TrustE Launches Trusted Spammer Program

Silverhammer writes: "InfoWorld is reporting that such luminaries as TRUSTe, ePrivacy Group, MSN, and DoubleClick are getting together to develop a "trusted senders" program to certify "commercial email" and "elevate" it above ISPs' and end users' spam filters. Why, you ask? Because they believe it's actually our fear of fraud that's hurting their response rates. Apparently all that stuff about invasion of privacy and theft of resources is just a big misunderstanding..." The Infoworld story linked above has the best information about this seal program, but CNet has another story including a quote forecasting 1400 pieces of spam per person per day in five years. Update: 01/31 17:02 GMT by M : The FTC is announcing a crackdown on spam.

Absolutely!

Because they believe it's actually our fear of fraud that's hurting their response rates.

When I found out Sally and her dorm full of debutants weren't posing just for me, I felt hurt and angry!!

Re:Absolutely!

Here is one of the best e-mail sanitisers around:
http://www.impsec.org/~jhardin/

Filtering out stuff with a truste seal should be really easy...

Re:Absolutely!

rofl!

I suspect another major reason is that truste etc have figured that they can charge the big spammers to actually have their spam get through. In other words? Yea, they sold out. Just like an anti-virus company letting government viruses through because they can't be arsed fighting for what's right.

Re:Absolutely!

[ethereal]

TrustE has been sold out for a while. Their web certification has always been ISO9001-like: it signifies that you do what you say you do, not that you do what consumers would expect that you would do with their data. This is just the next logical step for the visionaries over at TrustE.

Re:Absolutely!

[Mattcelt]

That's funny. I bet they do the same thing to our complaints that the FTC is doing to our forwarded junk mail... uce@ftc.gov? Why not just name it "trashcan@ftc.gov" and be honest about it? :-)

We get junk mail through the postal service

[qurob]

including a quote forecasting 1400 pieces of spam per person per day in five years.

That's only about 5 times what I get now. Serious.

I get junk mail at home, but most of it is Arby's coupons and Pizza specials. I like those.

I don't get "get rich quick" or "see my web cam" at home. I do get "you're approved for a loan" and "cheap health insurance"

I just trash it on my way from the mail box back to my apartment.

Annoying? Of course

Do I worry about it? Nope.

Re:We get junk mail through the postal service

[AndroidCat]

Your junk mail at home is paid for by them. Junk email is paid for by you. Oddly enough, email "black-holes" like SPEWS have the spammers frothing and whining.

Oh dear!

Re:We get junk mail through the postal service

[bstrahm]

I take it you don't own a house...

Ever since I bought my house I get several times weekly... You are pre-approved for a second mortgage/If your interest rate is above X we can save you money...

I'm not even going to talk about the credit card offers I get....

Re:We get junk mail through the postal service

One way to get a little revenge with junk mail is to send back the postage paid envelopes empty. Taking this action has two positive benefits -- a) it annoys the junk mail senders and b) it brings added revenue to the postal service which needs money.

As a measure of how much junk mail I get, I sent back 25 empties and only sent 15 out for bills. Keep in mind that I don't even own a house!

Re:We get junk mail through the postal service

[RazzleFrog]

Actually, both of your points are weak. It definitely does not annoy junk mail senders. Have you ever gone to a fulfillment house? They are independent companies that receive, open and sort mail for companies that send junkmail. If they receive an empty envelope it just goes in the garbage without a thought. The sender of the junkmail never even finds out. Actually, they get a count of all envelopes and you sending back an empty will increase the count and reinforce their belief that the mailing is working.

As for the added revenue to the post office it is fairly minimal when you consider that it does cost them to deliver your empty envelope.

In other words, stop wasting your time.

Re:We get junk mail through the postal service

[jazman_777]

I take it you don't own a house...

Ever since I bought my house I get several times weekly... You are pre-approved for a second mortgage/If your interest rate is above X we can save you money...

I'm not even going to talk about the credit card offers I get....

Not to mention the incessant phone calls. That's why we got Caller ID and let the answering machine filter out the solictors. But still, it's annoying, like having someone standing at your door pounding away every half hour or so. Come to think of it, I have that, too, in all the door-to-door solicitors. And all the commercials on TV, radio, banner ads, popups, the spams, etc. etc. etc.

To me, this is one of the most annoying sides of the free market. I'm constantly being bugged by people scratching and clawing and whining and wheedling to get my money. It's hard enough when my family does it. I just want to be left alone.

Maybe that's why old people seem to get victimized so often. They're just plumb wore out from a lifetime of bombardment.

Re:We get junk mail through the postal service

AH, the old "I don't worry about it, so you shouldn't either" argument. Head in the sand, let's just "accept" garbage disguised as mail, whether it be paper mail or e-mail.

I don't think so.

Junk mail is JUNK MAIL no matter what the form. It's a massive waste of paper (but hey, who cares if they saw down another forest just so Arby's can announce a burger deal). I don't know if the receiver pays for paper junk mail, but the receiver certainly pays for the electronic junk mail.

Oh but I guess I should just "accept that" and "not let it worry me."

Re:We get junk mail through the postal service

[Sethb]

You might look into an anti-telemarketer service. I have Qwest and they call it "Privacy Plus", it's a service bundled with caller ID for $9.95/month. If someone calls, and their caller ID info is unavailable, it prompts them to press a button and record their name. Then, the system will double-ring my phone, play their name, and ask me to press 1 to accept or 2 to decline the call.

The beauty is, most telemarketers can't press the 1 button to speak their name, so your phone never rings. I've gotten two unwanted calls in all the time I've had it (2+ years), one was from the University I work for, asking me to donate money (they had legit caller ID info), and the other night I had someone from the Special Olympics get through, who apparently wasn't using an autodialer. I just pressed the 2 button, and the computer voice told him to shove off.

Yeah, it's a bit pricey, but I'd rather not spend my time running to the phone to deal with those people. I also don't own an answering machine or voice mail, I have a cell phone with those features, and if it's important, and you have to leave me a message, you'll know my cell phone number. Otherwise, you can e-mail me.

I'd ditch the landline completely, but I have two TiVos that depend on it. :(

Re:We get junk mail through the postal service

[RazzleFrog]

Check with your state government. I know in New York you can sign up on the Do Not Call Registry and make it illegal for them to call you.

Re:We get junk mail through the postal service

[Rev.LoveJoy]

I hear you brother!

It sounds drastic, but if you want to get rid of every telemarkter that will every try to reach you ... get a cell phone and cancel your primary line.

Sure you might still use the copper for dial-up or DSL ... in that case, unplug your phone and turn off your modem ringer.

I did this after purchasing my home and it was a welcome relief. I know the tricks with telemarketers, I know the magic words, "put me on your company's do not call list" but I was still getting the calls.

With the cell as my primary number it does not happen. Granted, this might depend on my carrier (EdgeWireless, basically a front for AT&T), however from what I understand most cell providers are very skeptical about selling their number list to telemarketers for fear of the enormous consumer backlash (interestingly enough, it would be for the same root reason we all get so pissed about spam: ergo, we pay to receive spam just like we'd pay, per minute, to receive telemarketing calls on a cell phone).

I hope this helps you out. Yes, I am well aware how annoying it is to change one's primary phone number.

Cheers,
-- RLJ

Re:We get junk mail through the postal service

[amuro98]

Ah, but what would happen if you taped one of those return envelopes to a brick?

Would the post office deliver it to the junk mailer, and demand the ~$5 postage it cost? :)

(btw, I thought the article was about spam, not junk mail. I may get annoyed with junk mail as well, but at least it's not spam.)

Re:We get junk mail through the postal service

[RazzleFrog]

If you taped it to a brick then the brick would go nowhere and the envelope would go on its merry way. You can't mail a package, or a brick with a regular envelope taped on top. It would never get passed your local post office.

I also wouldn't try it from your regular mailbox because you probably would get arrested for mail tampering which is a federal offense.

And yes this article was about spam but the original poster made the comparison and thus the thread spread.

Re:We get junk mail through the postal service

[Delphis]

Reminds me of the HOTAIR: Postal Experiments, which was on Slashdot a while ago.

They actually managed to send a brick, but yes, it had to be wrapped.

Re:We get junk mail through the postal service

[ncc74656]

I'd ditch the landline completely, but I have two TiVos that depend on it. :(

TiVoNET takes care of that problem, and gets you some added capabilities as well.

Re:We get junk mail through the postal service

[Phred+T.+Magnificent]

Qwest's Privacy Plus service is OK, except for two things:

1. It costs money every month, and
2. You're paying that money to the same people who sold your number to the telemarketers in the first place.

I much prefer a one-time purchase, like this one.

Disclaimer: I am not, nor have I ever been, an employee or other affiliate of callmenot.com. I just like their product :)

Re:We get junk mail through the postal service

[Richy_T]

Get Tivonet (I assume you have broadband)

Rich

Re:We get junk mail through the postal service

[innocent_white_lamb]

what would happen if you taped one of those return envelopes to a brick?

There is a postal regulation which states that they (the post office) can discard any object to which a business-reply card has been "improperly affixed as a label".

So the short answer is no. The brick just gets tossed into the trash can at the local post office (or street corner nearest the mailbox) and that's that.

Re:We get junk mail through the postal service

[Devilgate]

> we pay to receive spam just like we'd pay, per
> minute, to receive telemarketing calls on a cell
> phone).

What? In the States you pay to receive calls?

Martin.

Re:We get junk mail through the postal service

For cell phones, yes.

Makes it easy to filter now

[Phoex]

All we have to do is filter any e-mail with this "Trusted Sender" Seal and cut them out.

Re:Makes it easy to filter now

[CrazyBrett]

Dang, you beat me to it :)
Nice job!

Re:Makes it easy to filter now

[MrFredBloggs]

Except you`ll probably find it wont work that way. If you have a Yahoo account, they helpfully put a lot of spam into the `bulk mail` folder, but there is nothing in the email headers to identify it as such, so you have to manually click on `empty bulk mail` every time you log on. I dont think they`ll add a `empty trused spam` button, do you? Will be interesting to see if Hotmails `exclusive` mode will still work on this sort of email.

Re:Makes it easy to filter now

[moonbender]

Yahoo account? Log on? How about using one of the two tried and proven protocols which are available for the purpose of receiving and retrieving email instead of relying on web mail? It has its uses, but not for the average everyday account.

Re:Makes it easy to filter now

[Rude+Turnip]

Webmail systems use tried and true proven protocols, if you mean POP, IMAP, SMTP, etc. It's just that the mail client is web-based. I'm beginning to prefer Yahoo! webmail over using local clients. I can access it whereever there is a web browswer and it's always in one place. And, as a Comcast.net customer, I know I can rely on keeping the same address no matter what. At work, we even have a web version of Outlook that we can use from home without any hassles.

Re:Makes it easy to filter now

Although it's theoretically easier to filter these out, I'm sure MS will bury it in Outlook & Hotmail. Considering how tightly they'd like to integrate those in Windows, I see something like this in the settings in the near future:

• Only trust TrustE commercial mail: Default: Yes
  
• Automatically open TrustE commercial mail: Default: Yes
  
• Send automatic verrification of receipt: Default Yes

Imagine, MS having a monopoly on Spam!

Re:Makes it easy to filter now

[Erasmus+Darwin]

"How about using one of the two tried and proven protocols which are available for the purpose of receiving and retrieving email instead of relying on web mail?"

...says the person using a web-based message board instead of good ol' Usenet. Both web-based messaging and web-based email have advantages that're sometimes missing and sometimes completely unavailable when using their more traditional counterparts.

It's fairly obvious, for example, that you can't beat the ease with which I can use hotmail or slashdot in a "foreign" internet-enabled environment (such as an internet cafe). It's a toss-up whether or not they'll have a smart email client that can seamlessly integrate with your account, but you know they'll have a web browser capable of letting you do what you need to. Given that you can't always predict, in advance, when you may wish to access your mail in such an environment, that does make web-based mail a valid alternative for an everyday account.

Furthermore, I don't see why people insist on whining about web-based email clients, when said clients don't inherently cause an interface problem. If a given web-based email client decides to send out HTML-ized mail, it's a problem that's particular to that client (and it's a problem particular to non-web clients, as well). If a given web-based email client has a high incidence of spam comming from it, it's a problem that's particular to that free email service (regardless of whether or not the end-user uses the web to view his/her mail). Ditto for services that append advertising to outgoing email.

In short, it doesn't matter whether a person has their email displayed via the web, psychic energy waves, or even an old-school teletype. Your only concern should be with the protocol and formatting of the messages they send to and receive from the outside world.

Re:Makes it easy to filter now

[Black+Parrot]

> All we have to do is filter any e-mail with this "Trusted Sender" Seal and cut them out.

Yeah, it's like p-mail marked "Urgent" or "To be Opened by Addressee Only" -- guaranteed to be p-spam, and destined for a quick trip to the recycling bin.

Re:Makes it easy to filter now

[kin_korn_karn]

I don't know about you but I am insulted by return receipts on email.

If you don't trust me to read what you send, why are you sending it?

Re:Makes it easy to filter now

[shepd]

Just use an older email client that tends to forget you already sent the receipt (eudora 3 comes to mind). Then send it every time you log in. The sender will very quickly remember that you shouldn't be sent mail requesting return receipt next time. Problem solved!

Re:Makes it easy to filter now

[shepd]

Its been a long time since I've used an OS that doesn't include a telnet client.

telnet mail.xyz.com 110
user (username)
pass (password
list
retr (insert mail # here)
quit

Nice and easy. Just like (transmission ended due to trademark violation).

Re:Makes it easy to filter now

[DeePCedure]

• Only trust TrustE commercial mail: Default: Yes
  
• Automatically open TrustE commercial mail: Default: Yes
  
• Send automatic verrification of receipt: Default Yes

The registry settings would look something like this:

HKLM/Software/Microsoft/Windows/Current Version/TrustE/OnlyTrustEAllowed

possible values:
5 - absolutely
4 - Ok, sure.
3 - Gimme!
2 - Do it now!
1 - Yes (default)
0 - No, but please sign me up for every other spam list on the planet.

Re:Makes it easy to filter now

[anthony_dipierro]

If you have a Yahoo account, they helpfully put a lot of spam into the `bulk mail` folder, but there is nothing in the email headers to identify it as such, so you have to manually click on `empty bulk mail` every time you log on. I dont think they`ll add a `empty trused spam` button, do you?

Of course they will, because if they don't, someone else will, and the masses will start switching.

Re:Makes it easy to filter now

[MoxCamel]

...until MS incorporates "Trusted Sender" seals into Exchange. Pretty soon, everyone running an Exchange server has a seal. Makes filtering on the seal pretty worthless then, unless you don't mind throwing out the baby with the bathwater.

As for effectiveness? Look at how many sheisters out there get "trusted" SSL certificates. All these seals are going to prove is that a real live person went through the trouble of designing some company letterhead in Word, and faxed it to Truste.

Re:Makes it easy to filter now

[Rude+Turnip]

That's too minimal for me (and I'm a WindowMaker fan). I prefer using an actual client (local or web based), as do most people that use email.

Re:Makes it easy to filter now

[shepd]

>I prefer using an actual client (local or web based), as do most people that use email.

I do too. Just when I am stuck, and I don't want to leave cookies with my password in them all over the machine (not that telnet is all that secure anyhow, but it keeps the casual hacker out of your business) connecting straight to the email server works well for me.

To each their own, however. You could always ssh into your home box and run pine there, but then you wouldn't get a GUI. :-/

Re:Makes it easy to filter now

[moonbender]

You are right, and I was wrong. It'd have been more appropriate to talk about badly designed web mail accounts - such as the one offered by Yahoo. Any piece of client software (be it web based or a "real" program) promoting advertising should not be used, IMO.

Given that you can't always predict, in advance, when you may wish to access your mail in such an environment, that does make web-based mail a valid alternative for an everyday account.
I did acknowledge that web based mail services have their uses. In most cases, I'd advocate an email provider which lets you do both - access your mail using your own client software over IMAP or POP3, and, if you are for instance travelling, offers an own web based interface to you. I think this is actually the norm with better email providers.

Re:Makes it easy to filter now

[smillie]

Sometimes your mail host is down and I might like to know you didn't get the email I sent.

Re:Makes it easy to filter now

[Tryfen]

If you don't trust me to read what you send, why are you sending it?

It's not you I don't trust, it's the Internet. I use receipts to verify that the mail has actually arrived safely and/or that the mail box is being used.

I don't use 'em often, but when I do it's a useful feature.

Re:Makes it easy to filter now

[pfingst]

That used to work on Microsoft Mail, too. We got several people to stop sending read receipts by default by bouncing 40 or so receipts their way (per recipient, if the message was for more than one person). After the first time (or occasionally two, for the slower users), they never did it again!

Re:Makes it easy to filter now

[rgmoore]

Obviously you've never suffered from an unreliable email system. I generally ask for a return receipt when, and only when, I have a genuine question about whether my mail is arriving. Email is nice, and it's generally reliable, but it's not perfect.

Re:Makes it easy to filter now

[Danse]

I never return the things anyway. Netscape asks me if I want to return them. I always say no. Wonder if Mozilla has a way to default it to no.

Re:Makes it easy to filter now

[ahodgson]

I already bounce most E-mail from Exchange servers, since most of them are setup as open relays and are consequently on ordb or orbz.

Re:Makes it easy to filter now

No, no, no. It wouldn't be 0 to indicate no, it'd be 0x47e671a1 for the negative preference, although that might vary with each patch/servicepack level.

Re:Makes it easy to filter now

[kin_korn_karn]

sorry, but unless I have to send an electronic file, that's when I reach for the phone (that quaint device with the wire, next to the PC)

Re:Makes it easy to filter now

obviously, you should have a negative, rather than positive receipt.

Re:Makes it easy to filter now

[R2.0]

"I don't know about you but I am insulted by return receipts on email.

"If you don't trust me to read what you send, why are you sending it?"

Because "Oh, I didn't get your e-mail." is the "dog ate my homework" of the business world. It's the same reason to print out fax confirmations.

When money's involved, it's "Trust, but Verify", and in business, money is always involved

Re:Makes it easy to filter now

[Kiwi]

Actually, after my upstream internet connection cut off my access to the internet (when I was out of the country, grrr), I found that a web mail account was the fastest and easiest way for me to have a functioning account so I could send email to friends and family again.

I don't find the "tried and true" argument very convincing, because it usually translates to "I do not want the world to change". A world that does not change is not a very interesting world.

- Sam

Re:Makes it easy to filter now

[Delphis]

Imagine, MS having a monopoly on Spam!

As long as I read my mail with Pine, they're quite welcome to it too...

Re:Makes it easy to filter now

[Jucius+Maximus]

"I don't know about you but I am insulted by return receipts on email. If you don't trust me to read what you send, why are you sending it?"

It is of great value to people who send job applications by e-mail. If you know when the employer opens it, you can do a follow-up call.

Re:Makes it easy to filter now

[kin_korn_karn]

... if they're not offended by the pushiness. persistence pays off, but being an annoyance never does.

Re:Makes it easy to filter now

[ncc74656]

I'm beginning to prefer Yahoo! webmail over using local clients. I can access it whereever there is a web browswer and it's always in one place.

I can download and run PuTTY through the computer's browser or (if the computer supports it) I can plug in my DiskOnKey and run PuTTY off of that. With that going, I can then log into my computer and use mutt to read my mail. With GPG installed, I can sign and/or encrypt outgoing mail and validate and/or decrypt incoming mail. Mailing lists are automatically dumped into their own directories, while other classes of mail (HTML mail and mail from known spammers, mainly) gets bounced. Try doing that with Hotmail or other webmail services.

Re:Makes it easy to filter now

[Rude+Turnip]

The whole point of everything you're doing is to access email remotely. Webmail systems do the same thing in fewer steps. It's just a matter of preference.

Re:Makes it easy to filter now

[nytes]

If you don't trust me to read what you send, why are you sending it?

I can't count the number of times that receipts have saved my rear end.

Someone calls me: "Why didn't you tell me about problem X."
Me: "I did." (checking my archive) "I sent it to you on 2000-07-31 at 13:15, you read it on 2000-08-01 at 09:00."
Someone: (hesitates for a moment) "Can you send it again?"

Re:Makes it easy to filter now

[sunhou]

All we have to do is filter any e-mail with this "Trusted Sender" Seal and cut them out.

Yeah, but Microsoft is on board with this program. How long do you think it'll be before, in Outlook, when you try to delete one of these certified spams, it asks you "Do you really want to delete this?", then "This message is certified, it's not your run-of-the-mill spam, do you REALLY want to delete it?", and "Trust us, the message is selling some good crap, and believe us, we know our crap!"?

(Of course, I've never used Outlook in my life. I use /usr/ucb/mail, and emacs rmail, so these stupid certification seals will just be another pile of HTML crap that I delete.)

Re:Makes it easy to filter now

[Jucius+Maximus]

"... if they're not offended by the pushiness. persistence pays off, but being an annoyance never does."

True ... so true. On my last jobsearch round (which ended in success) it was always a balance between showing interest and initiative versus being annoying. The way I see it, these HR people are busy enough without you bugging them, but then they want a reason to distinguish some applicants from others. The job I eventually landed was one where I followed up with a phone call for my initial (faxed) application.

Re:Makes it easy to filter now

[Yottabyte84]

Pine? Yes, it's simple, but it's not all that good. Give mutt a try.

Re:Makes it easy to filter now

[MrFredBloggs]

Why? Who gives a shit? Its free, and i can use it from work or from home. What have protocols got to do with anything? I have a work email address, but i`m pretty sure if i post to public forums using it i`d get a bunch of emails from the lonely.

Re:Makes it easy to filter now

[mors]

One reason could be that the information is urgent, and that if you haven't read before tommorow I should give you a call.

Another reason could be that I knew that you were using an exchange server, and that therefore there is a substantial risk that the mail did not get to you.

Similar article in IBD

[PoiBoy]

There's another story about Truste in today's Investor's Business Daily on page A13. Check it out. Unfortunately, though, it's not available via the web.

Trusted Spam?

[msolnik]

Question how can any spam be trusted? OK so the ISPs will allow these ips to get through? If so all the spammers have to do is forge some headers and we are now getting supposedly "legit spam"? I see something majorly wrong with this. I dont think we should make any exceptions for anyone. Spam is Spam.

Re:Trusted Spam?

[fliplap]

My guess is they will do this using signed certificates. Kind of how https works, so certificates must match the server they are being sent from. I've wondered for years why this sort of thing isn't required, to make spammers ID spam w/ an advertisement ID, so we could choose to block advertisements.

