I’ve seen my share of angry complaints about spam with forged sender addresses, but this is amazing: Aunty Spam’s Slam a Spammer Blog is reporting that Sunnyvale resident Charles Booher called up the "sender" of some spam and threatened him with torture and death.
Of course, (a) death threats are criminal, and (b) the callee was not the actual sender but a third party whose address had been forged. Booher is now facing criminal charges with up to five years of prison and a quarter-million dollars in fines.
"Aunty Spam" didn’t provide any further information, but a quick Google search turned up articles suggesting this isn’t the entire story. Mercury News reports [archive.org] that the person Booher threatened, Douglas Mackay, worked at a call center that handled calls for, among other companies, the one that did send the spam. Metroactive reports on an even closer connection: it seems that the spamming corporation was registered to Mackay’s brother. A DOJ press release is (appropriately) matter-of-fact about the allegations. This all went down last November. In my brief search I haven’t found anything about the current status of the case.
Back on the subject of forgery, the SPF website has gotten a major facelift. SPF, or Sender Policy Framework, is a scheme that lets domain name owners identify which servers they use to send mail, so that receiving servers can pre-screen incoming mail for forgeries. Aside from cutting down on phishing attacks, at least with SPF there’s a better chance you’ll be complaining to the right person!
Remember Charles Booher, the spam victim who was arrested for making death threats to the sender? (Early reports…