391 captures
10 Dec 1997 - 02 May 2024
Dec
JAN
Jun
24
2000
2002
2003
success
fail
About this capture
COLLECTED BY
Organization: Alexa Crawls
Starting in 1996, Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to the Wayback Machine after an embargo period.
Collection: Alexa Crawl DL
Crawl DL from Alexa Internet. This data is currently not publicly accessible.
TIMESTAMPS
The Wayback Machine - http://web.archive.org/web/20020124184904/http://math-www.uni-paderborn.de:80/~axel/BL/blacklist.html
==================================================================
Canter and Siegel acknowledge Blacklist's importance in interview:
"On the day
the anti-advertising vandals can convince customers
not to buy from Usenet advertisements,
that is the day advertising will stop."
==================================================================
The list is posted regularly to several newsgroups, stored on a number of
FAQ archives around the world and the most recent
version is always available on the WWW as
http://math-www.uni-paderborn.de/~axel/BL/.
Titus Brown (http://www.cco.caltech.edu/~cbrown/)
is kind enough to operate a temporary mirror of the list in the US. It
is updated daily and accessible as http://www.cco.caltech.edu/~cbrown/BL/
If you read the non-html version and you don't know what to do
with all the links given or what the WWW is or how to access it by email,
send mail to mail-server@rtfm.mit.edu with the text
send usenet/news.answers/www/faq/*in the body of the message.
Whenever you see a link of the
form "BL/something" here, you can get a valid WWW
address by prepending the string
"http://math-www.uni-paderborn.de/~axel/" for the German
version or "http://www.cco.caltech.edu/~cbrown/" for the
US version of the list.
news.admin.net-abuse.usenet
and news.admin.net-abuse.email.With "inappropriate commercials" I basically mean ads posted to unrelated newsgroups or mailing lists or to those which traditionally don't tolerate commercial messages. The number of complaints I receive is also a factor.
Everyone added to the blacklist gets notified so that they can correct possibly
inaccurate information. As a general rule, people are taken off the list after 3 months
unless they repeat their behaviour. Their entries are then moved to the
archive at BL/archive.html
for educational purposes. Note that the archive is not part
of the blacklist as such.
BL/blacklist_philosophy.html.
Spam has its own page on the WWW: http://www.smalltime.com/nowhere/findthespam/
featuring a spam contest and many comments. More appropriate for our
purposes is the SpamCam, featuring a frequently updated picture of
rotting spam at http://www.fright.com/spam/spamcam.html.
Spam was also the main
ingredient in a hilarious Monty Python sketch: http://ic.net/~jheaton/spamskit.htm
is the transcript and http://montypython.virtualave.net/sketchsounds.htm
has some sound recordings and ftp://ftp.eskimo.com/u/k/kilroy69/pub/wavs/spamsong.wav
is the song.
On the Internet, spam stands for the
posting of multiple copies of the same
(or slightly altered) article to many Usenet newsgroups, without
crossposting them. This means that the article will be transmitted to and
stored on every Usenet host multiple times: once for every newsgroup
involved. EMP (Excessive Multi-Posting) is a different name for the
same thing. The word spam is also used for bulk email: sending the
same message to many people at once who haven't asked for it. By looking at the above Monty Python sketch, try to figure
out why the word "spam" was chosen.
The Velveeta home page is at http://www.kraftfoods.com/velveeta/velv_index.html?B=13&L;=3.
On the Internet, Velveeta means the excessive crossposting of an
article to many newsgroups, and is also known as ECP. "Crossposting"
means that physically only one copy of the article travels round the
world, but it will show up in many newsgroups. Most of the time, most
of these newsgroups have nothing to do with the topic of the article.
Spam is much worse than Velveeta (try it!). Recently, more and more mixtures of the two appeared: many copies of an article, each of which crossposted to a large number of newsgroups. Some call this "jello".
For the definite source of definitions for these terms (and also for a
nice formula measuring the badness of jello), refer to the
FAQ "Current Usenet spam thresholds and guidelines" at http://www.math.uiuc.edu/~tskirvin/home/spam.html
For the purposes of this list, I won't make a distinction between spam, velveeta and jello - if the ad ends up in a wrong newsgroup, then it is by (my) definition inappropriate advertising and will be recorded. The worst of all is of course bulk email.
http://www.anywho.com/tf.html. Note that you should always use a public phone when calling a 1-800 number: the standard caller ID feature of 800 numbers will be useless and the call will be more expensive for the recipient.
BL/demand.txt.
Some people advocate billing
the spammer's access provider instead.