Personally what I do is setup a seperate address for all my mailing list mail, and then dump everything with the word "remove" into the trash for my personal mail address. Of course i still glance at the trash, just to make sure.

Re:Trusted Spam?

[darien]

Spam is spam... sort of. As J*nK*tz said the other day, people don't mind spam half so much if it's something they're genuinely interested in.

I hate to admit it, but I really don't mind getting emails from ebuyer.com telling me that they're doing 256Mb DIMMs for £13 (or whatever). It's the stuff that's just blatant opportunism that angers me - where they fire off the same email to a million people on the assumption that maybe 2% of them will be interested. Even if I wanted to sign up for half of the business scams, I couldn't because I'm not in the US. And my friend Julie is getting pretty fed up with the constant stream of emails promising to show her a 100% natural way to increase the size of her penis.

So I'm reserving judgment for now. If this idea can be made to work properly then it might make life harder for these idiot address-harvesters, and hopefully provide a stable, reliable opt-out system for the email we do receive (well, we can hope). But I have to say, I'm not convinced the battle's won yet. The article says that "trusted spam" will have a seal which

will appear in the top corner of the body of the message, will contain an encrypted digital signature along with information on the valid sender and recipient and the date and time. An appliance installed at the commercial emailer's location generates the digital signature. When the consumer clicks on the seal, they are connected to the Trusted Sender computer, which verifies the digital signature.

Any Pine users care to comment?

Re:Trusted Spam?

[Frater+219]

Question how can any spam be trusted?

How can any thief be trusted? How can any vandal be trusted?

Spam is theft. Never forget that. Sending email to someone requires the use of resources which that person legitimately owns or controls, and you do not. Therefore, if you are habitually sending email to people who do not want it, you are appropriating resources to which you have no right. That's stealing.

It doesn't matter if the commercial offers made in a spam message are themselves legitimate or if they are fraudulent. A legitimate advertisement wrapped around a brick and thrown through my window is just as offensive to my rights as a fraudulent advertisement delivered in the same way.

Opposing spam is not about opposing commerce, or "commercialization of the Net", or the free market. It is about defending private property from trespass and theft -- and defending a useful service (the email facility) from its ruination. For if spamming is "legitimized" by crooks such as these, the email facility as we know it is not long for this world.

Re:Trusted Spam?

[Coz]

So they're saying we have to look at this HTML message and click on something to receive verification - when the whole anti-virus world would shout "No! Stop! Don't do that!"

My crystal ball says... within 180 days of this going into effect, a virus family appears that looks like spam and tries to hijack Outlook based email clients when you click on that seal. Anyone care to venture a wager?

Not to mention that every time you "verify", you provide feedback to Trusted Sender that their email has been received and read. Oh, yeah - don't worry about your privacy - we can do that FOR you.

Re:Trusted Spam?

My guess is that description is inaccurate.

Most likely this just uses the standard SMIME facilities in your mailer. In MS mailers, signed mail makes a little certificate appear. Verification is done entirely client-side against the locally installed root certs.

In short, this is no different than someone PGP signing their spam, except that the MS/Netscape mailer support is better integrated for SMIME.

Re:Trusted Spam?

[civilizedINTENSITY]

Exactly! Spam is junk email, not deceptive junk email. To merely filter the deceptive junk out still leaves *junk*.

Re:Trusted Spam?

It doesn't matter if the commercial offers made in a spam message are themselves legitimate or if they are fraudulent.

It does matter.

Rip off and MLM schemes exhibit very different behavior the legitimate companies, and they are responsible for the vast majority of spam which can not be unsubscribed.

Yes, spam from any source still sucks, but spams for fraudulent activity suck more.

Trusted Spammer?

[mrphrtq]

Isn't that an oxymoron?

Please god no

[Ionized]

can they actually be that deluded? Perhaps when they launch this program and it falls flatly on its face, they will realize that people hate spam because it's SPAM, not because they don't trust its validity.....

TrustE

[Sarcazmo]

I noticed that TrustE seems kind of spam friendly. I mean they don't require sites to have any sort of standards, they just require that they have the policies in place, and that they use them. What the policies actually are, is up to the company.

TrustE is just a shill, a fraud like the BBB, a company that makes money by getting businesses to join, and defrauding the public into thinking they have any real oversight power at all.

Re:TrustE

[mpe]

I mean they don't require sites to have any sort of standards, they just require that they have the policies in place,

Most likely "in place" equates to publishing some. Rather than actually following some policies...

Re:TrustE

[MrResistor]

The BBB seems like a fraud, but it's actually a fairly effective agency (at least it is in CA). I don't know what the penalties are, but every time my wife has filed a complaint she has had someone in upper management kissing her ass within 2 business days, practically falling over themselves to make her happy.

Re:TrustE

>I noticed that TrustE seems kind of spam friendly. I mean they don't require sites to have any sort of standards, they just require that they have the policies in place, and that they use them.

Sounds a lot like ISO 9000 approval to me. Why not just go for that instead?

"Now we are ISO approved we have to document everything we do wrong, right."

Re:TrustE

[amuro98]

TrustE isn't just spam friendly - they're spammers themselves I believe.

Isn't TrustE run by the former CEO of RealNetworks, who's proven themselves again and again to be UN-trustworthy with regards to private data, spamming, spy-ware, etc?

I actually tried to report one of TrustE's members for spamming. 3 weeks later, I finally got a message from someone asking me to explain why I was contacting them (as if my original email didn't contain all the information...) I played along, and another 3 weeks later, I got another email from TrustE saying they'd asked their member to stop mailing me.

Oh, joy. So 6 weeks of spam, and all TrustE can say is "please wash your lists."

Now they want me to accept TrustE "certified" spam?

No thanks.

It's just like this news blurb I heard...

[americanFatCat]

American military specialists had begun to believe that the Afghan military has been avoiding contact out of fear that the bullets the americans were using would cause cancer. The americans have, since then, gotten together and dilivered many more bullets in order to prove to the Afghans that the bullets wouldn't cause any cancer. The afghans declined comment.

Re:It's just like this news blurb I heard...

[Afrosheen]

ROFL!

The last thing you have to worry about is cancer if a full clip of bullets are headed straight for your skull.

Truste is Irrelevant

[Ars-Fartsica]

This group could have taken a commanding role in privacy and users rights issues long ago, but instead it simply turned out to be a corporate mouthpiece.

Take a look at what it means for a site to be "Truste compliant" and you'll quickly see how worthless Truste is. To summarise - they don't care what your policy is as long as you state it publically. Well golly, I feel better already.

Re:Truste is Irrelevant

[CaptainSuperBoy]

This is completely correct. TrustE will certify that you have a privacy policy, that's about it. When RealNetworks spammed their users repeatedly, anti-spam groups reported to TrustE that Real was violating their own privacy policy. TrustE should have revoked Real's membership, but they did nothing.

Also, what does spam have to do with privacy? TrustE mostly concerns themselves with how companies use your information - but spammers don't have any information about you, only an e-mail address they harvested or bought!

Re:Truste is Irrelevant

[Pig+Hogger]

This is completely correct. TrustE will certify that you have a privacy policy, that's about it.

Here is our privacy policy: everything that you send us will be archived into a datawarehouse where anybody with big bucks to afford our data-mining rates can go data-mining.

There. Now, can I have my TrustE certificate, pleeeeze????

Re:Truste is Irrelevant

Here is our privacy policy: everything that you send us will be archived into a datawarehouse where anybody with big bucks to afford our data-mining rates can go data-mining. There. Now, can I have my TrustE certificate, pleeeeze????

Better yet:
Our Privacy Policy:
We will collect all the information from you that we can, and we'll send it out as spam to any address that we can harvest. Click below to ensure that you'll be included in this important distribution list.

Fight the power?

[Em+Emalb]

How hard would it be to forward this entire posting to these people to give them an idea of what we think of spam in any form?

Granted it probably won't do much, but rather than just grip about it, maybe if they saw a large chunk of the internet loving community opposed to this, they would...ah hell, nevermind, they are spammers. They don't care. For a moment I thought they might see reason, then I woke up.

A rose by any other name is still a rose ...

[Buran]

I've just had to, within the past month, give up my 'freemail' account that I'd used for mailing lists and signing up for web sites because it's now little more than a spam bucket, and I was always careful to never check those "receive offer" boxes. It's now just full of spam from Taiwan and China and the like along with the typical get-rich-quick, debt relief, Viagra, and sex site ads. A friend who runs a server network was kind enough to give me a real POP3 box instead of the simple forwarding most of his other users get.

I keep the address strictly confidential, just like my 'real' address that only gets a very small amount of spam per week. It's for a few mailing lists that I trust and are privately owned and run; I know who to yell at if I get spam on that address.

Whether or not a piece of spam is "trusted" by some other organization is not going to change my opinion of whether or not I want to buy anything. I don't. There are specific entities and individuals that I wish to receive mail from, and then there is the simple fact that I don't want to have ads thrown at me in email, too. Web ads (I block those and am not ashamed of it), TV ads (I watch a lot of PBS; great 'geek' programming and few ads) are enough, thank you.

They don't get the point. Or if they do get the point, they just don't care. I do not want spam. Period. All the sleazy spammers have ruined it completely for the good companies that try to do it responsibly (opt-in, genuine list removals, ADV: subject tagging, etc.) but you know what?

Tough.

Re:A rose by any other name is still a rose ...

[DrSkwid]

I am become darth, the destroyer of grammar

Check that link

The DoubleClick link isn't working. Oh wait, that's just my proxy...

Re:Check that link

[J'raxis]

Neither is that TrustE link. Oh, wait, thats just my new proxy config :)

Oh Goody Goody.

[Animol]

See, I just didn't have enough things to do with the computer when I got online. I found myself feeling isolated, unrecognized, and downright bored. I'm just relieved to know that somebody knows more about me than they should, and that they can target not just the occasional pop-up web ad to me, but hundreds - nay, thousands of e-mails inviting me to partake of their oh-so-wonderful business opportunities.
Seriously, people, this could be a good idea potentially, if a few things were true:
1. It decreased the amount of "non-certified" spam, just because almost anything that decreases spam is a good thing.
2. You had an option to block the "certified" spam in addition. I wouldn't mind a few extra seconds of effort if I could take care of the whole group of approved spammers all at once.
3. If they agree to only "approve" non-porn spammers. I have the distinct disadvantage of being an AOL member, and my god, I tire quickly of the same "incest-with-beasts-vegetables-and-more" crap. It's not even funny anymore.
But, since I don't see any of those things happening, once more we find ourselves at the mercy of the big businesses who obviously know what's best for us.

Why only Microsoft, Doubleclick?

[Merry_B.Buck]

TrustE should just make membership in this program opt-out instead of opt-in.

Re:Why only Microsoft, Doubleclick?

[danielrose]

lmao. i like that one man. best joke today!

Ah, I understand now...

[Proaxiom]

They must figure that we trust MSN and DoubleClick so much that it makes sense to leverage that trust onto other dubious entities.

Well, normally I would be skeptical of this mortgage consolidation plan, but because DoubleClick says it's OK...

1400 pieces of spam??

[RainbowSix]

Does this make sense? I think that once everyone's mailboxes get saturated with x emails, they'll stop reading them. Lets say I'm a normal computer user and I get 3 pieces of spam a day. I might not understand the concept of spam, read those emails, and buy something. However, if I'm a normal computer user and I get 1400 emails a day, I'll probably ask my friends to start calling me on the phone again.

My point is, I don't think it is a monotonic increasing graph of spam versus time, because at some point the spam will be so overwhelming to their target that the person will just ignore all of them instead of looking at the few that they currently get.

Perhaps we should start password protecting our inboxes in that to send me an email you have to supply a password.

Re:1400 pieces of spam??

[realdpk]

1400 pieces of spam per day in 5 years makes sense to me. So far we're mainly getting spam from "illegitimate" sources. I get about 10-15 spams from the Herbal Viagras and Penis Enlargement and Mortgage Refinance guys, and 1-2 per week from so-called legitimate sources (mostly using pm0.net and similar. Awful company, that.)

Soon enough more legitimate companies will stop worrying about the negative impact of mass opt-out mailings - that's when we'll _really_ see the impact of spam.

Re:1400 pieces of spam??

I think that once everyone's mailboxes get saturated with x emails, they'll stop reading them. Lets say I'm a normal computer user and I get 3 pieces of spam a day.

I'm getting 40 pieces of spam a day on one mailbox where I just dump everything - I would dump the account if I didn't need it for mobility.

Re:1400 pieces of spam??

[30F06950]

Perhaps we should start password protecting our inboxes in that to send me an email you have to supply a password.

Already in place... check out hashcash.
(Actually, it is rather more complicated than simple passwords).

Re:1400 pieces of spam??

[ahodgson]

No, they won't, because they're way too easy to firewall.

This fight is not over, not by a long shot.

Oh come on!

[SirSlud]

> Because they believe it's actually our fear of fraud that's hurting their response rates.

I know this is flame bait, but in most first-degree murders and sexual abuse (or at least sexual abuse ) cases, the victim knew and trusted the perpetrator ...

Re:Oh come on!

[Our+Man+In+Redmond]

And in most sexual assault, sexual harrasment and rape cases, the defense will somehow try to convince the jury/judge that, despite all evidence to the contrary, the victim actually asked for it. Think about that when you hear a variation on the theme "Customers actually want unsolicited commercial email."

Re:Oh come on!

[anthony_dipierro]

And in most sexual assault, sexual harrasment and rape cases, the victim is scarred mentally and sometimes physically forever. Think about that next time you try to compare sending email with rape.

Re:Oh come on!

[haruharaharu]

but in most first-degree murders and sexual abuse (or at least sexual abuse ) cases, the victim knew and trusted the perpetrator

This is more like a marauding band of vikings that you had thought long dead razing your town

Re:Oh come on!

[jgerman]

Customers do, right. Otherwise they wouldn't be customers. But nitpicking aside, the system works, and that is the anti-spammers greatest opponent. The business model works and companies make money doing it, even companies that don't send opt in mailings have costs associated with sending bulk email and if they weren't getting conversions they wouldn't do it.
I'm not s spam fan but bear in mind that the fact that you even have the amount of information on the internet that you do today is subsidized by advertising. Yeah they net was great 15 years ago, and while I wouldn't necessarily say that it's better now it is nice to have such a loarge number of connected people and businesses.

Re:Oh come on!

Are people like you just unable to comprehend metaphors at all, or is it just that they make you really tetchy?

Re:Oh come on!

[anthony_dipierro]

I comprehend the analogy, I just don't think it's a very accurate one.

Re:Oh come on!

It's perfectly legitimate to compare the two when one is saying they are crimes in which one tends to blame the victim. Think about THAT next time you take a comparison farther than it needs to be taken.

Hey, this is a GOOD thing!

[Our+Man+In+Redmond]

[The Truste seal] will signal that the e-mail is from a company that has agreed to guidelines based on fair information practice principles, Schiavone said.

This is great! Now all I have to do is put a line in my Mail::Audit filter to look for that seal and automatically ditch any mail that contains it. Or better yet, send a reject notice to the "trusted" sender saying that I didn't ask for it, I don't want it, and if they don't want to be sued for wasting my bandwidth, they'd better not send it to me any more.

Not a bad idea

[Tryfen]

I hate spam. I also hate having to go and check each individual program's webpage to see if they've updated. I hate having to use online price guides to see if what I want is cheap. I hate giving my email addy out to people who provide this service because they often get sold.
For a few selected parties, this could be a good idea. And it may just stop those stupid "MS will give you $200 if you forward this mail" twats.

What I do now is give my email address in the form of somecompany.tld@mydomain.tld - I've caught a few people out on their privacy policy and once an addy gets too much mail *poof* it's gone.

So, yeah, if someone could gaurantee that my addy is safe when I sign up for something that would be just dandy - for now I'll just keep track of who gets my address.

Re:Not a bad idea

[DrSkwid]

stupid "MS will give you $200 if you forward this mail" twats

great, twat is one of my favourite words.

not only an insult but the sound of it is like thwak or smack

Mind you, I wasn't so keen when I called my dad one when I was 5.

Asshole or jerk just doesn't have the same twang to it.

Say What?

[mESSDan]

Our approach is to rise above the traditional reactive e-mail filters and identify the good (e-mails) so they can be elevated," Schiavone said. "It benefits everybody along the e-mail chain. Senders agree to abide by the privacy principles independently verified by Truste. They have agreed to make themselves accountable to consumers."

It benefits everyone except for whoever didn't solicit the email. The only good thing is that the end user will be able to filter it a bit easier than normal spam, but it is still spam nonetheless, a digital signature doesn't change that.

Since they are being so "helpful" with the digital signature, why not also include a helpful link like "click here to sue this spammer for unsolicited email". Then they would offer you free legal counsel, and immediately settle out of court with you for some unmentioned amount. Sounds good to me.

Another thought, since this is now being done at the ISP level, if you are in a state that supports anti-spam laws, are you able to use your ISP too?

You don't pay for junk mail via postal service

[13013dobbs]

But, you do pay to recieve spam via email. That is where your argument fails

Re:You don't pay for junk mail via postal service

[ahde]

Alot of people do pay for their mailbox. And, your taxes are subsidizing the carrier.

Re:You don't pay for junk mail via postal service

[CrazyBrett]

Well, technically you do pay through more indirect routes (taxes, increased stamp prices, etc). If the postal workers didn't have to spend so much time delivering junk mail, maybe the whole postal service would cost less to maintain and operate. But yes, I see your point.

Re:You don't pay for junk mail via postal service

[www.sorehands.com]

In theory, each class of mail is supposed to support itself.

Junk mail does have a use, do you have a fireplace?

Re:You don't pay for junk mail via postal service

The cost of first class stamps is subsidized by junk mail. Get rid of junk mail, and expect a large price increase on stamps.

Re:You don't pay for junk mail via postal service

[TRACK-YOUR-POSITION]

Do I have a fireplace? What business is it of yours? Are you some kind of a fire-pirate, trying to steal my fire?

By the way, do you have stairs in your house?

Re:You don't pay for junk mail via postal service

In your country your taxes might subsidize the carrier but in the US the government approved monopoly that is the US Postal Service is quite a self sufficient profit center.

Re:You don't pay for junk mail via postal service

[monkeydo]

Wrong, wrong, wrong. Assuming that you are refering to the US postal service you are 100% wrong.

The USPS receives no tax dollars to pay for operations. Not some, not a little, not a few, NONE! The USPS pays for itself. That's why they have to occaionally raise rates. They can't just go ask for more tax dollars. If you don't like the US Mail, don't use it and you won't be paying for it. Don't you wish all government programs were like that?

Bulk mail, presorted stuff, stuff mailed and labeled by machines is actually cheaper for the Post Office to deliver, but the PO doesn't pass ALL of this cost savings on to the Bulk Mailers. You see, those folks sending out junk mail are actually SUBSIDISING YOU! That Valentine's Day card you're about to send to your grandmother costs you less than it should because of all those coupons and solicitations you receive.

If you eliminated junk mail from the US Mail, the Postal Service would cost _more_ per piece to maintain, the price of stamps would go _up_ and it wouldn't save a dime from the Federal Budget.

Re:You don't pay for junk mail via postal service

[RazzleFrog]

If the postal workers didn't have to spend so much time delivering junk mail

Your mailman makes a special trip to deliver junk mail to your house? That's funny he only makes one trip with all of my mail. Now if you said sorting I might have agreed but even then most junkmail is easier to sort than hand written envelopes.

Re:You don't pay for junk mail via postal service

[Reziac]

Actually, "commercial" junkmail is where the P.O. makes most of its revenues. Presorted (as mass mailings are required to be) requires less handling and sorting by the P.O. itself, so costs less to process and deliver. That's why the P.O. can charge lower rates for it yet still make more money from it.

Re:You don't pay for junk mail via postal service

[13013dobbs]

How large of an increase? I send two letters a month (bills). Even if the price doubled, it would be worth it to me.

Re:You don't pay for junk mail via postal service

A lot of people don't pay for a mailbox. Unless they want a private one rented from somewhere, or are paying a one-time cost to have a mailbox that looks like a barn.

The USPS is associated with the US Gov't, and is overseen by the a gov't board that approves of rake hikes, but they don't recieve tax dollars. Without Junkmail to subsidize first class mail, first class would be ridiculously more expensive.

Complain all you want about junk mail, but the addresses are consistent easily read by computers, they include a zip+4 code, and they are pre-sorted by zip code when delivered to the postal service.

Which makes them a lot easier to process than the slanted, chicken-scratch on hand-addressed envelopes.

Re:You don't pay for junk mail via postal service

[guinsu]

This argument is crap anyway, Americans were able to afford to send letters for over 200 years, long before the creation of mountains of junk mail. So even if the price goes up, it won't be by that much.

Re:You don't pay for junk mail via postal service

[Murrow]

You see, those folks sending out junk mail are actually SUBSIDISING YOU! That Valentine's Day card you're about to send to your grandmother costs you less than it should because of all those coupons and solicitations you receive.

Can you, perhaps, document this claim somehow? We've all heard it, but is it true? And if it's true, why has Congress forbidden the Post Office to do an actual audit of the revenues and costs associated with each class of mail? Could it be that the DMA doesn't want us to know the truth?

Re:You don't pay for junk mail via postal service

[ansible]

I don't buy the fact that junk mail is subsidising regular mail. Junk mail makes up the majority (by size and weight) of the mail sent. If there were no junk mail, the post office would need less machines to sort the mail, and less trucks to deliver it. Less people too.

Of course, it know for sure, we'd need to take a long hard look at the accounting books to see which way the costs would really go.

Re:You don't pay for junk mail via postal service

[plague3106]

Actually no, the USPS is self sufficient.

Re:You don't pay for junk mail via postal service

[madmancarman]

Bulk mail, presorted stuff, stuff mailed and labeled by machines is actually cheaper for the Post Office to deliver, but the PO doesn't pass ALL of this cost savings on to the Bulk Mailers. You see, those folks sending out junk mail are actually SUBSIDISING YOU! That Valentine's Day card you're about to send to your grandmother costs you less than it should because of all those coupons and solicitations you receive.

If you eliminated junk mail from the US Mail, the Postal Service would cost _more_ per piece to maintain, the price of stamps would go _up_ and it wouldn't save a dime from the Federal Budget.

