[EDIT: IMPORTANT UPDATE BELOW]

Just received an obvious Spam; it was directed to an email address used solely for domain name management (i.e. it was plucked out of a domain 'whois' output).

That was the first sign of trouble. Plenty more...

Next we have a firm offering a special on aerial photography of NZ. I should be grateful they got my country right, I suppose?
Then you keep reading.

Embedded links point to a .co.nz (aerialimpressions.co.nz) - it appears to have valid, if limited, registration details (registrant = Aerial Impressions, address in Australia (City, no state given, though it appears it's in Victoria).

A look on the Australian ABN Lookup tool for 'Aerial Impressions' reveals that it is a Trading Name for a company actually known as DGB Technologies Pty Ltd.

IMPORTANT UPDATE ON THIS BLOG ENTRY!
When I used Google to search for "DGB TECHNOLOGIES PTY LTD" (copy/pasted from the ABR Site), they 'automagically' provided me with DBG Technologies - note the B and G are transposed! - as the first hit, along with several more. I didn't notice this until I was contacted by a helpful reader - and by one of the directors of DBG, seeking to clarify!!

I apologise profusely to DBG - the legitimate, South Australia Registered firm who appear to be unrelated to DGB.

Just for entertainment, feel free to compare their entries in the ABR:

DGB Technologies (Trading as Aerial Impressions)

and

Warning: Once your incorporate a company and provide your details to the Companies Registry, you're doomed to receive unsolicited junk mail on a periodic basis.

I won't go into the electronic kind; the Companies office don't require you to provide electronic contact means (though when the forms are submitted, contact numbers are provided...) What i'm talking about here is plain old unsolicited postal junk.

Today we received a windowed envelope with our street address (per the companies office) in the window. Above that was no name; instead it was addressed to 'Dear Lover of Fine Wines'.

Enclosed was a self-addressed envelope (with 'Affix Stamp Here'; obviously they're not interested in supplying postage!), a glossy brochure advertising the firm 'Pieroth Wines (NZ) Limited' with an address at North Harbour Industrial Estate (Auckland); and a 'Consumer Survey' which then asks 'Are your name and address printed correctly?' Please check, so you are sure to receive your Thank-you-gift and the free 6 bottle International Wine Sampling without any delay.' To the rightare three boxes with contact detail options and a title 'Details of Interested Friends!'

On the reverse is the survey, which starts with 'Your support is very important. With the help of your answers we may better adapt to the friends of Premium Wines and improve our services in future'. Goes on to ask questions for demographics and a bunch of wine preferences. It then asks for contact phone numbers (home and work) in order to arrange for the free gift and 6 bottle wine tasting.'

What's the bet that the free gift isn't 6 bottles of wine!

This is the 'please forward this to all your friends!' of the 20th century.

It's funny, when you keep a relatively close eye on the places your details are filed, and on your buying habits, you can get a good idea for all the dirty, dirty tactics out there.

Noted a couple of simultaneous subscriptions to NZLUG mailing lists this morning from different addresses @zeusmail.org - this immediately looked suspicious, and a Google confirms my fears.

A warning for those others dealing with mailing lists, forums and such; that's one domain with a baaaad rep.

Those of you who used (or registered) for Ferrit, beware....

This morning my wife received a spam email with ominous overtones; the destination address concerned was only ever used on ferrit.co.nz.

The bonus with using role-driven email addresses is that you have instant ID on where an address was sourced from. Thus the email concerned could only have come from one place; Ferrit's Database of customers; or someone associated with Ferrit.

My wife did infact purchase things through Ferrit. Twice. One has to ask though, how do someones personal details wind up being used for spam purposes?!

Telecom NZ - Over to you! Meanwhile I guess we have to engineer yet another spam-black-hole on an email address that's now a write-off :(

This is what I posted to NZNOG a little while ago...

Was recently asked by a colleague about the current spam situation at a generic level - and more specifically 'what can be done about it'.

I proceeded to send him what could've almost be called a Tirade - Of exactly what'll need to happen before spam will be a thing of the past. Not sure i'll go there just yet...

In an unrelated tack, a recent discussion on NZLUG cited some problems an individual was having sending emails to Hotmail.com, as they were apparently requiring SPF records of domains sending them mail - and were deferring through to failure, inbound mail that didn't have it.

I checked - they're not. (I don't currently publish SPF, yet I can send to them fine.). But I threw some terms into Google and found a gem of a link - http://www.richi.co.uk.

http://richi.co.uk/blog/2005/06/yet-more-on-hotmails-move.html

Which References http://www.computerworld.com/blogs/node/440

http://richi.co.uk/blog/2005/06/hopefully-last-on-this-subject_24.html

http://richi.co.uk/blog/2005/05/why-challengeresponse-is-bad.html

I consider all of the above to be useful reads.
I also have to confess I do agree with much of the following - anyone looking to implement spam filtering needs to bear the below in mind...

http://www.nzherald.co.nz/index.cfm?c_id=5&ObjectID=10338111 includes:

The Government aims to free email inboxes from unwanted spam messages with the tabling in Parliament of a bill that would make it illegal to send them.

The legislation, which has long been in the works, will allow fines of up to $500,000 for organisations sending out unsolicited email messages in bulk and up to $200,000 for individuals.

As only 10 per cent of spam is generated locally, the bill will look to build a framework for co-operation with overseas authorities to shut down spammers operating abroad.

Internet users will complain in the first instance to their internet provider about spam email, and the Department of Internal Affairs will act as an internet watchdog if the matter is taken further.

Key points?

• This is NZ Legislation and only applys to Local spammers - about 10% of the source.
  
• Punishments are fines - not jail terms. Good or not?
  
• Internet users will complain to their internet provider about spam, with the DIA watching carefully.
  

Now.. having been the ISP rep responsible for spam reports more than a couple of times in the last 5 years - this is crap. Either the reporter has it wrong, or whoevers dealing with it is on the wrong end of the stick...

What theyre saying, is that if i'm a customer of ISP X and receive a spam message (that was sent by or via ISP Y) - that ISP X has to take my complaint.

Spam investigation rule 1 - the SOURCE provider is the only one that can identify who a spammer is.
Its their network. They can resolve an IP address assigned out of a dynamic pool that their customers share back to an individual internet access account, when this is put together with the time involved.

We've spent years educating people on the concept of whois, abuse@ - and theyre undoing all of this.
What it means is that Xtra - NZ's largest ISP with >500,000 customers - is going to have to have enough staff on hand to deal with abuse complaints from all its customers - as well as those that come in ABOUT its customers?