Dictionary Spammer Fined $55,000 for Spam Attack

Lawrence_Bird writes "In a first, a Japanese district court has ordered a spammer to pay restitution to NTT DoCoMo for abuse of their imode system. 'The damage caused by large amounts of e-mail not reaching their destinations should be covered by the sender,' said the judge. The fine is about $55,000 and was based on an estimated cost to NTT of 1.2 yen per undelivered spam ($0.01) for the 4 million spams that were undeliverable. What is most startling is NTT DoCoMo assertion that of the 950 million emails they receive each day, 880 million are not deliverable!"

ALL SPAMMERS SHOULD BE ASSFUCKED WITH CHAINSAWS

n/t

More info

here

sheesh

[Rooked_One]

Just think - becuase of one person, 880 million people didn't get their daily dose of heniti (sp)!

Re:sheesh

Not even close. Hentai, pronounced hen-tie.

Re:sheesh

And youre proud you know this? I had to look it up my god people get a life..

Re:sheesh

Be proud for being a schmuck.

Re:sheesh

Umm, what's wrong with being proud of knowing more than one language?

Re:sheesh

[AndroidCat]

I had to look it up my god people get a life..

You bothered to look it up? We're a lighthouse, your call.

Re:sheesh

Not even close. Hentai, pronounced hen-tie
does hentai mean anything? or is it just a made up word for anime-porn??

Re:sheesh

Don't mix your metaphors before they hatch with a ten foot pole.

Re:sheesh

[3liter914-6]

Hentai is not a made up word for pornographic anime, in fact it's a descriptor. Hentai means perverse or crazy (in a perverse sort of way), it can also be used to describe an old man groping you on the train for instance.

Re:sheesh

[AndroidCat]

I doubt that it qualifies as a metaphor. Probably not even a simile. A drive-by snorting?

Great

[captainclever]

If only there were more rulings like this one, maybe it would make spammers think twice if they knew they could be fined.

I want to see this guy fined per DELIVERABLE message aswell though.

Re:Great

[Rooked_One]

I couldn't agree more. I would bet the only people that like spam either a) have some monetary gain to make off it, or b) like it served with a side of eggs and hash browns.

Re:Great

[qslack]

Shouldn't he be fined for what he did, and not loaded with huge fines just to set an example? The example to set for spammers is that every spammer will be prosecuted. There's no need to ruin the life of one in order to make him an example. Spammers, believe it or not, are people too, and though they made a bad decision they do not deserve to have their lives ruined with gigantic fines.

How would you feel if you were jailed for jaywalking to set an example? People ought to be punished for what they did only.

Re:Great

[N3WBI3]

The fine was based on the $ amount that the company had to absorb per message he sent that was to a bunk address. How is this unfair, they did not even fine him for spam that got through. Im sorry he is using someone elses resources to run his buisness the fine is more than fair..

Re:Great

[will_die]

The problem with fining him for delivered messages, is that NTT DoCoMo is not injured in that case the person who received the message had to pay. So the person injured in this case is the person who received the message and had to 1.2 yen for the message.
Now unless you have something like the USA fax law, you are probably would have hard time winning(IANAL).
Also for your own sake it would take a large amount of messages before it would profitable to collect athat 1.2yen for each message.

Re:Great

That's exactly what they did.

Re:Great

[watzinaneihm]

Don't really get your hopes high.
This happened in Japan and i-Mode is a telephone service for which customers pay for receiving mail, ie not a free service. Note that the judge based the fine on possible revenue losses and not on howmuch docomo actually spent per invalid email (apparently 1.2 yen/mail). So aa similar ruling will leave out free fonemail services, let alone free webbased mail services. IANAL!IANAL!!

Re:Great

[Kierthos]

It's called a punitive fine. It's a "never do this again, and we're making an example of you to others, so they won't do it either". And, just to note, he can always appeal the fine (hmmm... maybe. Not sure how Japanese courts work), and if the appeals court finds that the fine was too high, they can reduce or eliminate it.

Kierthos

Re:Great

[SpaceJunkie]

I am only sorry they didnt fine him for each delivered message. Spammers should first be fined, and possibly jailed for larger offenses. Especially in the case where the receiver will pay for the spam.
They should certainly be prevented from engaging in such trade ever again - and given some stiff reasons not to.
They are people too- so why cant they take responsibility for their actions. Its just governments and large corporations that get to complain about taking responsibility for their actions...

Re:Great

[Eric+Damron]

You assume that the fine is excessive. .01 cent per is probably not excessive.

Everything that we do has consequences, some good and some bad. He chose to use the resources of another in an unauthorized manner. A fine of .01 cent per violation is trivial.

If his life is ruined so be it.

Re:Great

Shouldn't he be fined for what he did, and not loaded with huge fines just to set an example?

Ummm... no.

There's no need to ruin the life of one in order to make him an example

Ummm. yes, there is.

Spammers, believe it or not, are people too,

Ummm... no, they're not.

and though they made a bad decision they do not deserve to have their lives ruined with gigantic fines.

Ummm... yes, they do.

Re:Great

[Black+Perl]

If only there were more rulings like this one, maybe it would make spammers think twice if they knew they could be fined.

Are you kidding? This will encourage more spam. The spammers are saying, "they only got fined $55,000? That's decent ROI. Let's spam DoCoMo!"

Re:Great

[kcelery]

The spammer should be charged, but not fined. Since the spammer will never go away, it a waste of time to ask the sucker to go to hell. Simply bill them. The figures shown these sucker sent out tons of spam to addresses that does not even exist. If the spammer can charge their customer for bogus address, that will be fine provided the spammer share their profit with you.

Re:Great

[buck_wild]

Ummm... that was boring.

Re:Great

[Carlamae]

Man who play with fire get burned spam and eggs.

Re:Great

[buck_wild]

Man who plays with fire gets the hair burned off his ass.

First Spam!!!

First bit of spam in this forum for you.

Good!

[eightball01]

There definately needs to be more rulings like this.

wow

[jbellis]

that's even better than dumping tons of junk snail mail on him!

Re:wow

[abhisarda]

The cost of connecting to the imode service is 300yen[2.5 $]. The cost of sending or receiving a packet of data[128 bytes] is 0.3 yen. Thus the receiver of the spam also ends up paying for it.

"880 million"

[rf0]

I think that it should be clearer that those 880 million are sent to *non-existant* addresses. The slashdot article makes it looks like that their infrastructure can't cope...

Rus

Re:"880 million"

[Omkar]

with the slashdotting?

Re:"880 million"

[Bendy+Chief]

IANA network admin, but wouldn't all that sending put something akin to a huge glut of SMTP traffic on their routers? CPU cycles and bandwidth are hot commodities even if he's not getting what he wants.

Re:"880 million"

[Titusdot+Groan]

Ummm, "not deliverable" is the industry term for email that can not be delivered. A non-existant address is one reason but it could be relay attempts, badly formed headers, etc.

Learn the lingo sonny -- this isn't your grandmother's news site ...

Re:"880 million"

[tomhudson]

It was a "dictionary attack". This means trying all sorts of combinations of common names, words, and numbers (cf: /usr/libcrack*). Almost none of them would be deliverable, as there are no subscribers.

Unfortunately, my cell plan's email addy is my 10-digit phone number+@+my phone company. It's easy for spammers to just send to every possible cellphone number. I would think that they (the cellphone company) would allow you to add either a prefix or suffix to the number, to keep down spam. I guess this is why they don't charge for the first 2500 sms messages received each month - to keep down complaints.

Re:"880 million"

[AndroidCat]

I think it's more the accountants: If those messages had been deliverable, we could have made much money!

Re:"880 million"

-1, Condescending Ummm

Re:"880 million"

[Paradise+Pete]

non-existant...Learn the lingo

Oh the irony.