See http://www.blarg.net/~gyro/money/money.htm for details.
You can read a real world account of an access provider billing
a remote spammer at http://www.kclink.com/spam/index.html. The bill is now with the collection agency and the spammers are about to be taken to court.
I would like to have some more reports about real world experiences with this approach.
killfile-faq, available via anon ftp from ftp.cs.columbia.edu in the directory /archives/pub/usenet/news/answers.
procmail, mailagent or
filter for this task from the Mail filtering and
Robots page http://www.ii.com/internet/robots/ http://www.clis.umd.edu/dlrg/filter/http://www.let.rug.nl/pegasus/
procmail and an AI engine like emacs doctor to engage them
in a fake mail dialog.
BL/fletch.txt and reflect about
possible uses :-)
alt.revenge
lynx -dump http://math-www.uni-paderborn.de/~axel/BL/ |
sed -n /===Blacklist start===/,/===Blacklist end===/p |
your_script_goes_here
postmaster@uni-paderborn.de.If you want to do it right though, you'll have to start a Blacklist of Blacklist Maintainers.
Also, please keep the threats of legal action coming -
you don't do it in vain: the most amusing ones are published as BL/threats.txt
while flames go to BL/flames.txt
Moreover, all usenet postings concerning the Blacklist will have the word "Blacklist" somewhere in the subject line. Put it in your kill file and you won't have to hear about it ever again.
http://kryten.eng.monash.edu.au/gspam.html#instructions has the details.
adcomplain. It can be gotten from
the author's homepage http://www.rdrop.com/users/billmc. It is a
good idea to familiarize yourself with the various header fields of
news and email articles; often it is very easy to spot if some spammer uses a
bogus From-line (in which case you should still report the spam, but
to the correct sysadmin). Having forged email headers will usually
cost them their account. You can find out the proper email address
to send complaints to from http://abuse.net
http://www.dejanews.com is especially helpful here. Another thing to do about smut spam: try to find a legitimate business operating from the same site as the spammer and send them "inadvertantly" a reply to the smut.
http://www.servtech.com/public/phoenix/computers/spam/despam.html. While Despam uses static (but updatable) patterns to detect email spam, the program "Spam Be Gone" at http://www.internz.com/SpamBeGone/ uses a more sophisticated machine learning approach. It works even
with Eudora under Windows. Another filter to combat spam in all
its forms is ByProxy, created by Besiex and available at http://www.besiex.org/ByProxy/index.html
SPAM-L which resides on listserv@peach.ease.lsoft.com
http://www.e-scrub.com/wpoison/
news.admin.net-abuse.usenet.
More information about the net-abuse groups and net-abuse in general is
contained in the FAQ, which is
available
as http://www.cybernothing.org/faqs/net-abuse-faq.html
Cancelmoose[tm] <moose@cm.org> did all the spam
canceling, but now she is working on a different approach called
NoCem. You can read more about it on the Moose's homepage at http://www.cm.org/nocem.html.
unspam can help you in locally deleting spam - you
won't have to wait for Cancelmoose[tm]'s cancel messages. However,
it can't detect the spam - you need to know. It's at BL/unspam.txt. A more
sophisticated tool is the Spam Hippo at http://www.spamhippo.com, a patch to the INN news software which detects and delets multiple postings, both those originating locally and those coming in from elsewhere.
BL/majordom.txt.
BL/spam_detect.txt.
uce@ftc.gov
enforcement@sec.gov
http://www.law.cornell.edu/uscode/18/2701.html)
prohibits the "intentional access without authorization of a
facility through which an electronic communication service is
provided." Junk emailers who have previously been prohibited from accessing
services on your machine through the SMTP port
might well be violating this law and are then subject to a fine
of $250,000 and one year in prison for a first-time offense. Civil
action can be brought, and damages are $1,000 or more.
http://www.law.cornell.edu/uscode/47/227.html), even though not intended to ban email spam, can also be used against
junk emailers; this is due to the fact that most modern
modem-equipped computers with an attached printer
fit the definition of a fax machine in USC 47 section
227(a)(2). You can sue for
$500 per violation; the court can increase this to $1500 if
violator
acted willfully or knowingly. The case Destination Ventures
v. FCC, 46 F.3d 54 (9th Cir. 1995) held the ban on unsolicited fax
advertisements to be constitutional, noting that the ads
unfairly shifted costs to the recipients. Clearly, this
argument applies to junk email as well (many two-way
pagers and PDA's charge per incoming email, other users connect
long-distance or with ISDN to their service provider and pay for
download time). Robert Arkow filed a lawsuit based on this
legal theory in 1995; the case was settled out of court, and
terms can't be disclosed.
