Slashdot Mirror
Dictionary Spammer Fined $55,000 for Spam Attack
Lawrence_Bird writes "In a first, a Japanese district court has ordered
a spammer to pay restitution to NTT DoCoMo for abuse of their imode system. 'The damage caused by large amounts of e-mail not reaching their destinations should be covered by the sender,' said the judge. The fine is about $55,000 and was based on an estimated cost to NTT of 1.2 yen per undelivered spam ($0.01) for the 4 million spams that were undeliverable. What is most startling is NTT DoCoMo assertion that of the 950 million emails
they receive each day, 880 million are not deliverable!"
Just think - becuase of one person, 880 million people didn't get their daily dose of heniti (sp)!
If only there were more rulings like this one, maybe it would make spammers think twice if they knew they could be fined.
I want to see this guy fined per DELIVERABLE message aswell though.
Last.fm - join the social music revolution
There definately needs to be more rulings like this.
that's even better than dumping tons of junk snail mail on him!
I think that it should be clearer that those 880 million are sent to *non-existant* addresses. The slashdot article makes it looks like that their infrastructure can't cope...
Rus
Cheap UK and US VPS
They tried to email the judgement to him but for some reason thiscouldbeyou@riches.await.com kept bouncing...
Be you Admins? nay, we are but lusers!
At last, a profitable business model for AOL!
as someone who recently had an email server relay raped (we didn't think it was accessible to the open, turns out someone had misconfigured it), and knowing full well the time and stress I had to sort it out, this is great news. Although, i'd have preferred five minutes in a sound proof room with a baseball bat, but hey... It's about time people realise that stuff like this has very real consequences...
A great ruling!
Basically the spammer was trying to send large amounts of spam to Docomo's mobile phone users. Mobile phone users are charged for receiving emails. Since 1) many of the spammed users don't exist and 2) it was unsolicited commercial email, it only makes sense for the spammer to pay!
I say we should send these morons a one-way ticket to Iraa muahahahaha!!
eTrade SUCKS
That's why all my emails to goatse.cx aren't getting there!
There's a growing sense that even if The Future comes,
most of us won't be able to afford it.
-- Lemmy
Now if only more countries would do this kind of thing - recognizing that spam has a financial impact on ISPs and on the end consumer, and that especially mass "dictionary" based attacks to randomly find accounts are the internet equivilent of dropping millions of leaflets from an airplane for advertising purposes. (In which case they'd be rightly charged with littering and other offences.)
Plus they got zapped for undelivered email - avoids the whole "opt in/opt out" argument (difficult to prove always that someone didn't accidentally "opt in" at SOME point and you KNOW the spammer is going to claim that they did) AND it also is likely far more costly than targetted spam attacks. (If you send to a 90 percent valid email list chances are you are sending to a few hundred thousand addresses. You do a dictionary attack you are sending to MILLIONS of addresses... which would you rather see them get charged cash for?)
It's a good start if you ask me (though of course part of me thinks that locking them in a small room with one angry ferret per 1000 emails would be a good way too... but that might be going too far. Probably. I mean, think of the poor ferrets?)
Bvardi
I have heard about people suggesting of putting a price per email for sending, However, It seams that it would be better to just charge for undeleverable email, Which is rare for a casual user to have undeleverable mail anyway.
Of the dozens of spam messages I get every day, at least 20% of them are unreadable. I'm not counting the ones that are in languages that I don't know. I'm talking about the ones that are sent in an encoding that isn't properly reflected in the headers. Then there are the ones that are in such poorly formatted HTML that they just won't display.
The net will not be what we demand, but what we make it. Build it well.
I long for the day those fines are so common they don't even make it to /.
That has a nice ring to it here in the states.. It makes perfect sense. I wished I had thought of it first...
Let the lawsuits begin!
-ProzacGod
Do you like telemarketers too ?
.. lets say .. Cosmo Magazine, or Mother Earth News etc.
Sending unsolicited e-mail is NOT a legitimate business practice. Sending unsolicited e-mail is closer to harassment than it is to legitimate communication.
If your theory held, then people wouldn't get spammed with crap like penis/breast enlarging cream, ugoslavian tractor deals, or offers to become ordained ministers - they would get spam about things that INTERESTED THEM, 100% of the time.
You are confusing the issue, by assuming that all businesses have a right to free (as in beer) advertising, which as common sence dictates, is totally 180 from the true.
I work for a fortune 500. We send e-mail. We ONLY send email to folks who have opted into our mailing lists (by default, we are, across the board, and opt-out company - meaning we will assume you wanted to opt-out before we send you a lick of e-mail.)
One important nugget of info you glossed over in advertsising is the basic concept of 'target'. We make power tools, as a result, we normally do NOT advertise in
We follow the same practices with e-mail we send. Believe it or not, I actually DOES cost money to send bulk e-mail. As much as a TV ad ? no, but it still costs money, and as anyone who ever worked for big business can tell you - coming across ANY money is not always easy.
So, my long rambling has this point : Advertising is targeted communication with your audiance. Spam is Blind-Monkey-Flailing at anyone who is listening.
Saying that Spam is advertising, is like saying that the Homeless-Eveangelist-Guy who shouts about the *End of the World*(tm) in the middle of Times Square - is actually the pope.
