Log in

View Full Version : Internet spammer Can't Take What He Dishes Out


Ed Hansberry
12-07-2002, 12:00 AM
<div class='os_post_top_link'><a href='http://www.freep.com/money/tech/mwend6_20021206.htm' target='_blank'>http://www.freep.com/money/tech/mwe...d6_20021206.htm</a><br /><br /></div>Alan Ralsky is one of the biggest, if not <b><i>the</i></b> biggest spammers in the world. He has recently purchased a $740,000 house with his proceeds from spamming. His street address was <a href="http://slashdot.org/articles/02/11/25/0324221.shtml?tid=111">posted in this Slashdot thread</a> along with this <a href="http://terraserver.homeadvisor.msn.com/addressimage.aspx?t=1&s=10&lon=-83.4306683068011&lat=42.5349771549766&alon=-83.43067008&alat=42.53497312&w=1&ref=A%7c6747+Minnow+Pond+Dr%2c+West+Bloomfield%2c+MI+48322">overhead picture</a>, courtesy of Microsoft's TerraServer. Don't pay any attention to the push-pin. TerraServer gets close, but never spot-on. It is one of those houses though. :lol: :lol: :lol: <br /><br />"It's all the result of a well-organized campaign by the anti-spam community, and Ralsky doesn't find it funny. "They've signed me up for every advertising campaign and mailing list there is," he told me. "These people are out of their minds. They're harassing me." That they are. Gleefully.<br /><br />Boo hoo Mr. Ralsky.

Daniel
12-07-2002, 12:05 AM
This is so cool, shame about the lawyer talk but I guess you don't get rich spamming people if you have a sense of irony or humility.

Daniel

John Cody
12-07-2002, 12:08 AM
Haw, haw! :o

(as pronouced by the bully kid in The Simpson's)

TomB
12-07-2002, 12:20 AM
You gotta love this! I hope Slashdot stays on top of this if there are any address changes so we can keep this slimeball afloat in his own medicine. Boy, wouldn't it be great if we could actually locate the other top ten spammers and offer them the same treatment they offer the world every day? I wonder how much longer Spam would exist?

This is great - we should all send this guy our warmest greetings! :)

Daniel
12-07-2002, 12:36 AM
I hope Slashdot stays on top of this if there are any address changes

The guy would have to sell his $740m house to change his address though, that's a bit more painful than e-mail everyone to say that you've changed your e-mail address!

I can't say have much sympathy for the guy though.

Daniel

sweetpete
12-07-2002, 01:17 AM
I hope Slashdot stays on top of this if there are any address changes

The guy would have to sell his $740m house to change his address though, that's a bit more painful than e-mail everyone to say that you've changed your e-mail address!

I can't say have much sympathy for the guy though.

Daniel

I've had to change my email address because of guys like this and it's cost me business (not $740k, but still!).
I'm personally gonna go buy $50 worth of stamps and forward this guy my junk snail mail piece by piece for a while.

This reminds me of that Seinfeld episode where he asks the telemarketer for his home number so he can call him back. Sweet justice

Daniel
12-07-2002, 01:23 AM
Shame we don't have his e-mail address hey? He'd have pr0n and offers for university degrees and all sorts of mind numbingly useless spam rained down on his head for the rest of time... :)

Daniel

Daniel
12-07-2002, 01:43 AM
Apologies for the second post here but I had to post this article about the evil spammer. Here's a quote that made me laugh and a link to the full article (I got the link from Slashdot)
"There were threats against him, cars driving by and people checking out his house," Harrison said. "Someone even left a package of what appeared to be dog feces."
http://www.freep.com/money/tech/mwend22_20021122.htm

I can see some kid thinking it was going to make a difference. :)

Daniel

welmoed
12-07-2002, 02:11 AM
This, to me, was the scary part:

"Buried in every e-mail he sends is a hidden code that sends back a message every time the e-mail is opened. "

:x

Is there any way around this?

-Welmoed

Ed Hansberry
12-07-2002, 02:24 AM
This, to me, was the scary part:

"Buried in every e-mail he sends is a hidden code that sends back a message every time the e-mail is opened. "

:x

Is there any way around this?