http://www.cauce.org/. For European efforts, check out EuroCAUCE at http://www.euro.cauce.org
BL/damages.html
afried@nocs.insp.irs.gov or net-abuse@nocs.insp.irs.gov with a short explanation. Do not forward ordinary pyramid schemes or other spam to these addresses.
http://com.primenet.com/spamking/spamdam.html
http://www.usps.gov/websites/depart/inspect/consmenu.htm; there's also something called the National Fraud Information Center at http://www.fraud.com
http://www2.thecia.net/users/rnewman/scientology/home.html
Also, the common Get-Rich-Quick and Make-Money-Fast pyramid schemes
don't belong on this list. They usually come from newbies who are
scared to death by some 20 well-written flames, and I believe
blacklisting them here
would be too harsh a treatment. However, if you catch one of these
idiots, you can make money fast. For details, read BL/idiots.txt. Legal information
about money making pyramid schemes is available at BL/pyramid_legal.txt and
also from the very comprehensive Make Money Fast Myth page at http://www.stopspam.org/usenet/mmf/index.html
A blacklist of Make-Money-Fast posters can be found at http://www.clark.net/pub/rolf/mmf/
If you are like me and fed up with real-world junk mail as well, check out the
excellent Junkbusters pages at http://www.junkbusters.com.
Especially take note of their cool information about 39 U.S.C section
4009 and the subsequent supreme court decision which allows
U.S. citizens to issue prohibitory orders against junk mailers. I've
tried it, and it works. Junkbusters also ship a free utility to get
rid of advertising banners on the web.
comp.infosystems.www.announce
does not accept commercial announcements any more, since it
is operated by a volunteer. But you can
find a twice-weekly FAQ titled "** FAQ: How To Announce Your New Web Site
(Other Places) **" at http://ep.com/faq/webannounce.html.
This page also gives you information about how to get your page listed
in the various
WWW libraries, indexes and search engines.
You can publish your WWW address in paid ads in the print media
as well.
If you must advertise on usenet, then the biz.* and
*.marketplace groups are for you (not all at once!). As a general
rule, you should read
every group for at least a week before you post anything there. This
way, you can find out what the group is all about and whether
commercials are appreciated there. Note that *.forsale groups were
created to accommodate users who want to sell some personal
stuff and not for commercial ads. Also: the *.marketplace
groups in local hierarchies like ny.* are only for
products that have a genuine connection to that area, e.g. New York; it is
not sufficient that you hope that someone from New York might
want to buy your product. For information about these advertising
newsgroups check out the Usenet Marketplace FAQ at http://www.fmn.net/FAQ/attitude.html
Never send out unsolicited commercial e-mail to individuals or mailing lists. Bad things will happen to you. Some people will tell you otherwise, usually because they intend to make money off you.
Here is a list of documents describing the netiquette and how it relates to advertising:
news.announce.newusers
newsgroup, which are archived at http://www.faqs.org/faqs/by-newsgroup/news/news.announce.newusers.html.
The Usenet primer by Chuq Von Rospach and the Usenet Posting Rules by Mark Horton are good places to start.
BL/netmyths.html and has been contributed by Guy Berliner.
<pb@fasterix.frmug.fr.net>
who tries to keep the French usenet hierarchy fr.* clean
of all commercials. It is written in French, posted regularly to the groups
fr.news.reponses, fr.news.divers and
fr.biz.d and available on the web as http://www.freenix.fr/liste-pub/.
Comes with neat cost estimates for all the ads.
There's now a wonderful Blacklist of Internet Service Providers who
are friendly to spammers. It's a realtime Blacklist, which means that
an ISP is put on the list as soon as spam is received. What's more, it's easy to join a network of
providers which completely ignore and drop all email traffic
originating from these assholes. Patches for popular email transport
software
are
available. It's called the Realtime
Blackhole List at the Maile Abuse Protection System, http://maps.vix.com. This site contains
valuable information for honorable ISP's as well. This looks very much
like the technical solution to email spam we have been waiting for so desparately.
A very comprehensive Blacklist of current email spammers ready for use
in email blocking software is at http://www.webeasy.com:8080/spam/.
The Spam Archive at http://www.spam-archive.org/
has a huge list of past spamming email addresses. You can also forward
received spam to them and they'll include it in their list.
