×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Porn Spam using Slashdot.org name

Hemos posted more than 14 years ago | from the time-kill dept.

Spam 242

I've gotten a lot of mail, and seen this submitted - a porn site has sent mail using the Slashdot.org name, purporting to be Slashdot.org. They are not. We don't, and will not send mail out using your name. Click below for the full text of the message that was sent out. Update: 06/17 12:56 by H :Current going theory (thanks to Mark Rietman) is The list is the one maintained at distributed.net. This is because they used my distributed.net@rsoft.demon.nl adress (which i never use anywhere else). It's a list open to public (team stats-page --> memberslist) Update: 06/17 01:09 by CT : I just wanted to apologize. I'm getting a lot of hate mail, and I just want to reiterate that we didn't do this, and that I wish bad things would happen to the bastards who did this. I consider forging email to be among the worst of all net.crimes. And don't visit the site or you'll just encourage these pricks.

[TEXT OF MAIL FOLLOWS]

"X-Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by groucho.med.jhmi.edu (980427.SGI.8.8.8/970903.SGI.AUTOCF) via ESMTP id AAA56584 for ; Thu, 17 Jun 1999 00:14:26 -0400 (EDT)

X-Received: from zamboni.mail.digex.net (zamboni.mail.digex.net [204.91.99.98])
by pony-1.mail.digex.net (8.9.3/8.9.3) with ESMTP id AAA14165
for ; Thu, 17 Jun 1999 00:11:07 -0400 (EDT)

X-Received: from mx.icp.rssi.ru (mx.icp.rssi.ru [194.85.223.7])
by zamboni.mail.digex.net (8.9.3/8.9.3) with ESMTP id AAA01690
for ; Thu, 17 Jun 1999 00:11:06 -0400 (EDT)

X-Received: from mx.intra.ru ([194.135.182.7]) by mx.icp.rssi.ru
(post.office MTA v1.9.3b **** trial license expired ****)
with ESMTP id AAA224 for ;
Thu, 17 Jun 1999 08:08:50 +0400

X-Received: from ras5.icp.rssi.ru by mx.intra.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.0.1458.49)
id MQ9VDG1N; Thu, 17 Jun 1999 08:08:00 +0400
From: "slashdot.org" To: Date: Thu, 17 Jun 1999 08:07:52 +0300
Subject: Dear Member of slashdot.org (eisen@access.digex.net)
Reply-To: support@slashdot.org
Organization: slashdot.org
Content-Type: multipart/mixed; boundary=XX0BFF0BCE-00350BFFXX
X-Priority: 3
ReSent-From: Halmonster ReSent-To:

This is a Multipart MIME message. Since your mail reader does not understand this format, some or all of this message may not be legible.

--XX0BFF0BCE-00350BFFXX
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

Hello dear member!
Slashdot.org offer you new service of overclocking your operation system (w=
in95/98/NT/linux/mac=20
and more)
For more information please visit http://join.at/freepc CT:DO NOT CLICK THIS LINK! ITS A PAGE OF DAMN BANNER ADS! THIS IS A SCAM!
We always think about You

------------------------------------------
This message was sent to you by
Name: slashdot.org
Email Address: support@slashdot.org
IP Address: ras5.icp.rssi.ru
------------------------------------------

Using Aureate Group Mail Free Edition
Find out more about this product and try it=20
for free at: link
--XX0BFF0BCE-00350BFFXX--
"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

242 comments

Re:Keeping geeks clothed. (0)

Anonymous Coward | more than 14 years ago | (#1846758)

Why wait tell you get out? With an old keyboard splash cover and careful placement of your monitor you can check slashdot in the shower!!

Okay, what not to do. (2)

bleh-of-the-huns (17740) | more than 14 years ago | (#1846759)

After looking at the site in question, a slashdot effect would not help any, as the person who sent the spam is trying to get people to click on the links. For every link that you (everyone in general) click, he gets a small amount of cash through "click through" type services. There is no easy way to deal with these types of idiots. Unless the owners of /. are willing to sue, the idiot can go on using the slashdot.org domain forgeries in the headers. (atleast until certain laws become official, however long that will take).

Re:/. effect as a source of good? (1)

shogun (657) | more than 14 years ago | (#1846760)

I'm not going to visit it myself, but that link is probably full of revenue raising ad banners. So if we attempt to slashdot that site we'll just be making the spammer money...