A few points:

• I think many people (myself included) would be willing to pay a small fee if they were guaranteed that they wouldn't receive a single piece of junk mail.
• Just because "advertising" slightly decreases the overall cost of something (junk mail, television, web sites) doesn't justify its existence for everyone. I would rather pay $10/month/channel for in-demand streaming video to a set-top box without commercials than pay $100/month for all the channels and have to put up with annoying advertisements.
• Who cares if the price of stamps goes up? If you need to send a letter, use email or fax. If you need to send a package, use UPS or FedEx; they have better tracking systems anyway. If the postal service can't compete in some areas of communication and in light of new technology, then maybe they shouldn't.

First they ignore you, then they laugh at you, then they fight you, then you win. -- Ghandi

Re:You don't pay for junk mail via postal service

[fishebulb]

That is wrong. They pay very little to send out mail. The cost for the PO is also lower, BUT the DMA has ensured that regular mail offsets the loss the PO has

Re:You don't pay for junk mail via postal service

[innocent_white_lamb]

Many (most) small businesses use letter mail extensively for mailing bills to their customers, sending cheques to their suppliers and receiving cheques from their customers as well.

Jacking up the price of s stamp hurts the small business community. "It's only a penny" or "It's only a nickel" adds up very quickly when you're Joe's Plumbing Service or Chan's Groceteria.

Good news

[ahde]

This will make spam filtering *much* easier -- at least some of it.

Trust isn't the problem

[cperciva]

Targetting is the problem.

I get all sorts of email advertising bachelors degrees from "prestigious non-accredited universities" -- no use to me since I already have a *real* degree -- offers for credit cards and mortgages which are only available in the US -- I'm a Canadian -- and all sorts of other untargetted spam.

Anyone with minimal competance could do some basic filtering -- a .ca email address isn't likely to belong to a US resident, for example -- and I'm sure that these "privacy infringing" companies know about my university degree.

I don't really mind getting unsolicited commercial email. It's when I get email which is very obviously of no value to me that I get annoyed.

Trusted clicks and opt-out lists

[Lumpish+Scholar]

When the consumer clicks on the seal, they are connected to the Trusted Sender computer, which verifies the digital signature.

I'm sure no more people would have difficulty confusing real and forged seals than, say, have difficulty confusing whitehouse.gov with whitehouse.com, or knowing when it's safe to open an attachment in Outlook.-|

Hypothetically, I like the theory of a trusted opt-out list. What's the difference between theory and practice? In theory, nothing....

Trusted Spammer Seal Makes Filtering Easier!

[Ron+Bennett]

The enclusion of this so-called trusted sender seal, especially since it will likely be highly standardized, will make filtering of spam easier than ever before; and bouncing back "trusted sender" spam in bulk will be a cinch too :-)

You know what?

[americanFatCat]

I think a lot of companies don't want us copying their games and music cds because they don't TRUST us! I think we should all get together and find a way around. Oh wait, that's illegal... but how is THIS any different?

Good News

Someone to sue.

Yay!

What about IM Software?

[GreenJeepMan]

Wouldn't it be a smart idea to start thinking about IM clients?

Sooner then later spammers will figure out that IMs get A LOT more attention then email.

Re:What about IM Software?

[yivi]

Well, probably you are not using ICQ.

But if you use it, and keep the "Web Aware" option on, I assure you'll receive at least a couple of dozens of ICQspams a day (assuming you stay on-line a big part of the day, granted).

Spam is spam

[Polaris]

The definition of spam is unsolicited bulk email. If I didn't request it, it's spam. I don't care about verifiable senders, guaranteed content, or genuine remove methods: I JUST DON'T WANT IT AT ALL.

Re:Spam is spam

[anthony_dipierro]

If I didn't request it, it's spam.

So don't accept mail with a From: address that you haven't requested.

Re:Spam is spam

[Polaris]

I don't request email from addresses, but from companies, mailing lists, and personal correspondents (the latter by replying to them). It shouldn't be up to me to maintain and update an "allow" list based on email addresses, so that the tiny minority of email users who do want to receive spam, can do so.

Re:Spam is spam

[anthony_dipierro]

It shouldn't be up to me to maintain and update an "allow" list based on email addresses, so that the tiny minority of email users who do want to receive spam, can do so.

I disagree with you there. You choose to accept the spam. No one is forcing it upon you. If you choose to accept mail from random email addresses, you're going to get spam. That's never going to change. Never.

This is wonderful news

[Alan+Cox]

We can all add the TrustE seal to procmailrc and a whole chunk of conveniently labelled spam would go away. Now if only I could get the postman to deliver all the junk mail into a different letter box too (a round one outside)

Re:This is wonderful news

i think i need to take a nap.

Spam, spam, spam...

[The+Night+Watchman]

SHUT UP!!

Bloody Vikings...

/* Steve */

On the plus side

[Grape+Shasta]

I really agree with many of the arguments about why this is dumb, but I could see one positive side to it. I would love it if there was a "remove me from your list" link in the spam I receive which I could trust. Right now, I never click on those links, because I'm afraid they're just going to see that my email account is active, and add me to 50 more lists. But if I knew that any remove link to "http://verisign.com/remove/..." was trustworthy, and it would remove me and do nothing else, I would like that quite a bit.

The worst thing about spam to me is how powerless I feel to do anything to control it.

1400 a day? yeah right.

I have this e-mail program that only allows incoming mail from users that I specify. If I don't allow mail from them then the server sends it off to /dev/null before it ever reaches my inbox. It works great for me. Perhaps more users/ISPs should do the same.

Oxymoron

[Restil]

"Trusted Spammer" is an oxymoron.

The only spammer I would trust is a spammer that would never send me spam because I never intentionally informed said spammer than I wanted to receive email from him, in which case, it wouldn't be spam.

Damn... I think I just logically determined that spammers serve no useful purpose in this world.

What do you think?

-Restil

Re:Oxymoron

[GSloop]

Very good statement...It's really simple isn't it.

But we here in the USA _MUST_ consume to "right" the acts of those _EVIL_ people! Right?!

Virtually our whole culture is based on consumption. That drives things like telemarketing and SPAM. That doesn't mean that we shouldn't fight such things, but it probably means that we are not going to win such battles.

[Sigh]

Cheers!

Re:Oxymoron

[3am]

I think at best, spammers are useless.

Unfortunately, at worst they are predatory scam artists. I wouldn't put the irritating special offers from real companies in anywhere near the same category as those who just spam to steal CC#'s, aol logins, SSN's, etc...

So while I hate spam of all kinds, I still think this is a great step for keeping people who aren't astute enough to keep themselves out of trouble from getting scammed.

Re:Oxymoron

[AnotherBlackHat]

Push media (spam, web banners, tv commericals, etc.) isn't as useful as pull media (google) but it does have some uses. To take an extreme example, if there's a fire in the next room, tell me about it now! Don't wait for me to ask.

Just because I've never seen a spam with information of more value than the value of the time it takes to delete it, doesn't mean there can't be one.

Re:Oxymoron

I have recieved useful and informative unsolicited email. But I have never recieved useful or informative BULK email.

Re:Oxymoron

[emn-slashdot]

Where else am I suppose to get viagra online? What about all these girls that want to have sex with me? Without spam, my life would be a miserable wreck.

Great!

[OYAHHH]

This is perfect, now I have a 100 percent sure way of getting rid of crap that I don't want to receive. My new SPAM filter looks something like this:

if ( $email =~ /TRUSTE/ ){sub_delete( $email );}

Like this is going to change anything.

[brickbat]

TRUSTe's resolution program will have no legal authority. All it can do is say "Bad Spammer! No Seal of Approval for you!" Big frickin' deal.

Spammers exist because it's so damn cheap to spam. Bulk e-mailers have very little real financial risk, even in states that have enacted anti-spam legislation. And I'm sure TRUSTe will have no power to levy fines or otherwise penalize errant participants in their program. This is so much smoke and mirrors to fool an ignorant public into believing that "certified" spam is any more legitimate than the crap that already piles up in their mailboxes.

Soon we'll come to the point where we must submit a list of trusted addresses to our ISPs' sysadmins, and they'll have to configure their mail servers to block everything not on that list. Until we come up with an enforceable solution for shifting the financial burden of bulk e-mail to the spammers themselves, this plague will continue unabated.

Re:Like this is going to change anything.

"Soon we'll come to the point where we must submit a list of trusted addresses to our ISPs' sysadmins, and they'll have to configure their mail servers to block everything not on that list."

This is an excellent idea, rather than a spam filter, a desired mail filter. Any address not on the users list would be pointed to a web contact form for the user, address provided in the bounce message. Granted, a spammer could still take the time to send the message via the form (POST method only, the form processor only accepting submissions from that server), but mass email spam attacks wouldn't be viable, and it would still be possible for long lost cousin Edith to contact the form owner even though she wasn't on the approved email list.

Re:Like this is going to change anything.

[Ziest]

Somebody mod this up. This is not a bad start of a good idea.

Absolutly right on

[Nf1nk]

I do web development and we had a customer state intrest in becoming a TrustE member

It has fewer requirements than being BBB member.

1. First a Privacy statement (use your own or cut and paste one of ours)
2. send a check (for more than you would think)
3. Place "Trusted Site" Seal on your page (with a link back to them)

It just makes me wish I had thought of it first, but at no point did they ever say thatwere not suppossed to send out reams of e-mail to the unwary.

Re:Absolutly right on

[gorbachev]

...AND the privacy policy doesn't have to follow any standards, you just have to have one. It's not even validated or audited, you just have to have one. You could even have a privacy policy of "Your information will be sold to anyone with $5", and that would be perfectly fine by TrustE.

TrustE is one of the biggest con on the Internet.

How to fix spam

[Alomex]

The problem with spam is that is mostly useless. If spammers refined their targeting strategies users would not complain.

A golfer would never consider a cool catalogue with the latest golf toys spam. A hacker would welcome the latest diff of O'Reilly titles.

Instead we get this useless pieces of mail asking to join in some Ponzi scheme, send a penny to Craig, copy DVD movies, and Viagra for St. Valentine day (I'm not making this up).

Ditto for pop-ups, pop-unders and banner ads. The ad-executives seem to think "if only people looked at my ad, we would have great sales".

Sorry but no cigar. Pop-ups/unders advertise mostly useless products and even if we were submitted 24/7 --a la clockwork orange-- to the ads we would still not buy a stupid X whatever video camera.

Re:How to fix spam

[J'raxis]

A golfer would never consider a cool catalogue with the latest golf toys spam.

I certainly would consider that spam if it was sent to me without having signed up for it. And it was 50K. And HTML/MIME mail. And sent several times. And had a fake return address, different ones each time. And relayed through *.cn or *.kr. And had random garbage appended to the subject to (try to) make it slip through filters.

Re:How to fix spam

[beth_linker]

Actually, no. If O'Reilly sent me unsolicited commercial e-mail advertising their latest titles, I'd be very sad as I wrote them a letter explaining why I wouldn't be purchasing any more of their books.

The problem with spam is that it's unsolicited, whether it's useful or not. If you think that people want more e-mail from you, there are plenty of ways to enable them to request it.

Re:How to fix spam

[Chetmurray]

I disagree.

There is not one golf store. If you said, okay anyone who wants to send me info on golf, go ahead. You would get 100 golf stores, emailing you weekly. Would you like that? The Internet is not your local mall, before you agree to something or think it is a good idea, think of it on a big scale. Your simple answer does not scale, spam means unsolicited, so you don't control all these friendly golf companies sending you their tips, their hot items, their penis growth forumlas.

That is the problem with all legislation so far. It does not look at the Internet and see its true scale and global reach.

Chet

-California residents, vote against spam, vote against the spammer bill jones.

Re:How to fix spam

[liquidsin]

I'd have to agree about the targeting. When I go to any number of websites and get X10 ads or any number of other annoying ads, it's annoying. When banner ads are targeted (hey, slashdot is doing *something* right) they're tolerable. I occasionally click on ads here, since they're all invariably geeky.

Re:How to fix spam

[Black+Parrot]

> A golfer would never consider a cool catalogue with the latest golf toys spam. A hacker would welcome the latest diff of O'Reilly titles.

Not me. I know where to shop for the stuff I want. I don't need a mailbox full of people clamoring for my money.

Re:How to fix spam

[Dr.+Bent]

In order to collect the information necessary to do that, you would have to invade people's privacy on a grand scale.

Imagine getting tons of porn spam becuase all the marketing companies know you like pr0n...and that information is available to anyone who wants to buy it.

The less that marketing companies know about me, the better. Even if it means I have to wade through lots of pointless popups.

Re:How to fix spam

[blazin]

Not true. I am into computers, and programming, and thus into computer and programming books. Unsolicited email, be it from O'Reilly, InformIT or what have you, would end up in the trash. There have been rare, very rare times when a piece of spam got my attention enough to read any, let alone scroll down to the second page.

Spammers are not smart (or pyschic) enough to send me spam for something I was interested in purchasing.

If I want or need a book or some other merchandise, I know where to go look for it, and I'm certainly not going to go hunt through my trash to find some spam that may have adverised that item.

Spam is _totally_ useless, not just mostly. If Westley/Dread Pirate Roberts in Princess Bride were as dead as spam is useless, there would be no bringing him back, and the movie would've been pretty short.

Re:How to fix spam

[Alomex]

The problem with spam is that it's unsolicited, whether it's useful or not.

This is not quite so simple. In day to day life there is pull content and there is push content. For example a coworker walks into the office in 9/11 and says: "did you hear about what happened in New York?"

That is unsolicited information: in-your-face real-time push content. Yet few people would be upset about it, in fact most would be thankful for the heads up.

On the other hand, one hundred catalogues from golf stores is unfocused spam. Sending an O'Reilly diff file to somebody whose personal paranoia is spam is also unfocused. Sending e-mail in HTML format from .cr with no return address is the epithomy of unfocused spam.

Re:How to fix spam

[Alomex]

In order to collect the information necessary to do that, you would have to invade people's privacy on a grand scale.

You talk about it as if it was something that has yet to happen. In fact today I can open a "business", pick up the phone and buy your purchase patterns from a credit card company, Price Club, your magazine subscription list or air miles reward programs.

Personally I think this is bad, but this does not make it any less true.

Re:How to fix spam

[AnotherBlackHat]

The problem with spam is that is mostly useless. If spammers refined their targeting strategies users would not complain.

Yes, but...

"Refined" targeting would need to include things like other offers I've received, both from the spammer, and from other spammers. I don't care if you can give me a 6.75% loan if someone else can give me 6.25%. That level of refinement seems unlikely in the extreme.

Consider the spammers point of view on targeting. 100,000 Spams cost less than a dollar to email. If he's sending 10,000,000 emails, that's less than $100. Now imagine that there was a way to remove 99% of the list that just took a few hours of his time.
Savings: $99
Cost: a few hours.
Hmm... Doesn't sound like a good idea to me, but maybe spammers value their time at under $30 an hour.

Spam/users is a predator/prey relationship.
The fox does not care how the rabbit feels about the hunt.
Spammers do not care what their spam cost you.

Re:How to fix spam

[Arker]

The problem with spam is that is mostly useless. If spammers refined their targeting strategies users would not complain.

Written like a true marketing major, congratulations!

You're absolutely dead wrong.

The problem with spam isn't that it's useless, although it usually is. The problem with Spam is that it's trespass and theft.

A golfer would never consider a cool catalogue with the latest golf toys spam. A hacker would welcome the latest diff of O'Reilly titles.

Nonsense. The day O'Reilly spams me is the day I quit buying their books. I am perfectly capable of going to their website and browsing their catalogue whenever I want to. Attacking my mailbox is an assault, not a service.

Re:How to fix spam

Sorry, I beg to differ. Even if it matched my interests perfectly, it would piss me off, because I CAN HANDLE MY INTERESTS ON MY OWN! I usually don't buy products because I just realized/got told they exist; I wake up, decide it's time to buy say a lawnmover and then find out what kind of lawnmover I need and where I can get the best deal etc. I like doing that, and I have absolutely no use for the vomit of the subhuman marketing crowd. Lowlife scum, first against the wall.

I consider myself competent enough to ASK for newsletters etc. when I need them. It's like talking all the time "just in case" someone might be bored, it's rude. And it backfires.

Re:How to fix spam

[snafu]

to the ads we would still not buy a stupid X whatever video camera.

the problem is that the X10 pop-under ads that really started the pop-under craze were wildly successful and continue to be (read: many other people using web-browsers are succeptible to them).

Re:How to fix spam

[gotan]

Since i don't want my name, preferences and whatnot in databases about the planet (although it seems i can't do much about that anyway) that's not an option for me. Only in very rare cases i want to be informed automatically (at the moment that is only the case for a few bands giving a concert in my vicinity) and i prefer to get my information myself, when i wnat it, how much/detailed i want it, and so on.

Even if i'm interested, say in computers, i don't want every hardware-manufacturer around the globe happily mailbombing me, whenever they have a new product out. I want the information when i need it (like when i need some part) from a source i choose (like some half decent hardware site doing a fair review), specific to my needs (what would i do with adverts of new RDRAM when i have an athlon system anyway?) and tailored to my level of knowledge (so, say, for a desktop system i want to know more than the MHz rate of the CPU).

So even if someone knew i'm interested in computer hardware, he wouldn't know when to advert what, and in what detail, and most of those adverts i'd probably ignore anyway, because it's probably heavily biased or just plain lies.
--

Re:How to fix spam

[ahodgson]

Wow, anyone doing that will think I _only_ buy pr0n, and occassionally gas. The only things I don't normally pay cash for ;)

Re:How to fix spam

[frankie]

In day to day life there is pull content and there is push content. For example a coworker walks into the office in 9/11 and says: "did you hear about what happened in New York?"

True, if something is really important, I rely on my friends/colleagues/relatives to tell me about it. But I would never Never NEVER want unsolicited news bulletins from corporations, even CNN.com had an exclusive live feed of Jesus Christ II, in an alien mothership, landing on the banks of the Euphrates, holding a railgun.

Re:How to fix spam

Hint: it's "epitome"

Just thought you'd like to know ;)

Re:How to fix spam

[Sycraft-fu]

What he's talking about is NOT doing that. No fake returns, easy unsubscribe mechinism, interesting content. For example, I'm an IEEE member. I never asked ot be on their mailing list, or perhaps I simply forget to tell them not to put me on it. Whatever the case, I get e-mailings form all the societies I'm a member of about once a month. They are easy to unsubscribe, but I haven't bothered. Why? The content interests me enough that I read it.

What he's getting at is the fact that most online popup ads/spam are for bullshit. The reason they get no sales is because their product sucks, and noone cares. It's funny, but I don't seem to mind ads in teh newspaper nearly as much. They take up a lot of space, 50% or more of the paper, but they really don't bother me. Even more interesting is that I find myself reading them invoulantarly. One will catch my eye and I'll read it. The ads are effective because they are marketing things I actually might want (like pizza, books, sofrate and so on) and are doing it in a direct fashing (ie not slap the monkey and win).

Like antiviral software...

[dotmaudot]

If estimation on the number of received spam messages are correct, people will eventually be forced to subscribe to "pay-for-despamming" mailboxes, where the ISPs will screen incoming email. True, some hardcore unix fan will still manage to have a real shell on a remote machine, and work harder and harder to update their procmail scripts, but the future won't be their.

What a sad thought.

ciao, .mau.

In other news...

[CrazyBrett]

... CrazyBrett Industries announced today that it will be creating an "Untrusted Spammer" designation, which will aid ISPs and users in filtering out unwanted mail from clueless companies. Topping the list is TRUSTe Corporation.

Imagine that.

Easy ...

[Stavr0]

cat TrustE.trusted.senders | tee MAPS.list | tee RBL.list | tee SPAMCOP.list | tee JunkBusters.list
Thank you TrustE for making spambusting so much easier ...

Re:Easy ...

There is no fucking way I am removing the doubleclick loopback hosts from my /etc/hosts file.

Die spammers and die banner-click ads. I don't appreciate you wasting my time, browser space, and bandwidth.

Re:Easy ...

Why not this?

cat TrustE.trusted.senders MAPS.list RBL.list SPAMCOP.list JunkBusters.list

lol!

[Shade,+The]

Must make adjustments to my spam filter now as well :)

Most spammers don't belong to TrustE or the DMA

[13013dobbs]

So, this means squat to the vast majority of spammers. This will cover the mainstream companies that use bulk-mail, but the small timeers who are selling porn, medical scams, credit repair, etc are not part of these groups. These rules don't amount to a hill of beans with these guys. Expect the flow of spam from this group to continue.

slashdot editor misquotes

[QuantumG]

it doesn't say "per person", michael just added that himself, either way you look at it the quote is stupid. If they are saying 1400 per day for the entire internet then surely they are saying that spam is going to be almost stamped out by 2006. If they are saying 1400 per day per person then email simply will not be a viable communication mechanism by 2006. If Stefanie Olsen (the C-Net staff writer responsible for this) was to learn how to use a url we could have some idea where the hell she got this mythical number from. Alternatively someone over at C-Net could proof read her articles and tell her she is smoking crack.

Re:slashdot editor misquotes

[darien]

Perhaps the idea is that, based on current trends, 1,400 emails a day will be sent to our email accounts - which is why we need the good people at TrustE to make sure email remaiins viable.

TrustE is a bunch of crap

[Jesus+IS+the+Devil]

Remember how Real Networks and how their registration system basically allowed you to put any email address and without confirmation they'll start spamming that account? Well I remember TrustE was embarrassed for associating themselves with Real at that point. Guess what? Stumbles and stumbles later these guys are not to be trusted. I don't know of all the other hypocritical actions made by TrustE offhand, but if any of you remember (I know there were quite a few), please post them.

Re:TrustE is a bunch of crap

[jamie]

"I don't know of all the other hypocritical actions made by TrustE offhand, but if any of you remember (I know there were quite a few), please post them."

http://slashdot.org/search.pl?query=truste &op=stories&sort=1

I ran the TrustE "vs." Real story here in 1999, and I spent a little while summing up their history-to-date.

Trusted SPAM, an Oxymoron.

[www.sorehands.com]

Would you open on any SPAM that has a link in it? I would not. There are spams that contain bugs. They generate a unique link (based on target address) so that when you open the SPAM in html, it will made a request back to their server indicating that the email address is valid.

The only trusted spam that I could think of is a SPAM service. The spammer sends the service the SPAM text, then the service will email them out, after being processed by a removal list. The spammer could not get the service's remove list, because the service is sending out the spam, not the SPAMMER.