Re:"880 million"

[Titusdot+Groan]

Huh? The Slashdot editors take enough flak for the mistakes they make without getting flak when they actually get it right, especially when the "correction" get's modded up to 5 ...

Well...

[acehole]

They tried to email the judgement to him but for some reason thiscouldbeyou@riches.await.com kept bouncing...

Nasdaq 5000 Here we come!

At last, a profitable business model for AOL!

good

[REBloomfield]

as someone who recently had an email server relay raped (we didn't think it was accessible to the open, turns out someone had misconfigured it), and knowing full well the time and stress I had to sort it out, this is great news. Although, i'd have preferred five minutes in a sound proof room with a baseball bat, but hey... It's about time people realise that stuff like this has very real consequences...

Re:good

[PerryMason]

...as someone who recently had an email server relay raped

Hmmm. Not to come across too harsh or anything, but you _really_ should test these things. Rather than just assuming that it wasnt "accesible to the open", you should telnet to your mail server and test the possible relay methods, or at the very least, register with abuse.net and let their online tester do the work for you.

As you have no doubt seen, getting a server off ORBS and the like is really a LOT more hassle than testing in the first place. Additionally; as you say "[i]t's about time people realise that stuff like this has very real consequences..." This works both ways. If you don't secure your systems, they _will_ be taken advantage of, and next time it will be Company X suing you for permitting your mail server to be used in spamming them and not just Company X suing the spammer.

Re:good

[REBloomfield]

Very true, and hindsight is a wonderful thing. But since none of the people concerned had ever dealt with mail servers before, it never crossed their minds to test for things like open relays. Or test anything for that matter... But it bl**dy well will now :)

Incidentally, it took around 10 hours before we were found...

Re:good

[fmaxwell]

Once you are pretty sure that you've really tested everything, submit your server to a blacklist that does thorough relay testing. If you really want to play it safe, bring it up on an IP with no MX pointer to it. After they verify that everything is kosher, bring the server live.

I have done this and I have a lot of peace of mind as a result. If my server does somehow get compromised, I have records to show that I've done everything reasonable to assure that it is secure.

Re:good

[orangesquid]

Eh, I tested my server, and it was fine. Then suddenly, email wasn't going or coming, and my mail spooler kept filling up it's filesystem... turned out to be a combination of firewall and squid settings (the *default* settings for squid, though... !!!!) that was being exploited to send spam through my server. I sent lots of complaints to the people responsible after I fixed everything; when that didn't work, I kept going upstream until I found an ISP that cared about the millions and millions of spam that these guys were pushing through my server.

Re:good

But since none of the people concerned had ever dealt with mail servers before, it never crossed their minds to test for things like open relays.

In otherwords, y'all were lusers.

Re:good

Shore were Billy Bob... Yee-haw! Dang, that's some good ol' fashioned comments, ya hear?

Re:good

[Duckie01]

It doesn't need to be a lot of work either... because a nice tool exists which may aid you, and other people even created a website to run the tool for you.

Alternatively, you can telnet to relay-test.mail-abuse.org from the mailserver.

Re:good

[Duckie01]

Or rather this tool, actually, which is for open mail relays. The other one's for proxies. Got those too? Ever bothered checking them?

Mobile phone spammers

[Jesus+IS+the+Devil]

A great ruling!

Basically the spammer was trying to send large amounts of spam to Docomo's mobile phone users. Mobile phone users are charged for receiving emails. Since 1) many of the spammed users don't exist and 2) it was unsolicited commercial email, it only makes sense for the spammer to pay!

I say we should send these morons a one-way ticket to Iraa muahahahaha!!

Re:Mobile phone spammers

What you're saying does, in fact, make that it's not so good.

It means that the spams that did arrive were charged to the recipients, and Docomo just tried to get cash for those that were sent to inexistant addresses too (which actually cost them very little, because no cellular traffic was envolved).

IMNSHO this makes Docomo a big bad money-hungry wolf with less than zero respect for its customers.

