Many people have requested information from us about how to deal with unsolicited e-mails, or spam, advertising pornographic web sites. Morality in Media, another organization working to protect families from pornography, gives the following advice on how to deal with this problem:
If you've been "spammed" by someone you don't know, do not reply to the sender or follow any "removal instructions" which might be included.
Why? Because if you "unsubscribe," you're telling the pornster that your e-mail address is working, and they then turn around and sell your address to other spamsters.
If you receive porn spam, complain to your United States Attorney. Don't accuse anyone of a crime; just ask your U.S. Attorney's office to investigate the porn spam as a possible violation of the Federal Obscenity Laws that prohibit the use of computers to transmit obscene material (18 USC 1462 and 1465).
Complain to your Internet Service Provider (ISP).
Complain to the sender's ISP. Most ISP administrators are responsible and don't want their machines used for spamming. Most ISPs have policies prohibiting spamming through their accounts. Once they are notified that a user has been abusing their account, many ISPs will shut down the offender.
So how do you find out whom to contact? In the body of the spam message, there are almost always instructions for how the sender wants you to respond to the message. Often they will want you to visit a web site or send mail to an email address. This address will almost always be bogus. Look for the "domain name" in the bogus address. This is the part after the @ sign of an email address or the last part of the server name in a URL (Internet address, "Uniform Resource Locator"). For example, in the URL of http://www.bogus.com/somepage.html, the domain is simply "bogus.com."
If the links in the porn spam message are just a line of numbers, you can translate them into a "normal" IP address. The anti-spam people at Abuse.net have a translator for that. You then need to track down the adminstrator of that domain. How? If the domain is in the ".com," ".org," ".net," or ".edu" domains, you can find the administrative contact through InterNIC, which is the official registrant of names in those top-level domains (TLDs). You can go directly to the Web site for the InterNIC Directory and look up the administrative contact there.
Once you've tracked down the administrator through the InterNIC Directory, simply email the entire message to the person listed as the administrative contact. Explain that you've been "spammed." The administrator may have further requirements, but this is the person or group you want to be in contact with.
An "entire message" means one with complete "headers." How do you get the "headers?" They are typically hidden in e-mail messages, but your e-mail software can be switched to "view full headers." The procedure differs in different e-mail programs. In Microsoft Outlook, for example, you open or highlight a message, pull down the "File" menu, go down to "Properties," then click the tab that says "Internet." The people at SpamCop.net have some instructions on how to find the "headers" on about 20 different e-mail programs, including Eudora, Hotmail, Yahoo! Mail, WebTV, and others.
If there's more than one domain name in the "headers," to find the original source of the message, you'll have to look back to see which was the first e-mail (SMTP -- Simple Mail Transfer Protocol) server to receive the message on its journey. There should be a time reference on it -- in the example here the third line from the top refers to Monday, April 3rd, 2000 at 16:45 hours (4:45 p.m. local time). Send the headers, along with the main text of the spam message, to the adminstrators to whom you're complaining.
A frequently asked question: "How did they get my e-mail address?"
Newsweek reporter Jennifer Tanaka put it this way in her article Crammed with Spam, in the April 10, 2000 issue:
"A typical strategy is to write a program that harvests valid e-mail addresses from public forums like newsgroups and member directories of ISPs, such as America Online's massive one. These directories are open because, like the telephone white pages, they're intended to let you find e-mail addresses of long-lost friends and family. "Another common tactic is what's known as a dictionary attack, in which a spammer creates possible addresses using every name in the book, in myriad permutations: JoeA@hotmail.com, JoeB and so forth.
"Spammers then mail out e-mail pitches 'buy viagra online! get rich quick!' in huge batches; it costs no more to send thousands of messages than to send one."
Some outside resources on spamming:
Visit the Federal Trade Commission's web site at http://www.ftc.gov/spam/ to learn more on reporting spam.
Another good explanation of how to complain about spam, from the people at Abuse.net. The Abuse.net home page has a good links to other anti-spam resources. Another excellent Abuse.net resource: they can decode single-number network addresses. Frequently, the porn spam links are just a line of numbers. The Abuse.net converter will translate that group into a normal "dotted quad" (i.e., 11.22.33.44) IP address. You can use that IP address to track down the spammer.
