At least some of their items still have free shipping - I just ordered
a set of Bessey Uniklamps and an HTC mobile base, and I was looking at
a Dewalt reciprocating saw and a Jet disc sander, all of which offered
free shipping. Tools provided by Grizzly or other companies and sold
through Amazon charge shipping, though. Are they just cutting back on
free shipping for the really heavy stuff?
On the topic of shipping, Rockler is currently offering free shipping
over $49 (and sales on K-body clamps) if you join their VIP mailing
list.
Andy
A couple of months ago I ordered some DVDs through Amazon.com.
The RFCs for email allow a person to 'tag' their email address by
appending a plus sign '+' followed by a string. The '+' and the string
between it and the '@' is ignored for routing purposes. So
[email protected] will be delivered to the mailbox
belonging to [email protected], but the address
in the From: header will read, literally "[email protected]".
Neat, eh?
Not all email systems properly impliment tagging, compliance with
the RFCs like everything else on the internet is, after all, voluntary.
But SpamCop does allow it and amazon.com does accept tagged
email addresses on their order page.
So when I ordered, I tagged the address with a unique string, used only
for correspondence with Amazon.com, which being the suspicious sort,
is SOP for me when ordering over the internet.
SInce then I have not only received spam to that uniquely tagged
email address, but also a credit-card phishing attempt, forged to
appear to have been from amazon.com, though actually sent from
(or through) a server registered to Apollo Hositng in Austin, TX.
My emailed notitification to Amazon.com resulted in a form email
reply, what I politely refer to as an "auto ignore". Attempts to
inform Amazon through their webpage interface have been failing
for about the last month or so though, according the error message,
they hope to have that problem fixed 'shortly'.
When I attempt to login into my Amazon.com account I am told
that my account cannot be located and they suggested that I
open a new account. Yet Amazon.com was able to send a spam
to that uniquely tagged address immediately after I attempted to log
in. Do you suppose that was a coincidence?
Yes, that was a spam. I have not subscribed to an Amazon.com
mailing list and yes, it came from an amazon.com server. Oh,
and to 'unsubscribe' from their spamlist I am supposed to log
into my amazon.com account and update my preferences. See
above.
If I take their advice and open a new account it certainly will not
be with amazon.com!
So, if you chose to order from Amazon.com you can expect that
your email address will be passed to spammers and pshishers,
amazon.com will spam you directly, will disable your account so
that you cannot unsubscribe from their spam list, and will not
accept complaints.
You've been warned.
--
FF
Morris Dovey wrote:
> [email protected] (in
> [email protected]) said:
>
> | So, if you chose to order from Amazon.com you can expect that
> | your email address will be passed to spammers and pshishers,
> | amazon.com will spam you directly, will disable your account so
> | that you cannot unsubscribe from their spam list, and will not
> | accept complaints.
> |
> | You've been warned.
>
> Interesting. It might be worth lobbying your state legislators to pass
> a bill on the order of
> http://www.legis.state.ia.us/IACODE/2001SUPPLEMENT/714E/1.html.
>
> In Iowa, all that's necessary is to print out a copy of the spam and
> take it to small claims court (filing fee of $20) for a default award
> of $500. Not all spams can be traced, of course, but this does
> somewhat level the playing field.
>
The aptly named CAN SPAM (as in yes, thanks to the Congress they
can spam you and get away with it) Act of 2003 (S. 877)
http://thomas.loc.gov/cgi-bin/query/F?c108:1:./temp/~c1080e7tkh:e669:
http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm
expressly preempts state email laws, supposedly the only Federal
Consumer Protection law that nullifies stronger protections at the
state level.
> I'm tempted to open a spAmazon account. :-)
Don't plan on being able to close it.
--
FF
Quentin wrote:
> I'm not sure the spam you received was from Amazon.
I am.
Here are the headers:
Return-Path:
<emailSenderApp+BH3WQ7KC75IA-1PBXGU693KNEQ-2UH78BYPDG8PE@bounces.amazon.com>
Received: (qmail 21213 invoked from network); 1 Dec 2005 14:22:32 -0000
Received: from unknown (192.168.1.101)
by blade4.cesmail.net with QMQP; 1 Dec 2005 14:22:32 -0000
Received: from mm-retail-out-1102.amazon.com (207.171.165.134)
by mailgate.cesmail.net with SMTP; 1 Dec 2005 14:22:31 -0000
Received: from mail-app-2001.iad2.amazon.com (10.205.19.42)
by mm-retail-out-1102.amazon.com with ESMTP; 01 Dec 2005 06:25:48
-0800
Received: by mail-app-2001.iad2.amazon.com
id AAA-merchandizing-22498,1696; 1 Dec 2005 05:49:35 -0800
X-AMAZON-TRACK: merchandizing
To: [email protected]
From: "Amazon.com" <[email protected]>
Subject: Simplify Your Gift-Giving at Amazon.com Gift Central
Bounces-to:
emailSenderApp+BH3WQ7KC75IA-1PBXGU693KNEQ-2UH78BYPDG8PE@bounces.amazon.com
Content-Type: multipart/alternative; boundary="mUlTiPaRtBoUnDaRy"
X-AMAZON-MAIL-RELAY-TYPE: merchandizing
(192.168.1.101) is unroutable so it must be an internal
handoff to the SpamCop webmail client server.
(207.171.165.134) is registered to Amazon.com.
Unless the spammer hacked into (192.168.1.101) to send his spam
while forging the other received headers, that spam came from
Amazon.
The phish, as already noted, did not come from Amazon.
--
FF
> So, if you chose to order from Amazon.com you can expect that
> your email address will be passed to spammers and pshishers,
> amazon.com will spam you directly, will disable your account so
> that you cannot unsubscribe from their spam list, and will not
> accept complaints.
Never ONCE had a problem with Amazon passing on my email address,
purposely or accidently to ANY spammers or anybody else. I have my own
domain name and have unique email address for different functions. I
get ZERO spam.
[email protected] wrote:
> Quentin wrote:
> > I'm not sure the spam you received was from Amazon.
>
> I am.
>
> Here are the headers:
>
> Return-Path:
> <emailSenderApp+BH3WQ7KC75IA-1PBXGU693KNEQ-2UH78BYPDG8PE@bounces.amazon.com>
> Received: (qmail 21213 invoked from network); 1 Dec 2005 14:22:32 -0000
> Received: from unknown (192.168.1.101)
> by blade4.cesmail.net with QMQP; 1 Dec 2005 14:22:32 -0000
> Received: from mm-retail-out-1102.amazon.com (207.171.165.134)
> by mailgate.cesmail.net with SMTP; 1 Dec 2005 14:22:31 -0000
> Received: from mail-app-2001.iad2.amazon.com (10.205.19.42)
> by mm-retail-out-1102.amazon.com with ESMTP; 01 Dec 2005 06:25:48
> -0800
> Received: by mail-app-2001.iad2.amazon.com
> id AAA-merchandizing-22498,1696; 1 Dec 2005 05:49:35 -0800
> X-AMAZON-TRACK: merchandizing
> To: [email protected]
> From: "Amazon.com" <[email protected]>
> Subject: Simplify Your Gift-Giving at Amazon.com Gift Central
> Bounces-to:
> emailSenderApp+BH3WQ7KC75IA-1PBXGU693KNEQ-2UH78BYPDG8PE@bounces.amazon.com
> Content-Type: multipart/alternative; boundary="mUlTiPaRtBoUnDaRy"
> X-AMAZON-MAIL-RELAY-TYPE: merchandizing
>
> (192.168.1.101) is unroutable so it must be an internal
> handoff to the SpamCop webmail client server.
>
> (207.171.165.134) is registered to Amazon.com.
>
> Unless the spammer hacked into (192.168.1.101) to send his spam
> while forging the other received headers, that spam came from
> Amazon.
192.168.1.101 is a typical internal IP address of a PC connection to a
home router.
> Received: (qmail 21213 invoked from network); 1 Dec 2005 14:22:32 -0000
> Received: from unknown (192.168.1.101)
> by blade4.cesmail.net with QMQP; 1 Dec 2005 14:22:32 -0000
Tells me right there it didn't come from amazon. In addition, if you
research cesmail.net, it's a company that a user can use to manage
their email, for filtering, etc.
Larry Bud wrote:
> [email protected] wrote:
> > Quentin wrote:
> > > I'm not sure the spam you received was from Amazon.
> >
> > I am.