-Welmoed
Outlook 11 will circumvent this. Basically it is just embedded HTML that shows the message was viewed. Also, any non-HTML email client like Agent or Inbox on your Pocket PC won't send the message.

klinux
12-07-2002, 02:27 AM
This, to me, was the scary part:

"Buried in every e-mail he sends is a hidden code that sends back a message every time the e-mail is opened. "

:x

Is there any way around this?

-Welmoed

Sure, but it's difficult. A common way that mailers do this is to embed a 1 pixel by 1 pixel image within the HTML email so that when you opened the e-mail, it calls the originating web site "hey, I want this image" and this tells the mailer that the e-mail has been opened. BTW, this is an extremly common practice and bot a big spam/hacker secret.

You can avoid this by 1) get mail in text format only or 2) prevent outbound traffic.

John Cody
12-07-2002, 03:22 AM
[You can avoid this by 1) get mail in text format only or 2) prevent outbound traffic.

This can be done by setting up ZoneAlarm to limit/allow Outlook (or any other email program) to just the ports 53 (DNS), 25 (SMTP), 110 (POP) and optionally 143 (IMAP). This way all external links in an HTML message will be severed (prevented from going out onto the internet) - so no "call home" requests can be made.

welmoed
12-07-2002, 03:30 AM
Our traffic all goes through a server and I'm not the IT person (hubby is). Dumb question: I use Outlook 2000 for my mail, and have it set up with the preview option. Does looking at a spam mail in the preview screen qualify as "opening" the message and triggering the "phone home"?

(Sorry this is getting OT)

--Welmoed

that_kid
12-07-2002, 04:02 AM
I have outlook setup without the preview bar, that way I can look at the sender and subject and decide for myself. Over the past 4 days I've been recieving email from some @#@ with the words Hello in the subject. Each time it's from a different(forged) place and they even tried to get creative and make it appear as though it came from places like Monster and Microsoft. I wish I had this guys e-mail address too, I could give it to my buddy who is getting into the very thing that this spammer is doing. Hmm.... maybe this will show my buddy how much people hat spam.

Janak Parekh
12-07-2002, 04:03 AM
Our traffic all goes through a server and I'm not the IT person (hubby is). Dumb question: I use Outlook 2000 for my mail, and have it set up with the preview option. Does looking at a spam mail in the preview screen qualify as "opening" the message and triggering the "phone home"?
Yes, if the graphics download.

The alternative to using ZoneAlarm is to use spam-scanning software that will detect spam and filter it into a mailbox (or, trash). While they're not perfect, they're getting damn good. I believe Outlook 2003 will have a decent spam filter built in--we'll see.

--bdj

cgavula
12-07-2002, 05:30 AM
Or buy a Macintosh :D - the mail app that comes with Mac OS X does a junk mail filter automatically (after a short learning period) and I never see most junk mail. As with all junk mail filters, it's not perfect, some still get through, but I'm currently filtering several thousand junk items a month without having to open them.

--Chris

Jason Dunn
12-07-2002, 06:20 AM
Or buy a Macintosh :D - the mail app that comes with Mac OS X does a junk mail filter automatically (after a short learning period)

PC's can do this too. :D

www.spamnet.com is a great solution for Outlook users!

Daniel
12-07-2002, 06:56 AM
Did someone say Macintosh?! ;)

Really, disable HTML e-mail and/or prevent you main client from downloading images. You can do this as some people have suggested above. You could also get a Mac... ;) :P

Another way to help is to get an e-mail address that you only use for people you know and never use for web forms or company contact details, just friends. It cuts down the spam a fair bit.

Hey Jason, SpamNet seems like just the kind of useful community program that has spyware in it.:?: Man that would suck because it sounds excellent. Is anyone using SpamNet?

Daniel

Janak Parekh
12-07-2002, 07:44 AM
Another way to help is to get an e-mail address that you only use for people you know and never use for web forms or company contact details, just friends. It cuts down the spam a fair bit.
Indeed, this has been my strategy. I don't give out my "real" email address on any form -- I have a Hotmail address for that purpose. My real address gets very little spam, except for the Nigerian stuff, which seems to permeate everywhere.

