giza: Giza White Mage (Default)
In what is definitely a blast from the past, I found this old news story laying around on my hard drive of TurnTide from 2004:



Strangely enough, I make two appearances in this--the first one at 2:40 is of file footage from when they interviewed me for a story about spam in 2003. That was amusing.

A few months after this story was shown, the Symantec Corporation bought us for $28 Million. Those of you who saw me at Anthrocon 2004 might recall that I was tightlipped about work, as well as carrying around this skateboard. Now you know why. :-)
giza: Giza White Mage (Default)
This was spotted on the Anthrocon forums this morning:

Spam Screencap

No ma'am, you will NOT be putting anything in me anytime soon.

Oh, and what WAS your username again? *clickety-click*
giza: Giza White Mage (Default)
MySpace wins $230 million anti-spam judgment

By ANICK JESDANUN

NEW YORK (AP) -- A notorious "Spam King" and his partner now owe MySpace about $230 million in damages after a federal judge awarded the popular online hangout what is believed to be the largest anti-spam judgment ever.

The judgment is a big victory for MySpace, although service providers often have a tough time collecting such awards. But even if the News Corp.-owned site never collects, it hopes the judgment deters other spammers.

"Anybody who's been thinking about engaging in spam are going to say, `Wow, I better not go there,'" MySpace's chief security officer, Hemanshu Nigam, told The Associated Press on Tuesday. "Spammers don't want to be prosecuted. They are there to make money. It's our job to send a message to stop them."

U.S. District Judge Audrey B. Collins in Los Angeles ruled in MySpace's favor Monday after Sanford Wallace and Walter Rines failed to show up for a court hearing.

Wallace earned the monikers "Spam King" and "Spamford" as head of a company that sent as many as 30 million junk e-mails a day in the 1990s. He left that company, Cyber Promotions, following lawsuits from leading Internet service providers such as Time Warner Inc.'s AOL, only to re-emerge in a spyware case that led to a $4 million federal judgment against him in 2006.

"MySpace has zero tolerance for those who attempt to act illegally on our site," Nigam said in a statement. "We remain committed to punishing those who violate the law and try to harm our members."

Nigam told the AP that Wallace and Rines created their own MySpace accounts or took over existing ones by stealing passwords through "phishing" scams.

They then e-mailed other MySpace members, he said, "asking them to check out a cool video or another cool site. When you (got) there, they were making money trying to sell you something or making money based on hits or trying to sell ring tones."

MySpace said the pair sent more than 730,000 messages to MySpace members, many made to look like they were coming from trusted friends, giving them an air of legitimacy. Under the 2003 federal anti-spam law known as CAN-SPAM, each violation entitles MySpace to $100 in damages, tripled when conducted "willfully and knowingly."


The rest of this article is here.

While I'm happy to see Sanford Wallace get his arse handed to him in court (again), I can't say this comes as a big surprise to me. He's been spamming since the late 90s, and has shown time and time again that he just can't be bothered to play by the same rules as the rest of us, and instead asserts his "right" to fill our mailboxes with crap so that he can make a quick buck.

If there was ever a case for "banning" someone from using the Internet at all, I think Wallace would be a good test case. I'm sure that this raises lots of ethical issues, however.

Anyway, I think this just goes to show that a leopard can't change his spots. (But he'll steal them off a cheetah's back!)
giza: Giza White Mage (Default)
In years past, I used to have much more involvement with email and spam issues, and did my share tracking down the source of spams that came into my mailbox, and reporting them to the sender's ISP. During that time period, I came across my share of broken autoresponders that sat on abuse@ and postmaster@ mailboxes, that would improperly "report" spam complaints as spam, get into mail loops, or worse.

Eventually, the volume of spam, and more specifically forged spam hit such high levels that enough admins got the clue that since email is easily enough forged, having autoresponders that blindly trust the email message and send out an autoresponce based on that aren't such a hot idea. As the level of clue grew, autoresponder usage pretty much fell about the wayside.

Clearly the dumbasses at npgx.com.au missed that memo.

For your amusement, I present:

http://www.scribd.com/doc/2961223/postmasternpgxcomau-broken-autoresponder-part-12

and

http://www.scribd.com/doc/2961305/postmasternpgxcomau-broken-autoresponder-part-22

As best I can tell, the following events happened:

1) Someone at npgx.com.au received a spam from a RoadRunner user (rr.com).

2) They reported this to abuse@rr.com.

3) abuse@rr.com responded with a standard auto-responce.

4) postmaster@npgx.com.au responded to that auto-responce with one of its own. Except that it parsed the message it got from abuse@rr.com, saw other domains there like spam.abuse.net and haltabuse.org, and decided to CC about 20 odd admins of those domains, as well as admins of their mailservers. That's how I got that email -- I am also postmaster@haltabuse.org. (That's the first message linked above)

5) I repsond to their postmaster address, pointing out that their autoresponder is broken.

6) I get the same autoresponce, flagging *my* message as spam, and CCing my mail server admins. (Second message linked above)

7) ???

8) Profit! Whoops! I really meant to say: npgx.com.au fails spamfighting 101.


