Back to the Desk main page.
the Urban Legend and SPAM page

"…and Whomsoever Thou SPAMist shall Curse You."

A look from the Desk

©03 The Media Desk

       It is costing Real Money now.
       That is what is driving the full mobilization against SPAM.
       Thousands of dollars a month are spent by businesses and governments trying to keep SPAM out of their networks.

       But will laws and filters and lists do any good?


       The Desk shall go through these point by point and explain why they will not work. And at the end, provide an idea that will, but cannot be done do to something so insidiously entrenched it cannot be controlled.

       By looking at the headers of the SPAM (versus the from address which can and often is different when dealing with SPAM) in two of the Desk's mailboxes it found out that a sizable number of those messages either originated or were routed through offshore servers. Barbados (.bb) showed up in a couple, as did some others like Russia (.ru) and the Virgin Islands (.vi and .vg).
       Of course a lot of them, OK, the vast majority of today's SPAM comes out of the over seven hundred fifty 'Clueless Mailers' identified by groups like the SPAMDEMIC Research Center at or the Coalition Against Unsolicited Commercial Email
       But the point is this. While the majority of SPAM originates from domains registered and operated by US companies. Quite a bit of it does not.
       Nothing the State of Delaware (with the toughest NO SPAM law on the books and zero prosecutions under said law), Utah which just sold their souls to the SPAMMERS to loosen their very restrictive laws, or even Uncle Sam who now has laws and provisions in hearings to combat SPAM… nothing they do will have any affect at all on a SPAMMER using a server in Barbados. Unless they officially block all inbound traffic from that domain, which the Barbados Tourism Office will not appreciate at all.
       Also, if Delaware has the laws but lacks the enforcement arm to track down and bust SPAMMERS, and the jail space to assign them to when it does, exactly what good will another law do?
       It is hard to believe a Federal Law Enforcement organization will be any more effective. Surely the FBI has better things to do than track down somebody falsifying subject lines in emails, saying 'I found your checkbook' when the message body is an ad for a horny cheerleader website. And then if the said G-men in true FBI fashion 'Gets Their Man', what happens when it turns out the SPAMMER is in Latvia (.lv)? Is Interpol going to go after them?
       All Federal Laws will do is harass honest (it is hard to use that word to describe SPAMMERS but there it is nonetheless) actual businesses advertising real goods and services through the cheapest and easiest way to reach a defined target audience while our buddy with the cheerleader pictures and his offshore server goes on his merry way.
       Requiring the abbreviation ADV: in the subject line will just give the SPAMMERS a hint for what to avoid.
       Irma the Internet Used Appliance Lady will follow the law and restrict her mailings and you may never see her Reconditioned Microwave Oven Special, even if you are in the market for one. But the Desk will bet Spam Sandwiches to Donuts you will still have a mailbox full of ads for prescription drugs through the mail, porn, and Nigerian Scam letters, Law or no Law.

       Filters are somewhat effective.
       With some SPAM.
       But there are limits to even the best filters.
       Long articles have been written about the layering of filters looking for everything from viruses to smutty jokes. The reason the people that get paid to know this kind of thing use layered filters is that no one filter is going to catch even half the incoming SPAM that tries to invade most systems. Keyword searches block real mail from a client but let through SPAM where the SPAMMER has replaced the words 'mortgage loans' with nonsense like 'mort$gage loan$'. Domain blockers may restrict everything from a single source, but even bastions in the Anti-SPAM war like MSN, Yahoo! and AOL have millions of Real Customers as well as dozens, if not hundreds of SPAMMERS that use, and abuse, their services. If you block AOL, you're blocking a lot of your clients and employees.
       If you block graphics or outside links, yes you cut down a lot of bulk mail catalogs, those cheerleader ads again, and links to Irma's microwaves. But you have also just deleted the link to the blueprint proofs your architect is trying to mail to you, your vendor's virtual business card with their new toll free number on it, and the pictures of your secretary's grandkids.
       And true enough. Not all applications of all words should be banned by the filters. While it is a stretch to say everything on the 'Seven Dirty Word' list have a legitimate use. The word 'Shag' came into play as something improper as a result of the Austin Powers' movies, yet if you are ordering carpet or talking about your longhaired cat with your vet, it is perfectly innocent. Your filter manager may be a little embarrassed if they had banned all occurrences of the word 'breast' as offensive and tagged an employee for repeatedly getting emails with the B-word in them, then the censor finds out the employee is the county coordinator for a Breast Cancer Support charity.

       When the anti-telemarketers Do Not Call Lists first came out, some of the shadier groups got hold of those lists and used them as their Call Lists. The list was a goldmine for them. Here they had a file of known working numbers, usually with addresses and names as well, of people by state and area code.
       Some of the marketing firms got busted, but the fines were seen by them as part of the cost of doing business.
       Do Not SPAM lists will probably work the same way.
       And again. A Do Not SPAM list for Illinois will most likely have no meaning to a SPAMMER in California. Same for a US National Do Not SPAM list to somebody from Haiti (.ht). And what is to stop somebody from getting the list and targeting those people that signed up for a barrage of credit offers and cash advance scams?

       At last check the Desk could have bought 200 MILLION working email addresses for $199. Or as touted in the ad, 'Less than a Dollar per Million Addresses'.
       The email program cost another hundred dollars or so. Given a spare computer and a second phone line the Desk could go into business for itself sending out SPAM at the rate of a thousand or so per minute, day and night, for however long it would take to exhaust that list. Then there is nothing from stopping it from starting the list all over again.
       Or if it wanted to, it could invest another ninety nine dollars for Two Million Charity Donors email addresses. Or $19.95 for a Million BtoB addresses.

