Hosts that don't care?

[btech]

I've been battling with some club promoters in California that harvested my email and have been spamming me for months (one for as long as a year). I seem to keep reporting them, but find no change, infact, MORE email from them.

Case and points:

http://www.spamcop.net/sc?id=z801983709z0c...5b5755a23912a8z

- Liquidweb sends these for their client, but obviously don't read the notes I put "DID NOT SIGN UP FOR THIS LIST"....

http://www.spamcop.net/sc?id=z801967941z7c...7ba997e518e6eez

- This one has been spamming me for over a year. I've sent several emails to the sender with "UNSUBSCRIBE".. nothing. I even reported them to the IFCC/FBI for Harassment, but I doubt much will come of that. What bothers me is that the site for this schmuck is hosted on http://www.syntrio.com/html/industry/index.shtml which you can see is NOT a hosting company, so i doubt I'll get the guy that's stealing the bandwidth to turn himself in... here's some of the past reports:

http://mailsc.spamcop.net/mcgi?action=show...id;val=23142557

What do you guys recommend? I'm tired of hosts that don't enforece TOS.

[Farelf]

Some say take it upstream as far as you can, talk/write to the most senior person you can - and persevere. In the case of Liquid Web Inc., I guess you're looking at:

Matthew J. Hill, CEO

Liquid Web Inc.

4210 S Creyts Rd

Lansing, MI

48917-9526, US

Apparently this guy founded his company as a 16-year old in 1997 - see some background at https://edwardlowe.org/Michigan50/index.pee...rofile&recid=91

Worth a try, I should think. Good luck

[dbiel]

The only effective way to reduce the amount of spam that is being sent to you is to change your email address - not a very good solution for most people.

The only effective way to reduce the amount of spam that you receive is to use filtering of one type or another. I use SpamCop email for that purpose along with local client filtering.

Unless you have previous subscribed to a service, the general rule is NEVER use the unsubscribe link, it serves to validate your email address and generally results in receiving more spam. The unsubscribe link can be used if you have started getting unwanted mail from companies that are normally not known as spammers or if you have actually previous subscribed, directly or indirectly to the service.

The value of reporting is primarily its effect on the filtering process and in aiding individuals or companies in reducing the amount of unintentional spam that they send. True spammers are generally not affected by reporting. Reporting, by itself, generally has very little impact on the amount of spam you receive and in some cases results in an increase in spam received. That is NOT to imply that reporting is unimportant, because it is very important; and its bennefits are realized through its filtering impacts and uses.

[btech]

it wasn't an unsub link, it was an email, which I guess can do the same as a link and verify it's a person's address.

I'm pissed that SBC has done NOTHING, when this person has used and I have reported the same IP for the past 6 months. I guess the next step is print everything out and draft up a letter of cease & desist to SBC and the attorney general of Texas and CA.

[killspamdead]

best thing that worked for me.

in iptables, i blocked

64.91.224.0/19

67.43.0.0/20

209.59.128.0/18

69.16.192.0/18

72.52.128.0/17

67.225.128.0/17

67.227.128.0/18

by by liquid spam....

Liquid Web, Inc. LIQUIDWEB (NET-64-91-224-0-1) 64.91.224.0 - 64.91.255.255

Liquid Web, Inc. LIQUIDWEB-1 (NET-67-43-0-0-1) 67.43.0.0 - 67.43.15.255

Liquid Web, Inc. LIQUIDWEB-2 (NET-209-59-128-0-1) 209.59.128.0 - 209.59.191.255

Liquid Web, Inc. LIQUIDWEB-4 (NET-69-16-192-0-1) 69.16.192.0 - 69.16.255.255

Liquid Web, Inc. LIQUIDWEB-6 (NET-72-52-128-0-1) 72.52.128.0 - 72.52.255.255

Liquid Web, Inc. LIQUIDWEB-8 (NET-67-225-128-0-1) 67.225.128.0 - 67.225.255.255

Liquid Web, Inc. LIQUIDWEB-9 (NET-67-227-128-0-1) 67.227.128.0 - 67.227.191.255

[Geek]

Speaking of hosts that don't care, when you get real shysters like the infamous Moh.B in Lebanon, forgive my ignorance of internet politics, why can't ICANN just reassign the IP block to a different user?