The spammer deserves everything he got of course, and if it was my cellphone he spammed I'd happily add a tip. Of my shoe, up his arse.

Re:Mobile phone spammers

"I say we should send these morons a one-way ticket to Iraa muahahahaha!!"

Speaking of morons, where is Iraa?

Damn!

[Bendebecker]

That's why all my emails to goatse.cx aren't getting there!

Re:Damn!

[$rtbl_this]

I think you'll find they're just being blackholed. *rimshot*

Ew. I really wish I hadn't just used the syllable "rim" in that context.

Re:Damn!

Ew. I really wish I hadn't just used the syllable "rim" in that context.

I wish you hadn't used "hole" in that context.

Re:Damn!

You just need to be a bit more flexible....

--
Slow down cowboy!

A great precedent!

[Bvardi]

Now if only more countries would do this kind of thing - recognizing that spam has a financial impact on ISPs and on the end consumer, and that especially mass "dictionary" based attacks to randomly find accounts are the internet equivilent of dropping millions of leaflets from an airplane for advertising purposes. (In which case they'd be rightly charged with littering and other offences.)

Plus they got zapped for undelivered email - avoids the whole "opt in/opt out" argument (difficult to prove always that someone didn't accidentally "opt in" at SOME point and you KNOW the spammer is going to claim that they did) AND it also is likely far more costly than targetted spam attacks. (If you send to a 90 percent valid email list chances are you are sending to a few hundred thousand addresses. You do a dictionary attack you are sending to MILLIONS of addresses... which would you rather see them get charged cash for?)

It's a good start if you ask me (though of course part of me thinks that locking them in a small room with one angry ferret per 1000 emails would be a good way too... but that might be going too far. Probably. I mean, think of the poor ferrets?)

Bvardi

Re:A great precedent!

[SpaceJunkie]

[SNIP!]quivilent of dropping millions of leaflets from an airplane for advertising purposes.[/SNIP!]
playing devils advocate again - but isnt that exactly what is being used for coelition propaganda, and wasnt this also used in afgan?
After the humanitarian crisis, someones gonna have to clear away all those damn leaflets..

Re:A great precedent!

[phorm]

Probably. I mean, think of the poor ferrets

How about something more like a reality-TV show? For every 100/1000 spams sent... they spend one day on a deserted island. The island has water... but little food.

Eventually... we can wait until they turn on each other, or start suffering from malnutrition, whatever.

Disclaimer: I strongly dislike "reality TV", but I'd buy a dish and PPV just to see a bunch of miserable spammers shipped to some godforsaken remote destination

Re:A great precedent!

[override11]

Thats why I dont understand why ISP's dont get more involved in fighting SPAM, its costing THEM money. You would think that a big backbone like UUNET would spend a chunk of change to create 100% accurate filters and be pro-active on blocking out this bull-crap. It would only benifit them down the road.

It would even waggle the magic word 'ROI' in front of the exec's, so why isnt it happening yet??

Re:A great precedent!

[Dirtside]

Because it's not possible.

100% accurate filters? It's possible to have software that's pretty damn good, but the best filter is a sentient human, and even they aren't 100%. Nonintelligent software cannot adapt the way humans can; when the spammers think up new ways to disguise their email, the software isn't going to adapt itself. Only when (if) we have sentient, general-purpose AIs will we be able to have something that's close enough to 100% so that we can leave it running and never have to maintain it... except that it'll probably get bored, as intelligences do.

At any rate, it doesn't cost UUnet anything for the spam. They're paid for the bandwidth by other ISPs who lease or connect to their lines; they don't give a rat's ass what kind of data is sent. It's the downstream ISPs, the ones who actually run mail servers, that care.

Re:A great precedent!

"Disclaimer: I strongly dislike "reality TV", but I'd buy a dish and PPV just to see a bunch of miserable spammers shipped to some godforsaken remote destination."

Sounds like a FOX show to me...