       Where do these outfits get all these addresses?
       Well, Hotmail sold their address list once upon a time. Outfits like the United Way have been known to as well. If you sign up for Flo-Go's daily jokes, or join an online club. Your address is out there.
       Yet the Desk has an account at that it has never used anywhere for anything, and it still averages eighty SPAM messages a day. USWeekly simply sold access to their system to the SPAMMERS and there you go.
       Truth be told. You do not have to do ANYTHING to get so much SPAM you can't find the letter from your cousin in your mailbox.
       The Media Desk's main mailbox is almost useless because of the flood. Another account the Desk had for reader responses had to be closed because of the amount of incoming SPAM.
       Robots crawl the web looking for posted email addresses. The ones it finds (keying on the @ symbol in the address or the hotlink to an email program) goes into its memory as an address to be used to send stuff to.
       Even if you send out a mass mailing of one of those friendship tests or an official communiqué‚ to a live list, and it gets forwarded fourteen times, a SPAMMER could end up with a free list of a couple of hundred of addresses not usually available to them.

       Ahhh… Yes… a question…

Why is the SPAM still flowing?
       For the answer to that we have to go back to a marketing expert known far and wide for consumer savvy… PT Barnum.
                     "There's a sucker born every minute."

       People are gullible and some are insurmountably ignorant.
       There are those out there who believe they can buy a car for a dollar, or that some former petroleum minister from the Ivory Coast wants their help to launder twenty million dollars.
       They give up their credit card number for free access to look at the pictures of the cheerleaders and are more than happy to tell all their friends about the great bargains available on prescription drugs.
       Face it, if the SPAMMER was going broke, he'd have to quit it and get a real job. Like selling TVs out of the back of his SUV at the farmer's market.
       For that investment of about four hundred dollars the Desk could expect a five to ten percent return of replies and email queries, then maybe a ten to twenty percent rate of actual purchases on those. Multiply that by the 200 million emails sent out and you get a pretty good return on investment. And with some other lists, opt-in, targeted interests, previous buyers, it can be even higher.
       There is money to be made, and there are those willing to ignore or flaunt the law in order to get their piece of the action.
       And now with Mafia interests in certain aspects of the online game, Gaming for one, it is liable to get worse before it gets any better.
       Not don't get the Desk wrong here. Major retailers and some well known insurance companies use email campaigns. So do legitimate magazine and entertainment companies. BUT! When Uncle passes a law regulating SPAM, they will be the only ones who obey it. Our friend running his cheerleader porn site as a credit billing SCAM front from a server in Guatemala (.gt) won't give it a second thought.

       Email Account Security:
       Treat your Main Email Address like your Social Security Number. Do not just give it out to anybody that looks interested.
       Create a second, or in the Desk's case, Nineteenth, email account and use it when an email address must be given to sign up for whatever it is. Then go retrieve the password they send to you at that address, and then only check it once a week to dump the SPAM.
       If you buy something online. USE A CREDIT CARD. That way you have some recourse if it turns out to be a SCAM.

       SPAM Fingerprints:
       If the subject line says something that looks like they are replying to you about something you normally do not use, for example RE: Your New Car -or- RE: re: prescription question, It Is SPAM.
       If there are random characters in the Subject Line or something is grossly misspelled. It Is SPAM.
       If it is from Yourself. SPAMMERS use programs that insert your own name and address into the from line to get around filters, most people do not filter their own addresses. It Is SPAM.
       If you see the same subject line from several different people, none of whom you know. OR, the same person sends you multiple emails with different subjects. It Is SPAM.
       If the Subject line looks too good to be true: IT IS! Examples: You Won That Car!, You Are Approved for new Unsecured Gold Card. Or the Desk's all time favorite; an XFL Cheerleader is Dying to Meet YOU! (For the record, the Desk has Never met an XFL cheerleader.)

       When You Get It: THINK!
       Do NOT Open Obvious SPAM. SPAMMERS are now using javascripts in their emails that tell their servers if you open their message. That way they know the mailbox works, and you read garbage.
       DO NOT REPLY TO SPAM. Do not click on the button that says Remove, do not click on the link to whatever it is, do not send them a message to remove your name. All that does is tell them you read your mail and pay attention to it.
       Do not Forward SPAM. Technically, the poem about a mother's love is not SPAM (unsolicited commercial email) but after you get the same thing in your mailbox five times from three people, it counts.
       Report it! Major ISPs (internet service providers) all have some sort of SPAM office. Major email providers MSN, AOL, Yahoo! have SPAM contacts. Major private networks have SPAM ombudsmen. If you get one message a week from Irma, that's not going to raise any flags, but if you get SPAMBOMBED, dozens or even hundreds of the same thing, sometimes with different from addresses or subject lines (another problem with filtering and blocking it) let somebody know. One time the Desk got over 400 of the same email in less than three hours. That was a SPAMBOMB, and it reported it, in this case, to MSN. Pick a number, say nine, and when you get the ninth identical SPAM, shoot off an email to the SPAM guru for your provider, whoever it may be. Sooner or later, they will get the idea. If you get a really juicy SCAM email, check out somebody like who'll just love to hear from you.
       BLOCK IT. Most email providers have user programmable filters of some fashion or other. Use Them! Block popular SPAM subject lines (including: Viagra, credit and opt-in - or domains that send you the most. The Desk blocked- among others).

       delete it

thank you

For More Information see article and more links at the below address:
The Media Desk's Urban Legend and SPAM page

       [NOTE: There is no Irma the Internet Used Appliance Lady. All other SPAMMERS, domains, and organizations that fight SPAM do exist. The Desk is not affiliated with any of them. Thank you.]

       Permission to forward this article with credit to the Desk is hereby given. All other rights reserved.

these links for the benefit of SPAMMER robots: Fight Spam! Click Here! and Spam Bot Candy

Back to the Desk main page at: