Thursday, March 15, 2007

Death Penalty For Spammers - Now!

Death Penalty For Spammers - Now!

I have more or less abandoned the e-mail address that I used to use courtesy of our local internet provider here in Japan. The address is hughcook@ve.netyou.jp, and got captured by spammers when I displayed it online.

I later moved to a Yahoo address, which has some spam filtering, and my plan for the future is to stick to the Gmail address kiwihugh@gmail.com, because this has an EXTREMELY aggressive spam filter.

Unfortunately, a few people still use my Netyou address, so I can't just abandon it. So, at least once a week, I open Outlook Express to the deluge. The usual stuff, counterfeit watches, priapic drugs, free money by the millions, and so on and so forth.

One sender caught my eye because it was, allegedly, me. When I opened it up, it said "From: hughcook@ve.netyoujp To: hughcook@ve.netyou.jp."

And what it was was a bloody ad for spammers, "we email your charity web site to 7,500,000 people. free".

(My spellchecker doesn't like that "was was," but I think the grammar here is legitimate.)

The perpetrators of this identity theft (if you go around masquerading as me then it's definitely identity theft) give their website as www.emailsolutioncorp.com.

Experimentally, I pasted that URL into my browser. The banner says "BROADCAST EMAIL SERVICE" and boasts that "We Send Your Email Ad to 10,000 People Daily."

I'm not good at basic arithmetic, but they do the math for me. If only one in 100,000 people respond to your ad, you will get 100 orders a day.

They have a CHARITY INFO button which you can click to see their charity face, which I'm sure Jack the Ripper would be happy to borrow for a night out on the town, sneaking around looking innocent.

Innocent people, however, don't steal your own identity to spam you with uninvited e-mail.

I went to FILE -> SAVE AS and saved a copy of the *.eml file, then opened it with one of my text editors to see how these hellspawn miscreants delivered this junk to my e-mail account.

Here is the gobbledygood from the head of the *.eml file in its entirity:

Received: from smtp11.asp.home.ne.jp by yt4.netyou.jp (8.9.3/3.7W)
id LAA20294; Wed, 14 Mar 2007 11:12:45 +0900 (JST)
Received: by smtp11.asp.home.ne.jp (8.13.7/v6062100) with ESMTP id l2E2Cjr6005011
for ; Wed, 14 Mar 2007 11:12:45 +0900 (JST)
Received: from ROBCOMP-557F873 ([62.201.84.236])
by mxi21.asp.home.ne.jp (8.13.7/v6062000) with SMTP id l2E2CcDH002279
for ; Wed, 14 Mar 2007 11:12:43 +0900 (JST)
Date: Wed, 14 Mar 2007 11:12:38 +0900 (JST)
From: hughcook@ve.netyou.jp
Message-Id: <200703140212.l2e2ccdh002279@mxi21.asp.home.ne.jp>
To: hughcook@ve.netyou.jp
Content-Type: text
X-UIDL: e460d63733eb792ed9746cd2384c4128

The bit that sticks out as the odd man out is this:

""Received: from ROBCOMP-557F873 ([62.201.84.236]) by mxi21.asp.home.ne.jp""

That is the one bit that sticks out, that does not seem to have originated locally, ie in Japan. Presumably "62.201.84.236" is some kind of Internet address. Experimentally, I pasted it into my browser.

The response from Mozilla was that the operation timed out when contact was attempted. I tried using Internet Explorer, but it didn't seem to know what to do with the string of numbers. So I tried to Google the string as "62.201.84.236" to catch that precise sequence.

But I got zero results.

So I googled www.emailsolutioncorp.com to see what would pop up.

The second Google snippet is this:

""Comments for CarltonBale.com
I also have seen the url for www.emailsolutioncorp.com. I've been getting this. They are apparently guessing at addresses based on domain names. ...
www.carltonbale.com/comments/feed/ - 28k - 12 Mar 2007 - Cached - Similar pages""

I then tried searching for the URL with the word "spam" to see what would pop up.