--Ne auderis delere orbem rigidum meum, non erravi pernicose!
The "spammer" has a legitimate business activity.
I'm operating on the same business model as the spammer, so you have to pay for this reply.
I'm the urban spaceman babe, but here comes the twist... I don't exist
>
Blocking software for a mobile phone?
You are aware, I trust, that the email clients for these phones are built in, and cannot really be user modified, right?
>
You mean, like, the phone book?
I can't live without seeing my daily share of tentacle rape! Whatever will I do?
To make laws that man cannot, and will not obey, serves to bring all law into contempt.
--E.C. Stanton
Do you like telemarketers too ?
I hate them. I also hate tightfisted pwople. I do accept they have ar right to exist though
If your theory held, then people wouldn't get spammed with crap like penis/breast enlarging cream, ugoslavian tractor deals, or offers to become ordained ministers - they would get spam about things that INTERESTED THEM, 100% of the time.
No other advertising is 100% accurately targetted.
You are confusing the issue, by assuming that all businesses have a right to free (as in beer) advertising, which as common sence dictates, is totally 180 from the true.
They are free to use whatever sources are available. If this is email, then they are free to use it.
I work for a fortune 500. We send e-mail. We ONLY send email to folks who have opted into our mailing lists (by default, we are, across the board, and opt-out company - meaning we will assume you wanted to opt-out before we send you a lick of e-mail.)
That's nice. Doesn't mean everyone else has to.
So, my long rambling has this point : Advertising is targeted communication with your audiance.
Why do I keep seeing ads that assume I'm a 60 year old woman then?
I'm operating on the same business model as the spammer, so you have to pay for this reply.
No I don't. slashdot provides it for free. I would have to if I subscribed.
This kind of mass mailing should be treated the same as a deliberate denial of service attack. Dictionary spammers tie up target servers without any reasonable expectation that most messages will reach an actual user. It is a consciously malicious act, and should result in criminal penalties, including prison time.
When all you have is an axe, everything looks like a grindstone.
"You may not like it, but he has a right to advertise."
Spammers have the right to conduct their business if they follow local laws. He did not, I dare say most do not.
"If you don't want to receive his advertisements, then stop being so tight fisted and get some blocking software."
Every person who uses email should spend money to stop UNWANTED UCE's? That seems a bit ridiculous. What blocking software would you recommend to the ISP that got stuck with all the undeliverable mail?
I would like to see (it will never happen), legislation requiring all UCE's to contain a single unique identifier that may not be obscured in any way shape or form that would allow this garbage to be filtered at the ISP by customer request.
"All this company had to do was publically list all valid email addresses."
I don't want my email address listed in any such list and I should not have to "opt-out" of any such list. Are you in the SPAM business?
Indecision is the key to flexibility.
DoCoMo investigations found that about 950 million e-mails are sent to i-mode users each day, but about 880 million of these are sent to addresses that do not exist.
[lounge]
Now that's what I call a lazy database admin!
*rimshot*
[/lounge]
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
Japan has sued the peoples republic of china for 10 trillion dollars - the chineese government says that they were just pursuing japaneese ad makers
The "spammer" has a legitimate business activity.
Yeah, so do dope dealers.
It's about time someone set a precedent in determining the cost of spam. Not just in terms of denial of service, but also the amount of time it takes people to deal with it.
Many people don't realize what a hassle spam can be, until you try to put a monetary cost on it. Let's forget about the resources it uses and just look at how much time it consumes to delete... For the sake of using round numbers, let's say it takes someone 5 seconds to identify a message as spam and delete it. That means in an hour they can theoretically delete 720 pieces of spam. I don't know about the rest of you, but I regularly receive about 100 pieces of spam on a typical day. That means that about 2.6% of your paycheck goes towards you deleting spam. For an employee that makes $50k/year, this comes out to approximately 3.5 cents per piece of spam received, or $1277/year...
If their mail servers are swamped with 880,000,000 emails daily from dictionary attack, I'd think the easiest solution would be to throttle the mail servers. "Oh, I got an invalid recipient, I'll pause 5 seconds before I respond." (Adjust 5 seconds to whatever makes most sense) For most legit users, that shouldn't be a problem. For the spammers, it means they can make at most 17280 attempts per day per MTA.
If that's how you feel, then I'm going to advertise my auto glass service by tying an ad to a brick and throwing it through your car's windshield.
!? Mobile phone spam breaks the phone? Wow! This is seriuous heavyweight stuff.
If I was paying someone to provide a service of throwing messages wrapped round bricks through my car window, I wouldn't complain if they did this. I would have cause to complain if they didn't.
You are so fucking clueless that I'm exasperated.
Why should some spammer get to steal your money? It's your choice who you give your number/address to. It's your service, you pay for it, and you decide to whom you give the number/address.
If I want to receive messages I want I have to get messages I don't.
Why? Tell me why you have to get messages that you don't want. What was it in the contract that said "random third parties will be legally permitted to send you ads at your expense"?
You pay for a phone, I assume, or your mommy and daddy do. Do you think that each person on Slashdot has a right to call you on that phone, day or night, and tell you what an idiot they think you are? If so, what's the phone number.
