Network News

X My Profile
View More Activity

Spam Fighter Calls It Quits

The Washington Post today ran a story I wrote on the demise of Blue Security, a software company whose innovative approach to fighting spam -- by having its users strike back at the spammers with a disruptive flood of return e-mails -- utlimately backfired when the spammers launched a counter-counterattack that shuttered Blue Security's site and knocked millions of others off the Web for the better part of a day.

I had a chat with Blue Security's CEO Eran Reshef shortly after the attack, and he shared with me some records of his online conversations with two spam sponsors, individuals in the business who handle everything from keeping the online pharmacy and other spam product Web sites running, to hiring and paying the people who do the actual spamming. Reshef said attacks from the company's software had convinced six out of the top 10 sponsors to scrub their spam e-mail lists to remove the addresses of people who use Blue Security's software.

In the following snippet from an online conversation Reshef had with a sponsor known as "ATM," the spam operator reluctantly acknowledges that scrubbing his lists of Blue Security users' addresses is the most expedient solution.

ATM: We want to understand, who is attacking us? You? Competitors? Or both? What do you want, to stop your attack? My tech people till now was able to stop your attacks, but I and you want to solve this problem peacefully.

Blue Security: We don't want to harm to your business, we only want you to stop sending spam to our users.

ATM: Who are your users? List of emails, to pass to my affiliates to stop spamming? But first, answer my question - botnet of 15k IP addresses is it yours?

BS: This is not botnet, this is 15,000 of our users from about 500,000. We have program (free/open source) which can automatically clean your email list.

ATM agrees to use the e-mail list-scrubbing program, and asks Reshef for a copy of his customer list. Reshef requests ATM's e-mail address, but the spam sponsor suggests other means of communication, ending the conversation with this priceless quote:

"I'm sick with the spam in my mail boxes, so I don't use email any more."

But one pharmacy spam sponsor who calls himself "Pharma Master" didn't exactly appreciate Blue Security's tactics, and launched a volley of distributed denial-of-service (DDoS) attacks against the company's Web site that eventually cascaded across the Web, knocking dozens of sites and thousands of blogs offline for hours.

Pharma Master: i am discussing daily with 10,000 of people and the biggest companys in the world. i know one thing which i already told you, u started with my and my people and my staff, you shall get hurt first to feel who we are. and when i'll make sure you got the point of who we are then we can talk but i dont feel like you guys really in mood of something. Bleusecurity.con is down now that's not bad how bout to keep all your system down for few months? How bout each time you play games i'll hit your company?

Here the spammer is saying he's willing to cover the costs of his sponsors being knocked offline after they send spam to Blue Security's members: "How bout each time you trying to screw someone i'll pay to sponosrs the money they loosing if they do?

Reshef didn't have much more to say to Pharma Master, and later decided he had lost the fight against the spammers. As of today, Blue Security will no longer be offering its services. Reshef said the company made the decision not to continue with the service out of fear of even more crippling attacks against his company that could further affect other sites. He said the spammers threatened to increase the volume of their attacks, and to write computer viruses that seek to attack security weaknesses in his company's software, thereby targeting the company's individual users themselves.

I can't say I'm surprised. It was only a matter of time before some spammer decided it was worth paying a few thousand dollars to rent out a botnet of 20,000 hacked home computers and take this company offline. The fact that a spammer can hold millions of Web sites hostage just because he is upset that someone is meddling in his business is disturbing.

Still, this saga is yet another reminder that while the Internet is an incredibly versatile, resilient and adaptive network, the underlying framework that the commercial Web rests upon was never designed with mutual trust and security in mind. As such, it will take a lot more than clever gimmickry to give businesses and consumers the upper hand over Internet hucksters, spammers and criminals.