Re:Shut him down and flush him with an enema (2)

dattaway (3088) | more than 14 years ago | (#1846781)

Looking at the headers in the spam I got, I returned it pretty hard to the guy. From the headers, it looked like the guy used some kind of point and drool warez program.

Why people spam is beyond me. What would motivate someone to do something so sensless? It costs them money and does not gain worthwhile friends. Is it the same motivation that drives serial killers?

Received: from mx.icp.rssi.ru (mx.icp.rssi.ru [194.85.223.7])
by Edison.EBICom.Net (8.9.1a/8.9.1) with ESMTP id XAA14816
for ; Wed, 16 Jun 1999 23:11:04 -0500
Message-Id:
Received: from mx.intra.ru ([194.135.182.7]) by mx.icp.rssi.ru
(post.office MTA v1.9.3b **** trial license expired ****)
with ESMTP id AAA207 for ;
Thu, 17 Jun 1999 08:08:46 +0400
Received: from ras5.icp.rssi.ru by mx.intra.ru with SMTP (Microsoft Exchange
Internet Mail Service Version 5.0.1458.49)
id MQ9VDG1J; Thu, 17 Jun 1999 08:07:56 +0400

The irony . . . (1)

Badgerman (19207) | more than 14 years ago | (#1846782)

At work, I access slashdot a few times a day to keep up with Geek News. I've explained a few times that slashdot has nothing to do with "Slash" erotic fiction.

This probably won't help . . .

Re:Reason for using slashdot.org (1)

larien (5608) | more than 14 years ago | (#1846783)

Plus the stereotype of geeks drooling over porn sites while sitting in their rooms, hence they are actually targetting potential customers (the validity of this assumption is, of course, open to debate). Dunno where they got the addresses from, though; I haven't been mailed and my email address is non-munged.
--

How did they get my E-mail address?? (0)

Anonymous Coward | more than 14 years ago | (#1846784)

I got the same spam email, what i'm wondering is HOW did they get my e-mail address?

my e-mail isn't posted with my comments, so
from where did they get my e-mail address in connection to slashdot??

the subject says:
Subject: Dear Member of slashdot.org (phazer@.ml.org)

How do they know i read slashdot if my email address was never posted here?


(i don't usually get spam, this is the second spam mail in 6 month..)

No porn?! (1)

Anonymous Coward | more than 14 years ago | (#1846785)

This is the sorriest excuse for a porn site I have EVER seen. What with all the nerdy news stories and polls without enough options, I haven't found one decent nudie pic...I feel so cheated. Gotta admit, though, that Cmdr. Taco would be a great name for a porn star...

Re:Spam, the ultimate coders itch. (1)

Ancipital (19821) | more than 14 years ago | (#1846786)

Dont "Just Hit Delete"[tm].

You must decode the headers, and hunt them down. Spammers hate losing their net access. Usually there's a dialup, a web page and a drop box at the very least.. make sure you whack all three for max karma bonus.

hmmm (1)

drwiii (434) | more than 14 years ago | (#1846787)

X-Received: from mx.intra.ru ([194.135.182.7]) by mx.icp.rssi.ru (post.office MTA v1.9.3b **** trial license expired ****)

You think they'd at least register their software...

Nooooooooooooooo! (Important!!!!!) (0)

Anonymous Coward | more than 14 years ago | (#1846788)

No don't email him.

Or at least send an Anonymous email. Otherwise he will have your address for real!

And then you will be sorry!

Spamdot? (1)

Felinoid (16872) | more than 14 years ago | (#1846789)

Technicly nothing new about this.
I know a lot of you are not going to believe it when I say AoL and Microsoft are both against spam however both have publicly come out against spam simply becouse they are fed up with it.
A lot of companys that are against spam have had the missfortune of having a spammer clame to be (in some way) a part of the organisation in question and people quick to judge lable them as prospam and of course we all want to believe all things evil of Microsoft and AoL mostly becouse it is usually true.
Spammers will never admit the true idenity of the spams source. Any clammed supporter is yet annother victom...

Re:good question (1)

danec (8876) | more than 14 years ago | (#1846790)

>> I hope /. isn't selling their "members" names for $$$.


If they were, don't you think it would be to some internet technology related company and not a porn site?


Really, i don't think they are.

Keeping geeks clothed. (1)

Darchmare (5387) | more than 14 years ago | (#1846798)

Of course /. isn't into porn. After all, what site recently posted a story from the 'geeks-should-never-be-naked dept.'?

