Slashdot Mirror
AOL Sues Porn Spammers
MasterOfDisaster writes "c|net reports "that in a crackdown on spam, America Online is suing a company that owns and operates pornographic Web sites, accusing it of sending junk e-mail to AOL members." My favorite part is the comment from the accused, "We do not knowingly profit from unsolicited e-mail." Ah, blessed ignorance.
It is disturbing to me that AOl picked out "Porn Spammers" to sue. Do I get Porn Spam. Sure. Do I get MLM spam? Yes. Do I get semi-illegal decoder baox Spam? Fairly regularly.
Singling out Porn smacks of the deep thread of puritanism that still runs through America and gives me a 1st Ammendment chill.
Because, Santa, receiving AOL CDs doesn't cost you a penny, whereas receiving spam EMail does cost you.
"But I've never had to pay for it!" you cry.
Actually, you do. The Euro recipients know this right up front, because they get cold-cocked with per-second telephone access charges.
Americans *should* know it, if they'd only just think for a moment. They get higher ISP charges and/or go over their transfer limits because of the spam email.
Yes, yes. You only pay $35/month for your whizbang ADSL connection. But that $35/month *includes* the cost of spam. Your ISP is paying for the transfer, storage and processing of that spam EMail -- and you *know* that the costs are passed on to the consumer, with a few percent tacked on for good luck.
You pay for the spam, sure as god/dog made little green apples.
Ergo, no double standard.
--
--
Don't like it? Respond with words, not karma.
In the UK you can opt out of paper junk mail by registering your name and address with the Mailing Preference Service. After I registered I got no more paper junk mail addressed to me. Occasionally I get junk mail sent to my address which have no name on them.
Freepost 22
London
W1E 7EZ
I was wondering whether there is a similar service in other countries?
Scroogle
-p4
(c) All Rights Released.
They had a horrible time getting rid of it, and were losing the battle, until they came up with a unique solution.
Someone did some research, and figured out how to cook it, and promote it as a delicacy. The result was that suddenly you had a whole bunch of people hunting down the critter so they could cook it themselves, or sell it to a restaurant, or whatever.
The population is now very nicely under control, and is no longer an ecological threat.
So what has this got to do with spam?
It is my contention that spam will continue to exist as a problem until we make it profitable to go after folks who are spammers. Then it becomes a business.
that is why I have advocated a spam licensing program in the past, so that it would become legal for everyone to bill the spammers for traffic, etc. and business would pop up whose sole purpose in life would be to hunt spammers. The spam hunters would get a piece of the action, and send you a check.
It has to become advantageous for someone to have a business billing spammers on a general basis. Everyone hates bill collectors. We could turn them on the spammers.
"It is a greater offense to steal men's labor, than their clothes"
Bad news... you, me *and* our world come and go. Everything will be recycled eventually. What you're really worried about is the 'us' and frankly I doubt 'us' will be around long enough for the universe to take notice.
Mother nature is my recycling bin.
There's a place called "too far". I can't seem to find it.
No, you're thinking of a bill that was introduced into Congress in 1998 by Sen. Frank Murkowski. It passed the Senate as a rider to S. 1618 but died in the House after organizations such as CAUCE and FREE mounted a huge phone-in campaign. They were against the bill because it was seen as pro-spam because it implied that spamming was fine as long as the spammer provided a way to get removed from his list. Aside from the obvious problems with an opt-out system, there were major loopholes. For example, there wasn't much to prevent a spammer from removing you from one list, then adding you to others later, since you'd have to somehow figure out that the same person had spammed you twice. There was also nothing to prevent your address to be sold or given to another spammer. So, Party A could spam you, get your remove request, remove you, then give your address to Party B, who is spamming on Party A's behalf, to spam you again. (There was no penalty for the person _sponsoring_ the spam, only for the one actively sending it at that moment, so each and every spammer could spam you until you asked for removal.) Finally, neither you nor your ISP could sue for damages if a spammer didn't remove you. All you could do was report the spammer to the Federal Trade Commission, who had sole authority to levy penalties. Aside from these issues, ISPs were afraid that the bill implied a right for their customers to spam if they followed certain guidelines, and the ISPs feared that they would lose the ability to enforce their AUPs. For example, what if a spammer obtained a Hotmail address to receive remove requests, and Hotmail closed the account. Could the spammer argue in court that Hotmail had no right to do this, since the spammer was using the account to perform a legally-required function, namely, to receive and honor remove requests, as required by law? Luckily, this monstrosity died before it became law.
That light you see at the end of the tunnel might be from an oncoming train.
"We aren't knowingly making money off of spam"
This dosn't mean "We are making money from spam we just fain ignorence" but "We never bothered to learn what spam is"
Thats the problem with a lot of busnesses. Our luck that spam simply dosn't occure to most people when they first start doing busness on the net. When they try to addapt the old postal junk mail anolog they print up post cards and mail them out. I rember when TI did this.. The first postal junk mail I ever got reguarding the Internet,... I was kinda supprised... But it wasn't the last junk mail.
Still when someone new to the Internet dose his homework often Spam supplyers strike.. They latch on and teach the ways of spam... "Ohh ignore those techno dweeb hippys... they aren't up with the cutting edge..." or some such nonsence... By the time they run accrost matereal against spam they think it's all nonsence and BS.
Then they spam.. lost all credability.. lose money.. and drop off the face of the net never to return again...
Then there is the other side of this...
"Ignorence is bliss" the reply to the comment..
We've come to expect Spammers to lie.. but for many spam hunters this has lead to a gult before innocents addatude..
Just becouse a person says "We aren't knowingly proffiting from spam" dosn't mean "We fain ignorence and spam anyway" they could simply be saying "Look we aren't sending spam.. someone COULD be spamming in our name.. but it's not us" For someone new to spam it seems a reasonable assumption... "Fans" do all kinds of nutty things to premote someone they like.
(Linux advocates are a good example.. some are really painfully annoying...)
At times it's a matter of chilling out...
For a while it was a spammers tactic to clame support (in some way) from a larger company. AoL and Microsoft got hit with this and for a long time (Becouse AoL and Microsoft are "Bad guys" in other areas) people belived it..
But realisticly AoL and Microsoft have allways been against spam... AoL sued CyberPromo on occasion and was sued by CyberPromo... Bill Gates wrote an artical trashing spam as a total waist of time.
So basicly when dealling with a potental spammer two rules apply.. Spammers lie convencingly and innocent victoms tell the truth unconvencingly...
Some times it takes work to find the guilty party.. some times it just takes work confermming the person you have in your claws really is as gulty as you think he is...
You can't use simple rules to base your judgment.. Spammers will just use this against you... They love it when you come down on an innocent victom... "See.. they just resisting change..." and they also love it when you pass over an gulty party.. "Encorcement..."
In the end I don't believe in letting them go easy I also don't believe in being trigger happy...
I don't actually exist.
...but I'm afraid they'd sue me.
Got Warez?
Perhaps, but consider this. Some estimates have put the percentage of spam coming into AOL as high as 30% of e-mail traffic. Now how many terabytes of storage do you suppose AOL has for e-mail, not to mention how much bandwidth is needed to receive it? If you figure that 30% of that goes to spam, you can see that there is a real cost, one that the spammer isn't paying. If AOL is going to send out a million CDs, they have incremental costs associated with doing that, costs that _they_ must pay. Your garden variety spammer signs up for a dialup account with an ISP, then spams away like there's no tomorrow, until the ISP is alerted and pulls the plug. What does the originating ISP get? $19.95? Maybe, unless the spammer used a fake cc number or requests a chargeback, which credit card companies often give. And what costs has the ISP incurred? Well, the spammer used their bandwidth to send out his spam, and he costs their sysadmins time (translation: money), since they have to deal with the mess the spammer leaves behind, plus, he causes the billing/collections department time (translation: money) as they try to get some money out of him, and he might also cause legal fees to pile up if the ISP decides to sue. As a matter of fact, I sold dialup ISDN to a guy who I later found out wanted to spam. Let's look at what this one incident cost in terms of time. 20 minutes for me to explain the product set and sign him up.
10 minutes to speak with someone in QA about his nasty e-mail she received telling us he wanted to cancel because he objected to our AUP.
10 minutes discussing it with my supervisor.
15 minutes for me, my supervisor, the QA representative, and the QA manager to discuss the situation.
5 minutes for me and my supervisor to tell the manager of billing that the customer was definitely to be billed for the time he used, even though he stated in his message that he wouldn't pay.
30 minutes for the manager of QA to speak to him and tell him that he was going to get charged, since he had asked and was told at the time of signup that we don't do refunds. It was at this time that his intention to spam was revealed.