By Brian Krebs  |  May 17, 2006; 7:23 AM ET
Categories:  From the Bunker  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Mac Update Brings Trouble for Some Users
Next: Blue Security Kicked While It's Down

Comments

I was a very happy user of Blue Security would have paid for and still pay for the service they provided, attempting to get me off the spammers lists. Too bad that a lot of blue security users were requesting the same thing at the same time. I am confident BS only sent one attempt for every e-mail I recived. If it did clog the spammers systems, let them send their spam at one an hour instead of all at the same time.

I find it offensive, and unbelievable, that the internet community accepts the balckmail from thos (in this case) russian spammers. Should I, as a user of the ineternet have my mail box targetted by spammers just for the rights of being on the internet. Using my bandwidth, bit more importantly my time to sift thru the e-mails. This is truly international gangsterism.

I hope that if BS can't keep on going, someone else carries the flag gainst those gangsters. I will support and am even prepared to pay for it (as many people would if they thought about what those despicable spammers are doing). Comne on, it only takes enough people to stand up against the mafia. Anything short of it, is condoning this illegal and bully type behaviour. Save the internet, save Blue Security!

Posted by: MidGe | May 17, 2006 8:03 AM | Report abuse

I agree, I'd happily pay a fee to keep Blue Security running. It was working and it's sad that for want of money it should close.

Posted by: harry | May 17, 2006 8:50 AM | Report abuse

try postini.com best on the net

Posted by: ifightspammers | May 17, 2006 9:07 AM | Report abuse

Get rid of all spam by using a "whitelist" to throw away all e-mail except that from recognized names and addresses.

Posted by: J. Gault | May 17, 2006 9:09 AM | Report abuse

The best way to stop spammer's is to stop the money they are making. I work in the media industry and know first hand how easy it is to change a country's mood with the appropriate marketing. The easiest solution to this problem is to develop a fad of boycotting all companies which use spam to sale products.

Posted by: Mike | May 17, 2006 9:30 AM | Report abuse

By the way everyone should stop by www.spamhaus.org. They have the worst spam offenders listed and good information on the reality of SPAM.

Posted by: Mike | May 17, 2006 9:37 AM | Report abuse

the best first step to cut down spam is to blacklist most of the world with a server-side filter like procmail. everything from .ru, .hk, .br etc goes into /dev/null. i have never in my life gotten an email from those domains that i wanted.

most american ISPs are now pretty good citizens, while there is no such thing as an AUP outside the USA and in some cases europe/aus/nz. essentially all spam comes from outside the US; that is why no anti-spam legislation will ever work.

Posted by: macunix | May 17, 2006 9:59 AM | Report abuse

I think all should take up the banner and drill the spammer clowns off the internet...after all, how big is the spammer comunity vs. the rest of the world?

Posted by: hmmm... | May 17, 2006 10:25 AM | Report abuse

I've been Using Cloudmark (www.cloudmark.com) for a few years, and it does a dynamite job of blocking spam on MS Outlook. (I have Cloudmark mark it as "read" and put it in the deleted items folder. Cloudmark uses the combined judgment of its user base to determine whether something is spam or not, so it's incredibly accurate. It will NOT mark as spam those emails you've subscribed to (even if unknowingly, when you place an order): you must cancel your subscriptions. And it's not free: $1.99/month. But it's effective and fast and I like it a lot.

Posted by: LeisureGuy | May 17, 2006 10:50 AM | Report abuse

The problem with spam is not individual users, who can block spam quite easily, but with the Internet as a whole. If spam is 50% of the world's email traffic, then thousands of dollars is spent tossing it away at some level. One day spam will be 99% of all email traffic.

The only solution is to charge for email. It's coming.

Posted by: SpamSpamSpam | May 17, 2006 11:25 AM | Report abuse

The key is not to use tit-for-tat technology to cripple the spammers, because it only brings the criminal one-upsmanship to the forefront. The key is for the marketers and item/service peddlers to force the spammers to prove that their concept really results in higher sales volume. These spammers get paid by how many addresses they blanket an ad to, but there is not proof that the ad's message was actually communicated to the consumer, the result that is hoped for. I know when an email is spam and delete it right away, and believe that the vast majority of users do too.