Looking back at the above chain of events, I'd say that #3 was mildly questionable, but not unreasonable. But #4? That kind of automated "we'll email everyone who is remotely connected with this message" is just plain stupid, and I don't recall seeing it at least the last 5 years. If that is how npgx.com.au deals with messages that they perceive as spam, I do not think they will be in the email business for much longer...
giza: Giza White Mage (Default)
I am referring to Lawrence Canter and Martha Siegel, also known as the Green Card spammers.

Back in 1994, they got an Internet account with a company called "Internet Direct" and proceeded to spam nearly 6,000 newsgroups on Usenet. It was the first time that anyone had dared send commercial spam across Usenet.

A virtual riot followed, and their ISP's mailserver fell over under the load of emailed complaints. 15 times. From the article:
Jeff Wheelhouse, sysadmin for Internet Direct, was soon bombed into oblivion by world-wide complaints. He told the NY Times this caused Internet Direct computers to crash at least 15 times -- "that's when we stopped counting." Internet Direct terminated the lawyers' account, making it clear it doesn't oppose advertising, just spamming. Canter, Siegel, and two other lawyers appeared at Internet Direct offices, threatening to sue for $250,000 unless their account was reinstated. Internet Direct refused. Nothing came of the C&S threats.


So what happened to Canter and Siegel? They divorced in 1996. Canter was permanently disbarred in the state of Tennessee in 1997. Martha Siegel apparently passed away in 2000. Today, Canter has transitioned into computer programming and reportedly hasn't sent spam in years.

And what of Jeff Wheelhouse, who is pretty much the original spamfighter? It turns out that he runs my webhost.

The mind boggles.
giza: Giza White Mage (Default)
For those who haven't followed this too closely, last year a "marketing firm" by the name of e360Insight (which is really a one-man company run by Dave Lindhart) sued Spamhaus for listing them as a "spammer". The funny part is that the lawsuit was filed in Chicago against Spamhaus, which is a British organization. (yes, there was lying under oath involved) Not surprisingly, Spamhaus rejected the jurisdiction of the court. e360 got a default judgement for some millions of dollars, and Spamhaus has yet to pay them a dime (and has no intention of doing).

Here are some samples of e360Insight spam.

Some time goes by, and then Dave Lindhart, the president of e360 shows up on news.admin.net-abuse.email and proceeds to start ranting about Spamhaus. Not surprisingly, the regulars there justifiably tore his arguments apart. His response? To sue the members of that newsgroup. [Link #1, from DM News] [Link #2, from nanae itself]

It seems to me that Dave Lindhart has just a bit of a problem taking criticism. He can sure dish it out, but he can't seem to take it.

The DM News article was rather lulzy too, with totally clueless statements like this:
Nanae, a Usenet newsgroup whose Web site claims to be "dedicated to discussing e-mail spamming," did not immediately return e-mails for comment.

Anyone who has been on Usenet knows that "emailing a newsgroup" makes about as much sense as getting your car to run off of pizza.

What's really funny (or sad, depending on your viewpoint) is that Dave Lindhart has apparently failed to learn from past history. Let us count the ways:

- Suing a blacklist? CHECK.
- Suing a blacklist in a jurisdiction in which they do not operate? CHECK.
- Publicly making statements about the case? CHECK. And CHECK.
- Getting in arguments with the anti-spam community? CHECK.
- Trying to stifle criticism from the community? CHECK.

And in many cases going back to the late 90s, it's been the same thing: spammer talks tough in public and in court, but when push comes to shove, suddenly they don't have the "evidence" they claim they had, or an overwhelming amount of evidence (i.e. spam received) is presented in court, or the defense's lawyers cite case law and destroy the spammer's case.

Oh well, it'll be fun and interesting to watch. In a trainwreck sorta way.
giza: Giza White Mage (Default)
Ah, another day, another spammer. This one apparently decided to use some search engine software to "target" his spam run. Not only does his targeting SUCK, but he obviously could not be bothered to actually like, visit my website before sending me something about *catsitting*. Jeeze.

So now I guess I'll just post the spam here, searches on Google for "catsitting.net" and "spam" will start getting matches. What a tragedy.


From: jonathanleger@catsitting.net <jonathanleger@catsitting.net>
Date: Aug 29, 2005 4:41 PM
Subject: I'd love to link to your cat page!

Hi there,

I'm writing because I'd really like to link to your site from mine. I
have a site dedicated to locating cat sitters all over the United
States. The URL is:

http://www.catsitting.net/

Each page has a "Related Sites" section where reltaed links go. Your
link will go in that section.

You can add your link to all 16,000+ pages of the site by filling out
the form located here:

http://www.catsitting.net/index.php?addlink=true&url=www.spamcop.net [Munged, hehehe.]

PLEASE do not share that URL with anybody, since I am very particular
about which sites get added to my related sites section and I don't
want that form to get abused by link spammers.

I appreciate the hard work you're doing on your site!
Keep it up!

Thanks,
Jon

Profile

giza: Giza White Mage (Default)
Douglas Muth

April 2012

S M T W T F S
1234567
891011121314
15161718192021
22232425262728
2930     

Syndicate

RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags