• All Purchases made this month instantly go into the draw to win a USD $ 100.00 credit to your HoP account.
 

Doc Lightning
GOLD Member since May 2001

Doc Lightning

HOP Mad Doctor
Location: San Francisco, CA, USA

Total posts: 13920
Posted:So Congress has passed (and the President has signed) its first anti-spam bill. Under the bill, all unsolicited commercial E-mail that passes through the United States at any time must contain a valid return address at which the recipient may request to be removed from the spammer's list.

Personally, I believe that all unsolicited commercial E-mail promting good or services to private individuals should be banned.

The argument is that this would violate the First Ammendment's guarantee of free speech. But I say that in this case, it's not free speech, it's criminal conduct. The same, I believe, is true of telemarketers.

If I phoned your home night after night, hour after hour, and refused to stop calling you, you would be absolutely right to get a restraining order from the police. Similarly, E-mail harrassment is a bona fide criminal offense. And yet, some people want to argue that the very same E-mail harrassment is "free speech" if it's an advertisment, even if it advertises offensive, illegal, unproven, dangerous, or fraudulent goods and services.

Furthermore, junk E-mail costs the user money. The onslaught (AOL blocks one billion junk E-mails a day) has forced ISP's to invest in spam-blocking software. That cost is passed on to users. In fact, it's estimated that as much as 40% of internet traffic is spam. Imagine how much faster the net would run without it.

For me personally, I'm tired of E-mails from "sexycindi" that read "click here!" or ads for Viagra or penis enlargement. I'm sick of adverising in general. It's one thing when it's outdoors, or when you have to turn on a TV or a radio to get it, but when it invades my home, my privacy, and my life, I feel violated. It's not a matter of "just don't read it." I need to delete it, navigate around it, report it as spam, etc. It takes time and it's an irritant.

So my view is that spam needs to be stopped. And violators need to get fined until they're anemic and thrown in jail. It's time to take our mailboxes, our homes, and our country back.


-Mike )'(
Certified Mad Doctor and HoP High Priest of Nutella

"A buckuht 'n a hooze!" -Valura

Delete Topic

telic


I don't want a title.


Total posts: 940
Posted:Y'know, CompuServe once brought a civil tort suit against a spammer, based on the theory of trespass - trespass being defined as (1) intentionally (2) dispossessing another of chattel, or (3) using or intermeddling with a chattel in another's possession. CompuServe won, because the spam cost them money and customers, and because the courts decided that the electric signals on CompuServe's servers constituted sufficient physical contact.

Point being, the caselaw has already tried to stop spam, with little success. I don't expect this bill to help much.

I do agree that it is constitutional, though. First Amendment rights are extremely important to me, but there's a difference between saying something and shouting it in my ear. Though I don't actually get to study the First Amendment until next semester. biggrin

Mm, last of all - Lightning, you'd get infinitely less spam if you stopped using AOL. tongue


E pluribus unum, baby.

Delete

vanize
SILVER Member since Aug 2001

vanize

Carpal \'Tunnel
Location: Austin, Texas

Total posts: 3899
Posted:certainly in the case of telemarketers, it has nothing to do with free speech. I pay for my phone line, it is not a public service. Therefor it is a private business transaction, and free speech is not protected. It is only subject to my wishes as a consumer and what the phone company allows as a provider. So in reality, the 'free speech' thing is just a cover for the phone company saying they don't want to give up the income they get from the telemarketers. Personally I think telemarketers should have to pay a percentage of your phone bill everytime they call. If you get 50 calls in a month, and 40 or the are from telemarketers, then 80% of your regular phone service should be paid by telelmarketers - 2% for each of their calls.

Now, the thing about email is that the internet is a much more open thing. It is hard to say how much of it is private and how much of it is public. Perhaps free speech laws do apply more. But the internet is also now a critical infrastructure in the USA and email spamming is accouting for a huge amount of its traffic and threatening to get much larger very quickly. It is a burden on a system that is struggling to grow quickly enough to meet the demands on it. This is why congress has acted faster on the email thing than it did with phone spam. But you don't want to overdo a thing at first. Wait and see if the current law is adequate. You have the option to sign up for a 'no spam" registry. The fact that everyone has to send spam from a legitimate addy may be enough to severly curb spammer activity since people can now directly spam them back with hate mail or email bombs, and requests to be removed from a spam list must supposedly be honored.

