================================================================== Canter and Siegel acknowledge Blacklist's importance in interview: "On the day the anti-advertising vandals can convince customers not to buy from Usenet advertisements, that is the day advertising will stop." ==================================================================
The list is posted regularly to several newsgroups, stored on a number of
FAQ archives around the world and the most recent
version is always available on the WWW as
http://math-www.uni-paderborn.de/~axel/BL/
.
Titus Brown (http://www.cco.caltech.edu/~cbrown/
)
is kind enough to operate a temporary mirror of the list in the US. It
is updated daily and accessible as http://www.cco.caltech.edu/~cbrown/BL/
If you read the non-html version and you don't know what to do
with all the links given or what the WWW is or how to access it by email,
send mail to mail-server@rtfm.mit.edu
with the text
send usenet/news.answers/www/faq/*in the body of the message.
Whenever you see a link of the
form "BL/something
" here, you can get a valid WWW
address by prepending the string
"http://math-www.uni-paderborn.de/~axel/
" for the German
version or "http://www.cco.caltech.edu/~cbrown/
" for the
US version of the list.
news.admin.net-abuse.usenet
and news.admin.net-abuse.email
.With "inappropriate commercials" I basically mean ads posted to unrelated newsgroups or mailing lists or to those which traditionally don't tolerate commercial messages. The number of complaints I receive is also a factor.
Everyone added to the blacklist gets notified so that they can correct possibly
inaccurate information. As a general rule, people are taken off the list after 3 months
unless they repeat their behaviour. Their entries are then moved to the
archive at BL/archive.html
for educational purposes. Note that the archive is not part
of the blacklist as such.
BL/blacklist_philosophy.html
.
Spam has its own page on the WWW: http://www.smalltime.com/nowhere/findthespam/
featuring a spam contest and many comments. More appropriate for our
purposes is the SpamCam, featuring a frequently updated picture of
rotting spam at http://www.fright.com/spam/spamcam.html
.
Spam was also the main
ingredient in a hilarious Monty Python sketch: http://ic.net/~jheaton/spamskit.htm
is the transcript and http://montypython.virtualave.net/sketchsounds.htm
has some sound recordings and ftp://ftp.eskimo.com/u/k/kilroy69/pub/wavs/spamsong.wav
is the song.
On the Internet, spam stands for the
posting of multiple copies of the same
(or slightly altered) article to many Usenet newsgroups, without
crossposting them. This means that the article will be transmitted to and
stored on every Usenet host multiple times: once for every newsgroup
involved. EMP (Excessive Multi-Posting) is a different name for the
same thing. The word spam is also used for bulk email: sending the
same message to many people at once who haven't asked for it. By looking at the above Monty Python sketch, try to figure
out why the word "spam" was chosen.
The Velveeta home page is at http://www.kraftfoods.com/velveeta/velv_index.html?B=13&L;=3
.
On the Internet, Velveeta means the excessive crossposting of an
article to many newsgroups, and is also known as ECP. "Crossposting"
means that physically only one copy of the article travels round the
world, but it will show up in many newsgroups. Most of the time, most
of these newsgroups have nothing to do with the topic of the article.
Spam is much worse than Velveeta (try it!). Recently, more and more mixtures of the two appeared: many copies of an article, each of which crossposted to a large number of newsgroups. Some call this "jello".
For the definite source of definitions for these terms (and also for a
nice formula measuring the badness of jello), refer to the
FAQ "Current Usenet spam thresholds and guidelines" at http://www.math.uiuc.edu/~tskirvin/home/spam.html
For the purposes of this list, I won't make a distinction between spam, velveeta and jello - if the ad ends up in a wrong newsgroup, then it is by (my) definition inappropriate advertising and will be recorded. The worst of all is of course bulk email.
http://www.anywho.com/tf.html
. Note that you should always use a public phone when calling a 1-800 number: the standard caller ID feature of 800 numbers will be useless and the call will be more expensive for the recipient.
BL/demand.txt
.
Some people advocate billing
the spammer's access provider instead.
See http://www.blarg.net/~gyro/money/money.htm
for details.
You can read a real world account of an access provider billing
a remote spammer at http://www.kclink.com/spam/index.html
. The bill is now with the collection agency and the spammers are about to be taken to court.