I have news for you, Rob. I'm naked right now.

Okay, maybe not, but... I could have been. :>

- Darchmare
- Axis Mutatis, http://www.axismutatis.net

operation system? (1)

jabberwocky (5771) | more than 14 years ago | (#1846801)

maybe a little more research would have made this believable... then again, putting their *.ru address somewhere in the body of the message didn't help either.

Porn mail (1)

_Spirit (23983) | more than 14 years ago | (#1846803)

Why didn't I get any ? ;-)

Seriously, I think the headers you posted are clear. Maybe it's some silly prank, or someone trying to show off his ability to "spoof" mailadresses. (Obviously not aware of headers n stuff)

Message on our company Intranet:
"You have a sticker in your private area"

WE HATE SPAM (1)

Stardate (13547) | more than 14 years ago | (#1846810)

Although most or all /.'ers had a healthy hatred for spam before this, it just gets more meaningful when it hits home.

KILL KILL KILL!!!

I got the message today.... (1)

rkt (9943) | more than 14 years ago | (#1846813)

I hate to say that... I got this message today.... I was surprised slashdot sent me the mail... and I didn't realise what it was untill I saw this article.
I hope we can find the culprit and take him to task.... else there would be no end to this spamming.

Well, where did he get my address then? (1)

iturbide (39881) | more than 14 years ago | (#1846815)

This was too obviously not originating from slashdot, but how did this guy lay his hands on the addresses?

alexgurry@intra.ru (1)

iota (527) | more than 14 years ago | (#1846817)

After a little snooping of HTML, youll find yourself back at Alex Gurry's homepage (which is full of ads). His email address, alexgurry@intra.ru is included on the page; if logic serves, he is probably the one who did this.

Send him an eMail and tell him what you think about SPAM; I did!

jason

Time to call the lawyers (1)

bluGill (862) | more than 14 years ago | (#1846819)

I would say that advertising porn with the /. name qualifies as defmination.

Too bad there are not a US orginization, international law is a myth that exists only when everyone wants it to.

Re:Well, where did he get my address then? (1)

Hemos (2) | more than 14 years ago | (#1846820)

Huh-that's strange. I'm not sure how he got it then-we're checking various things out.

Re:good question (1)

Hemos (2) | more than 14 years ago | (#1846821)

We didn't send it. Conceivabily they got the list through other measures-that's what we are looking into.

Re:good question (1)

RabidMonkey (30447) | more than 14 years ago | (#1846822)

The /. people are as against spam as the rest of us - why would they do that? Think before you post and try and raise hell.

Re:good question (0)

Anonymous Coward | more than 14 years ago | (#1846823)

What's the difference? Porn sites have money too.

Re:good question (2)

dattaway (3088) | more than 14 years ago | (#1846824)

The spammer got my old email address that I haven't used for several months since I got my static IP. He must have compiled the list of addresses long ago. What pisses me off is that the guy looks bent on trying to destroy slashdot getting people riled up and emailing abuse@slashdot. Would it be reasonable to assume this guy is pulling a DOS attack?

The connection between slashdot, RC-5 and porn (2)

Marc Rietman (494) | more than 14 years ago | (#1846825)

The list originated from the distributed.net memberlist of slashdot. It became very obvious to me when I noticed they had used an email I only use to send/recieve rc-5 blocks. Maybe the list should be protected by the team owner of /.

I know it can be done, because EvangeLista did this already.

Re:IIS 4.0? (0)

Anonymous Coward | more than 14 years ago | (#1846826)

Isn't join.at just a redirector such as come.to etc?

Re:Sad (2)

jandrese (485) | more than 14 years ago | (#1846827)

I think this is a little overrated. I've been posting my email to the usenet and Slashdot for some time now and I still get little (almost no) spam. The only account I have even been heavily spammed on is my old AOL account, but their system is stet up to delight spammers by always keeping a list of all of their members available to the public. Besides, if you never give your email address out what use is it?

Not harvesting, or not fully (2)

anticypher (48312) | more than 14 years ago | (#1846828)

My email account is not obfuscated, but it is a tripwire for spam. I haven't received a thing from this spammer. My account has been active for a few months now.