The Anti-Spam Project at http://www.bitgate.com/spam/
is specifically targetted at junk email. It has a list of domains that
send out junk email and a mail filter program ("BlackMail") that sysadmins can
install to refuse all email from those sites, or filter incoming mail
based on other criteria. BlackMail can also be used to prohibit
outgoing spam from your domain. There's also a mailing
list for discussion of spam fighting that you can join.
Adam Frey maintains the FAQ for the australian ads usenet hierarchy
aus.ads at ftp://archie.au/usenet/FAQs/aus.ads.forsale/
with a Blacklist section at the end.
Eric Bernabe <ebernabe@anet-stl.com>
maintains a Make-Money-Fast page which contains a blacklist-like
section. It is at http://www.basenet.net/~ebernabe/makefast.html
Monica Cellio <mjc@telerama.lm.com>
has a list of all people who have spammed her at http://www.cs.cmu.edu/~mjc/spam.html
Sarang Gupta <sarang@sarangworld.com>
keeps a list of spammers and several good suggestions about what to do
with them at http://www.sarangworld.com/800.shtml
The Eddy's keep a list of people or sites that spammed them, and block
further emails from them. It's at http://www.iinc.com/~tyche/abused.htm
Sisyphus6 <sisyphus6@technologist.com>
maintains a hilarious "MMF Hall of Humilation" at http://ga.to/mmf/ where
spammers are exposed in an hilarious manner.
You want your name and address to be visible forever to anyone with
access to a search engine? Boy have I news for you! The same site
hosts a database of Make-Money-Fast crap at http://ga.to/sisyphys/
Neil Schwartzman <neil@petemoss.com>
maintains a list of junk mail with a ready-to-use procmail file that
filters them out of your mailbox. It's at http://alcor.concordia.ca/topics/email/auto/procmail/spam/
Then there is a Lamer List at http://hnet.hutton.com/~mredrain/metoo.html
put together by Michael Red Rain <sundancr@gate.net>. It
contains the email addresses of people that posted "ADD ME TOO!!"
articles.
The GIGO Game at http://www.mindspring.com/~mdpas
contains a blacklist of junk emailers. It is put together by Mark
Paschal <mdpas@mindspring.com>.
Robert Braver maintains a cool Telemarketer's Hall of Shame, complete
with their home phone numbers :-), at http://telejunk.norman.ok.us/
The "Fight Spam Page" at http://spam.abuse.net
featured a list of rogue domains and sites that allow spamming
(discontinued because of legal threats). It's
also a great resource for spam fighting efforts, contains a list of
responsible ISPs, and is much more actively
maintained than this Blacklist, and you can even sign something and
join the campaign!
Last but not least, our warm and heartfelt thanks go out to
Mr. Vladimir Fomin for
compiling the Blacklist of Net.Nazis and Sandlot Bullies BL/net_nazis.html and to Dr John
Grubor for taking the time to
assemble the well researched list of Usenet Homosexuals BL/queer_list.html. Two
outstanding pieces of research; the large overlap between these lists
is evidence of a deep and intriguing and hitherto unnoticed statistical truth. I am
particularly honored to be featured on both lists. Please check out
the credentials of Dr Grubor at http://kendaco.telebyte.com/dharland/Grubor.FAQ.html
news.admin.net-abuse.usenet or news.admin.net-abuse.email.
However, you should first browse over the last couple of Subject
lines in that group to make sure that no one has reported that
incident before. Then, you should use an informative Subject
line
yourself. (Read the charters of the groups at http://www.cybernothing.org/faqs/net-abuse-faq.html).
http://www.compulink.co.uk/~net-services/spam/. It neatly automates the process of tracking down, insulting, and threatening spammers. Works with most email programs.
BL/junkmail.gif
and was designed by ReplyNet (http://www.reply.net/). Another version, by Rohan Exton, is at 
BL/junkmail2.gif. Still another, the purple ribbon, is at 
BL/prss1.gif. And then there is the banner of the Fight-Spam-Campaign at 
BL/spam-bar-1.gif and Jerry Dunn's 
BL/jospam.jpg
http://visar.csustan.edu:8000/HyperNews/get/blacklist.html
Please don't use that site to complain about specific advertisers.
http://math-www.uni-paderborn.de/~axel/BL/<ID>.txt
where the true ID is to be substituted for <ID> (or
by just clicking on the ID if you read the HTML version of this document).