Maybe this is the method need for spam control

[electro_mike]

I have heard about people suggesting of putting a price per email for sending, However, It seams that it would be better to just charge for undeleverable email, Which is rare for a casual user to have undeleverable mail anyway.

Re:Maybe this is the method need for spam control

[SunPin]

Good idea. While I get maybe 10 undeliverable per month, I'd still push for the idea. The problem, at least in the US, is that paid email will potentially run afoul of antitrust laws.

Paid undeliverable outgoing mail, however, might just work. It doesn't require the collaboration of other companies in a cartel-type form. While it doesn't require cooperation, it does require a giant like AOL to implement it before everyone else will follow.

There is precedent for stuff like this. In video games, EA took the first step in making smaller boxes for retail shelves. Within three months, everyone else followed. Almost a year later, you can't find an 8x11 or larger box anywhere.

Re:Maybe this is the method need for spam control

the small boxes are 14y+ old innovation

Congratulations on your most worthy FP

Assmunch.

Not deliverable? How about, not readable!

[dsplat]

Of the dozens of spam messages I get every day, at least 20% of them are unreadable. I'm not counting the ones that are in languages that I don't know. I'm talking about the ones that are sent in an encoding that isn't properly reflected in the headers. Then there are the ones that are in such poorly formatted HTML that they just won't display.

They only have themslves to blame

[91degrees]

The "spammer" has a legitimate business activity. You may not like it, but he has a right to advertise. If you don't want to receive his advertisements, then stop being so tight fisted and get some blocking software.

All this company had to do was publically list all valid email addresses. Then the spammer would be able to read that, and only send to names on the list. This would benefit both parties, due to there being fewer lost emails for DoCoMo, and the advertiser would be sure that every one of his messages went to a valid account. This way everyone wins.

Re:They only have themslves to blame

[RembrandtX]

Do you like telemarketers too ?

Sending unsolicited e-mail is NOT a legitimate business practice. Sending unsolicited e-mail is closer to harassment than it is to legitimate communication.

If your theory held, then people wouldn't get spammed with crap like penis/breast enlarging cream, ugoslavian tractor deals, or offers to become ordained ministers - they would get spam about things that INTERESTED THEM, 100% of the time.

You are confusing the issue, by assuming that all businesses have a right to free (as in beer) advertising, which as common sence dictates, is totally 180 from the true.

I work for a fortune 500. We send e-mail. We ONLY send email to folks who have opted into our mailing lists (by default, we are, across the board, and opt-out company - meaning we will assume you wanted to opt-out before we send you a lick of e-mail.)

One important nugget of info you glossed over in advertsising is the basic concept of 'target'. We make power tools, as a result, we normally do NOT advertise in .. lets say .. Cosmo Magazine, or Mother Earth News etc.

We follow the same practices with e-mail we send. Believe it or not, I actually DOES cost money to send bulk e-mail. As much as a TV ad ? no, but it still costs money, and as anyone who ever worked for big business can tell you - coming across ANY money is not always easy.

So, my long rambling has this point : Advertising is targeted communication with your audiance. Spam is Blind-Monkey-Flailing at anyone who is listening.

Saying that Spam is advertising, is like saying that the Homeless-Eveangelist-Guy who shouts about the *End of the World*(tm) in the middle of Times Square - is actually the pope.

Re:They only have themslves to blame

[grondu]

The "spammer" has a legitimate business activity.

I'm operating on the same business model as the spammer, so you have to pay for this reply.

Re:They only have themslves to blame

[91degrees]

Do you like telemarketers too ?

I hate them. I also hate tightfisted pwople. I do accept they have ar right to exist though

If your theory held, then people wouldn't get spammed with crap like penis/breast enlarging cream, ugoslavian tractor deals, or offers to become ordained ministers - they would get spam about things that INTERESTED THEM, 100% of the time.

No other advertising is 100% accurately targetted.

You are confusing the issue, by assuming that all businesses have a right to free (as in beer) advertising, which as common sence dictates, is totally 180 from the true.

They are free to use whatever sources are available. If this is email, then they are free to use it.