Methinks this is just a prank to dig at the slashdot community. Lets not let that happen. Just ignore them and eventually they will go away, or get a little maturity.

the AntiCypher

Re:Porn mail (0)

Anonymous Coward | more than 14 years ago | (#1846850)

They use Microsoft Windows. How smart could they possibly be? Not very.

Re:good question (1)

danec (8876) | more than 14 years ago | (#1846851)

I doubt that this was just a random spam to everyone in the world, with the hopes that it would reach some slashdot users who'd be taken in by the return address.


And i'd bet pretty heavily against these spammers having stolen the internal email address list.


What i imagine happened, was that some sort or crawler program sucked up hundreds of thousands of posts in the comments, after all its nots hard to generate the urls for the individual comments (http://slashdot.org/comments.pl?sid=99/06/17/1232 41&cid=xxx where xxx is the message number, can't be much simpler.) That would explain why not every single slashdot poster got the spam because some through that NOSPAM in the middle of their email addresses just to confuse spam bots.

Re:alexgurry@intra.ru (1)

Chocboy (18672) | more than 14 years ago | (#1846852)

After a little snooping of HTML, youll find yourself back at Alex Gurry's homepage (which is
logic serves, he is probably the one who did this.

ok, this is very likely, but perhaps its not him. its like someone who doesn't know much and blames slashdot.its just you've done a little more research and found this e-mail and i disagree with the comment below

Send him an eMail and tell him what you think about SPAM; I did!

doing that (esp if ya don't know 100%) is almost as bad as the original spam. because you're wasting bandwidth like spam does. two wrongs don't make a right, perhaps you should send a polite e-mail to the persons isp and tell them what is happening and they can acctually do something, cos if it is correct, they can do something about it.

for one, by mailing him you're veryfying your e-mail is valid..

Re:Porn mail (2)

dattaway (3088) | more than 14 years ago | (#1846853)

Why didn't you get any? Looking at your address, you are using newsguy, the same guys that provide the anti spam service spamhippo. They also do a good job cleaning usenet news of spam crap. I have a newsguy account and it seems well protected against spam. I'm waiting for a day to get spam at that account so I can watch the spammer get crushed like a bug.

Re:The connection between slashdot, RC-5 and porn (1)

iturbide (39881) | more than 14 years ago | (#1846854)

Yup! That's it.
The mail was sent to the address I userd for registering for that. And that's a different one from the one I used for registering at slashdot.

Thanks for solving this riddle.

Pay-Per-Click... (0)

Ellis-D (19919) | more than 14 years ago | (#1846855)

For the years that I have used these programs, I have never seen a single cent from the money I should of made.. Any one else get the same results?
I ate my tag line.

Re:Shut him down and flush him with an enema (1)

ChrisMul (13717) | more than 14 years ago | (#1846857)

MTA stands for "Microsoft Transfer Agent", the portion of Microsoft Exchange Server that attempts to deliver the message to one of it's internal addresses.

It looks like this guy was using one of Microsoft's 120 day trial licenses...maybe the best response is to forward the emails to piracy@microsoft.com and let them deal with it from an illegal-software perspective...:o)

Re:Well, where did he get my address then? (1)

Hemos (2) | more than 14 years ago | (#1846858)

Are you on the RC5 team? Current theory is that they pulled it from there-apparently that's happened before.

Please read his message! (1)

BiGGO (15018) | more than 14 years ago | (#1846859)

Damn it,
They can get 180,000 valid email addresses out of there with a robot.
I think we should ask distributed.net not to tell our emails,
but rather our names, just like, ehm, seti@home does.



---

Re:The connection between slashdot, RC-5 and porn (0)

Anonymous Coward | more than 14 years ago | (#1846876)

That sucks. Especially since /. was just asking
for more participants for rc-5. People might
think twice about joining if they are going to get
spammed for it.


It's a shame spammers have to ruin everyone's fun. :(

How to take him out. (1)

a.out (31606) | more than 14 years ago | (#1846877)

If we cut off the reason that he is doing this it will be even better.

How do you screw over the clickthrough sight? Most porn sites have clickthrough policys, if you complain that the clickthrough site is spamming or using illegal means to generate hits they will pull the plug on his account and give him NO money.

I'd do this myself, but I'm at work so no porn sites for me.

DO NOT CLICK ON HIS BANNERS!

This is his isp: www.intra.ru [intra.ru] can someone find his homepage?

