Dave's Free Press: Journal

violence, pornography, and rude words for the web generation


Recent posts


Recently commented posts


Journals what I read

geeky politics rant silly religion meta music perl weird drinking culture london language transport sport olympics hacking media maths web spam photography etiquette amazon film bastards books bryar holidays palm telecoms cars travel yapc bbc clothes rsnapshot phone whisky security home radio lolcats deafness environment curry art work privacy iphone linux bramble unix go business engineering kindle gps economics latin anglo-saxon money cars environment electronics
Thu, 19 Jan 2012

ServiceMagic: when spamming goes wrong

I've used a website called WorkBidder as a convenient way to find tradesmen to do tedious little jobs for me. It was a useful service. But I won't be using them again, because they've started sending spam. And not just the usual crap, this spam seems to be carefully crafted to tell me that they do not have the best interests of customers* at heart.

It reads:

Are you looking to take on more work? If so, WorkBidder has teamed up with ServiceMagic, UK's leading provider of work leads, to offer you a one-off special deal:

blah blah blah

We limit your competition to no more then 4 contractors

Never mind that they seem to have confused me, a lazy bastard, with their tradesmen, but that last sentence is the killer. Limiting competition - that is, setting up a cartel - is done for one reason only: to raise prices. Therefore I will not use them again, and I urge you not to either.

* yes, I know, I'm not their customer, the tradesmen who pay them a commission are their customers. I don't care.

Posted at 21:09 by David Cantrell
keywords: business | etiquette | spam
Permalink | 0 Comments
Sun, 16 Aug 2009


The nice people at AntibodyMX said they'd de-spamify my email for me for free provided I wrote a review. They didn't say it had to be a good review :-) so I took them up on it.

I've previously been rather sceptical about such services. There are obvious concerns about privacy from having all your mail go through someone elses systems instead of going - as far as is possible - straight from the sender to you. If you use TLS (and you should) then even if your mail transits someone elses network, they won't be able to read it. With an outsourced service like AntibodyMX's, they can, because mail is sent to them and they then forward it on to me. That they can see the plain-text of my email is, however, necessary for the filtering to work. And in practice, it's not a significant concern at least for individuals, because my mail just isn't that interesting.

My other source for scepticism was that they probably couldn't do a better job than I could. Indeed, because their service has to work for everyone there are ways in which they can only possibly do a worse job at filtering mail than I can. For example, I can throw away all mail in Chinese, Russian, Japanese and Hebrew, because all mail in those languages is unreadable so even if it's not spam (yeah right) I still don't lose out by ignoring it. They can't do that, because I'm sure they have some customers who get some legitimate mail in weird languages that aren't written right. Without tools like that, then surely they can't do a better job than me - after all, the software they use is the same that's availabe to me, and I've been successfully de-spammifying my email for years.

So why did I switch? Simply because I got fed up maintaining my anti-spam systems. They eat valuable memory and CPU - and eat more by the day as I have to keep adding more filters to combat spammers' evil imaginations. Maintaining all that takes time. Due to having more interesting things to do, I was beginning to fall behind on keeping my filters up to date, and more spam was sneaking through. When I got the offer to use their services for free, I decided to take them up on it. After all, there's no real downside. If it doesn't work as well as advertised, I can trivially switch back to doing the job myself.

But I won't be switching back to doing the job myself. The AntibodyMX service Just Works.

That, however, is with the service being free. It's a different matter entirely if you have to pay for it. According to their website, prices start at £115 a year. When you think about how much time your company's sysadmins put in to spam control, it's a no-brainer and is easily worth paying. It's only really worth thinking about if privacy is particularly important to you. I wouldn't want, for example, my doctor or solicitor or MP to use any such service. Not because they can't trust the service providers, but because they shouldn't trust anybody. Doubly so if using a service provider in another country.

For personal use I think £115 would be a bit steep. It is worth paying for, I'm just not sure how much I'd shell out.

Posted at 16:44 by David Cantrell
keywords: geeky | spam
Permalink | 1 Comment
Mon, 10 Nov 2008

Language-targetted spam?

Today I got spam about "activation keys". Nothing unusual there. However, while I got a couple of copies of it in English sent to two of my usual addresses, I also got a copy in German that had been sent to an address on a machine I have in Germany.

While all spam is of course evil and its perpetrators should have divers cruel and unusual things done to them until they are no longer unusual, this is a Good Thing. It means that I should start to get less spam in those odd foreign languages that seem to be spelt "??? ????? ???? ???????? ?? ???? ???? ???".

Posted at 22:55 by David Cantrell
keywords: language | spam
Permalink | 0 Comments
Thu, 18 Sep 2008

John Lewis: spammers

A coupla weeks ago I ordered some stuff from John Lewis's website. It arrived. Then another few days later, some spam arrived. And then some more.