For once I think I agree with congress about the free speech thing, as opposed to my feelings with telephones, as I said above. They must be very careful as to what sort of precidents they set for what is basically tommorows (and to a rapidly growing extent, todays) forum for communication. A small infringement now could lead to banning of pornagraphy from the net in a couple years time, and even greater restrictions on what sort of material you have on your personal webpage in 5.

Let us see what effect the new law has. With it, the net may be able to police itself, which I would prefer to a situation where congress gets the idea that it can pass a law over every silly thing that happens on the net.


-v-

Wiederstand ist Zwecklos!

Delete

Eera


old hand
Location: In a test pit, Mackay

Total posts: 1107
Posted:Now, only if they could find a way of getting rid of those ones that start "My friend, I was given your name by a trusted associate..."

So far today I can make nearly $30 000 000 if my inbox is to be believed.


There is a slight possibility that I am not actually right all of the time.

Delete

Dunc
GOLD Member since Aug 2003

Dunc

playing the days away
Location: The Middle lands

Total posts: 7263
Posted:I hope they bring something like this into the UK, I'm sick of having to change my email address to stop spammers...I'm just glad Yahoo splits most of it into the junkmail folder before hand.

Let's relight this forum ubblove

Delete

flid
BRONZE Member since Aug 2002

flid

Carpal \'Tunnel
Location: Warwickshire

Total posts: 3136
Posted:So Congress has passed (and the President has signed) its first anti-spam bill. Under the bill, all unsolicited commercial E-mail that passes through the United States at any time must contain a valid return address at which the recipient may request to be removed from the spammer's list.

so what? most spam from american companies already originates from servers in asia. There are some ISPs in the US and Canada (*ahem*bell*ahem*) who don't give a toss if spammers are using their network provided they pay their fees, but a lot, especially smaller ones will already chuck people off and thus spammers already use machines in other countries where the companies are just glad to have the business, whatever it is. It's not hard to rent a machine in another country for under 100$ a month and use it to launch your spam from. A lot of spam does have a valid reply address, it allows them to verify which addresses are working and which arn't. And anyway, most spammers will argue that you signed up to recieve the email. The fact that you blatently didn't is not the case, the point is that it's harder (virtually impossible?) for you to argue that you didn't.

Don't get me wrong, i think it's good that the legal system is starting to look at it, but don't hold your breath until there is binding international law on the subject (which is likely to happen, ummm, never), and the faintest chance that law enforcement agencies will investigate offences.


Delete

Matthew B-M


Matthew B-M

Lemon-Aware Devilstick-wielding Operative
Location: East London Wilds

Total posts: 605
Posted:Like flid, I'm afraid I think this will have about as much effect as the Act just introduced in the UK. I recently had an email dialogue with a spammer (I was particularly incensed because having reported to his abuse@ contact, I was presented with a mail saying "because I get too much spam, please click on this magic link to verify that you're a real person", which I felt was adding insult to injury), and he replied to me that he felt that:
Quote:
The email that I sent would have been ok under the strict guidelines under the us bill of 2003 and since your from the UK the less restrictive UK version.



He went on to say that:
Quote:
I did not try to trick you with the subject line. I did not give you a bad reply address. I did not even give you fake headers.



The email that he sent was still unsolicited, bulk and commercial. It wasn't about something that I wanted. It's still spam, as far as I'm concerned.

He then said:
Quote:
So given the laws available to me as a business owner to advertise my site using multiple methods and staying within the strict guidelines I believe I have done this.



He found his way rather quickly into my mail server's blocklist.

Also interesting is a recent (well, 2-3 months ago or so) article on CNN online (which I can't currently find, at least I think it was on CNN), where they tried replying to a spam to see what would happen. The one they chose was a "new mortgage" or "bad credit" one, and within the day, they were called up by the 4 biggest US lending banks (I can't remember which, I'm afraid). All had "anti-spam" policies, but they traced it back through about 5 or so different address-handling companies, many of which also had "anti-spam" policies. This article is also interesting in response to Lightning's original post.

I'm not going to throw away my current filter list and anti-spam tech that I employ for my personal mail anytime soon due to this.

mad


Luv 'n' Lemons
purity :: clarity :: balance

Delete

Psylent_BoB


member


Total posts: 13
Posted:I've just had an interesting conversation with one of my work m8's on this, and we both agree that legistlation isn't going to work on this problem. the spammer will just move elsewhere. His solution to spam is good, and possibly a little evil! wink

He uses Postfix (mail server) along side SpamAssasin (spam tracker and holistic analyser), and SpamCop(reporting tool and link to black/white lists). These work in conjunction to work out what is spam and what isn't and process it accordingly, nothing new here really. It's what he does then that had me really interested tho.