> >
> > Here are the headers:
> >
> > Return-Path:
> > <emailSenderApp+BH3WQ7KC75IA-1PBXGU693KNEQ-2UH78BYPDG8PE@bounces.amazon.com>
> > Received: (qmail 21213 invoked from network); 1 Dec 2005 14:22:32 -0000
> > Received: from unknown (192.168.1.101)
> > by blade4.cesmail.net with QMQP; 1 Dec 2005 14:22:32 -0000
> > Received: from mm-retail-out-1102.amazon.com (207.171.165.134)
> > by mailgate.cesmail.net with SMTP; 1 Dec 2005 14:22:31 -0000
> > Received: from mail-app-2001.iad2.amazon.com (10.205.19.42)
> > by mm-retail-out-1102.amazon.com with ESMTP; 01 Dec 2005 06:25:48
> > -0800
> > Received: by mail-app-2001.iad2.amazon.com
> > id AAA-merchandizing-22498,1696; 1 Dec 2005 05:49:35 -0800
> > X-AMAZON-TRACK: merchandizing
> > To: [email protected]
> > From: "Amazon.com" <[email protected]>
> > Subject: Simplify Your Gift-Giving at Amazon.com Gift Central
> > Bounces-to:
> > emailSenderApp+BH3WQ7KC75IA-1PBXGU693KNEQ-2UH78BYPDG8PE@bounces.amazon.com
> > Content-Type: multipart/alternative; boundary="mUlTiPaRtBoUnDaRy"
> > X-AMAZON-MAIL-RELAY-TYPE: merchandizing
> >
> > (192.168.1.101) is unroutable so it must be an internal
> > handoff to the SpamCop webmail client server.
> >
> > (207.171.165.134) is registered to Amazon.com.
> >
> > Unless the spammer hacked into (192.168.1.101) to send his spam
> > while forging the other received headers, that spam came from
> > Amazon.
>
> 192.168.1.101 is a typical internal IP address of a PC connection to a
> home router.
In this case, it is not. Received headers are pre-pended as the email
is routed so that the most recent is at the top and the oldest at the
bottom.
When you read those from the top down you are reading from the
recipient backwards toward the sender.
Within each received header, read from left to right
the sender is listed first (from) followed by the recipient (by) with
an optional statement of the destination email address (for).
>
> > Received: (qmail 21213 invoked from network); 1 Dec 2005 14:22:32 -0000
> > Received: from unknown (192.168.1.101)
> > by blade4.cesmail.net with QMQP; 1 Dec 2005 14:22:32 -0000
>
> Tells me right there it didn't come from amazon. In addition, if you
> research cesmail.net, it's a company that a user can use to manage
> their email, for filtering, etc.
Uh, no. "by blade4.cesmail.net" means it was received _by_ that
computer,
not from it. Blade4.cesmail.net is the machine on which the SpamCop
WebMail client runs. It is the last machine in the route, not the
first.
It is the machine on which I read the email.
--
FF
Ricky Robbins wrote:
> On 1 Dec 2005 12:13:40 -0800, "Larry Bud" <[email protected]>
> wrote:
>
> >Never ONCE had a problem with Amazon passing on my email address,
> >purposely or accidently to ANY spammers or anybody else.
>
> Nor have I, and I've been buying there since 1997.
>
Amazon 'subcontracts' though a loosely affiliated network of
otherwise independent vendors. I bought about twenty DVDs,
new and used, through Amazon and they were sent to me by
more than a half dozen different outfits.
Most of those sent me emails directly from their own accounts
confirming the order and some a second time confirming that
they had shipped. So there is no question that Amazon passed
my email address (and shipping address) on to those other parties.
It would be trivial for Amazon to impliment an aliased forwarding
system so that those same subvendors could send those emails
to Amazon's customers without having the customer's actual email
addresses. (and vice-cera, for that matter.)
At least one of those confirmation emails came from a hotmail
account, so it is clear that some of those vendors are smalltime
outfits. Most likely the phisher was one of those or obtained
the email address from one of those. It is easy to imagine
a small time vendor using an insecure PC.
I hope (and think it is reasonable to expect) that Amazon has
applied better security to my credit card information. But their
poor approach to handling abuse complaints leaves me with
concerns about the quality of their security in general. A
perpetually out-of-order abuse reporting web interface does
not inspire confidence.
Clearly, in order to find and eliminate phishers from among their
subcontractors Amazon would have to at least receive complaints
from their customers as a first step.
--
FF
Interesting series of events with Amazon.com lately....