Unfortunately, it doesn't last forever. Sooner or later, someone will start forwarding those chain letters around, which have the second purpose of being a nice little harvester for spammers. I yell at friends who actually forward that stuff. :roll:

--bdj

TheNewSteve
12-07-2002, 09:18 AM
:twisted: Junk mail always comes with postage free envelopes. For years I just put the other junk ads in the envelopes and mail them back to the other junk mailers. Free, much satisfaction, no paper to add to the recycling pile!

-Steve

klinux
12-07-2002, 09:31 AM
Mac has nothing to do with this as is done through the HTTP protocol. You will have this problem on any platoform viewing HTML e-mail (in preview form or not).

Solution is still viewing in text format or prevent outbound calls via a firewall of some kind.

This web bug is old news and is mostly used for benign purposes. More malicious uses are described here by the Register http://www.theregister.co.uk/content/6/15423.html.

GregWard
12-07-2002, 10:34 AM
Solution is still viewing in text format or prevent outbound calls via a firewall of some kind.

As I think you're saying - the trouble with all of this is that you might want html e-mail and you might want it to download pictures as you look at it!!! For example I get the BBC new service once a day. Getting this in html and with web based images makes it far more like a newspaper - it looks good and is easier to read.

So the net effect of the "deaths to good for them" spammers is that ordinary users have to choose between better security and a good service that they want. Again! :evil:

PlayAgain?
12-07-2002, 11:21 AM
Personally, I'm too busy to go seeking revenge on someone who I ignore anyway. :roll:

Jonathon Watkins
12-07-2002, 11:42 AM
[You can avoid this by 1) get mail in text format only or 2) prevent outbound traffic.

This can be done by setting up ZoneAlarm to limit/allow Outlook (or any other email program) to just the ports 53 (DNS), 25 (SMTP), 110 (POP) and optionally 143 (IMAP). This way all external links in an HTML message will be severed (prevented from going out onto the internet) - so no "call home" requests can be made.

How do you do this? Is this ZoneAlarm Pro? I have the standard ZoneAlarm and I can't get any access to port information for individual apps as far as I can see.

John Cody
12-07-2002, 01:28 PM
[quote=klinux][You can avoid this by 1) get mail in text format only or 2) prevent outbound traffic.

How do you do this? Is this ZoneAlarm Pro? I have the standard ZoneAlarm and I can't get any access to port information for individual apps as far as I can see.

Yes, ZoneAlarm Pro has the ability to filter by port numbers - the standard edition doesn't.

Pony99CA
12-07-2002, 01:52 PM
:twisted: Junk mail always comes with postage free envelopes. For years I just put the other junk ads in the envelopes and mail them back to the other junk mailers. Free, much satisfaction, no paper to add to the recycling pile!

I heard of one guy who would attach postage-paid envelopes to bricks and return those. Supposedly, the company sending the mail had to pay the excess postage, but I don't know if that's true. It would be funny if it were. :-)

Steve

Pony99CA
12-07-2002, 01:55 PM
This web bug is old news and is mostly used for benign purposes. More malicious uses are described here by the Register http://www.theregister.co.uk/content/6/15423.html.

For those who got a bad Web page error from the above link, here's a good link to the Register Web bug article (http://www.theregister.co.uk/content/6/15423.html). It's an interesting read.

Steve

cpoole
12-07-2002, 03:19 PM
Did someone say Macintosh?! ;)

Hey Jason, SpamNet seems like just the kind of useful community program that has spyware in it.:?: Man that would suck because it sounds excellent. Is anyone using SpamNet?

Daniel

I have been using Spamnet for about 2 months now. It does put some email into my spam folder. I click the spam button on all new offending messages & there are still a lot of them. I would guess that it catches about 50% of the spam.

I wish that Outlook was a bit smarter with it's filters (or perhaps it is too smart :wink: ). I sometimes think that a couple of hours effort with color coded messages and filters would be more effective but Outlook seems to do odd things with mail that relates to someone in an address book. Filtering on "FROM" tags does not seems to behave properly.

welmoed
12-07-2002, 05:35 PM
I think I found a solution I can live with. I DL'd Mailwasher and figured out how to get it working and so far it seems to do the job pretty well. Now I will have to wait and see for a month or so and see if the volume of spam decreases.

I will be very interested to see whether the email I have just for my PDA somehow gets harvested. Nothing so far, luckily, but then again I don't use that account for much (yet!).