===Blacklist start===
ID: CS941211
Name: L. Canter, M. Siegel
Address: 3333 East Camelback Road, Suite 250, Phoenix, AZ 85260, USA
Cybersell, P.O.Box 13510, Scottsdale, AZ 85267, USA
Cybersell, 10245 E. Via Linda, Suite 222, Scottsdale,
AZ 85258, USA
Phone: (602) 661-3911, (602) 661-5202
Email: 73450.3565@CompuServe.COM
Entered: 1994/12/11
Changed: 1997/01/15
Behavior: The famous greencard lawyers. In 1994, they repeatedly sent
out a message offering their services in helping to enter
the US greencard lottery to almost all usenet newsgroups.
(Note in passing: they charged $100 for their service, while
participating in the greencard lottery is free and consists
merely of sending a letter with your personal information at
the right time to the right place.) When the incoming mail
bombs forced their access provider to terminate their
account, they threatened to sue him until he finally agreed
to forward all responses to them. Read all about it with gopher
gopher.well.sf.ca.us in Authors, Books.../Online Zines.
They signed an agreement with their access provider, PSI, to
refrain from sending out junk e-mail or spamming usenet.
Nevertheless, they have repeatedly spammed usenet again,
although the postings were quickly found and canceled by
the cancelbot Cancelmoose[tm]. PSI has cut their USENET
access. They have since written a book, "How to Make a
Fortune on the Information Superhighway" and founded an
internet advertising company, Cybersell. The book promotes
several advertising strategies on the internet including
gathering addresses from usenet and sending out junk e-mail,
posting commercials to inappropriate newsgroups, advertising
on irc and even via talk. They basically contend that all
these behaviors are legal and therefore ok. They ridicule
the terms "internet culture" and "netiquette" and claim that
the internet, once all real-world laws are applied to it,
will make a great source of income for attorneys. Canter
& Siegel were behind the grand Credit Repair Spam
and the Virtualmall spam. This finally forced their service
provider, psi.com, to cut them off completely as of 1995/02/12.
Update: At 1995/03/01, cyber.sell.com apparently
acquired a new feed from sprint (800-669-8303). However,
they can't be reached with ping yet. Sprint apparently has
decided against providing access to them.
On 1995/03/22, they spammed usenet again, this time with an
ad for their book. A couple of interesting things to note
about this one:
- They spammed from two accounts, one on netcom and one on
crl. The accounts have been nuked.
- They put certain usenet hosts in the path line, so that
their spam wouldn't reach these hosts, thereby trying
to avoid the spam cancelers. To no avail, of course.
- They systematically varied From and Subject headers, again
hoping to avoid being canceled.
- They forged Approved-headers, so that their ad appeared
in several moderated newsgroups.
- The spam spilled into several mailing lists, prompting
the following anti-spamming policy from the Debian
mailing list: BL/debian.txt.
The Water Spam, also orchestrated by C&S, shows similar
characteristics.
Remarks: Don't bug the owners of cybersell.com; they were the access
providers for (and hence victims of) C&S during their
first spam and acquired the domain name cybersell
immediately - very much in the spirit of creative punishment
:-) It appears though that that C&S now (1997/01/15)
owns cybersell.com after all.
ID: AD941223
Name: Jess Guim, Advanz Home Office Companion
Address: 319 East 95th Street, Dept. 2, New York, NY 10128-5761, USA
Email: adhoc@ix.netcom.com
Entered: 1994/12/23
Changed: 1995/01/21
Behavior: Posted their ads about desktop publishing to several
rec.food groups.
Advertises his tool for creating e-mail lists of potential
customers via unsolicited e-mail. When complaining to him,
he sends even more information about his program.
Remarks: He claims to give a 30 days money-back guarantee on his
products.
ID: TM941223
Name: TMI
Phone: voice: 408-429-5400, fax: 408-429-6100
Email: tmi@scruznet.com
Entered: 1994/12/23
Changed: 1995/01/21
Behavior: Spammed the soc.culture hierarchy with ads for discount
telephone service. Repeated it even after having been
blacklisted.
They recently tried to find out Cancelmoose[tm]'s spam
criteria by posting a sequence of low-volume spams, which
were classified as part of one big spam and hence canceled.
Remarks: They have now their own domain, tmi.org, but continue to use
the newsserver of scruznet.com.
