Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lawsuits Against Spammers

Posted by CmdrTaco on from the scum-of-the-earth-eat-me dept.

apc writes "Pretty good overview of the state of the law regarding spammers, and some stories about people who have sued them and won. Nice to see the topic getting mainstream attention." It talks about several different states and several different people who have won cases. I still think its fairly hopeless, but I also believe forging SMTP headers should be legally punishable by castration.

11 of 355 comments (clear)

  1. The solution to spam. by Restil · · Score: 5, Informative

    The only reason spam is so prevalant is because there are still enough suckers out there who respond to it and buy into the schemes. We need to do one of two things. Either successfully educate the suckers so the spam becomes uneconomical, or compile a real list of suckers and find a way to convince the spammers to ONLY spam them, and not the rest of the world.

    Neither of these things will happen, unfortunately.

    -Restil

    --
    Play with my webcams and lights here
  2. Re:Castration? by Anonymous Coward · · Score: 2, Informative

    Main Entry: cas.trate
    Pronunciation: 'kas-"trAt
    Function: transitive verb
    Etymology: Latin castratus, past participle of castrare; akin to Greek keazein to split, Sanskrit sasati he slaughters
    Date: 1609
    Inflected Form(s): cas.trat.ed; cas.trat.ing
    1 a : to deprive of the testes : GELD b : to deprive of the ovaries : SPAY

  3. Comment removed by account_deleted · · Score: 3, Informative

    Comment removed based on user account deletion

  4. Re:Technical / Social solution please by kiwipeso · · Score: 1, Informative

    As a New Zealander, I can state that Spam is definately in violation of all but the 8th part of the Privacy Actt 1993 (NZ)
    Australians have a simular Act, but I'm not sure if it covers the same things.

    --
    - Kaos games and encryption systems developer
  5. Re:Technical / Social solution please by Anonymous Coward · · Score: 2, Informative

    I use Authd :) Authd

  6. Re:The laws in iowa by Happy+go+Lucky · · Score: 3, Informative
    One of the 'university diploma' spams was illegal under Iowa law (invalid return address), but, of course how do you sue for something like that? I tried looking on reverse phone number sites to see who owned the phone number advertised, but nothing showed up.

    When you opened up the full headers on the spam, I assume you found the Received: lines going back from your mail server to the sending mail server, and from the originating IP to the sending mail server.

    I also assume that Iowa law provides for John Doe lawsuits, in which you can identify the defendant as a specific individual even if you don't have his name, and has a long-arm statute whereby torts that occur partly in Iowa can be filed in Iowa courts.

    Given those things: File your case with a John Doe defendant. Identify the defendant as the person who was using IP 123.456.789.012 at July 4, 2001, at 12:00 noon CDT. If you can explain what that means to the judge (in writing!) you can make a pretty strong case that that's one distinct individual.

    When you file, have a subpoena ready for the court clerk's signature. You'll want to send it to the ISP or whoever owns the IP number, and it's for all billing or other records which would show the identity of the person using that IP at that time. Once the subpoena gets served and gets compliance, you have your defendant.

    As for "large expense," I frankly don't know what it's going to cost you. Some states mandate civil spam-related stuff to go through small-claims, and some states don't give their small-claims courts the power of compulsory process. Obviously, a court that can't subpoena evidence is a joke, but don't ask me to explain it.

  7. Re:Help: Spammers with Fax-Numbers to reply by Happy+go+Lucky · · Score: 2, Informative
    The flower shop was called flowers.com. A spamming piece of shit (like Bernie Shiftman) named Craig Nowak forged them into the From: lines of his spam. They got hammered with the bounces and bitches from people who couldn't read headers.

    They identified Nowak (who is a spamming piece of shit like Bernie Shiftman) and sued him. And won.

    I can't find the actual cite from the case. However, it was from 1997 in the District Court for Travis County, Texas. Tracy Parker, Zilker Internet Park, and others vs. Craig Nowak and C.N. Enterprises or something like that.

