Lycos Europe's awful new idea

[Miss Betsy]

The only thing missing from the last argument is that some of us do not have the option to change the e-mail address.

It may be more difficult for others to change email addresses, but there are ways to use a spam free email address for trusted correspondents. Many businesses don't want to change because they don't want to inconvenience customers. However, one businessman outlined a plan where he did change the company email address. It involved keeping the old one and monitoring it, but he said that most of their real email was coming to the new address. And I know that the spammers are now doing sort of a dictionary attack using all kinds of addresses with the domain name so even if the main address is not guessed, the domain has to deal with spam any way.

OTOH, many people are very satisfied with using blocklists in combination with certain filters. The neat thing to me about blocklists is that if the sender is not the one spamming, s/he is notified that hir email didn't go through and why. Then the sender has the option to /do/ something constructive about stopping the spam and also has the ability to use other methods (including other email addresses) in order to communicate while working to correct the problem. The burden of responsible emailing is put where it belongs.

Miss Betsy

[btech]

Anyone seen this site/program?

http://www.spamitback.com/

I'm no computer wiz, so anyone know if this statement is legit?

The way that this software works is as follows.

1. The software writes the message, using the text you requested.

2. The software then connects directly to the spammers mailbox, i.e., mail.bigtimespammer.com, through port 25, and sends the e-mail, completely bypassing your ISP's mail server from 'resolving' the mail. ISP's only generally get 'annoyed' when you are constantly checking the mail.isp.com mail server. This software does not do that (if it did, you'd have to enter your login details, e-mail address, etc).

3. The mail is then delivered.

[msealey]

Miss Betsy,

I'm sorry but I can't agree: that people should not be co-erced, Yes. That we must all be polite, Yes! That there have been some pretty mad and sad ways developed to deal with spam, Yes.

The other week I got - in my fortress email program (MailSmith with SpamSieve on Panther) - a delightful 'Is that you, Mark?' email from a long-lost (12 years) colleague with whom I worked in another country.

My 99.95% accurate spam filter recorded it as a false positive: her tone was exuberant and she was sending from a domain well known to be soft on abuse. I doubt she'd have had the confidence to follow through with a challenge-response.

I have an aggressive SpamAssassin set on my server etc etc etc and had never replied to any 'offer' from this domain (left my keys in the car). The domain is newish and was found by the bots within three days. So I spend an hour each day every day of the year (10% of my waking time) trawling through the 'spam' mailbox to check on literally thousands of incoming filtered messages from some 3 dozen POP3 accounts. I would have lost her if I had relied on blocklists, prudence, politesse etc.

I cannot 'change' my address every six months; when I tried it, I was found within another week.

No, commerce and cheat at any price (aka capitalism) means the spammers are fair game if they come within a mile of me. I will not knowingly or willingly impede the rights of a living soul to enjoy the bandwidth and freedom of access everywhere which they deserve. I will not tolerate revenge or revenge attacks.

But when someone comes up with a way to make even a tiny dent in the feeling that the spammers have that they can ride roughshod over the rest of us, by doing my bit to resist, I feel I'm being part of the solution not the dormant, apathetic problem.

[msealey]

Anyone seen this site/program?

http://www.spamitback.com/

I'm no computer wiz, so anyone know if this statement is legit?

21050[/snapback]

This just came back online today.

In addition to emailing using - they say - the spammers' own smtp server, it claims to fill their web logs with requests (!) and fill out forms on spammers' sites - repeatedly.

The email addresses to which this s/w (Wintel only) sends are apparently ones 'verified' by the producers. It's free.

[btech]

This just came back online today.

The email addresses to which this s/w (Wintel only) sends are apparently ones 'verified' by the producers. It's free.

21052[/snapback]

Right, I got an email from them, because I attempted to load the program before, but it was offline. My concern is that they're on the level, in how they've presented the program. My concern is a spammer getting my IP address, then trying to attack me. From the looks of things, their site sends the mail and doesn't present my IP address. Is that so?

[msealey]

Right, I got an email from them, because I attempted to load the program before, but it was offline.  My concern is that they're on the level, in how they've presented the program.  My concern is a spammer getting my IP address, then trying to attack me.  From the looks of things, their site sends the mail and doesn't present my IP address.  Is that so?

21057[/snapback]

I can't be sure; but the Forums on their site suggest they have an intelligent and informed community of satisfied participators.

[dra007]

Very nice, and works seemlessly! Thanks for the info!

[Miss Betsy]

I'm sorry but I can't agree: that people should not be co-erced, Yes. That we must all be polite, Yes! That there have been some pretty mad and sad ways developed to deal with spam, Yes.