He forges an "Unknown recipient" return mail from his mail server to the spammer. The spammers software automatically removes his address from their listings. Not being content with getting removed he also sets his IP window size to 1 byte. This means for the spammer, they get the "Unknown Recip" but it takes them about 20 - 30 minutes to get it. This is pretty standard anti-hacker technique called a "tar-pit" and must certainly piss spammers off, I've just seen his mail acount and he claims in the last 6 months (yes 6 MONTHS!) he recieved about 8 spam mails. I get about 18 spam mails a day...

The whole thing is a lot more complex than this, but needless to say I'll be getting him to set up my home mail server! wink

SpyB.

P.S. lo Matt... long time no see m8! hug


Delete

Dom
BRONZE Member since Dec 2001

Dom

Carpal \'Tunnel
Location: Bristol, UK

Total posts: 3009
Posted:Like everyone else I think it'll have little effect, but I'm glad they're doing something.

My answer is to be really picky about where my email address goes. My old ISP (LineOne then Tiscali) email address started getting a lot of spam, so I stopped using it and moved to using one through a ISP I'm hosting a site with. That was about 2 years ago. Since then I've not put my email address on a site or subscribed to any mail groups. All email addresses I need for registering on sites are aliases of my main adress so they can be cut off at any time.

Total spam emails I've recieved in those 2 years: 0
Total spam recieved yesterday at my old ISP mail address (not used for those 2 years but kept as an spam interest): 100+
That's 1296 so far this month!

I was once on the opposite end of a spam attack when a spammer used one of my email addresses as their return address. It didn't take long to get my mate at the ISP to bounce them all back, but it did take a while for the mail server to get through the 10000s of emails that were queued up from here to Bombay!

So my advice is to be really picky about where your email address goes. And make sure it never appears on a web site anywhere.


Delete

flid
BRONZE Member since Aug 2002

flid

Carpal \'Tunnel
Location: Warwickshire

Total posts: 3136
Posted:Total spam emails I've recieved in those 2 years: 0



I guess that depends on what tld it's registered under. Many tld coordinators offer their entire whois database for download (ie for third party registrars, who download it once an hour into their database rather than doing a whois for each request). I get a lot of spam to my .com domains, including one which isn't even in google and certainly has never had any mail sent from it. People just send spam to things like sales@ and if their are deliverable then they are added.



The idea about sending fake bounce messages is a nice idea, but it doesn't always work. Imagine you're a spammer whose just sent 10,000,000 emails. It's unlikely you are going to put your real return address on it because if 10% are bogus then that's still 100,000 messages of bandwidth coming at you which you'd rather not pay for. It's easier to send emails that will bounce than bother processing bounces. If i was a spammer I'd only remove addresses if the destination SMTP servers rejected the mail. Some will accept any mail for their domain, but a lot will reject the message during the SMTP session if the mailbox isn't found. Assuming you're a spammer who is delivering emails direct and not via a relay, then this is a good way to verify addresses, especially if you know which large ISPs mail servers check is mailboxes are valid during the SMTP session. And whats more, if you do process bounces and you recieve one from an ISP which you know's SMTP servers check for mail box validity, then you've just sent confirmation that your address is valid tongue


Delete

Psylent_BoB


member


Total posts: 13
Posted:I guess that is true, but surely only if their sending out thousands of requests to randomly generated email addresses...



theoretically you will stumble across some correct ones if you just run a script which emails aaaaaaaaaaaaaaaaa@domain.com

then aaaaaaaaaaaaaaaab@domain.com



hell it would take a long time, but it's not like these spammers have anything productive to do with their lifes...



Anyway, it seems to work for him, and must certainly piss the odd spammer off, it'd annoy the hell outta me if I spent 20 minutes downloading each bloody message! wink

And he certainly get's less spam than I do...



SpyB.

EDITED_BY: Psylent_BoB (1071248408)


Delete

flid
BRONZE Member since Aug 2002

flid

Carpal \'Tunnel
Location: Warwickshire

Total posts: 3136
Posted:ah, i see. There's an option in KDE's built in mail client (which i used for 6 months before getting so annoyed by it crashing my mailbox/deleting all messages at least once a month) for sending fake bounce messages by the time they've reached your inbox.