I ordered a Makita air compressor from them on 12/1. The product
description said it "usually ships in 24 hours", and it also said I'd
get free 2-day shipping (they gave me an amazon Prime membership).
Great!
Check my acount today and it says the compressor won't ship until
JANUARY 1st through the 16th!!!! WTF! So I email them and tell them I
really need this compressor and indicate my displeasure. Just tonight
I get an email apologizing and saying it has shipped.
One other item of note was that when I checked to see if it had
shipped, it not only told me that it wouldn't ship until January - but
that I could NOT cancel my order!!! I think Amazon is playing some
serious games with their shipping dates.
JP
Walter H. Klaus wrote:
> I have sought of lost interest in purchasing from Amazon since they stopped
> the free shipping. If you check the shipping cost it might be more
> reasonable to buy from Woodcraft.
>
> Walter H. Klaus
Ricky Robbins wrote:
> On 2 Dec 2005 04:26:26 -0800, [email protected] wrote:
>
> >Amazon 'subcontracts' though a loosely affiliated network of
> >otherwise independent vendors. I bought about twenty DVDs,
> >new and used, through Amazon and they were sent to me by
> >more than a half dozen different outfits.
>
> Yeah, but Amazon states on the item description when you are buying
> from a third-party vendor.
I thought that was their business model. I didn't realize they had
their own inventory.
> If they tell you that you are buying from
> a third party, and you buy from the third party, then you shouldn't
> (at least I wouldn't) hold Amazon accountable for what the third party
> did. I might complain on the Amazon site about what the third party
> did; there's a place for it, called vendor feedback, and I check it
> prior to buying from affiliates, and reading these reviews have kept
> me from buying from a couple.
Have you tried leaving feedback? As noted earlier, the webform that
ostensibly is used for taking complaints appears to be perpetually
out-of-order.
I understand what you are saying, but if they do not adequately police
their afiliated vendors there is no question that they will wind up
facilitating a host of criminal activity. The feedback system does
not adequately address that. When a vendor gets a bad reputation
they can just close their doors and join again under a new name.
--
FF
On 1 Dec 2005 12:13:40 -0800, "Larry Bud" <[email protected]>
wrote:
>Never ONCE had a problem with Amazon passing on my email address,
>purposely or accidently to ANY spammers or anybody else.
Nor have I, and I've been buying there since 1997.
Ricky
[email protected] (in
[email protected]) said:
| So, if you chose to order from Amazon.com you can expect that
| your email address will be passed to spammers and pshishers,
| amazon.com will spam you directly, will disable your account so
| that you cannot unsubscribe from their spam list, and will not
| accept complaints.
|
| You've been warned.
Interesting. It might be worth lobbying your state legislators to pass
a bill on the order of
http://www.legis.state.ia.us/IACODE/2001SUPPLEMENT/714E/1.html.
In Iowa, all that's necessary is to print out a copy of the spam and
take it to small claims court (filing fee of $20) for a default award
of $500. Not all spams can be traced, of course, but this does
somewhat level the playing field.
I'm tempted to open a spAmazon account. :-)
--
Morris Dovey
DeSoto Solar
DeSoto, Iowa USA
http://www.iedu.com/DeSoto/solar.html
[email protected] (in
[email protected]) said:
| The aptly named CAN SPAM (as in yes, thanks to the Congress they
| can spam you and get away with it) Act of 2003 (S. 877)
|
|
http://thomas.loc.gov/cgi-bin/query/F?c108:1:./temp/~c1080e7tkh:e669:
| http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm
|
| expressly preempts state email laws, supposedly the only Federal
| Consumer Protection law that nullifies stronger protections at the
| state level.
Hmmm. That's nasty. I have a bucket with over 10K unique spams
received so far this year. I think I may have to pick one out and do a
test. The Iowa statute is still on the books; and I'm curious to see
if the spammer will do what it takes to get the state judgement
overturned, pays the award, or just lets the unpaid judgement sit on
their credit record...
--
Morris Dovey
DeSoto Solar
DeSoto, Iowa USA
http://www.iedu.com/DeSoto/solar.html
I'm not sure the spam you received was from Amazon. I've been using a
technique similar to what you described for about 3 years and I have never
received any spam.
My technique goes like this: I have my own domain (call it example.com) and
therefore I can get any email address @example.com. Whenever I correspond
with any companies that want my email address I use [email protected].