Cheers!

[Farelf]

... why can't ICANN just reassign the IP block to a different user?

ICANN has long maintained that it has no actual enforcement role (Internet Registration Authorities and Registries) - the whole edifice is essentially co-operative - but it does have rules and obviously those do need to be enforced (somehow). The intimations of breakthrough were recorded on these pages - ICANN - the dog bites, Evidence of teeth threatened. then came ICANN sends breach notices to two registrars, Joker and dns.com.cn. What next? We wait, every fiber of us acquiver in anticpation (was 'breathless anticipation' but once the lips turned blue ...).

Anyway, some progress it seems - watch, wait and pay attention (there will be an examination at the end ). The main problem with spam and its support industry being that when the worst offenders are taken down, the ones behind just step forward to fill the gap. That's no reason not to take them down of course (especially when they go out of their way to present as targets), the point is that 'their' stamina and resourcefulness are not factors to be underestimated ("know the enemy," as Sun Tzu admonished, or lose the battle). The providers of the internet resources are not the generals in this struggle but, right enough, at least they are visible and accessible.

[Mikescki]

I can see why it would be very difficult for ICAN to start removing every reported spammer but surely there must be some partial route? The core of this must be the host of the spammer but, as I understand it, many of the "professionals" are their own host. This means that no matter how many reports are made they just carry on. These are the ones which ICAN must remove as a start.

The other, well one other, thing which I can't see why they can't stop is the forged sender. I get emails to me from my own email address. It reaches the point where I can be identified as blacklisted on my own computer!

Now surely we have the technology to force all emails to be addressed from the real sender - or at least their host? Whatever method they are using to "reflect" the email address of the recipient must be a code which is well known. Just make the inclusion of this code in an email "illegal" and dump the email at the first legitimate node. At least there would be a pause while someone makes up another code.

Mikescki

[Miss Betsy]

IMHO, the reason that ICANN is moving slowing on the matter of webhosting spammer sites is that there is a slippery slope of censorship involved. No one wants any agency deciding what can and cannot be put in a website.

And, I don't think the 'forged' sender is that easy to correct either. The only way that your computer would filter out emails from yourself is because you set up a filter to do that. It sounds as if you are using a Bayesian filter since you say, that eventually emails from yourself are tagged as spam. Bayesian filters 'learn' from the user identifying certain emails as spam.

There is a way to identify emails from the last place they were sent from (which may, or may not, be the actual computer that the emailer sent it from). That's what the spamcop parser does - identify the IP address of the mail server the email came from back to the last 'good' data or IOW, determine the 'source' of the email. If it is a shared mail server (like a business or and internet service provider), spamcop can only trace it to the mail server. The business or ISP can then determine from their logs who the actual sender was. Most legitimate businesses and ISPs no longer allow spammers to operate. That's why the big ones own their own space and operate through botnets where the computers sending the spam are not mail servers at all.

The sender name is changed in your own email program so whatever you want to be displayed is displayed. I don't know what is displayed on your emails - maybe it is Mike or Michael Sckittes or Mike and Jane - but you typed it in there and if Jane leaves you, you can change it to Mike the Lonely. There is no code except the code to make the letters appear on your screen. The only code involved is the code that the sending mail server sends to the receiving mail server saying, there is an email for you and the code that is sent back from the receiving server that says, yes I will accept this email or no I won't. There may be some additional code that identifies the reason it is not being accepted - in fact there is a list of codes somewhere because once I looked up the code in a returned email. The DATA part of the email just comes along as a 'packet of code' and is not looked at until the email is accepted. Then the receiver can scan the entire email and filter it any way the receiver wants. All of this explanation is from a technically non-fluent person and is being explained in a totally non-technical way. Server admins will say that I forgot to mention the 'return path' and that I left out a bunch of steps and that there is a lot more 'conversation' in code between servers that is possible and that I didn't mention greylisting - which is true. From what I understand of their explanations of how email works, I have just explained, in my own terminology, why I think there is no possibility of a technical change that allows the sender's name to be 'coded' in a way that the email can be identified as really from that person or not.