If you want spam to discontinue you need to force the marketers, wholesalers or retailers to rework their contracts forcing the spammers to prove that the message was communicated to the und user. Advertisements are placed in magazines and on websites because the end users can be quantified, and a person will at least glance over an ad even if they are not interested. But, spam comes and and immediately goes out of my inbox.

The spammers aren't really scamming us, they are scamming these marketers, wholesalers and retailer that are paying them for a false return on investment. While Blue Security's plan may have sounded good on paper, the technology was interesting and getting rid of spammers is a personal and business necessity, I believe they only made the situation worse by enticing the competitive nature of these spammers.

It should have been a predictable demise for anyone connected to the development community, and for a Private Equity pro to miss this one is a serious dereliction of duty to their LPs.

Posted by: Tony | May 17, 2006 11:26 AM | Report abuse

It sickens me when the bad guy wins. These tactics aren't much different than the mob's protection rackets of the mid 20th century. Too bad, so sad, I'm mad!

Posted by: Pete in Arlington | May 17, 2006 11:44 AM | Report abuse

The economics of spam are so one-sided, all costs are born by the receiving end of the email. Consider this, a high-bandwidth connection costs $40-$100/month, more than enough to distribute unending spam to the world. Automated spam generating programs that bypass standard filters with cleaver wording, etc., are being generated all the time. If even .001% of spam results in a sale, that's a win. And with click tracking, it can be properly accounted to the spammer. And since it is a numbers game, there is incentive to generate more spam. Not to mention the illegal methods using botnets!

Charging for email is the only certain solution, and it will come. Not only that, but differentiation will come as well. "Express" will cost more than "Std Delivery". Think what a one penny charge for email would do to someone who sends millions of emails/day. Suddenly the economics change dramatically, about $100 per successful spam at the above percentage.

Posted by: Dave H | May 17, 2006 12:39 PM | Report abuse

A simple and immediate cure for spam is to change your email address. Use a throw-away email address for those occasions when you don't want to divulge your main email address, and be very careful who you give your main email address to.

It has work well for me for many years.

Posted by: Scott | May 17, 2006 12:42 PM | Report abuse

Why not make the BlueFrog software and the underlying server software OpenSource? Farm it off to the Mozilla Project, slap a PGP-signature on it and let everyone set up their own personal froggy system.

Or maybe have some company with more resources than BlueSecurity take up the banner and run with it? I'd like to see a mere 20k botnet take down Microsoft.com

Oooooh...or howabout...

bluefrog.fbi.gov

Or even...

bluefrog.un.org

Posted by: So what's the next step? | May 17, 2006 12:47 PM | Report abuse

The only reason that BotNets can issue spam in the first place is because of ISPs lax security and lack of firewalling users from the outside world.
If all client machine were denied access to port 25 (SMTP) except via the ISPs mail servers then botnets spamming the world would become useless almost overnight as they would be unable to access any SMTP server directly.

I note that very few ISPs actually filter outbound SMTP for home user accounts.

I can accept a business case for needing SMTP outbound to any host, but when did a home user need this feature? In fact, how many home users would notice if port 25 was denied to them (escept to their ISP mail server?).

As long as we have lax security then spam will prevail. Shame ISPs don't seem to take any responsibility with regards to their users. It's not often an ISP will take down an offending user account.

Just see how many IP addreses are in the SpamCop database. Says it all......

Posted by: Phil B | May 17, 2006 12:47 PM | Report abuse

There have been a lot of interesting ideas posted here as to how to approach the problem of curbing or beating spam. The key problem is also the fundamental basis of spammers logic: it costs next to nothing to blast hundreds of thousands or even millions of emails out... even if you only get a fraction of a percentage conversion, you're doing well. This makes the level of risk (to reputation, economic, etc.) very appealing to those that hire spammers to broadcast their messages.

