|
Grex > Coop9 > #93: Cyber Promotions Junk Mail | |
|
| Author |
Message |
mdw
|
|
Cyber Promotions Junk Mail
| 
May 3 03:11 UTC 1997 |
A user on grex has recently received several "forged" junk e-mail
messages. The most recent one was entitled "Search Engine Secrets",
from envisions@answerme.com. So far as I can tell, there is a company
which (Cyber Promotions, Inc.) has an e-mail mailing list containing
this grex user's mailbox address. (you can visit
http://www.cyberpromo.com/
(Beware. Get rid of your e-mail address
& any other personal information from
your browser before visting this site.
Netscape and other browsers (lynx?) *may*
send your e-mail address, and Cyber
Promo *will* add you to their list.)
if you want to know more about this company).
It seems in this case that they are then either buying "temporary"
internet connections from various big name ISP's, or they are reselling
their list to individuals who buy internet connections. Then, via this
internet connection, "junk" mail is sent with forged or bogus header
information, to addresses that come from this list.
I'd like to get a sense of how people here feel about this kind of mail.
Traditionally, what we (staff) have done when people complain about this
mail, is we send e-mail to the ISP that originated the mail. Most
commonly, then, the ISP that originated the mail sends a letter to us
indicating that they've turned off the account of the individual who
originated the mail. That won't work in the case of the problem I
described above, because the ISP that provides service to the company
has a stated policy of "non-intervention", and also because they are not
in fact originating the message in question.
I am not sure how much of a load this kind of mail presents to grex. I
fear that it may be significant. In the course of maintaining the mail
software, I've had occasion to see a few mailboxes that in fact
consisted mostly of junk mail received over the course of a few months.
I don't know if these were the exception or rule.
cyberpromo has apparently annoyed *many* people. See:
http://www.russ-smith.com/cyberres.htm
http://www.merit.edu/mail.archives/html/nanog/msg00843.html
http://www.vix.com/pub/spam/news/firstam.html
http://www.sirius.com/~monde/spam/cyberpromo.html
http://www8.zdnet.com/pcweek/news/0203/05maol.html
http://www.sf-bay.org/spam/news/prodigy.html
http://www.ca-probate.com/cyberpro.htm
Note warning here:
Warning: Sanford Wallace is a terrorist.
Do not attempt to harass or annoy him in
any way, as several people advised me
that he responds by broadcasting
thousands of forged emails (and other
tactics) in order to attack the people
who complain to him. It is illegal to
repeatedly dial an 800 number for the
purpose of driving up the company's
phone bill; besides, if you respond to
Sanford Wallace's relentless harassment
by adopting his terrorist tactics, what
have you become?
http://www.wired.com/news/technology/story/2773.html
http://www.aolsucks.org/spam/preferredmail.html
(says tools to filter mail don't work against
cyberpromo)
http://physics.ucsc.edu/~noc/Links/spam.html
http://members.aol.com/macabrus/cpfaq.html
http://www.inc.com/internet/objects/3004.html
So, some questions:
(1) Is there anyone here who *WANTS* this kind of mail. (Cyber
Promotions, Inc., claims 57% of "people on the internet" want e-mail. I
figure I, and all my friends, must be very unusual people if that is
so.)
(2) Would it be worth our while to make more of an effort to
*discourage* this kind of e-mail? If so, what can we do?
(3) Would anybody object if we applied gentle pressure on Cyber
Promotions's ISP? I was originally going to say to get cyberpromo to
remove *all* @cyberspace.org addresses from their mailing lists, but I
realize after reading some of the above URLs that this is somewhat less
likely than snow in Havana. I now think sending them above list of URLs
may be best.
|
| 14 responses total. |
srw
|
|
response 1 of 14:
|
May 3 04:19 UTC 1997 |
I have received stuff from them elsewhere, too. I have ignored it.
I do not wish to receive it. I do not know very many people who do.
