lwc Posted November 13, 2006 Share Posted November 13, 2006 My university requires us to give them our e-mail addresses, but then their site is stupid enough to let people in my class see each other's e-mail addresses and it even supplies a contact form. So what people did was starting clicking "send to all" in the site and what happens is that the "to" input field the form is filled up with 300 addresses of everyone right in plain view. That means 2 things: 1) It's copy and pasteable. 2) It actually sends the mail with 300 people in the "to" header. The stupid thing is the University actually gave us a professional mailing list. You know, one address sends to all. But the students, for whatever reason, simply refuse to use it! Now don't get me wrong. Most of these people actually send us material for the tests, but I simply refuse to accept the end justifies the means - at all costs. They have no right to steal and later spam because "it's for a good thing". 2) was at least easy to report to the University. So what people in my classs did was switching to method #1 and then used their own ways to send mail. Naturally for newbies, they still put the 300 people in the "to" header! I kept complaining to the University that their stupid site was exposing me to viruses (it only takes 1 person in the 300 to have a virus and since the "to" list is exposed...), but once people starting using method #1 they didn't care. So I started complaining to the ISPs of the senders quoting them clauses from their own contracts (at the same time I kept complaining to Spamgourmet). I kept saying to the ISPs "at least made them start using BCC!"). After a long fight, I won the battle and the ISPs at least made them use BCC. This was great because I actually started getting viruses prior to this point just because of the crazy exposure - 300 people in the "to" header - a couple of messages a day. But it wasn't enough (and it also meant the University was out of the picture as I could no longer prove the list was stolen from them once it was hidden in the BCC). Eventually maybe due to the complaints it stopped altogether. ...except one guy and his ISP - Bezeqint.net (that indeed made him start using BCC but refused to do anything further). I'm actually their user too so I thought a personal approach would help. Indeed, it at least got me a personal reply. "He said it's a mailing list for people he teaches and they were the ones joining it". I was freaked out! This was after I made it clear he STOLE the list. I even gave them the contact details of the people in the University in charge of the course to tell them there this is just a fellow student and not a teaching aid of any sorts! Come on, does Bezeqint actually fall for this guy's lies?! Then I gave them the contact details of the people in the University in charge of the site to verify with them the list matches one by one (same order even) the list from the site and there's no way it's some opt-in list of his. To which they said "he said he has no problem taking anyone off if they just request so". This was after they knew he STOLE this list AND after I quoted them their own contract that said opt-out lists are a major no-no. This is the biggest ISP in Israel and they answer me with comments like these?! I also reminded them - and like to tell you - there's a law proposal in Israel that wants to follow the European opt-in spam policy. So forget that it's against their own contract, what Bezeqint.net tells me (that opt-out lists are fine) would be illegal in the future! This didn't really impress them either... At this point they stopped replying personally. They never even replied to me after in a matter of minutes, that guy sent "his" list almost 20M worth of files in multiple messages. Anyway, all through this I kept reporting each new spam message to Spamgourmet, so how come Bezeqint.net never felt Spamgourmet's "wrath"? Link to comment Share on other sites More sharing options...
StevenUnderwood Posted November 13, 2006 Share Posted November 13, 2006 To answer the question in your subject: Spamcop does not list ISP's. It attempts to only list IP addresses that are currently in the process of spamming. Please provide an IP address that sent you the spam you are talking about and we can provvide more information, but if it is an isolated incident, they will not likely be listed for it. Link to comment Share on other sites More sharing options...
lwc Posted November 13, 2006 Author Share Posted November 13, 2006 I forgot to mention I also complained to the spammers' work places, but they ignored me. Anyway, if that was me (I use the same ISP) the IP address would have been dynamic because that's how it usually is. Fortunately, probably because he sends mail from his work place, the specific spammer has the static IP of 212.25.106.78 Link to comment Share on other sites More sharing options...
Wazoo Posted November 13, 2006 Share Posted November 13, 2006 This is the second Topic started by the same user, both complaining/referencing Spamgourmet ..... Is there supposed to be a connection to the SpamCopDNSBL in there somewhere? I'm of the mind to merge both Topics into one and move the result to the Lounge as not being directly SpamCop.net related ...???? Link to comment Share on other sites More sharing options...
lwc Posted November 13, 2006 Author Share Posted November 13, 2006 Oops, I meant Spamcop and now I can't edit it and fix it! It was just a mistake (I would appreciate it if someone could edit it!). Also, the other topic was general and this one is about a specific issue. Please let's get back to the aforementioned IP address. Link to comment Share on other sites More sharing options...
