Vendors spamming NANOG attendees

It seems that more than just a few of us were spammed by Glenn Stern (gstern@calient.net), an employee of Calient following NANOG 70.

The spammer had the balls to say, in his email:

We do not know each other. I'm leveraging the attendee list for NANOG to reach out and raise awareness of the value of OCS (Optical Circuit Switching) in the data center and in particular, the Carrier Neutral Hotel where we've been active with next generation MeetMeRoom discussions.

He does not show as an attendee at NANOG, but another executive, David Altstaetter, daltstaetter@calient.net did register, and may have even shown up. Hopefully those of you who have traditional community attitudes will show your reaction via your pocketbooks.

Maybe its time for the NANOG board and staff to step in, and develop some teeth to use in cases like these? Unless the majority of you members are cool with unfettered spamming of member and attendee lists. In which case, have at it!

Rodney

Rodney,

What do you suggest? Shoot them at Dawn?

The standard warning and education has always been adequate in the past. We don't have a runaway spamming problem on the list.

-mel beckman

Rodney,

What do you suggest? Shoot them at Dawn?

The standard warning and education has always been adequate in the past. We don't have a runaway spamming problem on the list.

What standard warning and education?

We have filters to stop spam making it to the list.

But there is definitely a spamming problem of sorts amongst vendors, to subscriber addresses.

I see something every couple of months that I can track back to NANOG, or ARIN.

What I *know* is that if you open the door, and ignore it with vendors on NANOG, the list members will end up having a problem. If you want to know why I consider myself an expert, feel free to ask me offline about what the attitude that those of us who ran "the backbone" in 1994 had - and how that worked out.

On the other hand, as a senior citizen, at the end of my tech days, with enable grudgingly given up, I guess I could turn away and say "not my problem, really".

YMMV.

Rodney,

You said "I see something every couple of months that I can track back to NANOG, or ARIN."

I would hardly call this a flood. But my point is that most people posting to NANOG, being technical people, respond to notifications that they are spamming. Your example email illustrates this perfectly. Sometimes they're ignorant and don't realize they're spamming. If they're persistent they get removed from the list (I don't think that has had to happen for several years).

The remaining spammers are easily caught by filters, as you can plainly see.

I don't see your need for urgency, and you still haven't said what you propose as a better arrangement. I made my suggestion. What's yours?

-mel

Rodney,

You said "I see something every couple of months that I can track back to NANOG, or ARIN."

I would hardly call this a flood. But my point is that most people posting to NANOG, being technical people, respond to notifications that they are spamming. Your example email illustrates this perfectly. Sometimes they're ignorant and don't realize they're spamming. If they're persistent they get removed from the list (I don't think that has had to happen for several years).

The remaining spammers are easily caught by filters, as you can plainly see.

I don't see your need for urgency, and you still haven't said what you propose as a better arrangement. I made my suggestion. What's yours?

I'm one of 10,000. I assume others see as many as I do (I have no idea how many get caught in my filters).

I don't recall calling this a flood. Did I? And I don't believe he is on the list so there's no way to "remove" him. I think the list does a good job over time "training" subscribers.

But I did say that if others don't respond to spammers to this list from vendors, it will become a problem. The list is fertile ground. And I'm not sure that Sterns response indicates any awareness. He admitted he used the 1,300 person attendee list as a prospecting tool.

So all that I am suggesting is that others take the time to respond to spam from vendors (as I did) rather than ignoring it (just hitting delete doesn't work out in the long run). I have to assume that after a reasonable number of people do complain to his company, they'll learn. And others on the list who are tempted, change their minds. I don't think the list itself per se suffers from a spam problem - although my 3 emails probably qualify as too much noise already. But it is vendors who use the list to prospect who should be discouraged.

Btw I have no doubt that rogue salesmen from my companies over the years have tried it once. When I find out about it, I do kick butts.

I'm hoping that this discussion is enough to get Calient to rethink their strategy. For crying out loud, the guy is a VP in their company. What kind of example is that?

I'll end my public noise here

Rodney

Rodney,

My misunderstanding. Despite the subject line noting NANOG attendees, I interpreted your statement "It seems that more than just a few of us were spammed…” to be referring to the NANOG mailing list (“us”). I figured the spammer was signing up to the list first.

As for the attendee list, short of making it secret I’m (which would be counterproductive), I think we just have to live with it (I did not attend this year, and thus didn’t get spammed).

-mel

That excuse stopped being viable sometime in the last century. They know
exactly what they're doing, they're just counting on the prospective
gains to outweigh the prospective losses. If they're right, then the
spamming will not only continue, it will increase. (As we've seen:
over and over and over again.) That's because they don't care about
being professional or responsible or ethical: they only care about profits.

So the choice is clear: either make it plain to such "people" (if I
may dignify sociopathic filth with that term) that this is absolutely
unacceptable and that it will have serious, immediate, ongoing negative
financial consequences, or do nothing while the problem escalates
indefinitely.

