Slashdot Mirror

← Back to Stories (view on slashdot.org)

David Sorkin on Internet Law and Spam

Posted by michael on from the fifty-spams-today-and-counting dept.

KC7GR writes "Cnet has published an interview with David Sorkin, associate professor at the John Marshall Law School. He's answering questions about the current state of cyberlaw, and he also has much to say about why current federal legislation being considered could make the problem of spam worse rather than curbing it."

7 of 168 comments (clear)

  1. Spam police? by WeirdKid · · Score: 4, Insightful

    They can pass all the laws they want, but who's going to enforce them? It's illegal to send unsolicited faxes too, but my eFax number gets swamped by them daily.

    1. Re:Spam police? by Kenja · · Score: 5, Funny
      Who's going to enforce them? I will, along with my rag tag team of freedom fighters.

      cue the a-team theme song.

      --

      "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
  2. I've tried many things by SquadBoy · · Score: 4, Insightful

    to block spam. But I think we are going to have to "go nuclear" if we ever want to win this war. What I mean by that is we are going to have to start blacklisting *anyone* who runs a open relay and I don't just mean mail I mean everything. Cut them off from the rest of the world. Only at that point will people get off their butts and solve the problem. That at least is whay I think. No more playing around time to bring out the big guns.

    --

    Cypherpunks: Civil Liberty Through Complex Mathematics. Those who live by the sword die by the arrow.
  3. SpamAssassin for MS Outlook users: by jcapell · · Score: 5, Informative

    The Pro version is available for MS Outlook users, and works wonders.

  4. Re:could make the problem of spam worse? by silentbozo · · Score: 5, Insightful

    Ahh, but what exactly IS spam? Is it a mass mailing? Is it unauthorized use of server resources (spam and run)? Or is it UCE?

    There are legit uses for mass mailings (ie, mailing lists.) Spam and run only works with the clueless who persist in running unsecured mail relays. And UCE is a subjective measure (no matter how good your adaptive filters are), and to restrict the ability to mail based on content is a dangerous step.

    The most dangerous spammers today are not the whack-a-mole spammers that keep changing dialups, who relay-rape and advertise sites in Russia and China (whose admins could care less.) The most dangerous spammers are the big commercial outfits who sideline as legit operations, and who carry advertising from the likes of Amazon and AOL and run their own ISP feeds. These guys are hard to kill because they're semi-legit (ie, they tend to carry "legitimate" traffic), even though they're clearly spammers of the worst stripe.

    The only way to deal with these guys is to blackhole whole IP blocks. For the whack-a-molers, you blackhole open-relays and known dialups. For everything else, use adaptive filters on the receiving end. If you're a server admin, restrict sending to known clients only, from a restricted list of IPs. I don't think there are a lot of mods you can make to SMTP that haven't been made already to fight spam - maybe standardizing the tarpitting of dictionary attacks (where the spammer tries to ferret out working e-mails by attempting bogus mailing connection attempts.) The tools are there. The key is to make sure everyone uses them.

  5. Did anyone read the interview by asscroft · · Score: 5, Interesting

    This guy is pretty smart and has a good grasp on things.

    here are some gems.

    "In the United States, one of the most important criteria used to evaluate any proposed restriction on the collection and use of personal information by businesses is the effect that it will have on industry. In Europe that's at most secondary to the individual and societal rights that are affected. " ..."as business practices seem to get more and more invasive, I find myself leaning closer to the European approach, even though I'm normally quite wary of regulation. "

    <B>How about grading the legislators as well?</B> [he had said earlier that the courts do a good job of learning about technology when interpreting laws that govern it's use]

    Unfortunately, I don't think that many legislatures have been anywhere near as scrupulous in learning about technology before trying to make laws to govern it. Take a look at all of the different state spam laws to see what I mean. Only one state has a law that is anywhere near consistent with the practices commonly followed on the Internet--Delaware, where it is a crime to send unsolicited bulk commercial e-mail. The other state spam laws don't focus on the central technical problem with spam, but instead deal with the symptoms, like forging message headers or failing to honor opt-out requests, or with completely different issues, like pornography and other content-related issues. "

    <B>What about deep linking? </B>
    "What about it? I guess I don't understand why everyone is so concerned about it. It's an inherent part of the Web, in the same way that nouns and verbs are essential parts of speech. If you don't want people linking to or accessing certain content on your Web site, you can implement whatever rules you want to in the design or configuration of your site. But if you put content in a public place with its own published address, it's pointless to pretend that the address is a secret, and you shouldn't expect the legal system to enforce that ridiculous notion. "

    "I don't think that the Internet really needs much law--it's really just a question of figuring out how best to apply more general laws to the online environment. "

    I'm glad to see a lawyer on our side for a change. Makes me want to move to europe though.

    --
    because I have been enjoined by this Holy Office to abandon the false opinion which maintains that the Sun is the centre
  6. Legislation is a good idea by gad_zuki! · · Score: 5, Interesting

    Sorkin: Of course it doesn't make sense to regulate a relatively borderless environment with laws that vary according to geography.

    The internet has borders and vulnerable spots - they're called ISPs. A federal law fining open relays would be a good start. ISPs can attach the the fine, and even a profit attached to it, onto their TOS when they or the government catch Joe DSL or Generic Company T1 with an open relay. The ISPs would have more of an incentive to attack the problem of open relays. Fining the ISP per email sent by a registered user running their own SMTP engine or the ISPs mail server would take care of those paying for one months service to send out gigabytes of mail.

    A simple 'ADV' in the subject line for filters to find would take care of the first amendment issue. Advertising is not protected speech, its been ruled again and again that it can be legally limited.

    That would more or less take care of American spam. The anti-legislation crowd can cry 'but they will go overseas' all day long, but certainly cannot prove that they will ALL go overseas. Not to mention if this works, other internet heavy countries might take notice and try the same thing. Less spam is better than more spam, especially now that dummy-proof spam software and mailing lists can freely be downloaded via kazaa.

    The downside is that your ISP would need your credit card info if you were to get an email account with them in case they do get fined, but chances are they have that information already and is it such a terrible price to pay for spam free mail?

    Imagine ISPs encouraging stronger passwords, email limits(500 emails a month - want more then ask and tell why), shutting down open relays, and blocking port 25 to customers not authorized to run a mail server. Horrible I know.