Slashdot Mirror
NY AG Sues MonsterHut Over Marketing Spam
Ian Hill writes: "This BBC article tells how NY State Attorney Elliot Spitzer has sued marketing firm MonsterHut.com over "millions" of unsolicited e-mails. He claims MonsterHut.com falsely told its clients that e-mails sent on their behalf were sent to addresses who registered themselves as interested parties. Also at question is how exactly these addresses were collected." eviljim adds a link to a press release from New York's Attorney General and a reminder of how MonsterHut was disconnected from their ISP.
It is about time some of the cost associated w/spam got moved to the spammer. More of this can only be a good thing. If it gets too expensive, maybe it will slow down.
I do worry though about legal remedies just moving the problem to where the laws don't exist.
.
It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
Spitzer Says Company Sent More than 500 Million Unsolicited Messages to Consumers
Attorney General Eliot Spitzer today filed a lawsuit against a Niagara Falls-based "spammer" that sent hundreds of millions of emails to consumers whom it falsely claimed had requested the emails.
"Every day New Yorkers are being inundated with unsolicited commercial emails, or spam," Spitzer said. "Some of the spam is a vehicle for fraud, some of the spam is inherently fraudulent, and much of it constitutes a real annoyance for email user. This lawsuit is the next battle in our continuing fight against online fraud, and an attempt to help consumers maintain control of their email in-boxes."
MonsterHut, Inc., its Chief Executive Officer Todd Pelow and its Chief Technical Officer Gary Hartl, are accused of fraudulently advertising and representing the company's email marketing service as "permission based" or "opt-in," meaning that every consumer to whom they send commercial email has explicitly asked to receive it. In fact, the suit alleges, the company's email lists are only partly "opt-in," and include many consumers who never asked to receive email from the company. The suit also alleges that this false representation of MonsterHut's business practices enabled the company to profit through the deception its Internet access provider, its own paid advertisers, and consumers at large.
The suit alleges that since March 2001, MonsterHut has flooded consumers' email in-boxes with more than 500 million commercial emails, advertising a variety of goods and services. At the same time, negative consumer response to MonsterHut's spam has been overwhelming. More than 750,000 consumers have requested to be removed from MonsterHut's mailing lists, and tens of thousands have complained to MonsterHut's internet access provider, PaeTec Communications, Inc., of Rochester.
Earlier this month, PaeTec cut off MonsterHut from its network, after a New York appeals court held that MonsterHut had violated an anti-spamming provision in its contract with PaeTec. However, nothing in that decision prevented MonsterHut from spamming consumers through another internet service provider.
"We are seeking to prevent MonsterHut from continuing its fraudulent, deceptive and illegal practices, not just over PaeTec's network, but over any ISP in New York," Spitzer said.
The Attorney General is seeking a court order to:
- Enjoin MonsterHut, Pelow, and Hartl from falsely representing the nature of their unsolicited commercial email;
- Require MonsterHut, Pelow and Hartl to disclose how it obtained all the consumers' email addresses; and
- Require MonsterHut, Pelow and Hartl to pay civil penalties and court costs for its violations of New York's consumer protection laws.
This case is being handled by Assistant Attorney General Stephen Kline of Attorney General Spitzer's Internet BureauNo, not the canned mystery meat, the junk e-mail that clusters my inbox everyday. I really hope this case will set a precedent that will deter the 25 or so people that seem to like to spam my account with their 'earn 10,000 a day', 'make your penis larger', 'diet now, lose 100 lbs a day and get paid $1 a pound', etc. I am truly sick of this shit, and I hope that someone gets the message. Of course the trick is to make this non-profitable, either by suing them blind, or by simply not responding to any of these e-mails. Keep in mind that the only reason that they don't do this via snail mail (aka: USPS) is because it actually costs money to mail a letter via this means, otherwise you would find it necessary to have a mailbox 4' X 4' X 6' and it would still be overflowing after 2 days.
It'd be really cool to see mandatory micropayments for UBE - I would be willing to accept the extra load on my mailservers if I know I was making a tenth of a penny per message.
:).
Hell, running an open relay would rapidly go from moronic to profitable
--
Phil
All the logic is there an the anti-junk-fax laws. It just needs to be applied to e-mail. This way it would be much easier to prosecute groups like monsterhut.
