Slashdot Mirror
Spammers Stoop To New Low
mathowie writes "I received an unsolicited spam this week from MonsterHut, extolling the virtues of their "products" which are "email marketing" (they're a spam cannon). After reporting it at Spamcop, I received an interesting email from their bandwidth host. It seems that before they could cancel MonsterHut's account for violating their terms of service, MonsterHut began suing them. The worst part? A judge granted MonsterHut a temporary restraining order, forcing Paetec to keep their site online while they continue spamming, before Paetec even knew about the suit. Paetec is collecting affadavits from people that received the spam, so if you did, fill one out. It may be their only chance against the court. How far will spammers go to get their word out? When's it going to stop?"
According to the affidavid filled by the plantiff, they were not involved in sending unsolicited email, and thus not violating any terms of use. If you possibly opted in through some other company then maybe it isn't technically spam? (according to the TOS)
The point I'm trying to make is I can understand why the court wants to show some restraint before allowing an ISP to cut a firm's internet access. What would be the consequences if they cut the pipes and then sorted it out? Monster Hut could be deprived alot of revenue!
I'm not trying to defend Monster Hut as they could very well be guilty. I just think that we should be pleased with the Judge's injunction until this gets litigated.
Think about the bigger picture for a second. What's happened is that a client of an ISP has forced the ISP to win in court before cutting off service.
We've seen lots of cases where service has been cut off for questionable reasons (hosting deCSS, hosting "slanderous" material, whatever) and the ISP's client has had _no_ recourse.
While I would wholeheartedly support the lynching of spammers, I also welcome any trend that forces ISPs to be accountable for disconnecting service. It's not right that my Internet access can be cut off because of unsubstantiated allegations made in a lawyer's letter to my ISP.
Rather than fighting to get these guys booted from their ISP, just enter their IP into the black-lists. If their outgoing mail is handled by the ISP, the ISP can set up a specific IP address as the source of the spam and the rest of the world can block it.
It is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail. - Abraham Maslow
Since spam is getting more and more of a problem, I've decided to release my partial solution (content based spam filtering). :( ).
t ar.bz2
It currently kills about 70% of the spam I receive (still leaving about 20 messages per day in my normal mailbox
ftp://ftp.bero.org/pub/experimental/NoSpam-0.0.1.
And yes, it kills spam from monsterhut.com.
This message is provided under the terms outlined at http://www.bero.org/terms.html
I bet they'd love our opinions :)
716-298-9797
Some interesting points so far...
The biggest part of the case is whether this was actually a case of unsolicited email or not. The Defendant has stated that they believed Monsterhut was an opt-in advertising service when, in fact, they buy their lists externally with the apparent assumption that these are genuine opt-in customers.
The Plaintiff has pointed to a provision in the contract that allows for a 2% complaint rate to avoid immediate termination of their contract. First, whoever agreed to this for the ISP should be shot considering the sheer amount of traffic Monsterhut can throw out and the number of spam messages that 2% allows for (the Plaintiff even mentions a number over 6 million outgoing messages to date, if I remember right). Apparently, this provision exists to protect Monsterhut from users who opt-in but later forget (or change their minds). When the ISP receives complaints, they are to forward them to Monsterhut who will verify the address, validity of the complaint, and apparently make the appropriate changes to their database. Makes you warm and fuzzy to know your complaints are, in fact, going directly to the spammer.
An interesting side effect to all this is the ability to verify individuals. Quite a lot of attention is paid to whether the individuals could be identified according to their email addresses and the fact that SpamCop removes this information. It seems this comes in to play during the complaint / remediation process. But it is even more important when dealing with the court. The Defense pointed out that the Plaintiff had ample opportunity to subpoena SpamCop for identifying information, but failed to do so.
One final interesting tidbit... the Judge wanted to define the difference the Defense saw between a case of one of the 2% mistaken users and a "true spam" case. The Defense began to talk about harvested email accounts that are not user email accounts, such as those used for contacts in Network Solution's whois database. The Plaintiff apparently perks up on this, grabs the ball, and attempts to run. It appears that Monsterhut does "use Network Solutions" to identify businesses offering services that could be marketed by Monsterhut. Since they only send mail out to, say, 5 "targeted" customers... why... this isn't the kind of mass emailings that we're all talking about. Not spam at all. Nosir.
Some addresses Monster Hut sent to were only used as points of contact for domains with NetSol.
There is no way they could have opted in anywhere since these addresses aren't used for anything other than domain contact.
If one of those people got an unsolicited email, then it's spam, against terms of service, and reasons for terminating the contract.
Monster Hut got that 2% complaint figure thrown in hoping it would save them from getting cut off for spamming, knowing there's no way to get 120,000 separate provable complaints.
But they forgot that that's complaints on truly opted-in spam -- and they should have to prove the opt-in status. They can't -- they're toast.
Why I hate spam ? Easy, here are the reasons :
...).
1. It's a violation of my privacy. In the country I live, it is illegal to collect and use information about individuals without notifying them and let them correct the info.
2. It hides non-spam messages. As spammers do not mark they messages as advertisements, it is sometimes difficult to spot real email among a list of spam email.
3. It forces me to hide. I cannot use my email on usenet, on the web. I have to use tricks when I have to give my email, those cost time. Multiple email are mandatory to protect your privacy.
4. There is no limit in the amount of spam email you can receive. As it costs almost nothing to send spam, the number of email you receive can be very impressive and cost you time and money. It is worse if you have multiple emails (work, home, topic1, topic2, school, work2, usenet, mobile phone,
5. It can interrupt your work. like said in a previous post.
6. It is a menace for children. Some spam are offensive, illegal or pornographic making the internet a unsafe place in the mind of parents.
7. Spammers hide themselves and forge emails in their messages. You can not answer, complain to their messages.
8. More, as they use a hotmail, yahoo or other email address, these services are sometimes blocked or suffer bad image.
9. Remember that unlike postal advertising, YOU pay for spammers, the whole internet community pays for them.
10. It is illegal, period.
When I'll have time, I'll publish this on my web site : http://unixe.net .
M.G.
Men are born ignorant, not stupid; they are made stupid by education. Bertrand Russel
look at all the junk snail mail you get every day, do you think that's going away any time soon?
My standard reply seems to work well. You could also try to look at some consumer groups, they have good advice on this.
'I will inform all my friends and their dog about your harassive and misleading marketing' (which I actually never do, griping about junk mail is boring) ... 'I hereby forbid you to send
me any mail in the future. I am not interested
in you products and never will' ... 'Legal actions may follow' (Some companies sending junk mail do not have large legal depts, so I try to scare them).
For the junk mail send to me by without an address, I have a 'No junk mail here, please' sticker on my mailbox. And if I get some, I call the local post office. The amount of junk mail I receive has diminished by about 75% in two years. Some of my neighbours have started imitating me, as they are getting sick of junk mail.
As absurd as spam seems, it works.
Sometimes spam is counter-productive.
The spam I get is mostly 'harvested' from the company website. Most of the spam we get is 'evaluate our new (MS-Win) software'. The department I work in has about 40 Linuxes, 5 Sun and 3 Mac workstations and 2 Windows machines for the secretaries. So, we do not use Windows software expect the Office package that the secretaries use. This is also clearly stated in our website.
The company spam policy is:
1. Sending spam is strictly forbidden. (This applies also to the marketroids, not only R/D where I work). Spamming would lead to suspending of e-mail account (or the employee, depending on how bad it was).
2. Any spam received should immediately be reported (forwardedto ). A 'legal actions may follow' reply describing our spam policy is sent to the spammer, his/her boss and the webmaster/sysadmin of the spam-sending company. In a few days, the spammer is added to a corporate blacklist for some period of time (something like 3 months). The spam-sending company is also informed on our policy. Anyone on the blacklist will have the following treatment: Any mail sent to our employees from their addresses is dumped automatically. No business will be made with anyone on the blacklist. Repeated spamming results in that we contact the ISP and CEO of the company sending spam, and ask them to stop the harassment.
Some of our departments are Win-only, so the blacklist policy is actually hurting spammers. An their bosses are infomed on that.