Tell him what you think of spam: alexgurry@intra.ru [mailto]

Re:Keeping geeks clothed. (1)

azonic (10190) | more than 14 years ago | (#1846878)

something tells me you'll get nominated for a darwin award someday :)

Re:Shut him down and flush him with an enema (0)

Anonymous Coward | more than 14 years ago | (#1846879)

MTA is stands for Mail (not Microsoft) Transport Agent. He is using Post.Office which is not a Microsoft product (look at www.software.com), so your complaints to microsoft will be useless. What is really strange that his Post.Office license is expired. Trial version of Post.Office has a number of user limitation but never expire.

Re:good question (1)

ian_d (59750) | more than 14 years ago | (#1846881)

Hmm, I'm not a regular /.'er (registered last week), but I'm on the RC5 team since a couple weeks back. I agree in the RC5-list theory on this count.

/IanD

Re:alexgurry@intra.ru (1)

httptech (5553) | more than 14 years ago | (#1846882)

A search on DejaNews reveals alexgurry@intra.ru is indeed the owner of the spam.

http://www.deja.com/pro file.xp?author=alexgurry%40intra.ru

All his posts are porn-spam and reference the same URL that was in the email message.

Since his homepage on intra.ru exists and is another banner ad site, I'd say probability is extremely high this is the correct email address of the spammer.

Re:Well, where did he get my address then? yes. (1)

iturbide (39881) | more than 14 years ago | (#1846883)

Well, I guess we found it.
I'll just leave it to the bloodthirsty herd to deal with it.
Good luck at crowd control.

Re:Well, where did he get my address then? (1)

gmeb (17697) | more than 14 years ago | (#1846884)

Not from /. ! I know an Anonymous Coward (hi Gaetan. ;-)) who also got this junk-mail, and I didn't. So it's not /. members that were targeted.

How one could go about collecting a list of /. readers:
* arrange with Hemos to place an innocent-looking ad on /.
* log all people that click through the ad
* now use that list for spamming purposes
Anybody still fill in their correct address in netscape ?

Oh, and if you don't know how to interpret the "Received:"-headers on e-mails, please don't complain about spam-mails. You're likely to mail-bomb an innocent person. I bet Rob was mailbombed because of this spam.

possibly harvested from distributed.net? (0)

Anonymous Coward | more than 14 years ago | (#1846885)

The only place I know of that has my email address visible in any connection to slashdot is distributed.net, where I signed on to the slashdot team. I assumed, till I saw this news item, that someone had set a robot walking through the results rankings harvesting addresses...
A simple test: did anyone get the spam who hasn't participated on distributed.net?

At least the SETI@home has a provision for NOT showing your email address on any public results pages.

Re:International Law (2)

dattaway (3088) | more than 14 years ago | (#1846887)

No, we don't need no stinking laws. The internet can heal itself without involving the slow creaky wheels of justice. If they keep it up, the pipe dumping raw noise into the internet will be simply cut off and blackballed. Things like that happen if you have a mail relay and allow abuse.

Here are a few great antispam links:

http://maps.vix.com/ [vix.com]
http://www.orbs.org/ [orbs.org]
http://spam.abuse.net/ [abuse.net]

Hackers vs Spammers, a fable (1)

seth (984) | more than 14 years ago | (#1846905)

So once upon a time (two years ago, maybe) some genius got himself accidentally subscribed to the perl5porters mailing list around the time of the major perl5.004 push (lots and lots of messages a day, probably more than linux-kernel).

So the genius, as they are prone to do, said "GET ME OFF THE *#@%$%$# MAILING LIST RIGHT NOW". Everyone on the list, as they are prone to do said "Figure it out yourself, dingus" and forwarded him his own subscribe message.

So the genius then said "Get me off this mailing list or I'll spam the entire mailing list every day for the rest of my life and you'll be sorry".

So Larry then said "You don't threaten with a slingshot the inventer of the rocket launcher".

The genius was never heard from again.

This whole situation makes me remember that story. Whether or not this guy likes it, he's brought down the ire of the /. community which, as we've seen, is capable of generating more email by shear volume than any spam program ever could.

Poor bastard. If he's actual email address ever gets out ... We'll, let's not think about that ...

Re:The connection between slashdot, RC-5 and porn (1)

BitPoet (40070) | more than 14 years ago | (#1846907)

Last time I checked, I was a member of Team UFie... I did /. for awhile, though. Hmmmm.