On a sidenote (with regard to the quest for the email address source), it's fairly common knowledge (enough so that Paetec mentioned it somewhere on litigation.paetec.net back when they were soliciting affidavits from spammed parties) that a number of the addresses used came from WHOIS records.
Monster Hut makes the best monsters. I love their personal pan monsters, and their deep-dish Chicago style monsters, also. Great for parties. The crispy thin-crust monsters are also good, if you like a nice New York style monster. A slice of their leftover monster also makes a great breakfast. I like to order a medium monster with pepperoni and peppers and olives. This is enough to feed me and my girlfriend (who also loves monster), plus leaves a little leftover for the next day.
Karma: Good (despite my invention of the Karma: sig)
...came to my attention last week when my wife signed up for text messaging for her cell phone. Her plan allows the first 100 messages each month free, with extras for an additional price after that. What happens if (when) that number gets on spam lists it can be sent in the form of an email, ie, cell-number@provider.com? At the rate I get spam in my inbox, surely she'll run over the 100 limit, and it WILL cost me money to receive spam. Surely there's cause for recourse at that point?
Wouldn't be too hard to take the ball and run with this one. Get on the message boards and put your number in your sig. Too bad I don't have the time or resources to do it.
I hope there is a lot more cracking down on this method of marketing. I've always wondered why it works for them in the first place? Seriously, why do they think that if they keep sending me five copys of the same email EVERYDAY, eventually I will answer? Or why would I answer if they use a completly misleading subject line so that it gets through my filters? They say that they are complying with whatever laws apply by giving you an email address to be removed, but it you mail that, it's either not a valid email, or they just sell your email to others, and you get tons more emails. Obviously some people must answer these emails, but I don't understand how it would ever be worth the cost of thier investment.
Sigs are out of style, so I'm not going to use one...oh wait..
there is a difference. At least the people giving you junk mail in your home mailbox had to spend real money. They had to believe enough in their product so that the cost of solicitation would be covered.
But with the cost of email spam (the opportunity cost) being orders of magnitude lower, to the point where it's so close to zero per unit, the "social contract", whereby the one doing the soliciting has made an up-front investment, has been violated.
Oh, by the way, deleting spam on your computer is not free. It takes some of your time, and, even if you were to value your time at the minimum wage, your investment is far higher than the spammers.
The only thing stopping the AG's and other law enforcement is a lack of imagination, not a lack of laws. If spam is fraud, pursue it as fraud. If someone is violating copyright, go after the individual. How freaking hard is it?
"As God is my witness, I thought turkeys could fly." A. Carlson
I am "simply shocked" that a company would tell such lies to it's customers.
Thank God that we don't know of any other companies that would do something like that.
"It is a greater offense to steal men's labor, than their clothes"
My spam has been going up over the years, using the same email for 5+ years, seems to do it. And Im a busy Internet poster, and active on mailing lists and online BBS boards, so it compounds matters.
Topics lately that have passed my spam filters, "Your Bill", My Name correctly(most spam dont use names, just email addresses), Actual products that I use, (someone must of sold my email address), Mailing list type headers (vnc/linux kernel/etc).
Funny thing, some mailing lists are tagged as spam, like IGN computer news, which I had to tag as good. Spam takes way more of my time than it should. I know for sure, I havnt opt'ed in for anything, and "Opt-Out" is a fucking joke.
Declare the internet the 'land of the free'.
Instead of calling it your 'inbox', it's now your 'american spirit'.
Those dirty emails you send to your wife are now 'vital communications of the heart'.
Your mom nagging you to visit her more often are 'sincere messages from the home front'.
Once we make spam a terrorist act only terrorists will send spam! U-S-A! U-S-A!
Spam on the computer, is generally bad because it's so cheap to send (virtually free). So we end up with tuns of spam. Also, because computer spam is so cheap, it's not at all targeted, for some reason, mail ads tend to be much more interesting.
;-)
And, opting out is easy in your mailbox. Just write "Return to sender" on the unopened message, and put it back in your mailbox. The USPO will charge the sender to return it, and the sender will usually abruptly stop. If you want to get nasty, tape the letter to a brick first
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
Would be nice if spam companies such as this who periodically engage in widespread consumer fraud could, by court order, have all assets liquidated and the funds distributed to a state task force designed to root out further spam comanies. If this isn't serving the public, I don't know what is.
-- "Government is the great fiction through which everybody endeavors to live at the expense of everybody else."
Yes, kudos to Mr. Spitzer for finally doing something about spammers. His litigation may make some of the more egregious, mass spammers think twice before trying to force-feed our Inboxes with herbal viagara and penny stocks.
But here is the HOWEVER.
With technology regulation a) not particularly well defined on the books, and b) almost always implemented the *wrong* way (DCMA?), I have little doubt that many legitmate newsletters and mailing lists will get hit by Mr. Spitzer's shrapnel. There are plenty of Attorneys General out there who are not quite so intelligent as sheep (let alone, Mr. Spitzer), and will follow New York's example to the detriment of legitimate mailers.
Damn. Another message for teen sex in my Inbox. Heck, maybe it's worth it....
-FC
I've had them blacklisted for a couple years now. I wish other states would jump on the bandwagon. These SOBs deserve to pay. They should be forced to read every piece of spam they ever sent out I think. That should keep them occupied for a few life sentences.
I am a New York State resident and I must say that Elliot Spitzer has been nothing short of wonderful when it comes to protecting the consumer.
.02
First it was unsoliticited phone calls (we were one of the first states to set up a no-call list). Now I recieve maybe 1 unsoliticited call every 2-3 months instead of 1 or 2 a day (and at dinner time.... arrrrgggg).
Then it was dissent on the microsoft case. In all likelyhood, New York State served as a keystone for the 9 dissident states.
Now we've got Spitzer battling the evil spam demons. My guess is that once again, Spitzer will come out on top.
Spitzer is a definately a defendant of consumer rights and privacy and has been unwavering in his cause.
my
The problem is fraud. (1) Spammers forge return-addresses and lie in their subjects to trick you. This makes it hard to weed out unwanted mail. (2) Practically all spam comes from fraudsters. Spam is so despised as a marketing tactic that it cannot be used (openly) regularly by legitimate businesses without them getting a lot of flak.
I hate spam. It drives me crazy. But I believe we will never fully get rid of it, because it makes money. And there may truly be compelling free speech reasons that keep us from banning it (I'm not decided on this point).
But I think three steps would take most of the pain out of spam for me.
- Spammers who are criminals (stock-pumpers, penis-mightiers) get arrested and deterred/reformed. The NY AG move is a much-needed start.
- Spam must be given a proper subject like "ADV:", and need a legitimate return address. Violators are subject to large fines and jail.
- Spammers need to pay for all their bounced mail. Not sure how to enforce this, but it would make me feel better.
Once these things are true, maybe spam will reach the same annoyance level as junk mail in real life: annoying, but not obscene.Since I've added a LART list of IP addresses and domains, per SPEWS, i've seen a nice decrease of UCE coming directly to me.
2002-05-01 09:37:21 recipients refused from [212.90.15.164] (RBL relays.ordb.org)
2002-05-05 07:49:48 recipients refused from [210.76.113.46] (RBL relays.ordb.org)
2002-05-07 00:18:46 recipients refused from cis-ns.careinfo.co.jp [210.226.191.114] (RBL relays.ordb.org)
2002-05-09 02:49:48 recipients refused from [200.24.95.174] (RBL relays.ordb.org)
2002-05-13 13:14:06 refused relay (host) to from H=nat170.63.mpoweredpc.net (none) [142.177.170.63]
2002-05-15 18:06:36 recipients refused from [211.218.38.20] (RBL relays.ordb.org)
2002-05-15 23:36:06 recipients refused from w045.z208037064.nyc-ny.dsl.cnc.net [208.37.64.45] (RBL relays.osirusoft.com)
2002-05-15 23:58:10 recipients refused from [211.174.179.8] (RBL relays.ordb.org)
2002-05-16 20:33:15 recipients refused from [202.164.96.4] (firewall-user) (RBL relays.ordb.org)
2002-05-17 04:01:57 recipients refused from [202.164.96.4] (firewall-user) (RBL relays.ordb.org)
2002-05-18 19:16:22 recipients refused from [210.105.80.65] (RBL relays.osirusoft.com)
2002-05-19 11:36:51 recipients refused from [202.164.96.4] (firewall-user) (RBL relays.ordb.org)
2002-05-21 23:41:55 recipients refused from [202.164.96.4] (RBL relays.ordb.org)
2002-05-24 06:53:23 connection from outmta016.topica.com [64.125.140.225] refused
2002-05-24 06:53:54 connection from outmta016.topica.com [64.125.140.225] refused
2002-05-24 07:41:45 connection from bso002.topica.com [64.125.140.241] refused
2002-05-24 08:33:05 connection from bso002.topica.com [64.125.140.241] refused
2002-05-24 09:35:23 connection from bso002.topica.com [64.125.140.241] refused
2002-05-24 10:46:02 connection from bso002.topica.com [64.125.140.241] refused
2002-05-24 12:17:27 connection from bso002.topica.com [64.125.140.241] refused
2002-05-24 14:19:49 connection from bso002.topica.com [64.125.140.241] refused
2002-05-24 16:23:14 connection from bso002.topica.com [64.125.140.241] refused
2002-05-24 19:01:45 connection from bso002.topica.com [64.125.140.241] refused
2002-05-24 21:31:16 connection from bso002.topica.com [64.125.140.241] refused
2002-05-25 00:07:19 connection from bso002.topica.com [64.125.140.241] refused
2002-05-25 05:29:37 recipients refused from www.shinohara.com [209.153.61.10] (RBL relays.ordb.org)
2002-05-25 16:22:30 recipients refused from [203.199.213.3] (RBL relays.osirusoft.com)
2002-05-28 04:37:49 recipients refused from h-64-105-76-95.nycmny83.covad.net [64.105.76.95] (RBL relays.ordb.org)
2002-05-29 08:22:41 recipients refused from [211.102.2.131] (RBL relays.ordb.org)
So you can see I'm rejecting mail per relays.osirusoft.com and relays.ordb.org. My LART list is pretty big, too. But that's just for a small mail server.
If you apply similar rules to a multi-hundred or multi-thousand user system, you can really cut down on tons of UCE. Combine it with spamassassin and UCE will almost never get in your inbox.
Spamhaus.org records about MonsterHut
It includes such gems as
MonsterHut's PR
and
Whine: MonsterHut Letter to Spam Clients
(scroll down - the header index is identical for these links, but the material below is different)
Definitely worth looking over, for a profile of a spammer.
Sig: What Happened To The Censorware Project (censorware.org)
What good is governement if they want to govern me? (pennywise)
If we want the government to stop trying to creake things like mandatory age checks before accessing adult material, then we need to stand up and tell them not to create spam laws either.
It is a problem that can be solved technically. We should strive to find better technical solutions instead of finding ways to sue them.
Hey, Coward, this is not a speech issue. It's a property rights issue. I don't get upset about junk mail in my postal mailbox; I don't have to pay for it. The sender pays the postage to have it delivered to me. I just carry it to my trash.
Spam, on the other hand, is often times paid for by the recipient. If you want to play First Amendment with me, I'll play Fifth Amendment with you:
Since you say that Spam is the sender's First Amendment right, it appears that delivery of said spam is "public use," and can't be paid for by the recipient because there's no just compensation. Spammers can't take my money (private property) to deliver your message (public use) without paying me (just compensation) in return for paying for your message's transmittal.
By the same token, you can't use the Freedom of the Press clause-- for the same reason. I can't be forced to pay (private property) for the publication (reception) of spam (public use) without paying me (just compensation).
If they want to pay me to receive their messages, that would be constitutional. As it stands, sending people unsolicited messages that they must pay for is not only not protected speech, but unconstitutional.
Read more about it
but close. The goal is to make it cost the spammer more to spam than it costs us to litigate.
Okay, Niagra Falls is in NY so suing is cool, but 500 million emails to just New Yorkers? Of course if all of the 19 million people (last census) in New York state received an equal number of emails that would make about 25 per person which seems reasonable, but if we extrapolate that same rate to the 280 million in the US they sent about 7.5 billion emails from March last year to April when they were cut off. (Think about it, the extrapolation is reasonable) At a very conservative 1kB per html-email this makes about 7.5 terabytes of data they've sent in a little more than a year. Which makes about 20.5GB of email a day. That seems like a bit much to me.
This is all mental math, so please correct me if you've got the time.
uce@ftc.gov [mailto]
:)
... buh ah ha). After about a month, the spam stopped. That was two months ago, I have been spam free (for that account, at least) ever since.
i have a yahoo account, get about 5 spam emails a day, and forward most of them right on to the FTC. not sure if they're actually doing anything, but it makes me feel good
I do the exact same thing, but I think it actually worked. One company had been spamming me for months (I made the mistake of clicking the "remove me" link). Well, one day I started forwarding my spam to the uce@ftc.gov (and spoofed the 'remove me' link to remove uce@ftc.gov
I like to think my tax payer dollars actually did some good.