Spam sux, Hamburgers rule.
Seriously, Spam is a loop hole, and it's heavily exploited. All loop holes in the old postal system have been removed and laws cover them. Consider the old "1/2 stamp trick" or the same "forward and reverse address with no postage" All of these are loopholes which our Govt closed. Fuck the spammers, they are criminals as I see it. Who opens this shit anyways? What's the point? What are they gaining?
Anybody have a link on how to configure sendmail to not log/respond to email destined for addresses that are not on your server?
Why should some spammer get to steal your money?
They'r not. The money goes to the telephoj company. If you don't like that find a provider that doesn't charge you to receive messages
Why? Tell me why you have to get messages that you don't want. What was it in the contract that said "random third parties will be legally permitted to send you ads at your expense"?
It's implicit. The phone company would be in breach of contract if they didn't deliver the message. If you have a problem with this, get a better contract.
You pay for a phone, I assume, or your mommy and daddy do. Do you think that each person on Slashdot has a right to call you on that phone, day or night, and tell you what an idiot they think you are? If so, what's the phone number.
+44 209 993 243
Mobile phone spam breaks the phone? Wow! This is seriuous heavyweight stuff.
Yes, it does. When so many spams come in that the owner has to cancel the contract, the phone is 'broken'. But you are obviously too dense to understand the analogy, so I'll simplify it for you:
Mobile phone spam costs the user money. Replacing the windshield costs the user money. Both forms of "advertising" force the user to incur a cost that they do not want.
If I was paying someone to provide a service of throwing messages wrapped round bricks through my car window, I wouldn't complain if they did this.
If you are even semi-normal, you don't pay your mobile phone company to deliver ads to you at your expense. You pay them to deliver messages from friends, family, coworkers, and others with whom you choose to share your number/address.
Mobile phone spam breaks the phone?
No, you moron, it doesn't. Just like a brick thru a windshield doesn't stop the car from running. It does cost money, though.
"!? Mobile phone spam breaks the phone?"
No but many of us are charged for the minutes of airtime used by telemarketers.
"If I was paying someone to provide a service of throwing messages wrapped round bricks through my car window, I wouldn't complain if they did this. I would have cause to complain if they didn't."
What the hell does this mean?
The post you are replying to is pointing out that SPAMMERS and telemarketers are costing people money.
Indecision is the key to flexibility.
They'r not. The money goes to the telephoj company.
Yes, they are. When they send their ad "postage due", they are stealing your money to pay for the delivery.
If you don't like that find a provider that doesn't charge you to receive messages
There is none. It costs the provider money to deliver the message and they charge the users.
It's implicit. The phone company would be in breach of contract if they didn't deliver the message. If you have a problem with this, get a better contract.
No, it is not implicit. Why would they offer an "unlisted number" service if that was the case?
And where do you find such fairy-land contracts as you keep making up?
And people have chosen to pay this money for the service. If they don't want to be used in this way, cancel the service. People want to eat their cake and have it too.
When they send their ad "postage due", they are stealing your money to pay for the delivery.
Refuse delivery then. Nobody is forcing you to receive the ad. Just reject any message that you are charged for.
There is none. It costs the provider money to deliver the message and they charge the users.
This is because people are willing to pay for this service. It would be just as viable a business model for the telephone companies to charge the sender.
No, it is not implicit. Why would they offer an "unlisted number" service if that was the case?
There's your better contract. Go for an unlisted number.
And where do you find such fairy-land contracts as you keep making up?
What, you mean the ones that don;t charge you to receive messages? Every contry except the US.
"And people have chosen to pay this money for the service."
What service are you referring to? I pay my ISP for mail service for my personal use not for people to send me garbage that I don't want. My ISP pays somebody for bandwidth to be used by their customers. Very few people want this type of email or commercial phone messages. It wastes resources (money). The only people who defend these practices are profiting from it. I suppose that if I was making my living by wasting others money, I would also view this from a different perspective.
Indecision is the key to flexibility.
"Who opens this shit anyways? What's the point? What are they gaining?"
I understand that the spammers send so many of these emails that even with an incredibly low response rate, they make money. I could open a business and make money too if I could use everyone else resources.
Indecision is the key to flexibility.
Maybe i'll move to Japan when things get too ugly under the Ashcroft regime! Guess i'd better learn Japanese just in case - time to watch more anime!
The only thing necessary for the triumph of evil is that good men do nothing.
I agree with this guy
Actually, there are wireless providers that do allow you to receive messages no charge. Rogers AT&T Wireless (Canada) is one.
"You chose to have a phone. You knew the risks when you signed up. It's your choice whether to pay for these messages, not mine."
I can only hope that one day you smoke a turd in hell.
Indecision is the key to flexibility.
could dictionaly spamming count as a denial of service attack? (even if it isn't big enough to actually take down the service)
Refuse delivery then.
How? How do I refuse delivery of a text message?
It would be just as viable a business model for the telephone companies to charge the sender.
No it would not. There would be the costs associated with processing credit cards, getting the sender to agree to a click-thru contract, etc. And the sender could not just send to an e-mail address like they can now. There is also the issue of professionalism. It looks very unprofessional to have a colleague, client, or employer pay to send you a message.
