SPAM is the slang term given on the Internet to that obnoxious and annoying unwanted, unsolicited bulk-mailed junk commercial E-mail. Whether touting some illegal get-rich-quick Ponzi-style pyramid scam or promoting some commercial pornographic site or something equally disreputable, this garbage is the bane of the Internet.
If you think for a moment that spammers are just "legitimate businesspeople" trying to earn an honest living through "innovative Internet marketing", then you owe it to yourself to learn more about this one: Premier Services, apparently run by a woman named Rodona Garst. For an absolutely riveting exposee of the shoddy and disreputable things that this company have reputedly been involved in, go and check out this look behind the scenes at her operation. I assure you that this will be one of the most interesting Web sites you've ever surfed to... plan on spending several hours there (it is well worth the time you'll invest in exploring it!) Please don't forget to use the BACK button on your browser to come back here after you're done!
Most spammers try to deflect flames, either by fraudulently forging invalid return and reply-to addresses, by lying and claiming that the mailing is a "one-time" mailing, by relaying their unwanted mail through basically-innocent unrelated third-party victim companies, by offering the recipient of the spam a reassuring-sounding (and usually totally bogus) technique for supposedly "removing your name from our future mailings", or by trying to conceal the path leading back to the perpetrator. Of course, all of these shams are designed to try to avoid as many outraged recipients as possible from successfully hitting the spammer "where he lives".
Of course, most ISPs don't really much care to try to seriously avoid spam either, since it takes time and effort to be responsible (plus, of course, it requires the willingness to turn away the spammers' business, and thus their money). ISPs will generally only care if they are made to care.
One way to convince them that the problem is serious is by Federal legislation. Of the bills presently before Congress, the only one likely to make a serious dent in spam is the Smith bill, H.R. 1748, "The Netizens Protection Act of 1997", which would slightly modify the existing Federal law criminalizing unsolicited "junk" faxes to make it clear that that bill also covers junk E-mail. This bill applies a Federal penalty of $500 per copy sent (NOT per mailing) for commercial bulk-mailed E-mail sent to someone with whom the sender does not have a pre-established business relationship. Dedicated spammers would predictably move offshore if this bill became law, but it would at least dissuade most of the smaller spammers, plus serve notice to ISPs that the problem is not one they ought to ignore. You ought to support this bill with all reasonable means; call your Senators and Congressional Representative and urge them to co-sponsor it. Visit the CAUCE Web site for more information about this legislation.
Another good approach (assuming the Federal government will not act) is to create a mass of state legislations which will allow for criminal and civil legal actions to be taken against spammers. One good example is the bill introduced into the Washington State Senate on January 19th, 1998. Since junk-mailers typically don't know the state in which the person belonging to an E-mail address resides, making sending junk E-mail to residents of even just one state illegal will effectively prevent junk-mailers from sending spam to residents of all states. Comparable bills have already been introduced in at least Nevada and California as well. Sooner or later (and I predict before the end of 1998) at least one of these bills will be passed, and we'll all get a great deal of much-needed relief.
Another way to help convince ISPs that they need to care is to put into effect sanctions all throughout the Internet which will effectively "pull the connectivity plugs" on the ISPs whose irresponsibility allows spammers to continue to pump their sewage into the Net. By blocking and/or returning all message traffic originating from any IP address allocated to the offending ISP (including those they sub-assign to their customers) we will force the irresponsible ISP's legitimate customers to find and switch to another, more reputable ISP (whose range of IP addresses is not blocked) and this defection of customers from irresponsible ISPs will hit them where they will notice it... in their revenue stream. The commercial failure of one or more such ISPs (especially if they are large ones) would force the remaining ISPs to sit up and take notice, lest sanctions against them and their customers be next. It is unfortunate that this type of sanctions will necessarily hurt honest customers too, but this is a small cost compared to seeing the whole Internet and its future destroyed by a few bad apples.
If you control or can influence Internet IP routers at ISP or other business locations, try to encourage your system administrators to modify your router routing tables or firewalls so that all traffic coming from rogue ISPs is simply refused.
One thing which does not help much to control spam is the hand-slap that many ISPs do, in merely revoking a spammer's account. Generally these accounts are trivially easy to start up almost anywhere, at a negligible cost, and spammers uniformly consider these accounts as 'disposable' anyhow. An account gets closed, after it has been used to send out two million pieces of spam? Big deal! The spammer merely loses his inconsequential $35 and goes down the street and opens another access account somewhere else.