ID: KL950105
Name: Kevin Jay Lipsitz a.k.a. Krazy Kevin, Magazine Club Inquiry
Center
Address: 350 Richmond Terrace #5-P, Staten Island, NY 10301
PO Box 990, Staten Island, NY 10312
Phone: 718-967-1234, 718-967-1550 (fax),
718-967-1144 (fax), 800-433-1357
Email: krazykev@escape.com, krazykev@kjl.com
lipsitz@ingress.com
Entered: 1995/01/05
Changed: 1997/01/15
Behavior: Spammed almost the whole usenet repeatedly with anonymous
ads (Hi, my name is Anne Nelson...") for a long distance
calling plan. He was warned by the admin of the anon server,
then lost his account there and did it again with a new
account. He told me on the phone that a company called Card
Call USA, INC. 6232 N. 7th ST. #109 Phoenix, AZ 85014
Phone: 602-264-7000 Fax: 602-266-0687 uses a pyramid-like
promotion scheme where every customer gets a commission for
each new customer they bring and in turn for each new
customer these new ones bring and so on up to level 7.
Kevin Lipsitz is a customer of Card Call USA and tries to
bring new customers to get these commissions. His using the
anon server is evidence enough that he knew that he was
doing something wrong. Incidentally, he sent me the
membership application for CC USA. Point #6 of the contract,
which Kevin most probably signed, reads: "6. I agree to
operate in a lawful, ethical, and moral manner and to do
nothing that will adversely reflect upon CCUSAI, its clients
or its other Independent Sales Representatives. I understand
that any act deemed by CCUSAI to be detrimental to CCUSAI,
in any manner, is grounds for the termination of my status
as Independent Sales Representative and all corresponding
commissions." As of 1995/02/20, he uses the new e-mail
address at escape.com. On 1995/02/26, he anon-spammed
again, this time advertising his magazine club. It occurred
again on 1995/03/04. He is also the source of the
ubiquitous and persistent "===>> World's *Cheapest*
Way to get USA Magazine Subscriptions..." postings and
email list spams. The return address of these is often a FAX
server. If you see a line "Hi, my name is <insert favorite
female>", then it's from him. There have been complaints
that he doesn't deliver all ordered magazines.
Still spamming mailing lists as of 1996/04/30. Now uses
throwaway AOL accounts.
Has received a court order to stop using AOL addresses in
summer 96.
Remarks: I tracked him down by answering to one of his ads using an
old e-mail address, to which he promptly responded. The
second time, I responded again to his anon ad, and he
apparently recognized me and tried to harass me over the
phone. Next was a truly pathetic first attempt at
mailbombing. [Kevin, next time pick an ftpmail service
without per day traffic limits, jeeez] His account on
panix.com is no more. An excellent analysis of one of his
recent postings and lots of personal information about him
is at BL/kl_info.txt Recently,
several articles about him, including cancel reports, have
been canceled from news.admin.net-abuse.misc. As of
1996/05/01, he owns his own domain kjl.com; internet access
is provided by escape.com and connect2.com. Complaints
should properly go to roman@escape.com, the administrator of
escape.com and jolsin@connect2.com, the coordinator of
connect2. Escape.com is unresponsive; access is provided by
sprintlink.net. Mail to root@kjl.com is pointless since this is
Kevin himself. His 1-800 number reaches him, even though he
usually comes up with some bogus denial. Recently, an
analysis of one of his email list assaults has been posted
at http://www.iac.co.jp/~issho/stop-spam.html
The National Fraud Information Center is collecting
information about him; read BL/kk_fraud.txt and http://www.fraud.org/news/1997/jul97/070897.htm
If you feel that
some of his activities are criminal (involving fraud,
harassment or theft of services, for example), you might
wish to send a succinct letter to
Supervisory Agent Robert E. Schlabach
FBI
1 Center Plaza, Suite 600
Boston, MA 02108
USA
ID: KK950105
Name: Kim Kerns, Applied Information Technologies, Inc.
Address: POB 2634, Midlothian, VA 23113, USA
Phone: 704-559-5988, 800-576-5146, 804-378-8050
Email: applied@vnet.net, BYNH09A@prodigy.com, lorcine@aol.com
Entered: 1995/01/05
Changed: 1995/01/09
Behavior: Spammed many newsgroups with a long distance calling plan. Varied
subject lines, posting sites and exact text, apparently to avoid
cancelbots.
The company selling the phone service is Applied Information
Technologies, Inc., POB 2634, Midlothian, Va. 23113. This company
employs a promotion scheme offering commission to every customer
for each call people sponsored by them make.
After being blacklisted and notified about it, he did it again
repeatedly.
Remarks: Note the 1-800 number. He doesn't seem to own vnet, so you
can put pressure on his postmaster.