  If you give people the means to hurt you, and they do it, and
  you take no action except to continue giving them the means to
  hurt you, and they take no action except to keep hurting you,
  then one of the ways you can describe the situation is "it isn't
  scaling well".
    --- Paul Vixie, on NANOG

---rsk

I've started keeping a list of companies who make unsolicited
calls/emails. I tell them that I put them on my list of companies
never to do business with.

On Tue, Jun 13, 2017 at 01:12:07PM -0400, Rich Kulawiec wrote: > On
Tue, Jun 13, 2017 at 03:31:46PM +0000, Mel Beckman wrote: > >
Sometimes they're ignorant and don't realize they're spamming. > >
That excuse stopped being viable sometime in the last century. They
know > exactly what they're doing, they're just counting on the
prospective > gains to outweigh the prospective losses. If they're
right, then the > spamming will not only continue, it will increase.
(As we've seen: > over and over and over again.) That's because they
don't care about > being professional or responsible or ethical: they
only care about profits. > > So the choice is clear: either make it
plain to such "people" (if I > may dignify sociopathic filth with that
term) that this is absolutely > unacceptable and that it will have
serious, immediate, ongoing negative > financial consequences, or do
nothing while the problem escalates > indefinitely. > > If you give
people the means to hurt you, and they do it, and > you take no action
except to continue giving them the means to > hurt you, and they take
no action except to keep hurting you, > then one of the ways you can
describe the situation is "it isn't > scaling well". > --- Paul
Vixie, on NANOG > > ---rsk

That still leaves the question: how to you invoke this financial punishment? Prohibit NANOG members from buying their products?

-mel via cell

Overreact much?

That excuse stopped being viable sometime in the last century. They know
exactly what they're doing, they're just counting on the prospective
gains to outweigh the prospective losses. If they're right, then the
spamming will not only continue, it will increase. (As we've seen:
over and over and over again.) That's because they don't care about
being professional or responsible or ethical: they only care about profits.

Isn't that why we all work in this industry? Sure it's fun, but at the end of
month it's that sizable deposit in our checking (or chequeing) accounts.

So the choice is clear: either make it plain to such "people" (if I
may dignify sociopathic filth with that term) that this is absolutely
unacceptable and that it will have serious, immediate, ongoing negative
financial consequences, or do nothing while the problem escalates
indefinitely.

  If you give people the means to hurt you, and they do it, and
  you take no action except to continue giving them the means to
  hurt you, and they take no action except to keep hurting you,
  then one of the ways you can describe the situation is "it isn't
  scaling well".
    --- Paul Vixie, on NANOG

It's vendor spam. It's annoying, but it's not life or death. Educate/shame,
and move on. When it happens the second time, then get your pitchforks and
rifles out

how I feel about it:
https://i.imgur.com/v7SJdmq.png

It's funny to see all this apologia for nanog spammers and attempts to normalize the practice and brush it off as acceptable or unavoidable, especially after the "omg evil politicans voted to rollback fcc privacy rules and let companies sell your data" derpy derp thread.

You can't have it both ways.

-Dan

Dan,

And your proposed solution is?

-mel via cell

* mel@beckman.org (Mel Beckman) [Tue 13 Jun 2017, 21:26 CEST]:

And your proposed solution is?

Simple. Stop buying from spammers.

  -- Niels.

> From: "Chuck Anderson" <cra@WPI.EDU>
> To: nanog@nanog.org
> Sent: Tuesday, June 13, 2017 12:47:17 PM
> Subject: Re: Vendors spamming NANOG attendees
>
> I've started keeping a list of companies who make unsolicited
> calls/emails. I tell them that I put them on my list of companies
> never to do business with.

Overreact much?

Mike -- I suspect he *under*Reacts.

I go so far as giving out unique e-mail whenever possible so that I can
track the origin of scraped addresses...

*And* I remind sales folks (and their bosses) why I won't buy from them.

I guess they should be happy that I don't sign a lot of orders
anymore...

I don't think there's a mechanism to do that. (Please correct me
if I'm wrong.) However, I think it's feasible to construct a
list and make it publicly available so that folks can consult it
before making purchase decisions.

---rsk

I think it would too subject to wild variance in what someone views as bad.

Actual SPAM (viagra, Nigerian prices, etc.), of course.
Industry-related SPAM, probably.
Targeted marketing (looking for someone at Facebook, seeing someone from Facebook and tracking them down... or seeing someone at someone in a specific area or...) ehh, probably not

Do you view collecting lists of nanog members and using it for unsolicited marketing purposes as bad or not?

-Dan

Does it fit into one of the categories I defined?

I wasn't overly clear in the second example of the last category. Seeing someone working for someone that's in a specific area and then reaching out to them about something specific to their area... probably not.

Further examples of yes\no for targeted marketing: Most any equipment vendor, unless it's quite geographically specific to someone, no, not unique enough. New provider, data center, IX, etc. geographically near a given company and they find "you" work at that company... sure, that seems like a perfectly valid use.

If they paid for a booth at beer & gear (i.e.; indirectly bought me a
drink), then I'd give them _one_ pass on a targeted email.