[lug] off topic, spam laws

Sean Reifschneider jafo at tummy.com
Mon Feb 11 03:08:24 MST 2002

On Mon, Feb 11, 2002 at 02:23:46AM -0700, D. Stimits wrote:
>How exactly does RBL work? Since I point directly at the ISP via NS, can
>it still be used?

That's exactly the way I'm using it.  You have to be kind of clever then
though.  I have my mail filter set up so that when a message comes in, it
looks through the Received headers for the IP of the machine that sent the
message to my mail server, then does an RBL lookup on that.  Of course, it
means that you need to be connected to the net when you get new mail -- not
normally a problem...

Another alternative may be to ask your ISP to set it up for you...

>And is it able to bounce messages back, and tell the
>sender they are banned, so they will stop, or does it make the sender
>believe they got through?

Oh, you believe that the spammers use bounce information to stop sending
messages in the future...  Most of them don't care about bounces -- just in
case somone else has re-activated an account with the same name, you
reactivated your account, you cleaned up your mail box so you can get more

If your ISP sets up the filter, it will reject the message, causing the
remote mail server to bounce it.  If you do the lookup on your own machine,
it's probably too late and if you bounce it it'll just double-bounce back
to you (he says, based on personal experience).

I save the RBLed messages off to their own folder and review them about
once a day, looking for improperly trapped messages, etc...

>laws see it as more than a joke and have some effect at hurting them
>financially. Or if they do something fraudulent to hide who they are,
>get it to be publicly defined as the fraud it is, and not a mere civil

The best way to get back at them, is to spend a little time and make sure
they're tracked down...  Look in the body of the message for a URL where
they're advertising their services.  Be wary of the tricks they pull to try
to misdirect you to thinking it's another site.  Report the spamming to
their up-stream site -- many ISPs will shut down the web-site that's being
advertised in such a case...

Also report it to the mail server admins controlling the place it was sent
from.  Again, be wary of tricks they pull to make it look like it's coming
from places it's not actually coming from.

The ones that really work hard to catch my attention (making the message
look like replies to things I might have sent, etc) will just get me
interested in making sure a complaint goes to their providers...

The problem with trying to shut down spammers is that "there's a sucker
born every minute".  Shut down one, and a new one takes their place.

We had a client who was asking us about spamming.  Hard times hit them and
they were looking for more business...  Their marketing guy was really hot
on the idea of spamming.  We kept telling them about the lack of results,
shutting down your net line (which their business relies on), etc...

A while later we found that they had spent well in excess of $1,000, and
that they'd gotten literally *NO* business from it.  I think these results
are, in general, typical of completely undirected marketing on the net.
Unfortunately, there are too many people who "just want to try it" that the
lack of results really stops them.

>"you are receiving this because you asked to be spammed", I would like
>them to be held accountable to prove it (within some reasonable way, not
>something absurd), or else face fraud charges.

Are you willing to go to Florida, or Taiwan, to press charges?  Therein
lies the problem...  Colorado actually has fairly serious anti-spam laws,
but you have to file in the defendant's local jurisdiction...

 Good idea: Slaves Girls of Gor
 Bad idea: Slave Girls of Al Gore.
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python

More information about the LUG mailing list