ID: CY950121
Name: Cybergear
Address: 2770 St. Albans NW, North Canton, Ohio 44720, USA
Email: cybergear@delphi.com
Entered: 1995/01/21
Changed: 1995/10/30
Behavior: Posted their ad for t-shirts to at least 30 unrelated
newsgroups, sometimes changing the subject to avoid
canceling and to make the postings technically on-topic.
Did it again on 95/02/05. And again in May.
ID: BO950212
Name: Stuart Bar-On, Parallel Performance Group, Meridian Marketing
Address: 450 Jordan Rd., Suite E, Sedona, AZ 86336, USA
Phone: (520) 282-6300 (voice), (520) 774-0896 (fax)
Email: ppg@ppgsoft.com, ppginc@shell.portal.com
ppginc@earth.usa.net, ppg@primenet.com, strand@ppg.strand.com
ppg@unicomp.net, info@ppginc.com
ppg@ppgsoft.com, news@ppginc.com
ppg@infomagic.com
Entered: 1995/02/12
Changed: 1997/03/02
Behavior: Engage in a large-scale ongoing junk e-mail assault.
Sent out unsolicited e-mail ads to postmasters, who were
supposed to forward it to their "Marketing Directors". They
got the addresses from InternNIC's list of registered domain
names.
In addition, they gathered e-mail addresses from usenet
postings and sent unsolicited commercial e-mail to those.
A new junk e-mail wave occurred around 1995/02/28. This time from
unicomp.com. I suspect that they scan usenet postings for
certain Organization-lines in the header.
They are still at it as of 1996/06/01.
Remarks: Their mail-bots and WWW pages are maintained by
zoom.com. In addition, the domain name ppgsoft.com is owned
by Bar-On but is nothing but a bunch of mailboxes on
stealth.romoidoy.com.
The domain ppginc.com, also owned by Bar-On, contains only a
couple of mail-bots residing on unicomp.net.
Recently, they have been operating from romoidoy.com and
quinella.com is also owned by Stuart Bar-On for spam
purposes.
ID: CL950228
Name: Cyberlink Inc. and various agents
Address: 5855 Topanga Canyon Blvd., #520, Woodland Hills, CA 91367, USA
Phone: 818-702-0456 (fax), 216-461-1770 (fax), 216-231-2857 (voice)
800-266-2006 (voice)
Email: mvs3@po.CWRU.Edu, MRN@WVNVAXA.WVNET.EDU,
75017.605@CompuServe.COM, cyberlink@infomat.com,
fy755@cleveland.Freenet.Edu
Entered: 1995/02/28
Behavior: Persistent, slow spam of soc.culture.* groups, advertising
some long distance plan. Apparently, Cyberlink pays
commissions to agents who brings new customers, and several
of their agents spam. It's unclear whether Cyberlink is
aware of that. They need to change their rules.
Remarks: cyberlink@infomat.com seems to be an automatic mail-back
robot.
ID: WC950415
Name: WWCD Inc., Steve Schall
Phone: (410) 581-1110
Email: wwcd@wwcd.com, t-rock@access.digex.net, steve@wwcd.com
Entered: 1995/04/15
Behavior: Repeatedly posted announcements of their WWW server on a
large number of sports related newsgroups. Respond to
complaints with flames. Put at least 41 links to their
server on The-Mother-of-all BBS at
http://wwwmbb.cs.colorado.edu/~mcbryan/bb/summary.html
Remarks: Access provider is digex.net.
ID: JS951030
Name: Jeff Allen Slaton, a.k.a. SpAmKiNg
Address: 6808 Truchas Drive NE, Albuquerque, NM 87109
Phone: (505) 821.1945 (fax/data modem)
Email: Slaton@free.org, JSlaton@free.org
Entered: 1995/10/30
Behavior: Persistent and large scale email and usenet spam. Sometimes
wants $5 for taking someone off his mailing list. His
messages usually contain ads for other businesses, but
sometimes also illegal money making pyramid schemes. Always
uses fake From lines, sometimes in order to punish past
access providers. He announced that he would get a T1
internet connection through MCI in order to annoy them; MCI
has publicly stated that they won't give access to him. Some
articles on news.admin.net-abuse.misc criticizing him have
been canceled by an anonymous party.
Remarks: A web page containing personal information complete with
Social Security Number, photo, phone number of his employer,
and much more is at http://com.primenet.com/spamking/.
Some more information about where he lives is at
BL/slaton_personal.txt.
Please complain to the businesses advertising on his mass
mailings and boycott them. He is probably connected to the
net through a SLIP or PPP connection provided by InterRamp;
they are unresponsive and owned by PSI.
