FC: Replies to "David Scott Anderson, spammer" and bad blacklists

From: Declan McCullagh (declanat_private)
Date: Wed Jul 10 2002 - 09:15:37 PDT

  • Next message: Declan McCullagh: "FC: MPAA lawyergrams Gnutella user for sharing "The Simpsons""

    Previous Politech message:
    
    "David Scott Anderson: An unapologetic resume spammer, and a twist"
    http://www.politechbot.com/p-03730.html
    
    ---
    
    From: "Dave Steer" <dsteerat_private>
    To: <declanat_private>
    Subject: RE: David Scott Anderson: An unapologetic resume spammer, and a  twist
    Date: Tue, 9 Jul 2002 09:12:11 -0700
    
    Good action, Declan. A close friend of mine has said that Spam is,
    potentially, the most destructive of plagues to descend upon the
    Internet. I am compelled to agree. After all, most of the other problems
    (ID Fraud, Slow uptake of broadband, etc.) have plausible, working
    solutions (free market, government, and other).
    
    Spam is different. Despite filter technologies and black lists, the
    problem is getting worse -- evidenced both by the volume of my inbox and
    the share of complaints received by TRUSTe's Watchdog -- and the
    solutions are not working (falsely identifying Spam is only one of
    them...). It is my belief that the cure will be the result of the cross
    functioning of technologies, oversight and dispute resolution. In short,
    the elimination of bad email AND elevation of responsible email.
    
    Until then, the delete button is my best friend.
    Cheers,
    Dave Steer
    
    ---
    
    Date: Wed, 10 Jul 2002 09:13:47 +0100 (BST)
    From: James Sutherland <jasat_private>
    To: Declan McCullagh <declanat_private>
    Subject: Re: FC: Three tales of firsthand problems with "anti-spam" blacklists
    
    On Tue, 9 Jul 2002, Declan McCullagh wrote:
    
     > Previous Politech message:
     >
     > "David Scott Anderson: An unapologetic resume spammer, and a twist"
     > http://www.politechbot.com/p-03730.html
     >
     > As a brief followup to my earlier message, I give the SpamCop folks (some
     > of whom subscribe to Politech) high marks for responsiveness, although they
     > also incorrectly listed my mail server as spam for 18 hours on Feb. 11. But
     > the relays.osirusoft.com admin never explained why my server was
     > blacklisted last week without a check performed first.
    
    Spamcop's own blacklist is automatically generated, based on the number of
    complaints received recently ("recently" being "within the last 3 days",
    with reports from the last few hours being most heavily weighted) and the
    volume of mail handled (so a handful of reports would list the average
    open relay, but listing AOL's server farm would require a huge number).
    
    It's important to remember HOW Spamcop use this "blacklist": unlike most,
    "blacklisted" mail is NOT rejected - just diverted into a "this might be
    spam" folder on the server. They also point out that the Spamcop blacklist
    is not for use as an auto-reject filter, only for information: even if
    your server were listed, this would just divert mail from you into another
    folder - and I can "whitelist" you at the click of a mouse when I realise
    you aren't spamming me.
    
    Certain other blocking services, however, can be rather trigger-happy -
    not to mention assuming they are always correct in listing you!
    
    
    James.
    
    ---
    
    
    Date: Tue, 09 Jul 2002 16:42:26 -0400
    From: "Paul Levy" <PLEVYat_private>
    To: <declanat_private>
    Subject: Possible claims against careless blackholers
    
    I take it that Clinton Fein is implicitly suggesting that, when an 
    anti-spam group adds someone to a list of alleged spammers,, merely upon 
    the receipt of a report but without any independent checking, there is an 
    instance of defamation.  Perhaps one could say that the group's practice 
    reflects negligence, which is a sufficient basis for a defamation claim 
    where the person added is not a public figure.  OTOH, it is hard to see a 
    viable cause of action for trademark dilution; the "tarnishing" that 
    follows from criticism is generally not a basis for a dilution claim....
    
    Paul Alan Levy
    Public Citizen Litigation Group
    1600 - 20th Street, N.W.
    Washington, D.C. 20009
    (202) 588-1000
    http://www.citizen.org/litigation/litigation.html
    
    ---
    
    Subject: Re: FC: David Scott Anderson: An unapologetic resume spammer, and a
             twist
    From: Billy Harvey <Billy.Harveyat_private>
    To: declanat_private
    In-Reply-To: <5.1.1.6.0.20020708212540.02db2ae0at_private>
    Date: 08 Jul 2002 22:25:33 -0400
    
     > Excerpts from a representative email:
     > - "I will be contacting an attorney..."
     > - "Is it possible that you are a racist. Did you go to my site and see that
     > I am African American, and have a problem with that?"
     > - "The resume was sent to you by a service, not me personally..."
    