Unfortunately, there is a confluence of marketers looking to promote their product as cheaply as possible, nefarious spammers willing to take their money (and obviously willing to go to great lengths to defend their "industry"), numerous ISPs that don't enforce anti-outbound spam policies, governments that don't care, and of course the millions of email users globally who have resigned themselves to spam being an annoying fact of life on the internet.

The sad truth is that the djinni is out of the bottle, and even novel approaches to the problem aren't working. It appears that maybe charging for bulk emails is the only viable solution on the table, but it has to be navigated carefully... and so far, development in this area has been disappointingly sloppy in terms of its ability to filter bad mail while allowing good mail through.

I would suggest a more effective approach would be a broad-based crack-down on ISPs and System Administrators... figure out a way to penalize them (read: make them feel the hurt) for anybody sending spam from their servers. This, of course, would take a massively coordinated effort, but so is any other solution to the spam problem.

Furthermore, ip spoofing needs to be addressed before the problem can be tackled aggressively. As long as spammers can move untraceably, in relative anonymity and with complete impunity, there will always be spam. This problem could be addressed very simply by establishing a standardized email validation system where the true source ip of an email is compared to the ip it claims to be from in the header... if there's a mismatch (this could even be widened to allow for narrow ranges of ip's), the email is instantly obliterated. (Bouncing spam is a waste of time and bandwidth).

Posted by: Chris | May 17, 2006 12:50 PM | Report abuse

SBC's (now AT&T) spam filters work wonders. I believe it is activated by default for all users. I haven't seen a piece of spam or unsolicited e-mail in over a year.

This story just shows that nothing good ever comes out of a Russian domain. ISP's should offer to their customers, the option to block all traffic originating from domains in troublesome crime-ridden regions of the world: Russia, China, Middle East, South America, South Korea, Hong Kong.

Posted by: Ken L | May 17, 2006 12:57 PM | Report abuse

how do you know if your home computer is infected and has become a "bot"? i would be happy to do whatever is necessary to find out and then fix the problem, but as a non-tech savvy person, i have no idea how to even go about finding out whether i am part of the problem

Posted by: kat | May 17, 2006 12:58 PM | Report abuse

You must have an UPDATED anti-virus product installed on your computer to be sure you are not a 'bot'. If your computer is abnormally slow and returns strange errors, then you most likely are infected with a virus that turns your computer into a 'bot'. We all suffer this spam problem because people don't protect their computers and they are used as botnets to send spam to ourselves.

I will not rest to find another PROACTIVE solution against spam now that blue security has given up. Shame on you Eran Reshef, you are a coward! We would have donated money and resources and done anything else to keep it going. At least do us the favor of opensourcing your technology so that we can develop a better system using your technology. (kevin{AT]netkev[.>com)

Posted by: Kevin | May 17, 2006 1:13 PM | Report abuse

The real problem is people who buy products from spam offers. Without those people there would be no spam. It is that simple.

Posted by: Norman | May 17, 2006 1:42 PM | Report abuse

The only reason there are networks of 20,000 home computers for rent is because of flawed OSes sold by Microsoft.

One day someone will figure out a way to bring Microsoft into court and begin to pay for the damages suffered by companies on the web. Maybe the product liability laws will have to be rewritten, but it's clear where the real problem lies.

Without those bots, where would the spammers be? They'd be insignificant, and incapable of sending half the emails on the web.

Posted by: Roger S | May 17, 2006 1:50 PM | Report abuse

Blame Microsoft. It is their feeble security efforts that result in the botnets and zombies that allow the spammers and other criminals to launch DDOS attacks. MS is making improvements, but their years of ignoring security will haunt all netizens for years to come.
BLAME MICROSOFT!