Contacting the Better Business Bureau about Slaton does not
make sense since they don't deal with Internet
cases. However, when it was suggested that the FTC be
contacted about Slaton's activities, he became *very* pissed
off. The New Mexico Attorney Genernal is investigating
Slaton's practices as well.
ID: PD951030
Name: Prime Data WorldNet E!Mail, Computer Enterprises, Vernon Hale
Address: 1132 Richards Rd, Bowling Green, Ky 42104, USA
Phone: (502)529-9106 (fax), (502)529-9304 (voice)
Email: worldnet@pwrnet.com,
cybrcash@ix7.ix.netcom.com, prime@mwci.net
create@netam.net
Entered: 1995/10/30
Changed: 1996/2/27
Behavior: Send out junk email newsletters with third party ads on
them. Some people received the newsletter again even after
having asked to be removed.
Remarks: Please complain also to the individual advertisers listed.
They have already lost an account on mwci.net because of
complaints. In the past, they have used toc.net to inject
the messages. They also maintain accounts on
valleynet.net. The admins of both valleynet.net and toc.net
don't see anything wrong with junk email and won't remove his
account. Has recently (2/96) changed his business strategy
to selling email spamming software by spamming usenet.
ID: IS960227
Name: Sunset Direct, Doug Monahan
Address: 9390 Research Blvd. Kaleido 2 Suite 350, Austin, TX 78759
Phone: (512) 464-8500
Email: webmaster@sunsetdirect.com,doug_monahan@mail.sunsetdirect.com,
doug_monahan@fiddleback.sunsetdirect.com
Entered: 1996/02/28
Behavior: Large scale, repeated, world-wide email spam advertising
their web site. Email addresses were obtained from usenet
postings. Mailing lists and usenet groups were hit as
well. Some of their messages contained fake return
addresses.
Remarks: Please inform the companies working with Sunset Direct (as
featured on their site http://www.sunsetdirect.com) about
Sunset Direct's marketing attempts. If they refuse to stop
sponsoring Sunset Direct, they should be boycotted as
well. Network connection is provided by netcom.net. A
publicly posted statement from Dough Monahan is available as
BL/monahan.txt and an emailed threat is at BL/monahan_threat.txt.
Apparently, he sends out lots of those.
ID: PE960301
Name: Promo Enterprises a.k.a. Cyber Promotions, Sanford Wallace
Address: 8001 Castor Ave., Suite #127, Philadelphia, PA 19152
1255 Passmore St, Philadelphia, PA 19111
Phone: 800-650-9110 (phone), (215) 289-4610 (phone), 800-650-9230 (fax),
215-288-9230 (fax), 215-743-3750 (fax), 215-288-9110 (phone),
215-628-9780 (phone)
Email: wallace@cyberpromo.com
Entered: 1996/03/01
Changed: 1997/09/23
Behavior: Repeatedly sent out unsolicited junk email containing an
amazing number of scams. Preferably targets online services;
sometimes uses fake return addresses. The domains
answerme.com, zapback.com, savetrees.com are also owned by Wallace.
The matter brought against them by ReplyNet was settled out
of court.
Have registered a large number of internet domains
recently.
Sometimes they spam by directly telneting to other ISP's
smtp ports. In the case of concentric.net, they have been
sued and lost.
They try to use different servers for different services
(email, usenet, www, nameserver) so as to make it harder to
cut them off.
Remarks: Mr Wallace has made his philosophy clear in a couple of
articles; read BL/wallace.txt. He
claims to only send his junk to people who have posted
commercial ads on the WWW or usenet, which is patently
false. A major war is going on between Wallace and AOL; AOL
blocked all junk from Wallace and Wallace sued. A judge
ordered the blocking to stop but was overturned. They
reached an agreement where AOL is allowed to block junk from
all users who don't specifically request it.
An Ohio judge in the Compuserve suit against Wallace called
his junk mailing "trespassing on private property" and
prohibited it. Updates about this case are at
http://www.tigerden.com/junkmail/
Prodigy won a suit against a Wallace banning him from using
Prodigy to spam.
The likely main feed provider for Cyberpromo is agis.net,
which has been unresponsive to complaints and condones email
spamming. For more information about Cyberpromo and Agis,
you can visit http://www.cyberpass.net/~fekete/
Cyberpromo was kicked off agis.net as of 20-Sep-1997.
In March 1998, Wallace lost a 2 Million Dollar lawsuit and
decided to leave the spamming business for good.
Wallace was previously in the junk fax business, until that
was outlawed.
===Blacklist end===