There's your better contract. Go for an unlisted number.
Did you even read the article? The spammer used a dictionary attack. It doesn't matter if your number/address is listed or not if the spammer hits it during a dictionary attack.
What, you mean the ones that don;t charge you to receive messages? Every contry except the US
So all I have to do is emigrate from the U.S. to some foreign country, leaving friends, family, and job behind and then I can get a phone with free, unlimited text messaging -- so that I can receive spam for free. Yeah, good thinking.
From the /. post:
... each day, 880 million are not deliverable!
The fine is about $55,000 and was based on an estimated cost to NTT of 1.2 yen per undelivered spam ($0.01) for the 4 million spams that were undeliverable. What is most startling is NTT DoCoMo assertion that
If this is true, doesn't that make the cost of spam to NTT DoCoMo around $12M per day, or $4.4Billon per year.
This seems a bit much, although I agree with the size of the fine - I'm just questioning the way it is rationalized.
- Brian.
I like the verdict and think that the fine is appropriate, but I don't like how it was calculated. Maybe the article misrepresented it, but charging $0.01 per spam seems excessive.
The article says 880 million undeliverable emails are sent every day. At a penny a piece, that's USD$8.8million / day, or $3.2 billion/year. The company does $42 billion in sales per year, I doubt that they spend 7.6% of their income on spam. Or, for that matter, give me $3b/yr and I'll provide the equipment to totally filter all of their undeliverable mail -- they'll save their shareholders $200 million!.
I just wish they said "it cost us 1 man-year of work to stop this guy" and cost it that way instead of making up numbers per message. It's this kind of unjustified damage estimate that "cost" sun $80 million of money that was good enough to tell a judge under oath, but too bogus to tell their shareholders. A doubt NTT has a $3.2b line-item on their annual report.
(and, as others have pointed out, this 880milMsg/day is misaddressed mail - trivial to filter out and it never consume any expensive RF bandwidth)
HIV Crosses Species Barrier... into Muppets
How? How do I refuse delivery of a text message?
By refusing to pay for a service that sends you text messages in exchange for a fee. You don't know what's in a receiver paid-for letter before you pay for it
No it would not. There would be the costs associated with processing credit cards, getting the sender to agree to a click-thru contract, etc....It looks very unprofessional to have a colleague, client, or employer pay to send you a message.
Yikes! Talk about over-complicating matters. How about simply charging it to their bill. People don't object to paying to call you on the telephone or fax, why wll they object to paying to send any other message?
Did you even read the article? The spammer used a dictionary attack.
Did you read my comment? I said that it was the company's fault for forcing the spammer to use a dictionary attack. If they didn't want them to do this, they should have supplied the addresses. If you don't want that, you go unlisted.
So all I have to do is emigrate from the U.S. to some foreign country,
If it means that much to you, yes. Alternatively, you could ask the telephone company to implement a similar billing method, and point to every other country to prove that this is viable.
My point was that charging the sender works everywhere else.
On a somewhat related note, while we may not see opt-in mandated for a while, I'm sure companies will be quick to adapt:
By signing up for our free Britney Spears subscription service, you ackwnoledge you have agreed to our draconian privacy policy which allows us to sell your personal data to anybody we want and spam you from now 'till doomsday. To activate your account, we will send you an e-mail shortly. The spamming will begin soon thereafter.
This is one of the reasons why legislating a technical problem won't make it go away--there's always a loophole; and it takes longer to fix a legal loophole than it does for Microsoft to fix their bugs.
!#@%*)anks for hanging up the phone, dear.
Lawrence_Bird writes...
Who would have thought that Larry Bird would be spending his retirement years posting on Slashdot...
__ Someday, but not this morning, I'll finally learn to use the preview button.
Yeah that's right, I do believe to 99% that you are a spammer, or that you LOVE spam.
Well, you're wrong then. I don't love spam. I don't love SUV's either. I simply choose not to buy an SUV, or any car from a company that targets these things to the general public. I don't love the exploitation of workers in third world coutries, which is why I make sure I only buy products that I can be reasonably sure are exploitation free.
I just happen to like the free market.
DoCoMo has the right idea we need money from spammers
... Thats where I want to go ...
way down in Do Co Mo
(with apologies, but not royalties to the Beach Boys)
Use your head, can't you, use your head,
You're on earth, there's no cure for that - S. Beckett
I pay my ISP for mail service for my personal use not for people to send me garbage that I don't want.
Really? I want a provider that will agree to send me only email that I want. Who are you with? My agreement says that the ISP will deliver messages that are addressed to me.
Very few people want this type of email or commercial phone messages.
Some people do though.
The only people who defend these practices are profiting from it.
I never made any profit from spam.
And I choose not to be spammed. However, spammers doesn't seem to agree with my policy.
Yes?
It's not your choice. It's theirs. Simply don't buy from spammers if it means that much to you. If nobody buys from them then they will go out of business.
Bullshit. The right to swihng your arms around ends where my face starts. There is a right to speech, but there is also a right not to listen. Sorry, if I don't want to listen to you, you don't have a right to scream in my face.
