Written by: Otacon <>

Created Oct 6 2000, modified Oct 6 2000

Before I give out any information on how to become a nightmare to spam factories, let me get a few things off of my chest. You're site is a great place for paranoid freaks such as myself. I am now surfing the web anonymously.  Cookies are are gone and I am using two personal firewall programs and my own proxy server.  Thank you for pointing out the dark side of the World Wide Wait.

Now let me tell you about the subject of this message: tracking down those who rock and roll in their own fecal matter (spam). I have been fighting these monsters for a long time, ever since I connected to the Internet for the first time over six years ago.  I do not use programs like "WPOISON," because I live for the thrill of killing a spam factory's reputation.  It's changed me a lot, [the 'Net] has changed me a lot.

I'm rambling, I'll shut up now.

Fighting it (spam), is easy and it is rather time consuming.  On average, it takes me 15 to 30 minutes on one piece of mail.  What are my methods you ask? whoistraceroute. Thanks to Sam Spade (http://www.samspade.org), everyone can find out who sent them that offer for a college diploma.  With his program (although you can use Internic's free web interface), you can find out as much or as little information about every header in that message (spam).

For example, perform a whois search on the domain "Bob.org," and you'll be given the name and address of the person or group that registered that domain and any contact addresses associated with it.  If the original sender placed a few fake domains in the message headers, traceroute will find every address that your connection must bounce through before hitting the bogus domain.  This is also useful for finding the sender, because you can (or I should say must) perform a whois search on any suspicious addresses.

Once you find a few domains that you think are the originating address(es), then you can forward a copy of the message in question to the "postmaster@---" or "abuse@---".  You should include a copy of the Junk Busters "Spam Off" contract, which states what you'd like in return for accepting such messages in your mail box ($10 per message).

With any luck, you will get a reply from system administrator or the abuse team. He or she will usually reply (after an automated answer) and apologize. Because they don't want to pay you $10 for the past 50 messages you've received, they'll say that they will then make every attempt to track down and ban the suspected user from their service.  Sometimes they'll contact the sender's ISP, if the sender isn't a member of their service.

If you happen to receive a large amount of spam in your account after complaining to the company, then it means that you've found the sender's ISP and account.  They're scared shit and will do anything to cover their tracks, even sending more spam but with different headers and domains this time. Go through the same process of whois and traceroute, don't give up!

As an added bonus, forward any spam messages to your ISP, the Federal Trade Comission (UCE@FTC.GOV, if you live in America) and UU Net (abuse-mail@uu.net). You should send it to UU Net, regardless of where you live. They are one of the biggest providers of Internet access in the world.

Those are my tactics for fighting the good fight.  For more information, please visit http://eddie.cis.uoguelph.ca/~tburgess/local/spam.html and http://www.coyotecom.com/stopjunk.html. These are not my web sites (I am too paranoid to publish anything on the Internet), but they are very informative.