Hello, good day, and welcome. Do step into my in-box. Watch out for the Deleted mail folder; it's overflowing, I'm afraid. Listen, I'm sorry about the mess. I've just had the spammers in and the place is simply coated with unnaturally pink, gelatinous, unwanted advertising.
It's not just that I'm getting unwanted mail coming in. It's much worse than that. In fact it's my worst nightmare: some bulk mailer just used one of my Web domains as a return address on a huge mailing for recreational medications, and I've been getting bounced-back mail from postmasters across the Net telling me the mailbox doesn't exist. I'm not sure how many of these things got through, but I've clocked 100 rejected messages in a single weekend. I'd like to think that the mailing list was 100 strong, and they were all wrong, but I have a nasty suspicion that my luck's not that good.
 |
Somebody out there, probably thousands of people, are getting messages for V-1-A=G-R-A and c1a-L:IS and embedded GIFs touting some penny stock that nobody's heard of--all with my domain name all over the From field.
|
|
Somebody out there, probably thousands of people, are getting messages for V-1-A=G-R-A and c1a-L:IS and embedded GIFs touting some penny stock that nobody's heard of--all with my domain name emblazoned all over the From field. The addresses themselves are bogus, of course: they're all random letters, such as wlk@
[mydomain.com], and yncwd@
[mydomain.com], and fils@
[mydomain.com]. In fact, I'm pretty sure they're designed that way so that any bounced-back messages will disappear into the ether and nobody will be any the wiser. Of course, I set up a catchall address at my domain that collects and forwards any misaddressed mail to me. So now, I know whenever some scumbag is making money at the expense of my good name--or my good domain name, at least.
How did this happen?
My first thought was that the host or registrar that holds the records to my domain had been hacked, and some spam operation had physically used their mail servers with my domain name on them to send out the mail. It's a possible scenario, but not the only one. And the scenario that the support staff at my registrar and host told me was equally likely: that somebody had
spoofed my domain.
Essentially,
spoofing would mean that a spammer ran a piece of software that got hold of my domain name, possibly from its own spam lists, maybe from sniffing around in vulnerable e-mail servers from which e-mail came to me, or maybe from the central WHOIS database. The software then
generated a mess of fake addresses with my domain on the end to masquerade as the sender's addresses in the From and/or Reply To fields of their crass bulk e-mail. Then they sent out messages to unwitting strangers.
|
Fortunately, even though spam is a crass business that heaps extra work and stress and annoyance on everybody except the scumbags who make money off it, it does have its funny side.
|
|
|
I picked up the bounced-back messages only because I have a catchall account at my domain host. E-mail spoofing could happen to anybody with a domain (it could have happened to you), and most people never find out about it.
Unfortunately, if this spammer manages to annoy enough people, my domain may end up on a
blacklist. Fortunately, because this kind of thing happens all the time, the blacklist compilers probably won't punish me for what that spammer did, but they may. So I need to keep an eye out for any dropped messages to important clients and friends and comb the huge public
list of blacklisted sites and hope for the best.
All told, my options aren't terribly cheering.
At spam filtering, Verizon shines
Fortunately, even though spam is a crass business that heaps extra work and stress and annoyance on everybody except the scumbags who make money off it, it does have its funny side. For one thing, there's the interesting way spam filtering has been implemented at the Verizon-Yahoo mail servers.
On a routine look through my Web-based Junk Mail folder on Verizon Yahoo, I saw a notification of a class action lawsuit against Verizon dated April 1. The date and the fact that the mail was stuffed in a Junk Mail folder led me to think it was a hoax or a scam. But there was a similar message dated a week later, so I checked it out. The message was legit. It read:
"TO: ALL PERSONS AND BUSINESSES WITH A "VERIZON.NET" EMAIL ADDRESS: This Notice Is Given To Inform You Of The Proposed Settlement Of A Class Action. If The Settlement Is Approved By The Court, Certain Benefits May Be Available To You In Settlement Of Claims Relating To Verizon's Provision of Electronic Mail Services."
I love the glorious self-importance of capital letters in legalese. Apparently, a sufficient number of lawyers believe that they can make money out of Verizon's overzealous filtering of mail between October 2004 and the end of May 2005, which routinely threw out missives from Europe and China because, presumably, they were from Europe and China.
If you happen to have had a Verizon account at that time and can document that you did not receive mail that was sent from either Europe or China, you could be eligible to win $3.50 for each month your messages were blocked, up to a grand total of $28. I'm not averse to getting rebates if I've suffered from poor service, but assembling the data necessary for that wouldn't be worth $28 of my time, especially when I know that the bozo who's putting together the suit will make at least tens of thousands of dollars out of it. But in the interests of journalistic balance, here's where you can check out
the details of the suit for yourself--and what's the betting there'll be another class action lawsuit alleging that Verizon's spam filtering prevented members of the class eligible for this action suit from knowing about their rights?
Verizon shines some more
Actually, that's not the funny spam-filtering story at all. The really funny one came three weeks later, when Verizon spam-canned one of its own broadcast messages. On Tuesday, April 17, Verizon filtered out an "Important Information About Your Verizon DSL Bill" from billing.update1@verizon.net (good old Billing...haven't heard from him in ages).
So there you have it. Verizon spam-filtered its own message. This would be a lot funnier except that unlike most trash in my spam filter, I actually read this message, and I didn't like its content, especially this paragraph:
You will begin seeing a Tax Recovery fee on your monthly DSL service bill within your next two billing cycles. This fee is being charged because your state instructed carriers that the Internet Tax Nondiscrimination Act does not prohibit their state from taxing DSL, and carriers should impose taxes on the DSL circuits that Verizon Online must purchase in order to provide you with Verizon Online DSL service.
|
So perhaps Verizon's spam filter was doing exactly what it was supposed to do: removing objectionable unsolicited content from my mailbox. But of course, this does also mean that Verizon considers itself a spammer.
|
|
Let me paraphrase that: "We can make you pay part of our tax bill because we're Verizon." Now, just like Elvis, I pay my tax bills because I'm supposed to. And I really object to corporations passing on parts of their tax bill to me and trying to make it sound as though the government is making them do it.
So perhaps Verizon's spam filter was doing exactly what it was supposed to do: removing objectionable unsolicited content from my mailbox. But of course, this does also mean that Verizon considers itself a spammer. So I should cut them a bit more slack; after all, I've just become a spammer, too. So come on into the clubhouse, Verizon. I hope you'll excuse the mess; I've just had the spammers in.
Are Matt Lake's opinions little better than a barrage of spam? Should he filter some more of this stuff out before he foists it on the public? Broadcast your message to the world in the TalkBack section below.