Where have I ever said that people should be 'co-erced?' If someone prefers to use a spammy IP, and I politely tell them that the IP address is supporting spammers and I don't intend to receive the spam, then if they are insulted or don't want to go to the trouble of complaining to their ISP or using a web based email, then that's their problem if they want to communicate with me.

However, if Hormel wanted to, they could 'co-erce' you into stopping the use of spam (a Hormel product) when you mean 'spam' defined as unsolicited email.

My 99.95% accurate spam filter recorded it as a false positive: her tone was exuberant and she was sending from a domain well known to be soft on abuse. I doubt she'd have had the confidence to follow through with a challenge-response.

I don't think you are reading carefully. Challenge-response was never mentioned and is one of the 'sad' ways of dealing with spam. The sender gets an undeliverable message from their ISP. There is no way to make it deliverable without making the ISP get rid of the spammer. There are other ways to use the internet for email without using the ISP you use for connection.

the 99.95% accurate spam filter always fails - usually on emails of this sort. That's why I don't use content filters. If you had missed seeing that false positive - which is very possible because of the number of true positives, she would never know why you didn't reply.

I cannot 'change' my address every six months; when I tried it, I was found within another week.

It sounds as though you are publishing your address on the web. I believe there are ways to protect addresses from the spiders. Otherwise you are not being prudent.

But when someone comes up with a way to make even a tiny dent in the feeling that the spammers have that they can ride roughshod over the rest of us, by doing my bit to resist, I feel I'm being part of the solution not the dormant, apathetic problem.

The problem is that by hammering a spammer website, you are not 'resisting' You are using the internet in ways that it was not intended to be used just like the spammer.

If you want to be part of the solution, not the dormant, apathetic problem, then you will put the responsibility for decent internet use on the *sender* - the only place where spammers can be controlled legitimately. You make excuses for your friend. Have you explained to her how her use of the internet is making it more difficult for the rest of us? If she drove her car the way she uses the internet, you might sympathize with her that she lost her license, but you wouldn't uphold her right to keep driving.

Miss Betsy

[msealey]

Miss Betsy,

I'm not sure this is going anywhere; thank you for your point of view, which I respect and have read carefully. I believe we may want the same thing but appear to have different beliefs in how it can be achieved.

spam is not some passing technological phenomenon; it is as much a consequence of capitalism as are war and such state terrorism as that being carried on by the US in Iraq. It is the duty of those at the receiving end to resist it - as are the freedom-fighters in Iraq. By a means of their choosing. I wish they did not have to. I wish we did not have to resist spam by all means at our disposal as well. My vision is of a world based on compassion and non-violence. Sometimes by adopting such a stance too dogmatically, though, we actually further the persistence of violent offenders. Sometimes the wound has to be lanced.

Such a system as commercial 'advantage' at all costs - based on greed and grab - inevitably leads to individuals, groups and corporations exploiting the technology for selfish and outrageous ends. That is what we are dealing with in the spam phenomenon, which is essentially different from viruses and other security exploits.

Just as governments are not about to surrender power by petitions and polite requests, so spammers are not going to stop because we repeatedly ask them (and their ISPs, where relevant) to stop. This is a cultural and a political issue.

If the tactics we have been discussing really hurt innocent bystanders, then I will not employ them. That, I agree, is as bad as the spammers and cannot be sanctioned. But I have yet to be convinced that they do (significantly hurt other internet users).

The ISPs I use (at least three different) are as tight and well-equipped in terms of security as it gets. Their strictures on responsible web and email practices are as rigorous as I have ever known. I abide by them. I disguise all my email addresses on all my sites; I never reply to spam; never buy from a spamvertised site; never contribute any more to newsgroups. I also report assiduously, almost hourly, to SpamCop. It is not (I don't believe) practical for me to use the SpamCop mail forwarding system: I just have too many accounts. Yet the onslaught is relentless and severely debilitating.

Because I intend to defend my right to carry on conventional email correspondence with multiple constituencies, for many of whom it is just not feasible to make the act of what ought to be a simple compose-and-send experience any more involved than it already is, I also believe it is my right to experiment with emerging strategies (spamitback.com, MLNS, 419 Ladvampire, honeypot etc) that tackle spam from 'outside the box' (literally). Good luck :-)

[dra007]

You have my support Mark, I run that program non-stop on two systems since last night.

[btech]

Very nice, and works seemlessly! Thanks for the info!

21063[/snapback]

I tried out the prog last night... though I'm not sure what I'm seeing. It looks as if the program is sending email to known spammer address, then attempting to clog up the order pages and sending other data to the website? I guess my concern is that my IP is being transmitted to these spammers.