Posted by: stevem | May 17, 2006 2:11 PM | Report abuse

Well, that's a little "cart brfore the horse", isn't it? I mean, the operating systems were intentionally made flexible, and didn't seem faulty until lots of exploitation was made of this flexibility. Anyone running ANY operating system can make it as arbitrarily secure as they wish, but only by giving up flexibility.

Posted by: Bob S. | May 17, 2006 2:17 PM | Report abuse

essentially all spam comes from outside the USA. that is because internet providers in so many countries do not even have, much less enforce, an Acceptable Use Policy (AUP).

the problem would be solved if we had a national whitelist. to send email to USA you have to prove that you terminate spammers. enough complaints and you're off.

Posted by: Anonymous | May 17, 2006 2:40 PM | Report abuse

This story of geeky spammer attacking legitimate good business really sucks! I sympathize Blue Security and want to help them now even more. I will be blacklisting all russian IP address block in the machines I work with.

PharmaMaster will not be able to do his thing when it gets to IPv6. We need to unite and give him a taste back of his DDoS through p2p to give him the message that he can not threaten people like this.

Posted by: PharmMaster is a looser | May 17, 2006 3:00 PM | Report abuse

I agree with Norman's post above. It's a supply and demand thing. Some have suggested charging for email, which I don't much care for. Perhaps everything sold on the Internet should be taxed in some form or other. That way when the spammers don't pay the taxes they could be dealt with using legal/technological means.

Posted by: innocbystr | May 17, 2006 3:04 PM | Report abuse

Tit for tat is a good tactic, but the implementation was not good enough. There is a need for a peer-to-peer retaliation tool, that can not be stopped, as it is fully distributed. The majority of internet users are good people, and they can knock down a few bad guys easily.

Posted by: Joshua Bird | May 17, 2006 4:03 PM | Report abuse

Well, we could just let Congress give the whole friggin' Internet over to ATT & Verizon to run as they see fit. I am sure they would operate with only us consumers' best interests at heart. Maybe they could contract with Haliburton to help out...

Posted by: Gee | May 17, 2006 4:10 PM | Report abuse

I don't condone what spammers are doing, but this was a pretty dumb and reckless idea on the part of Blue Security.

It's basically a digital form of vigilante justice, and in this case it backfired, resulting in taking down not only Blue Security, but thousands of other sites.

Most of the sites were probably not even aware of what Blue Security was doing and probably don't appreciate being knocked offline (losing many $$ in the process) for something they were unaware of or didn't have any part in.

Spammers suck, but there are better ways of dealing with them.

Posted by: Matt | May 17, 2006 4:46 PM | Report abuse

You cannot blame microsoft, for viruses, spyware, or spam. It is the evil programmers who make such software who should be blamed.

If email programs were changed so that anyone who sent you an email would have to have an per-authorization number, the problem would be simplified. There could be two kinds of authorization numbers 1)Permanent numbers for trusted senders and 2)One-Time numbers for un-trusted senders

This would eliminate the problem of IP-spoofing and sender-address spoofing.

Charging for email is wrong, as I oppose any form of online monitoring by the government. Once they have a system inplace to monitor things like e-mails, it will be easy to modify that system to monitor and control you entire electronic life, which would be bad.

Posted by: Anonymous | May 17, 2006 4:47 PM | Report abuse

Right - blame the window company for the thief that broke in and robbed you.

Get angry for the right reasons. Don't support businesses that pay these spammers. Somebody's buying their products, or they wouldn't be financing these dirtbag, low-life criminals. Let the companies that pay the spammers know you will not be buying their products or services - because they support spammers!!!

Posted by: Ioldanach | May 17, 2006 5:19 PM | Report abuse

If people would quit logging in as a user that has install privledges on their PC then much less tojans/spyware/viruses would around (thus less bots). Also people clicking Yes everytime an activeX install dialog pops up lol.

