Turning the Tables on Spammers

It would be nice if they could get a few of the scum off of the web

bigc

 

There are a number of ways to make life harder for spammers...

1. Get a SpamCop account and use this as a starting point for dealing with spam - SpamCop will scan emails you supply and send copies to the originating ISP (not the sender address since this is normally forged) and the ISP of any websites linked to in the spam.
2. Get a throwaway email account or sign up with an alias service like SpamGourmet - the following steps involve sending out emails and you should avoid using your main email account for this, since ISPs may pass your complaint onto the spammer - who may then send (more) spam to your address (just to confirm how mentally retarded many spammers are).
3. For any sites referred to in the spam, use DNSStuff (or a number of other lookup sites) to find the domain registration details and complain to the domain registrar. Some will shut down the domain used, others (Tucows notably in my experience) will bleat and moan about how spam isn't their responsibility - ignore this, their position is identical to that of an ISP hosting a "spamvertised" website, they accept money to provide a service so they should take action when that service is abused. At the very least, the more that people complain about domains used for spamming, the greater the expense in supporting them and the greater the incentive for ultimately closing them.
4. Check the details of the domain holder - is a full address and phone number given? If not, or the details appear to be fake (e.g. phone number code does not tie in with ZIP code) then report this to the Whois Data Problem Reporting System. Domains with incorrect information can be closed down - though it can take some weeks for action to be taken. If spammers are forced to continually abandon old domains and register new ones, this increases their expenses. However if the phone number appears genuine, it may be worth calling it to request removal from their email lists! (however it is possible for a spammer to use someone else's phone number as a "joe job" attempt so it would be better to do this only if you see the same number used for multiple domains).
5. Check the contact email addresses used in the domain registration - these tend to be reused by regular spammers so if you see the same addresses turning up for different spamvertised domains, complain to the email service provider also. This can be quite effective since the larger providers may automatically shut down accounts that receive too many spam complaints - and the spammer needs these accounts kept open to manage their domain (for example to avoid automatically losing it in the event of a complaint).
6. Check the DNS servers used for the spamvertised domains - if you see the same server domains crop up here then do another lookup on them and complain to their domain providers - check their contact details and report any inaccuracies to the WDPRS also. Shutting these down can affect dozens or hundreds of spamvertised domains.

This can mean sending out a lot of email for a spam - I have on occasions sent out 7 messages per spam. However, when I included the email address providers for the domain registrations, this caused the spam to stop immediately and I have an almost totally clean inbox (only a couple of spams per month - from some Russian service without a website...).

If you receive a spam for an address based in China though, you may like to consider a response similar to that posted in the Outpost forum Doing Evil Unto Spammers thread...