    This could be rewritten as:
    
    1. It didn't happen.
    2. If it did happen then it wasn't me.
    3. If you can prove it was me, then I'll sue you for racism.
    
    Hell, Declan, you'd better just send him an envelope full of money right
    away and save yourself the trouble later.
    
    Billy
    
    ---
    
    From: "Magdalena Donea" <maggyat_private>
    To: <declanat_private>
    Subject: Re: Three tales of firsthand problems with "anti-spam" blacklists
    Date: Tue, 9 Jul 2002 15:27:21 -0600
    
    Declan wrote:
     > But
     > the relays.osirusoft.com admin never explained why my server was
     > blacklisted last week without a check performed first.
    Paul Bort wrote:
    
     > If I found two bad address ranges in just that one record, how many false
     > positives are scattered throughout their database?
    
    The SPEWS system is unapologetic about false positives, and even regard them
    as a plus (they've taken the "ends justify the means" argument way farther
    than I've seen anyone else take it).
    
    Their philosophy appears to be that if innocent businesses and individuals
    on the periphery of spam-house blocklists are affected, then those innocents
    will have no other choice but to pressure their upstream provider to remove
    the spammers from their blocks, thereby solving the spam problem bit by a
    bit. Draconian, yes. Effective? Sure.
    
    My story is similar: a couple of weeks ago, this SPEWS record included, as
    part of the IP address range, the main IP of our shared mail server:
    http://www.spews.org/html/S969.html
    
    Like Paul, I spent several days on Usenet, trying to fight the listing:
    http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=8b22a437
    .0206102335.6c063861%40posting.google.com&rnum=1
    (sorry for the length of the URL)
    
    ... and eventually, after promises to move my servers ASAP away from my
    upstream provider, I obtained a whitelist for our base IP, and went on with
    my moving plans.
    
    The move isn't completed, however, and as of a couple of nights ago, the
    previous listing has been expanded to include not just the few dozen IP
    addresses that were previously listed, but a whole *3 class-C blocks* which
    includes not only the original server, but our secondary and a few of our
    dedicated servers. One of those dedicated servers belongs to our favorite
    client, the Libertarian Party.
    
    All because of 1 or 2 possible addresses in those blocks that may belong to
    marketingontarget.net
    
    Based on previous "conversations" on nanae, I have absolutely no hope of
    getting this resolved again. Coercion seems to be the name of the game among
    these folks. As I said, they're unapologetic about collateral damage, going
    so far as to justify their practices with "well, goodness, we don't FORCE
    anyone to use the SPEWS list..."
    
    The SPEWS list is different than others precisely because of what they
    attempt to do - they *know* their lists include collateral addresses. The
    problem is, of course, that so many servers out there subscribe to
    relays.osirusoft.com and their ilk, and use the SPEWS data, or are
    automatically subscribed to the SPEWS data by their dial-up ISP or other
    access provider, that the SPEWS "optional" argument is moot. The fact of the
    matter is that they *are* causing severe monetary damage to others, and no
    amount of anti-spam self-justification will change that.
    
    Sorry for the annoyance level I'm displaying. I'll now get back to my
    jam-packed server admin day.
    
    --Maggy
    
    Magdalena Donea
    KIA Internet Solutions, Inc.
    
    ---
    
    Date: Mon, 8 Jul 2002 20:34:56 -0700 (PDT)
    From: Chris Caputo <ccaputoat_private>
    To: Declan McCullagh <declanat_private>
    Subject: Re: FC: David Scott Anderson: An unapologetic resume spammer, and
      a  twist
    In-Reply-To: <5.1.1.6.0.20020708212540.02db2ae0at_private>
    
    I am finally getting around to setting up TMDA (Tagged Message Delivery
    Agent - http://software.libertine.org/tmda/) to deal with my spam woes
    (avg. of ~133 per day in the last month).  The main feature I will be
    using is the confirmation requirement from people who are not yet on my
    "whitelist".  Yes this means I may miss some messages occasionally from
    people who don't know how to handle the confirmation process, but time
    wasted due to spam has gotten bad enough that this risk is worth the gain
    in productivity.
    