I would like to have some more reports about real world experiences with this approach.
killfile-faq
, available via anon ftp from ftp.cs.columbia.edu
in the directory /archives/pub/usenet/news/answers
.
procmail
, mailagent
or
filter
for this task from the Mail filtering and
Robots page http://www.ii.com/internet/robots/
http://www.clis.umd.edu/dlrg/filter/
http://www.let.rug.nl/pegasus/
procmail
and an AI engine like emacs doctor
to engage them
in a fake mail dialog.
BL/fletch.txt
and reflect about
possible uses :-)
alt.revenge
lynx -dump http://math-www.uni-paderborn.de/~axel/BL/ | sed -n /===Blacklist start===/,/===Blacklist end===/p | your_script_goes_here
postmaster@uni-paderborn.de
.If you want to do it right though, you'll have to start a Blacklist of Blacklist Maintainers.
Also, please keep the threats of legal action coming -
you don't do it in vain: the most amusing ones are published as BL/threats.txt
while flames go to BL/flames.txt
Moreover, all usenet postings concerning the Blacklist will have the word "Blacklist" somewhere in the subject line. Put it in your kill file and you won't have to hear about it ever again.
http://kryten.eng.monash.edu.au/gspam.html#instructions
has the details.
adcomplain
. It can be gotten from
the author's homepage http://www.rdrop.com/users/billmc
. It is a
good idea to familiarize yourself with the various header fields of
news and email articles; often it is very easy to spot if some spammer uses a
bogus From-line (in which case you should still report the spam, but
to the correct sysadmin). Having forged email headers will usually
cost them their account. You can find out the proper email address
to send complaints to from http://abuse.net
http://www.dejanews.com
is especially helpful here. Another thing to do about smut spam: try to find a legitimate business operating from the same site as the spammer and send them "inadvertantly" a reply to the smut.
http://www.servtech.com/public/phoenix/computers/spam/despam.html
. While Despam uses static (but updatable) patterns to detect email spam, the program "Spam Be Gone" at http://www.internz.com/SpamBeGone/
uses a more sophisticated machine learning approach. It works even
with Eudora under Windows. Another filter to combat spam in all
its forms is ByProxy, created by Besiex and available at http://www.besiex.org/ByProxy/index.html
SPAM-L
which resides on listserv@peach.ease.lsoft.com
http://www.e-scrub.com/wpoison/
news.admin.net-abuse.usenet
.
More information about the net-abuse groups and net-abuse in general is
contained in the FAQ, which is
available
as http://www.cybernothing.org/faqs/net-abuse-faq.html
Cancelmoose[tm]
<moose@cm.org> did all the spam
canceling, but now she is working on a different approach called
NoCem. You can read more about it on the Moose's homepage at http://www.cm.org/nocem.html
.
unspam
can help you in locally deleting spam - you
won't have to wait for Cancelmoose[tm]'s cancel messages. However,
it can't detect the spam - you need to know. It's at BL/unspam.txt
. A more
sophisticated tool is the Spam Hippo at http://www.spamhippo.com
, a patch to the INN news software which detects and delets multiple postings, both those originating locally and those coming in from elsewhere.
BL/majordom.txt
.
BL/spam_detect.txt
.
uce@ftc.gov
enforcement@sec.gov
http://www.law.cornell.edu/uscode/18/2701.html
)
prohibits the "intentional access without authorization of a
facility through which an electronic communication service is
provided." Junk emailers who have previously been prohibited from accessing
services on your machine through the SMTP port
might well be violating this law and are then subject to a fine
of $250,000 and one year in prison for a first-time offense. Civil
action can be brought, and damages are $1,000 or more.
http://www.law.cornell.edu/uscode/47/227.html
), even though not intended to ban email spam, can also be used against
junk emailers; this is due to the fact that most modern
modem-equipped computers with an attached printer
fit the definition of a fax machine in USC 47 section
227(a)(2). You can sue for
$500 per violation; the court can increase this to $1500 if
violator
acted willfully or knowingly. The case Destination Ventures
v. FCC, 46 F.3d 54 (9th Cir. 1995) held the ban on unsolicited fax
advertisements to be constitutional, noting that the ads
unfairly shifted costs to the recipients. Clearly, this
argument applies to junk email as well (many two-way
pagers and PDA's charge per incoming email, other users connect
long-distance or with ISDN to their service provider and pay for
download time). Robert Arkow filed a lawsuit based on this
legal theory in 1995; the case was settled out of court, and
terms can't be disclosed.