If the recent internet Libel case goes to verdict, it may impact the power of current anti-spam laws as well. If it turns out that people can be sued for libel in the jurisdiction where internet content is being viewed, it then follows that spammers can be sued for breakage of anti-spam laws in the jurisdiction where the spam is recieved. Only time will tell how this will paly out but there is a silver lining to everythnig, if you look hard enough.
--CTH
--Got Lists? | Top 95 Star Wars Line
Two options:
e for "APNIC", and refuse connection to all the relevant netblocks.
:)
a) man procmailrc, drop it there
b) grep http://www.iana.org/assignments/ipv4-address-spac
I do both. I don't get *Korean* spam any more
~Tim
--
Rushing on down to the circle of the turn
Amen.
I'll see your Fifth Amendment response, and, I'll raise you a Supreme Court ruling.
A man's home - and his email box - is his castle. Any spammer invoking the First Amendment is full of it.
Attorney General Spitzer, YOU ROCK.
It seems to me that the answer to spam is whitelists. I find I get very little non-spam from people who aren't in my address book (you just have to be diligent about keeping your whitelist up to date).
I realize that some people do have a different email usage pattern and do get lots of mail from new senders, but then you could just use an "ask for confirmation" style whitelist filter.
Is there some reason why whitelists aren't more popular (aside from the fact that it's not the default configuration of Outlook [Express])?
For those who inforce the law. It seems as though so much time and energy has been spent as of late in the courts to protect big business (read RIAA) from the actions of people (read us).
It's about time the courts were used, en masse, to protect people (us) from the fradulant actions of business (monsterhut and others).
In a free market, business is supposed to be at the mercy of the consumer. We keep the government around to pass and enforce laws when that does'nt happen. It really does make me feel good to see the NY AG doing it's job.
---
The Internet is generally stupid
I have a Deutsche Telekom cell phone for business trips (it was VERY cheap), and you pay $.16 or so all over Germany for calls you make, and $.05 or so per SMS you send (if I recall correctly, I may be off somewhat); NO charge for incoming anything from anywhere. It is, IMHO, a MUCH better setup than in the US, where I pay for incoming.
"My strength is as the strength of ten men, for I am wired to the eyeballs on espresso."
Hmmmm according to Spamhaus their servers were put under lock and key when PaeTec TOSed them. Hmmmm i wunder how much they want for their equipment.. I could use some of their parts, or they could be put to good use in a RTCW or a Q3 extreme server for that matter. :D
First rule of holes; When in one, stop digging.
No, this current approach is a losing battle. What we must have is transparency. The Spammer cannot be allowed to use fake email addresses. I have complained about commercial emails with fake addressee, and the providers refuse to do anything. There must be an opt-out link or email address that is in the same domain as the from and return address. These address must be in the owner domain, and not Yahoo, Hotmail, or whatever free service they use for one time addresses. The subject line must clearly identify the company being advertised. If the email is to a website, the website must have an email link, and, if it is a DBA, must have a link to the corporation or person.
These guidelines will create a proper and honorable two-way communication. There are companies like (I think) Virtual Holdings that cowardly hide behind fake addresses and do not even put a real address on their domain registration. They keep their costs down by hiding behind fraudulent websites that do not have a single method of communicating with the owner. It is the highest form of arrogance that they think they have the right to spam us, but we don't have the right to spam them.
I know it has been said before, but let me say it again. Get a free email account. When you get a spam, especially with a fake email, look up the registration for the websites advertised. Look up the registration for the DNS providers. Send an email to every address you can find stated how cowardly and dishonorable using fake email addresses is. Let them know we know they are vermin. You do not even have to include your own information, as you are complaining about bad netiquette, not Spam.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
Better trick, create an auto-forward on your spamtrap addresses that redirects to uce@ftc.gov. Many mass mailers remove .gov addresses now, especially uce@ftc.gov. Trick them with a simple mail alias. Seed that address in the newsgroups and hide it on your webpages with mailto's on non-breaking spaces or transparent 1x1 images. Works like a champ.
Hormel gets pissed if you called unsolicited commercial email "SPAM" because that's their trademark. They have however given their blessing to the use of "spam".
I'll call your ruling:
Ownership does not always mean absolute dominion. The more an owner, for his advantage, opens up his property for use by the public in general, the more do his rights become circumscribed by the statutory and constitutional rights of those who use it.
Not that I think that spam is good, rather the argument that "My mail server is mine, thus spam is illegal" does not follow.
- Justice Black, U.S. Supreme Court, Marsh v. State of Ala., 326 U.S. 501 (1946)
I'm the best IRC client ever.
Hmm, maybe he's watched enough slasher films to know that when the bad guy goes down, you keep hitting him. MonsterHut is utterly unrepentent, still assert that their business model is both legal and sound (they actually claim that the court got it wrong), and explicitely intend to start up spamming again as soon as they can slease their way onto another ISP.
While I'm completely ready to agree that Spitzer is probably just showboating and looking for an easy win, I'd be delighted to see a huge fine levied on MonsterHut, regardless of their ability to pay it. The more precedent we get, the better, because every piece of anti-spam case history will make it easier and faster to shut down and sue or fine new spamhausen as they spring up.
The case earlier this month just established that MonsterHut are in the wrong, and let their ISP pull the plug on them. Now we need to assign a suitable punishment, and make sure that we send the message clear and loud: spam is not legitimate, and if you do it, you will pay for it.
If you were blocking sigs, you wouldn't have to read this.
The first amendment doesn't give you the right use my property to excercise your right to run your mouth off. It would be like you coming into my home and and preaching to me in my living room. It's my property and it's not your right to be on or make us of it.
This will do nothing to stop SPAM in your mailbox. How is Spitzer going to go after btamail.net.cn? China is going to tell him to take a long walk off a short pier. This is fine if you want revenge but it will not do anything to reduce the flow of SPAM or cause other people to fear doing it.
Geez, I guess the moderators today are Spitzer Democrats. :)
Strange women lying in ponds distributing swords is no basis for a system of government.
It seems to me that the answer to spam is whitelists. I find I get very little non-spam from people who aren't in my address book (you just have to be diligent about keeping your whitelist up to date).
If a whitelist is the solution, you don't understand the problem.
A whitelist is pretty much like "bolting the barn door after the horses have eaten your children." You're basically just closing your eyes and saying "I don't see it, so therefore it doesn't hurt me."
Spam has two problems, and the concept of a whitelist (or email client "spam filter") only covers one: the nuisance factor (it's a pain in the ass to wade through all this spam.)
The second, much worse, problem is that spam costs the recipient money. Bandwidth isn't free - it costs money.. even if you don't directly pay for bandwidth, your ISP does, so it costs them money, which they charge to you (even if you don't see it broken down in your monthly bill.)
Any client-based anti-spam "solution" (such as your whitelist) is ignoring this: the bandwidth has already been consumed by the spam, so it's already been spent. Rejecting the email AFTER it's been delivered to your server only means that you don't see it - it doesn't mean that you're not paying for it, and THAT is the biggest problem with spam - you're paying for something you don't want.
You don't think that allowing anyone to mail you is making your mailbox "freely accessible and freely used by the public in general?"
Please, leave my infrastructure intact. I'd rather that I get the mail and filter it than have random messages dropped because I couldn't let the public at large email me.
I'm the best IRC client ever.
the ISPs can't or won't implement those technical solutions, or when they are threatened by lawsuits for doing so.
Stupid sexy Flanders.
Since I don't give out my email to anyone that shouldn't have it. No it is not "freely accessible and freely used by the public in general".
http://www.windmeadow.com/
I've been doing this for just the last week and a half. I log every spam that gets disconnected. So far there have been no false positives. The only annoyance has been that others using my mail server that forward me their spam sometimes get disconnected because I've already added a filter that catches what they are reporting. :)
I am Familiar with the U.S. Constitution, however you sig makes me wonder if your views are in keeping with modern jurisprudence. Not to engage in political baiting, but it seems you take a very conservative view when it comes to property rights.
To take your point a little further. Why can I not bill for time spent disposing of junk mail? (in addition, materials garbage bags, etc.) What about electricity used to power the doorbell when a solicitor comes?
Spam sucks. However, I am not sure how much resources you are deprived of compared to other previously accepted solicitation norms.
