Spamvertized - General

Young Democrats in Action strike again...

nospam@example.com (Richard Welty) — Sat, 02 Sep 2006 08:54:35 -0400

I don't know what you think, but the YDA, previously seen in action here, resurface with something that looks very much like a more conventional spam Here.
In fact, it looked so conventionally spammish that at first I assumed that they had an open relay or a hacked host, but apparently they've decided that acting more and more like spammers will somehow advance their cause. Sigh.

Lieberman and spam, 2006

nospam@example.com (Richard Welty) — Thu, 10 Aug 2006 09:35:37 -0400

Not quite the same thing as the 2004 incident; in fact, this is only tangentially related to the true purpose of the site, but it involves both spam and politics, so I'll post on it.
First, read this article on TPM Muckracker; for the record, I find Hubbell's explanations to be reasonably believeable. In otherwords, on the surface, Lieberman's site went down because in a remarkable coincidence, spammers found a vulnerability and overloaded it on the eve of the election.

Continue reading "Lieberman and spam, 2006"

Where your email address goes...

nospam@example.com (Richard Welty) — Thu, 10 Aug 2006 07:18:04 -0400

Back when I restarted Spamvertized, in this early post, I mentioned the need to check terms and conditions when you leave your email address at a site (political or otherwise.) At the time, I had in mind campaigns that passed around email lists to other, like minded political organizations.
I had no idea that a campaign could get so messed up as to sell email addresses to garden variety spammers, but then, we've never seen anything quite like the Katherine Harris campaign before.

Join 100 Fellow Young Democrats ...

nospam@example.com (Richard Welty) — Fri, 21 Jul 2006 19:36:26 -0400

Things have been pretty boring on the political spam front lately, but Democracy In Action fixed that.

Lieberman 2004 Spam?

nospam@example.com (Richard Welty) — Tue, 27 Jun 2006 11:29:39 -0400

We know that Lieberman launched his 2004 presidential campaign with a spam run. However, I never got a copy of the actual spam. I know that was 2 years ago, but if anyone by some mischance saved it, I'd like to get a sample.

Will there be a political spam flood?

nospam@example.com (Richard Welty) — Mon, 12 Jun 2006 23:20:09 -0400

I referred to the WP article in this earlier blog entry. There's a throwaway reference to the same WP article in a DailyKos open thread here (look about halfway down for the crack about Carol Darr). I think markos has never operated an internet mail server and has no idea what is really going on out there. I have operated them and continue to operate them, and I read the log files every day. Does this mean I think we should panic now? Probably not. The WP writer may be Chicken Little. Nonetheless, I am concerned and paying attention, and if it gets bad, hopefully I'll be able to provide the full details here.

Epending

nospam@example.com (Richard Welty) — Mon, 12 Jun 2006 14:33:46 -0400

The generic "you are a registered voter and we want to spam you" items (Here and here) are interesting in that they are almost certainly examples of epending. So far as I know, I never gave my email address to the Rensselaer County voter registration folks, and I'm pretty sure the recipient of the Richman for Treasurer item didn't either.
So where did they get these addresses? Why, they epended! What is epending? It's the somewhat widespread practice of mining the web trying to match up email addresses with individuals. It's hideously unreliable and generally discredited amongst competent email professionals, and highly regarded by a subset of marketing wonks.
You can guess what I think of political campaigns who hire epending firms.

Open Thread

nospam@example.com (Richard Welty) — Mon, 12 Jun 2006 12:58:58 -0400

Do you have anything to say about political spam?

Political spam flood?

nospam@example.com (Richard Welty) — Sun, 11 Jun 2006 10:13:02 -0400

The Washington Post seems to think so. This would be a (ab)use of the protections that the FCC extended to bloggers earlier this year. 'Twill be interesting to see how this shakes out. I may need to find some volunteers to help with the workload on this site (or else put up some google ads and hope they make enough to let me quit my day job.)

