T.R | Title | User | Personal Name | Date | Lines |
---|
4026.1 | | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Thu Sep 05 1996 22:51 | 9 |
4026.2 | AOL fights back | TOHOPE::VORE_S | Beware The Penguins... | Fri Sep 06 1996 11:13 | 57 |
4026.3 | AOL has it backwards ! | PAWN21::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Fri Sep 06 1996 14:53 | 14 |
4026.4 | HAH! case in point | PAWN21::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Fri Sep 06 1996 15:29 | 124 |
4026.5 | | MOVIES::POTTER | http://www.vmse.edo.dec.com/~potter/ | Fri Sep 06 1996 15:34 | 5 |
4026.6 | Not from AOL | CADSYS::LARRICK | | Fri Sep 06 1996 15:38 | 13 |
4026.7 | | TOHOPE::VORE_S | Beware The Penguins... | Fri Sep 06 1996 15:43 | 2 |
4026.8 | Get Ready for the SPAM SLAP Suit | MR1MI1::VILCANS | | Fri Sep 06 1996 16:50 | 14 |
4026.9 | spam? | INDYX::ram | Ram Rao, PBPGINFWMY | Fri Sep 06 1996 17:45 | 6 |
4026.10 | | BBRDGE::LOVELL | | Fri Sep 06 1996 18:10 | 19 |
4026.11 | spam = unreasonably wide broadcast | SMURF::PBECK | It takes a Village: you're No. 6 | Fri Sep 06 1996 18:33 | 5 |
4026.12 | | PAWN21::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Fri Sep 06 1996 19:29 | 10 |
4026.13 | | SMURF::PBECK | It takes a Village: you're No. 6 | Fri Sep 06 1996 21:34 | 18 |
4026.14 | | AXEL::FOLEY | Rebel Without a Clue-foley@zko.dec.com | Sat Sep 07 1996 17:17 | 5 |
4026.15 | | NEWVAX::LAURENT | Hal Laurent @ COP | Mon Sep 09 1996 13:11 | 7 |
4026.16 | Lots of people must actually eat it... | QUARRY::neth | Craig Neth | Mon Sep 09 1996 13:39 | 7 |
4026.17 | One population that appears to like it... | CSC32::BOWMAN | Mission Critical OpenVMS;Windows NT Support | Mon Sep 09 1996 13:47 | 6 |
4026.18 | made me think about an interesting point | AZTECH::LASTOVICA | Comparisons are as bad as cliches | Mon Sep 09 1996 13:57 | 7 |
4026.19 | | QUARK::LIONEL | Free advice is worth every cent | Mon Sep 09 1996 14:45 | 8 |
4026.20 | | PAWN21::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Mon Sep 09 1996 14:49 | 5 |
4026.21 | | QUARK::LIONEL | Free advice is worth every cent | Mon Sep 09 1996 14:51 | 6 |
4026.22 | | RUSURE::EDP | Always mount a scratch monkey. | Mon Sep 09 1996 18:41 | 10 |
4026.23 | | DSNENG::KOLBE | Wicked Wench of the Web | Mon Sep 09 1996 18:44 | 9 |
4026.24 | | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Mon Sep 09 1996 18:49 | 20 |
4026.25 | Just helping the Metcalfe Meltdown along... | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Mon Sep 09 1996 18:50 | 4 |
4026.26 | | NPSS::GLASER | Steve Glaser DTN 226-7212 LKG1-2/W6 (G17) | Mon Sep 09 1996 19:24 | 8 |
4026.27 | | MR1MI1::VILCANS | | Mon Sep 09 1996 20:08 | 12 |
4026.28 | | CSC32::BROOK | | Mon Sep 09 1996 22:10 | 30 |
4026.29 | AOL's action was not probably not on request of their subscribers. | CECAMO::JAGERMAN | Caspar DTN 843-8718 | Tue Sep 10 1996 07:37 | 7 |
4026.30 | forged spam | FORTY2::NEWELL | Tony Newell | Tue Sep 10 1996 09:28 | 15 |
4026.31 | | PLAYER::BROWNL | Well, perhaps just a wafer-thin mint... | Tue Sep 10 1996 11:16 | 10 |
4026.32 | | RUSURE::EDP | Always mount a scratch monkey. | Tue Sep 10 1996 12:44 | 16 |
4026.33 | I like the "pay to send email" idea | PAWN21::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Tue Sep 10 1996 13:37 | 10 |
4026.34 | | PLAYER::BROWNL | Well, perhaps just a wafer-thin mint... | Tue Sep 10 1996 14:26 | 9 |
4026.35 | | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Tue Sep 10 1996 14:47 | 11 |
4026.36 | | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Tue Sep 10 1996 14:50 | 11 |
4026.37 | Re: .32; recipient also pays for smail | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Tue Sep 10 1996 16:02 | 17 |
4026.38 | | CSC32::BROOK | | Tue Sep 10 1996 17:06 | 42 |
4026.39 | I once got a 4 Meg e-mail spam message | CONSLT::OWEN | Stop Global Whining | Tue Sep 10 1996 17:11 | 20 |
4026.40 | your analogy trying to correct a previous analogy is also flawed :-) | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Tue Sep 10 1996 18:39 | 35 |
4026.41 | RE: 4026.39 | LJSRV2::phones.ljo.dec.com::kotok | Alan Kotok, ISBU, kotok@ljo.dec.com, DTN 226-2936 | Tue Sep 10 1996 19:13 | 15 |
4026.42 | I just recycle it, like I do for regular junk mail. | BIGUN::KEOGH | I choose to enter this note now. | Tue Sep 10 1996 22:58 | 8 |
4026.43 | Don't ignore them, route around them! :-) | WTFN::SCALES | Despair is appropriate and inevitable. | Wed Sep 11 1996 01:20 | 15 |
4026.44 | | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Wed Sep 11 1996 13:50 | 9 |
4026.45 | don't spam the spamme | WRLMTS::VIGEANT | Wayne Vigeant | Wed Sep 11 1996 14:24 | 8 |
4026.46 | | HANNAH::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Wed Sep 11 1996 17:06 | 13 |
4026.47 | | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Wed Sep 11 1996 17:35 | 14 |
4026.48 | | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Wed Sep 11 1996 17:57 | 13 |
4026.49 | | DECCXL::OUELLETTE | To err is human, to moo bovine | Wed Sep 11 1996 19:52 | 3 |
4026.50 | | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Wed Sep 11 1996 20:05 | 15 |
4026.51 | | FUNYET::ANDERSON | Just say NO to Clinton & Dole! | Wed Sep 11 1996 20:27 | 5 |
4026.52 | I don't like getting junk mail from inside DEC either | VESPER::VESPER | Member: APS notes-reading tag-team | Wed Sep 11 1996 20:30 | 7 |
4026.53 | Talking about spammers :-) | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Wed Sep 11 1996 22:03 | 9 |
4026.54 | A Fairy Tale Solution | SNOFS1::FOWLERMARK | Mark Fowler | Thu Sep 12 1996 01:05 | 20 |
4026.55 | credit where credit is due | BBRDGE::LOVELL | | Thu Sep 12 1996 07:10 | 18 |
4026.56 | | VANGA::KERRELL | Eddie Stobart Truck Spotters Club | Thu Sep 12 1996 09:02 | 7 |
4026.57 | | RUSURE::EDP | Always mount a scratch monkey. | Thu Sep 12 1996 13:04 | 16 |
4026.58 | | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Thu Sep 12 1996 13:18 | 11 |
4026.59 | | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Thu Sep 12 1996 13:50 | 7 |
4026.60 | Readers Choice should be a set of news groups/Notesfiles | WTFN::SCALES | Despair is appropriate and inevitable. | Thu Sep 12 1996 14:26 | 14 |
4026.61 | What have you done to change the situation? | BBRDGE::LOVELL | | Thu Sep 12 1996 15:02 | 24 |
4026.62 | | QUARK::LIONEL | Free advice is worth every cent | Thu Sep 12 1996 15:44 | 3 |
4026.63 | More digression on reader's choice | EDWIN::TAC | | Thu Sep 12 1996 21:56 | 18 |
4026.64 | | HERON::KAISER | | Fri Sep 13 1996 10:28 | 13 |
4026.65 | Wrong target | FUNYET::ANDERSON | Just say NO to Clinton & Dole! | Fri Sep 13 1996 15:05 | 8 |
4026.66 | | BIGUN::nessus.cao.dec.com::Mayne | UFS is fscked [sic]. | Mon Sep 16 1996 03:08 | 21 |
4026.67 | It will soon be Spring in OZ ... | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Mon Sep 16 1996 04:27 | 10 |
4026.68 | <LI><a href="http://webrc.das.dec.com/">Digital Reader's Choice Homepage </a> | HELIX::SONTAKKE | | Mon Sep 16 1996 13:14 | 4 |