Making spam more normal. :)

[volsung]

While I have personally decided as a general rule not to purchase anything from an unsolicited email, so far I have not had anything appear in my box worth buying. It seems that the shady image of spam means that only the most desperate of businesses will use it. So far the only things being marketed to me are:

• Porn
• Herbal sex-enhancers
• Herbal marijuana replacements
• Viagra
• Get out of debt now!
• Cell phone service in Italy and Korea
• Copy DVDs to CDs! (Sounds like someone trying to sell DeCSS+DivX)
• Laser Printer Toner
• Stock in suspicious-looking companies

With the exception of the cell phones and the toner, all the rest of these products look like stuff out of the back of the Weekly World News. Will I be seeing ads for Tide and Captain Crunch in my mailbox someday?

Maybe, maybe not.

[Penguinoflight]

It's only GOOD if the people who are currently sending you spam adopt the Truste seal. Otherwise you'll have the same amount coming to your inbox, and much more being filtered but still wasting your bandwidth.

Crime?

If they "elevate" it above ... end users' spam filters, then surely they can be done quite easily for theft of service, or e.g. under the computer misuse act (U.K.), since they are quite clearly attempting to force data onto our systems.

Why does Spam matter?

[billmaly]

Can someone explain this to me, without working themselves into a lather??
I'm a tech guy....I get (understand) most things. What I don't get is the religious fervor that people work themselves into when they get spam. To put it bluntly, what's the big freakin' deal?? Delete it and move on....or am I missing a larger point?
Better to get spam then junk snail mail...spam doesn't have to be recycled. Spell it out for me...why should I care?

Re:Why does Spam matter?

[Rude+Turnip]

Spam is theft. Deleting it takes up time that eventually accumulates...time that can't be billed out. It also eats up network resources in terms of bandwidth and storage space. So, unlike postal junk mail, where the sender pays for postage, *you* pay for spam. Spam is like a collect call that you're forced to accept.

Re:Why does Spam matter?

[Unknown+Poltroon]

IT costs the sytems time and money to stor it all. Not to mention bandwidth and annoyance. I have a hotmail account that gets 50 spams a day. I ave up on using it because it was too big a hassle to sort through to pick out the stuff i wanted. So it costs hotmail .0002 cents a day to store my mail, now multiply that by 2 milion. Imagine you had to pay for it.

Re:Why does Spam matter?

I get so much spam nowadays that I miss any email that I don't have an explicit filter to tag. THAT'S why I'm worked up.

Re:Why does Spam matter?

[the_machine]

Can someone explain this to me, without working themselves into a lather??

snip

Better to get spam then junk snail mail...spam doesn't have to be recycled. Spell it out for me...why should I care?


Because, unlike snail mail, the receiver may incur a cost when receiving spam. Granted, it's not a high cost per message, but if someone is paying a per hour charge for a dial-up link, then he/she would effectively be paying to download 1400 messages a day. That could add up over time.

I think you have a very valid point about recycling, but I don't believe that the average person thinks about recycling potential as much as he does about money....especially his own money.

Re:Why does Spam matter?

[sparkz]

In the EU, most of us pay by the minute for local calls. So the 50K HTML-formatted spam costs me real money to download.

Re:Why does Spam matter?

[Frater+219]

To put it bluntly, what's the big freakin' deal?? Delete it and move on....or am I missing a larger point?

Well, first of all, spam is theft. But on the practical side ... did you miss that part about "1400 pieces of spam per person per day in five years"?

Spamming has no marginal costs. It costs the spammer the same amount (i.e. nothing -- a free one-month AOL account) to send a million spam messages as to send a thousand. Therefore, it is in every spammer's interest to spam as much as possible. That is to say, the demand that spammers place upon the email facility is by nature unlimited.

However, the demand that legitimate users place upon the email facility is finite. Compared to the number of people a spammer targets, a real user only exchanges email with a small number of people. Moreover, real users write their email individually -- they don't send the same message to a million addresses.

If spam is "legitimized", then that infinite demand will take over. The number of spam messages you get will dramatically outnumber the legitimate messages you get from people you actually want to converse with. The email facility will become useless, drowned in the noise, just like many USENET newsgroups.

Better to get spam then junk snail mail...spam doesn't have to be recycled.

Interesting you should mention that. When someone sends you junk snail mail, s/he is paying for the privilege. In the United States, the postal service actually makes so much money off of bulk mail that even though bulk mail gets a discount for pre-sorting, it ends up subsidizing non-bulk mail.

The cost of sending bulk mail varies in proportion to the number of pieces of mail sent. If I want to send out a million postcards advertising herbal Viagra, it will cost me about a hundred times as much as if I sent out only ten thousand. I have to pay the postage, as well as costs such as printing, sorting, and getting the things to the post office.

However, as mentioned above, spamming has no such marginal cost. If I write a Perl script to send spam messages, it doesn't cost me any more to send a million than ten thousand. It just takes a bit longer.

Re:Why does Spam matter?

[Andrewkov]

Can someone explain this to me, without working themselves into a lather??

My @home account (now @rogers.com) gets about 40 to 60 spam messages a day. If I don't check my email for 3 days, that's 150 messages to wade through to find actual email I want to read. Not to mention most are HTML formatted, have no valid return address, and are selling scams, viagara, porn sites, penis enlargement, etc, and take a long time to downloaded (even on a cable modem). It's like being under a constant DDOS attack. And setting up filters for each of these is really becomming a major pain in the ass. Should I have to waste 30 mins a day, 7 days a week, dealing with this crap? Yeah, I guess it's not a big deal.

Re:Why does Spam matter?

[Rude+Turnip]

Good point. And something that affects us in all parts of the world is fax machine spam. The two we get most are voting yes or no on some poll issue and "investor alerts." Fax spam has a very tangible cost...the cost of toner.

Re:Why does Spam matter?

[dirk]

As much as I dislike spam, saying it is theft because it uses your resources is silly. By that theory, if I send you an email using the address you have listed at /., without first asking your permission, I am stealing from you. Email is made so you don't have to have permission to use it. If it's theft for spammers to send you email without you asking, why isn't it theft for anyone else to do it?

I think spam would be fine as long as there is a working way to opt-out. If I get something and am able to say "don't send me anymore", and it works and they don't, then I have no problem with it.

Re:Why does Spam matter?

[billmaly]

Thanks for the insights...maybe I am paying for spam, maybe it is taking more and more time from me that could be spent on other things. Big picture, I really, really, just don't care. Maybe I'm a bad person, but I have other things to worry about.

Re:Why does Spam matter?

this is such a tired and outright false argument. Two or three mouse clicks. Jesus. Yeah, that's going to throw off my whole schedule today. Oh, and yes, the bandwidth requirements for spam are insane!! I had to upgrade to an OC-192 just to keep up.

Puh-lease. You don't like spam. It bothers you when you get spam. Each message is like a poke in the ribs. You don't like it, and you want it to stop. That's the only reason, nothing about bandwidth and lost time and gigs of storage space. You don't like it and you want it to stop.

But it won't stop. Ever. Even if the President signs an executive order. Get used to it, and get over it. Instead of wasting your time setting up a myriad of email filters and block lists and fretting each time spam makes it through, and wasting time complaining to the spammer's ISP (who couldn't give two fucks) -- JUST GET OVER IT. Click delete and move on. Don't let it annoy you. Simple. And I promise, you won't fall behind at work or have to add another T1 line.

Re:Why does Spam matter?

Spam is no more theft than if I snail mail you a letter without your permission. I pay my costs to get it delivered to your mailbox. But, thereupon, I've wasted space in your mailbox, and wasted your time to open it and perhaps read it, and wasted space in your trash can when you throw it away. Oh, and I used some of the post office's "bandwidth," tying up a few postal employees, some OCR scanners, the letter carrier, you name it.

Oh, and don't give me the "open relay" argument. You'd use the same bullshit theft argument if the spam came directly from the spammer's ISP's mail server. And, if some dumbass leaves his mailer configured as an open relay, he deserves what he gets, and you have no standing to complain about "theft" on his behalf, just like you have no standing to complain about someone stealing my car if I leave the keys in the ignition daily.

Not theft. Come up with a better argument.

Re:Why does Spam matter?

[anthony_dipierro]

So, unlike postal junk mail, where the sender pays for postage, *you* pay for spam.

Carrying postal junk mail takes energy. Therefore I have to eat more, and that costs me money. Also, the mass of the mail has a gravitational force which dilates time. And we all know that time is money.

Re:Why does Spam matter?

[Rude+Turnip]

I hold to my statement that spam is theft. Your Slashdot analogy is meaningless. Posting your email address on Slashdot is purely voluntary. Therefore, anyone that does post their email on Slashdot is *implicitly welcoming* personal email messages from other users.

Re:Why does Spam matter?

[nstrom]

>As much as I dislike spam, saying it is theft because it uses your resources is silly.

Besides the issue of using your resources, spam typically is sent through open SMTP relays, SOCKS or HTTP proxies (and thus the spammers are stealing other people's bandwidth to send the spam), and uses forged return-paths and from addresses, so bounces are typically directed at legitimate networks and/or mail-server HDDs. Spam runs have been documented in several cases to have overloaded companies' networks. If you were paying for bandwidth by the megabyte, a spam run with bounces to your mail servers could definitely cost you. There's definitely theft involved in spam.

Re:Why does Spam matter?

[Rude+Turnip]

Yes, you must eat more technically to carry junkmail to the trash bin...but how do you quantify such an amount? If I wanted, I could count the few seconds it takes to delete spam and add it to the junk senders list. After the span of a year, it would probably add up to a few hundred dollars of my professional time.

As for temporal dilation, even if the junk mail didn't exist, the mass would be in the form of a tree somewhere, still dilating time...so that is a given no matter what.

Re:Why does Spam matter?

[DanielRavenNest]

The obvious solution is to have ISPs charge
back the cost of bulk email to the senders,
and credit the recipients. If the major ISPs
just charged senders a penny per email over
some reasonable limit, most spam would stop.

Example: if AOL allowed 2500 outgoing emails
per account per month, that would handle most
any normal amount of manually generated
messages. Anthing above that would be $0.01
each. So a spammer sending a million emails
would owe $10,000. That gives the ISP an
incentive to collect, defrays the overhead
costs of the computer network, and makes the
spammer think really hard about who they
want to send to.

Daniel

Re:Why does Spam matter?

[eyeball]

Spam is theft. Deleting it takes up time that eventually accumulates...time that can't be billed out. So, unlike postal junk mail, where the sender pays for postage, *you* pay for spam.

I dunno. it takes me less time to determine if an email is spam (1 second) and throw it out (200 ms to click on the delete button) compared to junk mail (determine if it's junk, average 10 seconds since most are contained in official looking envelopes), and discard (1 second to aim and toss into a wastebasket).

Not that I'm a big fan of spam. I work for a major ISP that has 130,000 customers, and when we get hit with spam, it overloads our servers so bad sometimes that the lights practically dim.

Re:Why does Spam matter?

[eaolson]

I think spam would be fine as long as there is a working way to opt-out. If I get something and am able to say "don't send me anymore", and it works and they don't, then I have no problem with it.

Opt-out of how many messages? One person estimates that, should bulk email become an accepted method of advertising, we could expect to see on the order of 300,000 spams per month per address.
I don't have time to opt-out of 300,000 /month. Do you?

Re:Why does Spam matter?

[eaolson]

But it won't stop. Ever. Even if the President signs an executive order. Get used to it, and get over it. Instead of wasting your time setting up a myriad of email filters and block lists and fretting each time spam makes it through, and wasting time complaining to the spammer's ISP (who couldn't give two fucks) -- JUST GET OVER IT. Click delete and move on. Don't let it annoy you. Simple. And I promise, you won't fall behind at work or have to add another T1 line.

Hmm. I can't imagine why you're posting as an AC...

What, you think the bandwith and computer resources to sent hundreds of thousands (if not hundreds of MILLIONS) of 10K emails per day is free? It's been estimated that about 30% of all email traffic is spam. And if spamming ever becomes "respectable" you can expect to see a LOT more crap in your inbox. Yes, that costs resources. That costs my ISP money. That costs ME money. So you're damn right I don't like it!

Re:Why does Spam matter?

[dirk]

Besides the issue of using your resources, spam typically is sent through open SMTP relays, SOCKS or HTTP proxies (and thus the spammers are stealing other people's bandwidth to send the spam), and uses forged return-paths and from addresses, so bounces are typically directed at legitimate networks and/or mail-server HDDs. Spam runs have been documented in several cases to have overloaded companies' networks. If you were paying for bandwidth by the megabyte, a spam run with bounces to your mail servers could definitely cost you. There's definitely theft involved in spam.

That isn't the type of spam being discussed here. You think MSN is sending their spam through an open relay somewhere? As I said, there should be legitimate ways to opt-out and legitimate reply addresses. Most people think fo spam as any unwanted email, including getting your email from a list that they bought. I have no problem with this as long as there is a way to opt-out of it (like telemarketers). The type of spam you are talking about is completely separate from what the actual article is talking about.

Re:Why does Spam matter?

[ahodgson]

Because taken to it's logical conclusion, spam will make E-mail useless.

There are 10 million businesses in the US alone. If each of them sent you only one message per year, you would receive >27,000 messages per day.

How useful would your E-mail be to you if that were happening?

The only reason this isn't happening is because people like me who fight spam every day have kept mainstream businesses from adopting spam as a normal marketing practice.

So dismiss our concerns all you want. But every time you use E-mail for something productive, thank the anti-spammers of the world for making that possible.

Re:Why does Spam matter?

[dirk]

Opt-out of how many messages? One person estimates [robertstech.com] that, should bulk email become an accepted method of advertising, we could expect to see on the order of 300,000 spams per month per address.
I don't have time to opt-out of 300,000 /month. Do you?

Except that even he admits he is making up those numbers. He is assuming 1/2 of all small businesses will spam, which has no basis in fact. He also is assuming that there is no opt-out program.

Asume that all spam has an opt-out program and assume that all people use this opt-out program. That means soon there would be no spam because everyone would be on the opt-out list, except people who wanted it. That's as plausible as his made up scenario.

Re:Why does Spam matter?

[anthony_dipierro]

As for temporal dilation, even if the junk mail didn't exist, the mass would be in the form of a tree somewhere, still dilating time...

But it wouldn't be in my mailbox, so its effect on me personally would be diminished by the square of the distance I am from it.

If I wanted, I could count the few seconds it takes to delete spam and add it to the junk senders list.

And I could count the few seconds it takes to throw the mail in the trash.

After the span of a year, it would probably add up to a few hundred dollars of my professional time.

Why are you getting spam at work? Is it because you're reading personal mail on company time, or because you posted your business email address on a web site? Maybe it's because your particular business requires you to accept unsolicited emails for work purposes, but that's rather rare.

I use pine, and I have DSL, so maybe your results are worse, but I can identify and delete at least 2 spams per second. Say I get 20 spams per day (I get much less). 5 days a week (this is only professional time we're talking about). 50 weeks a year. Even at $300/hour, that doesn't work out to "a few hundred dollars".

In any case, my point is that spam does not cost significantly more to the receiver than junk mail. Both take on the order of seconds of time for the most expensive part of the cost, the identifying and deleting/throwing away.

Re:Why does Spam matter?

Spam isn't costing you any precious resources. Don't bother me with the mindless argument about how valuable your time is, or the size of your mail spool.

If your ISP is getting DoSed by spammers, it's up to your ISP to sue the spammers. Of course they don't and won't do that --- here's the rub --- because they HAVE NO CASE. Believe me, if Earthlink could sue (and win) against spammers, they would jump at the opportunity. Public networks are subject to public use, commercial content notwithstanding.

Re:Why does Spam matter?

[Steve+B]

He is assuming 1/2 of all small businesses will spam, which has no basis in fact.

You're correct that "1/2" has no basis in fact. Were it not for the efforts of anti-spammers in insuring that spam is indelibly branded as the product of sleazy thieves, the fraction would be closer to 99/100.

He also is assuming that there is no opt-out program.

OPT-OUT IS NOT ACCEPTABLE. Spammer "opt-out" lists are simply a fraudulent method of verifying live e-mail addresses. Even if this were not the case, one spam mailing from everyone with something to sell would bury legitimate e-mail under an avalanche of noise.

Re:Why does Spam matter?

[Steve+B]

Most people think fo spam as any unwanted email, including getting your email from a list that they bought.

If someone bought an e-mail address from anyone other than the owner of that e-mail address, then they are purchasing stolen goods. A purchase of stolen goods conveys no legitimate property right (and, if you knew that the goods were stolen -- which is the case when someone purchases a list of e-mail addresses stolen from the Net -- the purchase makes the purchaser an accessory after the fact).

Re:Why does Spam matter?

[Rude+Turnip]

I've never posted my work address anywhere, yet I always seem to get spam for Viagra, insurance, college diplomas and "organ enhancement" pills. Our sysadmin told me that the way our email service is set up, it's not too hard for spammers to get to us...I forget the details.

The time factor, although fun to play numbers games with, is only a small part of the cost in reality. The real cost is in server space and bandwith. A tangible metaphor would be someone dumping trash on property that you rent.

Re:Why does Spam matter?

Oh, Jesus. There you go with the space/bandwidth straw man again. Give it up. If the people responsible for paying for space and bandwidth can prove that this "theft" is more than a mirage, why don't they sue?

Re:Why does Spam matter?

Offensive too. Not everyone looks forward to receiving porn.

Re:Why does Spam matter?

[Rude+Turnip]

The time and legal resources needed to sue a large number of spammers would be too great a burden.

Re:Why does Spam matter?

[eaolson]

Asume that all spam has an opt-out program and assume that all people use this opt-out program. That means soon there would be no spam because everyone would be on the opt-out list, except people who wanted it. That's as plausible as his made up scenario.

And you are assuming that there will be a single, effective opt-out list. Rather, I suspect there would be an opt-out list for about every company trying to spam. And when I opt-out of list AAAAA, I'll probably be added to list AAAAB, which when used to spam me and then be sold to another company.

Re:Why does Spam matter?

[eaolson]

Spam isn't costing you any precious resources. Don't bother me with the mindless argument about how valuable your time is, or the size of your mail spool.

Oh, I'm sorry. Discussing it would be "bothering" you? Bandwidth is a limited resource and it has a non-zero value. If marketers are allowed to shift the majority of their costs off themselves and onto me, they will do so.

If your ISP is getting DoSed by spammers, it's up to your ISP to sue the spammers. Of course they don't and won't do that --- here's the rub --- because they HAVE NO CASE.

Actually, an increasing number of people are doing that, and winning. We're not talking (malicious) DOS attacks. We're talking about people sending so many email messages to so many people, that they're overloading entire networks.

Public networks are subject to public use, commercial content notwithstanding.

What "public network"? My ISP's network is private property. Sure, it's connected to the rest of the world, but so is my telephone. Marketers can't call me long-distance collect and expect me not to get ticked off.

Spam has the potential to end the days of email as an effective communication medium. I don't want to see that happen.

Re:Why does Spam matter?

[dirk]

If someone bought an e-mail address from anyone other than the owner of that e-mail address, then they are purchasing stolen goods. A purchase of stolen goods conveys no legitimate property right (and, if you knew that the goods were stolen -- which is the case when someone purchases a list of e-mail addresses stolen from the Net -- the purchase makes the purchaser an accessory after the fact).

And this is exactly where it gets silly. If your email address is available to the public, then you are giving it away for people to use. If some people send you something you don't want, they haven't "stolen" your address, you gave it to them, by fact you put in out for public consumption. If I look up your phone number in the phone book and call you, I haven't stolen your phone number. If I then sell your number to someone else, they haven't stolen it either. Same goes with your address. If I drive by your house, right down your address, and send you mail, I haven't stolen anything. If something is offered for public use (such as an email address), that goes for the entire public. And yes, email addresses are for public use, that is why there is no authorization needed to send mail to someone. If you want to authorize people before they can talk to you, use ICQ, not email.

Re:Why does Spam matter?

[geekoid]

so If I want to cost MS money I should sign up for an MSN accout and opt-in to every spammer there is!
Finally a way to break MS!

Re:Why does Spam matter?

bill.maly@mcleodusa.net

look at mr mally's email adress in his message
it doesn't say bill.maly@mcleodusa.net

Re:Why does Spam matter?

[Steve+B]

Nonsense. This is the same sort of absurd "logic" offered by people who steal the entire run of a campus newspaper in order to censor something that offended them.

Re:Why does Spam matter?

[anthony_dipierro]

Small claims court costs what, $50? And if you win you're almost sure to get at least $500 in punitive damages.

Re:Why does Spam matter?

[anthony_dipierro]

The real cost is in server space and bandwith.

E-mail only bounces (or costs money) if your mailbox fills, just like snail mail.

Same thing with bandwidth at the ISP level. At the end-user level, bandwidth is generally free.

A tangible metaphor would be someone dumping trash on property that you rent.

Dumping your McDonalds trash in the Burger King trash can, maybe. Computers don't accept incoming mail by default. You have to explicitly set them up to do so, and by doing so you are implicitly allowing people to send you mail.

Re:Why does Spam matter?

[gorbachev]

http://www.clifto.com/8345.html

That's why it matters.

If spam is accepted, you will drown on it. Make no mistake about it.

Re:Why does Spam matter?

[gorbachev]

Okay, so if 1/2 the companies spamming is too much...

Let's say only .1% of all small businesses in USA send one unsolicited Email per year.

There's roughly 25,000,000 small business in the US. That's 25,000 Emails per year in your mailbox. About 68 Emails per day.

Let's say they send one email per month. The number of Emails in your mailbox goes up to 816 or so.

Most mainsleaze spammers I get spam from, send spam weekly. That's 3536 Emails per day in your mailbox.

Isn't that just so much better?

And that's just counting spam from .1% of US based small businesses.

-TPP

Headers

[Sawbones]

While their 4 criteria are good and all, I'm surprised there's nothing in there about leaving headers intact. After all, the company who's crap I'm learning about often isn't the company doing the email. They may have a legitimate unsubscribe link, but that removes me from the spam companies list for THAT CLIENT. they'll then happily add me to the list for all of their other clients. But if the headers were true I could (in theory) contact the spam co directly and save myself a ton of bandwidth.

hmm, come to think of it, that's probably why intact headers isn't a requirement.

Just another TRUSTe scam...

It's a point that hardly bears repeating, but TRUSTe is about as valid as an accounting ethics organization run by Arthur Andersen. Its motives are driven primarily by the interests of its largest members, and it accordingly treats the big guns (like Intel and Microsoft) with kid gloves when it comes to privacy issues ... at least, as long as they have a TRUSTe board member on staff.

As others have pointed out, the only good thing about the trusted spam proposal is that it'll be just that much easier to filter out the crap. But it does nothing to address the current spam problem, only provides a method for companies to add to it.

-Baka ni!

how can they leave out miss cleo?

[negativethirsty]

Well since Miss Cleo was left out on that list of "authorized" spammers, she must know its doomed to fail.

No no wait, this is a good thing...

[dcigary]

Really! Just wait until they get all this fancy stuff in place and allow users to legitamately "opt-out" using their systems and behold, everyone will! Their mailing lists will dwindle down to nothing forcing them all into bankruptcy, once and for all proving that Spam mail is not profitable if you have to be held accountable for your actions.

When will they learn

[MoneyT]

When will companies learn that the people will always be one step ahead of them? SOme one will come up with a trusted spam filter and we'll all be back to out normaly schedualed lives.

More Horsesh*t

This isn't going to mean anything to any of us. It's not like they're going to advertise that they're "trusted", or whatnot, in the mail. That would be dumb, because we could just filter them out.

More likely, there'll be a phone number or something you can call (not listed in the mail, naturally), where you can "verify" a company. Thus, rendering the whole operation entirely useless, save for taking money from some less than bright spammers. Or rich spammers, to whom this cost is meaningless.

Spam Hell

[ScumBiker]

First off, spammers can bite my ass. I've implemented everything I can to protect my users and I still get complaints. It's getting ridiculous. Frankly, any program that tries to codify, organize, or control spam, short of snailmail bombs or law, is doomed to fail. How are we supposed to trust people that lie to us in the first place by setting fake headers in the email? Fsck spam.

Don't waste time on scripts, use .procmailrc

[J'raxis]

procmail:

:0 B
* TRUSTe
/dev/null

Re:Don't waste time on scripts, use .procmailrc

:0 B
* TRUSTe
! postmaster@truste.com

Telemarketer tarpit.

[Restil]

This is an idea I'm working on to help reduce telemarking calls.

I'm envisioning a simple device that sits on your phone line. When a telemarketer calls you, as soon as you realize its a telemarketer, you activate the unit and hang up. The device takes
over after that.

While the telemarketer is talking, the device will play back every few seconds any of about 20 different small murmers "hmmm" "uh huh" "yeah" "interesting" etc. Then when the telemarketer stops talking, the device will detect the drop in audio and will play back one of several segue phrases "That sounds very interesting, could you tell me more" "Are you offering any other services?" "How much does all of this cost?" "Could you go over all that again so I can take notes?" "I've been interested in this very thing, but I need to make sure its safe. Could you tell me all the safety standards you stand to?" "Could you hold on for a couple minutes, I have something on the stove. DON'T LEAVE!" And so on.

Telemarketers are mostly script readers. The idea will to be to ask vague questions that will cause them to find the most appropriate script. And just keep them going for a LONG time. When the phone line finally goes dead, the device will hang up automatically. Maybe keep track of the longest call. Maybe record them too. The possibilities are endless!

This device probably wouldn't cost more than $20 to manufacture and is the perfect way to keep telemarketers busy when they call you at dinner. Not only will you be able to eat with a smug grin on your face, any other incoming calls will be blocked by the lively conversation. You'll be assured of a meal in peace.

-Restil

Re:Telemarketer tarpit.

[ajm]

Unfortunately this doesn't hurt the people responsible, just the people being paid very little to make the phone calls (now there's a fun job NOT). Rather like those idiots who think its fun to put lots of staples in their tax returns etc. That has absolutely no effect on anyone who can make any difference and just causes problems for the minimum wage workers who have to open the damm things. If you're going to take action make sure the action is impacting those who you want to impact.

Re:Telemarketer tarpit.

[swm]

I used to hang up on telemarketers immediately.

Now, I let them go through their speil.
It's sort of a random act of kindness thing: time spent talking to me is time they can't spend harassing my neighbors.

If everyone did this, it would raise their costs significantly.

Re:Telemarketer tarpit.

[Restil]

If people work as telemarketers, they're contributing to the problem. They don't HAVE to be telemarketers. And if they're getting paid minimum wage anyways, what do they care if they get stuck on a phone call for years. If they work on commission, then by getting a severe cut in pay they might start thinking that telemarketing isn't a worthwhile profession. If nobody is there to man the phones, that solves the problem.

And remember, going after the top will affect the "lowly" telemarkters at the bottom too. I'm not really all that concerned about making life difficult for those who intentionally join a profession that by its very nature annoys people. And telemarketers KNOW that they annoy people. If they don't know that going into the job, they'll figure it out in the first hour. They might be able to make some good money at it. Great. But in that profession it comes with a price. That price is sometimes they're going to piss people off and those people might choose to take out their anger in creative, yet harmless ways.

And you're right about saying that putting stables in tax returns is stupid. Not because it annoys the workers at the other end, but because the IRS is an organization you don't really want to piss off. I don't have the same concern for telemarketing organizations.

-Restil

Re:Telemarketer tarpit.

[bluGill]

Unfortunately this doesn't hurt the people responsible, just the people being paid very little to make the phone calls

Ahh, but it does. You see they are paying for the call, generally long distance. They are also paying a telemarketer (minimum wage), who isn't making a sale, so they have to hire more wage slaves. And because you are taking away a commision in a undetectable way, wage slaves earn less, so they demand more in the wage to make up for the commission loss.

At church they always teach us to do onto others as you would want them to do to you. I wouldn't want someone to call me on my private phone, so I don't take a job calling people on their phone. Seems the wage slaves deserve whatever they get, and they should find a more productive job. (yes they exist, and creative people can create jobs)

Re:Telemarketer tarpit.

[Black+Parrot]

> Unfortunately this doesn't hurt the people responsible, just the people being paid very little to make thephone calls

Probably it does: cheap labor may be their biggest expense. If you've noticed, they all switched over to mass-dialing systems about a year ago, so now when you pick up the phone you immediately know it's a telemarketer because there is a 4-second pause while their war-dialer says "hey, a sucker anwsered" and tries to find a free human operator to connect you to.

I've started doing essentially what Restil suggests -- as soon as the operator makes the required introduction, I say "hang on a second" and put the phone down on my desk as quietly as I can.

If they waste my time, I don't feel the least bit guilty about wasting theirs. Hopefully they'll decide that I'm too expensive for them to waste their time on.

Re:Telemarketer tarpit.

[spottedkangaroo]

I would actually buy one of these.

I suspect hundreds of people would. All their calls are long distance (to block the ANI). Peachy.

Are you actually going to build this device?

Re:Telemarketer tarpit.

[Restil]

I'm already working on a prototype.. At first its just going to be wired into the soundcard. I have a line I never use for actual incoming phone calls and I never give out the number to, so everyone that calls is either a wrong number or a telemarketer, so I plan to put it on there and just answer everything.

I should have something working in a week or so.
I just thought of the idea 2 days ago.

-Restil

Re:Telemarketer tarpit.

[Alan+Cox]

I'm not sure its needs to be so sophisticated.
You can have hours of fun with a recording of
"I'm just going to fetch daddy", a thud and random
background noise until they hang up.

Or for iritation factor
"Let me fetch mum, click"

See how many times they try and call and say "dont
put the phone down on the hook ..."

Re:Telemarketer tarpit.

I had a related idea last night after I checked my answering machine and found a 2 minute pre-recorded sales pitch for some work-from-your-couch-and-make-Big-Bucks scam on it. They give an 800 number that just gets you another sales pitch, but at the end, they want to record your name & address so they can mail you more junk.

The neat thing is that this recording session appears to go on indefinetely. About once a minute the system comes on to ask if your done (press #), want to re-record your message (press 3), or want to append to your message (press 4). If the line is silent it will cut you off.

So, you could do a nice little DoS attack. Have your modem dial the number, wait until the recording phase starts (determined with a stopwatch) then play some barry manilow at them until it prompts you. Then you send a tone for 4 (append) and keep going! Keeps the line busy, fills up the recorders, and some sap will have to listem to at least the first few seconds of it for every call.

The only issue is they will probably get your phone number out of the deal, which could be annoying.

Re:Telemarketer tarpit.

[Flagbrew]

I love screwing with the telemarketers that call work. Typical conversation (has been done countless times here):

Telemarketer: Hi this is mumble from mumble. I was just calling to get the model number of the copier in the office.

Me: Oh, ok, exactly what am I looking for?

T: A four or five digit number on the nameplate.

M: Oh, ok, I'll go check. [puts them on hold for 5 minutes or so] Sorry, I'm having trouble finding it, what am I looking for again?

T: A number right next to the brand name.

M: Oh, sorry, I'll go check again. [puts them on hold for 5 minutes, again] I'm real sorry here, I'm having trouble finding it.

T: [starting to get annoyed] It's a four or five digit number right next to the brand, like Canon or Xerox, on the front of the copier.

M: Oh, all right, I'm real sorry, let me look one more time. [hold for 2 or 3 minutes] Well, I'll tell you, I just can't find it. Sorry about that.

T: It should be right there on the front of the copier - four digit number.

M: No I guess, you don't understand, I'm having trouble finding the copier.

T: [click]

Re:Telemarketer tarpit.

[parliboy]

I usually hang up as well.

Last time I got called to the phone by clueless, desparate family. You know, the kind who listen to telemarketers because that's how hollow their life is.

So, I played nice and listened.

It was an ubiquitously large telephone company trying to get me to switch long distance carriers, and touting their great low rates.

"OK, let's cut to the end. I'm getting five cents per minute right now -- can you beat that?"

"Yes, sir, we can offer you 200 minutes per month for only $12.95."

1.3 seconds of math later....

"Ah, see that's more than 5 cents a minute, thank you. CLICK"

I actually haven't gotten once of those since then. I have a working theory that once there's definitive proof that you're not stupid, they give up on you.

Re:Telemarketer tarpit.

[mikeee]

Personally, I like to ask the telemarketers if they've been Saved by Jesus...

Re:Telemarketer tarpit.

I have a similar spiel for the refinancing calls. As soon as I know it's one of those:

"What's the best possible rate you could get me for a 30 year fixed rate VA loan with no points."

About half the time the response is something like "I'm sorry sir, I don't have that information" THEN WHY ARE YOU CALLING ME!?!?!

The other half the time they actually come back with a number which is well above my break-even point for refinancing (about 6.2% I figure), so I tell them they're not even close and hang up.

The thing is, they know when I got my loan (they get it from the county real estate transactions, which are public), and they know what the typical rates were at that time. So they know they aren't even close. They just count on getting suckers who don't do the math.

Re:Telemarketer tarpit.

[rhkaloge]

Has anyone else seen a device, while not similar to this proposal, that claims to trace back the call and "zap" your information from the telemarketers computer? As advertised, I can't think of anyway this would work, unless it logs a request to remove you from thier call list or something. Any idea how this works?

Re:Telemarketer tarpit.

[alcmena]

I wish that your theory was true. I don't make any long distance calls. None. I don't even have a long distance provider. I *still* get calls from long distance companies.

"We can offer you x minutes for only $y per month."

"Yeah, that's great, but I don't make any long distance calls."

"But sir, you get x minutes for only $y per month, and then only $z per minute after that."

"I don't make any long distance calls. I don't even spend $y per month. Why would I want to no?"

"I understand sir, but for only $y per month..."

"ARGH!!!!" *click*

Re:Telemarketer tarpit.

[ethereal]

"click"

Wait, he didn't hang up, he just said "click"!

"Dial toooooooone..."

Re:Telemarketer tarpit.

[Reltuk]

I don't know how it works either, but I have seen such a thing advertised. I was thinking that perhaps the phone systems work in such a way that an inaudible signal is sent to indicate things such as a connection or the fact that it is busy, as well as actually playing the audible busy signal. If this were the case, the phone box thing could 'cause the signal which indicates a disconnected number to be sent, which would cause the telemarketer's computer to believe the number no longer worked and to take it out of their system. That's actually probably a stupid idea...I don't see why the phone companies would allow such things to take place. Just a thought though.

--Reltuk

Re:Telemarketer tarpit.

[twrayinma]

Ahh, but it does. You see they are paying for the call, generally long distance.
but didn't you know? they only pay a buck for the first five minutes...

Re:Telemarketer tarpit.

{Not a coward, just too lazy to log in)

This isn't exactly like what you described, but Radio Shack sells something kinda similar. I think it works by detecting that 4-second lapse in between switching from the war dialer to the human and sends a disconnect signal to the other end, or something like that.

Re:Telemarketer tarpit.

[dman123]

Good ideas. However, I suggest that you don't put in "yea" or "uh-huh" or any other similar yes-type answer. After all, they could be asking you if you want to buy something and a yes would a bad thing at that moment. If someone figured out you were not actually on on the line, he could slam you by asking you again and again if you wanted to switch long distance companies until "yea" came up.

Personal anecdote: I once asked the telemarketer how much of his time I had wasted (in a smug way) and he still wanted to hold the line for another 2 minutes while I put the phone down to "check something." I then asked him two more times after that about how much of his time I had wasted. It took more than 5 more minutes of me "checking something" before he figured out what was happening and I still got him to listen to me rant about telemarketers for another 2 minutes.

Another fun thing to do is try to say only one word, in different tones, the entire conversation. The word "dude" can be used is so many ways!

Re:Telemarketer tarpit.

[RetroGeek]

Have it respond to a TouchTone sequence, like 69. That way a legitimate call won't get it, but if you get a marketing call just press 69, wait, and hang up the phone.

Re:Telemarketer tarpit.

[Restil]

good point. I'll make sure not to implement any sounds that could be used to make an affirmative statement.

Although, I'm not really concerned about it. Unless the telemarketer is selling a service they can directly charge my phone number for, there's not a lot they can do in my case. No telemarketer who ever calls my number has my name or address, as I never give out the number to anyone, and its unlisted.

Still, considering my conversation may be recorded, I'm willing to bet theirs will be too, so its a good point to avoid those potential snafu's.

-Restil

Re:Telemarketer tarpit.

[Scooby+Snacks]

A year ago? About 4-5 years ago, I worked for one of those firms[1] and they used the auto-dialer then. Let me tell you, having an unpronounceable name come up on your screen two seconds after the person answers is a real bitch.

[1] Yes, I know. I couldn't stand it or stand myself for doing it, so I saw the light and quit after two weeks.

Re:Telemarketer tarpit.

[Scooby+Snacks]

One way to avoid having your long-distance service slammed is to have a "PIC freeze" put on your phone line...

Re:Telemarketer tarpit.

[Phred+T.+Magnificent]

That's an interesting idea, but I think I prefer this one better :)

Re:Telemarketer tarpit.

[AvatarADV]

I prefer this method:

"Sure, I can connect you to that person, but we have a fifty-dollar solicitation fee; can I get some information for billing purposes first?"

I get the amusement of the poor schmuck flailing around for an answer that can't be construed as "okay", and who knows? Maybe one of these days I'll actually get paid by accident.

Re:Telemarketer tarpit.

[sik+puppy]

A friend did something that was a riot

A telemarketer calls their modem only 2nd phone line. Wife answers while the telemarketing woman goes into her speil - some kind of insurance. Husband starts making gay sex sounds in background, occasionally getting really loud. The loud outbursts cause the telemarketer to lose her place in the script, causing her to start over. The wife acts sincerely interested. After about 10 minutes, the woman gives up and gets her supervisor to continue the sale - he is a little brighter and hangs up within 2 or 3 minutes.

To this day I laugh hard thinking about this one - truly a classic.

I prefer the opposite

If spammers refined their targeting strategies users would not complain.

I don't want marketers refining their targeting of me. I come up with enough ways to throw away money all by myself. Now if my savings account could send me occasional complaints, that'd be helpful. Barring that, the less likely I am to be interested in an advertisement, the better!

Decent Idea

[BCGlorfindel]

I for one see the concept here as a good idea. Filtering email so that only messages from specific senders/domains/whatever are accepted may become required. It's a big step forward from the currently popular method of accepting all emails and then blocking 'spammer' senders/domains. It's the same with firewalls, block everything and only allow trusted traffic, or allow all trafic and only block untrusted traffic.

What everyone seems to be missing...

[jd]

Is that it would be very easy for that "trusted seal" to contain all sorts of nasties.

If the "trusted seal" is, in fact, a hyperlink to an image, you get an instant list of all recipients and a good idea of their timezone. You also get their actual computer ID, not just the ID of the mail server that they use. Other information sent includes the browser/mail client ID, the OS used, and any other bits of information included in an HTTP request.

Of course, if the connection goes via a .NET-enabled system, you also get their .NET id (if they have one), which can be used for comparisons. (eg: Is the personal name for the e-mail the same as that for their e-mail client and/or their passport account, which can then be used to cross-reference other database entries for that same person, to build up a better marketting picture.)

There may be other controls in the e-mail, or the image, which can feed back other information. It's not as if the average Windows box is hyper-secure.

I don't know if Outlook lets people slide controls into the subject line (say, via a buffer overflow), but if it does, you can also get the date and time the e-mail was delivered to the user, regardless of whether they opened it or not.

If someone is detected as having .NET (see above), and their connection is not secured, then the server would have sufficient information to scan the victim^H^H^H^H^H^Huser's machine, say for keywords of interest, pirated software, etc.

Does Spam Ever Work?

[rootmonkey]

Don't they get it even if its some "trusted spam", I still have no interset in reading that crap. If I want to buy something I go and look for it. I don't know why spammers keep spamming, is it effective? I highly doubt it. It just must be because its cheap (for them). *Or maybe I'm complelety wrong and spamming is a great way to promote or sell a product.*

Spam will become self-defeating

[medcalf]

At least for users with domains that are not run by large corporate entities. I have already been designing an email server which will allow each user to maintain lists of trusted email senders, define policies by which they will accept email from senders not on the list, etc. The basic idea is that the user would be able to control their receipt of email by the server. I am sure that better coders than I are already thinking along these lines, as well. As the volume of spam grows, it will be easy to get ISPs and self-managed domains to switch to this kind of email system. The only people who would be SOL (besides the spammers) are those using AOL, Hotmail and the like.

Of course, this also inherently reduces the utility of email, because it will almost certainly result in the loss of mail we want, because human nature is to forget to add things in to filters like this.

-jeff

Point to Point Email Protocol

[The+Panther!]

Isn't it about time good ol' SMTP is put to rest?

In an ideal mail system, it would work much like the current IM clients do. All email is digitally signed by the sender, and encoded using your public key. Each client has a filter list of signatures they will accept mail from ("friends"), a set of keywords they are interested in ("acceptable spam"), and a set of keywords they will never accept ("objectionable content"). Any message not signed and not encoded using a registered public key (you might have several) will be rejected.

The reason for multiple public keys is you might post to a newsgroup saying you have some stuff for sale. You post a public key with it, specifically to receive things about that message. After a week, or when you've sold your goods, you unregister that key with your mail reader and you never see anything about it again. Spammers would otherwise troll for public keys and your email address. You'd probably give family and friends your 'trusted' public key. If it ever leaks out, you change your key and mail it to your friends, then disconnect your old one.

I suppose this can all be implemented on top of SMTP, but giving servers the ability to reject mail and kill spam would be a big reduction in wasted bandwidth.

Email should work more like ICQ...

[NanoGator]

I don't rely on e-mail much anymore, just at work. I have Trillian to keep in touch with my friends. I like it because people have to get my authorization to see me on-line. Why can't email act like this? Heck, it'd only require a client really. It works like this:

Somebody sends an email, it sits on the mailserver. The new mail client checks the from field of the address and attempts to match it up to its address book. If it finds it, the mail goes through. If not, then a mail is sent back saying "You are not authorized to send this mail. Would you like to acquire authorization? Then please send a message back with exacctly this in the Subject 'INSERT PASSWORD HERE'." (that part is an image like a .JPG file or a .GIF file, preventing spammers from writing a script to automatically seek authorization.) Then, once it's sent, I get a message on my mail client saying "So and so has requested authorization", alot like ICQ. If I authorize it, they're good to go. If I deny it, then I dont recieve any more messages from them.

I'd get this client installed today if it were available. Right now I manually add filters to put people I really want to hear from in a different folder. Everything else sits out in the inbox until I do a cleansing. I'm starting to see patterns in what I'm getting too. I think I'm going to filter the words diploma, enlarge, and celebrity.

Re:Email should work more like ICQ...

[Black+Parrot]

> I think I'm going to filter the words diploma, enlarge, and celebrity.

Ah, so you get all that CELEBRITY TELLS HOW TO ENLARGE YOUR DIPLOMA spam too, eh?

Re:Email should work more like ICQ...

[rkmath]

But this still does not prevent people from
_sending_ you unsolicited email - you just have an easy job creating the filter. The spammers don't care that much if you read their email or not - but they sure would like to know if there your email address is a valid one.

--- RK

Re:Email should work more like ICQ...

[nicwolff]

I do this with a simple procmail script. In fact, you don't need the password and manual authorization: spammers don't read their return mail.

This is blocking 100 spams a day for me right now. I still get maybe 3 non-spam UCEs a week from real people. And no one has ever compained about it.

Re:Email should work more like ICQ...

[grff]

I find that this in my .procmailrc filters out 99% of my spam. I only get about 2 or 3 spams a week now.

##### For inbox: #####
:0
* ^(To|CC).*me@.*my-company.com
${DEFAULT}

:0
* ^From.*my-company.com
${DEFAULT}

##### ALL THE REST IS SPAM #####
# Send all the rest to spam
:0:
${MAILDIR}/IN.SPAM

This means that only mail that is either Directly addressed to me OR from someone at the same company gets into my inbox. Everything else is spam. The only mails that occasionaly end up mistakenly in the spam folder are when someone from outside the company Bcc's me, but this happens very infrequently, so checking the spam folder once every few days is enough.

Re:Email should work more like ICQ...

[NanoGator]

Spam affects me because it uses my resources and can potentially make me miss an important mesasge. If I can block it, then it's no longer affecting me.

I cant stop people from sending spam, but I can discourage their using it. If everybody in the world adopted a solution along the lines of 'you need to authenticate before I even open the email', then the value of spam goes way down.

For me, this is an 'out of sight, out of mind' experience.

Re:Email should work more like ICQ...

[Ben+Hutchings]

I like it because people have to get my authorization to see me on-line.

*snort* There's no server-side check for authorisation, so with unofficial client software one can add users to the watch list without their permission.

Re:Email should work more like ICQ...

[WNight]

Despite the comments from the nay-sayers, I have seen this system in action and it seems to work just fine.

The system held incoming email from a new correspondent for 24 hours until they emailed back a randomly generated password that was sent to them.

Even just stopping here would be enough to remove 99% of spam because almost all return addresses are forged.

To go further and encode the password in a picture file would stop almost all automated systems you could make, and a few little tweaks (using a striped background) that you changed every few months would keep them from using OCR.