http://www.cauce.org/
. For European efforts, check out EuroCAUCE at http://www.euro.cauce.org
BL/damages.html
afried@nocs.insp.irs.gov
or net-abuse@nocs.insp.irs.gov
with a short explanation. Do not forward ordinary pyramid schemes or other spam to these addresses.
http://com.primenet.com/spamking/spamdam.html
http://www.usps.gov/websites/depart/inspect/consmenu.htm
; there's also something called the National Fraud Information Center at http://www.fraud.com
http://www2.thecia.net/users/rnewman/scientology/home.html
Also, the common Get-Rich-Quick and Make-Money-Fast pyramid schemes
don't belong on this list. They usually come from newbies who are
scared to death by some 20 well-written flames, and I believe
blacklisting them here
would be too harsh a treatment. However, if you catch one of these
idiots, you can make money fast. For details, read BL/idiots.txt
. Legal information
about money making pyramid schemes is available at BL/pyramid_legal.txt
and
also from the very comprehensive Make Money Fast Myth page at http://www.stopspam.org/usenet/mmf/index.html
A blacklist of Make-Money-Fast posters can be found at http://www.clark.net/pub/rolf/mmf/
If you are like me and fed up with real-world junk mail as well, check out the
excellent Junkbusters pages at http://www.junkbusters.com
.
Especially take note of their cool information about 39 U.S.C section
4009 and the subsequent supreme court decision which allows
U.S. citizens to issue prohibitory orders against junk mailers. I've
tried it, and it works. Junkbusters also ship a free utility to get
rid of advertising banners on the web.
comp.infosystems.www.announce
does not accept commercial announcements any more, since it
is operated by a volunteer. But you can
find a twice-weekly FAQ titled "** FAQ: How To Announce Your New Web Site
(Other Places) **" at http://ep.com/faq/webannounce.html
.
This page also gives you information about how to get your page listed
in the various
WWW libraries, indexes and search engines.
You can publish your WWW address in paid ads in the print media
as well.
If you must advertise on usenet, then the biz.*
and
*.marketplace
groups are for you (not all at once!). As a general
rule, you should read
every group for at least a week before you post anything there. This
way, you can find out what the group is all about and whether
commercials are appreciated there. Note that *.forsale
groups were
created to accommodate users who want to sell some personal
stuff and not for commercial ads. Also: the *.marketplace
groups in local hierarchies like ny.*
are only for
products that have a genuine connection to that area, e.g. New York; it is
not sufficient that you hope that someone from New York might
want to buy your product. For information about these advertising
newsgroups check out the Usenet Marketplace FAQ at http://www.fmn.net/FAQ/attitude.html
Never send out unsolicited commercial e-mail to individuals or mailing lists. Bad things will happen to you. Some people will tell you otherwise, usually because they intend to make money off you.
Here is a list of documents describing the netiquette and how it relates to advertising:
news.announce.newusers
newsgroup, which are archived at http://www.faqs.org/faqs/by-newsgroup/news/news.announce.newusers.html
.
The Usenet primer by Chuq Von Rospach and the Usenet Posting Rules by Mark Horton are good places to start.
BL/netmyths.html
and has been contributed by Guy Berliner.
<pb@fasterix.frmug.fr.net>
who tries to keep the French usenet hierarchy fr.*
clean
of all commercials. It is written in French, posted regularly to the groups
fr.news.reponses
, fr.news.divers
and
fr.biz.d
and available on the web as http://www.freenix.fr/liste-pub/
.
Comes with neat cost estimates for all the ads.
There's now a wonderful Blacklist of Internet Service Providers who
are friendly to spammers. It's a realtime Blacklist, which means that
an ISP is put on the list as soon as spam is received. What's more, it's easy to join a network of
providers which completely ignore and drop all email traffic
originating from these assholes. Patches for popular email transport
software
are
available. It's called the Realtime
Blackhole List at the Maile Abuse Protection System, http://maps.vix.com
. This site contains
valuable information for honorable ISP's as well. This looks very much
like the technical solution to email spam we have been waiting for so desparately.
A very comprehensive Blacklist of current email spammers ready for use
in email blocking software is at http://www.webeasy.com:8080/spam/
.
The Spam Archive at http://www.spam-archive.org/
has a huge list of past spamming email addresses. You can also forward
received spam to them and they'll include it in their list.