Thanks for all the input.

--Welmoed

jbctech
12-07-2002, 09:52 PM
Did someone say Macintosh?! ;)

Hey Jason, SpamNet seems like just the kind of useful community program that has spyware in it.:?: Man that would suck because it sounds excellent. Is anyone using SpamNet?

Daniel

I have been using Spamnet for about 2 months now. It does put some email into my spam folder. I click the spam button on all new offending messages & there are still a lot of them. I would guess that it catches about 50% of the spam.



I've been using SpamNet for about 6 months or so... and it seems to detect around 90-95% of all of my SPAM. I love that program. I also use Office 11 Beta 1 since I'm a beta tester, but it seemed to work just as good on Outlook XP. Cloudmark's SpamNET is IMO the best SPAM eliminator out.

James

Certified Optimist
12-08-2002, 06:20 AM
I heard of one guy who would attach postage-paid envelopes to bricks and return those. Supposedly, the company sending the mail had to pay the excess postage, but I don't know if that's true. It would be funny if it were. :-)

Steve

Don't know anything about bricks, but I just love snail-spam... Perfect for sending free packages to your friends abroad... Just cross out the address and write "Forwarded to..."

Works like a charm!

Daniel
12-08-2002, 08:31 AM
Mac has nothing to do with this as is done through the HTTP protocol. You will have this problem on any platoform viewing HTML e-mail (in preview form or not).
I was just kidding, I do actually have a mac, I just find it funny when people claim that it's the panacea for all computing ails. Some, just not all! ;)

Indeed, this has been my strategy. I don't give out my "real" email address on any form -- I have a Hotmail address for that purpose. My real address gets very little spam, except for the Nigerian stuff, which seems to permeate everywhere.
Seems to work quite well for me, I just get really annoyed when I accidently use my private e-mail and mail some "likely" people though!

... For years I just put the other junk ads in the envelopes and mail them back to the other junk mailers. Free, much satisfaction, no paper to add to the recycling pile!
-Steve
I like that idea, I might give that a go when I get really annoying spam.

Who actually pays for the re-sending of this mail though? Does the USPS pay or does the spam company? I mean, postage paid would initially be paid by the spam company but then, once it has gone to one person, wouldn't the cost of the subsequent delivery fall to the USPS? Let's not even think about the brick!

Daniel

Jason Dunn
12-08-2002, 08:38 AM
Hey Jason, SpamNet seems like just the kind of useful community program that has spyware in it.:?: Man that would suck because it sounds excellent. Is anyone using SpamNet?

I've been using it for 6+ months and have found no evidence of spyware - I've ran the Lavasoft spyware removal tool and found nothing. Don't assume that everything is bad before you try it. :wink:

Daniel
12-08-2002, 08:58 AM
I've been using it for 6+ months and have found no evidence of spyware - I've ran the Lavasoft spyware removal tool and found nothing.
Sounds really good actually, shame I have a mac, they have no mac version. Oh hang on, I'm not supposed to say that! *cough* The mac does everything in the world better than every other computer system, everything is normal, nothing to see here, move along...

Don't assume that everything is bad before you try it. :wink:
Well I tried PPCT didn't I? ;)

Daniel

Fitch
12-08-2002, 10:33 AM
I love that original article (http://www.freep.com/money/tech/mwend22_20021122.htm), it's hilarious:

"Ralsky agreed to this interview and the tour of his operation only if I promised not to print the address of his new home, which I found in Oakland County real estate records."
and
"Alan Ralsky's brand new 8,000-square-foot luxury home near Halsted and Maple in West Bloomfield has been a busy place this month."

Gee, I wonder how they found his house? :wink:

and Wedland totally plays him off as an complete jackass,
"You can just have your computer on, connected to the Internet, reading e-mail or just idling and, bam, this program detects your presence and up pops the message on your screen, past firewalls, past anti-spam programs, past anything.

"Isn't technology great?"

Mike Wendland is brilliant.

Kati Compton
12-08-2002, 04:46 PM
I love that original article (http://www.freep.com/money/tech/mwend22_20021122.htm), it's hilarious:

"Ralsky agreed to this interview and the tour of his operation only if I promised not to print the address of his new home, which I found in Oakland County real estate records."
and
"Alan Ralsky's brand new 8,000-square-foot luxury home near Halsted and Maple in West Bloomfield has been a busy place this month."