StevenUnderwood Posted November 14, 2006 Share Posted November 14, 2006 I forgot to mention I also complained to the spammers' work places, but they ignored me. Anyway, if that was me (I use the same ISP) the IP address would have been dynamic because that's how it usually is. Fortunately, probably because he sends mail from his work place, the specific spammer has the static IP of 212.25.106.78 212.25.106.78 not listed in bl.spamcop.net There are a bunch of complaints, starting October 19. However, if all of these are from you, that will also not get them listed. Here are the latest: Report History: Query long history (30 days) -------------------------------------------------------------------------------- Submitted: Monday, November 13, 2006 1:35:28 PM -0500: =?windows-1255?B?5ODp5+XjIOTg6fjl9Ok=?= (barilan: message 2 of 5) 2015996946 ( 212.25.106.78 ) To: spamcop[at]imaphost.com 2015996918 ( 212.25.106.78 ) To: abuse[at]bezeqint.net -------------------------------------------------------------------------------- Submitted: Monday, November 13, 2006 7:07:04 AM -0500: =?windows-1255?B?4Onn5eMg4On45fTpIC0g7vbi5fo=?= (barilan: message 1 of 5) 2015515225 ( 212.25.106.78 ) To: spamcop[at]imaphost.com 2015515170 ( 212.25.106.78 ) To: abuse[at]bezeqint.net -------------------------------------------------------------------------------- Submitted: Monday, November 13, 2006 6:58:50 AM -0500: =?windows-1255?B?UkU6IODp5+XjIODp+OX06SAtIO724uX6?= (barilan: message 5 of 5 ... 2015505184 ( 212.25.106.78 ) To: spamcop[at]imaphost.com 2015505113 ( 212.25.106.78 ) To: abuse[at]bezeqint.net -------------------------------------------------------------------------------- Submitted: Monday, November 13, 2006 6:56:06 AM -0500: =?windows-1255?B?4Onn5eMg4On45fTpIC0g7vbi5fo=?= (barilan: message 4 of 5) 2015503187 ( 212.25.106.78 ) To: spamcop[at]imaphost.com 2015503161 ( 212.25.106.78 ) To: abuse[at]bezeqint.net -------------------------------------------------------------------------------- Submitted: Monday, November 13, 2006 6:05:13 AM -0500: =?windows-1255?B?4Onn5eMg5ODp+OX06Q==?= (barilan: message 3 of 5) 2015441946 ( 212.25.106.78 ) To: spamcop[at]imaphost.com 2015441919 ( 212.25.106.78 ) To: abuse[at]bezeqint.net -------------------------------------------------------------------------------- Submitted: Friday, November 10, 2006 1:51:49 PM -0500: =?windows-1255?B?5+Xu+CDw5fHzIOHn5ebp7SDu6eXn4+nt?= (barilan: message 2 of 5) 2011219673 ( 212.25.106.78 ) To: spamcop[at]imaphost.com 2011219657 ( 212.25.106.78 ) To: abuse[at]bezeqint.net -------------------------------------------------------------------------------- Submitted: Thursday, November 09, 2006 8:41:12 AM -0500: =?windows-1255?B?+Pnp7vog7uX54untIC0g5+Xm6e0g7unl5+Pp7SDh7vn06CDk8uH46Q==?= (... 2009166269 ( 212.25.106.78 ) To: spamcop[at]imaphost.com 2009166259 ( 212.25.106.78 ) To: abuse[at]bezeqint.net -------------------------------------------------------------------------------- Submitted: Wednesday, November 08, 2006 5:27:04 AM -0500: =?windows-1255?B?5+Xm6e0g7unl5+Pp7SDh7vn06CDk8uH46SAtIO7h8OQg5OHn6fDk?= (bari... 2007177347 ( 212.25.106.78 ) To: spamcop[at]imaphost.com 2007177324 ( 212.25.106.78 ) To: abuse[at]bezeqint.net Link to comment Share on other sites More sharing options...
lwc Posted November 14, 2006 Author Share Posted November 14, 2006 Yes, whenever there's "barilan: message X of Y" it's me complaining (this line is where Spamgourmet is involved as I use it). But what do you mean by: However, if all of these are from you, that will also not get them listed. Link to comment Share on other sites More sharing options...