Let me see if I can boil all this down to something smaller:
You have the right to speak; you don't have the right to force people to listen.
Spam wastes my time. If I pay by bandwidth, it wastes my money. At the very least, I have the right to refuse it; at best, I have the right to restitution for damages.
Get off my launchpad!
That would be pretty outrageous if it weren't a complete and utter fabrication. What actually happened was that he sued several "crisis pregnancy centers" for deceptive advertising. They had ads that implied that they performed pregnancy tests and abortions, when if fact they are essentially in the business of persuading women not to have abortions. Under a consent decree they agreed to change their advertising. They didn't have to pay fines, and they certainly were never forced to provide abortion services.
2:
The idea is to deter future instances.
3:
If they violated current anti-fraud law, why not go after them using the existing statute(s)?
4.
No, but he might get something. If not from the company itself, maybe from the officers of the company personally. Also, see 2.
5.
Obviously this only applies to victims in the state of New York.
-- It only takes 20 minutes for a liberal to become a conservative thanks to our new outpatient surgical procedure!
They accept non-spam complaints from a web form, so they know how to do it right. Clearly they're not serious about stopping spam, even though California has a strong anti-spam law, and the courts have ruled that it is valid. There haven't been any high-profile spam cases from the California AG yet.
(There's a legal challenge to the California anti-spam law, but the spammer is losing. The California State Supreme Court recently decided that the California anti-spam law was valid (Ferguson vs. Friendfinder). Friendfinder may still try an appeal to the U.S. Supreme Court. But that has to happen soon, or the decision is final.)
First I grabbed a sendmail access database someone else was using as a base to start my anti-spam efforts from. To this I add domains from which I or a coworker received spam from. One spam and it's done. This list contains more than 9000 domains and IP addresses.
Next I added ordb.org as an RBL. This has helped as well but has also exposed some of our clients as having open relays. I find it interesting to get a call insinuating the problem is with my mail server when the user has not even read the error message. (Which, as you may know, tells them to visit ordb.org to find out what the story is) It is frustrating to explain that I am not going to turn off my RBL because their mail server is incorrectly configured.
I've been using the RBL for about 20 hours off and on and the access database for about two days. So far it has dropped 309 messages intended for a mail server with about 20 users on it.
There's probably been a few other cases establishing email servers as private property and that's there's no such thing as "the right to email".
The latest blocklists (SPEWS) go after the spamhausen ISP's IP-blocks as well as the spammer's IPs. It's a shame to block non-spammers as well, but they are supporting spam-friendly companies with their money. Hitting the ISPs in the pocket book is the best solution yet, because pin-point IP blocks just didn't work.
One line blog. I hear that they're called Twitters now.
Maybe in 10, 20 years... I hope.
/. people don't want laws, because they're afraid of the government getting their dirty paws on us. But what do you propose we do in the meantime? What do you propose we do now? Because despite the fact that you only get ten spams a day, I get about 75. Three months ago I only got 50, and it's only going to get worse.
Meanwhile, the cost of this is billions of dollars a year. Lots of
We have to figure out how to fix this, tomorrow, or we have to ask the government to do it. It has to be fixed. Technical solutions may work, but may doesn't mean jack--they're not working now, and that's all I care about.
If you (the collective you, the people who say "we need a technical solution") can't fix it, STFU. I'm not talking about filtering or RBL lists, I'm talking about putting the spammers out of business. If they're sending spam, your job is not done. And if you can't stop them, again, STFU and let the government take care of it. It has to be done; the costs are too high, and it really gets me worked up.
Until I can post my e-mail address on slashdot without obfuscation and without fear of harvesting, until I can telnet into my POP server and read my mail without getting pissed off, until the primary meaning of Spam is once again spiced ham, you "we need a technical solution" people may not sleep. Billions of $$$ a year.
Synergy is your friend
In the US, your mailbox doesn't actually belong to you - it belongs to the US Post Office. They allow you to take mail out of it.
I don't like junk mail, but someone's paying the US Post Office to deliver the snail junkmail to mailboxes which are the US Post Office's property. (To be absolutely technical - I think it's something like "you may purchase and own the physical container on the fencepost near the driveway, but the USPS still owns the space within it.")
> (in addition, materials garbage bags, etc.) What about electricity used to power the doorbell when a solicitor comes?
