Thoughts on the Death of Premier Services and the Persistance of Spam

(Originally posted to the NANOG mailing list)

So, now that we're mostly all done chortling at Rodona Garst and Premier Services' misfortune, I think it's time we did a bit of sober reflection on the data this has provided us.

Let's be very clear on this: we will almost certainly never have this kind of look into the spamiverse again. Up until now, spammers have been relatively unconcerned with network security. Expect them to get a clue, and fast. For better or worse, it doesn't take a brain surgeon to throw together a solid home firewall these days.

So. What have we learned? Let's start with the ugliest bits. Wait, nevermind, they're all ugly.

  1. Spamming is profitable for the spammers.

    Rodona was not exactly living high on the hog, but she was apparently more than able to support herself and a handful of friends in reasonable style by doing nothing but spamming full-time.

    The economics of this are as brutally inevitable as that of drug dealing: if spamming can bring in an income of even $30,000 a year, that makes it a very attractive choice of profession for almost anybody in this country not living in a major coastal city and not already working in the tech industry or a field with similarly inflated salaries. And as long as the chance of being put in jail are minimal, people will choose it.

  2. Spamming is profitable for spammers' clients.

    Premier Services had repeat customers. People willing to regularly send FedEx envelopes with $5000 checks in them. As recently as a month ago, people on this list were still openly wondering if any spam ever got more than a fractional- percentage positive response. We can, I think, now consider that question answered. (Or we can assume that even a 0.01% positive response still brings in enough money to make it all worthwhile -- an even scarier proposition in my mind.)

  3. Spamming is profitible for ISPs.

    There's not much getting around this one: as much as awareness of spam as a problem has penetrated the technical and occasionally executive side of the ISP market, the sales side is still happy to earn their commissions by selling connectivity contracts which they know damn well will be cancelled in three to six months.

    It would, I suspect, be educational to have a "strike team" audit the rolodexes of the small business sales departement at, say, UUNet, and see how many of Rodona's business cards get turned out. But it would just confirm what we are now certain of anyways: we are being betrayed by our own sales organizations.

  4. Civil suits are not helping.

    We are now at t+2, maybe three years since AOL's lawsuits against Sanford Wallace and his comtemporaries. The spammers know full well that if they spam AOL and scrape AOL addresses, they will eventually get sued. They gripe and moan, but when it comes down to it, they do it anyways.

    And by the looks of it, they're even AOL customers themselves. It's ironic, but we're laughing ourselves sick.

  5. Criminal charges may not be helping either.

    The pump-and-dump penny stock scams and Ponzi schemes that Premier Services was pimping alongside their usual porn and vitamin ads were about as flat-out illegal as you can get, and were the equivilant of waving a red "arrest me!" flag around in front of a police station.

    Guess what? None of them are even slightly concerned: Rodona or her clients. The SEC and the USPS are simply overwhelmed by the volume of this crap, and cannot even pretend to have the resources to prosecute even blatant cases of fraud like this. And local law enforcement simply does not care.

  6. Spammers know more about us than we know about them.

    After due consideration, I'm no longer quite so amused that almost every online identity I have ever used made it onto their "ANTI" list, including throw-away accounts I only ever used for a month.

    This may be an inevitable handicap brought on by the fact that they are marginal low-lifes and we are not, but it's a handicap nonetheless. How many of you even knew Rodona Garst's name before this broke? It's kinda difficult to serve legal papers to a phantasm.

  7. Block lists aren't even line noise to spammers.

    Did you see any mention of the RBL in those two years of ICQ logs? There was one:

    Neil 3/20/00 4:46 PM Mister Jazz (ICQ#50954462) Wrote:
    Neil, stop all mailings to zantana.  it is
    rbl'ed and wont be up for  awhile.  I'll send
    out the final checks asap.  Jim
    

    That was it. ORBS? RSS? IMRSS? DUL? Not even on the radar. Yawn, please pass the spam.

I'm sure there's more, but at this point it's getting too depressing to continue.

Draw your own conclusions. Me, I'm considering just shutting off smtp and going back to smoke signals.