The better solution is for responsible ISPs (and backbone providers too) to simply add a provision to their Terms of Service agreement which states very unabiguously that spamming is not allowed, and that any client who bulk-mails out unsolicited commercial E-mail agrees in advance to a penalty payment to the ISP of (say) $300 per copy sent out, as partial compensation for their administrative hassle and damage to their reputation. This dissuasive penalty will eliminate any question of whether spam is illegal or not (by moving the issue into simply an issue of contract law) and cause the intending spammer to not take the risk, and simply go elsewhere. (Then, all we have to do is to ensure that there is no longer an 'elsewhere' safe haven for them to retreat to).
It makes sense that we need to complain widely (and loudly) when this garbage annoys us.
A major way to help encourage ISPs to begin caring is to make sure that the irresponsible ISPs and connectivity providers receive a lot of complaints about their irresponsibility and unacceptable policies. It takes time and money to receive and respond to these, and makes the implicated parties aware that the public realizes they aren't doing their job very well. These complaints (by E-mail, or better yet by telephone if you can) should go not only to the ISPs who provide connectivity to the spammers, but also to the ISPs and companies whose open and uncontrolled mail relay servers are just asking to be abused by spammers. As in most things, it's the squeaky wheel which gets greased, and we need to make sure that the offending ISPs hear a lot of very loud complaining from those of us on the Net.
Send a copy of your complaint letter to "uce@ftc.gov", which is the address set up by the Federal Trade Commission to deal with the problem of unsolicited commercial E-mail. If they were to get a hundred thousand letters a day from angry Netizens complaining about this problem, you'd better believe that they'd move it right up onto their front burner.
Send a copy of your complaint letter to your US Congressman, US Senators, and other elected officials. Make sure they know how you feel about having your E-mail Inbox loaded down with garbage. Be especially adamant about cases where pornographic spam soliciting adult Web and other sex sites is being sent indiscriminately at random (but quite specifically) to your kids' E-mail address. While I'm a firm supporter of the right of adult and sexually oriented services and correspondence to exist on the Internet, I think it's not acceptable for solicitations for it to be sent on an unsolicited basis to those who have never specifically sought or asked to receive such material!
When you find pyramid "make money fast" chainletter scams on the Net, print up complete copies of the offending E-mail (be sure to include complete header information) or Usenet posts, and send a copy addressed to the Postmaster at the post office and ZIP code shown for each of the listed participants in the scheme. I personally like to take a yellow highligher marker, and highlight the name of their specific town and ZIP code in the letter, so the busy postmaster can see exactly why you're sending this letter printout to them. With any luck, you can get the postmaster affected to call in the person with that post office box and sit them down for a chat about Federal postal law, and perhaps cause the offenders' post office boxes to be abruptly closed... which will help to bring an end to at least that 'branch' of this kind of scam. While you're making these copies, make an extra set of copies and:
Send the extra copies of the offending E-mail (be sure to include complete header information) or Usenet posts to the "Postal Inspector" at the post office and ZIP code shown for each of the listed participants in the scheme. Again use your yellow highligher marker to highlight the name of their specific town and ZIP code in the letter. Postal Inspectors love to come down on chain letter and other pyramid scams, and you can be sure that they have the kind of power that spammers simply cannot ignore.
One important thing when complaining to the ISPs and backbone providers affected is to be sure to complain to the right places.
Complaining to a spammer themselves will usually do you very little good. Spammers know full well that they're pissing people off; they simply don't care. Most of the time, they've tried very hard to make sure that the complaints about what they're doing roll off like water off a duck's back. And often the spammer has contracted with a spamming organization which has generally gone to a lot of trouble in advance to try to make themselves as 'bullet proof' as possible.
Simply hitting the REPLY key in your mail software will usually do you almost no good at all. Virtually all spam has completely bogus, fraudulent From addresses pointing to nonexistent domains, or for nonexistent (or sometimes even maliciously selected, real) user accounts at innocent domains.
