On this page and its related links, you can learn some dos and don'ts on how to combat Make Money Fast schemes you encounter, if it is your choice to not simply ignore them. You can also learn how you can help salvage yourself if you have posted one of these little scams.
Some Don'ts
- DON'T respond to the MMF article by replying to it.
- By spamming back to all the same newsgroups that the user who posted the make money fast (MMF) post did, your article will be killed just as fast by the anti-spam monitors as theirs was. Spam is killed by a mathematical formula that determines its severity (the sum of the square roots of number of newsgroups each copy was posted to) called the Breidbart Index (BI), and has nothing to do with content. The standard BI for a spam cancel is >= 20. This means that your message, if you just hit reply and spam it back to all the same newsgroups as the original article, falls under the label of spam simply by its use of resources, and will also be cancelled. Just about the only exception to the BI>=20 rule are the MMF articles, which are "kill on site" by the spam monitors (if you want to see how much work they do to help keep the usenet cleaner for everyone [with the grateful applause of all but a few malcontents who continue to claim that this is censorship], monitor news.admin.net-abuse.announce for a while). The reasoning for this exception is that these articles constitute "essentially the same" article, even when posted by many differnt people, and so still fall under the BI - which really means that they are not even an exception. In addition, they are blatantly illegal, despite what any of the perpetrators say in them. It falls within anyone's legal responsibilities to attempt to thwart a crime when it can be done so without undue danger to oneself.
- By spamming back to all the same newsgroups that the user who posted the MMF post did, you use a tremendous amount of bandwidth, and cost many many thousands of dollars when totalled over the entire usenet network for the cost of retrieving, processing, and storing your message for the short amount of time it is destined to live due to #1 above). This puts you, in many eyes, in just as bad a position as the MMF'er who originally spammed, and you may get flames for it, too. If you do reply to a MMF article, change the reply-to and followups-to to one single group, preferably news.admin.net-abuse.usenet, news.admin.net-abuse.misc, or news.admin.net-abuse.sightings.
- Most of these MMF posters do not go back and read the responses in the groups the majority of the time anyway, so your message to the groups, while venting frustration, does nothing for them, most of whom know already it is illegal in virtually every country. Witness the fact that many use forged headers (you learn to get very good at deciphering these before you send email to the wrong ISP after a while), fake email addresses (the flaw in this is that they have to give a real mail address somewhere to get their money, and even if it is a PO box or rental box, they can be traced by the Postal Inspector), and sometimes are even using the spam as revenge against someone else who was totally innocent, attempting to bring the harm to them instead.
- By spamming back to all the same newsgroups that the user who posted the make money fast (MMF) post did, your article will be killed just as fast by the anti-spam monitors as theirs was. Spam is killed by a mathematical formula that determines its severity (the sum of the square roots of number of newsgroups each copy was posted to) called the Breidbart Index (BI), and has nothing to do with content. The standard BI for a spam cancel is >= 20. This means that your message, if you just hit reply and spam it back to all the same newsgroups as the original article, falls under the label of spam simply by its use of resources, and will also be cancelled. Just about the only exception to the BI>=20 rule are the MMF articles, which are "kill on site" by the spam monitors (if you want to see how much work they do to help keep the usenet cleaner for everyone [with the grateful applause of all but a few malcontents who continue to claim that this is censorship], monitor news.admin.net-abuse.announce for a while). The reasoning for this exception is that these articles constitute "essentially the same" article, even when posted by many differnt people, and so still fall under the BI - which really means that they are not even an exception. In addition, they are blatantly illegal, despite what any of the perpetrators say in them. It falls within anyone's legal responsibilities to attempt to thwart a crime when it can be done so without undue danger to oneself.
- DON'T respond to the MMF article if it's more than 2 days old - it's already been taken care of, rest assured.
- DON'T even THINK of mailbombing the poster or ISP - you will probably end up in more trouble than they are. Check out the mailbombing and DOS (Denial of Service) discussions held that pop up with regularity on news.admin.net-abuse.email for details.
Some Do's
- If you are going to respond at all, DO respond to the user themselves (if you don't mind the possibility of angry return email from them) and/or the administration at the ISP site the spammer wrote from. Just be sure you know where it actually came from. This helps avoid return flames from overworked admins that you are sending to. The address that every ISP is required to have is postmaster@. However, some rogue sites known to harbor spammers are in violation of this, and the postmaster@ address is bounced, or simply routed to /dev/null/, which is a unix term for the "wastebasket" -othing gets seen, it just gets deleted upon arrival. Other addresses to report to are: abuse@, support@, root@, admin@, comments@, webmaster@, accounts@. Please be aware that many of these addresses are often routed to internal mailing lists where all the appropriate parties see the letter. So if you send to all of them, each person may get 4 or 5 copies of your letter, which is not a way to engender good will towards your purpose.