OK, fair enough :)
The (non-property-rights) issue with spam is the one of scale -- junk mail costs money for the sender to deliver. Door-to-door solicitors are throttled by the time/effort that it takes to walk from door to door. Even telemarketers are rate-limited by the number of drones they can have behind the predictive dialers. (Which is we've passed laws to try and combat the use of prerecorded telephone messages. But even these are rate-limited by the time it takes the recording to play back into the victim's voicemail.)
Spam, regrettably, has no such bottleneck. Even if you don't agree that it's theft of the recipient's mailbox, most of it comes through open proxies and open relays -- which clearly qualifies as stealing service from the victimized hosts.
Whether they're stealing very small amounts from millions of victims (the recipients) or larger amounts from a few victims (the bandwidth stolen from unauthorized abuse of intermediate open relays and open proxies) - spammers are thieves.
Source-based filtering work best when the sources are concentrated and not moving (like when Sanford Wallace was making most of the noise.) This still works a little, and is the premise that all the various RBLs and DNS-BLs are based upon. Content-based filtering works only when the content of the spam is either identical for a large number of victims over time (which is how razor works) or contains patterns that are very unlikely to appear in legitimate email. (Tools like spamassassin work well against these.) If these technical measures against (obvious) spams were effective and universially applied, it would cut down on the volume of spam, but the spammers would get more subtle, and start sending spam that is very hard to detect.
Since most spammers do it only once (but there are a lot of them) it would likely help to educate the public that the spamware-salesmen are essentially con-artists. If it were illegal to send spam, this would be a lot easier. Legal measures alone would likely be unenforcable, because of the sheer numbers of spammers, and the fact that its easier for them to get new accounts and other services than it is to track them down. If I my offer an analogy, this is like people burguling my house. I can stop most of them by putting locks on my front door. For those that are determined enough to defeat those locks, the police will will stop them by sending lots of men and women with guns and handcuffs. It also helps if parents and schools teach their children that it's not right to steal.
Paetec made the mistake of agreeing to contract terms that specified that if 2% (I think that was the figure) of the addresses were found to be non-opt-in, that this would be an acceptable margin of error. Presumably MonsterHut would have removed them from the list if asked. Even in the worst case of assuming that every complaint was one of those non-opt-in addresses, the complaints would have had to reach the level of 2% for Paetec to disconnect them under terms of the contact. It's that contact that allowed MonsterHut to get the injunction. MonsterHut didn't need to say that 100% were opt-in ... it only needed to say that 98% were opt-in, and Paetec didn't have enough numbers to prove that more than 2% were genuinely non-opt-in, at least not initially.
Paetec made some legal blunders. The rest of us can learn from their mistakes. I'll give Paetec the benefit of the doubt for being fooled in this case. A future company will not get that from me.
One step an ISP can do (if they didn't stupidly sign away any rights to do this) is to put the spammer on static IP and set up reverse DNS to name them with the spammer's domain name. Then I can block the spammer without blocking the ISP, regardless of the stupidity of the ISP's lawyers. And this is my common practice ... I block just the spammer if they are in reverse DNS identified static addresses. And I block them by their domain name, so if they move, even to another ISP, they are still blocked. They have to change domain name to evade this (and I'm sure many have).
Also, I do all my anti-spam blocking at the server during the SMTP session. I don't want their spam in my servers, and I don't want rejection notices to sit undelivered for days, either. By stopping spam before the mail is delivered, it doesn't get queued and the sending server has to deal with the rejection (but there is still a rejection in the cases of legitimate mail getting caught so the sender at least knows something happened, and can look for a way around).
now we need to go OSS in diesel cars
Horse byproducts! Name a list that will allow a spammer to buy out -- and if you can prove it, most admins will drop it instantly.
And as for proof, I think you'll find that the case files at SPEWS are usually quite detailed.
And it's UCE spam even if they don't hide or blast.
One line blog. I hear that they're called Twitters now.
No free speech problem, since the spammers are still free to send their messages. I'd just be choosing not to view them. People who actually wanted to see spam for some reason could opt in at their ISP. I'd be willing to guess that it wouldn't even hurt the spam business too much because spam-haters like me never buy anything advertised via email on principle.
The one thing I don't know is how to allow real (meaning actually opted-in) email through when I've really requested information on a product. So here's a challenge to all you slashdotters - how can you phrase a law to only allow truly requested messages through without opening a loophole for the MonsterHuts?
The Mighty E