Date: 2006-04-30 09:07:00
Tags: rant, spam
hall of shame

Further to my previous entry about people responding to spam, I heard back from one of the people I sent a response to. I'll back up a bit and show you the whole exchange. First, his original message to me:

From: "Don" <...@cox.net>
To: "Rosamund Stephenson" 
Subject: RE: monsoon

Ok knock your shit off please and stop sending me this

[original spam message quoted in his message]

My response:

From: "Greg Hewgill" 
To: "Don" <...@cox.net>
Subject: RE: monsoon

On Fri, Apr 28, 2006 at 08:29:26AM -0700, Don wrote:
> Ok knock your shit off please and stop sending me this

I understand you received some spam that appeared to be from an email
address in a domain I own (hewgill.net). Unfortunately, today spammers
are using software that can easily forge the "From" address on email
messages. They don't use their own name to try to hide their identity.
They insert random email addresses from domains they don't own and so it
looks like the spam came from me. I can assure you that it did not.

If your email provider has a spam blocking system, you may want to try
turning that on. On my own email system, I have a number of different
layers of spam protection and it brings the spam down to a manageable
level (I receive thousands of spam messages per day, most of which are
automatically blocked). With luck, people will stop buying products from
spammers and it will no longer be profitable for them to send their junk
mail.

Have a great day.

Greg Hewgill
http://hewgill.com

I thought that was clear, succinct, and quite understandable. However, our friend Don appears to have not read any further than the very first sentence:

From: "Don" <...@cox.net>
To: "Greg Hewgill" 
Subject: RE: monsoon

Own it or not I don't need it so STOP sending me this

Of course he didn't read my explanation about forging of email headers; he didn't read that I did not personally send him that spam; he did not read about my recommendation regarding spam filters; he did not read that I too am subject to receiving spam from junk mailers; he is probably not even having a great day today. I had originally thought about mentioning SPF and how that would have prevented him receiving the message in the first place, but I'm sort of glad I didn't waste my energy. (Instead, I'm using that energy to rant about this here.)

Perhaps I'm old and jaded (at least in internet years), but it's surprising to me that people using the internet today have no clue how email works. I imagine our friend Don could, perhaps with a bit of effort, understand what happened if he received a forged written letter in his mailbox delivered by the post office. However, the same does not appear to be true about email delivered by his computer. If he hits Reply, the message must go back to the person who sent it, right? I fear for him if he ever starts receiving phishing messages.

Ok, I know this is boring. I'm done for now.

[info]nugget
2006-04-29T21:36:26Z
I don't find it boring. I just find it frustrating (much as you do, I think).

If it makes you feel any better, a guy just called FlightAware to ask if we knew what happened to the bag he accidentally left on the bus this afternoon. I guess telephones are as inscrutable as email for some folks.
[info]ghewgill
2006-04-29T21:48:48Z
Indeed. One of my favorites (which I can't seem to find right now) was the guy who emailed me from England asking me whether he could give me step-by-step instructions about how to set up his newly acquired bluetooth headset.
[info]bovineone
2006-04-29T22:34:31Z
Ask him to send you $5 for you to remove him from your address book. :)
[info]dopplertx
2006-04-29T22:46:06Z
Forge your own From: header back to him...

From: soandso@fbi.gov
Subject: Listen, you dumbshit!

When Mr. Hewgill addresses you, it's advisable that you listen to what he has to say. Any further communication regarding this matter from you will be met with force by federal law enforcement.
[info]goulo
2006-04-30T06:08:14Z
Haha! Or I was thinking forge a spam from himself to himself:

From: don...@cox.net
Subject: OMG, I sent spam to myself!
Am I losing my mind? I don't remember sending this email to myself! How can this be? Well, I must have sent it, since the from field has my email address... So now I must send a rude letter to myself, telling myself to knock this shit off.
[info]wheatgrassser
2006-04-29T23:25:01Z
why don't you just s-can all messages you receive that aren't to a valid user? Seems like it would be less frustrating for you. Who do you want to hear from that also would get your name wrong?
[info]ghewgill
2006-04-30T05:25:47Z
I occasionally use different names when giving out my email address, to keep track of stuff. I don't want to have to also maintain my own list of what I've used. It makes life simpler for me if there's a catch-all.
[info]edm : Subdomain
2006-04-30T06:42:58Z
As an observation, you'll get on better if you create a subdomain for this purpose (ie, catch all address). I've had dictionary attacks (or reflection of "dictionary source") on my domains for 3-4 years. But it's only in the last few months that I had one against a subdomain that I used regularly for email (and fortunately it was one that I'd discontinued using "for real", so was able to limit to the few addresses that still mattered).