    Taking back ownership of my inbox,
    Chris
    
    ---
    
    Date: Mon, 8 Jul 2002 21:05:31 -0700
    To: declanat_private
    From: Tom Collins <tomat_private>
    Subject: Re: FC: David Scott Anderson: An unapologetic resume spammer, and
      a   twist
    
    Washington Post on resume spamming:
    http://www.washingtonpost.com/ac2/wp-dyn?pagename=article&node=&contentId=A34840-2002Jan24
    
    Slashdot story on resume spamming:
    http://slashdot.org/article.pl?sid=02/01/09/0346217
    
    Followup:
    http://slashdot.org/article.pl?sid=02/01/25/1622242
    
    -Tom
    
    ---
    
    From: "G. Waleed Kavalec" <gregat_private>
    To: <declanat_private>
    References: <5.1.1.6.0.20020708212540.02db2ae0at_private>
    Subject: Re: David Scott Anderson: An unapologetic resume spammer, and a  twist
    Date: Tue, 9 Jul 2002 07:40:09 -0500
    
    Declan
    
    You made a common error in dealing with Anderson, one you noted:
    
     > One obvious minor solution is not to reply to spammers and send mail
     > only to the abuse@ address. But in my experience, copying both
     > addresses works better: Some abuse admins aren't quick to respond,
     >  while spammers seem to be more willing to delete you from their lists
     > if they know they've already been reported.
    
    
    "Delete you from their lists" != stop spamming.
    
    We "antis" call the former "listwashing" and it really doesn't reduce the
    traffic at all.
    
    G. Waleed Kavalec
    -------------------
    What if there were no hypothetical questions?
    
    ---
    
    From: "Michael H. Frese" <Michael.Freseat_private>
    To: "Declan McCullagh" <declanat_private>
    Cc: "Robert Hettinga" <rahat_private>
    Subject: A Modest Proposal on Spam
    Date: Tue, 9 Jul 2002 07:18:49 -0600
    
    Declan,
    
    If every mail client contained a Spam-Reply button, then no one would send
    out a million messages to people they don't know.
    
    The button would activate an automated reply function against the valid URL
    included in the message.  A thousand false mouse clicks or a hundred false
    form replies should do it.
    
    If 1% of the people receiving the message hammered each spammer, then they'd
    not be able to find the true responses in the false.
    
    Since the number of false messages from each source would be modest, it
    wouldn't be distinguishable from real traffic.  The network itself would
    mount the counterattack so to speak.
    
    The key is to make the software for the counterattack widely available, the
    individual attacks small, and the number of replies much smaller than the
    denial-of-service threshold.
    
    It would stop spam by destroying its value.
    
    Outlook Express plug-in, anyone?
    
    Mike
    
    ---
    
    Date: Tue, 09 Jul 2002 09:35:06 -0500
    Subject: Re: FC: David Scott Anderson: An unapologetic resume spammer, and
             a twist
    From: Shawn Yeager <shawnat_private>
    To: <declanat_private>
    
    Declan:
    
    First, a jaw-agape "wow," at the pure absurdity of this exchange between you
    and Anderson.  It's staggering how some people can be so misguided, yet so
    convinced they're in the right.  I commend you for the objectivity with
    which you were able to pass along this story.
    
    Secondly, it is for the many reasons you note that I believe a collaborative
    approach like Vipul's Razor (now Cloudmark, commercially) looks very
    promising.  I believe you've covered one or both on your list, so I'm likely
    telling you nothing you don't already know.  What may be new to you is that
    version 2 of Razor now incorporates the concept of a "trust index," which
    will purportedly better the system with an historical rating of one's
    reporting of spam.  I have no involvement with Vipul or Cloudmark, so you'd
    obviously want to go to them for details.
    
    Thanks for the list.  I've really enjoyed it.
    
    Best regards,
    
    Shawn
    
    -- 
    
    shawn yeager                   |    http://shawnyeager.com/insight
    emerging technology insight    |    630 689 4031
    
    ---
    
    Date: Tue, 09 Jul 2002 19:17:25 -0700
    From: Joachim Feise <jfeiseat_private>
    Reply-To: jfeiseat_private
    Organization: University of California, Irvine
    To: declanat_private
    Subject: Re: FC: David Scott Anderson: An unapologetic resume spammer, and
      a  twist
    
    Declan McCullagh wrote:
    
    >David Scott Anderson is not merely a resume spammer -- he's a singularly 
    >unapologetic one.
    
    He's not the only one. I think Bernard Shifman is the most notorious:
    http://petemoss.com/spamflames/ShifmanIsAMoronSpammer.html
    
    -Joe
    
    
    
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    -------------------------------------------------------------------------
    Like Politech? Make a donation here: http://www.politechbot.com/donate/
    -------------------------------------------------------------------------
    



    This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 12:57:42 PDT