You don't have any "right" not to be cut off by your ISP. They don't have any "right" to cut you off. Let's quit talking about rights here. What the two of you have is a BUSINESS CONTRACT. If they want to cut you off, and it says in your contract that they can't, then the only "right" you have is to sue them. There is no unalienable RIGHT to provide or have provided Net access. It's a business agreement, and it should be handled that way.
PaeTec sold the service because, well, that's what they do. PaeTec's T&C's explicitly prohibit spamming (defined in the contract as unsolicited e-mail) and MonsterHut represented that they only send targeted e-mail to addresses that have opted in. Using PaeTec's definition, not spam.
Where PaeTec blew it is by allowing an addendum to the contract that essentially allows 2% of MonsterHut's mail to be spam. MonsterHut contracted the addendum to cover the case of what they claim are people who opted in and then forgot or who've just got an axe to grind. Furthermore, the 2% means that 2% of all recipients have to complain.
MonsterHut has sent 96 million e-mails. That means just under two million people have to complain before reaching the 2% threshold. Oops.
So the basic lesson learned here is: Don't allow stupid addendums to service contracts. Or, don't do things based on a percentage of volume.
In this particular case, it would seem (believe it or not) that if MonsterHut were found in violation of the 2% rule, an acceptable remedy would be to send out more spam on the bet that fewer than 2% would complain about the new round of mail. Relief through dilution.
(Consider the nuclear power industry. In the early days, dumping of radioactive material was legally limited to some number of microcuries per milliliter. Got something to dump that's too hot? Just add water. There's a radioactive stream in Windsor, CT. as result. These days disposal is limited by total microcuries. )
Almost sounds as though the judge specifically wants to go through the entire process, check and doublecheck at every step of the way, to provide a rock-solid, bullet-proof, airtight precident against spammers that other courts can then gleefully use to go after spammers double-barrled. Sounds like a good idea to me.
Vintage computer games and RPG books available. Email me if you're interested.
Go read the transcript. The ISP claims the right to terminate service with no notice, but allows 30 days to cure a breach of contract, but promises not to terminate service simply because of complaints where a user opted in but forgot. Problem is that they have affadavits from people who didn't opt in, but got the email anyway. Monsterhut is trying to assert that users opt to receive email related to their internet service simply by listing an address in whois. Monster is also trying to assert a lot of nonsense that the judge isn't putting up with.
-russ
Don't piss off The Angry Economist
Spammers are scum. When I used to be an active anti-spammer (gave it up a few years back as it got to be too much of a time suck -- kind of like SlashDot is now. ;-) ) I had to deal with mail bombs, death threats, revenge spam, etc. Very interesting times.
:p) my e-mail address was numeric (ie. my phone number). After getting dozens of spam messages delivered there (no stretch to send e-mails from 090-0000-0000 to 090-9999-9999, right?), I got sick of it and registered my alias. I hadn't even started USING the address and I'm already getting about 5 spams a day to it (what, did NTT Docomo sell my damned address or something?) The damned phone WAS set to ring whenever I got an incoming mail, but I got tired of being woken up at 3:00am when some damned deai advertisement arrived, so I had to disable THAT too.
The ones who are really pissing me off now are the mobile phone spammers. I live in Japan and have to pay 300 yen (about $3.00 US) every month for the "privilege" of e-mail. Before registering my mail alias (I used a word which is NOT in common use in Japan
Not only do I pay 300 yen a month, but I have to pay per packet, so everytime one of these SCUMBAGS sends me spam, it's an actual yen or two increase in my monthly bill -- per message. It doesn't take long to add up.
So to the previous person who said, "Just calm down and hit 'delete'", there are many, many reasons to disagree with you.
This is a temporary restraining order. THe very nature of these is that you get one at the time of filing to protect the status quo. A time for a preliminary injunction hearing is set, typically within ten days, which is the first time that evidence from both sides will be heard. There is *nothing* sneaking about getting the TRO before the other side heres of the suit; you serve them both at the same time.
While the standard of evidence to get the TRO is pretty much "file an affadavit,", to get the preliminary injunction you must show a likelihood of winningat trial and that you will be irreparably harmed. If the other side shows you perjured yourself in the TRO affadavit, you tend not to get it (Judges *hate* perjury. They were the group most angry at Clinton).
hawk, wsq.