I have been dealing with Amazon for 3 years with the email address
[email protected] and have never received any email at that address except
correspondence from Amazon.
Having said all that, I am only dealing with Amazon.ca so I'm not sure if
they have different rules to abide by in Canada or not (but I doubt it).
Quentin.
<[email protected]> wrote in message
news:[email protected]...
>
> A couple of months ago I ordered some DVDs through Amazon.com.
> The RFCs for email allow a person to 'tag' their email address by
> appending a plus sign '+' followed by a string. The '+' and the string
> between it and the '@' is ignored for routing purposes. So
> [email protected] will be delivered to the mailbox
> belonging to [email protected], but the address
> in the From: header will read, literally "[email protected]".
> Neat, eh?
>
> Not all email systems properly impliment tagging, compliance with
> the RFCs like everything else on the internet is, after all, voluntary.
> But SpamCop does allow it and amazon.com does accept tagged
> email addresses on their order page.
>
> So when I ordered, I tagged the address with a unique string, used only
>
> for correspondence with Amazon.com, which being the suspicious sort,
> is SOP for me when ordering over the internet.
>
> SInce then I have not only received spam to that uniquely tagged
> email address, but also a credit-card phishing attempt, forged to
> appear to have been from amazon.com, though actually sent from
> (or through) a server registered to Apollo Hositng in Austin, TX.
>
> My emailed notitification to Amazon.com resulted in a form email
> reply, what I politely refer to as an "auto ignore". Attempts to
> inform Amazon through their webpage interface have been failing
> for about the last month or so though, according the error message,
> they hope to have that problem fixed 'shortly'.
>
> When I attempt to login into my Amazon.com account I am told
> that my account cannot be located and they suggested that I
> open a new account. Yet Amazon.com was able to send a spam
> to that uniquely tagged address immediately after I attempted to log
> in. Do you suppose that was a coincidence?
>
> Yes, that was a spam. I have not subscribed to an Amazon.com
> mailing list and yes, it came from an amazon.com server. Oh,
> and to 'unsubscribe' from their spamlist I am supposed to log
> into my amazon.com account and update my preferences. See
> above.
>
> If I take their advice and open a new account it certainly will not
> be with amazon.com!
>
> So, if you chose to order from Amazon.com you can expect that
> your email address will be passed to spammers and pshishers,
> amazon.com will spam you directly, will disable your account so
> that you cannot unsubscribe from their spam list, and will not
> accept complaints.
>
> You've been warned.
>
> --
>
> FF
>
Walter H. Klaus wrote:
> I have sought of lost interest in purchasing from Amazon since they stopped
> the free shipping. If you check the shipping cost it might be more
> reasonable to buy from Woodcraft.
>
> Walter H. Klaus
>
>
I just (2 weeks ago) got a $259 tool from Amazon with free shipping.
You just have to check it out before ordering.
Dave
On 2 Dec 2005 04:26:26 -0800, [email protected] wrote:
>Amazon 'subcontracts' though a loosely affiliated network of
>otherwise independent vendors. I bought about twenty DVDs,
>new and used, through Amazon and they were sent to me by
>more than a half dozen different outfits.
Yeah, but Amazon states on the item description when you are buying
from a third-party vendor. If they tell you that you are buying from
a third party, and you buy from the third party, then you shouldn't
(at least I wouldn't) hold Amazon accountable for what the third party
did. I might complain on the Amazon site about what the third party
did; there's a place for it, called vendor feedback, and I check it
prior to buying from affiliates, and reading these reviews have kept
me from buying from a couple.
Just today, however, I received a package from one of the third-party
vendors. Very fast shipping and well packaged - and that was the gist
of the reviews on this company.
Over the years I've used the "unique ID" test and never had a problem
with Amazon, but I haven't used it since I started buying from the
affiliates, so could be different with them. I've only bought from
affiliates a few (three or four?) times over the past year or so and
haven't noticed any increase in spam - but I can see where using them
opens the door for it, so wouldn't argue with you there.
Ricky
"Walter H. Klaus" <[email protected]> wrote in message
news:[email protected]...
>I have sought of lost interest in purchasing from Amazon since they stopped
>the free shipping. If you check the shipping cost it might be more
>reasonable to buy from Woodcraft.
>
Woodcraft has the Delta drum sander for $709, with wheels. If I hadn't
bought a performax last week I would be all over it. Oh well, the performax
is better anyhow, right?