4026.69 | | BIGUN::nessus.cao.dec.com::Mayne | UFS is fscked [sic]. | Mon Sep 16 1996 21:38 | 14 |
4026.70 | ... and we don't even use US currency!!! | BIGUN::KEOGH | I choose to enter this note now. | Tue Sep 17 1996 00:07 | 32 |
4026.71 | | HERON::KAISER | | Tue Sep 17 1996 06:52 | 14 |
4026.72 | | QUARK::LIONEL | Free advice is worth every cent | Tue Sep 17 1996 15:50 | 4 |
4026.73 | | CFSCTC::SMITH | Tom Smith MRO1-3/D12 dtn 297-4751 | Tue Sep 17 1996 16:19 | 22 |
4026.74 | it's a new world out there | DSNENG::KOLBE | Wicked Wench of the Web | Tue Sep 17 1996 17:16 | 3 |
4026.75 | yeah, right! | BIGUN::TANNER | Mr. Internet | Tue Sep 17 1996 22:47 | 12 |
4026.76 | mea culpa maybe | BIGUN::KEOGH | I choose to enter this note now. | Tue Sep 17 1996 23:08 | 33 |
4026.77 | | BIGUN::nessus.cao.dec.com::Mayne | UFS is fscked [sic]. | Tue Sep 17 1996 23:22 | 10 |
4026.78 | | CFSCTC::SMITH | Tom Smith MRO1-3/D12 dtn 297-4751 | Wed Sep 18 1996 00:47 | 50 |
4026.79 | I love the smell of a good flame war in the morning | BIGUN::KEOGH | I choose to enter this note now. | Wed Sep 18 1996 02:36 | 67 |
4026.80 | I prefer a good cup of coffee | CFSCTC::SMITH | Tom Smith MRO1-3/D12 dtn 297-4751 | Wed Sep 18 1996 03:17 | 1 |
4026.81 | They're biting today, mark the boat for tomorrow. | BIGUN::nessus.cao.dec.com::Mayne | UFS is fscked [sic]. | Wed Sep 18 1996 04:56 | 37 |
4026.82 | | BBRDGE::LOVELL | | Wed Sep 18 1996 06:46 | 21 |
4026.83 | | BIGUN::nessus.cao.dec.com::Peter Mayne | UFS is fscked [sic]. | Wed Sep 18 1996 07:16 | 8 |
4026.84 | | DECCXX::WIBECAN | Get a state on it | Wed Sep 18 1996 13:51 | 7 |
4026.85 | | DSNENG::KOLBE | Wicked Wench of the Web | Wed Sep 18 1996 15:31 | 5 |
4026.86 | | HANNAH::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Wed Sep 18 1996 20:58 | 16 |
4026.87 | It ain't that simple | BIGUN::KEOGH | I choose to enter this note now. | Wed Sep 18 1996 23:28 | 18 |
4026.88 | Ridiculous | FUNYET::ANDERSON | Just say NO to Clinton & Dole! | Thu Sep 19 1996 14:10 | 12 |
4026.89 | | HANNAH::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Thu Sep 19 1996 14:18 | 18 |
4026.90 | No White after Labor Day | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Thu Sep 19 1996 14:32 | 12 |
4026.91 | | DECCXX::WIBECAN | Get a state on it | Thu Sep 19 1996 14:33 | 32 |
4026.92 | My spam ration for the day | PCBUOA::BAYJ | Jim Bay, peripheral visionary | Thu Sep 19 1996 14:42 | 55 |
4026.93 | | BHAJEE::JAERVINEN | Ora, the Old Rural Amateur | Thu Sep 19 1996 14:44 | 9 |
4026.94 | | AXEL::FOLEY | Rebel Without a Clue-foley@zko.dec.com | Thu Sep 19 1996 14:47 | 8 |
4026.95 | | RANGER::WASSER | John A. Wasser | Thu Sep 19 1996 14:50 | 29 |
4026.96 | | BHAJEE::JAERVINEN | Ora, the Old Rural Amateur | Thu Sep 19 1996 14:56 | 13 |
4026.97 | rat on a rat on a rat ... | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Thu Sep 19 1996 15:31 | 9 |
4026.98 | Returning ever so slightly towards the topic... | ATLANT::SCHMIDT | See http://atlant2.zko.dec.com/ | Thu Sep 19 1996 16:21 | 11 |
4026.99 | | CONSLT::OWEN | Stop Global Whining | Thu Sep 19 1996 19:55 | 4 |
4026.100 | | PCBUOA::BAYJ | Jim Bay, peripheral visionary | Thu Sep 19 1996 20:59 | 15 |
4026.101 | | BIGUN::nessus.cao.dec.com::Peter Mayne | UFS is fscked [sic]. | Thu Sep 19 1996 22:23 | 27 |
4026.102 | U.S time is coming... | BIGUN::BAKER | Digital WAS a software company | Thu Sep 19 1996 23:28 | 11 |
4026.103 | | LJSRV2::tecotoo.ibg.ljo.dec.com::mayer | Danny Mayer | Fri Sep 20 1996 13:19 | 8 |
4026.104 | | QUARK::LIONEL | Free advice is worth every cent | Tue Sep 24 1996 17:40 | 6 |
4026.105 | A sad state of affairs... | CONSLT::OWEN | Stop Global Whining | Tue Sep 24 1996 20:01 | 15 |
4026.106 | The text of that article (to save the co. some cycles :-) | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Tue Sep 24 1996 23:13 | 48 |
4026.107 | | BIGUN::nessus.cao.dec.com::Peter Mayne | J is for Jenius | Sun Sep 29 1996 23:10 | 52 |
4026.108 | | HANNAH::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Mon Sep 30 1996 15:14 | 42 |
4026.109 | | QUARK::LIONEL | Free advice is worth every cent | Mon Sep 30 1996 16:05 | 5 |
4026.110 | | HANNAH::OSMAN | see HANNAH::IGLOO$:[OSMAN]ERIC.VT240 | Mon Sep 30 1996 17:14 | 17 |
4026.111 | | RANGER::WASSER | John A. Wasser | Mon Sep 30 1996 18:04 | 16 |
4026.112 | | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Mon Sep 30 1996 18:28 | 26 |
4026.113 | | CFSCTC::SMITH | Tom Smith MRO1-3/D12 dtn 297-4751 | Mon Sep 30 1996 19:07 | 6 |
4026.114 | | BIGUN::nessus.cao.dec.com::Peter Mayne | J is for Jenius | Mon Sep 30 1996 21:36 | 3 |
4026.115 | Correct, VRFY is not in min. req. impl., but RCPT is (obviously :-) | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Tue Oct 01 1996 00:15 | 20 |
4026.116 | Re: The spam war heats up... | QUABBI::"ed@pa.dec.com" | | Tue Oct 01 1996 02:28 | 27 |
4026.117 | | DECC::OUELLETTE | To err is human, to moo bovine | Mon Oct 07 1996 23:24 | 1 |
4026.118 | | QUARK::LIONEL | Free advice is worth every cent | Tue Oct 08 1996 14:28 | 4 |
4026.119 | Anti-spam rules! | WOTVAX::HILTON | Save Water, drink beer | Tue Oct 15 1996 16:41 | 10 |
4026.120 | SPAM | PYRO::RON | Ron S. van Zuylen | Tue Oct 15 1996 17:05 | 10 |
4026.121 | | WOTVAX::HILTON | Save Water, drink beer | Wed Oct 16 1996 08:35 | 6 |
4026.122 | | CONSLT::OWEN | Stop Global Whining | Wed Oct 16 1996 12:29 | 7 |
4026.123 | What do we do about spams that are talking about breaking the law ? | STAR::FENSTER | Yaacov Fenster, Process Improvement, Quality & Testing tools @ZK | Mon Oct 21 1996 13:48 | 84 |
4026.124 | Send it to Corporate Security | CONSLT::OWEN | Stop Global Whining | Mon Oct 21 1996 13:53 | 8 |
4026.125 | Security | BBRDGE::LOVELL | | Mon Oct 21 1996 13:56 | 4 |
4026.126 | | QUARK::LIONEL | Free advice is worth every cent | Mon Oct 21 1996 16:48 | 6 |
4026.127 | | skylab.zko.dec.com::FISHER | Gravity: Not just a good idea. It's the law! | Mon Oct 21 1996 18:03 | 7 |
4026.128 | | skylab.zko.dec.com::FISHER | Gravity: Not just a good idea. It's the law! | Mon Oct 21 1996 18:12 | 4 |
4026.129 | | PCBUOA::BAYJ | Jim, Portables | Tue Oct 22 1996 16:02 | 7 |
4026.130 | spam is dull stuff | DSNENG::KOLBE | Wicked Wench of the Web | Tue Oct 22 1996 18:41 | 5 |
4026.131 | Sounds like someone trawling for controversy | SMURF::PBECK | It takes a Village: you're No. 6 | Tue Oct 22 1996 18:54 | 5 |
4026.132 | | QUARK::LIONEL | Free advice is worth every cent | Tue Oct 22 1996 20:55 | 4 |
4026.133 | | SMURF::PBECK | It takes a Village: you're No. 6 | Tue Oct 22 1996 21:26 | 2 |
4026.134 | | QUARK::LIONEL | Free advice is worth every cent | Wed Oct 23 1996 13:52 | 3 |
4026.135 | commercial spamming services | TUXEDO::ROSENBAUM | Rich Rosenbaum | Thu Oct 24 1996 10:54 | 5 |
4026.136 | | netrix.lkg.dec.com::thomas | The Code Warrior | Thu Oct 24 1996 14:43 | 1 |
4026.137 | CompuServe joins the battle against spam | QUARK::LIONEL | Free advice is worth every cent | Fri Oct 25 1996 17:39 | 144 |
4026.138 | | JAMMER::Jack | Marty Jack | Fri Oct 25 1996 17:54 | 1 |
4026.139 | | TURRIS::lspace.zko.dec.com::winalski | PLIT happens... | Fri Oct 25 1996 18:08 | 8 |
4026.140 | | QUARK::LIONEL | Free advice is worth every cent | Fri Oct 25 1996 18:29 | 3 |
4026.141 | just wondering | SMURF::PBECK | It takes a Village: you're No. 6 | Mon Oct 28 1996 11:51 | 4 |
4026.142 | | QUARK::LIONEL | Free advice is worth every cent | Mon Oct 28 1996 18:31 | 4 |
4026.143 | CyberPromotions down for the count... | QUARK::LIONEL | Free advice is worth every cent | Mon Oct 28 1996 19:00 | 56 |
4026.144 | | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Mon Oct 28 1996 20:05 | 10 |
4026.145 | Article on Cyber Promotions (~80 lines) | WRKSYS::TATOSIAN | The Compleat Tangler | Tue Oct 29 1996 02:24 | 83 |
4026.146 | | QUARK::LIONEL | Free advice is worth every cent | Tue Oct 29 1996 12:04 | 4 |
4026.147 | capitalism keeps life interesting :-) | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Tue Oct 29 1996 13:07 | 7 |
4026.148 | AltaVista UCE | CONSLT::OWEN | Stop Global Whining | Thu Nov 07 1996 12:27 | 53 |
4026.149 | | VAXCPU::michaud | Jeff Michaud - ObjectBroker | Thu Nov 07 1996 13:03 | 8 |
4026.150 | Probably nothing... | CONSLT::OWEN | Stop Global Whining | Thu Nov 07 1996 13:18 | 20 |
4026.151 | And I thought I'd seen everything.... | QUARK::LIONEL | Free advice is worth every cent | Fri Nov 08 1996 21:43 | 79 |
4026.152 | | LJSRV2::teco3.ibg.ljo.dec.com::mayer | Danny Mayer | Sat Nov 09 1996 22:08 | 8 |
4026.153 | Another posting on news.admin.net-abuse.misc | CONSLT::OWEN | Stop Global Whining | Mon Nov 11 1996 11:00 | 64 |
4026.154 | | BIGUN::nessus.cao.dec.com::Mayne | Churchill's black dog | Tue Feb 25 1997 02:11 | 111 |
| [
Interesting that they don't include an email address.
"From:" says product-link@usa.net.
PJDM
]
*If you want to be removed from our mailing list, please respond to this
email and put "Remove" in the subject line.
We will send out your bulk E Mail. Period. No qualifiers, no conditions,
no nonsense...and we'll do it at the best prices.
Call us as (805) 654-4042.
We are Product Link. We are a business partner with a marketing
company which develops buyers for its clients' products through electronic
marketing; primarily broadcast fax. Together, we have over a hundred clients,
almost 10% of which are Fortune 500 companies. We have numerous staff,
and have just begun, at client request, to send high volumes of E Mail.
If you're new to bulk E Mail marketing, as we were a short time ago, I can
confirm that all the E Mails you've been getting from E Mail software
companies about how great E Mail marketing is; well, they're true. However,
as those of you who have already purchased software and have tried bulk
E mail know, nothing good ever comes easy.
Our staff has spent millions of advertising dollars on our clients' behalf;
everything from commercials on the Superbowl to ads in the New York Times,
to full page spreads in Scientific American.; not to mention the sending
of over 1,000,000 marketing faxes a year for major corporations.
Bulk E mail has been quite an eye opener.
The Internet, the on line services and ISP providers are full of shrill,
self appointed "net cops," whose mission in life seems to be dumping on those
who have the audacity to sell product via E Mail. I don't wish nor intend
to debate the issue here, except to say that if you've purchased bulk E Mail
software (or intend to), you've already found out that when you attempt to
use it, your ISP provider will shut you down, your E Mail account will be
bombed, and electronic flames will become a way of life.
Since we have a low tolerance for allowing small groups of vocal fanatics
to dictate our business life, we set up our own system to send out Bulk
E Mail. This system will be greatly expanded in 30 days or so (we're
installing more T lines), but we currently have room on our system to send
out Bulk E Mail for a limited number of companies or individuals other
than ourselves.
We'll send out your order, large or small. We'll do it quickly, and
we'll do it at a really great price. You can supply the list, or we'll
supply the list. Place an order with us, and we'll give you advice on
how to set up your E Mail so your on line service won't shut you down, how
to write your material, and much more. We will also write your marketing
material, if you so desire. If you supply a list, we can run it through
our computer program to sort out all duplicates and bad AOL or CompuServe
addresses. If you buy a list from us, we will guarantee that the exact
number of names you order will go out; if we send a list for you and a
number of addresses are not delivered, we will send out more E Mails until
you get delivered exactly what you ordered. We can even tell you how to
confirm that your list was sent.
We also have programs that can filter out E Mail "bombs" and other
irritating toys played with at your expense by people who don't
have a life.
When we first began exploring bulk E mail, we contacted numerous firms
advertising that they would send out bulk E mail. What we got was
answering machines, disconnected numbers, and no call backs. The one firm
that did contract us would only send limited numbers of E mails for
us, and then only if we had already sent the list out once and taken off all
the removes (go figure...if we could send out the list once, what did we
need them for?). We finally got so exasperated, we set up our own system.
And are we glad we did. Speaking as a marketing man with over 30 years
experience in major advertising, E Mail marketing will change the face of
advertising and cost of sale forever. I do not believe that has ever been
a vehicle like it in history to allow anyone of any size and any budget to
advertise and sell their products literally overnight. We employ 18 people,
and I guarantee you that when you contact us as (805) 654-4042, you'll get a
call back.
Right away. And the office phone number we give you, will have a live
person at the other end.
Following is a price list to give you an idea of the
quality of our company. Please bear in mind that Bulk E Mail is
effective in large numbers; i.e., 25,000 and above.
Price List To Send Bulk E Mail:
Amount Cost Set Up (One Time Fee)
25,000 $150.00 $50.00
50,000 $275.00 $50.00
75,000 $400.00 $50.00
100,000 $550.00 $50.00
Bulk E Mail amounts above 100,000 per sending will be bid on a
case by case basis. If you wish to modem us a list, there may be a
small charge for down load depending on list size. If you wish us to
"clean" your list (remove all duplicates and bad addresses), we will supply a
bid on a case by case basis as with writing your marketing materials and
other services.
If we may be of service to you, please call us directly at
(805) 654-4042. Thank you.
|
4026.155 | | BIGUN::nessus.cao.dec.com::Mayne | Churchill's black dog | Sun Mar 09 1997 22:22 | 19 |
| [From the current RCFoC; PJDM]
March 17 -- A Day That Might Live In Infamy...