- DO learn how to decipher headers if you are going to report these articles on a regular basis - your complaints are much more effective if they go to the right place. There are few things more embarassing than sending a nasty-gram to the wrong ISP, and getting a reply back to the effect of "perhaps you should check your facts before complaining again."
Some of the tools to help you do this are listed here. - DO be aware that some spammers may have their own domain names and these letters will go directly to them, so that all you get from these responses are snickers, laughs, and guffaws. If you get no response, dig into the header and go to that ISP's provider. This is not the case with most MMF's (i.e., they don't have their own domain name), but with general spam and email spam it does happen a lot. When you find one of these "rogue sites," be prepared to receive mailbombing and other retaliation in some cases for their beliefs that they should be able to do anything they wish. Just a warning... if you are going to fight back, these rogues can get nasty. Be prepared to tell your sysadmin what you are doing so that any flood of mail can be disposed of. They can help by teaching you how to use procmail, which will pre-filter (and can totally dump) pre-set mail criteria as it comes in.
- DO always, always, always be polite in your letter. Remember the old saying, "A teaspoon of honey attracts more flies than an ounce of gall." Many sysadmins are overworked as it is, and when one of their users spams a MMF scheme, they usually receive hundreds of letters about it. One response I got back said that they had received 3,000 letters and they were still coming. Your politeness may be a bright spot in an otherwise bleak day. You are welcome to copy and use the same MMF Response Template that I use.
- Due to prevalent forgeries and path header editing - DO always include FULL headers in any forwarded copy of email or news articles - otherwise, no tracing can occur. Many admins will help trace it even if it didn't originate with them simply because of the aggravation of getting so much mail about these from people who thouught it did originate there. Forgeries are taken very seriously by a lot of sysadmins, because they reflect on their ISP for those who know no better. Your news reading or email program should have an option to show full headers, you can then copy the article with the headers intact. If you don't include full headers, then don't bother to complain to the ISP - it will do no good.
- IF you the abuse continues more than a couple of days report it to news.admin.net-abuse.usenet.
- IF you DO choose to report the abusers to the appropriate authorities in the United States, you can find the address of the local Postal Inspector for their address by going to the US Postal Inspector's Service Page (I also have it mirrored here), or to the Postal Inspector finder page - it lets you find the closest inspector from their zip code. Then make a paper copy of the article (include ALL headers), mail it to the inspector with the notation on the outside of the envelope: "I received this and believe it may be illegal." It is my understanding you don't even have to put a stamp on it if it is addressed tothe Postal Inspector, but you may want to verify that yourself.
Some Don'ts
- Don't lie and evade your responsibility and blame it on someone else. Admins have heard the "It was my brother / sister / cousin / friend / girlfirend / boyfriend / mother / father / son / daughter / nephew /niece /a burglar who got ahold of my password and did it - I had nothing to do with it!" far too many times for it to be believed - even if it happend to be, in the wildest possible fluke of fate, true. If you tell them something along these lines, they will automaticaly assume you are lying, whether they tell you so or not - and everything you say in the future will always be suspect with them.
- Don't bury your head in the sand, so to speak, and hope that it will not be noticed or will go away. It's a rare (very, very rare) MMF that isn't reported by someone. If you wait for trouble to come looking for you, it will always be worse than if you go looking to solve the problem before it becomes a problem.
- DON'T post apologies back to the same groups!, You'll just be spamming again. Some administrators recommend you do this. Resist it, and explain to them why - that posting ANYTHING that many times is spamming, and will be sure to generate more complaints about them to the administrator.
Some Do's
- DO attempt to delete the articles you posted. Almost every newsreader allows you to delete your own articles. Go back to the same newsgroups you posted your articles to, choose your article, and select "cancel" or whatever the option is in your newsreader. You can only cancel your own articles this way -you cannot cancel articles posted by others.
- DO return any money you might (by stroke of lightning) receive. Return it to the sender with a note that you have found the scheme to be illegal and you are returning the money, and suggest that they do the same.
- DO go straight to your ISP and tell them exactly what you have done. Apologize, tell them that you have learned your lesson, and hope that they will forgive you. Also try to provide them with a list of the newsgroups that you posted your articles to, so that they can find and delete them if you haven't already. Tell them of the articles you have deleted yourself. Tell them that you have or are going to return any and all money you might receive.
All comments within these pages are expressed as personal opinions only.
© 1997 Ken Lucke - all rights reserved