The problem is that spammers go out of their way to avoid having their emails screened out. They don't have the right to FORCE their crap down my throat, but they go out of their way to forcefeed their shit to the recipients, by deliberately going out of their way to evade filters. They evade filters by concealing their identity and forging headers (and act of mail fraud), and going out of their way to disguise the subject line of the message. Basically, spammers use DECEIPT to FORCE their crap into users inboxes, and I don't see how you can sit there and argue that such dishonesty and rudeness is morally defensible.
It certainly costs a sender some money to send email. You need a cheap P3 to send 60k messages per day, a DB to manage your list, some bandwidth, a unsubscribe mechanism, and content. Of these (pretty trivial) costs, content is by far and away the most expensive. The real point is that the receiver has to pay to receive potentially every sender on the planet's mail, while the sender effectively only has to pay the content cost.
You may note thst DoCoMo was quite happy to deliver this spam to their end users and profit from it.
:-(
Had the spammer used valid email addresses I'm sure this would not have ended up in court.
So, how much money is the wireless carrier loosing when the customers either drop messaging, or drop the service entirely and opt for voice only phone service? UCE to phones with a cost per message would have me think about the service if I had to pay for all my incomming spam. I would look for the carrier that required the sender to use a PIN with the message to have it delivered. A carrier with a wide open e-mail box that gladly accepts spam from anybody and charges me for it would quickly loose my business.
Either the spamming of phones has to be curtailed, or the client will have to be modified to be much less open to anybody. Increasing spam abuse with the current system will kill it as a communications option.
This is the problem large ISP's are having now. They are big enough to attract way too many dictionary attacks. They are being dropped for cheaper local ISP's that are much smaller spam targets. I love a small ISP. I can still use a firstname@domain that I have had for years and my spam level is still much lower than my valid mail. (1-5 spams per week) My dad on a 6 month old MSN with a namenumber@MSN which does not fare nearly as well. He had spam before he sent his first e-mail. They are a dictionary attack target. I think the solution to the dictionary attack is limit the number of e-mail addresses per domain to 5-10,000. Break up all the AOL, MSN, Yahoo, etc mailboxes to other mail domains so dictionary attacks would be very non-productive. MSN mail would then start to look like bobfam246@mailproxy2535msn.com. Having a bunch of small reginal mail domains is the ticket to resisting a dictionary attack.
The truth shall set you free!
*blink*
Your marketing department needs a dictionary :-) The term "opt-out" typically means "We add anything with an @ sign in it to the mailing list, and we spam the bejeezus it until it begs to be removed, and we might continue to spam it later." As such, saying you're opt-out-by-default raises a lot of hackles, even if it's not what you mean.
What - precisely - do you mean when you say "we will assume you wanted to opt-out before we send you a lick of e-mail"? Taking that assumption at face value, I wonder WTF you plan to do with these email addresses, since you're never gonna send mail to 'em? :-)
If you mean that you get an email address from, say, a web form, and verify that the submitter of that email address does indeed want the mailing, you're doing closed-loop confirmed opt-in (that is, if you're doing this, and that's great.
If you mean anything less than opt-in with closed-loop confirmation, (say, something along the lines of "$FORD is cool! This is a one-time mailing to people who like cars! Honest! If you don't wanna hear from us again, you don't have to unsubscribe, we've already opted you out, you'll never get another mailing for $FORD from us again, at least until next week when $DAIMLERCHRYSLER pays us to run their ad!"), then, well... FOAD.
In a perfect world, I'd be able to give you the benefit of the doubt and assume you're doing the right thing. Sadly, it is an imperfect world. What you wrote was sufficiently ambiguous that while I'm willing to believe you might be doing the right thing, I'm just as willing to believe you're spamming, and using some sort of weasel wording to assuage your conscience, deceive your customers (the people on whose behalf you send the mail), or both.
That I am liable for all those calls to women in bars who gave me incorrect phone numbers?
Very good points and possibly a good solution but I believe the spammers will just target all of the smaller mail domains with little extra effort.
Spam will never go away. Most people don't want it. Wouldn't it be nice if all UCE's were required to be marked in a very plain and simple manner AND this marking must not be obscured, altered or omitted. Mail could be filtered at the ISP level at the customers request. If this were to come about people who omitted or altered this mark or circumvented filtering in any way could be prosecuted (or at least the originating domains blacklisted). I'm willing to bet that "spam free" mail servers would spring up everywhere. Mail servers everywhere would begin to refuse to deliver any marked as spam mail. Do you disagree with the court's ruling? Or are you just defending other bulk emailers right to do business?
Indecision is the key to flexibility.
By refusing to pay for a service that sends you text messages in exchange for a fee.
But I like messages from friends, family, and business associates. So I give them my address. You seem to feel that spammers have a right to commit a trespass to chattels. They do not. My phone is my property. The service is one for which I pay. It is up to me to determine who is authorized to send me messages. If I don't explicitly give permission, then they are prohibited from messaging me. If they do, then it's a trespass to chattels.
Yikes! Talk about over-complicating matters. How about simply charging it to their bill.
