Fog Creek Software
Discussion Board

Spammers have email, too

Even though spammers use fake "from" addresses (such as ""), there's usually an HTML link in the body which can help reveal their identities.

I looked up some of domains of the more annoying emails on whois and found the names and emails of the admin and tech contacts; usually, they're the same person, and they're outside the US, usually eastern Europe (they're just starting to understand the whole free market economy thing).

Anyway, most of these guys have hotmail or yahoo email addresses.

I contacted hotmail abuse, but they said that unless I had a message from the spammer sent using that account (with all the message headers to prove it), they wouldn't take action.

Since that's something a spammer would never do, he's pretty much safe to sit there using his (presumably spam-free) hotmail account and annoying the rest of the world.

Legal action is out, since these people (and businesses, if you can call them that) are not in this country.

I've read about various "vigilante" schemes, like offering up DoS attacks on his server, filling his own inbox with crap (since it's hotmail, though, it would be easy to just get a new account), but I wonder what would be the most effect.

It would be great to send a message to these guys along the lines of "we know who you are, and we know what you're doing, so cease and desist or else!"

Any ideas?

Thursday, April 8, 2004

Locking them into their houses, boarding it up and setting it on fire. I heard that's a decent way to deal with spammers.

Thursday, April 8, 2004

I say we enlarge their debt and cut their...

James B.
Thursday, April 8, 2004

Just set up something to collect these email addresses and spam them back with thousands of emails.

Colonel Kruger
Thursday, April 8, 2004

Use that email addr in usenet postings and in other places likely to attract spam?

Help them choke on their own junk.

Bruce Perry
Thursday, April 8, 2004

Does anyone with even moderate intelligence think that spammers look at the hotmail/yahoo email address that they setup their domains with?

The main reason (besides being free) that spammers use hotmail/yahoo is that the account is totally disposable.

Also, the information visable on whois is easily changable (I just redid mine to keep it current) and has little to no validation - you might be venting your fury on someone's address the spammer picked at random (just like the from: address in spam email).

Thursday, April 8, 2004

You're right: email/electronic revenge isn't likely to be effective.

But the physical street address and telephone info in whois is likely to be egit, as well as the tech info (the domain has to be billed, the DNS servers have to point to the right location, etc.) so I was thinking more along those lines.

Thursday, April 8, 2004

Anonymous, you must not have read my post clear enough...

Spammers _don't_ care about their domains - they're less the $10 to register (less then $5 in bulk). They either didn't supply valid addresses when they signed up for the domain or they changed it to something bogus before they started their spam campaign. Changing domains frequently is a mingor cost of doing business for a spammer.

The DNS information, of course, has to be valid. Shared webhosting acocunts cost less then $10/month - they're disposable to.  If you write to the host (easily found, usually), they'll shut down the account. If you attack the host (via DDOS attacks, etc), you're mainly hurting the other customers of the webhost - the spammer is probably long gone to a different host.

Thursday, April 8, 2004

Jeff, you're right: if the domains themselves are disposable (I hadn't considered the economics there), then tracking them down is near impossible.

Still, a spammer registering in bulk, signing up with many hosting companies, would leave a trail of some sort.

Perhaps sharing information amon registrars, hosting companies, under an ICANN/industry consortium panel would help detect them?

Thursday, April 8, 2004

Why on earth would the companies want to stop the spammers giving them money to register domains for them?

It's not in their interest in any way to stop it happening.

Katie Lucas
Thursday, April 8, 2004

True, the small, pure registrar firms who make their only money on bulk domains won't like it, but all the other organizations involved (more reputable registrars, hosting companies, ISPs, etc.) certainly understand it's in their interest to stop this activity.

Our hosting company is one of those "$10/month shared server outfits" and they tell me they don't want spammers' business, precisely because it leads to IP blacklistings of their subnets, denial of service, etc.

I can't imagine a reputable firm in this space being seriously opposed to it.

Thursday, April 8, 2004

In the case of scamming spammers, particularly the 419 type, I'd say having a distributed network of people that systematically bomb the spammers' return addresses when the free e-mail providers refuse to shut down their accounts will be a nice way to save a lot of people from being scammed by these people.

Seun Osewa (
Thursday, April 8, 2004

*  Recent Topics

*  Fog Creek Home