You may know the word "spam," Internet slang for unsolicited Email sent out to
many victims, er, recipients. And you may well associate "spamming" with a
company called Cyber Promotions, which has made a name for itself by going
legally head-to-head with AOL and CompuServe for its 4 million junk Emails per
day, and by being evicted from more than one online service.
Well, in the spirit of "If you can't beat 'em, join 'em," the Feb. 20 New York
Times reports that on that fateful day in March, Cyber Promotions will itself
become an Internet Service Provider, and one that doesn't just tolerate, but
lives for -- spamming. However, according to CPI's founder, "Our goal is to
legitimize the bulk e-mail industry and not abuse it," insisting that every bulk
Email contain a mechanism allowing users to remove themselves from that (but not
all) mailing lists.
Your Email box may never again be quite the same.
|
4026.156 | the best part is the brain dead mail protocols.... | TWICK::PETTENGILL | mulp | Thu Apr 24 1997 04:58 | 30 |
| The way that SMTP/RFC822 work is wonderful for spammers.
You want to send mail to a million addresses that might be about 80% valid
and avoid the overhead of handling the bounced mail, PLUS avoid the overhead
of the mail from irate users.
So you create the RFC822 headers so that they say the mail is from
bobpalmer@digital.com and then you connect to the some unsuspecting SMTP
server say at ibm.com and send your mail. IBM gets hit with the load of
transferring your mail to all the addresses on the list and then after
3 days has to handle the overhead of returning it to the sender, which in
this case appears to be Bob Palmer.
And the users who hate to get junk mail reply to Bob Palmer saying
"I'm never going to deal with DEC because your ad for hot girls is offensive".
Note that this is intentional. In 1980, people were thinking in terms of
lots of people using computers, but often using different computers. It
was considered useful to create the appearance of mail originating from a
generic host computer. And SMTP was, after all, Simple, with the expectation
that it would be replaced when required. In the following decade, a replacement
was developed, but the replacement wasn't embraced because it was note developed
in the US by the internet engineering community. Because someone thought that
it would be a good idea to have a standards group involved in developing a
standard, the NBS was given a major role, and they in turn looked to other
standards groups, with it ultimately ending up under ISO.
(Something similar happened to the character standard which is why ISO-Latin-1
is MIME encoded; the last good (American, of course) character standard was
ASCII.)
|
4026.157 | | DSNENG::KOLBE | Wicked Wench of the Web | Fri Apr 25 1997 18:01 | 2 |
| I got one today from, I am not making this up, ISPAM.COM - they are getting
positively cheeky about this. liesl
|
4026.158 | | 60675::nessus.cao.dec.com::Mayne | A wretched hive of scum and villainy | Mon Apr 28 1997 03:06 | 30 |
| From Vogon News:
Internet - New ads may be more effective and obnoxious
{The Wall Street Journal, 24-Apr-97, p. B6}
Now a slew of more advanced - and some say more obnoxious - advertising
methods are either in the works or already being tested, from "robot" programs
designed to deliver animated sales pitches in chat rooms to full-screen ads
that must be downloaded before visitors can see the content they came for.
The next time you enter a chat room, beware: A robot may be listening in.
Type in a phrase like "My house is dirty," for example, and you might just get
a response like: "Hi. I'm Dusty. Would you like to learn more about Black &
Decker's Dustbuster?" Ad "robots" - as Dusty and his kin are called - are
made possible by a server developed by Black Sun Interactive Inc. of San
Francisco. You probably won't run across these robots any time soon: Only
sites that pay to use Black Sun's server can offer the robots, and so far, the
lone taker is Planet Direct Corp. of Wilmington, Mass. (CMG Information
Services Inc., the parent company of Planet Direct, also owns a stake in Black
Sun.) Planet Direct, which launch free chat service on the Web last month,
says more than 10,000 people have registered to use its service, though it
admits that its chat rooms are still relatively quiet on a daily basis. The
robots are to be formally introduced next week along with Planet Direct's 3-D
chat rooms, where chatters get to pick a cartoon character, or "avatar," that
represents them in the digital environment. The lone advertiser so far is
Black & Decker, with its Dusty avatar, which looks like a big Dustbuster with
eyeballs. Dusty approaches users who enter a phrase that closely matches one
in the avatar's memory; then the avatar identifies itself as a pitchman and
offers users tips on how, for example, a Dustbuster can help them clean their
house.
PJDM
|
4026.159 | | CFSCTC::SMITH | Tom Smith MRO1-3/D12 dtn 297-4751 | Mon Apr 28 1997 17:17 | 57 |
| This might be of use to some of you (also posted in HUMANE::DIGITAL).
If you're running sendmail V8.8.0 or later, you can add the following
ruleset and classes to refuse mail from nonexistant domains and from
explicitly listed junk mailers. It's crude, but it seems to cover about
80% of what we're currently getting. Remember to separate left-hand-side,
right-hand-side, and comments in rules with tabs.
Sorry. This won't work with the off-the-shelf sendmail on Ultrix or
Digital UNIX.
In the options section of sendmail.cf (or in LOCAL_CONFIG in the .M4 files):
# database of known spammers
# One user@domain or domain per line
F{abusers}-o /var/adm/sendmailv8/sendmail.abusers
# Domains that won't resolve but that we let in anyway
F{OKdomains}-o /var/adm/sendmailv8/sendmail.OKdomains
# SMTP/DECnet gateway relays
C{decnetgateways}us1rmc.enet.dec.com us2rmc.enet.dec.com us3rmc.enet.dec.com us4rmc.enet.dec.com us5rmc.enet.dec.com us6rmc.enet.dec.com
Just before your mailer definitions (or in LOCAL_RULESETS in the .M4 files)
Scheck_mail
# check for valid domain name (incompatible with DeliveryMode=defer)
R$* $: $>3 $1 make domain canonical
R$* < @ $=w . > $>3 $1 ...@here -> ... (remove local domains)
R$* < @ $={decnetgateways} . > $>3 $1 remove other known intermediate relays
R$- $: $>3 $(dequote $1 $) dequote "foo"@here
R$* $: <?> $1 tag all as unprocessed
R<?> $* < @ $+ . > $* $: <OK> $1 <@$2.> $3 tag resolved names
R<?> $* < @ $={OKdomains} > $* $: <OK> $1 <@$2> $3 tag unresolved names that are OK
R<?> $* < @ $+ . $={OKdomains} > $* $: <OK> $1 <@$2.$3> $4 tag unresolved names that are OK
R<?> $* < @ [ $- . $- . $- .$- ] > $* $: <OK> $1 <@[$2.$3.$4.$5]> $6 Let IP addresses through
# Note that the following (451) causes the message to be deferred
# and retried until the timeout period expires
R<?> $* < @ $+ > $* $#error $: 451 Sender domain unresolvable
# 571 is a permanent "Delivery not authorized, message refused"
# error instead (see RFC 1893), but may reject legitimate messages if
# your nameserver is temporarily sick.
#R<?> $* < @ $+ > $* $#error $@ 5.7.1 $: 571 Sender domain unresolvable
# Now check for real domains we do not want
R<OK> $* < @ $={abusers} . > $* $#error $@ 5.7.1 $: 571 Mail from $2 refused here
R<OK> $* < @ $+ . $={abusers} . > $* $#error $@ 5.7.1 $: 571 Mail from $3 refused here
# convert back to u@domain (remove the trailing dot)
R<OK> $+ $:$>4 $1
# check for full addresses
R$={abusers} $#error $@ 5.7.1 $: 571 Mail from $1 refused here
R$* <$={abusers}> $* $#error $@ 5.7.1 $: 571 Mail from $2 refused here
|
4026.160 | | BUSY::SLAB | Beware of geeks baring grifts | Tue Apr 29 1997 12:22 | 5 |
|
Now I feel I belong ... I got my first spam message [savetrees.com].
But it has nothing to do with saving trees. 8^)
|
4026.161 | | QUARK::LIONEL | Free advice is worth every cent | Thu May 01 1997 14:37 | 5 |
| If I get myself an Exchange mailbox, can I set it up so that spam from
selected domains gets automatically deleted and all other mail gets forwarded
to my zko.dec.com address?
Steve
|
4026.162 | | MRPTH1::16.34.80.132::slab | | Thu May 01 1997 16:08 | 12 |
|
Yes.
Set up an Inbox Assistant which looks for messages from that domain
[savetrees.com covers anything ending in savetrees.com, IE there is
an implied wildcard] and perform action "Delete".