The Anti-Spam Project at http://www.bitgate.com/spam/
is specifically targetted at junk email. It has a list of domains that
send out junk email and a mail filter program ("BlackMail") that sysadmins can
install to refuse all email from those sites, or filter incoming mail
based on other criteria. BlackMail can also be used to prohibit
outgoing spam from your domain. There's also a mailing
list for discussion of spam fighting that you can join.
Adam Frey maintains the FAQ for the australian ads usenet hierarchy
aus.ads at ftp://archie.au/usenet/FAQs/aus.ads.forsale/
with a Blacklist section at the end.
Eric Bernabe <ebernabe@anet-stl.com>
maintains a Make-Money-Fast page which contains a blacklist-like
section. It is at http://www.basenet.net/~ebernabe/makefast.html
Monica Cellio <mjc@telerama.lm.com>
has a list of all people who have spammed her at http://www.cs.cmu.edu/~mjc/spam.html
Sarang Gupta <sarang@sarangworld.com>
keeps a list of spammers and several good suggestions about what to do
with them at http://www.sarangworld.com/800.shtml
The Eddy's keep a list of people or sites that spammed them, and block
further emails from them. It's at http://www.iinc.com/~tyche/abused.htm
Sisyphus6 <sisyphus6@technologist.com>
maintains a hilarious "MMF Hall of Humilation" at http://ga.to/mmf/
where
spammers are exposed in an hilarious manner.
You want your name and address to be visible forever to anyone with
access to a search engine? Boy have I news for you! The same site
hosts a database of Make-Money-Fast crap at http://ga.to/sisyphys/
Neil Schwartzman <neil@petemoss.com>
maintains a list of junk mail with a ready-to-use procmail file that
filters them out of your mailbox. It's at http://alcor.concordia.ca/topics/email/auto/procmail/spam/
Then there is a Lamer List at http://hnet.hutton.com/~mredrain/metoo.html
put together by Michael Red Rain <sundancr@gate.net>
. It
contains the email addresses of people that posted "ADD ME TOO!!"
articles.
The GIGO Game at http://www.mindspring.com/~mdpas
contains a blacklist of junk emailers. It is put together by Mark
Paschal <mdpas@mindspring.com>
.
Robert Braver maintains a cool Telemarketer's Hall of Shame, complete
with their home phone numbers :-), at http://telejunk.norman.ok.us/
The "Fight Spam Page" at http://spam.abuse.net
featured a list of rogue domains and sites that allow spamming
(discontinued because of legal threats). It's
also a great resource for spam fighting efforts, contains a list of
responsible ISPs, and is much more actively
maintained than this Blacklist, and you can even sign something and
join the campaign!
Last but not least, our warm and heartfelt thanks go out to
Mr. Vladimir Fomin for
compiling the Blacklist of Net.Nazis and Sandlot Bullies BL/net_nazis.html
and to Dr John
Grubor for taking the time to
assemble the well researched list of Usenet Homosexuals BL/queer_list.html
. Two
outstanding pieces of research; the large overlap between these lists
is evidence of a deep and intriguing and hitherto unnoticed statistical truth. I am
particularly honored to be featured on both lists. Please check out
the credentials of Dr Grubor at http://kendaco.telebyte.com/dharland/Grubor.FAQ.html
news.admin.net-abuse.usenet
or news.admin.net-abuse.email
.
However, you should first browse over the last couple of Subject
lines in that group to make sure that no one has reported that
incident before. Then, you should use an informative Subject
line
yourself. (Read the charters of the groups at http://www.cybernothing.org/faqs/net-abuse-faq.html
).
http://www.compulink.co.uk/~net-services/spam/
. It neatly automates the process of tracking down, insulting, and threatening spammers. Works with most email programs.
BL/junkmail.gif
and was designed by ReplyNet (http://www.reply.net/
). Another version, by Rohan Exton, is at BL/junkmail2.gif
. Still another, the purple ribbon, is at BL/prss1.gif
. And then there is the banner of the Fight-Spam-Campaign at BL/spam-bar-1.gif
and Jerry Dunn's BL/jospam.jpg
http://visar.csustan.edu:8000/HyperNews/get/blacklist.html
Please don't use that site to complain about specific advertisers.
http://math-www.uni-paderborn.de/~axel/BL/<ID>.txt
where the true ID is to be substituted for <ID>
(or
by just clicking on the ID if you read the HTML version of this document).