  8. Re:RBL and SpamAssassin by nehril · · Score: 3, Informative

    definitely. I put in spamassassin + vipul's razor on my utility linux machine, and I have it fetchmail my various accounts and scrub them. I use gotmail to fetch my hotmail and run it through the scrubber. this combo catches about 95% of all spam (and my hotmail account gets about 50 spams per day). Every other day I get one piece of spam or so.

    Now I have all my accounts collected in one place and scrubbed. I even put in a webmail system (sqirrelmail.org) so I can fetch it remotely via ssl. If you have the means to hook up a setup like this I highly recommend it.

  9. Re:Put the ball in the court of the ISP by Anonymous Coward · · Score: 1, Informative

    I'm not quite sure if you have the same guy, but there has been a increase in the use of dialups to obscure the high-speed connections lately.

    The scenario works like this:

    The spammer has a high-speed circuit to somewhere. The spammer also has a bunch of throwaway dialups. While dialed in, the spammer pumps out the spam through the high speed circuit, but with the source address of the *dialup*. All the dialup has to do is route ACKs, not the main payload, so it's not that slow. Compare it to 1-way satellite internet. It works since nobody does egress filtering like they should.

    So, as far as the dialup ISP is concerned, no outgoing port 25/tcp traffic is happening there. They may even have a block on those ports, and it won't matter, since the outgoing stuff is happening elsewhere.

    What's more, the high-speed provider may have no idea what's going on. You'd also be hard pressed to discover exactly how it's routed as a result.

  10. Re:The laws in iowa by Happy+go+Lucky · · Score: 2, Informative
    As much as I hate to reply to my own posts...

    If the spam included a fax number, then find out which telco supports that number. For instance, a 303 or 720 area code would be metro Denver and therefore Qworst.

    When you file against your John Doe defendant, you can subpoena that number's owner from the phone company.

    Frankly, I'd use both of these avenues. A judge would probably be more receptive to the phone company angle, since he might not understand your header-reading tutorial completely. Tracing through the IP could then be used as confirmation.

    Also, the mail could have been relayed. Probably 75% of my spam is English-language with a payload site connected through a US provider, or a US phone/fax number. Easily a third of that 25% is relayed through an overseas mail server (usually a badly-misconfigured and ancient sendmail on some APNIC IP=read as China) which doesn't accurately report the originating IP. In theory, you could try to subpoena the info from the relay's owner. In practice, a Chinese sysadmin would wipe his ass with your subpoena even if he could read it.

    In other words, the headers may or may not have the information that you need.

    Also, spams may carry a PO box or another box number. The USPS will give out POB boxholder information to the public on any box used to do business with the public.

    I don't know if that applies to the private pack-and-ship businesses like MBE. It's worth asking them, though.

  11. Lawsuits *will* be effective by jestapher · · Score: 3, Informative

    A single lawsuit won't do anything to stop spam, but once fifty or one hundred people start suing, it will get too expensive for many spammers. In Washington State, we've nearly a dozen folks filing lawsuits, some of them going for some serious amounts -- to the tune of tens or hundreds of thousands of dollars.

    If you've got spam with a phone number or ordering address in it, you can (usually) track it down to a specific company or person. If it's only got a URL, like those mortgage spams, Washington litigants are filling out the contact forms on the site, then going after the mortgage company that contacts them. When these mortgage companies get hit with a lawsuit, they either want to settle right quick, or they rat out the spammer they hired. I've been focusing on spam with phone numbers, as I find it relatively easy and fun to track down the company behind the number. It may not always be easy to find the spammer, but it's not rocket science either. Anyone can do it given a little bit of time.

    The Seattle Times had a good article on Saturday about the anti-spam law, some folks who've been using it, their wins, and the troubles they've encountered with the court system. The biggest issue in Washington is that court clerks and judges aren't fully educated about procedural issues like whether one can sue an out-of-state defendant or for punitive damages in small claims court. (The answer to both is yes.) It's been pretty frustrating for us "trailblazers," as the judges are saying contradictory and often quite stupid stuff.

    Here's some nifty links:

    For a copy of my 24 page zine, Zen and the art of small claims, send some stamps to PO Box 95227, Seattle, WA 98145. You can also just read it online at my site, but any zinester knows that it's just not the same.