Wazoo Posted November 14, 2006 Share Posted November 14, 2006 If you have a specific question about a section of the FAQ that confuses you, please identify/post that section here with your question and we will attempt to help you understand. If you haven't looked at a FAQ yet, please see the information provided at; What is SpamCop.net? Where to get Help SpamCop FAQ Why Am I Blocked? What is the SpamCopDNSBL? Link to comment Share on other sites More sharing options...
Farelf Posted November 14, 2006 Share Posted November 14, 2006 Not sure if Wazoo's link goes to where intended - try http://www.spamcop.net/fom-serve/cache/297.html instead, not the same but may be in the area you are after. Link to comment Share on other sites More sharing options...
Wazoo Posted November 14, 2006 Share Posted November 14, 2006 Took me a while to edit it to match this Topic's subject matter ... Link to comment Share on other sites More sharing options...
StevenUnderwood Posted November 14, 2006 Share Posted November 14, 2006 Yes, whenever there's "barilan: message X of Y" it's me complaining (this line is where Spamgourmet is involved as I use it). But what do you mean by: However, if all of these are from you, that will also not get them listed. I mean the system is setup so that a single reporter can not get a server listed. It seems you may be the only person getting these messages, in which case it would be better for you to deal directly with abuse[at]bezeqint.net. It may be an individual who has a problem with you or a virus pulling your address from their machine or something like that that is causing these emails. Link to comment Share on other sites More sharing options...
lwc Posted November 14, 2006 Author Share Posted November 14, 2006 I already said I talked with Bezeqint personally and they did make the spammer use BCC but that's it (before the BCC 300 people kept starring in the "to" header). Also, the stuff he sends is actually good for the tests, but his mailing list is stolen. Again, he stole the students' addresses in order to send them stuff for the tests. It just shows he didn't even give a second thought about doing such things than in the offline life could send him to jail. As if the Internet is a playing ground. The end is good, the means aren't. Therefore most of the students are apathetic about complaining, not to mention what kind of average user bothers to complain about spam anyway? Link to comment Share on other sites More sharing options...
turetzsr Posted November 14, 2006 Share Posted November 14, 2006 <snip> Also, the stuff he sends is actually good for the tests, but his mailing list is stolen. Again, he stole the students' addresses in order to send them stuff for the tests. It just shows he didn't even give a second thought about doing such things than in the offline life could send him to jail. As if the Internet is a playing ground. The end is good, the means aren't. Therefore most of the students are apathetic about complaining, not to mention what kind of average user bothers to complain about spam anyway? ...The average user may or may not be educable. These are students, so presumably they can be educated. You seem to understand this stuff and write convincingly. Have you tried educating these students? Link to comment Share on other sites More sharing options...
lwc Posted November 15, 2006 Author Share Posted November 15, 2006 Before everything, I should mention I tried to e-mail the spammers themselves. They completely ignored me. Even my requests to use BCC were ignored. As for a mass education, the big irony is that I can't educate hundreds of people without spamming them myself. So it created a huge dilemma for me. Eventually, when nothing else worked, I decided to do the minimum damage I could - what I did was creating a real mailing list (ironically, Bezeqint doesn't let regular people like me send messages (even via BCC) to hundreds of people - I guess only spammers deserve that right...) and copy and pasted the addresses into it (that was before the ISPs listened to me and made the spammers use BCC). I sent a message to that list during this whole saga. I first told everyone how I know the spam we get lately is meant for a good purpose, but the end doesn't justify the means. Especially that it's not just theory, but we will get viruses and spam because of this (in retrospect, I was proven right) - I even joined in a drawing of a pyramid of people online to show them how if even 1 of them had a virus or a botnet, we'd all become targets each time one of "our" spammers sends our addresses to hundreds of people, which happens no less than a couple of times each day... Then I told everyone to at least use BCC when they spam (God forbid using a mailing list like myself - I guess the 2 minutes it takes to set it up is too much...). I then told them the people who spammed were reported to the powers that be. Lastly, I told them about the European like spam opt-in law proposal. The spam continued just as before (all I heard about it was one female student who told me "hey, did you get the angered message from this student about stop spamming too...?"). Later on, someone sent me a nice presentation about how to use BCC, etc. to avoid attributing to spam and viruses. I modified it to fit in our situation and sent it through the mailing list. Again, nothing changed. So 2 messages overall (because I didn't want to be phoney) and they did nothing. Not even made them use BCC (unless maybe some of them - not the aforementioned specific guy though - started using BCC because of my "education" and not because of their ISPs - I have no way to really know). Link to comment Share on other sites More sharing options...