A second Inbox Assistant can be set up such that Advanced Options
look for the same sender address and anything NOT matching that
condition is forwarded elsewhere.
|
4026.163 | | MRPTH1::16.34.80.132::slab | | Thu May 01 1997 16:09 | 5 |
|
Obviously this is a pain in the butt if you are trying to avoid mail
from several known spam addresses, since a separate Assistant is
needed for each domain.
|
4026.164 | | axel.zko.dec.com::FOLEY | http://axel.zko.dec.com | Thu May 01 1997 16:09 | 8 |
|
Sure.. But forwarded mail will look like it comes
from your Exchange account and not from the original
sender. This is fixed in Exchange 5.0
mike
|
4026.165 | | QUARK::LIONEL | Free advice is worth every cent | Thu May 01 1997 17:00 | 3 |
| Time to look into this...
Steve
|
4026.166 | shouldn't need more than one rule | PARZVL::ogodhcp-125-128-214.ogo.dec.com::kennedy | nuncam non paratus | Thu May 01 1997 17:31 | 6 |
| >Obviously this is a pain in the butt if you are trying to avoid mail
>from several known spam addresses, since a separate Assistant is
>needed for each domain.
You can add multiple From addresses separated by ;, so one rule
should be all you need
|
4026.167 | | REGENT::LASKO | Tim - Printing Systems Business | Thu May 01 1997 18:15 | 7 |
| I was fiddling with this earlier and couldn't get this to work, hence
my statements earlier in another thread in this conference.
How do you actually set the Microsoft Exchange Inbox Assistant "From"
field up so there's an "implied wildcard"? The help is less than
helpful on this. Do you simply leave out the "@"? That doesn't seem to
work with my experiments with aliasing my from address in Netscape.
|
4026.168 | Office Filter? | FUNYET::ANDERSON | OpenVMS pays the bills | Thu May 01 1997 18:15 | 5 |
| Can't Office Filter on OpenVMS do this also? Or perhaps it can just check for a
string in the sender's address and doesn't know about the parts of the address
like a domain name.
Paul
|
4026.169 | | CFSCTC::SMITH | Tom Smith MRO1-3/D12 dtn 297-4751 | Thu May 01 1997 20:48 | 14 |
| re: Exchange filters and forwarding
As an alternative to struggling with the peculiarities and weaknesses
of Exchange, you might consider installing sendmail V8 on a friendly
UNIX server (or even on NT) and filtering all your mail through it.
Even procmail filtering with an older sendmail might give you better
results.
If you'd like pre-compiled binaries and sources for sendmail V8.8.5
with mail11v3 support and sendmail.cf M4 files that can be relatively
easily adapted to other sites, see
ftp://ftp.see.mro.dec.com/pub/sendmail/
-Tom
|
4026.170 | | CFSCTC::SMITH | Tom Smith MRO1-3/D12 dtn 297-4751 | Sat May 03 1997 01:28 | 45 |
| I thought this might be interesting. We don't have very many users in
our domain now (maybe 10 active and another 60 or so who've moved on),
but the sender addresses below were blocked over the past 7 days. Each
represents a message sent to an average of 3 or more recipients. The
"451" errors are non-existant domains. The remaining "571" errors are
explicitly blocked spammer addresses and domains.
There are some very good pages about anti-spamming techniques and
"black-listed" addresses, including
Claus Assmann's pages:
http://www.informatik.uni-kiel.de/%7Eca/email/misc.html
Paul Vixie's pages:
http://spam.abuse.net/spam/
The WSRCC pages:
http://www.wsrcc.com/spam/
As somebody else noted, if you're going to blacklist explicit sites you
have to be ready to keep your list up to date, including removing
domains that have changed hands or cleaned up their acts.
Ruleset check_mail (<07984764@07119.com>) rejection: 451 <07984764@07119.com>... Sender domain unresolvable
Ruleset check_mail (<41413144@21616.com>) rejection: 451 <41413144@21616.com>... Sender domain unresolvable
Ruleset check_mail (<61983328@14822.com>) rejection: 451 <61983328@14822.com>... Sender domain unresolvable
Ruleset check_mail (<665@podigy.net>) rejection: 451 <665@podigy.net>... Sender domain unresolvable
Ruleset check_mail (<73592346@92153.unknown>) rejection: 451 <73592346@92153.unknown>... Sender domain unresolvable
Ruleset check_mail (<84102656@03538.com>) rejection: 451 <84102656@03538.com>... Sender domain unresolvable
Ruleset check_mail (<MARKETING@MASS.NET>) rejection: 451 <MARKETING@MASS.NET>... Sender domain unresolvable
Ruleset check_mail (<TheGood@Phonepeople.com>) rejection: 451 <TheGood@Phonepeople.com>... Sender domain unresolvable
Ruleset check_mail (<US6RMC::"Co-OpAds@nowwhereelse.org"@local:.cfsctc.dnet>) rejection: 451 <US6RMC::"Co-OpAds@nowwhereelse.org"@local:.cfsctc.dnet>... Sender domain unresolvable
Ruleset check_mail (<US6RMC::"Fast_Legal_Cash@_._"@local:.cfsctc.dnet>) rejection: 451 <US6RMC::"Fast_Legal_Cash@_._"@local:.cfsctc.dnet>... Sender domain unresolvable
Ruleset check_mail (<US6RMC::"bocaz@bocaz.org"@local:.cfsctc.dnet>) rejection: 451 <US6RMC::"bocaz@bocaz.org"@local:.cfsctc.dnet>... Sender domain unresolvable
Ruleset check_mail (<US6RMC::"emailblaster@allvip.com"@local:.cfsctc.dnet>) rejection: 571 <US6RMC::"emailblaster@allvip.com"@local:.cfsctc.dnet>... Mail from allvip.com refused here
Ruleset check_mail (<US6RMC::"showme@savetrees.com"@local:.cfsctc.dnet>) rejection: 571 <US6RMC::"showme@savetrees.com"@local:.cfsctc.dnet>... Mail from savetrees.com refused here
Ruleset check_mail (<bambi@[207.247.16.217]>) rejection: 451 <bambi@[207.247.16.217]>... Sender domain unresolvable
Ruleset check_mail (<conserve@savetrees.com>) rejection: 571 <conserve@savetrees.com>... Mail from savetrees.com refused here
Ruleset check_mail (<discover@earthsuccess.com>) rejection: 451 <discover@earthsuccess.com>... Sender domain unresolvable
Ruleset check_mail (<newsletter@shoppingplanet.com>) rejection: 571 <newsletter@shoppingplanet.com>... Mail from shoppingplanet.com refused here
Ruleset check_mail (<nycfood@quantcom.com>) rejection: 571 <nycfood@quantcom.com>... Mail from quantcom.com refused here
Ruleset check_mail (<offer@savetrees.com>) rejection: 571 <offer@savetrees.com>... Mail from savetrees.com refused here
Ruleset check_mail (<plat2@mapston.com>) rejection: 451 <plat2@mapston.com>... Sender domain unresolvable
Ruleset check_mail (<starmaker@savetrees.com>) rejection: 571 <starmaker@savetrees.com>... Mail from savetrees.com refused here
Ruleset check_mail (<telecom@savetrees.com>) rejection: 571 <telecom@savetrees.com>... Mail from savetrees.com refused here
Ruleset check_mail (<willie@clock.com>) rejection: 451 <willie@clock.com>... Sender domain unresolvable
Ruleset check_mail (<yu8873@27420.com>) rejection: 451 <yu8873@27420.com>... Sender domain unresolvable
|
4026.171 | | VMSNET::mickey.alf.dec.com::s_vore | Smile, Mickey's watching! vore@mail.dec.com | Mon May 05 1997 11:26 | 11 |
| > How do you actually set the Microsoft Exchange Inbox Assistant "From"
> field up so there's an "implied wildcard"? The help is less than
Just leave out the username@
from: [savetrees.com ]
[X] delete
|
4026.172 | | TURRIS::lspace.zko.dec.com::winalski | PLIT Happens... | Mon May 12 1997 22:44 | 26 |
| RE: .156
>The way that SMTP/RFC822 work is wonderful for spammers.
>
>You want to send mail to a million addresses that might be about 80% valid
>and avoid the overhead of handling the bounced mail, PLUS avoid the overhead
>of the mail from irate users.
>
>So you create the RFC822 headers so that they say the mail is from
>bobpalmer@digital.com and then you connect to the some unsuspecting SMTP
>server say at ibm.com and send your mail. IBM gets hit with the load of
>transferring your mail to all the addresses on the list and then after
>3 days has to handle the overhead of returning it to the sender, which in
>this case appears to be Bob Palmer.