I don't think it would be practical (as a retroactive action, impossible) to make every computer user have a unique 'sender' or 'user' name in non-technical ways. Since the internet is international, it would require a lot of coordination among governments and what is to prevent the totalitarian ones from denying user names of those users on the 'wrong' side?

Miss Betsy

[Mikescki]

Thanks for that Miss Betsy.

So, basically, if we wish to retain any freedom in the net we have to accept that there will always be those who will abuse it. Just like the old days of CD Radio really. The rules were there but in the end the 50 megawatt idiots and wannabe DJs took over the whole thing so it died a death. One can but hope that the internet is bigger than that and eventually a solution will be found before it falls apart under the weight of unwanted spam!

Not bouncing, not asking for proof of recipt and not "sending to all" is perhaps a personal start.

Long sentences or heavy fines which make it unprofitable to run botnets for spamming would probably help ... Better personal security so you don't end up as a zombie helps too.

Regards,

Mikescki

[Miss Betsy]

You are right - end user personal responsibility in not forwarding to everyone, keeping security updated, surfing responsibly, not always asking for proof of receipt would go a long way to making the internet a better place for everyone. Particularly the part about keeping security updated.

The reason that the internet won't go the way of CD radio is because, since the internet is built on etiquette, there is a way to politely, without force, ignore those who are being 'rude and unmannerly' in their use of the internet. Since IP addresses can be identified, one can simply 'block' communications from any IP address that sends unsolicited email. Unfortunately, this can only be done at the server level by server admins. Most server admins have given up trying to explain what happens when they block because end users are generally customers and don't want to know the mechanics and just yell if they don't receive an email from an IP address that also sends spam. Therefore, most people get their email filtered through content filters (which try to identify spam from the content which doesn't always work since 'hard' can be used in many contexts). A lot of spam is eliminated because server admins can safely block email from botnets since they aren't really mail servers. However, the spammers continually find ways to infect more computers so that until they are identified, a certain amount of spam from them seeps through.

But, if end users understood the concepts of how email works, then they would demand blocklists of all but trusted mail servers. Part of the spam problem is economics (some people are making money on the bandwidth used) and part is a communication problem - end users are perceived by the ones who know how to control spam as being too stupid to understand (not without reason) and so most end users are tragically ignorant of what can be done by them as consumers of email services.

But the server admins are always in control - 'my server, my rules' so most of them use blocklists to filter email and they try their best to 'protect' those who are using their network - sort of like nannies. Since most server admins are independent personality types, they are unlikely to compromise the freedom of the internet - and to resist any attempt on others (marketing or political) to curtail the independence of each server admin to do as s/he pleases - to either send spam or to block it.

Miss Betsy

[Geek]

So, basically, if we wish to retain any freedom in the net we have to accept that there will always be those who will abuse it.

Problem is there is more censorship on the net now than ever, only we see none of the benefits. The censorship only helps corporations (port blocking) or political parties (China's and Australia's "Great Firewall").

Cheers!

[Farelf]

...Australia's "Great Firewall")....

Not yet, by gum! But, yeah, once a Minister of the Crown has made up his mind, all unencumbered by knowledge, facts or reason, it may well be/is usually just a matter of time (as Canadians and Brits will know too, the Kiwis are usually too sensible or at least adopt the sensible policy of doing the opposite of what the Aussies do). It's a dead giveaway of it being a foregone conclusion when they conduct 'inquiries' and run 'tests' and so it happens. Until the next election, or the one after.