Having to logout and login as an admin everytime you want to install a piece of software makes people eventually stay logged in as an admin. With Vista, you will no longer have to do this (login as an admin) and instead will be prompted to enter credentials of an account that can install software/driver/edit certain registry keys, etc. This will cause a huge reduction on the number of systems infected as websites won't be able to take advantaged of vulnerabilites in your browser to install something behind the scenes w/o the user being prompted for password to install such. The important thing is for Vista to not make it so annoying that users deciding to login as an admin to avoid the prompt for user credentials.

Something that would be really nice is for Microsoft to provide a link to web page that lets users rate ActiveX / or any setup file. Any time an ActiveX control or program tried to install the user would see a link to a webpage for that specific file (an md5 hash of file appended to URL of website) on the password prompt and could read user comments about the file to help decide if they should install it or not.

I honestly don't have many issues with spam and I've had my Yahoo e-mail address listed in many places on the net. I get about 1 spam message a day in my Yahoo Inbox, the rest goes to bulk. For work, we use Symatec AV on our Exchange server that has basic spam filtering. I've added the SBL-XBL server to the DNS block list. I get about 2 or 3 spam messages a day in Outlooks Junk Mail folder and maybe 2 a month make it in my inbox. The work address isn't quite as public as my yahoo address though but it manage to make it into them damn chain letters friend/family keep sending me.

Posted by: danp129 | May 17, 2006 5:39 PM | Report abuse

ever got an email from russia or brasil you really needed? i haven't, but i get tons of spam that originates from those countries and many others. if they were blocked from the USA all i would notice is that there was less junk in my junk boxes. i say block them all and allow them back in on a whitelist basis only.

to paraphrase our leader, "More and more of our spam imports come from overseas", or you might say spam is a problem of illegal immigration.

i do not think that most people realize that spam is an import.

Posted by: macunix | May 17, 2006 7:16 PM | Report abuse

Macunix -- Thanks for your comment, but it's important to keep in mind that the single biggest source of spam (and most online scams, phishing or otherwise) is hacked computers located in the United States. According to Symantec's latest Internet Threat Report, the U.S. is the country of origin for 56 percent of all spam.

Posted by: Bk | May 17, 2006 7:42 PM | Report abuse

If 56% of the spam is sent from U.S. machines, i.e. hacked zombies and botnets, then those machines should be added to a blocklist. If a system is a threat, it should be blacklisted; whether they're in Russia, Brazil, or your neighbor down the street.

What happens if al-Qaeda obtains the services of these DDoS scum? Imagine using DDoS to boost the effectiveness of a conventional terrorist attack.

For example, knocking out sites and servers used to coordinate emergency responses and inform the public. Panic and rumor will spread that much more effectively if government and news web sites are offline.

Because of this, if we can locate the whereabouts of any of these DDoS cowards, we should insert a special forces team and take them out. We can't risk al-Qaeda getting a hold of their services. Anyone with that level of DDoS skill and resources should be considered an extreme threat to national security.

Posted by: Ken L | May 17, 2006 8:23 PM | Report abuse

BK-- theese DDoS people own theese botnets come from mom, dad, brother, sister, grandma, grandpa, aunt, uncle, signifigant other who just doesnt know how to protect their system nor do they really care, they just wanna hop on the net play some sodoku and check thier email. soo theese owners are able to infect machines with malware/trojans that do a specific pourpose and dont affect user space. Not all bot net admins as i call them, rent their net out infact 99% of them are vengfully protective of their nets and if you even THINK about asking for access or you pissed them off recently they will level their bot net at you. most bot net admins are childish too.. get into Dalnet on IRC find a l33t h4x0r room filled with kiddies, have your firewall up, piss one of em off, watch your firewall logs as your machine goes down in flames ;) there isnt anything you can do about botnets with out upping the default security level soo the less technical users dont have to try to figure out the techie stuff that sounds wierd and dangorus to them.. when thats achived youll see alot of things clear up (for a little while.. never say a system is hack proof for hackers will take that as a challenge and at the least slip you a note in your home directory about how you just got "pwned")

Posted by: Kusuriya | May 17, 2006 9:11 PM | Report abuse

It's a crying shame that BlueSecurity didn't have the balls to carry through on all this... using a combination of my tools (SpamVampire, Refi Retaliator II) and BlueFrog, my spam receival rate was cut to almost nothing (less than one spam per email address per month), without filtering or blocking any email.