Gee, I wonder how they found his house? :wink:


Yes - but even better I like how although he doesn't print the address, he very clearly tells other people how to get it...

spg
12-08-2002, 10:58 PM
Well it is hard to feel sorry for a guy who sends out virtual truckloads of spam to people. It does seem silly though to counter spam with spam, it also doesn't seem to be doing any good, he is still going as strong as ever.

JvanEkris
12-08-2002, 11:40 PM
Well, it does me some good. :) I can imagine real trucks from the postal office driving to his large lane to his big house, delivering his big pile of junk-mail. Every day.

Every day he feels what i found annoying for the last three years: somewhere, between the mail-orders, offers of enlargmenst of body-parts, second grade universities etc, there is some usefull information in that pile of mail. Perhaps even a company sending me nformation that is really vital for me to know, but i can't find it.

An eye for an eye, justice is served.

May many spammers follow.

Jaap

Rob Alexander
12-09-2002, 03:42 AM
As I think you're saying - the trouble with all of this is that you might want html e-mail and you might want it to download pictures as you look at it!!! For example I get the BBC new service once a day. Getting this in html and with web based images makes it far more like a newspaper - it looks good and is easier to read.

So the net effect of the "deaths to good for them" spammers is that ordinary users have to choose between better security and a good service that they want. Again! :evil:

MS (or whoever makes your email client) could solve this one quite easily. All we need is an opt-in filter for HTML instead of a universal setting. The client could strip all HTML emails of their code and display them in plain text, except those that meet your filter criteria. Then you could let it show you email from BBC News and your family in HTML, but strip it out for everyone else.

P.S. Reading that story makes me feel like there really is some justice in the world.

Merlion
12-09-2002, 11:05 AM
If this guy made millions from spamming people to death, he could just employ someone to filter out junk mail from his snail mail. He could easily afford it if he wants to. And to him, what he got out of spam is worth this minor inconvenience. And even if someone vaporized this guy, there'll be many others clamoring to take over his operations. Whatever anti-spam technology you use, spammers'll create their counter technology, just like virus creators.

The only way to effectively stop spam is if nobody ever buy anything from spam. I can't for the life of me understand why anyone would buy anything from spam, but there are people who do, & as long as big money could be made from spam, there'll always be spam. According to Ralsky, each of his computers in his basement can send over a billion emails everyday, & the current response rate is 0.25%. That is enough to make him a very wealthy man. That response rate need to be zero or negligible. We need to educate everyone to not spend a single cent on anything led on by spam.

Pony99CA
12-10-2002, 09:14 AM
I love that original article (http://www.freep.com/money/tech/mwend22_20021122.htm), it's hilarious:

"Ralsky agreed to this interview and the tour of his operation only if I promised not to print the address of his new home, which I found in Oakland County real estate records."
and
"Alan Ralsky's brand new 8,000-square-foot luxury home near Halsted and Maple in West Bloomfield has been a busy place this month."

Gee, I wonder how they found his house? :wink:

and Wedland totally plays him off as an complete jackass,
"You can just have your computer on, connected to the Internet, reading e-mail or just idling and, bam, this program detects your presence and up pops the message on your screen, past firewalls, past anti-spam programs, past anything.

"Isn't technology great?"

Mike Wendland is brilliant.
Thanks for that link. Not only is Ralsky a jackass, but a hypocrite and scumbag:


Ralsky said he's frustrated by attacks on his character by the anti-spammers.

Gee, I wonder why. Could it be because:


Ralsky acknowledges that his success with spam arose out of a less-than-impressive business background. In 1992, while in the insurance business, he served a 50-day jail term for a charge arising out of the sale of unregistered securities. And in 1994, he was convicted of falsifying documents that defrauded financial institutions in Michigan and Ohio and ordered to pay $74,000 in restitution.

He lost his license to sell insurance and he declared personal bankruptcy. But in 1997, he sold a late model green Toyota and used the money to pay back taxes on his house and buy two computers.

Let's promote capital punishment for spammers. :lol:

Steve