

During scheduled or non-scheduled maintenence, all email gets queued

up together and it can sometimes take hours to unwind the queue

(noting that everything has to be virus scanned). Because regular

email is buried in with the spam, it has become an issue.

The spam[at]uce.gov address is up and operational. It is exactly the

same processing into the spam database as uce[at]ftc.gov. There will

be a push to notify the internet world of the changed address before

the uce[at]ftc.gov address is retired.

Hope this helps,

Mike Frank <postmaster at ftc.gov>

>

> No response from last e-mail. Trying again, with more data.

> https://rn.ftc.gov/pls/dod/wsolcq$.sta...Z_ORG_CODE=PU01

> lists the spam[at]UCE.GOV as the address to "forward spam

> directly to the Commission" .. but again, no reference as to what

> the status is on the previously identified address of uce[at]ftc.gov.

>

> At issue is that the "old" address appears in so many lists around

> the world, but I can find no clue as to the background on the

> change to another address, thus making it hard to justify a

> heads-up on notifying some of these folks. Now we have added

> to the mix of several U.S. agencies setting yet another flag to

> reject user requested copies of SpamCop spam complaints/reports

> being rejected, and again, can come up with no reason .... the

> e-mail address of uce[at]ftc.gov is one of those addresses, though

> noting that my own continued spam submittals seem to go through

> just fine (i.e., no rejection or bounce condition)

>

> The original e-mail was also followed up by a phone call, but I

> found no helpful information at the office that handles these calls

> to the FTC either ... For some of the confusion existing thus far,

> I invite you to visit a Topic in one of the SpamCop support

> Forums http://forum.spamcop.net/forums/index.php?showtopic=1972

> to make it quick, you could jump to one of my posts at

> http://forum.spamcop.net/forums/index.php?...indpost&p=13107

>

> ----- Original Message -----

> From: "WazoO"

> To: <xxxx[at]ftc.gov>

> Sent: Monday, July 05, 2004 11:17 AM

> Subject: spam collection e-mail address

>

> > A considerable amount of traffic has recently

> > started in various newsgroups, relating to the

> > currently identified e-mail address of

> > spam[at]UCE.GOV ... vice the long

> > standing uce[at]ftc.gov e-mail address.

> > I've looked over many of the FTC

> > pages, but I can find no reference to

> > explain the change, no data on whether

> > the old address is still valid (though

> > have yet to receive a bounce) ...

> >

> > Is there a difference between the handling

> > of these two different accounts, something

> > different in what should be sent to either

> > address, or is it just that the old one is

> > now mapped to the new one and may

> > yet disappear?

> >

> > c.w.edwards

> > Moderator, SpamCop.net Forums

--

Mike Frank - Federal Trade Commission

[evilgenius]

Here's an idea. How about enlisting the aid of the hacking community to hack into the websites spammers direct you to. Either deface the site, or shut it down completely. The attack on spammers has to be on multiple fronts. First, go after the spammers themselves, then go after the companies that hire the spammers, then go after the ISP's that allow them to operate. If a zero tolerance attitude is used, then maybe we can rid the internet of these vermin.

[turetzsr]

Here's an idea. How about enlisting the aid of the hacking community to hack into the websites spammers direct you to. Either deface the site, or shut it down completely.

<snip>

33709[/snapback]

...Welll, for at least two reasons. The less convincing one (IMHO) is that fighting theft (spam) with theft (of spamvertized web sites and the bandwidth required to execute the processing that would deface them or shut them down) is unethical (or is it immoral? I can never keep the two straight). The more convincing argument (IMHO) is that some spamvertized web sites are innocent bystanders (they have nothing to do with the spammers and have not given their permission to the spammer to be included in the spam).

[Jeff G.]

We can't condone fighting abuse with abuse.

[turetzsr]

We can't condone fighting abuse with abuse.

33726[/snapback]

...Perhaps not qua representatives of SpamCop but as an individual, I fully endorse it, provided only the abusers (and not innocent bystanders) are harmed/inconvenienced.

[spaceman]

some spamvertized web sites are innocent bystanders (they have nothing to do with the spammers and have not given their permission to the spammer to be included in the spam).

About as innocent as a pawnshop hanging a sign that says "We buy hubcaps and stereos from anybody- No questions asked". They have given permission by the way they do business. Who gives the spammers a specific, identifiable code so that they can be paid for successful spamming?

This is the 'point of convergence' when you follow the money. The one place that's unlikely to be forged or zombied. The terms "aiding and abetting" and "accessory before the fact" are used to describe the practices of those who set up and enable other crimes. Shouldn't those who buy the goods have a resonsibility for knowing where they come from?

I'm not advocating that this should be justification for hacking into those sites; I don't believe that for a second. It's just that spamvertized sites are not that innocent of responsiblity for the fact that they are spamverized. And also that they hold the key to the identity of the spammers that they pay.

[Wazoo]

There are "spamvertised sites" and there are "spamvertised sites" .... the most recent innocent was a user talking about use of the Nod-32 antivurus tool that stamped his outgoing e-mail with that "certified virus free" crap .... and the "not being a "net genius" playing into should it be reported or not ... other samples are the spans that point to a stock-ticker somewhere else (usually yahoo) .. I've seen Google used as a listing to "the testimonials" ... some of the phishing attempts out there, to include those e-mails from the "SpamCop Adminstration office" ...

[turetzsr]

<snip>

some spamvertized web sites are innocent bystanders (they have nothing to do with the spammers and have not given their permission to the spammer to be included in the spam).

33711[/snapback]

<snip>

They have given permission by the way they do business. Who gives the spammers a specific, identifiable code so that they can be paid for successful spamming?

33901[/snapback]

...Those aren't the folks to which I was referring. I was referring to web sites that are not paying spammers for including them in their spam but, for example, those the spammers are trying to implicate by including them (and other similar IBs).

[Lking]

<snip> I was referring to web sites that are not paying spammers for including them in their spam but, for example, those the spammers are trying to implicate by including them (and other similar IBs).

33949[/snapback]

Yet an other testimonial for reviewing the spam reports before hitting "Send Report(s) Now." I don't believe any one here thinks the New York Times should be blocked because a reference was made to a story there. Many of the Pump and Dump spam I get reference the Wall Street Journal articles. Again a quick review, un check the box, and all is well.

[StevenUnderwood]

Yet an other testimonial for reviewing the spam reports before hitting "Send Report(s) Now." I don't believe any one here thinks the New York Times should be blocked because a reference was made to a story there. Many of the Pump and Dump spam I get reference the Wall Street Journal articles. Again a quick review, un check the box, and all is well.

33950[/snapback]

A second step to prevent this is marking those pages as IB for those that miss the unchecking for whatever reason.

[dbiel]

Yet an other testimonial for reviewing the spam reports before hitting "Send Report(s) Now." I don't believe any one here thinks the New York Times should be blocked because a reference was made to a story there. Many of the Pump and Dump spam I get reference the Wall Street Journal articles. Again a quick review, un check the box, and all is well.

33950[/snapback]

Remember SpamCop never adds any web site to the blocking list. Only the IP address of the mail server sending or forwarding the spam ends up on the blocking list.