And finally, who gets enough email from new people every day that the fraction of a second to encode a .GIF (or .PNG if you wish) file and email it is going to add up to more than a few seconds? It might inconvenience the emailer and if for example you applied for a job with that email address it might be a bad thing, but you could always either tell it to let anything from a certain domain through beforehand.

Re:Email should work more like ICQ...

[Erore]

It is called TMDA and it is available at tmda.sourceforge.net

Re:Email should work more like ICQ...

[mikeboone]

This is a simple and cool idea. I tested this script on my local box and I hope to put it on my real mail server soon. Thanks!

(mod that idea up!)

Re:Email should work more like ICQ...

[Technician]

It does work like a charm. Just remember to trashcan unable to deliver replies. Most spam can not be replied to. It almost always bounces as undeliverable because user is unknown. I know because I am a Washington State resident. I reply to inform the sender of the law that lets me collect $$ if they spam me after I informed them I am a Washington State resident. You don't want to make a rejected mail loop with your mail server.

Better, spam the spammer...

[da5idnetlimit.com]

Why not.

We all know the Slashdot Effect, and that's just - connecting - to the page.

Why no spam then on ?

Like "Dear Sir, we re glad to say we received you email,

Please take note that my IP Return Flag Header contains a limited EULA. By receiving this email, and all its IP Packet, you hereby accepted to receive 28 800 emails/day (1/sec, business hours) coming from my adress.You also accepted to click on every single banner I send you.

Your business adress will also be sold as often as possible, along with all your coordinates.

Thank you, for it's because of you I had the idea starting this wholesale business.

Beeing removed from this service is not mandatory, but we have to ask you a $1000 fee for unsigning administrativ costs..

Hoping to read from you,

..."

GO GO GO SLASHSPAM

passwords to the inbox

[Nf1nk]

I thought about your idea of putting a password on my inbox, but I realized that it would do little good.

First I would have to set up the filter, but that is the easy part the next part gets nasty.

If I am one of the few who require this password protected email, getting my customers to add this password to, lets say the subject line, they will not be happy nor will they get it right 3/4 of the time.

Third and this is where it gets odd, if these passwords became more common at some point you are going to order something online and you will need to supply this password to an outside source that seems trustworthy. They (or a disgruntled ex-employee) will in turn sell your address and password (and a couple of thousand others) to a data mining company who will distrubute it to Spamers and bamm there we are right back where we started.

Re:passwords to the inbox

[Andrewkov]

How about a reverse-filter? What I mean is, set up filters for people you WANT to receive mail from, and put those messages in a special folder. All the rest of the crap in your inbox can then be safely deleted without looking at it.

Re:passwords to the inbox

[Nf1nk]

That would work for say filtering to specific folders in your email client, and I am already doing this , and I must say that it works, but for my general inbox, I still on occasion need to get emails from people who I have never worked with before. and I don't see how reverse filtering would help

Re:passwords to the inbox

[Genom]

I still on occasion need to get emails from people who I have never worked with before. and I don't see how reverse filtering would help

This is why there is no one solution that will work. Reverse filtering a "whitelist" of addresses you know are legitimate is a good start.

Also filter known mailing lists that you've subscribed to into their own folder(s).

Follow that by "blacklisting" known offenders, so subsequent mailings from them get thrown in the bitbucket (or a designated SPAM folder, if you prefer)

Filter anything not addressed directly to you (IE: your address in the To or CC field) into a "suspect" folder. These can sometimes be legitimate mailings, but most often are spam.

This leaves a signifigantly reduced ammount of mail in your main Inbox, and allows you to selectively read what you want to read. The longer your "blacklist" gets, the less actual spam will show up in your "suspect" folder. The longer your "whitelist" gets, the less legitimate email will end up in the "suspect" folder. Eventually, you'll find that you seldom get new mail in your "suspect" folder at all - and when you do, it's most likely spam, unless you're expecting something.

I use Mail::Audit to do my filtering, using the above method - and it has *nearly* eliminated my 50+ spam/day problem. I'm down to 2-3 a week, and I expect that to drop even more when I add razor to my filterset.

Re:passwords to the inbox

[Nf1nk]

One other thiing that I do that I have not heard mentioned is have a Spam acct that is posted in ways that bots will pick it up but people will not, and any one who emails to this address is blacklisted (no it is not the one listed here)

No maybe about it

[Our+Man+In+Redmond]

It's only GOOD if the people who are currently sending you spam adopt the Truste seal. Otherwise you'll have the same amount coming to your inbox, and much more being filtered but still wasting your bandwidth.

Yeah but 99% of current spammers (or their patterns) are already in my filter. I already can't see all the ads for Viagra, lonely hearts clubs, investing tips and get-rich-quick-by-sending-spam schemes, not to mention whatever it is all those people sending me mail in Korean are trying to sell me. If I read this correctly, this will stop ads from people like Chevron, Anheuser-Busch, Wal-Mart and Colonial Penn Insurance, none of whose products or services I use nor would I be likely to just because they decided that it was now OK to start mailing me on a daily basis. (Not to pick on these companies or imply anything about them other than that they're major advertisers, I just don't buy gas or drink beer, my employer provides my insurance and there isn't a Wal-Mart within 20 miles of where I live.)

I can however see one effect of the Truste seal. In Washington state at least, one of the criteria used to judge whether a piece of unsolicited commercial email is illegal is whether there is intent by the sender to disguise his/her identity. This seal will apparently verify that whoever sent the mail is who they claim to be, which would mean you couldn't sue the spammer on that basis.

Re:No maybe about it

[Penguinoflight]

So it's good because this way you can sue them? Seriously, I don't see any advantage to people sending you spam, even if you can filter it.

Re:No maybe about it

[Our+Man+In+Redmond]

No, it's not good because I can sue them, it's good because I can filter them. I don't like mosquitos either, but if they're going to be around I want window screens between me and them.

And if you don't see any advantage to people sending you spam, that's good, because there isn't any.

Taxes to not go to the postal service

[autopr0n]

The US postal service actualy makes a profit and does not recive any tax money.

Re:Taxes to not go to the postal service

[anthony_dipierro]

The US postal service actualy makes a profit and does not recive any tax money.

That's not exactly true. See this for example.

The Direct Marketing Association (The DMA) today voiced its support for the United States Postal Service (USPS) Board of Governors' (BOG) request to the Office of Management and Budget (OMB) to accelerate the payment of "revenue foregone" funds, authorized in the Revenue Foregone Reform Act of 1993, in the federal fiscal year 2003 budget.

That's why there's procmail

Filter it before it gets to your mail program.

on the contrary...

[oregon]

elevate it above ISPs' and end users' spam filters

They're putting in digital signatures and links to their verification programme.

This makes their worthless spam easier to filter, not harder.

Thanks guys!

another article on wired

there's also coverage here at Wired..

so?

[hawk]

That it's the only job they can get doesn't justify telemarketing any more than it justifies prostitution, contract hits, or crack dealing.

If it ties them up longer, it makes the returns from telemarketing lower, making it a less desirable activity for the marketer.

It should be a criminal offense to make a solicitation from a phone line that does not in some way identify the call as such--so that the victims can avoid having the phone ring in the first place.

hawk

Re:so?

[Crispin+Cowan]

That it's the only job they can get doesn't justify telemarketing any more than it justifies prostitution, contract hits, or crack dealing.

Hey, watch what you say about prostituion and crack dealing. Those professions are far more legitimate than telemarketing.

Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase

Re:so?

[Restil]

So true. The customer base for prostitution and crack dealing actually WANT the services they're consuming. Telemarketers can't make the same claim.

-Restil

Re:so?

[njdj]

I don't understand why this nasty little smear got modded up. Prostitutes supply a service that people want and are willing to pay for. They do no harm to anybody, except possibly to the bigots who just can't stand the thought that somebody, somewhere, might be having a good time.

Putting them into the same category as the telemarketer scum who interrupt my meals and tie up my phone line is despicable.

Re:so?

[Don+Faulkner]

Not true. The consumer is not the telemarketers' customer. Those companies that hire the telemarketers definately want the service.

I love this idea

[Our+Man+In+Redmond]

Contact me when you need a beta tester. :) I've considered a similar idea where you play back a sales pitch from a different telemarketer, but this has more possibilities for fun.

There's already a device you can put on your phone line that, when activated, recites the relevant sections of the laws governing telemarketing. And our local phone company (Qwest) says it provides a similar service which, according to their TV ads, identifies telemarketers and recites a message along the lines of, "This number does not accept messages from solicitors. Please hang up now." I haven't checked into it yet.

Re:I love this idea

[alcmena]

And our local phone company (Qwest) says it provides a similar service which, according to their TV ads, identifies telemarketers and recites a message along the lines of, "This number does not accept messages from solicitors. Please hang up now."

Man it must be great being a phone company. First, they sell your number to the telemarketers. Second, they sell you a caller id service so you can filter telemarketers. Third, they sell the telemarketers a device that blocks caller id. Fourth, they sell you a device that blocks blocked caller id calls. Fifth, they sell the telemarketer a device that puts garbage in the caller id field so it doesn't get blocked. Finally, they sell you a service that blocks the telemarketer. I'll bet it isn't too long before they sell the telemarketer some sorted of "trusted status" device that gets them through the new block.

Why not get a few laws working for you?

[Kjella]

Here in Norway, we've got this nice little thing called the marketing law (this is not an official translation, original text at the end):

2b. Limitation in the use of certain communication methods

It is forbidden in commerical use, without the recipient's prior consent, to direct marketing approaches to consumers by the use of telecommunications methods that allow individual communications, for example electronic mail, text messages to cellular phones, telefax or automated dialing systems (speechmachine).

17. Punishment.

The one who intentionally breaks 2 - 9 in this law or rulings made under the power of this law, is punished with fines, prison for up to 6 months or both if not stronger punishment paragraphs are applicable.

Potentially 16 about fines if a company refuses to change it's marketing after legal ruling against it could also be applied, but I think 17 is much stronger. This one is pretty damn efficent against anyone you manage to track down, also, ignorance of the law is not an excuse, even if it's foreign law. So be careful about spamming .no addresses, if someone gets pissed enough they can have you behind bars. Oh, and if you think "Norway, who cares, I'm never going there anyway", note that we're part of Schengen, so forget pretty much all of Europe then.

Kjella

Original text:

2b. Begrensninger i bruk av visse kommunikasjonsmetoder

Det er forbudt i næringsvirksomhet uten mottakerens forutgående samtykke å rette markedsføringshenvendelser til forbrukere ved hjelp av telekommunikasjonsmetoder som tillater individuell kommunikasjon, som for eksempel elektronisk post, tekstmelding til mobiltelefon, telefaks eller automatisert oppringningssystem (talemaskin).

17. Straff.

Den som forsettlig overtrer 2 - 9 i denne lov eller vedtak som er gjort i medhold av denne lov, straffes med bøter, fengsel i inntil 6 måneder eller begge deler dersom ikke strengere straffebestemmelse kommer til anvendelse. Medvirkning straffes på samme måte.

wait wait..

[josepha48]

someone stole my email address.. and now they are spaming the hell out of it.

On a more serious note. I have an earthlink account (call them what you will) and they have their spaminator that catches lots of spam, but somehow loads more still gets through. I wish I could access their servers and create an "acceptance list" rather than a denial list.

Wouldn't it be nice (or is there?) if there was a CLIENT email program, that one could program with smart filters that could delete mail on the server before ever downloading it (I think pine can do some of this, but I want a full GUI). You could put people who you would accept mail from reguardless like family and friends that are in your address book. You could set it up so that if you heard about a virus with a specific title you could reject it, even if it was from family or move it to a special folder. You could even set it up so that it validated email addresses, or accept email addresses from corporations that you were potentially interested in or were sending you through a job message bord like hotjobs or dice. Hmm .. this sounds like I should modify my java SMTP and POP beans to do some of this. I think it would make mail take longer to download, but it would help reduce spam in my mail box.

Maybe I just need to filter out messages that say "grow your penis larger" and "tighten up your vagina". Oh and my favorite one is "come see Me and my girl friends play with each other". I shudder to think of what my pre-teen neices and nephews, who are all on lilne at this time, get in the way of email. Oh and my favorite are the HTML pages that take so long to download hang my email program or slow it down. Why should anyone have to suffer like this, just because they allow viewing of HTML!

Re:wait wait..

[Erore]

What you want, and your ISP, is TMDA. tmda.sourceforge.net

Finally!

[essiescreet]

Legitimate Spam! Now I can start getting into this stuff.

my cunning plan

[mikeee]

I propose that SMTP should be extended with a "jump-this-hoop" function that could be applied selectively to untrusted senders.

Rather than blocking all email from untrusted senders, or accepting mail from anyone, my MDA should demand that unknowns factor a mid-sized product of two primes before it is willing to accept their email. If they're willing to burn half-a-minute of CPU time, I'll take their message; we can frob the task size to set the cost such that mass spamming becomes infeasible.

All you'ld need to do is hack this into sendmail, and we're good.

Or am I mad?

Re:my cunning plan

[crosbie]

I recognise this sound technique.

What's it's provenance eh?

Re:my cunning plan

[Tazzy531]

One ISP that I had worked with a while ago setup his sendmail so that with each subsequent message it sends, it takes a quarter of a second longer. So, the idea was, spammers send thousands of messages at a time. So after the 100th email, they would have to wait a couple minutes to send. At this point, not knowing that the ISP set this up, they would cancel the send.

Re:my cunning plan

That's actually one of the best ideas I've ever heard for solving spam.

What I liked in the FTC article

[Spinality]

The FTC article cited above included this nice invitation:

"The FTC invites consumers to forward any deceptive e-mail they receive to: uce@ftc.gov

OK, folks, start barraging them. The more crap that fills their server, the more seriously they'll take the situation. They act in response to a high level of public complaints. So complain.

BTW, many of the comments here say "I don't get why spam works, nobody would ever buy in response to UCE would they?" The bad news is that there are a bazillion morons out there who do precisely this. Well, maybe not a bazillion, but all it takes is 1 receptive cluck out of 100K spam haters to pay for the spammer's time. And they're out there. If nobody ever clicked through, spam would dry up.

Re:What I liked in the FTC article

[kindbud]

OK, folks, start barraging them. The more crap that fills their server, the more seriously they'll take the situation.

Or the more quickly they'll begin refusing email to uce@ftc.gov. Or give you an autoresponse telling you to send your complaint to tosemail1@ftc.gov.

They act in response to a high level of public complaints. So complain.

That's right, and the USA Patriot Act will help stop terrorism. It's really worth it. Trust me.

Re:What I liked in the FTC article

[Spinality]

That's right, and the USA Patriot Act will help stop terrorism. It's really worth it. Trust me. -- kindbud

Uh, yeah, valid sarcasm. But the only chance of beating down the direct marketing lobbyists, and possibly getting a system like they have in Norway (if it can be made constitutional), is if folks like the FTC perceive this as having massive public support. There are lots of things that I wish would happen that get too little public support, like permitting nude beaches and repealing various taxes. But I don't think many people will stand up and say "Spam, spam, spam, give me spam, spam spam! I love it!"

[OT] {Re: TrustE}

[Black+Parrot]

Love your .sig:

> Under capitalism, man exploits man. Under communism it's the other way around.

Carpet Bombing is a strategy

[Nf1nk]

This is how Spam works, it does hit the target (and millions of others too). To make a profit Spammers don't need or expect anything close to a 1% response rate, they get closer to a .0001%. If you send out your Ponzi scheme email to 10 Million address's (number from recent spam selling email address) you may get your 10 folks dumb enough to respond.

What you are talking about is not spam what you are speaking of is direct marketing done right , that only happens with opt in only mailing lists

good targeting requires good information and most folks are getting shy about sharing this.

Authenticated Spam

[Alan]

While reading the article on info world, I first thought "great! finally I won't have to filter my spam, I'll actually be able to get off the lists!", but then I realized a a few of the larger implications.

• Remember when some large company (I think it might have been ebay) reset all the user preferenes for "send me newletters" and "share my info with spammers^wpartner companies", claiming that there was some problem and they were resetting the user preferences because the users didn't understand? This is very similar to that. Suddenly all the nice, mostly working spam filters on places like hotmail, yahoo mail, or pretty much any large free email service that has spam filters will stop filtering these emails. Result, now you get just as much spam, but now a chunk of that will go into your inbox instead of your spam folder.
  
  Users then get to go through their spam, clicking on the 'click here to be removed' and wasting their time and bandwidth, until the next bout of spam comes through.
  
  
• People will get just as much spam as before, just now some will be digitally signed. Chances are you will NEVER get off all the "certified spammers" lists, so you'll still get spam in your inbox, and have extra hassle as now users feel they have to go through the removal process for them. I'd much rather have a "never have any certified spammer send me any mail" service, which goes and removes you from all the certified spammers' databases. The services is to try to give the user control right? So give us the control to not get spam that we don't want!
  
• How long do you think it'll take for these groups to really get it right? There are always glitches that show up in new systems and I'm anticipating that there'll be more than a few people who are spammed multiple times from companies that are not only certified, but the user has said "I don't want spam from you anymore!" Just a start up glitch or two, yea, that's it....
  
• How long before someone figures out a way to beat the system? Sure, I know that it's a signed cert, but think of the potential for a non-certified spamming bastart to manage to spoof the 'seal of approval' and be assured that their spam gets into everyone's inbox. Not only that, but when people email them back with the 'remove' emails, they get a nice list of 'live ones' that they can spam merrily along using perhaps a different company name, from address or approach as not to make the user suspicious.
  
• Along those lines, what stops companies from not spamming multiple times for different products, or from different spinoffs. Use the database of 'removes' to feed into a list of emails to send out for their next product, promotion or whatever... hell, just sell the list to non-legit spammers!
  

Basically, it's a good thought, but there looks (to me) to be so many potential fuckups, especially with the assumption that becuase it is "legit" people want to see it, that I don't think it'll be any better, and will probably be worse, as now you have two different types of spam to deal with. No thanks, it's spamassassin for me! :)

wastebasket

"The FTC is taking action against deceptive spammers in part because of a consumer backlash: the FTC receives approximately 10,000 individual pieces of spam every day from irate consumers who forward the unbidden missives to the agency, Beales said.

The FTC invites consumers to forward any deceptive e-mail they receive to: uce@ftc.gov "

in other news:

ftc help wanted posting: person to read email needed. must have strong willpower- be able to refuse atractive offers. also, strong stomach.

Oh yeah, I trust spammers...

[weave]

They lie, lie like mad. Tell me I've opted in when it's sent to an address only used on a web page, for example... Like this piece I got today...

Lie #1)

You are receiving this e-mail because you have opted-in to receive special offers from Hi-Speed Media or one of it's marketing partners.

It was sent to an e-mail address lifted from a web site I maintain that is only used in mailto tags and never ever anywhere else.

Lie #2)

If you feel you have received this e-mail in error or do not wish to receive additional special offers, please scroll down to unsubscribe. http://www.summitvacation.pwi.net/removeme.htm

OK, we know this is bullshit too. But for shits and giggles I went to that address using "links", a trusty, safe, text-only browser.

On that page...

I AM SORRY FOR ANY INCONVENIENCE I MAY HAVE CAUSED YOU
WE ARE COMPLETELY AGAINST UNWANTED SPAM !
YOU HAVE BEEN REMOVED AND WE ARE SORRY!

I mean, they don't even go to the trouble of collecting the e-mail address to "remove" and then ignore the request. What a blatant lie. I'd love to know what advance tech they have that can figure out the e-mail address to remove with no params, codes, or other identifying data.

And for those that think the original spam had the e-mail address as a param to the web page, it doesn't. It's just the simple link. And I viewed the original spam using pine, no web bugs or anything else like that in there to pass my info off via referer info.

Hmm, wait, there's more lies than you can shake a stick at...

I AM SORRY FOR ANY INCONVENIENCE I MAY HAVE CAUSED YOU

Liar

WE ARE COMPLETELY AGAINST UNWANTED SPAM !

Liar

YOU HAVE BEEN REMOVED

Liar

AND WE ARE SORRY!

Liar

With scum like this out there, legitimate companies have a real concern about their image. What I don't get is, it's in their best interest to do whatever they can to get rid of anything besides double-opt-in lists. Spam has poisoned using e-mail as a marketing vehicle, wanted or not.

Besides, even legitimate companies lie. I NEVER check the "send me info" but I still often get sales pitches from companies I've dealt with in the past.

We will trust this spam...

[MrResistor]

...because we trust TRUSTe, MSN, and DoubleClick so much already! (Sorry, ePrivacy, never heard of ya, but if you actually cared about privacy you wouldn't be pimping spam)

Seriously, how have these companies reached the conclusion that they themselves are trusted by the general public?

And did it ever occur to them that maybe the reason I don't join Sarah's Work At Home Porn Pyramid for my Free Penis Pump is because I'm not interested?

For starters...

[shaldannon]

disallow anything coming from a foreign domain, hotmail, yahoo, msn, geocities, or aol. :)

I used to have a usa.net address that would let you "filter" spam, but somehow it never seemed to work. Sometimes I wonder if the spammers paid usa.net to circumvent the "anti-spam" measures...

Of course, now that usa.net is a for-fee service, I've moved on, so they can continue to spam the heck out of that account. Matter of fact, I've been known to use it for registering things like Netscape since I don't have to deal with cleaning out its inbox anymore. Bummer. :)

Supposedly I have a roadrunner account, and supposedly I once had an @home account. Using Linux, and not using their connection software, I've never checked my ISP email accounts...what a shame.

Uh-oh

[Guppy06]

"What we are in the process of doing for the first time is to launch a systematic attack on fraudulent and deceptive spam,"

So Hormel won't be able to sell turkey Spam any more?

Just a PR stunt

[2Bits]

Spam is spam, period. There's no such thing as trusted spam, or untrusted spam. This is a PR stunt from a bunch of companies that profit from spamming, consulting, hosting, collecting users data, selling softwares and/or selling users data. Is this supposed to make everyone feel good now, just because you put a word "trusted" in front of it?
</Flamebait>

Fun With Telemarketers!

[Our+Man+In+Redmond]

Isn't Google great?

You find such wonderful stuff!

Maybe not such a bad thing...

[Guppy06]

""InfoWorld is reporting that such luminaries as TRUSTe, ePrivacy Group, MSN, and DoubleClick are getting together to develop a "trusted senders" program to certify "commercial email" and "elevate" it above ISPs' and end users' spam filters."

This ain't so bad. This way, you won't have to jump through hoops to find out where to send the invoice for the unauthorized use of your IT resources.