Re:Shut him down (1)

gavinhall (33) | more than 14 years ago | (#1846908)

Posted by CanSmegWillSmeg:

Just a suggestion. Anyone out there still with an AOHELL account create another id & forward him all the spam that you can find.

Just a thought.....


Re:possibly harvested from distributed.net? (2)

dattaway (3088) | more than 14 years ago | (#1846909)

The spammer used an old address I thought I retired. Now that you mentioned it, it was my distributed.net address. I was just busting keys with that address, now I have to bust the skull of some dumbass knucklehead spammer so he can't father children in the future.

Measure twice, cut once (1)

Ancipital (19821) | more than 14 years ago | (#1846910)

This could be a "joe job". Make very sure (by pretending to be a potential customer, mebbe?) before releasing the dogs.

There have been cases in the past where pammers have deliberately faked people's details (indeed, sent a spam for their company) deliberately to discredit and harm them.

I'm not saying this is what this is, but just check before the loonies start attacking this guy, ok?

Re:Keeping geeks clothed. (1)

Ancipital (19821) | more than 14 years ago | (#1846912)

Yebbut, isn't the whole point of pr0n that it contains actual fit(ish) sleek individuals pumping joylessly at each other? Geeks of either persuasion aren't well-known for being pneumatic or having acres of well-toned golden flesh :)

Help! What can we victims do about this? (1)

gavinhall (33) | more than 14 years ago | (#1846914)

Posted by ThickAsTwoShortPlanks:

About a year ago a certain porn site used one of my site's email addresses - 'asThickas@TwoShortPlanks.com' as a reply address to a message that was plastered over a whole bunch of newsgroups. As you can guess, I was not much pleased.

I didn't do anything about it at the time, but my question is what *can* the individuals do about something like this? Who do I complain to? The company was using their own hosting service, so postmaster wasn't really an option.

Can people like me sue (slander?) If so, does anyone know anyone who's had experience in this kind of thing, preferably someone who has delt with this kind of before, and is feeling like doing it on a no win no pay basis. It'd be great if we could actually start hitting back easily and quickly every time this happens.

Later.

Mark.

Re:The connection between slashdot, RC-5 and porn (1)

mistered (28404) | more than 14 years ago | (#1846915)

Aha! Give that man a +1!

Go to www.trafficcash.com [trafficcash.com] and view their Terms. They say


7.E-mail spamming is strictly prohibited. This
includes e-mail spamming, newsgroups, and IRC.
If you violate this term of your agreement you
will be terminated from the program and will
not be paid.


Now send an email to jjb@powersite.net [mailto] and complain that alexgurry spamed his click-through page. This email is listed on the trafficcash site as the "questions or comments" contact. Or, if it's local for you, call 1-954-563-9008.

Thank you.

Re:Well, where did he get my address then? (0)

Anonymous Coward | more than 14 years ago | (#1846917)

i'm guessing they harvested them from the /. team listing on distributed.net anybody get the email who wasn't on that list?

Re:Porn mail (1)

Evangelion (2145) | more than 14 years ago | (#1846925)

Why didn't I get any? ;-)


I'm sure if you really want Spam, it can be arranged. It's generally not hard to come by :-)


Maybe it's some silly prank, or someone trying to show off his ability to "spoof" mailadresses. (Obviously not aware of headers n stuff)


No, it's spam... It's intended to get you to click on the link, so you can look at thier porn site, and maybe sign up. That's it. It's not about ego or l33t hax0r 5ki11s, just about getting someone to click. Once that is accomplished it's useless.

Re:Porn mail (1)

XDG (39932) | more than 14 years ago | (#1846926)

The more disturbing bit is that it spoofs my e-mail filters by looking like it's from someone I'll read mail from.

/. effect as a source of good? (1)

ariels (6608) | more than 14 years ago | (#1846927)

Uhmm, isn't there a thing called "the slashdot effect" that happens when 1e11 people visiting slashdot click on the link?

The email message included 2 links. What would happen if *everyone* clicked on them?

We should make sure this doesn't happen.

Re:Well, where did he get my address then? (1)

Hemos (2) | more than 14 years ago | (#1846928)

harvetsting the pages would be my guess.

Re:Keeping geeks clothed. (2)

Stephen Williams (23750) | more than 14 years ago | (#1846929)

I AM naked right now.. I just got out of the shower... freaky....

