VinceChan.net

BlueSecurity is an innovative way to give spammers a taste of their own medicine. I joined the network in hopes of reducing my spam one day. Many people have been critical about the idea; indicting BlueSecurity’s tactics as vigilante actions that border the edge of ethical practices. However, after reading a thorough intelligent evaluation of BlueSecurity, I was more convinced than ever that the movement will work.

BlueSecurity’s sevice can be summed up in three stages:

• creating a Do-Not-Email list through member participation
• finding and giving initial warning to spamming offenders that have spammed members
• sending one complaint for every subsequent re-offence (in my opinion, a fair response for a re-offence)

BlueSecurity is also making progress. They documented on their blog whenever a major spamming network that have agreed to comply with the Do-Not-Email list. However, other spammers are not as quick to admit defeat, or respect our wishes to be emailed. I received several emails today threatening to take agressive action against BlueSecurity. BlueSecurity identified that one major spammer was taking on a vendetta to discourage the anti-spam community. Here’s the email I received:

Hey,

You are recieving this email because you are a member of BlueSecurity (http://www.bluesecurity.com).

You signed up because you were expecting to recieve a lesser amount of spam, unfortunately, due to the tactics used by BlueSecurity, you will end up recieving this message, or other nonsensical spams 20-40 times more than you would normally.

How do you make it stop?

Simple, in 48 hours, and every 48 hours thereafter, we will run our current list of BlueSecurity subscribers through BlueSecurity’s database, if you arent there.. you wont get this again.

We have devised a method to retrieve your address from their database, so by signing up and remaining a BlueSecurity user not only are you opening yourself up for this, you are also potentially verifying your email address through them to even more spammers, and will end up getting up even more spam as an end-result.

By signing up for bluesecurity, you are doing the exact opposite of what you want, so delete your account, and you will stop recieving this.

Why are we doing this?

Its simple, we dont want to, but BlueSecurity is forcing us. We would much rather not waste our resources and send you these useless mails.

It is hard not to sense the desperation in this spammer’s response.

BlueSecurity is hoping to do more than just deter spammers by letting them know that we won’t read their emails. In addition, Blue Security reports stock and securities-related junk E-mails to the Securities Exchange Commission (SEC) and also reports sites that sell counterfeit software to the Business Software Alliance (BSA).

As of this writing, BlueSecurity.com is unaccessible. I guess this particular spammer is launching massive denial-of-service attacks on the site. I should also disclose that I have not seen a significant decrease to my spam level yet. Nobody said that this would be an easy war, but I hope more people can see through the short-term pain for the long-term gain.

Update: Just discovered that this incident was SlashDotted! Woot! Looks like I blogged the story before SlashDot!

More Update: BlueSecurity.com is back up and details the exploits of one desperate spammer’s (PharmaMaster) attempts to discourage the community.