It is pretty harmless to receive and easy to delet unwanted promotional mail
from a well-connected system. On grex, though, there is more of a cost. We
just don't know exactly how much it is.
|
scg
|
|
response 2 of 14:
|
May 3 04:31 UTC 1997 |
CyberPromotions is rather notorious for this kind of thing, and recently set
up their own ISP to cater to spammers. They originally got a connection from
AGIS, and AGIS dug in its heals saying that they were not in the business of
regulating content on the Internet, and that they were not going to get
involved. A short time later, under a lot of pressure, AGIS announced a list
of guidelines that any of their customers doing mail spamming would have to
follow, including a global remove list that all AGIS customers would have to
respect. AGIS claims they were still protecting the "free speech rights" of
spammers, but from reading their press release it looks like the rules may
have been designed to drive Cyberpromotions away without having to cut them
off. A day or two after that, Cyberpromotions announced that they were buying
three T3s (in other words, three times the capacity of MichNet's connection
to the outside world) from UUNet, and UUNet apparrently waived their anti-spam
policy. I heard a few days ago that UUNet had changed their mind and cut off
Cyberpromotions. I'm not sure if CyberPromotions is now accepting AGIS's
rules, or if they're looking for another ISP. For their part, the last
version I saw of Cyberpromotions' policy was that they were willing to take
individuals off their mailing lists, but not entire sites. I'm not sure if
that's what they're saying now. I certainly don't find it acceptable.
For now, I think Grex should probably take a wait and see approach. If it's
just a few messages, then yeah it's annoying, but we probably have better
things to do with our time than chase after every e-mail message. If it
becomes a big problem, they it may make sense to filter out stuff coming from
whatever IP address blocks are assigned to Cyberpromotions. They do seem to
be searching for a perminant connection, and there are enough abckbone
providers out there looking for cash that I'm sure somebody will give them
a connection that won't get cut off if they offer enough.
It shoudl be noted, although perhaps ignored, that this is the company that
sued AOL after AOL blocked them out, and got an injunction saying that AOL
had to let them send mail to AOL users.
|
dpc
|
|
response 3 of 14:
|
May 3 15:14 UTC 1997 |
I'd also suggest a wait-and-see policy. I'll just note that if Cyberpro-
motions is engaging in *fraud* by using forged e-mail addresses, then
they have no rights we are bound to respect.
|
pfv
|
|
response 4 of 14:
|
May 3 16:16 UTC 1997 |
Worst thing is I can't fill a paper sack with all the "junkmail"
and save it to start a nice cozy fire in the woodburner.
If it gets bad enough, you could always try "reverse-filter",
where only mail FROM a list of sites is allowed inbound, right?
I suspect that if the twits forge _real_ return addresses to get
thru the r-filter, then it suddenly becomes a matter for those
other sites to pursue as well as grex.
"Wait and See" is one of those handy doctrines that tends to be
a pain. If they are already mailing into grex, it means a lot of
wasted bandwidth AND storage space.
|
tsty
|
|
response 5 of 14:
|
May 4 15:20 UTC 1997 |
mostly i support wait-and-see.
what doesn't particularily bother me is email smaller tha 1K with
a *real* return address and the enclosed option of getting OFF the list.
if those three parameters are met, i don't have too much of a problem
with junk email.
as a single recipient, that may be alright, but if the /etc/passwd file
is used to create junk email dumped on the entire b0x, then the
magnification of the junk is intolerable, imo.
|
albaugh
|
|
response 6 of 14:
|
May 5 00:51 UTC 1997 |
Is it cyberpromotion's or whoever's intent to spam for annoyance sake, or are
they really hoping to get responses from interested buyers of whatever they're
hawking? If the latter, why would they had the from address? Is it so they
can receive incoming responses to a system that would not let them send
outgoing spam?
|
scg
|
|
response 7 of 14:
|
May 5 04:45 UTC 1997 |
I suspect such organizations often forge the From: line to avoid having to
deal with angry replies, or to keep the load of handling the replies off their
system.
From what I've heard about this sort of thing, there is actually quite a bit
of money in it. I don't know whether there's a lot of response from people
buying the products, but there are apparrently lots of companies willing to
pay lots of money to companies like Cyberpromotions to advertize their
products. When you add to that that the costs of sending out such mail are
almost nothing (especially when you consider that half the cost is paid by
the probably unwilling person who receives the message), the money that gets
paid for such spams probably is pretty close to being pure profit for the
spamming companies.
|
mdw
|
|
response 8 of 14:
|
May 6 01:39 UTC 1997 |
If I remember right, one of the above URL's points to a page that
describes cyberpromo's finances. Besides the profit motive, I suspect
Spamford sincerely believes he's fighting "for" free speech. I wish
there a way to disabuse him of this notion.