I work for a fortune 500. We send e-mail. We ONLY send email to folks who have opted into our mailing lists (by default, we are, across the board, and opt-out company - meaning we will assume you wanted to opt-out before we send you a lick of e-mail.)

That's nice. Doesn't mean everyone else has to.

So, my long rambling has this point : Advertising is targeted communication with your audiance.

Why do I keep seeing ads that assume I'm a 60 year old woman then?

Re:They only have themslves to blame

[91degrees]

I'm operating on the same business model as the spammer, so you have to pay for this reply.

No I don't. slashdot provides it for free. I would have to if I subscribed.

Re:They only have themslves to blame

[spickus]

"You may not like it, but he has a right to advertise."

Spammers have the right to conduct their business if they follow local laws. He did not, I dare say most do not.

"If you don't want to receive his advertisements, then stop being so tight fisted and get some blocking software."

Every person who uses email should spend money to stop UNWANTED UCE's? That seems a bit ridiculous. What blocking software would you recommend to the ISP that got stuck with all the undeliverable mail?

I would like to see (it will never happen), legislation requiring all UCE's to contain a single unique identifier that may not be obscured in any way shape or form that would allow this garbage to be filtered at the ISP by customer request.

"All this company had to do was publically list all valid email addresses."

I don't want my email address listed in any such list and I should not have to "opt-out" of any such list. Are you in the SPAM business?

Re:They only have themslves to blame

The "spammer" has a legitimate business activity.

Yeah, so do dope dealers.

Re:They only have themslves to blame

Spam sux, Hamburgers rule.

Seriously, Spam is a loop hole, and it's heavily exploited. All loop holes in the old postal system have been removed and laws cover them. Consider the old "1/2 stamp trick" or the same "forward and reverse address with no postage" All of these are loopholes which our Govt closed. Fuck the spammers, they are criminals as I see it. Who opens this shit anyways? What's the point? What are they gaining?

Re:They only have themslves to blame

[spickus]

"Who opens this shit anyways? What's the point? What are they gaining?"

I understand that the spammers send so many of these emails that even with an incredibly low response rate, they make money. I could open a business and make money too if I could use everyone else resources.

Re:They only have themslves to blame

We follow the same practices with e-mail we send. Believe it or not, I actually DOES cost money to send bulk e-mail. As much as a TV ad ? no, but it still costs money, and as anyone who ever worked for big business can tell you - coming across ANY money is not always easy.

It certainly costs a sender some money to send email. You need a cheap P3 to send 60k messages per day, a DB to manage your list, some bandwidth, a unsubscribe mechanism, and content. Of these (pretty trivial) costs, content is by far and away the most expensive. The real point is that the receiver has to pay to receive potentially every sender on the planet's mail, while the sender effectively only has to pay the content cost.

Re:They only have themslves to blame

[Tackhead]

> I work for a fortune 500. We send e-mail. We ONLY send email to folks who have opted into our mailing lists (by default, we are, across the board, and opt-out company - meaning we will assume you wanted to opt-out before we send you a lick of e-mail.)

*blink*

Your marketing department needs a dictionary :-) The term "opt-out" typically means "We add anything with an @ sign in it to the mailing list, and we spam the bejeezus it until it begs to be removed, and we might continue to spam it later." As such, saying you're opt-out-by-default raises a lot of hackles, even if it's not what you mean.

What - precisely - do you mean when you say "we will assume you wanted to opt-out before we send you a lick of e-mail"? Taking that assumption at face value, I wonder WTF you plan to do with these email addresses, since you're never gonna send mail to 'em? :-)

If you mean that you get an email address from, say, a web form, and verify that the submitter of that email address does indeed want the mailing, you're doing closed-loop confirmed opt-in (that is, if you're doing this, and that's great.