John Lewis is a business that has a very good reputation for treating customers well, and all my previous dealings with them have been trouble-free. That they are now consorting with nasty criminals is terribly disappointing.

Unlike what I do with most other spammers, I have at least contacted them to ask what they think they're up to. I hope that this is just a mistake on their part, and that I'll be able to update this post later with the good news that they'll not do it any more.

But until this post is updated, you should assume that they are still spammers, and remember the Boulder Pledge.

Posted at 12:27 by David Cantrell
keywords: privacy | spam
Permalink | 0 Comments
Sat, 20 Jan 2007

New Bryar release

As I've been promising to do for ages (it's over a year since Simon said I could take over maintenance of it, and several months since I promised Bob that he could have all the shiny new features I had planned) I've finally got round to releasing a new version of Bryar, the software what provides the brains behind this 'ere august journal.

The most important change is that I released the stuff for filtering out comment spam.

Posted at 22:02 by David Cantrell
keywords: bryar | geeky | hacking | spam
Permalink | 1 Comment
Fri, 19 Jan 2007

An Idiot

[originally posted on 2007-01-12]

I got an email today from a recruiter. Not to see if I was available for work, but trying to push someone on to me. The email read:

Please find attached the CV of an extremely talented web developer who specialises in PHP and front end web development technologies including HTML, CSS and JavaScript.

This candidate is actively seeking work in your area at the moment. He does have several other interviews arranged therefore if you are interested in seeing him for a role you are currently recruiting for please give me a call today.

If you are not recruiting, please keep my details on record for future reference.

and was sent to my personal address, not to work. Neither I nor my lovely employer have told this girl that we are looking for anyone technical and if we had we'd not have asked for someone who knew PHP. So yes, I most certainly will "keep her details on record for future reference". Being a gentleman, I informed her of this fact and that I was keeping them because I would otherwise not remember that she is clearly far too stupid for me to do business with.

Update 2007-01-19: she dunnit again. This time I phoned her, and she admitted sending unsolicited, untargetted mailshots - that is, spam. She, of course, thinks it was targetted, but I'm afraid that's just not true as is obvious from what I wrote above. And, of course, there's the issue that the address she sent her spam to is one that I created only because one person (one!) continually mis-spelt my real one. I've never sent email from the address in question, nor have I ever given that address to anyone apart from that one person. Consequently, the idiot spammer Claire O'Keeffe of Huxley Associates obviously either guessed it or acquired it by some other nefarious means.

Posted at 17:43 by David Cantrell
keywords: rant | spam
Permalink | 1 Comment
Tue, 26 Sep 2006

Paypal's anti-phishing advice

Oh dear. I just got email from Paypal (and yes, it really is from Paypal - I, unlike most people, know how to check it out properly) advising me about how to protect myself from being ripped off by fraudsters sending spam emails which merely claim to be from Paypal but which actually direct you off elsewhere so they can steal your Paypal username and password. This practice is commonly known as "phishing".

Trouble is, to an unsophisticated eye, phishers' emails look just like Paypal's real emails. What Paypal should do is simply never email their customers except in direct response to the customer doing something on their site, such as sending someone some money. That way, less technologically-literate customers can simply ignore all unexpected mails "from Paypal" and be safe.

That behaviour is good enough for my bank, so I wonder why Paypal don't do it.

And before anyone mutters about what would happen if someone sends me money (which I obviously want to know about) - the person sending it should tell me. And I'll probably make an exception for when I'm selling something through ebay too.

Posted at 22:15 by David Cantrell
keywords: geeky | spam
Permalink | 3 Comments
Fri, 2 Jun 2006

Stupid spammers

In the last month, there have been well over 400 attempts at spamming this journal. All have failed. And yet the spammers still try. And I get email notifying me each time, because there's always a possibility that a legitimate comment might get classified as spam and need to be manually approved.

Ah well, I have the IP for each of those 400-odd spams, and using routeviews.org I can easily turn them into a considerably shorter list of netblocks. And then auto-create a shitload of Deny from rules. 104 of them, to be precise. It will be interesting to see if the spammers notice their lack of access and keep trying.

Posted at 00:21 by David Cantrell
keywords: geeky | meta | spam
Permalink | 1 Comment
Sun, 28 May 2006

When ads go wrong

I've been keeping an eye on things, and most of the time, Google puts pretty good well-targeted ads on these pages. The only real exception was on my page about spam, which kept getting ads for dodgy anti-spam products, which was clearly silly, so I've removed 'em from that page.

However, on occasion it goes amusingly wrong. Not Google's fault, but some idiot has obviously bought an ad for thousands of keywords without thinking about it, and so this 'ere journal is currently advertising ...

So how exactly does one order a burning cross online?

Posted at 14:36 by David Cantrell
keywords: meta | silly | spam | weird
Permalink | 0 Comments