>
>And the users who hate to get junk mail reply to Bob Palmer saying
>"I'm never going to deal with DEC because your ad for hot girls is offensive".
The "unsuspecting SMTP server" could protect itself, if it wished to,
by only accepting messages from a set of known, trusted IP addresses. It
wouls also be possible for it to analyze the SMTP return-path and the various
RFC822 headers to detect forgery (e.g., domain in From: name doesn't match
IP address of the poster) and to reject such messages. But this does of
course require extra work.
--PSW
|
4026.173 | | BIGUN::nessus.cao.dec.com::Mayne | A wretched hive of scum and villainy | Tue May 13 1997 00:21 | 5 |
| So has anyone else received the "mother of all sands" spam? I laughed until I
stopped.
PJDM
|
4026.174 | | TWICK::PETTENGILL | mulp | Thu May 15 1997 06:03 | 21 |
| >wouls also be possible for it to analyze the SMTP return-path and the various
>RFC822 headers to detect forgery (e.g., domain in From: name doesn't match
>IP address of the poster) and to reject such messages. But this does of
If you mean that you analyze the From path to see if the TLD (top level domain)
matches, ie., that port1.server5.fx4.dec.com matches the dec.com in
palmer@mail.dec.com, then yes you could do that much. That would presumably
prevent someone other than a DEC employee or contractor from impersonating him.
It would still provide no information on who sent the mail.
What is really required is an architecture where the mail user agent deals
only with a postoffice over an authenticated connection and then the mail
transfer agents deal only with known agents. It is certainly possible to
violate the assumptions that people would have with such a system, but now
you would be able to identify the break in the trust relationship and if
nothing else remove the trust relationship, ie., not transfer mail to/from
the untrustworthy party.
Of course, this is not an acceptable solution to many people because it would
effectively remove control of the system from the hands of most people.
The problem is how to eliminate trouble makers when you chose anarchy.
|
4026.175 | | TURRIS::lspace.zko.dec.com::winalski | PLIT Happens... | Thu May 15 1997 17:38 | 19 |
| >If you mean that you analyze the From path to see if the TLD (top level domain)
>matches, ie., that port1.server5.fx4.dec.com matches the dec.com in
>palmer@mail.dec.com, then yes you could do that much. That would presumably
>prevent someone other than a DEC employee or contractor from impersonating him.
>It would still provide no information on who sent the mail.
I said something a bit stronger than that. I said check that the machine making
the SMTP connection has an IP address matching the domain name in the From:
field. In other words, only accept a message for initial delivery that says
"From: palmer@mail.dec.com" if it comes from the IP address of mail.dec.com.
The second part of the plan is to only accept forwarded messages from a list of
known and trusted IP addresses.
This isn't quite as strong as your idea of using only authenticated connections,
but it's roughly the same.
--PSW
|
4026.176 | | 60675::nessus.cao.dec.com::Mayne | A wretched hive of scum and villainy | Thu May 15 1997 22:00 | 15 |
| > In other words, only accept a message for initial delivery that says
> "From: palmer@mail.dec.com" if it comes from the IP address of mail.dec.com.
Presumably you mean "...if it comes from one of the IP addresses that the MX
record for mail.dec.com points to", since there is no IP address for
mail.dec.com.
This gets a bit more complicated when you consider mail systems with multiple
NICs/addresses/names. Then there's DNS spoofing.
The second part of your plan comes apart when someone who isn't yet a customer
of ours, but wants to be, tries to send us mail and can't because we don't trust
them.
PJDM
|
4026.177 | | TURRIS::lspace.zko.dec.com::winalski | PLIT Happens... | Fri May 16 1997 17:35 | 9 |
| >The second part of your plan comes apart when someone who isn't yet a customer
>of ours, but wants to be, tries to send us mail and can't because we don't
>trust them.
Only if that potential customer's mail is being routed through a SMTP server
that we don't trust. Any scheme for solving these problems is going to depend
on a web of mutually-trusted mail servers that forward to each other.
--PSW
|
4026.178 | Or get rid of SMTP | TWICK::PETTENGILL | mulp | Tue May 20 1997 02:57 | 12 |
| Which is the point of Microsoft and Digital working together to make Exchange
the most widely used mail system.
Exchange is at least similar to, if not based on, the ISO messaging model
(X.400 1992, et al). In this model, PCs don't get to send messages except
via a server where they have been authenticated, and the mail is routed based
on a global, replicated, directory.
Now, depending on your point of view, the ISO X.400 message model is the
response to the quest for the needed replacement for SMTP, et al, or is the
vampire dog created when SMTP fell under the evil spell of ISO, and was brought
across in the early 80s.
|
4026.179 | | TURRIS::lspace.zko.dec.com::winalski | PLIT Happens... | Wed May 21 1997 16:49 | 10 |
| RE: .178
SMTP mail today is routed based on a global, replicated directory (DNS MX
records). [Yes, one can theoretically use source routing but in practice nobody
does.] And nothing prevents one from implementing a X.400 server on a PC. If
X.400 security is any better than exists in the SMTP world, it's only because
X.400 administrators give it more attention. There's nothing inherently more
secure about the X.400 protocol suite.
--PSW
|
4026.180 | am I you@sweden.it.earthlink.net ?? | HELIX::SONTAKKE | | Thu May 22 1997 18:39 | 24 |
| How did this thing reach me? Here are the headers; my name is never
mentioned anywhere.
From andrewr@earthfriends.com Thu May 22 14:29:36 1997
Received: from quarry.zk3.dec.com by kamlia.zk3.dec.com; (5.65v3.2/1.1.8.2/05Mar
96-0145PM)
id AA23431; Thu, 22 May 1997 14:29:34 -0400
Received: from mail11.digital.com by quarry.zk3.dec.com; (5.65v3.2/1.1.8.2/16Jan
95-0946AM)
id AA17809; Thu, 22 May 1997 14:29:30 -0400
Received: from sweden.it.earthlink.net by mail11.digital.com (8.7.5/UNX 1.5/1.0/
WV)
id NAA17188; Thu, 22 May 1997 13:50:42 -0400 (EDT)
Received: from SunshineBellAnd (hdn105-023.hil.compuserve.com [206.175.106.23])
by sweden.it.earthlink.net (8.8.5/8.8.5) with SMTP id KAA03998;
Thu, 22 May 1997 10:00:21 -0700 (PDT)
Date: Thu, 22 May 1997 10:00:21 -0700 (PDT)
Message-Id: <199705221700.KAA03998@sweden.it.earthlink.net>
Comments: Authenticated sender is <andrewr@earthfriends.com>
From: "Long Distance" <longdistance@earthfriends.com>
To: you@sweden.it.earthlink.net
Subject: $0.10 a minute day rate
X-Mailer: Floodgate Pro 5.0
|
4026.181 | | TURRIS::lspace.zko.dec.com::winalski | PLIT Happens... | Thu May 22 1997 19:20 | 15 |
| you@sweden.it.earthlink.net is probably a distribution list service.
sweden.it.earthlink.net is the first SMTP server that one can definitely say was
involved in delivering this message (I'm assuming here that we can trust
mail11.digital.com not to have forged any headers). If we assume that the next
prior received header is also not forged, then the message seems to have
originated from a machine called SunshineBellAnd, through what looks like a
temporary IP address assigned by CompuServe.
Bottom line: your email address is on a list that the spammer either put
together himself or bought from some spamming service. I like the name of his
mailer: "Floodgate Pro".
--PSW
|
4026.182 | | HELIX::SONTAKKE | | Thu May 22 1997 19:56 | 2 |
| I get tonne of junk mail on my other address but this was the first one
which showed up at this address.
|
4026.183 | | HYDRA::SMITH | Tom Smith ZKO1-3/H42 +1 603 881-6329 | Fri May 23 1997 00:43 | 29 |
| re: .180
Unfortunately, you can't trust any postmark that precedes the one
received _from_ the "digital.com" relay. All of it can be forged.
Digital's gateway relays don't authenticate the originating host name
(by showing the IP address that actually made the connection), so the
"xxx" in "Received: from xxx by mail11.digital.com" can potentially be
anything you want it to be.
For example, the sender in .180 could have been running a program that
makes an SMTP connection directly to mail11.digital.com, identifies
itself as "sweden.it.earthlink.net" and sends a text body that includes
the remaining headers and the message. Spammers now seek out
non-authenticating relays for their origination points so they can
better hide their true identity.