What bill? Someone can send me a text message by e-mailing the address associated with my mobile phone. Since text messages can be sent by anyone with e-mail access, there is no viable way for my mobile phone provider to bill them. How the hell is my provider in the U.S. supposed to bill someone in Zimbabwe who e-mails a text message to me?
People don't object to paying to call you on the telephone or fax, why wll they object to paying to send any other message?
In the U.S., they don't pay to make a local call to me. When there is a charge, it is on their phone bill.
I said that it was the company's fault for forcing the spammer to use a dictionary attack. If they didn't want them to do this, they should have supplied the addresses.
Why should they assist spammers who are pissing off their customers? That's absurd. It's like saying that car dealers should provide keys to people who want to joyride in your car.
Spam suxxor, but since I stopped forwarding my "spam" emails to my maim email account, I have got none. I was getting about 20 per day, and all of them from usenet posts to wpg.forsale.computers (I'm from wpg). So a good short-term solution may be not to enter your main email address in web-forms or news posts. (flame suit on)
Sorry , there is much confusion in house as to what these things are called.
.. we do not use a closed loop confirmation at the moment [but trust me .. I have been fighting for it for about 2 years now.] We do however, ONLY email customers who ask to be put on a mailing list. Worst case, if there was an error, they might have to unsubscribe after 1 mailing if there was some confusion - or foul play. [to be honest, in the 2 years of this program so far .. i can only think of 3 instances where someone 'maliciously' signed somone else up by giving us their e-mail. 2 of those cases were rather suspect, as the 'evildooer' also provided us with their correct address, phone, and various other personal info as well .. ]
.. for example .. fill out a gift regestry or other such nonsence, then we use their e-mail address as a userid along with a password as a UID .. [we previously used user defined names and passwords however after some 40,000 calls to our customer service department because people forgot their user ids .. I managed to convince folks that I was right in the first place.]
.. they don't get it.
.. when this program first started a contracter told the marketing department that we would default opt-out people .. with the definition of opt-out meaning that they are not e-mailed. [long story]
.. to adress your last line .. im not perfect, but we don't spam people on *MY* watch here.
.. at some point .. checked a little box on a webform that said 'Yes, please send me more infomation from XXXXXXX' [and they would have had to check it, because by dafault 'no' is checked.
.. but as a company we(even the over entheasutic sales guys) know that to 'win back' a customer who lost faith in our brand could cost thousands and thousands of dollers in 'conventional' advertising campaigns.
No
As for what we do with the e-mail address that we DONT mail to. We track user information. If a user doesn't want to be 'annonymous' and wants to
if the customer [being the person on the website] doesnt say they want it
Sorry for the confusion
These are people who can not install a mouse on their machines without issues. So after awhile it just got easier to 'translate' their definitions.
We also receive e-mail address from product registration cards [believe it or not] that are sent in.
So
Anyone who gets an e-mail from us
We are honestly a very conservative company, with a very strong brand, and know how much that brand can be hurt if it were to be associated with spam tactics and other questionable marketing.
it may take a few hours of development to make sure we don't spam people
At the bottom line, not only is SPAM offensive, but it just doesn't make financial sence.
--Ne auderis delere orbem rigidum meum, non erravi pernicose!
Really? I want a provider that will agree to send me only email that I want. Who are you with? My agreement says that the ISP will deliver messages that are addressed to me.
He told you what he was paying for, not how the service would be provided. If you asked me why I bought flares for my boat, I would tell you that it was for use in an emergency. Would you say "my flares say that they will light any time for anyone who follows the directions. Where do I get some that only work in emergencies?"
I pay the utility company for water. I have a garden hose. I might tell the neighbors where it is in case they need to use it in an emergency. But it doesn't mean that you have a right to come on to my property and help yourself to water from my garden hose just because you found out where the spigot is. Nor does it mean that the utility company should publish information about who has garden hoses and where they are located.
wow .. way to TOTALLY misquote me ..
.. read it a few times.
.. by your final statement :
.. [im even willing to go out on a limb and say the MAJORITY of the spam you get.] you are stating that it is totally random.
.. *NOT* viable advertising. Someone certainly didn't say 'hey .. this guy should get this e-mail because he might BUY something.'
u b mailing list is just a waste of time and bandwith.
.. SOMEWHERE has to pay for.
.01% return on 10,000,000 emails [which is about what they expect last i checked] is NOT a good financial decision.
.. anything for nothing is a profit huh ?
'Advertising is targeted communication with your audiance. Spam is Blind-Monkey-Flailing at anyone who is listening.'
was the full quote
now
'Why do I keep seeing ads that assume I'm a 60 year old woman then?'
You are agreeing with me, which both nullifies your argument, and makes you look the fool. Since the spam you recieve is not even in the NEAR ballpark of your interests
and thus
Its the equlivant of dropping 10,000,000 paper flyers off the empire state building during the macy's day parade or newyears eve - except of course, that would actually cost you money.
Companies do *NOT* inccur costs friviously and stay afloat. Sending a solicitation for athleats foot powder to the international-people-missing-both-legs-running-cl
Bandwith that SOMEONE
If your spam emailers were incurring these costs themselves, this wouldn't even be an issue, because they would have learned long ago that
However, since they are basically thieves and oppurtunists - hey
This puts spammers on the level of folks who try to sell stolen goods out of their trunks downtown.