Miss Betsy Posted November 15, 2006 Share Posted November 15, 2006 I don't know what it is about abuse departments that make them so dense, but you are not alone in being frustrated. Also, it is very frustrating to talk to the average end user (even those who are intelligent in other areas). They all seem to think that the mechanics of email is as incomprehensible as brain surgery. In other discussions about how to control spam, it has been suggested that those who use email should be tested and licensed like drivers. The bottom line problem is that it isn't cost effective to make end users behave sensibly. What the internet needs is someone like Ralph Nader who can 'raise the consciousness' of enough consumers to embarass the professionals into doing the 'right' thing. Miss Betsy Link to comment Share on other sites More sharing options...
lwc Posted November 15, 2006 Author Share Posted November 15, 2006 I don't know what it is about abuse departments that make them so dense, but you are not alone in being frustrated. I think it's the fact they know we'll just do nothing if they ignore us. They say "let's just ignore them and they'll leave us alone." Also, it is very frustrating to talk to the average end user (even those who are intelligent in other areas). They all seem to think that the mechanics of email is as incomprehensible as brain surgery. Exactly. Those people are students, some of them are bussiness persons in high positions but they decided spam is just a fact of life and fighting is like that movie "Super Size Me" that fought McDonald's in a lost cause to make them provide healthy food (although that actually helped). And it doesn't help that in this case the spam is used for a good thing. They probably think "just let us keep getting stuff for the tests from these spammers and leave us alone". The most annoying thing was how I couldn't even make the spammers use BCC. They simply ignored me as if even that is too much to ask and it interfers with their higher goal of delivering us stuff for the tests. If I didn't tell on them to their ISPs, they still wouldn't be using BCC. One female student who's a friend of mine put me in her own mailing list and started sending me mass mail (jokes, etc.). She too put all of her friends in the "to" header. I sent her screenshots of how to use BCC in her own program. Since then she either sends using "cc" or "bcc". I keep telling "cc" is worthless, but she keeps confusing them (her damn webmailer makes "cc" appear on default and "bcc" hidden on default). I told her if she couldn't handle remembering the word "bcc", she should use a real mailing list (again, sent her screenshots how to make one). But she just won't do it and every once in a while I find myself in her "cc" header. It's so annoying she exposes my address like that and keeps forgetting to use "bcc" yet refuses to use a real mailing list. In other discussions about how to control spam, it has been suggested that those who use email should be tested and licensed like drivers. Would you marry me? I keep saying that, only I think such a license should be enforced on anyone who wants to have a computer. Well, at least as long as that computer is connected to the Internet. Link to comment Share on other sites More sharing options...
Telarin Posted November 15, 2006 Share Posted November 15, 2006 In other discussions about how to control spam, it has been suggested that those who use email should be tested and licensed like drivers. Or simply hold users responsible for their equipment. If you get into an accident in your car because the brakes failed, you are still financially responsible for the accident because it is your responsibility to maintain your vehicle properly. On the same note, when a user gets a virus, they should be financially liable for the estimated cost of the bandwidth used by the virus to deliver spam as well as the cost of handling that spam unless they can prove that they were properly maintaining their machine (for instance if they got infected with something new that defs hadn't been published for yet they shouldn't be held responsible). Even if this is only $0.001 per message, it could easily be a couple hundred dollar fine. There would need to be some kind of cap on it per incident so it wasn't too ridiculous, but unless there is some reason for the average end-user to maintain their equipment, most of them won't. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.