Spammer Revenge!
If you regularly use email, you are probably like me in getting tons and tons of unwanted, unsolicited SPAM. Recently, the amount of trash in my inbox has increased to the point that I get on the edge of physical violence and want to do some very, very nasty things to those #@*^$ spammers. Luckily, before having to do something that might get the police after me, I am trying an alternative strategy.
Email Spam
I used to just hit "unsubscribe" or send nasty letters to the “from” address, but as I learned, the from address is usually fake and clicking “unsubscribe” simply confirms to the spammer that you have a working email address so he can send you more spam.
So, I just started tracing the origin of the email to the spammer's ISP (Internet Service Provider) and sending the ISP a letter, with much better success than sending idle threats or unsubscribe requests to the spammers themselves.
When junk email gets into my inbox, I
a.) find the e-mail’s header
(in outlook, it is under the view menu view --> options, and usually can be found in all common email software as well as hotmail)
b.) find the true, non-faked from address -- usually under the line
Received: from frodo7.2np.net (frodo7.2np.net [168.143.122.148])
with the "Received: from" line being the key line
c.) from a command prompt run "tracert 168.143.122.148"
where the IP is the IP from the “from” field of the header.
d.) in the tracert output the second to last domain name is usually the spammer's ISP or email provider
For example, when the email is from "[email protected]" I would run tracert as such:
tracert 2np.net
Tracing route to 2np.net [168.143.122.65]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.0.1
2 10 ms 9 ms 9 ms TL6-9-001.tca.net [208.180.9.1]
3 10 ms 14 ms 12 ms cdm-208-0-209-brcs.cox-internet.com [208.180.0.2
09]
4 13 ms 11 ms 7 ms cdm-208-0-129-brcs.cox-internet.com [208.180.0.1
29]
5 20 ms 20 ms 15 ms cdm-66-0-61-tylr.cox-internet.com [66.76.0.61]
6 17 ms 19 ms 17 ms gige8-0-513.ipcolo1.Dallas1.Level3.net [209.246.
152.245]
7 19 ms 19 ms 17 ms gigabitethernet10-2.core2.Dallas1.Level3.net [20
3.81]
13 69 ms 67 ms 69 ms p4-6-0.r00.sndgca01.us.bb.verio.net [129.250.3.1
0]
14 83 ms 66 ms 65 ms ge-1-1.a04.sndgca01.us.da.verio.net [129.250.27.
85]
15 114 ms 69 ms 72 ms web.2np.net [168.143.122.65]
Trace complete.
The spammer's ISP is then verio.net, to whom I shall send an email.
e.) send a NICE email to and
Remember that you are trying to work with the spammer’s ISP, not against them. Letters that threaten legal action will probably be ignored or forwarded to their legal department.
Here is what I send:
Hello. The spammer below is either using your resources to send out bulk
unsolicited commercial e-mail ("spam") or is deceptively trying to make it
look like he is. In either case, a legitimate company like yours probably
would not approve. The information below should be all you need.
--e-mail header follows—
Usually it is sufficient to just send the full header of the offending email.
f.) You will probably get a generic response, but you might get one saying that the spammers account has been deleted, fined and banned! Either way, you can feel better about having done something to deal with all that SPAM.
Instant Messaging Spam
For spam you get in instant messaging programs, you can usually copy the link in the IM to your clipboard and view the URL by pasting in into notepad. If the provider is geocities or another such free web host, you can usually report the site to or and the spammer’s account will be deleted.
Well, that's it. I hope my little tutorial proves useful in slowing down at least one spammer, so I don't have to resort to violence for one more day.