===Blacklist start=== ID: CS941211 Name: L. Canter, M. Siegel Address: 3333 East Camelback Road, Suite 250, Phoenix, AZ 85260, USA Cybersell, P.O.Box 13510, Scottsdale, AZ 85267, USA Cybersell, 10245 E. Via Linda, Suite 222, Scottsdale, AZ 85258, USA Phone: (602) 661-3911, (602) 661-5202 Email: 73450.3565@CompuServe.COM Entered: 1994/12/11 Changed: 1997/01/15 Behavior: The famous greencard lawyers. In 1994, they repeatedly sent out a message offering their services in helping to enter the US greencard lottery to almost all usenet newsgroups. (Note in passing: they charged $100 for their service, while participating in the greencard lottery is free and consists merely of sending a letter with your personal information at the right time to the right place.) When the incoming mail bombs forced their access provider to terminate their account, they threatened to sue him until he finally agreed to forward all responses to them. Read all about it with gopher gopher.well.sf.ca.us in Authors, Books.../Online Zines. They signed an agreement with their access provider, PSI, to refrain from sending out junk e-mail or spamming usenet. Nevertheless, they have repeatedly spammed usenet again, although the postings were quickly found and canceled by the cancelbot Cancelmoose[tm]. PSI has cut their USENET access. They have since written a book, "How to Make a Fortune on the Information Superhighway" and founded an internet advertising company, Cybersell. The book promotes several advertising strategies on the internet including gathering addresses from usenet and sending out junk e-mail, posting commercials to inappropriate newsgroups, advertising on irc and even via talk. They basically contend that all these behaviors are legal and therefore ok. They ridicule the terms "internet culture" and "netiquette" and claim that the internet, once all real-world laws are applied to it, will make a great source of income for attorneys. Canter & Siegel were behind the grand Credit Repair Spam and the Virtualmall spam. This finally forced their service provider, psi.com, to cut them off completely as of 1995/02/12. Update: At 1995/03/01, cyber.sell.com apparently acquired a new feed from sprint (800-669-8303). However, they can't be reached with ping yet. Sprint apparently has decided against providing access to them. On 1995/03/22, they spammed usenet again, this time with an ad for their book. A couple of interesting things to note about this one: - They spammed from two accounts, one on netcom and one on crl. The accounts have been nuked. - They put certain usenet hosts in the path line, so that their spam wouldn't reach these hosts, thereby trying to avoid the spam cancelers. To no avail, of course. - They systematically varied From and Subject headers, again hoping to avoid being canceled. - They forged Approved-headers, so that their ad appeared in several moderated newsgroups. - The spam spilled into several mailing lists, prompting the following anti-spamming policy from the Debian mailing list: BL/debian.txt. The Water Spam, also orchestrated by C&S, shows similar characteristics. Remarks: Don't bug the owners of cybersell.com; they were the access providers for (and hence victims of) C&S during their first spam and acquired the domain name cybersell immediately - very much in the spirit of creative punishment :-) It appears though that that C&S now (1997/01/15) owns cybersell.com after all. ID: AD941223 Name: Jess Guim, Advanz Home Office Companion Address: 319 East 95th Street, Dept. 2, New York, NY 10128-5761, USA Email: adhoc@ix.netcom.com Entered: 1994/12/23 Changed: 1995/01/21 Behavior: Posted their ads about desktop publishing to several rec.food groups. Advertises his tool for creating e-mail lists of potential customers via unsolicited e-mail. When complaining to him, he sends even more information about his program. Remarks: He claims to give a 30 days money-back guarantee on his products. ID: TM941223 Name: TMI Phone: voice: 408-429-5400, fax: 408-429-6100 Email: tmi@scruznet.com Entered: 1994/12/23 Changed: 1995/01/21 Behavior: Spammed the soc.culture hierarchy with ads for discount telephone service. Repeated it even after having been blacklisted. They recently tried to find out Cancelmoose[tm]'s spam criteria by posting a sequence of low-volume spams, which were classified as part of one big spam and hence canceled. Remarks: They have now their own domain, tmi.org, but continue to use the newsserver of scruznet.com. ID: KL950105 Name: Kevin Jay Lipsitz a.k.a. Krazy Kevin, Magazine Club Inquiry Center Address: 350 Richmond Terrace #5-P, Staten Island, NY 10301 PO Box 990, Staten Island, NY 10312 Phone: 718-967-1234, 718-967-1550 (fax), 718-967-1144 (fax), 800-433-1357 Email: krazykev@escape.com, krazykev@kjl.com lipsitz@ingress.com Entered: 1995/01/05 Changed: 1997/01/15 Behavior: Spammed almost the whole usenet repeatedly with anonymous ads (Hi, my name is Anne Nelson...") for a long distance calling plan. He was warned by the admin of the anon server, then lost his account there and did it again with a new account. He told me on the phone that a company called Card Call USA, INC. 6232 N. 7th ST. #109 Phoenix, AZ 85014 Phone: 602-264-7000 Fax: 602-266-0687 uses a pyramid-like promotion scheme where every customer gets a commission for each new customer they bring and in turn for each new customer these new ones bring and so on up to level 7. Kevin Lipsitz is a customer of Card Call USA and tries to bring new customers to get these commissions. His using the anon server is evidence enough that he knew that he was doing something wrong. Incidentally, he sent me the membership application for CC USA. Point #6 of the contract, which Kevin most probably signed, reads: "6. I agree to operate in a lawful, ethical, and moral manner and to do nothing that will adversely reflect upon CCUSAI, its clients or its other Independent Sales Representatives. I understand that any act deemed by CCUSAI to be detrimental to CCUSAI, in any manner, is grounds for the termination of my status as Independent Sales Representative and all corresponding commissions." As of 1995/02/20, he uses the new e-mail address at escape.com. On 1995/02/26, he anon-spammed again, this time advertising his magazine club. It occurred again on 1995/03/04. He is also the source of the ubiquitous and persistent "===>> World's *Cheapest* Way to get USA Magazine Subscriptions..." postings and email list spams. The return address of these is often a FAX server. If you see a line "Hi, my name is <insert favorite female>", then it's from him. There have been complaints that he doesn't deliver all ordered magazines. Still spamming mailing lists as of 1996/04/30. Now uses throwaway AOL accounts. Has received a court order to stop using AOL addresses in summer 96. Remarks: I tracked him down by answering to one of his ads using an old e-mail address, to which he promptly responded. The second time, I responded again to his anon ad, and he apparently recognized me and tried to harass me over the phone. Next was a truly pathetic first attempt at mailbombing. [Kevin, next time pick an ftpmail service without per day traffic limits, jeeez] His account on panix.com is no more. An excellent analysis of one of his recent postings and lots of personal information about him is at BL/kl_info.txt Recently, several articles about him, including cancel reports, have been canceled from news.admin.net-abuse.misc. As of 1996/05/01, he owns his own domain kjl.com; internet access is provided by escape.com and connect2.com. Complaints should properly go to roman@escape.com, the administrator of escape.com and jolsin@connect2.com, the coordinator of connect2. Escape.com is unresponsive; access is provided by sprintlink.net. Mail to root@kjl.com is pointless since this is Kevin himself. His 1-800 number reaches him, even though he usually comes up with some bogus denial. Recently, an analysis of one of his email list assaults has been posted athttp://www.iac.co.jp/~issho/stop-spam.html
The National Fraud Information Center is collecting information about him; read BL/kk_fraud.txt andhttp://www.fraud.org/news/1997/jul97/070897.htm
If you feel that some of his activities are criminal (involving fraud, harassment or theft of services, for example), you might wish to send a succinct letter to Supervisory Agent Robert E. Schlabach FBI 1 Center Plaza, Suite 600 Boston, MA 02108 USA ID: KK950105 Name: Kim Kerns, Applied Information Technologies, Inc. Address: POB 2634, Midlothian, VA 23113, USA Phone: 704-559-5988, 800-576-5146, 804-378-8050 Email: applied@vnet.net, BYNH09A@prodigy.com, lorcine@aol.com Entered: 1995/01/05 Changed: 1995/01/09 Behavior: Spammed many newsgroups with a long distance calling plan. Varied subject lines, posting sites and exact text, apparently to avoid cancelbots. The company selling the phone service is Applied Information Technologies, Inc., POB 2634, Midlothian, Va. 