Not exactly the model business-man
--Ne auderis delere orbem rigidum meum, non erravi pernicose!
There was a study in Wired News a while back that basicly said that the real money in spamming is maintaining and selling lists of e-mail addresses to other spammers.
There are two kinds of fool. One says, This is old, and therefore good. And one says, This is new, and therefore better.
Obviously it did. Otherwise they wouldn't have lost the court case.
If someone is passing you on the right, you are an asshole for driving in the wrong lane.
*What bill? Someone can send me a text message by e-mailing the address associated with my mobile phone. Since text messages can be sent by anyone with e-mail access, there is no viable way for my mobile phone provider to bill them. How the hell is my provider in the U.S. supposed to bill someone in Zimbabwe who e-mails a text message to me?*
that someone is sending a message to non verified message delivery system provided by your telco, and you pay for the privilidge to receive messages that might be sent (for 'free') by anyone in the world.
paying for incoming messages might sound little weird to somebody from a country with civilised telco culture regarding mobile phones and especially sms. you see, we(end users) DON'T pay for incoming sms messages(like we don't pay for incoming calls either, if we can't control it why should we pay for it), we pay for sending out sms messages. this makes owning a mobile phone not so complicated matter(and truly, this is one of the reasons why everybody and their aunt and their kids has mobile phone). and nobody is excepting to make that call to you for 'free'(they know from the prefix exactly what it will cost to them to make that call), and can know the price beforehand(however, if the receiver is 'roaming', that is being abroad, the receiver pays the extra, not the one that initiated the call). services like getting email forwarded to phone come at extra price to the subscriber, as it is, an extra service that the sender can't be billed.
world was created 5 seconds before this post as it is.
I don't know about you, pal, but any cream I put on my penis makes it larger (at least temporarily).
A slippery slope, since somebody will always buy.
I'm not defending spammers. I think the use of open relays, bogus return addresses, joe job return addresses, and the like show simple laws don't work. In an international community the cover of obscurity provides a great place to hide from proscution. Facing that fact, I don't think a simple law in some single country will ever fix the problem. A technical encumberment could be employed to severly limit the effectiveness of a dictionary attack. Think about it. If you had a mailserver or hundreds with only 5K users each and someone started a dictionary attack, It would be simple to have the server purge all mail to all users that matched most of the body of the mail as well as automaticaly real time blacklisting the source IP. Any bulk mailing with a greater than 50% failure rate could block the incomming mail for say 15 days and purge all matching mail from all inboxes. (the way I view it is too much spam makes the server sick and it then vomits the spam overdose and refuses any more un-tasty morsels) If widely implemented, it would be instant death to dictionary attacks.
You would need a serious validated mail list to do anykind of bulk mailing. Subscription lists would have to be regulary purged of stale addresses. Failure to do so would trigger blocks. Most mail lists should be opt in and renewed at least annualy. That would auto purge those who had a troublemaker sign up to a list where you can't unsubscribe.
The truth shall set you free!
Thanks for the clarification. My biggest concern wasn't necessarily what you were doing, but that you didn't know the difference. (Amazing how often that happens in F500 companies, innit? :)
> Sorry for the confusion .. when this program first started a contracter told the marketing department that we would default opt-out people .. with the definition of opt-out meaning that they are not e-mailed. [long story]
Yeah. Frankly, I hate saying "opt-in with closed-loop confirmation".
That used to be just "opt-in", and the closed-loop confirmation was assumed.
Then spammers said "opt-in" meant "I opted you in!"
So we called it "confirmed opt-in" with confirmation, whereupon spammers said "confirmed opt-in means we opted you in and you confirmed you wanted to stay on the list by not replying/clicking to unsubscribe".
Thus, "opt-in with closed-loop confirmation", for the next year or two until the spammers and the DMA redefine that as spam, too. *sigh*
> These are people who can not install a mouse on their machines without issues. So after awhile it just got easier to 'translate' their definitions.
I sympathize. You guys sound like you're doing 99% of the things right, and getting jumped on for it, because guys who aren't doing it right keep changing the definitions in mid-stream.
> to 'win back' a customer who lost faith in our brand could cost thousands and thousands of dollers in 'conventional' advertising campaigns.
>
> At the bottom line, not only is SPAM offensive, but it just doesn't make financial sense.
So true. The sad thing is that none of that had to happen. But the spammers poisoned the well in 1996, and everyone suffers for it.
First, great idea.
"I don't think a simple law in some single country will ever fix the problem."
You are correct but if something like this (spam marking) were implemented in the US (hopefully other countries too) it should alleviate some of the problem. This, in addition to your idea would put a huge dent in the spam business.
Indecision is the key to flexibility.
True enough. But one may logically ask the question whether the ultimate receiver of the said SPAM could turn around and send a bill to the spammer for wasted bandwidth, lost productivity in having to deal with SPAM and even an accounting charge for the CPU time and disk storage necessary for your system to accept, process, filter (if you have one) and ultimately deliver it.
Might be worth thinking about. In fact, SPAM filters might be fitted with routines to do this sort of accounting. Finally, a group of SPAM victims could then get together and launch a class action suit against those individuals and organizations involved in SPAMming.