Unconfirmed Addresses & How do you tell if it's really spam?

nospam@example.com (Richard Welty) — Tue, 06 Jun 2006 19:38:34 -0400

That latter is the $64,000 question. Let's suppose that spam is unsolicited & bulk as our basic premise. Then suppose that some internet user, call him George, receives an unsolicited email. How is George to tell if there is any bulkiness to the message? A bit of a challenge, eh?
The complexity of the problem increases when you consider some of the common practices of political campaigns in handling email addresses. The executive summary is that some campaigns take email addresses where ever they can get them, even on scraps of paper handed in at meetings, rallies, and campaign stops. They then presume that the email addresses are all good, and do not require verification or confirmation of any sort. There are two problems here: mistakes in transcribing legit email addresses, which potentially produces a valid email address for someone who didn't ask for the email, and even worse, suppose a dirty trickster decided to pass in lots of "bad" email addresses for some value of "bad".
The Dean Campaign suffered from this problem in 2004, a problem which was compounded by the fact that they didn't have a functional way to unsubscribe. Details may be found here.
So now you have a direct email run which is quite large (that is, bulk), and includes many people who want the email and some, perhaps many, people who don't want it. Spam or not?
When I talk about poor email practices that flirt with the edges of spam, this is exactly the sort of thing I'm talking about.

2004 Dean Joe-Job

nospam@example.com (Richard Welty) — Tue, 06 Jun 2006 18:59:46 -0400

Here is what I have from the 2004 Dean Joe-Job festivity. There is some extensive documentation and analysis interspersed with the samples of Joe-Job spam. The executive summary is that the Joe Job occurred roughly contemporaneously with the Dean Campaign firing an outsourced email provider. Revenge? You be the judge.
Updated
I just noticed that the 2 year old Spamhaus lookups relating to the Dean Joe-Job are defunct, and Hardigree/Bernal are not in the register there anymore. I am querying the folks at Spamhaus to see if they have any way to retrieve historical data. Stay tuned...

Joe Job Oops + Archive Oops...

nospam@example.com (Richard Welty) — Tue, 06 Jun 2006 15:24:48 -0400

It turns out that when I said here that I'd never seen any good examples of a politcal joe job, I was mistaken. It turns out that I have documentation of a Joe Job targeted at the Dean campaign in 2004. Unfortunately when I went to research it for this posting, I found that I'd broken the archive of the 2004 version of this site when I installed serendipity.
I'm going to try and fix the archives up tonight or tomorrow night, at which point I'll provide links to the documentation on the Dean Joe Job. I also have another "we reserve the right to spam registered voters" spam similar to this one coming from Dave Lugo, and a very local but still political spam from Tory Blue. Tory's will go up tonight for sure, and Dave's as soon as he provides me with a suitable copy -- but he's traveling and it may be a day or two.

non-partisan

nospam@example.com (Richard Welty) — Tue, 06 Jun 2006 09:17:48 -0400

It shouldn't need to be said, but just to make sure it's understood - this site tries to be non-partisan. We have examples of spam from both ends of the political spectrum already, and I will document political spam regardless of whether I agree or disagree with the agenda contained therein.

Alliance For Marriage update

nospam@example.com (Richard Welty) — Mon, 05 Jun 2006 18:47:05 -0400

Dan has provided me with full headers for the first and second alliance for marriage spams.
In further news, I am hearing from reliable sorces that the smartmailer folks did a lot of spamming for Bush-Cheney back in 2004, and are blocked by some major providers for that reason. I am hoping to get some concrete, publishable statements on the subject; more as I have it.

On Being Joe'd

nospam@example.com (Richard Welty) — Mon, 05 Jun 2006 12:49:05 -0400

While I take submissions of political spam (it's what the site is about after all), I do vet submissions as best as I can. I do this for a couple of reasons. A key one is that political campaigns are by their nature vulnerable to a type of dirty trick called a Joe Job. In a political joe job, the dirty trickster simply forges large quanitities of email purporting to be from their target, in order to try and get said target in trouble. I've yet to see any really good examples of a politcal joe job, but I fear that we will eventually. Email is easy to forge, spammers do it all the time, and if the dirty trickster has a suitable zombie army sending the spam from compromised home computers, s/he can obscure the real origin fairly well, at least for a time.
And this gets back to my preference for having full headers; they give me some of the information I like to have when vetting submissions.