To find the right people to complain to, first you need to make sure you can turn on "complete/full header information" in your E-mail software. This will show you a lot more information than you probably usually see, including complete details of how your message was routed through the Internet between the original sender and your ISP. Usually, there will be several lines starting with "Received:", and generally there will be one or more bogus ones too, fraudulently added by the spammer to try to confuse you (as a general rule, the closer the Received: line is to the bottom of the header, the more suspect they are). Most often, the second Received: line is the one you want, and the IP address (four numbers in the range 0-255, separated by periods) is the IP address that the spammer had when they dumped the spam into the Internet. (You'll find that often (but not always) this will be a UU.NET, AT&T Worldnet, MCI, Sprintnet, or other major-ISP dialup account.)
Second, you will need several useful utility programs. Assuming you're running on a Windows 3.x or Windows 95 platform, here are some of the ones that I use:
Third, you need to write a suitably detailed letter and send copies to everyone that seems to be associated with or implicated by the spam. I usually start my complaint letter with a reference copy of the complete spam I originally received (WITH FULL HEADERS, this is important because it helps the ISP you're complaining to verify the guilty parties). I then copy-and-paste in (in front of the spam I received itself) the results of the TRACEROUTE and WHOIS functions, to show each of the recipients of your complaint letter why you are complaining to them, in particular. Don't be afraid to follow the trail back aways, including the companies through which the spammers' responsible (ahem, talk about an oxymoron) parties get their E-mail service and DNS (domain name services). Those companies ought to be made painfully aware, too, that people on the Net know that they're providing Internet connectivity services to scum. Then, start the whole message with a rational but angry letter stating that you don't appreciate their company being implicated in the spam you've received, and explaining the actions you're taking to try to bring an end to it. Send copies of the complaint letter to (at least) "root@", "postmaster@", and "abuse@" each of the companies and domains you've thus identified as involved. Don't forget to also include "uce@ftc.gov" and the E-mail addresses of any of your elected legislative officials (federal and state, even county or local... why not?) that have them. Make sure your elected officials know that you consider this a serious problem, and that you want action taken to put an end to it.
Fourth, don't give up. Be prepared to send out a lot of these letters. It's going to take action on the part of a lot of us, and a concerted effort, to bring this spam nuisance to a stop. But meanwhile, you'll at least know that you're doing your part!
Meanwhile, you can and should also use the filtering features of the better Internet applications software to reduce the annoyance level, as well as to enforce your sanctions at the level you are able to implement yourself.
For Usenet newsgroups, the commercial version of Agent newsreader (price about $30, a reasonable price given the huge improvement it offers once you get your filters set up properly) supports a pretty good filtering facility. Although you'll spend a lot of time setting up these filters to your own personal tastes (and will have many hundreds of filters set up before you're done for a while... this is a neverending battle) eventually you'll find that you can get rid automatically of probably 90-95% of the unwanted and off-topic garbage in many of your favorite newsgroups.
For E-mail, the current version of the freeware Eudora Lite also supports a limited but still VERY useful version of a filtering facility, that lets you block E-mail that's likely to be spam. One very useful technique for this is to block using the "Any Header" form of the filter any message which "contains" an IP address beginning with "[nnn.nnn.nnn." or "[nnn.nnn.", where the nnn are replaced with the IP address fields that you've found associated with a spammer-friendly ISP. Set the action to transfer such matching messages to Trash (or, better, to a special mailbox where you will later look up the offenders and send complaint letters as I've already described). Don't be afraid to be ruthless: when you filter by entire blocks of IP addresses, you will inevitably block or filter out at least some legitimate users, too. But that's what they have to expect when they unwisely chose to get their connectivity through an irresponsible ISP (and you ought to point this out to the legitimate customers affected... it's another good way to get them to apply their own pressure to the irresponsible ISPs).
When I have my own Eudora Lite filters more fully configured, I'm planning to make my own Eudora filter list available through this Web site, along with a program which will allow you to more easily add my own personal anti-spam and "irresponsible ISP sanctions" filters into your own filter list too. There is little reason, after all, why we all should have to maintain our own sets of anti-spammer filters independently. If you're interested in getting a copy of my anti-spammer filter set, you might drop me a note and let me know that you're interested.
Use the BACK control on your Web browser, or click here to return to my main home page.
This page and all linked contents originating with me are Copyright (C) 1997-2005 by Gordon E. Peterson II, all rights reserved worldwide. Last revised December 20, 2005.