E-mail Scam, Addressess being collected of mailing list::Advice Requested

[Mike Meyer]

In <3E9971F6.70607 at potentialtech.com>, Bill Moran <wmoran at potentialtech.com> typed:
> Personally, I think that what needs done is that a lobby group needs to form
> to force the government to do something about criminal junk mail.  These silly
> laws that have been passed so far are almost useless, and never enforced (that
> I've seen)  Part of the problem is that many of these emails originate from
> outside the country, where there (apparently) are no laws about deceiving and
> stealing from US citizens.

Just FYI, the US government has an anti-spam bill on the table. It
would require spam to have valid return addresses on it. It also
carries penalties that can be collected.

Note that the crrent laws have been enforced - but require someone to
take the spammer to court. What you can collect isn't enough to
justify the effort for most people. But some people have taken
spammers to court, and collected on it.

> >   What further action can be taken?
> There are many things you can do.  You may not want to do all of them.
> 1) Install Spamassassin or similar

Personally, I prefer tmda. I still get some spam, but most of it is
through -questions. I'm contemplatying adding spambayes to filter what
gets through that.

> 2) Continue to report and complain about junk mail (another good place to go
>     is spamcop.net ... makes reporting junkmail very easy)
> 3) Contact your local government representative and complain loudly

Both good advice, especially with bills on the table.

> 4) Configure your mail server to use RBL, or sign up with a mail service that
>     does.

RBLs, on the other hand, I consider a bad idea. They tend to be run by
volunteers, who take the attitude that they are doing something good,
and don't have to worry about doing it right because "they are just
volunteers". At least one is plainly extortion - as you can get only
get off the list for $'s. This guy is trusted by other some of the RBL
collection facilities, so you may be using him without realizing it.

> 5) I had an idea for a "counter-scam" where I would get an email address for
>     my underage nephew.  I would set up his signature to clearly announce his
>     status as being underage ("I'm only 14 and I love FreeBSD" or something)
>     and assist him in posting to mailing lists.  Then I'd wait for some porn
>     site to spam him and sue them for everything I could get.  Any lawyers
>     out there that think this would work?

It's certainly worth a try. Especially if you're in a jurisdiction
that has laws on the books about spam already. That way you should be
able to collect on the spam proper, even if the obvious problems of
exposing minors to pornography doesn't get you something.

>  > I will try to attach the original e-mail message, if it does not
>  > show up, please feel free to contact me.
> Please don't.  Many people will consider that spam in itself.  Most of us
> here have seen these scams and don't really need another example.  Attaching
> a copy doesn't really serve any purpose, but it does overload the list server.

More good advice. You should only forward spam if you're going to send
it to someone who can shut down the spammer.

	<mike
-- 
Mike Meyer <mwm at mired.org>		http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.