If you mean anything less than opt-in with closed-loop confirmation, (say, something along the lines of "$FORD is cool! This is a one-time mailing to people who like cars! Honest! If you don't wanna hear from us again, you don't have to unsubscribe, we've already opted you out, you'll never get another mailing for $FORD from us again, at least until next week when $DAIMLERCHRYSLER pays us to run their ad!"), then, well... FOAD.

In a perfect world, I'd be able to give you the benefit of the doubt and assume you're doing the right thing. Sadly, it is an imperfect world. What you wrote was sufficiently ambiguous that while I'm willing to believe you might be doing the right thing, I'm just as willing to believe you're spamming, and using some sort of weasel wording to assuage your conscience, deceive your customers (the people on whose behalf you send the mail), or both.

Re:They only have themslves to blame

[RembrandtX]

Sorry , there is much confusion in house as to what these things are called.

No .. we do not use a closed loop confirmation at the moment [but trust me .. I have been fighting for it for about 2 years now.] We do however, ONLY email customers who ask to be put on a mailing list. Worst case, if there was an error, they might have to unsubscribe after 1 mailing if there was some confusion - or foul play. [to be honest, in the 2 years of this program so far .. i can only think of 3 instances where someone 'maliciously' signed somone else up by giving us their e-mail. 2 of those cases were rather suspect, as the 'evildooer' also provided us with their correct address, phone, and various other personal info as well .. ]

As for what we do with the e-mail address that we DONT mail to. We track user information. If a user doesn't want to be 'annonymous' and wants to .. for example .. fill out a gift regestry or other such nonsence, then we use their e-mail address as a userid along with a password as a UID .. [we previously used user defined names and passwords however after some 40,000 calls to our customer service department because people forgot their user ids .. I managed to convince folks that I was right in the first place.]

if the customer [being the person on the website] doesnt say they want it .. they don't get it.

Sorry for the confusion .. when this program first started a contracter told the marketing department that we would default opt-out people .. with the definition of opt-out meaning that they are not e-mailed. [long story]

These are people who can not install a mouse on their machines without issues. So after awhile it just got easier to 'translate' their definitions.

We also receive e-mail address from product registration cards [believe it or not] that are sent in.

So .. to adress your last line .. im not perfect, but we don't spam people on *MY* watch here.

Anyone who gets an e-mail from us .. at some point .. checked a little box on a webform that said 'Yes, please send me more infomation from XXXXXXX' [and they would have had to check it, because by dafault 'no' is checked.

We are honestly a very conservative company, with a very strong brand, and know how much that brand can be hurt if it were to be associated with spam tactics and other questionable marketing.

it may take a few hours of development to make sure we don't spam people .. but as a company we(even the over entheasutic sales guys) know that to 'win back' a customer who lost faith in our brand could cost thousands and thousands of dollers in 'conventional' advertising campaigns.

At the bottom line, not only is SPAM offensive, but it just doesn't make financial sence.

Re:They only have themslves to blame

[RembrandtX]

wow .. way to TOTALLY misquote me ..

'Advertising is targeted communication with your audiance. Spam is Blind-Monkey-Flailing at anyone who is listening.'

was the full quote .. read it a few times.

now .. by your final statement :
'Why do I keep seeing ads that assume I'm a 60 year old woman then?'

You are agreeing with me, which both nullifies your argument, and makes you look the fool. Since the spam you recieve is not even in the NEAR ballpark of your interests .. [im even willing to go out on a limb and say the MAJORITY of the spam you get.] you are stating that it is totally random.

and thus .. *NOT* viable advertising. Someone certainly didn't say 'hey .. this guy should get this e-mail because he might BUY something.'

Its the equlivant of dropping 10,000,000 paper flyers off the empire state building during the macy's day parade or newyears eve - except of course, that would actually cost you money.

Companies do *NOT* inccur costs friviously and stay afloat. Sending a solicitation for athleats foot powder to the international-people-missing-both-legs-running-clu b mailing list is just a waste of time and bandwith.

Bandwith that SOMEONE .. SOMEWHERE has to pay for.