Yikes! That is the sign of a true geek. Gets out of the shower and checks Slashdot before getting dressed :-)

good question (1)

smcd (634) | more than 14 years ago | (#1846932)

yes, i'd like to see this answered too. my -nospam- address is the one i use here so unless there's a pretty clever email bot out there, someone got their hands on an internal /. mail list.

Shut him down (1)

iota (527) | more than 14 years ago | (#1846934)

One of his pages has lots of links and information about AllAdvantage.com, some kind of online make money by referral page. Check out their antispam policy, and send them an email saying you don't appreciate Alex Gurry's spammage.

http://www.alladvantage.com/antispam.asp

abuse@alladvantage.com

http://www.chat.ru/~alexgurry/index.htm = Alex

enjoy,
jason

Re:/. effect as a source of good? (1)

smcd (634) | more than 14 years ago | (#1846936)

chances are everyone won't get the email at the same time. /. effect occurs because link is posted to /. and noticed by everyone within an hour or so. the emails will probably arrive over a whole day or more.

Re:good question (2)

Stephen Williams (23750) | more than 14 years ago | (#1846938)

someone got their hands on an internal /. mail list.

Not necessarily. I'm guessing they just used a random spam distro list. I should think that some people who don't even know what Slashdot is got this spam and are now rather confused. If they used a Slashdot mail list, surely everyone who reads Slashdot would have got the mail? I'm betting that only a small proportion of Slashdot regulars got spammed.

Spam, the ultimate coders itch. (1)

Some guy named Chris (9720) | more than 14 years ago | (#1846940)

Man, spam sucks!

I got this thing this morning (along with my dozen or so other morning spam).

Filtering spam is such a hard thing to do. You would think that some creative and talented person would come up with a foolproof way to kill those things before we ever see them.

I suppose the hard part is not letting spam through, but never, ever tossing real mail.

Re:Pay-Per-Click... (1)

Jeff Knox (1093) | more than 14 years ago | (#1846945)

Actually, you just have to get signed up with a professional banner advertising company. Go check out safe-audit.com. They are very professional, you actually receieve your money. They have ads that pay anything for 5-30 cents a click, or they also have some that pay like 2 dollars or so for 1000 views. Check them out, ocassionally there servers have problems, but overall they are the best I have found.

Re:good question (1)

smcd (634) | more than 14 years ago | (#1846946)

Sorry I didn't mean to insinuate that /. sold the list of emails but rather that they were stolen...

Hello? (0)

Anonymous Coward | more than 14 years ago | (#1846948)

Looking at those headers and even the body of the message, how could anyone think that the message actually came from /.? Or are there really that many clueless lusers reading /.?

Too late. (2)

Booker (6173) | more than 14 years ago | (#1846950)

The loonies have left the gate, I'm sure. And this right after we read the Andover News bit about rabid slashdotters. *sigh*

Re:The connection between slashdot, RC-5 and porn (1)

mistered (28404) | more than 14 years ago | (#1846951)

Just a note on my earlier comment, to explain where trafficcash.com came from:

http://chat.ru/~sexybabies/hot.htm is the actual page to which http://join.at/freepc points.

In that page's HTML, his click-through banners are of the following form:

Link:
a HREF="http://www.truly18.com/cgi-bin/click-te.cgi? alexgurry"

Image:
img src="http://www.trafficcash.com/newsite/banners/18 ban2.jpg"
alt="Truly 18" border="0" width="460" height="68"

Re:International Law (1)

zur (37151) | more than 14 years ago | (#1846953)

> Does that invulnerability work both ways? Could the sender of the mail be spammed just as he has spammed others? I like that:
> "Spam not unto others lest ye be spammed."


As spam.abuse.net [slashdot.org] says, don't follow up to spam postings, lest your posting also become spam. Nothing is gained by fighting evil with evil, we should hold the high moral ground in these issues.

Deja(news) search (2)

Booker (6173) | more than 14 years ago | (#1846957)

Check out this link [deja.com] for a posting history with this address... note, however, that even this is not proof that "alexgurry@intra.ru" is the originator. Sure does look like it, though.

Sad (1)

Da Unicorn (941) | more than 14 years ago | (#1846964)

/me wonders if the power of the /. "effect" is a valid weapon against these lamerz?

Much like the line "Never get out of the boat" from Apocalypse Now. ... "NEVER post your email to a public forum"

After about 5 years of strictly adhereing to this rule, I get little spam. YMMV.

Just my opinion and not that of my company.. Wait we are one and the same...erk.