[msealey]

Thanks dra007 :-)

I guess my concern is that my IP is being transmitted to these spammers.

There was a long period (two months?) when spamitback.com appeared to be dormant.

Earlier this week the system came back online and emails began to be answered. I had two such; genuine with genuine addresses, though I won't repeat them here for obvious reasons. Otherwise they invite contact via the forms on their site. That method now seems to work again. I understand your concern and suggest you try that. Good luck :-)

Maybe you'd let us know if you're satisfied, please?

I repeat, I dearly wish such activity were unnecessary. I hope one day it will be. It's demeaning to us. But from these several techniques now available to us let's hope that more concrete solutions will be prodded into emerging. For the good of the majority...

[Jeff G.]

Whilst I understand this point, what isn't clear is how using this screensaver will have any effect whatsoever on the junk you receive in your mailbox.

You can busy up a website and the surrounding cables that go nearby and thereby slow the site down and possibly inconvenience a whole bunch of bystanders, innocent or not, but there is no evidence that using this screensaver thingy will have any effect whatsoever on the quantity of spam you receive.

Of course you can change Email addresses but why should you have to be inconvenienced in this way.  What you need is a means of blocking the incoming spam via a filtered Email account using a blocklist.

Slowing the website down may make you feel like you've done something but if I was a betting man I'd wager that it will have absolutely zero impact on the amount of spam arriving with you.

21032[/snapback]

I believe the point is to not only slow the spammer's website, but cost the people that run that website so much money (CPU time and bandwidth) that they will cease their spamming ways.

[Miss Betsy]

Just as governments are not about to surrender power by petitions and polite requests, so spammers are not going to stop because we repeatedly ask them (and their ISPs, where relevant) to stop. This is a cultural and a political issue.

And that's what I have been saying. Being polite in demanding your rights worked for Ghandi and Martin Luther King, however offline it can be deadly. Online the only cost is money so there is no reason why being polite and refusing to accept spam from irresponsible senders wouldn't work.

IMHO, demeaning yourself online to fight the spammers is going to change how the internet operates and invite censorship and government control.

Also, IMHO, your repeated refusal to honor Hormel's trademark is also rude. However, since you apparently are down on capitalism as well as spammers, it is not surprising. A truly polite person does not differentiate by 'label' but by behavior. Abuse is abuse - no matter who does it nor why they do. I notice that you also look down on your constituency who are unable to comprehend the simple rules of the internet, in your opinion. Myself, it is all a matter of attitude. Some people learn; some people won't.

Miss Betsy

[msealey]

Miss Betsy,

...there is no reason why being polite and refusing to accept spam from irresponsible senders wouldn't work. 

With respect, there is every reason why it does not work: I have excellent filters but I still have to check in my spam mailbox - just in case :-( I cannot take the risk of blocking all mail from certain known spammers - just in case :-( Nor can I keep up with such a system :-(

A truly polite person does not differentiate by 'label' but by behavior.

I agree: labels are insidious. It is indeed the behaviour of spammers with which I am dissatisfied.

These references to the originators of chopped animals mean little, I fear: I am a vegan and abhor the cruelty involved in tinning cattle.

Abuse is abuse - no matter who does it nor why they do.

Are you sure: is evading a parking fine as 'wicked' as slaughtering 100,000 people in a sovereign country? Is sending one item of uce as abusive as sending ten trillion? The motive may be similar/comparable but the effect is negligible, isn't it?

I notice that you also look down on your constituency who are unable to comprehend the simple rules of the internet, in your opinion

Not so, Miss Betsy; I don't wish to be combative: it is precisely because I respect them and their right to write to me (out of the blue, unannounced) that I stand firm for spam-free channels of communication and respect too their levels of tolerance and understanding of how the internet works.

[StevenUnderwood]

I have excellent filters but I still have to check in my spam mailbox - just in case

I think you are missing Miss Betsy's point. By using a blocklist rather than a filter, you would not have to check your spam mailbox and the sender would get the information that their message did not get through.

[turetzsr]

Hi, Mark!

<snip>

If the tactics we have been discussing really hurt innocent bystanders, then I will not employ them. That, I agree, is as bad as the spammers and cannot be sanctioned. But I have yet to be convinced that they do (significantly hurt other internet users).

<snip>

21101[/snapback]

...Please share why you found my reply, above 20983[/snapback] to be unconvincing to you. Perhaps someone else (StevenUnderwood?) would be able to explain it better than I could.... Thanks!