Then your mailserver must keep a connection open for 5 more seconds than required. Each connection consumes system resources (which resources depends on your OS, but likely candidates are RAM, INODEs, extra connections that count toward the limits set at the OS or MTA level, you get the idea), so you would effectively be hurting your own server.
:-)
This is why some busy websites choose to disable keepalives or set the keepalive timeout to something short like 1 second. If the webserver keeps that connection open while waiting on the user, the resources consumed are more than the resources of creating and destroying that conection. Better to get that connection closed ASAP.
Or did you assume that the spammer would be nice and wait for one attempt to fail before starting the next?
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
But I like messages from friends, family, and business associates. So I give them my address.
Fair enough. The cost of this is that spammers will also send messages. There are other costs, like you have to have a handset, that you need to keep paying to recharge it. Spam is just anothe r one of these little inconveniences.
You seem to feel that spammers have a right to commit a trespass to chattels. They do not. My phone is my property. The service is one for which I pay.
The telephone network is a public resource. You don't want people to "tresspass on chattels", don't connect to it.
The service is one for which I pay. It is up to me to determine who is authorized to send me messages. If I don't explicitly give permission, then they are prohibited from messaging me. If they do, then it's a trespass to chattels.
Yet you willingly subscribe to a service that doesn't give you control over who can and can't call you. And are you seriously saying that if anyone calls anyone they need explicit permission or face criminal charges! I hope I never get a wrong number. This goes against the way most people actually use a phone. The idea is anyone can call anyone. If you don;t like it don;t have a phone.
What bill? Someone can send me a text message by e-mailing the address associated with my mobile phone. Since text messages can be sent by anyone with e-mail access, there is no viable way for my mobile phone provider to bill them.
Of course, an email connection service is a separate feature that should be optional, and should be connected to a proper email service that can block spam.
How the hell is my provider in the U.S. supposed to bill someone in Zimbabwe who e-mails a text message to me?
No, for email based messages, you will have to pay. But if you're going through email, then spam can be blocked. Direct text messages can be billed as long as they come from a service that charges their costomers for making calls (i.e. most of them).
In the U.S., they don't pay to make a local call to me. When there is a charge, it is on their phone bill.
So you are quite happy with receiver pays. Except you're not. You seem to dislike it because it costs you money when spammers send spam. Why not find a network that charges the person making the call? Why is this so unpopular in the US? It is the case for long distance after all.
When i no longer have hope that things can be fixed, then that's when i'll know it's time to leave. I'm discouraged now, but not yet ready to give up. I think that far too many Americans love "America", but don't really hold to heart the ideals upon which this nation was founded. If only they could understand . . . then their patriotism would be more than callous tribalism.
I just got back from a trip to NYC. I went to Liberty Island and remembered that it was recently-reviled France who gave us our most-cherished monument. I have never felt so patriotic as i did while visiting Ellis Island. To see the many different faces, stories, and cultures that are integral to America, that was inspiring. They came not because they loved the material America - the plains and mountains, rivers and forests. Though they saw possibilities there, they came because they loved the idea of America.
That idea has been lost to so many - those who love what they have - the comforts and artifacts of their lives. They want to preserve these things and try to keep them just as they are, not realizing that unless America is constantly growing and adapting in response to the ever-growing and ever-changing world, it is dying.
I do not love the flag. I do not love the President. I do not love the power we wield. I love America - its ideals, its dreams and hopes for itself, and the promise of what it could be.
The only thing necessary for the triumph of evil is that good men do nothing.
The telephone network is a public resource.
My phone is not. The road is a public resource but your driveway is not. Just because something connects to a public resource, one cannot assume that it, too, is public.
And are you seriously saying that if anyone calls anyone they need explicit permission or face criminal charges! I hope I never get a wrong number.
No. I suggest that you look at the tresspass to chattels lawsuits against spammers for a better understanding of this legal principle.
Why is this so unpopular in the US? It is the case for long distance after all.
I'd chalk it up to two things: politeness and business sense.
It seems rude to me to select a plan which forces the sender to pay when most plans do not. It would be like bringing a box of donuts to work and charging your coworkers for them when the coworkers regularly bring in donuts and you eat them for free.
It's also good business sense. If someone can reach me at no cost, then that makes it more likely that they will call me than a competitor. That's why toll-free long distance numbers are so popular for businesses -- receiver pays model.
I say pahtuey (sp?)
x--
You can solve the problem by rigorously enforcing spam traps. If a host mails a spam trap address, quarantine it until a human can review the situation. If you see a bunch of obvious dictionary-type attempts while inspecting the logs, keep the block in place.
Taken to its logical extreme, the dictionary attack lusers will have to spread out their actions across a wide base of hosts - open proxies and such. There are only so many open proxies around, and eventually you will have a good number of them on your quarantine list.
This also works well to stop the situation where spam is sent with a forged address to a never-valid address through a secondary mail exchanger. Normally it would double-bounce to the admin, but this stops it at the border.
Let's face it - most of our MTAs are dumb. They blindly accept things they probably shouldn't. The good news is that some of them support helper programs (like sendmail's milter) that can be used to give it some teeth.