Da

Service with a smile (1)

imac.usr (58845) | more than 14 years ago | (#1846965)

Wow, I've only been reading /. for a few weeks and already I'm a "dear" member. Not only that, but they're always thinking of me, too. And, according to the link, they're even willing to offer me a free PC. Who says Linux users aren't friendly?

Thank god I already obfuscated my email address.

make msg easier to read! (0)

Anonymous Coward | more than 14 years ago | (#1846966)

hemos,
can ya wrap that mail header in tags?? it'd make it -much- easier to read.

Reason for using slashdot.org (1)

dylan_- (1661) | more than 14 years ago | (#1846967)


If you pretend to be Slashdot.org when sending out spam, then it will get reported on Slashdot. They will probably show the entire message. The porn sites you're promoting get slashdotted. Loadsa hits! Everyone is happy (cept Slashdot of course).

dylan_-


--

The wrong people to annoy. (1)

murrayc (19323) | more than 14 years ago | (#1846968)

How stupid is this guy? He just pissed off a bunch of hackers - the people who are most able to do something about it.

IIS 4.0? (0)

Anonymous Coward | more than 14 years ago | (#1846969)

Maybe they're running IIS 4.0 :D

Re:good question (1)

smcd (634) | more than 14 years ago | (#1846970)

Not if they wanted to disguise the fact that it was a /. mail list they stole. Let's just say I'm VERY suspicious about this. My email address isn't that old and I don't get much spam...

Re:The wrong people to annoy. (1)

iota (527) | more than 14 years ago | (#1846971)

Hackers are less likely do "do something about it" than, say, crackers, which is what you are probably thinking of.

jason

Re:/. effect as a source of good? (2)

substrate (2628) | more than 14 years ago | (#1846972)

Somebody post the link. I ordinarily just submit spam to spamcop and hope that takes care of it, it'd be kind of cool if they got too much of a good thing, maybe for a few days running.

Re:Well, where did he get my address then? (1)

iturbide (39881) | more than 14 years ago | (#1846993)

Doubtful. This was the first time I ever, ever, commented to anything on slashdot, and if you click on "user info" you'll find it pretty uninformative.
Or are you referring to something I haven't thought of?

Re:The wrong people to annoy. (2)

Stephen Williams (23750) | more than 14 years ago | (#1846994)

Hackers are less likely do "do something about it" than, say, crackers, which is what you are probably thinking of.

Ah, but "doing something about it" might mean "use the Received: headers to trace the message, and complain to the ISP". Hackers/geeks/nerds are technically savvy enough to know how to do this. "Average users" may not be. Hence, hackers (in the Slashdot sense of the word) are a bad choice of people to spam.

How to LART this spammer: (3)

strredwolf (532) | more than 14 years ago | (#1846995)

Right out of the books from SPUTUM [sputum.com] and Sam Spade [samspade.org] , both good anti-spam sites...

mx.icp.rssi.ru is an OPEN RELAY used by spammers to hide their tracks. Complain to postmaster@rssi.ru about it and send this spam to them, with full headers.

The spammer is hosted via intra.ru. Send mail to abuse@intra.ru and postmaster@intra.ru with the full headers and spam and say "You have a spammer on your system which is compromizing security and profits. Please remove."

Also, visit The Radparker Relay Spam Stopper [radparker.com] to block the relay on subscribed systems.



---
Spammed? Click here [sputum.com] for free slack on how to fight it!

Re:good question (0)

Anonymous Coward | more than 14 years ago | (#1846997)

I'm suspicious too. I wonder if the /. guys will
review how these addresses got out. Enough with the random mailing bs.

I hope /. isn't selling their "members" names for $$$.

Re:IIS 4.0? (1)

larien (5608) | more than 14 years ago | (#1846998)

According to Netcraft:
join.at is running Apache/1.3.3 (Unix) on Solaris
Pity...
--

International Law (1)

_J_ (30559) | more than 14 years ago | (#1846999)

This situation sounds like the sort of thing that could never be resolved over borders. The source of the spam is probably too slippery to be nailed. Therefore...

Does that invulnerability work both ways? Could the sender of the mail be spammed just as he has spammed others? I like that: "Spam not unto others lest ye be spammed."

Not that I'm trying to provoke anything, but his account, heck his ISP's server, could be maxxed out fairly easily.

Oh whatever...


J:)
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...