If the spammers want a war, let's give them one... there are many orders of magnitude more of us than there are of them... so fire up SpamVampire and Refi Retaliator II and show the spammers that their criminality won't be allowed.

Posted by: SpamSlayer | May 17, 2006 9:14 PM | Report abuse

I think the real problem is the very old and "trusty" SMTP protocol.
There are some RFCs offering a solution.
Even now,mail server administrators can help just turning on two important features in their SMTP servers.This are: "Reject if sender has no MX" and "POP authentication".

Posted by: Javier Ntaca | May 17, 2006 10:05 PM | Report abuse

Bk, i read a few headers of my spam every day, in part so i can send complaints to the ISP for the most obnoxious IF they are in the US (of course, there ain't no AUP in russia). i haven't calculated the % from the US, but 56% is ludicrous. i would say, conservatively, that my US spam is under 10%.

i don't understand where that 56% comes from. one thing is that i don't consider unsolicited email from legit business like LLBean or Expedia with non-spoofed adr to be spam on a par with porn, scams etc. maybe i should say that my disgusting spam is over 90% foreign, tho i still disagree with symantec even if i consider all unsolicited email.

Posted by: macunix | May 17, 2006 10:06 PM | Report abuse

It seems a lot of posters still don't get the idea about spam (especially the tit for that which was BS approach).

I don't object to spam. I just want the ability to opt out. Most spammers do not give me that ability, yet they use my resources. They are indeed, like the mob, extracting a "tax" on every internet user, interested or not.

Those people are not just rogue marketeers they are racketeers, true gangsters. The fact that the opt out requests brought they servers down and cost them money is most laudable from my view point. BS sent only one request from evry single one of they customers. They did nothing illegal in my opinion, but offered a service to me, the client, allowing me to automate my request for opt-outs. If no request lin was available, then they would attempt to do it via any means available to communicate to the company (ie order link on the company's sites). It was saving me heaps of time and I felt somewhat empowered rather than a meek sheep accepting the rule of criminals. I would willingly donate some monies to anyone that gurantees that it would be used in a tit for tat manner against those gangsters. I think when it comes to the mob, racketeer and gangsters the only thing to do is to stand up to them.

Posted by: MidGe | May 17, 2006 11:53 PM | Report abuse

If people are really interested in stopping spam the best solution will be a change in the SMPT protocol, i'm not suggestion a solution cause i haven't thought of one (trust me there will be one if you think hard enough).

Possibly the next best solution is for someone to start a company, hire a few of these spammers, work out how exactly they work. Then once you've got the know how they operate, compile a list of all the spammers in the world, Names, addresses, phone numbers, thier ISP, thier family members names, where thier family lives, give people every conceviable piece of information about these people you can find.

Once you've got all this information make it publicly available and watch these retards been crucified by the general public. I know that if i had the address of a spammer i would be going to visit thier house with a baseball bat. Punishing or alternatively publicly humilating these spammers is the only way were going to stop them.

Govrnments should be taking it upon themselves to hunt these people down and break thier legs

Posted by: Tom | May 18, 2006 11:29 PM | Report abuse

note to SpamVampire coder:

with the many things a person has to do in a day most ppl are not going to learn java, then fish around in SpamVampire code to edit it .. if they ever understand it in the first place.

set it up for ppl to stick image links in boxes [like putting in a URL in browser] and another opens as soon as u hit enter or something, then have apply or run button ... or u can forget about the average user helping you.

Posted by: tudmax | August 24, 2006 6:00 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company