Last updated on 2005-02-10 at 22:03 GMT
It's wonderful when a spam report actually gets something done. Some sites are very good about letting people who report spam know what's happened, others just say "we're taking action" and some just give an acknowledgement and nothing else. Here are some of the good replies I've had:
A recent one from the 'hostmaster' of iserver.com:
Thank you for informing us about this. Sending unsolicited e-mail or
making inappropriate commercial newsgroup posts from our web servers is
strictly forbidden. It is also forbidden to promote web sites hosted on
our servers in such mailings or postings. You may see our acceptable use
policy here:
http://www.iserver.com/aboutus/policies/server.html
<site_address> has been disabled. Please let us know
should you have any comments or questions.
Nice one from FlashNet's abuse tracking system:
Issue FAB964162146242 was received on Fri Jul 21 01:49:06 2000.
The status is listed as:
The account responsible for this abuse has been cancelled. Additionally,
in accordance with our Acceptable Use Guidelines, the owner of the account
has been fined.
An email response was sent regarding this issue.
(The email response didn't mention the bit about the fine...)
I had never heard of SPAN, a Swiss company, and it's their bad luck that the first time I encountered them because of UCE. However, the message I had in reply made up for that:
Dear Sir,
This e-mail originated from one of our accounts who did not respect our
policies.
The account has been terminated immediately.
Please let us know if you get further e-mails of the same source.
Thank you for mentioning this abuse to us,
name
Here's one from ibm.net which is rather satisfying (they do, it seems, believe in following up acknowledgments with updates):
Thank you for taking the time to inform of us of this situation.
The Internet Service account involved has been canceled.
InReach Internet responded to me:
We have canceled the users account per our AUP. We apologize for any
inconvenience they may have caused you.
Cityline.ru responded with the following message (following an earlier one which said the user had been warned). A little drastic, maybe, but a luser who keeps posting the same spam after being warned is fair game...
The user has been terminated.
Please let us know if there are any further problems.
Thank you for your report. The incident has now been dealt with. Also,
we apologise for the abuse that has originated from a customer of Demon
Internet.
The following was from Proxy Communications in Ontario, Canada, and wasn't a 'form letter', it included the IP address of the offending web site (the email didn't originate from them). A lot better than most.
The administrator of this site has been informed of our policies
regarding unsolicited commercial e-mail and pornography, and told
that if the site is not shut down voluntarily, we will disable access
to this IP address, at the router, at the end of business .
They added "We've been
an ISP since 1984. Sometimes we really miss the old days when no one even
knew what spam was."
I agree completely...
This is to notify you that PSINet has taken action on the complaint you
have sent to our Net Abuse Team.
We do view the conduct that generated your complaint as prohibited, and we
are taking the necessary steps to make certain that the account or network
understand the prohibition and act accordingly.
Not actually saying that they've chucked the guy off, but on other
occasions they have said that the account has been removed. There's a
subtle difference there...
This one does make it clear that the account was terminated, not the user. Better luck next time?
The spammer's account has been terminated. Spamming is not permitted
under Easynet's Terms and Conditions of service.
Thank you for your reports regarding spam with the subject line "Are You
going to call Her?" originating from Ameritech.net IP addresses. The
responsible account has been disabled and all information regarding this
incident has been forwarded to our Customer Service Director for further
action.
(They sent it out to everyone who reported the spam; unfortunately they
left all the addresses in the headers! Oh well, at least we know other
people reported it...)
This one from Netcom Canada. Those who use Windoze and think it's secure by default deserve all they get...
Thanks for your report regarding unsolicited email spam from one of our
users. We've investigated this matter, and found it to have originated
from a series of fraudulent logins from a legitimate user account on our
system. Apparently, this is the result of our users' being infected with
either the BackOffice or NetBus Trojans, which gave the intruder access to
this person's name and password.
I have instructed our user how to remove the Trojan and the account's
password has been changed, so this problem should no longer be occurring
from this user's Internet account.
I like this response (the '[former] customer' is a nice touch). It is a standard letter but the .sig indicates that a real person has dealt with the problem rather than just a bulk reply.
The sending of unsolicited bulk email is a violation of Southwestern
Bell Internet's Acceptable Use Policy, which may be found at the
following URL:
http://dialup.swbell.net/legal/use.html
You will be happy to know that I have closed the account which was
responsible for the message you received. In addition, we have added his
account information to our registration database so that he will be unable
to create another account at Southwestern Bell Internet.
On behalf of Southwestern Bell Internet, I apologize for any
inconvenience caused by our [former] customer. Although it is
impossible to eliminate unsolicited bulk email entirely (alas), I shall
do everything possible to minimize the junk coming from our domain.
BTInternet have been quite responsive as well, I don't have messages on file, but the spam came through one of the companies to whom they supply connectivity, last I heard they were taking action to stop that company acting as an open relay; since I haven't had any more spam through that site I assume they have done so.
Now, unfortunately, for some who don't seem to do much. The most frequent spamming ISP seems to be uu.net, they respond with a standard (and long) acknowledgement and no followup (they do issue a ticket number), and there seem to be plenty more spammers posting from there. Incidentally, their German branch uunet.de are much better, I had a reply from them (the only spam I got via them) which was much more helpful. Anything from the Far East or other obscure country domains (like Spain) you might as well not bother, they either never reply or they say "It's not our problem". AOL give form replies as well, if they even bother.
This site is mirrored at http://www.keristor.co.uk/, http://www.keristor.net/, http://www.firedrake.org/keris/ and can also be accessed by ftp at ftp://ftp.firedrake.org/keris
If you have comments or want to contact me, my preferred email address for Internet mail is chris AT keris DOT net. Note that it is filtered through SpamCop, spam will be reported.