[Guest art101]

spam is not some passing technological phenomenon; it is as much a consequence of capitalism as are war and such state terrorism as that being carried on by the US in Iraq. It is the duty of those at the receiving end to resist it - as are the freedom-fighters in Iraq. By a means of their choosing. I wish they did not have to. I wish we did not have to resist spam by all means at our disposal as well. My vision is of a world based on compassion and non-violence. Sometimes by adopting such a stance too dogmatically, though, we actually further the persistence of violent offenders. Sometimes the wound has to be lanced.

21101[/snapback]

Had to wade back in here (I'm the guy who posted this original topic). Kudos to the forum crew for creating a lounge where we can all let our hair down and exchange posts about issues not directly related to SpamCop functionality. In this whacky, scary, spam-highjacked world, it's a great place to vent off a little pressure.

I agree with much of what msealey posted. As an antiwar and antispam activist, I think I understand this point of view. I donate time and artwork to many causes I believe in... most recently, an effort to make sure our national election wasn't stolen - again.

See: http://art101.com/vote

I'm also donating time and resources to redesigning the related Black Box Voting website - which will replace their current site at http://www.blackboxvoting.org (to make it more seamless and effective, I hope). An antiwar MP3 page I donated to a northern California acappella vocal group currently enjoys an average of 200 - 300 downloads per day.

See: http://art101.com/peace

...bandwidth I'm happy and honored to give away.

I also donate time and artwork to antispam efforts... including the SpamCop logo and CAUCE to name a few.

See: http://www.cauce.org

Since I'm not a techie, my antispam efforts seem more effective when directed toward building awareness and effective PR and branding. To see a sample of a logomark and branding campaign I designed for a nonprofit organization that helps seniors and people with disabilities get rides to doctors, family, friends, or supermarkets, go here...

http://paratransit.org

I'm not trying to blow my own horn with all these links. I'm just trying to convey some sense of my commitment.

All that said, fighting evil with evil will never kill it. Ever. Fighting evil with evil results in wars built on lies and airplanes slamming into office buildings - all in the name of some brain-dead dogma. Resisting spam by "all means at our disposal" must never include tactics used by spammers. As hard as I try, I can't think of a better way to more clearly express this fact. As tempting as misplaced revenge might feel in the short term, long term solutions might be better found elsewhere... maybe in comments Miss Betsy posted on this topic. I encourage everyone to scroll back up and read her comments.

Msealey said, "Sometimes the wound has to be lanced." Yes. I agree. Wholeheartedly. Without question, this is true. But to stretch that metaphor a little more, we must not lance the wound with the same dirty infection that feeds it. That's worse than pointless.

Elsewhere on this forum, readers can find references to a site launched a few weeks ago called Project Honeypot. IMHO, the concept is brilliant and well executed. I hope everyone who found "Make Love Not spam" interesting will check out http://projecthoneypot.org

[msealey]

art101,

I agree: thanks to those at SpamCop who have made it possible for us to air our frustrations; I also accept that we probably all want the same thing and respect those with whom I disagree: I hope that is obvious :-) If not, I apologize without reserve.

Blocklist: Yes, great idea. But who has time to update it? Do you know of a way to make it effective; as fast as it's up to date, the spammers are in at the edges? And what of the legitimate sender who has got on the list by mistake? I maintain SpamAssassin on three of the POP3 servers from which I receive email. At best it helps detect 25% of incoming spam. It's also a very reactive system.

spam is an economic not technological phenomenon; it is a trademark of a selfish and grab-happy elite and would-be elite. As such the solutions - most definitely not to confront evil with evil - must be social and economic.

The big difference between MLNS and its cousins is this, as I see it: they are bluff-calling (to speak with tongue in cheek) or challenging (to be a little more acid) or targeting (to be determined) of a minority of individuals by the concerned majority. spam is the other way around. In my book, that doesn't make us as 'bad' as they are. Though I'm always prepared to rethink. Honest!

I have now got honeypot CGI on one of my sites. I expect to put it on the others next week. Applause to the folk there. But even they admit their strategy is to 'catch' harvesters then 'report' them to authorities (if anyone knows whether this operation stretches beyond the FTC in the US, I'd like to know), who have already shown (e.g. by the opt-out environment of CANSPAM) that they are not up to the task.

Sites of mine have been the object of attacks. I appreciate the damage by proximity argument, Steven, but have yet to be convinced that it is such a threat to the innocent as has been claimed - multiple hits each minute or no. Though I am listening :-) I have managed sites which have lived through attempted DDOS and sucking attacks - and even sustained bots to the extent of several hundred a second. I had no evidence the half dozen times or so that it has happened that others were affected.

I hope that sounds as open-minded as I really am on this - in equal measure, probably, to how exhausted I am by the menace.

[Guest art101]

Checking this board one more time tonight... before I go fall over.