23113. This company employs a promotion scheme offering commission to every customer for each call people sponsored by them make. After being blacklisted and notified about it, he did it again repeatedly. Remarks: Note the 1-800 number. He doesn't seem to own vnet, so you can put pressure on his postmaster. ID: CY950121 Name: Cybergear Address: 2770 St. Albans NW, North Canton, Ohio 44720, USA Email: cybergear@delphi.com Entered: 1995/01/21 Changed: 1995/10/30 Behavior: Posted their ad for t-shirts to at least 30 unrelated newsgroups, sometimes changing the subject to avoid canceling and to make the postings technically on-topic. Did it again on 95/02/05. And again in May. ID: BO950212 Name: Stuart Bar-On, Parallel Performance Group, Meridian Marketing Address: 450 Jordan Rd., Suite E, Sedona, AZ 86336, USA Phone: (520) 282-6300 (voice), (520) 774-0896 (fax) Email: ppg@ppgsoft.com, ppginc@shell.portal.com ppginc@earth.usa.net, ppg@primenet.com, strand@ppg.strand.com ppg@unicomp.net, info@ppginc.com ppg@ppgsoft.com, news@ppginc.com ppg@infomagic.com Entered: 1995/02/12 Changed: 1997/03/02 Behavior: Engage in a large-scale ongoing junk e-mail assault. Sent out unsolicited e-mail ads to postmasters, who were supposed to forward it to their "Marketing Directors". They got the addresses from InternNIC's list of registered domain names. In addition, they gathered e-mail addresses from usenet postings and sent unsolicited commercial e-mail to those. A new junk e-mail wave occurred around 1995/02/28. This time from unicomp.com. I suspect that they scan usenet postings for certain Organization-lines in the header. They are still at it as of 1996/06/01. Remarks: Their mail-bots and WWW pages are maintained by zoom.com. In addition, the domain name ppgsoft.com is owned by Bar-On but is nothing but a bunch of mailboxes on stealth.romoidoy.com. The domain ppginc.com, also owned by Bar-On, contains only a couple of mail-bots residing on unicomp.net. Recently, they have been operating from romoidoy.com and quinella.com is also owned by Stuart Bar-On for spam purposes. ID: CL950228 Name: Cyberlink Inc. and various agents Address: 5855 Topanga Canyon Blvd., #520, Woodland Hills, CA 91367, USA Phone: 818-702-0456 (fax), 216-461-1770 (fax), 216-231-2857 (voice) 800-266-2006 (voice) Email: mvs3@po.CWRU.Edu, MRN@WVNVAXA.WVNET.EDU, 75017.605@CompuServe.COM, cyberlink@infomat.com, fy755@cleveland.Freenet.Edu Entered: 1995/02/28 Behavior: Persistent, slow spam of soc.culture.* groups, advertising some long distance plan. Apparently, Cyberlink pays commissions to agents who brings new customers, and several of their agents spam. It's unclear whether Cyberlink is aware of that. They need to change their rules. Remarks: cyberlink@infomat.com seems to be an automatic mail-back robot. ID: WC950415 Name: WWCD Inc., Steve Schall Phone: (410) 581-1110 Email: wwcd@wwcd.com, t-rock@access.digex.net, steve@wwcd.com Entered: 1995/04/15 Behavior: Repeatedly posted announcements of their WWW server on a large number of sports related newsgroups. Respond to complaints with flames. Put at least 41 links to their server on The-Mother-of-all BBS athttp://wwwmbb.cs.colorado.edu/~mcbryan/bb/summary.html
Remarks: Access provider is digex.net. ID: JS951030 Name: Jeff Allen Slaton, a.k.a. SpAmKiNg Address: 6808 Truchas Drive NE, Albuquerque, NM 87109 Phone: (505) 821.1945 (fax/data modem) Email: Slaton@free.org, JSlaton@free.org Entered: 1995/10/30 Behavior: Persistent and large scale email and usenet spam. Sometimes wants $5 for taking someone off his mailing list. His messages usually contain ads for other businesses, but sometimes also illegal money making pyramid schemes. Always uses fake From lines, sometimes in order to punish past access providers. He announced that he would get a T1 internet connection through MCI in order to annoy them; MCI has publicly stated that they won't give access to him. Some articles on news.admin.net-abuse.misc criticizing him have been canceled by an anonymous party. Remarks: A web page containing personal information complete with Social Security Number, photo, phone number of his employer, and much more is athttp://com.primenet.com/spamking/