""Another Spam E-mail Source Identified: PermissionEmailCorp.com ...
If I categorize them as SPAM, then my own e-mail address goes on the blocked list. ... I also have seen the url for www.emailsolutioncorp.com. najiba Says: ...
www.carltonbale.com/.../another-spam-e-mail-source-identified-permissionemailcorpcom-steals-from-godaddycom/ - 47k - Cached - Similar pages

""Comments on: Another Spam E-mail Source Identified ...
I just got a spam to the new address. What this means is that they are roboting WhoIs sites to ... I also have seen the url for www.emailsolutioncorp.com. ...
www.carltonbale.com/.../feed/ - 42k - Cached - Similar pages
[ More results from www.carltonbale.com ]""

The above gives me a new twist on the spamming business. If you have the ability to denounce the e-mail as spam, you end up denouncing your own e-mail identity.

I think petitioning for the instituion of the death penalty for spammers is the way to handle this problem. But that's probably not a workable solution in the longterm. What can I do right now?

I searched for "FBI spam" and the first Google snippet was:

""Spam: Where to Complain About Frauds & Scams on the Internet
Spam Cop - A very quick and easy way to complain to a spammer's service provider ... Affiliated with the FBI, U.S. Customs, U.S.P.S (Funded by U.S. Gov. ...
www.elsop.com/wrc/complain.htm - 14k - Cached - Similar pages""

I went to the URL.

http://www.elsop.com/wrc/complain.htm

They give you a whole bunch of links to complain. The top one is SPAM COP, a way to complain to the spammer's service provider.

Let's check it out ...

""SpamCop is the premier service for reporting spam. SpamCop determines the origin of unwanted email and reports it to the relevant Internet service providers. By reporting spam, you have a positive impact on the problem. Reporting unsolicited email also helps feed spam filtering systems, including, but not limited to, SpamCop's own service.""

You have to register to report spam, but I think I'm angry enough to do this. I have a busy life, and spammers trashing one of my e-mail accounts to the point where it is becoming progressively unworkable is something I could do without.

You punch in a name (a real name or an alias, as you wish) plus an e-mail address and they send you a password.

Okay, I gave them my Gmail account, and G. has, as I thought it might, trashed the e-mail into the spam folder, where it gets deleted if you don't NOT SPAM it in 30 days.

They provide a password plus these options:


""Cookie log-in:
http://www.spamcop.net/mcgi?action=loginform;returnurl=%2F

""HTTP authentication (no cookies required):
http://members.spamcop.net/

""If you have questions or problems, please visit:
http://www.spamcop.net/help.shtml""

It's now one in the morning and I have to get up and work before not too many years. So I'm bookmarking SpamCop for future reference, and I'll get onto the reporting business when next I have the time.

2 Comments:

Anonymous alison said...

i'm getting these e-mails, too, in my gmail account. i'd requested via their website to be removed (demanded is more like it) but i'm still getting spammed from one of their partner sites. so i finally opened the e-mail and saw that it was sent through a weird e-mail from my web hosting provider (i.e. "proxy123456@1and1-privatewebaddress.com") so, i requested to be removed with that e-mail address and then changed that e-mail address. we'll see. also, i forwarded the e-mails to SPAM@UCE.GOV, which is a federal e-mail address to report spam that i found from the FTC's website here: https://rn.ftc.gov/pls/dod/wsolcq$.startup?Z_ORG_CODE=PU01

if none of that works, i'm going to walk down to their business address (which is not far from my seattle residence) and demand that they remove me from their list while i'm present. i'm kind of hoping it'll come to that, because it's not often you can confront spammers face to face.

2:05 AM  
Anonymous Anonymous said...

One of the dirty google spammer is Bertrand Demiddelaer: a loser that has nothing else to do with his life.

12:51 PM  

Post a Comment

Links to this post:

Create a Link

<< Home