Nope...that's real spam

[shaldannon]

But anybody who tries to sell generic (TM) Spam (R) might find themselves in deep "potted meat product." ;)

yeah, well . . .

[hawk]

At least it's in a language you can read . . .

I don't read chinese, korean, russian, french, or portugese, but get lots of those.

At least the ones reminding me to go vote in turkish elections are sometimes in english (why???)

hawk

OT:Re:A rose by any other name is still a rose ...

[netsharc]

Bzzzt, wrong! Thanks for playing!

You should have known that

the quote is what J. Robert Oppenheimer said, quoting from Bhagavad Gita, after the first successful test of the nuclear bomb. Look at you, you just made a fool of yourself.

oh my god

a slashdot editor looking in the archives before posting? this is impossible! maybe this will start a trend with you guys and duplicate stories (some of them barely hours apart) will be history.

Then again, maybe not.

TrustMe

[sulli]

Trust(m)E is a complete fraud, created by online marketers who want to block meaningful privacy regulation - worse than the BBB by far. They're the ones who crowed about "privacy policies" years ago, which of course were written to allow the merchant to do whatever he wants with your data. Anything they touch turns to shit, as far as I can tell.

So I agree with the other guy: filter any mail with TrustE's signature on it.

some spam is good

[night_flyer]

1) some spammers target what "I" am interested in, I will look at those ads... I have 3-5 spammers that feed me information/products that I am interested in... I also opted into those lists.

2) fried spam with over easy eggs is also good.

all other spam should be banned...

Re:some spam is good

[shamino0]

Ummm.... It's not spam if you asked for it, you know.

Using custom e-mails

[parliboy]

Since any mail going to a nonexistant address gets forwarded to me anyway, I now create a new address for sites that want my addy. Why? Because I know the easy way which sites sell my stuff. If you're AABBCCDD.com and I get a bunch of crap for AABBCCDD@my domain, I make it my personal mission to f*ck you in every conceivable way.

Re:Using custom e-mails

[legojenn]

Brilliant idea....It only works for those who have domains. Then again, getting a domain is fairly easy, all you have to do is respond to a spam email soliciting domain registrations.

Jenn

Re:Using custom e-mails

[J'raxis]

Create some hotmail accounts with the same idea in mind:

ebay-legojenn@hotmail.com
paypal-legojenn@hotmail.com
someoneelse-legojenn@hotmail.com
... and so on.

Filtering and who to LART

This seal, which will appear in the top corner of the body of the message, will contain an encrypted digital signature along with information on the valid sender and recipient and the date and time.

Ok, so a seal appears in a corner. Hrm, html? And isn't 99.9% of html email already spam so we can safely dump any html email? The other 0.1% is newbies who need a clue - that they might be a relative is perhaps the only drawback to dropping all html email without even looking at the sender line.

And the seal will be great - they give a date and time and sender - all the evidence one needs to form a proper LART message for folks... AND you get to tell the spamming bozos WHY they won't be getting your money, but their cluefully non-spamming competitors will still have a chance.

I wonder how fast the first place to use this seal as a spam excuse will get blocklisted by folks.

OTOH, if a place does genuine confirmed opt-in then this could be a good thing for them... as long as lowlife spamming places don't abuse it (ha, like they won't).

A couple of things lept out at me

[kingosric]

From the Infoworld article

This seal, which will appear in the top corner of the body of the message

and

When the consumer clicks on the seal, they are connected to the Trusted Sender computer, which verifies the digital signature

So does this mean that a) the e-mail is HTML only and b) the sender knows that I've tried to verify it?

How does this help me?

Re:A couple of things lept out at me

The first helps by allowing your filters to trigger on since almost all html email is spam. So no change, really.

The second only makes it easier for you to tell the spamvertising moron that they just lost a potential costumer. I suppose it may also help with sending info to the upstream providers and such -- though how much good that will do with with a TrustEd spammer is another matter.

My suspicion: Send with a seal, get put on blocklists. Just like any other spam.

New TrustE Spammer Symbol

[CritterNYC]

Check out The new TrustEd Spammer symbol.

NEVER

throw out the baby with the bathwater.

Put them into a large pot, heat untill boil, serve with crackers and beer.

Human Flesh, the other white meat.
OR

Babies? I love babies. Tastes like chicen.

Damn that's a good idea.

[sulli]

If you do it via the sound card, this would be yet another good use for those old PCs lying around gathering dust. Go do it - then submit to slashdot (on a decent server)!

Truste Already spammed me, then denied it was spam

[Chetmurray]

> Dear Chet,
>
> By the way of introduction, I am the Business Development
> Administrator at TRUSTe, the Internet's leading privacy seal program.
> Privacy, the handling of personal information collected from consumers,
> has become the key issues that dramatically shapes consumer trust.
> According to Business Week/Harris Poll, 92% of users mistrust privacy
> statements unless the site uses a third party oversight program. It
> also stated that 78% of online users said they would increase use if
> Internet was more protected and 61% of non-users would more likely to
> begin using the Internet. Clearly, consumers are demanding enhanced
> privacy protection and, responding to these demands, smart companies are
> beginning to take steps to ensure that their customers have control over
> their personal information. To that end, there are several best
> practices that companies can follow to ensure that appropriate, trust
> building privacy guidelines are in place. One of which is to join
> TRUSTe's Web Privacy Program.
>
> TRUSTe, the leading online privacy organization, is the most
> trust-invoking symbol on the Internet. TRUSTe currently has more than
> 2000 licensees, which includes companies such as MICROSOFT, INTEL AOL,
> EXCITE@HOME and many more. The TRUSTe Privacy Seal program was founded
> on the core tenets of Fair Information Practices, which are endorsed by
> the Federal Trade Commission, and is constantly updated. In addition to
> its privacy seal program, TRUSTe has several other programs such as the
> Children's Privacy Seal Program, EU Safe Harbor, e-Health Seal Program
> and the Software Pilot Privacy Program.
>
> One central element in all of these programs is the TRUSTe Watchdog, an
> alternative dispute resolution mechanism that allows consumers to bring
> their privacy-related complaints to TRUSTe.
>
> By addressing consumer privacy concerns, you can take the initial
> steps to gain user trust. If you have any questions about the issue of
> privacy or the TRUSTe program, please feel free to contact me or visit
> or Web site at www.truste.org for more in depth information. I look
> forward to hearing from you.
>
> Best,
>
>
> Israel Canjura, JR.
> Business Development Administrator
>
> TRUSTe
> 1180 Coleman Ave Ste. 202
> San Jose, CA 95110
> Phone (408) 494-4970, Fax (408) 494-4960
> __________________________________________________ __
>
> TRUSTe http://www.truste.org
> Building a Web you can believe in.

Oddly enough, it is impossible to contact truste.org through their main phone number, you only get a machine. The phone number here is Israel's and he does answer it. So maybe I am wrong, maybe this unsolicited piece of mail is not spam, maybe it it is just what i asked for when I blew out my birthday candles... I guess you could give Israel a call and ask him.

Re:Making spam more normal. :)

[gorilla]

Don't forget spamming services, CD's full of addresses to spam, and spamming programs.

Try html tags??

[Hammer]

http://www.impsec.org/~jhardin/
Should have been written as

<A HREF="http://www.impsec.org/~jhardin/">http://w ww.impsec.org/~jhardin/<A>

http://www.impsec.org/~jhardin/

Re:Try html tags??

actuallz, i read that html tags are now supposed to be lowercase.

Re:Try html tags??

[Hammer]

Actually... they have always been case insensitive and I use them lowrcase myself but put them im upper case here for clarity.

Hammer

Re:Try html tags??

The parent probably was thinking about XHTML, which, being XML, is case-sensitive. XHTML is (in theory) the successor to HTML. While HTML may be officially obsolete, I'm sure every future browser will still process it, just as current browsers (IE) are forgiving of errors in normal HTML. Whether that's a good thing is another question.

Fire pirate?

Are you some kind of a fire-pirate, trying to steal my fire?

Tried using a Secure Fire Path? It's built into Windows BC.

Not a good solution

[legLess]

I like [Trillian] because people have to get my authorization to see me on-line. Why can't email act like this?

I see what you're thinking here, but I don't think it's a good idea. Here's why:

1. Traffic. Email traffic would skyrocket if every first-time communication required several back-and-forth messages.
2. Arms race. Do you really think spammers wouldn't be able to crack this? It's no more difficult a problem than OCR, and that's pretty good already.
3. Power. If you sent a different JPG every time, you'd need to generate it somehow, or keep a store of them. This means either more CPU alloted to your mail processing, or more storage space. Certainly more bandwidth.

One way it might help is that most spammers use fake return addresses, so your "Please request authorization" message would bounce. For those that have real return addresses (read: "Got a live one!"), you'd just be setting yourself up for more spam.

I know the famous saying that you can't apply a technological solution to a social problem, but I don't think that's true of spam. Science fiction is replete with examples of personal assistants (from smart robots, to dumb door-bots, to unconsciously-controlled implants) - this is what we need. A program that can recognize and internalize some basic rules regarding our communication, and then filter incoming traffic based on those rules.

I think that such a system (in a crude form) is already here - many mail clients (including the much-maligned Outlook) have good support for rules. As these gets better, and easier to use, spam will be less of a perceived problem for users.

But more of a problem for ISPs, I think, since filters only work at the client-level, long after the spam has been routed and processed. It'll be an arms race - spammers sending more and more crap, trying to slip through your filters. This is why ORBS and MAPS and the like are great ideas (with perhaps less-than-great execution).

Fake e-mail address?

[zurab]

The FTC invites consumers to forward any deceptive e-mail they receive to: uce@ftc.gov

Does this mean we can stop using bgates@microsoft.com as a fake e-mail address?

Oh no.

[buss_error]

Well, I guess I won't bother submitting my proposal for an RFC to allow end users to tag team together and dunk spammers, kick in auto spam filtering, web page shutdowns, and dial up disconnects based on wide spread, trusted reports of spamming.
Gee, and it was such a good idea, I thought. Now that The DMA and all is kicking in to rise the tone of spam^H^H^H^H direct e-mail marketing, we can all be happy programmed comsumers of what ever swill^H^H^H^H^H exciting products they want to ram^H^H^H offer!

Well, just in case, I'll go ahead and finish up my paper and see if I can get it submitted for review.

Let Micro$quish block your mail? No!

[Erris]

Would you trust M$N to block mail for you? I would not, nor should anyone who reads this sad story of how Micro$quish abused their junk mail filter for hot mail. Like my wife asked in outrage, "They can do that, why won't they block all those 'hot and horny teens' messages'?!"

Long ago...

[Danse]

TrustE sold out quite a while back. This is no surprise at all. Their policies and assurances are innefective at best, and that's if you give them every possible benefit of the doubt. I don't see any reason why anyone should care in the slightest whether a site is TrustE certified. It's a meaningless label.

A Matter of Trust

[ackthpt]

Microsoft Corp., Web banner ad giant DoubleClick, and a host of direct marketers will announce their intent to begin using a technology created to help consumers quickly distinguish between spam and valid e-mails from companies they trust.

Problem is, I don't trust them!

Re:Making spam more normal. :)

[grytpype]

I once got a spam from Pakistan from a wholesaler of gynecological speculums (if you don't know what that is, don't ask). That was one of the weirdest spams ever, wish I had saved it.

Trusted Spammer

[Anne_Nonymous]

"Trusted Spammer"

...brought to you by the same folks who brought you:

passive agression
alone together
plastic glasses
Microsoft Works
pretty ugly
postal worker
military intelligence
freezer burn
jumbo shrimp
junk food
student teacher
advanced BASIC
bittersweet
peace force
found missing
genuine imitation
living dead
soft rock
taped live
tight slacks
athletic scholarship
12-ounce pound cake
working vacation
resident alien
same difference
clearly misunderstood
exact estimate
Power Mac
even odds
negative growth
random order

...and many, many others.

A better way?

[xsus]

Has anyone heard of any technology that would be kind of a DHCP sever for email addreses so that whoever is providing your email account could somehow dynamically assign you an email address everytime you log on?

Re:A better way?

I'm struck by everyone looking to filter out spam; I'm getting a lot closer to simply filtering IN people/addresses I know. That list is a heck of a lot shorter, and easier to manage to boot (say, the 10-15 people I email on a regular basis, plus a few work domains).

So, I would allow email from:

a@abc.com
b@bcd.com
...
f@fgh.com
*@borg.org

Re:A better way?

[xsus]

I agree that it preferable to filtering out, but it is not foolproof (i.e. domains can be spoofed). I get mail all the time that is sent to everycombinationofletters@mydomainname .

Air for sale

[edinho]

Why? There is only one good answer: to make a profit out of nothing. Same type of zero cost revenue generating scam^H^Hheme as selling domain names and SSL certificates, where the cost of producing the goods is virtually zero. It is like selling air.

Cheers.

Send MORE stuff?

So now every TrustE spam will have a graphic and some sort of applet attached to it? Great, now each spam I get will take a minute to download via MODEM!

Filter out foreign countries

Why not filter out mail with foreign from-addrs? There is no way I would be getting legitimate email for a foreign country. And people who have a few friends in different places could just add them to an allow list.

Little of my spam actualy comes from .com

-anon

Re:Filter out foreign countries

[Chetmurray]

Do you participte in discussions that list your real email?

Do you have a website?

Do you just want to say FU to all the people who interact with you from these sources, but live outside the USA?

Another solution ignoring the scale and reach of the Internet.

Re:Filter out foreign countries

Not all foriegn countries, or even all of any given country. However, filtering based on the spam-friendly providers in various countries is a good idea.

For example, it is just possible I may one day get a legitimate email from China or Taiwan. But I doubt I'll ever get anything that isn't spam from hinet. Should I block all of Taiwan & China? No, I should block hinet.

Those not in the U.S.A. may see blocking the U.S. as a good idea -- when they really need to block the pink ISPs (Sprint, Earthlink, Yahoo...)

Tell your elected representatives...

[Pedrito]

I don't just mean e-mail them a complaint. I mean, set up your spam filter to forward all of your spam to all of your elected representatives. Maybe THEN they'll get the message that SPAM can be a problem and that we consumers are $@*#ing sick of it.

Read no further than this

[Uttles]

The Federal Trade Commission (FTC) is poised to announce an unprecedented law enforcement sweep against deceptive junk e-mail, also known as "spam."

Unfortunately, that happens to be the first line of the article.

Spam is not only definted as deceptive junk-email. Spam is email sent to someone in a broadcasting manner when that person has not signed up for that broadcast. In other words, if you send a message, deceptive or not, commercial or not, to a list of recipients that you don't know, that's spam.

oops - definted = defined

[Uttles]

Huked on Fonix wurkid 4 mee.

It's the delivery mechanism, not the content.

[fmaxwell]

The problem with spam is that is mostly useless. If spammers refined their targeting strategies users would not complain.

You are completely incorrect. I'm a fisherman. That does not mean that I want to receive hundreds of e-mails every week from companies that sell fishing-related products.

A friend of mine had set up his e-mail to activate his pager if the word "urgent" was in the subject. This was so his clients could contact hime 24/7 if they had a network emergency. At 3-something-AM his pager went off. Why? Some spammer had an "urgent" message for him. Do you think that he'd have been happy if the spam was advertising something related to an interest of his? Of course not. End result: he got disgusted and his customers no longer can e-mail him 24/7 for emergency support.

The simple fact is that we all pay the cost of spam. We pay in higher ISP costs. The companies we work for often spend money to limit the spam in the company e-mail systems. Entire businesses have sprung up with pricey solutions to filter out spam. Just because spam is not physical does not mean that it is received, stored, and delivered without cost.

Re:It's the delivery mechanism, not the content.

A friend of mine had set up his e-mail to activate his pager if the word "urgent" was in the subject. This was so his clients could contact hime 24/7 if they had a network emergency. At 3-something-AM his pager went off. Why? Some spammer had an "urgent" message for him. Do you think that he'd have been happy if the spam was advertising something related to an interest of his? Of course not. End result: he got disgusted and his customers no longer can e-mail him 24/7 for emergency support.

Hmmmm, and he couldn't come up with some other keyword or numerical sequence that they could still use to reach him but would be unlikely to be included in a spam? If he can't even come up with a solution for that, then I feel sorry for his customers and their problems.

Re:It's the delivery mechanism, not the content.

[fmaxwell]

Hmmmm, and he couldn't come up with some other keyword or numerical sequence that they could still use to reach him but would be unlikely to be included in a spam? If he can't even come up with a solution for that, then I feel sorry for his customers and their problems.

I said that he got "disgusted", not that he could not come up with, and distribute, some secret keyword. The point was that his customers knew and could easily remember the word "urgent" while some other obscure word or "numerical sequence" would have been far less likely to stick with them.

As for his customers, they include some of the biggest names in the computer gaming industry. He's been the hired gun that saved major projects that were months behind schedule. And he has turned down jobs that would have paid him more in a month than you will probably earn in a year.

You haven't proven it won't work.

[NanoGator]

1.) Traffic. Email traffic would skyrocket if every first-time communication required several back-and-forth messages.

Would there be a burst in traffic? Possibly. It wouldn't be sudden, though. It's not like everybody around the world would suddenly download and install the client heh. As I said, this would be an email client. The light list of people that I'd want to hear from would generate a very small amount of email traffic. As a matter of fact, I don't think the ISP would even notice it.

2.) Arms race. Do you really think spammers wouldn't be able to crack this? It's no more difficult a problem than OCR, and that's pretty good already.

Not necessarily. This is really simple, actually. The email could be as simple as a question:

'How many smiley faces are flipping you off in this image?' And the image is less than a kilobyte large. Hell, they could do it with ASCII for all I care. The question could be determined by the client program. A user could easily set up his own new question if he wants. He could point to a picture of his family and ask what color his grandmother's hair is. As long as everybody has the ability to change what their question is, then there's no possible way for spammers to write hack programs to answer the questions automatically. If they don't answer the question properly, they can't request authorization. If they can't request authorization, then they can't get email to you. It'll just get deleted. The pic doesnt have to be sent as an attachment either, it could just be a hyperlink to an image on a webserver. In that case, you're paying for your own bandwidth.

As for bandwidth, the only abusers of the bandwidth would be the spammers. If their bandwidth usage suddenly goes way up (i.e. nearly every email they send out gets an email back ), then suddenly the ISP's have incentive to shut these guys down. False return addresses mean they may not get those messages, but if they don't fill out the authorization form, they don't get to you anyway.

If you were to get so much spam that you'd be sending out 100 authentication messages a day, then there could be steps taken there too. Filters could be applied to get rid of most of these messages. At this point, it's in your ISP's interest to help you here. That's an extreme scenario though. If I ever sent out so much email that my provider got shitty with me, I'd probably go hunting for a new address.

3.) Power. If you sent a different JPG every time, you'd need to generate it somehow, or keep a store of them. This means either more CPU alloted to your mail processing, or more storage space. Certainly more bandwidth.

You don't necessarily have to send a different .JPG every time, you could just cycle through them once a week. (This idea is still evolving in my head, btw.) Even if it did, so what? My computer can easily handle rendering a small image (150 by 15) and JPEG/GIF encoding it. My cheapy Compaq 300mhz laptop could handle that, let alone my Athlon desktop.

None of your arguments successfully prove that my idea wouldn't work. Adding an authentication system to my email client would not be difficult. As a matter of fact the ground tools are already there:

1.) Auto responder (remember those out-of-office messages?)

2.) Contact list (remembers people who are authenticated.)

3.) Some sort of filtering system. (rules wizard in Outlook.)

Hmm... I wonder if Outlook 2000 has VB App support. I might be able to implement something like this for people to play with.

Re:You haven't proven it won't work.

[legLess]

Thanks for the reply (gotta love this new "mesage waiting" feature, eh?). I wasn't trying to prove conclusively that your idea won't work, just poke some holes in it. Good ideas survive criticism; bad ones don't.

My most important point is the last one: your idea might help on the client side, and save people from hitting the "Delete" button some, but does zero to address theft of servies. If you pay by the minute for 'net access (much of the world), your idea will actually cost people more money. Also, your ISP is still receiving, storing, and relaying the spam to you.

Perhaps spammers will wise up if people use this system, and send less crap that they know will be rejected? I think that's a pipe dream - the response rate from spam is miniscule, anyway. Most of the world would have to use this system before spammers say any signifcant downside from it. Even then, like any threatened species, they'd probably go into a breeding frenzy, and we'd have a net (not 'net :) spam increase.

As a personal solution to keep your inbox cleaner I think your idea is good. As a solution to the spam problem generally, I don't think it will be effective.

2000 web sites!

[ruzel]

Truste already runs the largest privacy seal program online with approximately 2,000 Web sites certified throughout the world.

2000 web sites! Holy shit! What an incredibly successful company! Surely they will lead the way to a new age of privacy and protection!

Idiots.
__________________

But where's all the fun

[jfmiller]

If you do this then you can't play with there minds. consider the following responce to telemarketers:

• Brother/Sister have you been saved?
• I already told the FBI everything so go away
• You've got to listen to me! I can prove I was abducted by aliens
• Do you use free software? (ala an RMS rant)
• hola, habla Espanol? carful sometime they do
• And of course the clasic when asked for Mr. or Mrs. so-and-so: they're DEAD

Remember these poor people are just mindless drones for a heartless magacorp. Add some spice to there live. But always remember to end the conversation with:
Per FTC Regualtions, Add me to your do not call list!

JFMILLER

Re:But where's all the fun

[Steve+B]

hola, habla Espanol? carful sometime they do

So use "tlhIngan Hol Dajatlh'a'" instead.

Re:Making spam more normal. :)

You would definitely be blacklisted by all women if word got out that you had one or more of those instruments lying around somewhere.

ITS ABOUT TIME!!!

[yumyum]

Hormel has had a monopoly on Spam for far too long. Its about time that the FTC has noticed this.

I for one am glad that the FTC is on the ball and cracking down...

Trusted Senders!!

[the+eric+conspiracy]

Yippee! More sites to submit to black hole listing sites. In fact, I think that TRUSTe should make this list available via an XML-RPC server for quick reference and use in various daemons!

I don't have a problem with it if...

[Krusher55]

I don't have a problem this if certain conditions are met. The first being that there is a size limit on the spam e-mail. The second, and most important, there must be a way for us to easily identify spam from regular e-mail. This way I can quickly and automatically sort me e-mail (spam goes into the spam folder). When I get junk mail it is easily sorted from the regular mail because the regular mail is in envelopes and a different size and shape. Some junk mail is useful (some people to clip coupons and browse flyers for what is on sale this week), just as some spam mail might be useful. As long as it isn't too intrusive and is easily sortable from my regular e-mail I am not too much against it.

