Yahoo waking up?

From time to time, I do a little dance with Yahoo!. Some particularly egregious spammer using a 'yahoo.com' mail address to service their spam operation will annoy me to the point that I fire up a spam report and send it off to Yahoo!'s abuse account, with a note to say "This unsolicited message advertises a reply address at 'yahoo.com'.". A few days later, I will get a boilerplate message back that says "We have determined that this was not sent from Yahoo! Mail ..." and follows it up with advice on how to identify the 'real' sender's ISP.

The problem here is that what I'm trying to report is a dropbox address in the message body: the spammer has been asking people to answer them at a Yahoo! account that he's set up for the purpose, and I want that account closed. Yahoo!'s abuse tools are apparently looking just at the message headers, seeing that the message was sent through the usual zombie PC and firing back the "Not our problem. Look elsewhere." message.

If I feel really strongly, I'll reply to their auto-reply, and their poor beleaguered abuse-desk peon will read my message and do something about it. This is good, but by now eight days have gone by and the spammer has pretty much got all the mileage he wanted from that account.

I've been sending quite a few reports to Yahoo! lately, because this 'fake-check' scammer, apparently having had all his domains nuked, has shifted to sending spams that advertise only an email reply address. Currently, 'yahoo.com' seems to be his home of choice. While I've pretty much given up sending abuse reports, scammers of this kind are really among the lowest forms of human life and I will gladly screw up their little game if I can. If my abuse report gets their dropbox closed before someone falls into their trap, it was worth sending it.

Yesterday, when I got another "Not our problem. Look elsewhere." boilerplate from Yahoo!, I sent off a rather histrionic message begging them to improve their procedures. This morning, I started getting new auto-responses from Yahoo!. These ones said "... we have taken appropriate action ...".

I don't think this was a response to my message, because it's too soon. I think Yahoo! have identified the problem themselves and changed the way they handle abuse reports. If that's really the case, then I'd like to congratulate them, because it's a definite step in the right direction.

What I'd really like to do is to cut down the time-to-live of the spammer accounts. I've been thinking about writing tools that would scan my incoming spam-stream and pick out addresses from obvious spams of a certain type, such as 'fake check' come-ons and 419's, then make the results available as an RSS feed. I could do the same thing for all the comment spam that I trap. Any abuse desk that was interested could subscribe to the feed for their particular domain and get close to real-time notification of abuse.

Obviously, they'd need to satisfy themselves that my monitoring was accurate and trustworthy. It would also only be of interest to organizations that don't already have their own, better proactive monitoring systems. But the offer is there. If you're running a webmail or a bloghosting service and you'd like to add an extra tool to your early warning system, mail me and let me know what your needs are. If I get enough interest, I'll look into building something.

Posted by spamnation on October 29, 2006 09:42 AM |

Tags: , , , , , , ,

« A new low | Main | Bad ideas in spam #1 »

weblognewsstocksstatstoolsnoteslinksmisc