When I went looking, I found 8 mailboses that I think had Spamford's
latest offering, out of about 8000 mailboxes.
Re #4, a reverse mail filter won't work. See the URL's.
|
albaugh
|
|
response 9 of 14:
|
May 6 17:54 UTC 1997 |
Outcome of Cyberpromo vs. AOL
Re: #2:
> It should be noted, although perhaps ignored, that this is the company
> that sued AOL after AOL blocked them out, and got an injunction saying
> that AOL had to let them send mail to AOL users.
That seems to conflict to whats on
"http://www.vix.com/pub/spam/news/firstam.html":
Judge Weiner handed down a 28 page opinion on the First Amendment issue
in the Cyber Promotions case. He ruled that AOL is not a state actor and
that Cyber Promotions does not have a right under the First Amendment to
the United States Constitution or under the Constitutions of
Pennsylvania and Virginia to send unsolicited e-mail advertisements over
the Internet to members of America Online, Inc. and, as a result,
America Online, Inc. may block any attempts by Cyber Promotions to do
so.
|
albaugh
|
|
response 10 of 14:
|
May 6 17:55 UTC 1997 |
Outcome of Cyberpromo vs. AOL
Re: #2:
> It should be noted, although perhaps ignored, that this is the company
> that sued AOL after AOL blocked them out, and got an injunction saying
> that AOL had to let them send mail to AOL users.
That seems to conflict to what's on
"http://www.vix.com/pub/spam/news/firstam.html":
Judge Weiner handed down a 28 page opinion on the First Amendment issue
in the Cyber Promotions case. He ruled that AOL is not a state actor and
that Cyber Promotions does not have a right under the First Amendment to
the United States Constitution or under the Constitutions of
Pennsylvania and Virginia to send unsolicited e-mail advertisements over
the Internet to members of America Online, Inc. and, as a result,
America Online, Inc. may block any attempts by Cyber Promotions to do
so.
|
scg
|
|
response 11 of 14:
|
May 6 21:21 UTC 1997 |
Ok, I hadn't heard that part, but that is very good news. I think the judge
had first issued some sort of temporary injunction saying CyberPromotions
could keep sending mail to AOL while the case was pending.
|
jared
|
|
response 12 of 14:
|
May 10 22:31 UTC 1997 |
There are technical and political solutions to this problem, most people
take the tecnical approach. There are many sendmail.cf options you can
turn on to reject mail from a domain, or even require that the
from:<> address be a resolvable domain name, which is the best
solution, you require it come from a domain that really exists, and you
solve about 1/3 of the problems, then you have the 1/3 who just send it
from their accounts and get shut off almost immediateley.
The problem with this is that folks that generate lists of e-mail
addresses do such things as scan usenet, or other things like that and
get addresses that way, then buy a $20/mo account someplace, use their
mail server to send a message to 10k 50k or 100k users on the internet, and
that provide r shuts them off.. there are lots of other folks that will take
your 19.95 until they know what you're doing.. with this large market, it'll
take awhile to shut off all the folks in the area.
*way* back before the internet/web became so large, about 2
years before folks were plastering urls everyhwere, I once did a junk
spam e-mail thing for the place of my employment, by parsing the logfile
of folks that had ever sent mail to the machine, and sending them
a recent price list.
I look back at it now and wish I hadn't participated in such
things, mostly because the types of folks who do it now are very
marginal, forge from addresses, steal services by relaying mail
through someone elses smtp server, etc.. far different
than sending out a message to everyone who has sent mail to a machine, and
setting the from address to be info@domain.name
www.vix.com/spam/
|
scg
|
|
response 13 of 14:
|
May 11 00:20 UTC 1997 |
I think I was a recipient of Jared's spam a few years ago, and found it quite
useful. I see a big difference between sending things to people who have
shown interest in your company or its products, and sending to random people.
|
tsty
|
|
response 14 of 14:
|
May 11 01:02 UTC 1997 |
the last piece of spam i received was short and had to references
to 'removing yrself' with email. civilized spam.
|