If it did actually travel through earthlink.net, it came from a
Compuserve account connecting directly to an earthlink relay. However,
"earthfriends.com" is a Cyberpromo domain, and earthlink.com just
filed suit against them, so draw your own conclusions.
In any case, it was sent to a mailing list (and a very big one).
If you want to learn more than you ever wanted to know about these
slime balls' methods and the latest spam scams, see the
news.admin.net-abuse.email newsgroup.
-Tom
|
4026.184 | | HELIX::SONTAKKE | | Fri May 23 1997 13:20 | 8 |
| Even if it was a part of very big mailing list, the mail forwarder within
the DEC domain has to know that one of the recepiant was me
(i.e. sontakke@zk3.dec.com)
Why is that not anywhere in the header? How about "Apparently to: " or
something like that?
- Vikas
|
4026.185 | | JAMIN::OSMAN | Eric Osman, dtn 226-7122 | Fri May 23 1997 13:22 | 35 |
|
For personal mail use, instead of trying to filter spam, how
about a mail system that only allows in mail from addresses
I've allowed.
For example, suppose I meet you at the beach, and I ask you
for your email address. When I get home, I take the slip of
paper out of my pocket and (if the ink hasn't smeared due to the water),
I type your email adr from that paper into my mail system.
Obviously, this method isn't for the business use where we want
unsolicited email from prospective customers.
Actually, the above system could be made a bit more flexible with
the option of query-rcv which would query me when unknown mail is
trying to arrive, with something like:
attempt to mail you from unknown address makemoney@yourconvenience
Would you like this mail ?
[] yes, this time
[] yes, don't ask me next time
[] no, not this time
[] no, don't ask me next time
That way, even if I forgot to enter my new friend's email adr, or the
ink smeared because I swam again after putting the paper in my pocket,
I'd get an oppurtunity to receive their mail.
/Eric
|
4026.186 | | HYDRA::SMITH | Tom Smith ZKO1-3/H42 +1 603 881-6329 | Fri May 23 1997 13:53 | 26 |
| re: .184
> Even if it was a part of very big mailing list, the mail forwarder
> within
> the DEC domain has to know that one of the recepiant was me
> (i.e. sontakke@zk3.dec.com)
>
> Why is that not anywhere in the header? How about "Apparently to: " or
> something like that?
In SMTP, there are "envelope" addresses for the sender and recipient(s)
and there are "header" addresses that you see at the beginning of the
message text. The addresses that are used to route a message for
delivery are the "envelope" addresses, and those do not appear in the
headers (although, except for lists, they are often the same). The
headers generally contain what the sender originally put there, but
they, like the envelope addresses, may be re-written and translated at
various relays and gateways along the way (for example, NODE::USER ->
user@node.enet.dec.com).
In this case, your address and a few thousand others were in the
envelope recipient list as a result of an SMTP agent expanding a list
(as opposed to a mailer expanding it before passing the message to an
SMTP agent).
-Tom
|
4026.187 | | VMSNET::mickey.alf.dec.com::s_vore | Smile, Mickey's watching! vore@mail.dec.com | Fri May 23 1997 16:04 | 9 |
| > For personal mail use, instead of trying to filter spam, how
> about a mail system that only allows in mail from addresses
> I've allowed.
>
there are folks doing this sort of thing already... see for example
http://www.cs.helsinki.fi/~wirzeniu/mailfilter.html for a creative
solution.
|
4026.188 | | TURRIS::lspace.zko.dec.com::winalski | PLIT Happens... | Fri May 23 1997 18:43 | 5 |
| RE: .183
It's probably time to start using an authenticating relay at our firewall.
--PSW
|
4026.189 | | HYDRA::SMITH | Tom Smith ZKO1-3/H42 +1 603 881-6329 | Fri May 23 1997 21:20 | 29 |
| re: .-1 (re: .183)
Here's an example I just sent from the relative comfort of my cube in
ZKO. Have a great weekend! :-)
From: SMTP%"president@whitehouse.gov" 23-MAY-1997 17:13:42.75
To: smith
CC:
Subj: Hey Bubba
Return-Path: president@whitehouse.gov
Received: by vaxsim.mro.dec.com (UCX V4.1-12, OpenVMS V6.2 VAX);
Fri, 23 May 1997 17:13:40 -0400
Received: from mail11.digital.com (mail11.digital.com [192.208.46.10])
by seeaxp.see.mro.dec.com (8.8.5a+mail11/8.8.5a/V2.3) with ESMTP id RAA25884
for <smith@see.mro.dec.com>; Fri, 23 May 1997 17:13:37 -0400 (EDT)
Received: from storm.eop.gov by mail11.digital.com (8.7.5/UNX 1.5/1.0/WV)
id RAA19235; Fri, 23 May 1997 17:05:14 -0400 (EDT)
Date: Fri, 23 May 1997 17:00:00 -0500 (EDT)
From: Bill Clinton <president@whitehouse.gov>
Message-Id: <199705231234.IAA10475@storm.eop.gov>
Subject: Hey Bubba
Hey Tom!
Have a great weekend!
Your pal, Bill
|
4026.190 | Maybe DEC will fix its external servers... | TWICK::PETTENGILL | mulp | Fri May 23 1997 23:33 | 19 |
| I responded to the "security memo" a few weeks ago which discussed spam
pointing out that they failed to admonish everyone to avoid replying to
spam, and also pointing out that DEC's external SMTP servers can be used
to generate bogus messages just like the previous one (I tested it by
using the AOL Winsock feature and IE, but I used "whitehorse.gov" just
in case I screwed up the destination address; I suspect that if the FBI was
hassling AOL, they would spend the man years of effort required to find out
which subscriber was logged into a given dialup line at a specified time).
I got mail this week saying that someone will be looking at what can be
done.
As someone pointed out, sendmail V8.something, has an option to prevent
mail from being relayed between domains via that server instead of being
sent either into, or out of, the server's domain. However, if we're not
running a version with that feature, it will require some heroic efforts
to qualify it, or a period of months, or we find out how go the distributed
code is by putting thousands of user's mail at risk.
|
4026.191 | Here's an article from Risks 19.16 - fortunately it doesn't mention DEC... | TWICK::PETTENGILL | mulp | Fri May 23 1997 23:37 | 114 |
| ...but it could have unless there's something about our external mailers
that I'm missing.
------------------------------
Date: Thu, 15 May 1997 20:01:52 -0400
From: Jim Youll <jim@newmediagroup.com>
Subject: newmediagroup.com headers were forged in junk e-mailing;
retaliation against my public anti-SPAM activities
We are a very small company. We are being attacked electronically, because
of my public anti-spam stance:
(A) Our server was subjected to an inbound bombing from the hijacked
servers into our mailserver last night (14 May 1997).
(B) Thousands of messages were sent OUT today (15 May) from the same
hijacked servers, resulting in a torrent of complaining, hostile, violent
mail to our mailboxes. Some people began to mailbomb us with large
documents.
I have 99.9% confidence that the hostile messages were injected into the net
from a computer dialed into enterprise.net, a UK ISP, and have the
corroborating records to prove it, at least everything I can get without
cooperation from enterprise.net. I am unable to reach anyone at
enterprise.net who will assist in this investigation.
The messages were relayed off nevwest.com and freenet.carleton.ca SMTP servers.
The administrators at these sites have not been terribly supportive, though
they claim to be working on it. They have also received quite a bit of
inbound mail, but appear somewhat unsure about what to do or ``how that
happened''. They've asked me if *I* sent the messages.
Complete details of the attack and my anti-junkmail posting which started
all this appear here:
http://www.agentzero.com/junkmail
The message I have sent out follows. I need support from the UK. I am
prepared to do whatever it takes to get a prosecution.
-- quoted message follows --
My domain newmediagroup.com is under attack by someone who doesn't like my
MILITANT, PUBLIC ANTI-SPAM stance. To date, their actions have included
sending apparently several thousand e-mail messages, forged showing my name
as the sender. In addition, this same party or someone working with them
conducted a denial-of-service attack on our system last night, 14 May. See
http://www.agentzero.com/junkmail, including system logs clearly showing the
terrorists' use of third-party unsecured SMTP servers as relays (which you
will also see by looking at the headers of the messages that were sent).
Their attack has also included threats of harm against me.