. Some more information about where he lives is at BL/slaton_personal.txt. Please complain to the businesses advertising on his mass mailings and boycott them. He is probably connected to the net through a SLIP or PPP connection provided by InterRamp; they are unresponsive and owned by PSI. Contacting the Better Business Bureau about Slaton does not make sense since they don't deal with Internet cases. However, when it was suggested that the FTC be contacted about Slaton's activities, he became *very* pissed off. The New Mexico Attorney Genernal is investigating Slaton's practices as well. ID: PD951030 Name: Prime Data WorldNet E!Mail, Computer Enterprises, Vernon Hale Address: 1132 Richards Rd, Bowling Green, Ky 42104, USA Phone: (502)529-9106 (fax), (502)529-9304 (voice) Email: worldnet@pwrnet.com, cybrcash@ix7.ix.netcom.com, prime@mwci.net create@netam.net Entered: 1995/10/30 Changed: 1996/2/27 Behavior: Send out junk email newsletters with third party ads on them. Some people received the newsletter again even after having asked to be removed. Remarks: Please complain also to the individual advertisers listed. They have already lost an account on mwci.net because of complaints. In the past, they have used toc.net to inject the messages. They also maintain accounts on valleynet.net. The admins of both valleynet.net and toc.net don't see anything wrong with junk email and won't remove his account. Has recently (2/96) changed his business strategy to selling email spamming software by spamming usenet. ID: IS960227 Name: Sunset Direct, Doug Monahan Address: 9390 Research Blvd. Kaleido 2 Suite 350, Austin, TX 78759 Phone: (512) 464-8500 Email: webmaster@sunsetdirect.com,doug_monahan@mail.sunsetdirect.com, doug_monahan@fiddleback.sunsetdirect.com Entered: 1996/02/28 Behavior: Large scale, repeated, world-wide email spam advertising their web site. Email addresses were obtained from usenet postings. Mailing lists and usenet groups were hit as well. Some of their messages contained fake return addresses. Remarks: Please inform the companies working with Sunset Direct (as featured on their site http://www.sunsetdirect.com) about Sunset Direct's marketing attempts. If they refuse to stop sponsoring Sunset Direct, they should be boycotted as well. Network connection is provided by netcom.net. A publicly posted statement from Dough Monahan is available as BL/monahan.txt and an emailed threat is at BL/monahan_threat.txt. Apparently, he sends out lots of those. ID: PE960301 Name: Promo Enterprises a.k.a. Cyber Promotions, Sanford Wallace Address: 8001 Castor Ave., Suite #127, Philadelphia, PA 19152 1255 Passmore St, Philadelphia, PA 19111 Phone: 800-650-9110 (phone), (215) 289-4610 (phone), 800-650-9230 (fax), 215-288-9230 (fax), 215-743-3750 (fax), 215-288-9110 (phone), 215-628-9780 (phone) Email: wallace@cyberpromo.com Entered: 1996/03/01 Changed: 1997/09/23 Behavior: Repeatedly sent out unsolicited junk email containing an amazing number of scams. Preferably targets online services; sometimes uses fake return addresses. The domains answerme.com, zapback.com, savetrees.com are also owned by Wallace. The matter brought against them by ReplyNet was settled out of court. Have registered a large number of internet domains recently. Sometimes they spam by directly telneting to other ISP's smtp ports. In the case of concentric.net, they have been sued and lost. They try to use different servers for different services (email, usenet, www, nameserver) so as to make it harder to cut them off. Remarks: Mr Wallace has made his philosophy clear in a couple of articles; read BL/wallace.txt. He claims to only send his junk to people who have posted commercial ads on the WWW or usenet, which is patently false. A major war is going on between Wallace and AOL; AOL blocked all junk from Wallace and Wallace sued. A judge ordered the blocking to stop but was overturned. They reached an agreement where AOL is allowed to block junk from all users who don't specifically request it. An Ohio judge in the Compuserve suit against Wallace called his junk mailing "trespassing on private property" and prohibited it. Updates about this case are athttp://www.tigerden.com/junkmail/
Prodigy won a suit against a Wallace banning him from using Prodigy to spam. The likely main feed provider for Cyberpromo is agis.net, which has been unresponsive to complaints and condones email spamming. For more information about Cyberpromo and Agis, you can visithttp://www.cyberpass.net/~fekete/
Cyberpromo was kicked off agis.net as of 20-Sep-1997. In March 1998, Wallace lost a 2 Million Dollar lawsuit and decided to leave the spamming business for good. Wallace was previously in the junk fax business, until that was outlawed. ===Blacklist end===