I got sufficiently annoyed with the flood of refi and mortgage spam that I did alittle investigation of the e-mails. Now, greedy bastards are often pretty clever so I expected that obvious clues like the sender and other header info is bogus. What I did discover is that the links in the body of the messages look like they point to sites that some deep pocketed legitimate business has ultimate responsibility for. The links begin like:
br.geocities.com/xxxx?xxx where the "x" is some lexagraphically rare junk, an account and a parameter.
Some of the links begin mx.geocities and there are varients where the URL begins
yahoo.com.geocities.br ... or similar.
I sent one of the offending e-mails to the email abuse mailbox at yahoo.com who owns geocities.
The point of this is that it doesn't matter what kind of bogus crap is in the e-mail header the ultimate pay-off for the spammer is the link on some legitimate domain, and the owner of that domain has responsibility to police his users.
I sent a list of 20-odd of the links to the some e-mail as before. The course of action the people at geocities/yahoo should take is to disable the accounts who own the links,
and if the accounts are bogus in some way, they are temp accounts opened for a day or so and then closed, Yahoo should institute a policy on those domains that there must be a waiting period for new accounts. This is a simple system administration policy that could be used on sites that cause this much spam to discourage it and to incense the users of the same domain in Mexico or Brazil to police themselves or to demand their system administrators to do their jobs.
People don't need to navigate state vs. federal jurisdiction for anti-spam law, or launch questionable DoS attacks on the site or domain; we know who is untimately responsible, that is yahoo.com. A civil suit claiming damages of $100 million or so in the jurisdiction of the parent company for contributary negliance, because Yahoo is not using simple precautions in managing its web servers, should get their attention and put a stop to this nonsense.
This is my idea.
Bruce Salem
No comments:
Post a Comment