If I were doing it again, I'd probably set up a subdomain by year (eg, 2006.foo.bar.baz), to use for wildcards and then disable it again in a couple of years, probably with a "change date to current year" advice for any human senders.

Ewen
[info]codeman38
2006-06-10T23:00:12Z
I hate these spammers for the same reason. It's far more convenient to be able to use a catchall address— I've also employed the tactic of using different e-mail addresses to sign up for different services, and on top of that, I have relatives who still don't know how to spell 'Cody'. But the ridiculous number of bounces that these spams get— often with the entire 20-odd-kilobyte image attached— are really testing my patience!
[info]wheatgrassser
2006-04-29T23:29:01Z
By the way, the McSea Anenome's website went bye-bye.
[info]ghewgill
2006-04-30T05:27:12Z
That's true, but he still owns the domain until 2009 or so. I'll keep the link around in case it comes back.
[info]edm
2006-04-30T00:13:44Z

[Reposted, as a logged in user. Something seems to be causing me to get logged out of LiveJournal repeatedly. Sigh.]




Perhaps I'm old and jaded (at least in internet years), but it's surprising to me that people using the internet today have no clue how email works.


Alas, the majority of the people using the Internet these days do not know how it works. This has been the case for at least the last 5 years. A large proportion of them don't even know that it's called "the Internet". They really only see a few web applications that they use (eg, webmail), and perhaps one or two portals.



Personally I gave up trying to reason with people who were sufficiently stupid to respond to spam (imagine confirming your email address still reaches a person by replying to the message!) a while ago. I'd recommend that you save your breath (and fingers).



And given the year-on-year increase in spam in the last 10 years, I don't see the problem ever going away. I am, however, hopeful that eventually there'll be some way to reliably prevent my addresses being forged as the source of spam and other junk. But I don't see that happening in the near future either.



Ewen



PS: Yes, I know there are lots of proposals and partially implemented methods which would prevent my addresses being forged as spam. Alas, they don't work reliably, at least now. I know this 'cause I get a lot of backscatter from spam runs.



PPS: I'm an Internet newbie too. I've only been using it for 16 years. Not even half the time that it's existed.


[info]ghewgill
2006-04-30T05:34:57Z
I would love to see a solid, widely implemented method of forging protection. I've set up SPF and DomainKeys, in the hopes that one of them will surface as the prevailing antiforging technology. I'm open to anything else that might come along, too, which reminds me to look at DKIM and see how it differs from DomainKeys.
[info]dominiko
2006-04-30T03:15:31Z
en Nice try. But wasn't the idea of trying to use reason with someone who responds to spam, doomed in the first place? :-)

eo Boneta klopodo. Sed, ĉu la ideo mem, de provi uzi racion kun iu, kiu respondas al spamo, ne estas ekde komenco fiaskenda? :-)
[info]ghewgill
2006-04-30T05:39:50Z
Eble vi pravas. Mi devis diri al li, ke li gajnus tre da mono se li nur agis laŭ la spamo diris! Vidu la akcian prezon nun!
[info]ivo
2006-04-30T15:58:20Z
I imagine our friend Don could, perhaps with a bit of effort, understand what happened if he received a forged written letter in his mailbox delivered by the post office.

Perhaps that's the better way of giving the guy an analogy. Next time, send back something like "What you got was just a letter where someone wrote a fake return address on the upper left corner. Would you take that return address as authoratitive? No? Then do the same with email".
[info]ghewgill
2006-04-30T19:29:21Z
I could try that, but I have doubts as to whether he'd read beyond the first sentence this time. He gets spam, he doesn't want it, he thinks hitting Reply will help. Maybe I'll add something like that to the standard template response I send people. :)
[info]cetan
2006-05-01T14:53:46Z
Tell him you'll stop the spam as soon as he stops sending you mail to switch to/from Mastercard/Visa.
Greg Hewgill <greg@hewgill.com>