Reducing Porn Spams
By Chris Houg
Posted Thursday, November 25, 2004
My escapades and success at reducing the amount of porn spam I receive. Lately I was getting approximately 15-20 spams a day at about 3 different email addresses advertising porn. Being perfectly happy with my wife, I found these emails to be an extreme nuisance and a waste of bandwidth and computer resources. I decided to try and do something about it.
It is well known that you shouldn't "opt out" when given an opportunity in a spam message. This only validates your email address and you usually end up getting more spam. There are legitimate "opt outs", like the ones in newsletters that you subscribe to and from reputable companies. These are usually safe to opt out of. But, if you don’t know the sender, don’t use their opt out.
The reason why the porn is running so rampant is that they pay affiliates very well. I've seen some pay $35 or $40 just for a free trial signup. Most also offer a monthly commission if they get someone to sign up for their "monthly subscription". With the pay so good, the competition between the affiliates is fierce and thus they go to extreme measures to try to get new prospects.
I decided that since I was getting these emails anyway, I might as well try the opt out option for 2 reasons:
1. To see if the link or email actually existed
2. The other reason is to save the link where it took me in case it actually did take me somewhere.
Well, not surprisingly, they didn't work and the porn kept on coming, if not worse than before.
I’ve been reporting the spams to Spamcop.net and unfortunately didn't have any results with this either. SpamCop is an EXCELLENT tool to use as it will parse the header and find the true origin of the email and parse the body of the message for any links. It will then send abuse messages to the ISP’s of the places the spam originated and the ISP’s of the offending web sites.
Spammers will usually find computers on the internet that have security flaws in their email servers. This will allow them to send the emails in bulk and help hide the true source of the spam. It also helps the spammer fake a return address, fake the header, and so on.
Almost all of the spam I receive have innocent email addresses as the return address. Unfortunately, the innocent bystanders often receive a barrage of angry email telling them to quit sending their spam and also thousands of messages saying that their email message didn't get sent as the address it was sent to, was invalid. (It bounced) They often have no idea what is going on and are indeed innocent victims of the spammers.
My next step was to complain to the companies themselves that own the sites. Most of these places have "affiliate programs" and this is the cause of the spam. I have found that most of the companies in fact have strict anti-spam policies that the affiliates must agree to when they sign up.
The tricky part is to find the actual companies that host these programs. In doing so, I had to subject myself to scores of pictures of things that I would never have imagined nor thought possible. But, I figured it was for the benefit of my readers so I reluctantly subjected myself to the tortures of this assignment and drudged on.
I say "tricky" as the spammers use different methods of trying to not only hide the location of their website, but, also to hide the place they are taking you to sign up for this "service" (and I use service very lightly here). They use such tricks as using frames so that while you are at the REAL website, your location is displayed as still being at THEIR website, disabling right clicks so you can't view the html source code and find the links, munging links so they appear as hexadecimal numbers instead of the plain ole ASCII characters that we easily understand, and even using page encryptors to encrypt the html code so if you do view it, it looks scrambled. This also has the effect of hiding their affiliate ID which is usually located after the URL.
Since most of the "hosts" offer an affiliate program, I've found that this is the best place to go. The reason being is that you can get some valid email addresses and also view their terms of service. Just about all of them will not only terminate the affiliate for violation, but, will NOT pay any commissions due them for violating their terms of service. If the spammer has a check coming, it is going to hurt them good and teach them a good lesson. The spammer will also lose all monthly commissions from the customer base he has established. If the spammer has been doing it for a while, he may be losing a huge monthly income.
What I try to gather is the actual name or the location of the website, which is usually some disgusting name, the name and location of the "home office" website that usually offer quite a few different websites with various disgusting names on various disgusting subjects PLUS offering of the affiliate program, any email addresses that seem to be valid, and perhaps the billing service the company uses.
I then forward the offending spam with the full message header. I also use a Spamcop.net "trace" showing the origination of the spam. This is useful as it shows that the spammer is "illegally" accessing different computers using email sending security flaws they have. I also include a little white lie which I'll explain in a bit. Most of the spammers MUST include an affiliate link to the websites they promote or else they won't get paid. If I find those links, I include them.
My "white lies" say that the emails are coming on "my kids" computers. I also state that no matter what I've tried I can't get rid of the spammer. I state that the opt out link is falsified or that if I opt out I only get an increase in the spam. (I don't have any kids and the closest to any underage person in the house is my dog who is 3 but that would be 21 in dog years so she may be legal to view them) .
This has a good effect because there are laws on the books about exposing underage kids to pornography and they will definitely want to avoid any legal hassles or any hassles that my close them down. They would lose not only their customer base if their ISP shut them down, but, the revenue while moving PLUS they would probably have to pretty much start over getting customers to sign up with them again at their new sites.
Once I have the email forwarded and ready to send with all the links, headers, affiliate info, etc., I send it to the real websites that I found in my adventures, being the real website that hosts the sites and the home office. (Sometimes I try the billing company but they don't seem to care too much). I address it to one site and I "bcc" it to many others. I usually have it sent to 20 or 25 different email accounts per website address using as many appropriate or even inappropriate email boxes as I can think of. Some examples are:
abuse@, support@, billing@, affiliates@, accounts@, accounting@, customerservice@, service@, webmaster@, admin@, problem@, suggestions@, tech@, etc. I usually get some bounced back as being invalid, but, most get through.
After the "@" I will put the "domain1.com" and do it for each domain that I have found.
I also am courteous and non-threatening. I don't condemn them for having such sites nor am I rude in any way. Simply, my attitude is that it's ok for you to have such sites, but, I don't personally like them, don’t want my kids getting the emails, nor have a need for them and this guy has been bombarding me and my kids with this stuff and won't stop so could you please help me and make him go away.
When I get replies saying they are taking me off their list OR that they have ended the affiliate relationship with that person, I ALWAYS reply and thank them.
The results have been erotic, er, I mean, ecstatic. While I still get one or two every few days from all my email accounts, it is a far cry from the 15-20 I was getting at each email address everyday.
Now if I can just get rid of those darn enlargement pills, the miniature camera, the Viagra, the HGH hormones, the cable descrambler, the mortgage companies, the ......
About the Author
Chris is the author of "Make Money On The Internet" which shows how to create your own digital products and "Digital Traffic Cop" which lets anyone easily create CGI scripts for the protection of their download pages and cloaking their affiliate links.