In the 5 minutes that have passed since my last post i've unsuccessfully managed to go out and get a life, but i did find the domain in question is now in google, despite not even having a web server running on it. Horray for the Global Internet link Archive !


Delete

Matthew B-M


Matthew B-M

Lemon-Aware Devilstick-wielding Operative
Location: East London Wilds

Total posts: 605
Posted:Yeah, you should never fake up non-delivery bounces. I wanted people to be able to email me. I hang around on many lists, but I now have a fairly sensible spam system.

(SpamCop is a disaster area, the amount of collateral they cause is just depressing, and as I am the list admin for a (proper) opt-in list with well over 150,000 subscribers (popb*tch, if you've heard of it), I've had to deal with them every time someone decides that it's easier to forward the message to spamcop than to unsubscribe (because they can't be bothered to work out how to unsubscribe))

Mine involves being very pedantic about what SMTP stuff I'll accept, and doing outbound checks on it. It also involves bait addresses to catch web-harvesters and mail to me getting delayed initially (which means that my email is not always instant, on the basis that having been told "I can't deal with this now" by my server, the spammer will go on and try other things. I'm not sure how you can set the TCP(not IP) window size directly (partly because it's based on what's believed in-flight), though it appears that you can set the send-buffer on a given socket. I delay responses based on various rules, and sometimes give out multiline replies, which I give out one at a time. It also involves a black and whitelist that I've built up over 2 years, and the email addresses that I've used to post to lists only accepting mail from those lists.

I've also had several of my domains joe-jobbed, but mostly my server is able to slow those down and only let legitimate mail through. I end up (with my email address in lots of places) not getting more than a spam or two a day.

It's an arms race. Unpleasantly. frown


Luv 'n' Lemons
purity :: clarity :: balance

Delete

Rozi
SILVER Member since Jan 2002

100 characters max...
Location: Sydney, NSW, Australia

Total posts: 2996
Posted:I am feeling very left out. I don't get spam. frown

What am I going to complain about now? wink


It was a day for screaming at inanimate objects.

What this calls for is a special mix of psychology and extreme violence...

Delete

NYC


NYC

NYC
Location: NYC, NY, USA

Total posts: 9232
Posted:I just want to meet the guys who are like "Hell yeah I want to enlarge my penis! And this random unsolisited email I got seems to be just the way to do it!"

If there was no demand, there'd be no supply. Who are these people that are getting spam and then buying those products?!


Well, shall we go?
Yes, let's go.
[They do not move.]

Delete

onewheeldave
GOLD Member since Aug 2002

Carpal \'Tunnel
Location: sheffield

Total posts: 3252
Posted:Very few people reply to spam, but the very few who do make it worthwhile, especially as spamming is so cheap to do.

It's the same principle as those scratch cards you get with magazines that assure you that you've won 'one of the following great prizes' and then try to get you to dial a premium rate number which gets you through to a pre recorded, and long, message.

The small print on the card assures you that 'calls will cost no more than 7.00'.

Obviously the only people who will bother are ones who are extremely gullible, stupid, or who encounter it for the first time.

But that small number of people make the scam worthwhile.

The reason I find these kind of spam tactics despicable are that they basically target vulnerable people. In England there have been several well puplicised cases of pensioners blowing their life savings on this kind of stuff.

Spam is just an online version of something thats been going on for years.


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

Doc Lightning
GOLD Member since May 2001

Doc Lightning

HOP Mad Doctor
Location: San Francisco, CA, USA

Total posts: 13920
Posted:Quote:
I just want to meet the guys who are like "Hell yeah I want to enlarge my penis! And this random unsolisited email I got seems to be just the way to do it!"

If there was no demand, there'd be no supply. Who are these people that are getting spam and then buying those products?!



NYC, in my job, I encounter every single possible segment of society, from CEO's and politicians to the homeless.

And believe me, there are people that stupid. rolleyes


-Mike )'(
Certified Mad Doctor and HoP High Priest of Nutella

"A buckuht 'n a hooze!" -Valura

Delete

Dentrassi
GOLD Member since Apr 2003

Dentrassi

ZORT!
Location: Brisbane

Total posts: 3044
Posted:mmmm....spam.....


Non-Https Image Link


"Here kitty kitty...." - Schroedinger.

Delete