PLEASE let people know this did not originate at newmediagroup.com. It is a
complete forgery. We are TRYING to investigate and at the moment have a
number of backbone carriers and MCI security, involved. I am doing all I
can. PLEASE tell people to stop writing to complain. This did not come
from us. We don't spam. I am FIGHTING spam and that is why I was targeted
in this manner. When you see their mail-bomb messages to me, you will
understand.
I am seeking cooperation from the sites that were used as relays. Sheila,
apparently an administrator at freenet.carleton.ca. (office@ is their e-mail
address; if you have received junk that bounced off their mailer, I STRONGLY
suggest you contact them and demand the holes be closed.) Carleton Freenet
has notified me (15 May 1997, 1600 EDT by e-mail) that they will not release
their SMTP logs, which would show the origin of the message injected into
their mailer. A man reached at nevwest.com said he had ``one technician
working on it'' but really didn't understand the specifics, and was not very
excited about helping. This is all very exciting for electronic terrorists,
I am sure.
New Media Group (and I in particular!) do not send or generate commercial
e-mail. Ever. We are a small Internet presence provider working closely
and on-site with clients in the Midwestern US. Only. We do not seek,
service, or advertise to anyone outside that area, and we do not use e-mail
for advertising.
Copies of all logs and the threatening messages which came here have been
forwarded to security officers at all ISPs we could identify, and at the
security offices of backbone providers involved in this. We're trying, but
it will be difficult to identify who did this. We're trying. I fully
intend to press criminal and civil charges at the very moment an indictment
becomes feasible.
The reason we have been targeted is that I (personally, not this company)
have been leading a campaign AGAINST junk e-mail. Please help me find out
who did this.
If you look at the headers, you will see that the messages did not come from
here. The incoming messages threatened more attacks unless I stop my
campaign to free people from unwanted junk e-mail. This is terrorism, plain
and simple and I call on the entire Internet community to help track down
the responsible parties. I will appreciate any assistance you can provide.
I am offering a reward of $1,000 for information leading to the arrest and
conviction of the perpetrators of this crime.
NOTE ADDED 16 May 1997:
We were hit again overnight 15 to 16 May. This time messages were sent to
many addresses in the U.S. Primarily the incoming has been bouncing due to
bogus or no-longer-in-use names at these locations. The nature of the
addressing suggests that the names were culled from newsgroups and other
public sources, and that the system doing the gathering went back some
distance in time to get them, as many were expired.
... It's been a busy couple of days. We have received approximately 2,500
undeliverable messages in the last few hours. (Normal is 20-50 per day.)
The incoming complaints and attacks are slowing, because I think people are
learning that jim@newmediagroup.com is ANTI-junk. Word is getting out, and
hopefully that will help in the future.
|
4026.192 | And a follow up from Risks 19.17 | TWICK::PETTENGILL | mulp | Sat May 24 1997 00:00 | 28 |
| How many innocent bystanders will be zapped by the attempts by ISPs
to fix the problems with SMTP (remember the S is supposed to mean simple).
------------------------------
Date: 17 May 1997 22:51:46 +0200
From: Arnt Gulbrandsen <agulbra@troll.no>
Subject: Re: newmediagroup.com headers were forged ... (Youll, RISKS-19.16)
Jim Youll <jim@newmediagroup.com> writes in RISKS-19.16 about forged spam.
I saw another side of the same incident.
The spam Jim refers to was done via enterprise.net, a UK ISP. As a result
of this (or another?) spam, enterprise.net recently stopped relaying mail to
domains other than enterprise.net. I discovered this when mail to one of
Enterprises' company customers (lfix.co.uk, a small consultancy) started
bouncing.
I reported it to postmaster@enterprise.net, but the reply I got was
clearly from a low-level support person who did not understand the
problem. The problem wasn't fixed, and after a week or two I gave up.
The risks of an overly strict configuration and incompetent staffing
hopefully include a loss of customers.
--Arnt
------------------------------
|
4026.193 | And here's a hint that you can't solve the mail forgery problems by relying on DNS lookups | TWICK::PETTENGILL | mulp | Sat May 24 1997 00:10 | 37 |
| My take on this is that someone tried to update someone's DNS server
so that all back translations would have returned "samie.rules" as
the address. If I'm correct, then someone could find some DNS servers
with the security hole and update them so that his IP address would
appear to be whitehouse.gov or digital.com. This is why newer versions
of sendmail support reporting the "received by" with both the domain name
and the IP address (in square brackets).
Subject: juicy, security related tidbits from a BIND-8.1 log file
Date: Wed, 21 May 1997 09:54:33 -0700
From: Paul A Vixie <paul@vix.com>
Newsgroups: comp.protocols.dns.std
There's a DNS dynamic update tool running around out there, that doesn't use
the new UPDATE opcode but rather depends on some stupid behaviour of older
versions of BIND. Newer versions of BIND respond as follows:
May 20 17:52:56 gw named[14994]: invalid RR type 'PTR' in authority section
(name = '155.8.206.207.in-addr.arpa') from [206.105.188.2].53
May 20 17:52:56 gw named[14994]: unrelated additional info 'jamie.rules'
type A from [206.105.188.2].53
May 20 17:52:57 gw named[14994]: invalid RR type 'PTR' in authority section
(name = '155.8.206.207.in-addr.arpa') from [206.105.188.2].53
May 20 17:52:57 gw named[14994]: unrelated additional info 'jamie.rules'
type A from [206.105.188.2].53
You will pretty much want to upgrade to BIND 8.1 or 4.9.5-P1 right about now.
(Note that BIND 8.1.1 is now in private beta testing, as is 4.9.5-P2, but the
above behaviour is in 8.1 and 4.9.5-P1.)
http://www.isc.org/isc/ is your path to salvation, or glory, or whatever.
If CERT is going to make a recommendation here, I'd like it to be for the
versions we're about to release, since there are even more, though more subtle,
security bugs fixed in the latest patches (now being tested by bind-workers.)
|
4026.194 | SPAM control center | WOTVAX::oloras3.olo.dec.com::hiltong | hiltong@mail.dec.com | Mon May 26 1997 18:38 | 16 |
| I received this, is it another way of getting a SPAM mail list, or is
it useful?
GET RID OF THE UNWANTED E-MAIL!!!
"Internet Spam Control Center"
http://drsvcs.com/nospam/
-or-
"No Junk E-mail"
http://pages.ripco.com:8080/~glr/nojunk.html
|
4026.195 | who gets the cash? | HNDYMN::MCCARTHY | A Quinn Martin Production | Thu Jun 05 1997 11:06 | 21 |
| Just saw this at the bottom of a posting, don't know if they have ever
collected though:
Dan McCabe
McCabe Engineering
zmccabe@voicenetz.com
NOTE: To e-mail me, remove the z's in the address.
LEGAL WARNING: Anyone sending me unsolicited/commercial/junk/spam e-mail
WILL be charged a US$500 proof-reading fee. Do NOT send unsolicited
advertisements and do NOT add my e-mail address to your list(s):
"By US Code Title 47, Sec.227(a)(2)(B), a computer/modem/printer meets
the definition of a telephone fax machine. By Sec.227(b)(1)(C), it is
unlawful to send any unsolicited advertisement to such equipment. By
Sec. 227(b)(3)(C), a violation of the aforementioned Section is
punishable by action to recover actual monetary loss, or $500, whichever
is greater, for each violation."
|
4026.196 | | BBRDGE::LOVELL | | Thu Jun 05 1997 12:54 | 26 |
| >> don't know if they have ever collected though:
I read an interesting article in a newspaper the other day about a
husband and wife business enterprise that was raking in $5000/week
through the US small claims courts.
The wife runs around the stores, catalogues, mail-order companies and so
getting herself added to their mailing lists. After some time, she
then writes to them and asks to be removed. She had a technique of
modifying ever so slightly a part of her name/address with a "flag" so
that she could recognise which companies were the origin of her list
entry, and which others had purchased her details through list sales.
The husband tracks the incoming junk mail, matches the "flag" info in
the address to recorded delivery mail which had asked the company to
desist and - Voila!! instant $500 settlement for unquestionable
infringement. They were averaging about 10 successful settlements per
week. Many of them were settled out of court as the husband has
developed a sort of standard legal template that is presented to the
company and they just sign it and return it with a "sorry letter" and a
cheque.
They were sure collecting...
Now this was for surface mail. It sure seems that there are legal
precedents to try and apply the principle to e-mail.
|
4026.197 | Anti-spam web site | TUXEDO::FRIDAY | DCE: The real world is distributed too. | Thu Jun 05 1997 14:23 | 2 |
| See also the following site: http://www.vix.com/spam
|