To sleep, perchance to dream.

...stole that line from a guy named William Shakespeare. He wrote some pretty good stuff a while back. IMHO, his stuff still sorta punches through. Not many people read his work these days. Come to think of it, not many people read at all anymore.

Anyway, I'll keep an eye on this thread and post anything worthwhile I find to offer. Meanwhile, here's a good tune that sorta relates to this whole theme. It's by a guy named Paul Delph... who died of AIDS in 1996. I miss him every day. Every hour or so, actually.

Through this pop tune, he's talking about the potential of global communication systems to help us all find common ground. He died just before the Internet really took off. In some ways, I'm glad he didn't live to see our modern online Internet.

http://www.art101.com/101temp/trans

[Miss Betsy]

spam is an economic not technological phenomenon; it is a trademark of a selfish and grab-happy elite and would-be elite. As such the solutions - most definitely not to confront evil with evil - must be social and economic.

And that's what I am trying to say - blocklisting is both a social and economic solution. It takes more time (just like recycling) in education of the poor souls who are emailing you. The economic part comes when the *sender* complains to their ISP that their emails are not being received because the ISP is not being responsible. The short term effect may be that *you* can't counsel as many people; the long term effect is that responsible people will be able to communicate without dealing with spam.

As far as the difference in stealing a pack of gum and stealing millions of dollars, the Catholic Church does recognize that there are venial and mortal sins. However, the Church also teaches that not trying to avoid venial sin leads to mortal sin. I am reminded of the Chesterton (I think) story about his conversation with a woman where the punch line is " We have established what you are, now we are establishing what your price is."

The law also acknowledges that stealing depends on how much by calling some thefts 'misdemeanors' and others 'felonies' Shoplifting a pack of gum may get you forgiven by the merchant, but technically it is still shoplifting.

My point is that it is totally unnecessary to stoop to abuse in order to control spam - because there is no real 'harm' caused by spam. Cost, inconvenience, annoyance, yes. But no one is killed.

Using force to control spammers (as opposed to refusing to accept their spam or allowing them to use our resources to spam) and thereby, making 'force' a legitimate internet function opens the door to other offline restrictions such as censorship and will change the character of the internet.

I, too, am anti-war, but offline I do support military action because I will act in self defense. It gets really complicated when you have armies used the way modern armies are used, and the 'real' solutions are again 'social and economic' , but since I know that I would not hesitate to defend myself, IMHO, the world is not ready for no armies. I am hopeful that when more people use social and economic solutions, that military action will be unnecessary.

IMHO, if the internet can be controlled by 'non-violent' aka 'non-forcing' action, it will be a lesson to the offline world.

Miss Betsy

Miss Betsy

[StevenUnderwood]

Blocklist: Yes, great idea. But who has time to update it? Do you know of a way to make it effective; as fast as it's up to date, the spammers are in at the edges?

That is exactly why I support the spamcop BL. It reacts quickly to stop the flow of current spam runs and drops the IP off when the flow stops.

And what of the legitimate sender who has got on the list by mistake?

Usually, it is not a mistake with spamcop, just that they are probably not the cause of the block, someone else is. They get a message back saying their email was refused so they can investigate or use another method of contact.

I maintain SpamAssassin on three of the POP3 servers from which I receive email. At best it helps detect 25% of incoming spam. It's also a very reactive system.

Using the spamcop email system with all of the blocklists enabled, I get about 125-150 spam messages stopped per day and maybe 1-2 that get through to the inbox. However, using the spamcop email system, the senders do NOT get the benefit of knowing whether their message got through or not.

With my current whitelist, I could almost go to block all but then I would need to check the Held mail folder closer looking for friends who are using new addresses and the such, not worth the extra effort.

[Guest art101]

http://www.art101.com/101temp/trans

[Wazoo]

Second recent posting of the same URL, but this time with no description added to explain. Could be taken as a sign of spamming the Forum.

[Guest art101]

Second recent posting of the same URL, but this time with no description added to explain.  Could be taken as a sign of spamming the Forum.

21294[/snapback]

No attempt to spam the forum was intended, Wazoo. I would never do that. I had actually typed some pretty good related stuff in another program (AppleWorks). It has a good spell-checker and context-sensitive thesaurus. I'm spelling challenged - nearly dyslectic, actually. I neglected to paste the new text in here before posting (and then turning off this dumb box for the night). An honest and stupid mistake on my part. I apologize.

I don't think I'll visit here very often any time soon. It's like walking on eggshells at every step. While white-hats bicker and talk at cross purposes, spammers continue to rape the net. Whatever. I'll just report the spew and keep my mouth shut.