Re:Making spam more normal. :)

[Teknogeek]

http://www.penny-arcade.com/view.php3?date=2001-12 -31&res=l

Reading email, ca. 2006...

[jonesvery]

From the article:

This seal, which will appear in the top corner of the body of the message, will contain an encrypted digital signature along with information on the valid sender and recipient and the date and time. An appliance installed at the commercial emailer's location generates the digital signature. When the consumer clicks on the seal, they are connected to the Trusted Sender computer, which verifies the digital signature.

So it would appear that the desired chain of events circa 2006 goes something like this:

opens inbox
Hmmm...1,422 new messages today...time to get to work on those...

opens message #1
Okay, this one has the ePrivacy seal...
clicks on ePrivacy seal
Wow, that ePrivacy seal links to www.weight-loss-and-hot-teen-sluts.com, I guess it's a fake...
deletes message

opens message #2
Okay, this one has the ePrivacy seal...
clicks on ePrivacy seal
digital signature verified
Hey, this one's real! It's an ad for www.weight-loss-and-hot-teen-sluts.com! That's one to bookmark!

opens message #3
Okay, this one has the ePrivacy seal...

Into the blackhole with them !!

[terrymr]

Ok - so now we can RBL microsoft / doubleclick etc. for actively promoting spamming !!

Re:OT:Re:A rose by any other name is still a rose

[DrSkwid]

yes I am aware of that

doesn't make it any more grammatically correct just because some swami churned it out

gosh, how foolish I am to enjoy word play

Fix the spammer.

..just like you fix a dog or cat. No sense risking any more of the things.

Send spam to the FTC!

[UncleRoger]

From the NewsBytes article on FTC crackdown:

The FTC invites consumers to forward any deceptive e-mail they receive to: uce@ftc.gov

Alright! I've got about 10K spam emails saved up that I can send them!

Even better, I think I'll set up an alias on each of my domains for this address, then start posting it on web pages and usenet...

Watch out what you wish for.....

[adiabatic]

The FTC invites consumers to forward any deceptive e-mail they receive to: uce@ftc.gov

... you just might get it.

Simply put

[jobugeek]

If you are selling or offering me something I didn't ask for, you are spam. Done.

And will they all have "ADV:" on them?

[Animats]

California requires "ADV:" as the beginning of the subject on all spam. And since Ferguson vs. Friendfinder was reversed a few weeks ago, that law is back in effect.

Time to write to the California AG's office again and find out what they're doing to enforce this.

Re:And will they all have "ADV:" on them?

[kindbud]

The enforcement problem (or rather, the lack of enforcement problem, or even more to the point, the complete impracticality of enforcement problem) is why requirements to label spam are doomed to failure. Big time.

I live in California, and get maybe one spam a week with ADV: in the subject (hundreds without). Multiply that by hatever percent of 23 million Californians are using email. Big fucking lot of difference the California law has made. The spam still flows and filtering on ADV: stops one or two a week. Yeah. Right.
Good plan.

Please Spam FTC at ......

[Catskul]

The only people in the world who WANT SPAM !!

We just need to get them set up on acouple major spam lists, and we can knock down allot of spammers.

The "trusted seal" graphic could easily be hoaxed

[Artifice_Eternity]

If it's a GIF/JPG/PNG I could easily right-click and save it, or just do a screen-capture and slice the seal out. Then I slap it on some spam and send it out!

More to the point, what about those of us who may choose not to receive HTML e-mail? How will text-only messages be certified? With an ASCII-art rendition of the seal? Please.

This would be awesome

[The+Dev]

You mean someone is creating a list that all the spammers will want to be on? It's a dream come true! Now I can filter anything on that list and greatly reduce the incoming spam. Brilliant.

i was on the phone with a hot granny yesterday

[retromad]

The most irritating of spam relies on the presumption that you just had a serious head injury yesterday and dont remember who you talked on the phone with.

DCMA and 'authorised' spam

[duncan+bayne]

Here's a thought - what if I wrote an email client that forced users to read TrustE-authorised spam. Say, before you could read any non-TrustE-spam, you had to spend at least 5 seconds on each spam, scrolling from top to bottom. This would be to put it mildly a trivial addition to any existing mail client (except telnet :-).

Hey presto, you have a spamming tool that is legally enforced in the U.S.A. by the DCMA. Want to remove the spam? You're breaking the law.

Of course, if I was being a *real* bastard, I would prosecute any clients that don't enforce spam, but use my mail-server. Yep, if you're using an unauthorised mail client to strip spam from mail you receive, that's a DCMA violation as well.

Do you doubt this could happen? Imagine having a conversation with someone twenty years ago, trying to explain to them the DCMA, DVD encryption and the Skylarov case.

Re:DCMA and 'authorised' spam

[J'raxis]

Since when does the DMCA force people to use this software? It only forces people to not reverse-engineer the software they are using.

What would be more realistic (but still rather bizarre) would be receiving a piece of mail that has JavaScript or some other executable in it, that, when opened, downloads images or cookies or other web bugs, and claims that trying to stop it or intercept the connections is a violation of the DMCA.

Hello! I send you this file in order to have your advice!

By opening this message, you have agreed to allow SIRCAM~1.EXE to install itself on your computer and periodically send copies of files in your Documents Folder to selected users from your address book. Any attempt to intercept, block or otherwise try to circumvent this behavior is a violation of the Digital Millenium Copyright Act ("DMCA").

Re:DCMA and 'authorised' spam

[duncan+bayne]

Since when does the DMCA force people to use this software? It only forces people to not reverse-engineer the software they are using.

This kind of statement is often used by DCMA-apologists. What if, say, Microsoft decided to enforce this for all of their POP servers that, IIRC, use some wierdass authentication protocol.

Use MSN? Want your mail? Read the spam. And once other ISPs realise how lucrative that could be, they may well jump on the bandwagon.

Re:DCMA and 'authorised' spam

[J'raxis]

Ah, you said client, not server. This would be a much more serious problem.

Re:DCMA and 'authorised' spam

[duncan+bayne]

I *meant* client - especially if the spam-enabled client was the only client able to connect to the server (e.g. MSN), you'd be screwed.

Re:DCMA and 'authorised' spam

[Technician]

It's quite simple to legaly bypass this. Have a text only e-mail client. You don't run the software protected by the DMCA and you don't read any of the spam incoded in it. That will not prevent you from receiving the rest of your text mail and reading it. Whoever decided that a mail client should run executable code from any untrusted source made a big mistake. None of my books burn my house down, why should an e-mail be given the privialge to burn my OS down?

Re:DCMA and 'authorised' spam

[duncan+bayne]

A company could legally force you to use a spam-supporting client, using the DCMA.

Imagine if they used prorietary authentication protocols, forcing you to either use their clients, or implement your own version of the protocol in violation of the DCMA.

Currently, the difference between the example I've just described, and MSN, is that MSN doesn't (yet) enforce TrustE-authorised spam.

Re:DCMA and 'authorised' spam

Imagine if they used prorietary authentication protocols, forcing you to either use their clients, or implement your own version of the protocol in violation of the DCMA.

Then people would just create a brand new protocol, brand it as the no-spam protocol, and the defacto DMCA compliant email system would cease to be used (well, except, perhaps for AOL users - but they are used to in your face advertising already anyhow).

What if you were forced to read it...

What if your isp FORCED you to read the 'trusted' e-mails before you deleted them.

I guess they would need lot$ of in$entive ($$).

But they would take up space.. and ... and be bad...

I don't think that would go over too well with educated persons (as in not the ordinary, non-thinking consumer)

one spamsolution - your thoughts please.

[Sarin]

say you would have many domains, you can make as many email adresses as you want ofcourse.
Then you make, say 2000 email adresses and make sure they get on most spamlists using them in public on usenet and on webpages on the internet, the spambots will visit (aka you're spamming for the spambots, making them a nice bait). You could refine the process ofcourse but you get the idea.

Now all mail you will receive on these email accounts can be described as spam and you'll get a lot of it. All you have to do now is place all of the spam in a big database and all of the spam email adresses ofcourse. Then you'll get the biggest collection of spam on the internet.

You can have mail-servers contact to your database in order to verify their incoming mail and have them filter out the spam. The mail-servers don't have to send the mail itself, but you could have them send somesort of fingerprint crc check or something. I would gladly pay to subscribe to such a service if it worked and if it wasn't too expensive.

I missed something there

[BattyMan]

Of what use are stairs in the disposal of junkmail?

Re:I missed something there

[Genom]

Junkmail cannot climb stairs unaided. When you walk up stairs and leave the junkmail behind, it is powerless to follow.

Of course, some of us who live in apartment buildings just chuck it in the conveniently placed trash recepticle right next to the mailboxes (which, btw, junkmail is also unable to escape from, unaided) - but hey - to each their own =)

So what??

[Eric+Damron]

"The program will allow companies that send out commercial e-mail to attach a stamp to the mail that will ensure the authenticity of the sender and the validity of content..." And email I get from my friends, will that also need a "stamp" to get through? Maybe Microsoft can incorporate this into their Passport strategy. Oh joy...

TRUSTe?? Why would anyone trust them?

[HiThere]

These people have some of the worst security / privacy credentials on the planet! To my mind, these are the con-men of privacy. Their attitude towards privacy is like the DOJ's attitude toward anti-trust enforcement.

Well, maybe not that bad.
.

Good, now we know who to blacklist...

[jbayes]

How nice of TrustE to generate a list of known spammers for us. Now all we have to do is get ahold of that list, and add it to our blacklists. :)

--joe

Trust for Sale more like it

[shawnmelliott]

I don't trust TrustE to the extent that I'll modify my client to accept who they say is legit.

Here's an idea I think would help though. Each person makes up a 4 digit code. Then they run that through a program that takes the code and the senders email address and outputs a unique string ID just for that sender or perhaps for all senders from a particular domain. Then when they want to sign up for an email they put the following text. Please add this line to the subject... etc. etc. Maybe sites that have opt-in email lists can offer for them to add that. This way only those sites that have your permission will have the string. And it won't work for them to sell that string to spammers because it is based off of the senders address. Yes. I know there are probably a million flaws in the idea but it puts who you trust in your hands... not TrustE or another agency.

I have a better idea...

1. Make spam in ANY form illegal

2. Make it punishable by the death penalty

Then let's see how many "get rich quick" ads I get!

Prostitution?

What's your problem with prostitution?

FTC crackdown on spam

[njdj]

This whole story is BS. No crackdown on spam is intended or proposed. Only a crackdown on "deceptive" spam. So instead of getting 50 emails a day which I delete without reading, I will get 50 "non-deceptive" emails a day which I will delete without reading. They still take space on my storage media, they still cost me time to delete. Absolutely no change from the present situation.

It *still* won't get past my spam filter :)

[Phred+T.+Magnificent]

A few years ago I got so fed up with spam that I altered the ruleset for my (nags.org) spam filter, so that it now rejects as spam any email from anyone that isn't on my known-good list.

I know, it sounds like a draconian measure. Hell, it is. But it keeps ALL of the spam the hell OUT of my private email, and I keep a separate Yahoo account for correspondence with anyone I don't want to add to the good list.

Now, if I could just find a way to do all that in zero bandwidth and zero CPU cycles...

What's the downside?

[Trailer+Trash]

It's a serious question. I'll be able to add this "signature" as a spamassassin rule with a weight of 5 and catch all of these very easily.

Good for me and my customers.

mod up!

Am i the only one who thinks that this is funny?

Try

;0

TrustE is a JOKE

A complete fraud.. they have absolutely no power to control the actions of any of their members, even if they are breaking the rules. A spammer can join TrustE and spam like crazy, they will do nothing about it.

Logic

[BattyMan]

The only spammer I would trust is a spammer that would never send me spam because I never intentionally informed said spammer than I wanted to receive email from him, in which case, it wouldn't be spam.

Damn... I think I just logically determined that spammers serve no useful purpose in this world.

No, you've only proven that there's no such thing as a "trusted" spammer, no matter what sort of "authentication" they care to attach to their spam. The matter of their having no useful purpose in the world is accepted as self-evident without need for proof.

I am pleased by this development, though, as I agree with the prevailing logic that these stamps will have to be readily identifiable and therefore filterable.

WTH, it might be as easily as just filtering for the "" tag at the beginning of the mail (it would have to be html for things like "positioning" of the (no-doubt) graphic stamp to work) and rejecting it on that basis. Who _has_ to send me html email anyway? I can notify my friends that I _won't_ accept html mail, and instruct them as to how to turn it off.

Camram and Herbivore

[cabalamat2]

The Camram project is a spam-blocking system.

Camram is at the moment vapourware, but I'm currently talking with them about merging the Camram idea into my Herbivore project.

(Herbivore is a public-key email encryption system which aims to provide effort-free strong email encryption for eveybody).

Not just crap, bloated crap!

[behindthewall]

Every time I get a bloated piece of HTML solicitation, I develop a special degree of disgust and hatred for the offending sender.

Even some stuff I've signed up for is going HTML, often without warning.

Time to shoot some "graphic designers", we've got too many again. Or would those be graphics engineers?

And, is there some reason most of those HTML solicitations have to be so horribly laid out?

Re:Why does Spam matter? bill.maly@mcleodusa.net

Maybe I'm a bad person, but I have other things to worry about.

Gee bill.maly@mcleodusa.net I noticed you try to avoid spam by using "at" istead of "@" In your slashdot account whats wrong with bill.maly@mcleodusa.net are you worries about spam? you just said you have other things to worry about. maybe Mr bill.maly@mcleodusa.net your just a troll?

Outlook ONLY allow access from Truste email

[ekbond]

The potential here is for M$ to gain control over all email. By making Outlook's default configuration to ONLY allow email from Truste sources, and then making their web email a Truste source, or providing easy access to Outlook users to verify themselves through Truste, simple users will only get email approved by Microsoft.

Huh?

[Eythian]

What is the point of this? So we know when the spam is 'trusted'. We can't just filter everything that is not trusted out, unless all we want is 'trusted' spam. About the closest we can do is filter all stuff marked as 'trusted', and then i can't see any spmming companies going for this idea at all.

Remember that a TrustE is still a con

" Describing TrustE as a privacy organization in "TrustE Launches Trusted Spammer Program" is a joke. The "privacy statements" that I've seen from their affiliates amount to "bend over and pread your cheeks." This is just another maneuver to lend a patina of legitimacy to spam.

Well, it gives me something else to filter on.

Re:Remember that a TrustE is still a con

[Melantha_Bacchae]

An AC wrote:

> " Describing TrustE as a privacy organization in "TrustE Launches
> Trusted Spammer Program" is a joke. The "privacy statements" that
> I've seen from their affiliates amount to "bend over and pread your
> cheeks."

Two of TrustE's major sponsors are Microsoft (the Evil Empire) and AOL/TW (member of both the MPAA and the RIAA). Doubleclick is a web advertising company (can you say spammer?). The ePrivacy Group is the consulting firm that came up with the technology (if it works, I bet you Microsoft will be buying them fairly quickly). None of these entities have our best interests at heart.

> This is just another maneuver to lend a patina of legitimacy to spam.

True, but that is only part of what is going on. Expect to see the word "trust" a lot from here on out, especially as the various pieces of .Net come out. "Trusted" email will be spam sent by a Microsoft partner. "Trusted" device drivers and programs already exist in Windows XP (complete with the ability for Microsoft to disable "untrusted" drivers).

Microsoft's new patent for a digital rights management operating system (http://www.theregister.co.uk/content/4/23387.html ) relies heavily on such concepts as "trusted" identities and "trusted" applications.

"Trust" is also a key component of Microsoft's new top priority: security. But in this case, Microsoft is "trusting" us to do the "responsible" thing and keep our mouths shut about bugs and security problems.

The only warm and fuzzy thing about this sort of "trust" is the wool pulled over our eyes. The "trust" thing is a PR stunt, fixing the publics perception of security problems rather than the real thing. And for those who are being fooled: No, you can't trust Microsoft. Or the MPAA. Or the RIAA. Or spammers.

All of the false kinds of "trust" above can be described by one word: "GreedE"!

Come on, Tok Wira, these sharks have gotta pay!
New Kirk calling Mothra, we need you today!

This might be good

[Yottabyte84]

This could be a good thing if done properly.

WAIT, BEFORE YOU MOD ME, READ!

I hate spam, and even run some bait accounts (like attoparsecs@hotmail.com, feel free to post it on usenet) that are automaticly run through a reporting program.

"E-mail is very much regarded by consumers as something that intrudes on their privacy," said Fran Maier, executive director of Truste. "Consumers are concerned about fraud and they're concerned about pornography. But they are afraid to opt out because that signals ...that they're a live one."

This is a very good point, most of us don't opt-out for this reason. If there was a system in place that required "approved senders" to have thier lists filtered by a universal opt-out list, great. I would also want a toll free phone number and bussiness adderss included with each address. This way, if someone abuses thier approved sender status, people can whine and sue.

you want to know who is really getting scammed?

[ddent]

The people who buy the truste certs. Chances are they will reduce the response rate due to the ease of filtration. How ironic. Yet Another Vendor Who Sells Lots of Expensive Nothing (TAVWSLEN) (tm).

Let's make it OPT-IN

[herbierobinson]

I have a little contract I send out to any spammers that openly advertise contact points. It stops spam from identifiable sources really fast; so, I sent a slightly modifed one to TRUSTe. The really cool part about it is the encryption technology they will be using makes it real easy to establish the identify of the sender... Here is what I sent.

To: licensee@truste.org
From: [me] hrob@nowhere.com
Subject: LEGAL NOTICE
Cc:
Bcc:
X-Attachments:

This is a legal notice regarding the "trusted senders" program you are initiating.

I do not wish to receive unsolicited electronic mail from any participants in the program who do not have an existing business relationship with me or my company. To put it more formally, here is a contract regarding the participation of my company in the "trusted senders" program:

The following is a contract between the sole proprietorship [my company], herein referred to as HRMS, and TRUSTe.

HRMS is owned by [me] and is located [somewhere] in the state of Massachusetts.

TRUSTe is located at 1180 Coleman Avenue, Suite 202 in the city of San Jose in the state of California

Once accepted, this contract shall apply to TRUSTe and any other members of the "trusted senders" program being initiated by TRUSTe.

HRMS will provide the service of "wasted time" to TRUSTe each and every time a member of the "trusted senders" program sends an unsolicited commercial electronic mail message to HRMS using any covered electronic mail address.

The service "wasted time" is defined to be any amount of time, no matter how short, that HRMS computers or personnel spend dealing with an unsolicited commercial electronic mail message. It may include time spent complaining about the message to relevant authorities, but may also just consist of archiving the message. The extent and nature of wasted time is determined solely at the discretion of HRMS.

For this agreement, a covered electronic mail address is defined to be any of the following:

[address]

[address]

all addresses in the Internet domain [domain].com

all addresses in the Internet domain [domain].com

all addresses in any Internet domain publicly registered during
the contract period by HRMS or [me]

TRUSTe acknowledges that [my name] is a computer software expert and that for the purposes of this contract, [my name] is the sole authority on what is or is not an unsolicited commercial electronic mail message. In particular, the presence of any encrypted information provided by TRUSTe is explicitly deemed irrelevant to this determination.

TRUSTe agrees that the service fee paid to HRMS for wasted time is ten thousand US dollars for each unsolicited commercial electronic mail message received by HRMS. HRMS advises that this is an unreasonable price to pay for said service; however, HRMS will be happy to provide said service if TRUSTe accepts this contract in spite of this advice.

TRUSTe may resell this service at a profit to any member of the "trusted senders" program.

This contract shall take effect when accepted by TRUSTe and shall be remain in effect until cancelled in writing by HRMS.

TRUSTe shall indicate acceptance of this contract by allowing any member of the "trusted senders" program to send a "trusted senders" electronic mail message to any of the covered electronic mail addresses any time between the initial offer date and December 31st, 2011. A "trusted senders" electronic mail message is defined to be any electronic mail message containing the encrypted information normally contained in electronic mail messages under the "trusted senders" program.

The initial offer date for this contract is February 1, 2002.

TRUSTe shall indicate rejection of this contract by not allowing any member of the "trusted senders" program to send a "trusted senders" electronic mail message to any of the covered electronic mail addresses any time between the initial offer date and December 31st, 2011.

HRMS extends the offer of this contract to TRUSTe for the period beginning on the initial offer date and ending December 31st, 2011. TRUSTe may accept this contract in the specified manner at any time during that period even if TRUSTe has previously rejected the offer.

This contract shall be enforced under the laws and courts of the state of Massachusetts.

In the event any portion of this contract shall be deemed invalid, the remaining provisions still apply.

TRUSTe agrees to pay any service fees within 30 days of receiving the invoice.

TRUSTe agrees to pay double the normal fees to any lawyers, collection agencies, private investigators, internet service providers and other professionals hired by HRMS to collect overdue service fees.

TRUSTe authorizes any and all third parties with information regarding electronic mail messages sent by any member of the "trusted senders" program to any of the covered electronic mail addresses to provide such information to HRMS or its agents. TRUSTe authorizes any and all third parties with information regarding the identify of individuals sending electronic mail messages on behalf of any member of the "trusted senders" program to provide such information to HRMS or its agents.

In the event that HRMS obtains a judgement against TRUSTe for overdue service fees, TRUSTe agrees to pay punitive damages of ten times the amount of that judgement to a registered charity chosen by HRMS.

Agreed this 1st day of February, the year 2002 by [me], proprietor of [my coompany].

"do not spam" list?

[innocent_white_lamb]

I sent an email to truste asking if they were planning to implement a "do not spam" list of email addresses that have to be removed from any "approved" spamming list, similar to the telemarketers "do not call" list and the DMA's "do not send junk mail" list.

I've not received a reply yet, though.

If they do in fact establish a "do not spam" list then this could actually be (marginally) useful. Of course, since a huge amount of spam comes courtesy of some open relay in Asia....

Re:Why does Spam matter? bill.maly@mcleodusa.net

[billmaly]

I make simple efforts to avoid spam, but don't get my panties in a wad when I actually receive some. Nice AC post...coward.

Re:The "trusted seal" graphic could easily be hoax

[Phoex]

From what I gathered it will be done similar to security certificates, where there is a link you click on that takes you to a webpages that validates the seal.

At least now we can differentiate between high quality spam and low quality spam... maybe I should set up another trash can just for the high quality stuff...

GOddamn, this almost makes sense!!! n/T

[Unknown+Poltroon]

Fuck you and your lameness fileter