10 minutes for me to spaek with our sysadmin to find out if he had spammed while he was connected, which he hadn't, as far as we could tell at the time. Now you can add up the time above and get an idea of the cost. Keep in mind that you'll have to double, triple, or quadruple some numbers based on the number of people involved. And I don't even know if we ever got our money out of him. And don't forget the costs to another organization if the spammer hijacks a mail server to relay his junk. Sure, anyone running an open relay these days is asking for trouble, but there are times when closing them can be a huge pain, such as on an old mainframe running an old MTA and an outdated OS. There are some machines out there that are old enough that there just aren't any upgrades available, and the organizations that own them might not be able to justify replacing them solely for that reason. My point isn't to downplay the annoyance of regular junk mail, but spammers cost lots of people lots of money, and I didn't even get onto the subject of fraudulent spam, which most of it seems to be. IMHO, AOL is right to sue them. Hell, I wish they'd do this more often, and it'd be nice if other ISPs did the same. If these lowlifes want to use the resources of others to try to squeeze a buck out of some newbie, then they need to get their balls nailed to the wall for it.
That light you see at the end of the tunnel might be from an oncoming train.
Hi all,
A lot of people seem to be under the impression that since their own personal download time for spam messages is next to nothing in comparison to regular browsing traffic, it can't be costing them much.
As a sysadmin for an ISP, I'd have to disagree. Spam in general raises operating costs quite a bit, ad that's what a customer's bill pays for. What users aren't thinking about is that it isn't just a few users that get spammed. Let's say a mid-sized ISP, with maybe 40,000 customers, suffers a spam attack in which 50% of their customers receive a 5k e-mail. You're looking at almost 100 MB of traffic generated by just one spammer in a short period of time.
This isn't the worst of it, though. It used to be that spammers used lists of valid e-mail addresses to send their spam from... Now, going by what I've seen lately on our mail servers, spammers have taken up what I've coined as "shotgun spamming." They fire off e-mails alphabetically, from multiple sources simultaneously, choosing common last names and pairing them up with first initials, first names with last initials, etc, knowing full well that the bulk of their mail won't get anywhere, but be bounced back. During such an attack it is not uncommon for a server to get hammered with several thousand messages a minute assuming the hardware can handle it without deferring connections. By the time the attack is over, a server will have received somewhere along the lines of 100,000 to 200,000 messages.
The problem that makes this sort of spamming worse: MTAs will attempt to send a bounce message back to the sender if an address doesn't exist on a given server. The spammers know this, and don't want to catch all that traffic themselves, so guess what? They use an address that doesn't exist as well, causing the attacking server to bounce the bounce message our victim server sends right back again. This is known as a double bounce, and once it occurs, the message does finally die... But let's look at what damage has been done:
Using the hypothetical ISP outlined above, let's assume a fairly small attack of 100,000 5 kilobyte messages, of which 50% of the 40,000 customers end up receiving a mail... This results in the aforementioned 100 MB of traffic, and leaves us with 80,000 bounce messages to send. These bounces generally include the contents of the original message plus some additonal text describing the problem, so they'll be a little larger than 5k, but we'll ignore that.
Now, we've got another 400MB of traffic in bounce messages to send, to which we'll get another 400MB of double-bounces in reply. This results in 900MB (that's bytes, not bits, for hose of you counting at home) of total traffic from one such salvo of spam, not counting the endless amount of resends on each side since both servers will likely be deferring acceptance of messages by about halfway through, causing a buildup in each server queue and wasting HD space to boot. This is a fairly tame example.
I personally spent an entire week recently monitoring the mail queue of a mail server being shotgun spammed ("TURNKEY E-COMMERCE SOLUTIONS"), and shutting down acceptance of messages from their sources -- It was disgusting to see the Net's lowest life form next to child pornographers (spammers) sink to a new low in their tactics. Automated spam-blocking tools can't fully alleviate this problem, no matter how well designed. Heck, even non-automated attempts can't. As I was shutting down acceptance from one relaying machine, another would pop up and start spamming, taking the place of the one just blocked... It was like trying to fight a DDoS being done through SMTP!
Anyway -- in short, spam will cost you, not matter who you are. I'd recommend http://www.cauce.org for more information on this issue.
--
NeoMail - Webmail that doesn't suck... as much.
My company does business with Cyber Entertainment.
Specifically, we provide them with a fair number of email boxes.
While I certainly cannot attest for their practices with regard to AOL, I have noticed that they appear to follow their AUP closely; at least when it comes to us.
In every instance where a large number of complaints have come our way (generally because someone found one of the email boxes, discovered who the ISP was, and started hammering our abuse department), Cyber Entertainment has handled the issue quickly and professionaly, instantly terminating (or at least we never heard another word about it) their relationship with the offending spammer. In fact, we've seen numerous misplaced emails from former "webmaster affiliates" who are VERY upset that CE refuses to do further business from them.
Logically, I think CE views the whole thing (until now) as quite a scam.
Think about it: They get to have other individuals/companies spam for them, but once the spam is reported, CE can sever the relationship, not have to pay the spammer a dime, yet still reap the benefits of spam.