If your spam emailers were incurring these costs themselves, this wouldn't even be an issue, because they would have learned long ago that .01% return on 10,000,000 emails [which is about what they expect last i checked] is NOT a good financial decision.

However, since they are basically thieves and oppurtunists - hey .. anything for nothing is a profit huh ?

This puts spammers on the level of folks who try to sell stolen goods out of their trunks downtown.

Not exactly the model business-man

Re:They only have themslves to blame

[Johnny+Fusion]

There was a study in Wired News a while back that basicly said that the real money in spamming is maintaining and selling lists of e-mail addresses to other spammers.

Re:They only have themslves to blame

penis/breast enlarging cream

I don't know about you, pal, but any cream I put on my penis makes it larger (at least temporarily).

Re:They only have themslves to blame

[Tackhead]

> No .. we do not use a closed loop confirmation at the moment [but trust me .. I have been fighting for it for about 2 years now.]

Thanks for the clarification. My biggest concern wasn't necessarily what you were doing, but that you didn't know the difference. (Amazing how often that happens in F500 companies, innit? :)

> Sorry for the confusion .. when this program first started a contracter told the marketing department that we would default opt-out people .. with the definition of opt-out meaning that they are not e-mailed. [long story]

Yeah. Frankly, I hate saying "opt-in with closed-loop confirmation".

That used to be just "opt-in", and the closed-loop confirmation was assumed.

Then spammers said "opt-in" meant "I opted you in!"

So we called it "confirmed opt-in" with confirmation, whereupon spammers said "confirmed opt-in means we opted you in and you confirmed you wanted to stay on the list by not replying/clicking to unsubscribe".

Thus, "opt-in with closed-loop confirmation", for the next year or two until the spammers and the DMA redefine that as spam, too. *sigh*

> These are people who can not install a mouse on their machines without issues. So after awhile it just got easier to 'translate' their definitions.

I sympathize. You guys sound like you're doing 99% of the things right, and getting jumped on for it, because guys who aren't doing it right keep changing the definitions in mid-stream.

> to 'win back' a customer who lost faith in our brand could cost thousands and thousands of dollers in 'conventional' advertising campaigns.
>
> At the bottom line, not only is SPAM offensive, but it just doesn't make financial sense.

So true. The sad thing is that none of that had to happen. But the spammers poisoned the well in 1996, and everyone suffers for it.

Not on slashdot

[XCondE]

I long for the day those fines are so common they don't even make it to /.

Re:Not on slashdot

[ramzak2k]

I long for the day those fines are so common they don't even make it to /. I wouldnt hold my breath on that, even if that happens we would still have reposts.

Undeliverable SPAM = DOS attack....

[ProzacGod]

That has a nice ring to it here in the states.. It makes perfect sense. I wished I had thought of it first...

Let the lawsuits begin!

-ProzacGod

MOD PARENT DOWN AS A "FUCKING MORON"

I have to pay for someone elses shit showing up on my cell phone ($.02/message), or have to pay for bandwidth download messages ($1.50/min via satellite phone connection). So fuck the SPAMMER, he can send me all the advertising me wants as long as he reimburses me for bandwidth, time, wear-and-tear, etc. costs. People like you are fuckwits and should be shot for those ideas.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[91degrees]

You chose to have a phone. You knew the risks when you signed up. It's your choice whether to pay for these messages, not mine.

If you don't like paying for it, find a provider that doesn't charge you to receive a message. If none of them offer this, cancel the contract and tell them why.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

Righttttttt. So you are gonna tell me some made up shit about not owning a house too right? How about this... lets try houses and being robbed.

"You chose [sic] to have a house. You knew the risks when you bought it. It's your choice whether to be robbed, not mine. If you don't like being robbed, find a better police department. If none offer this, cancel your house and live on the street."

Fuckers like you amaze me. I never thought it was *MY* job to police people willingly and knowingly abusing my property. You must not come out of that basement of yours often. Get some sun on that pale-white-ass of yours and see how the real world is.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[91degrees]

Robbery involves my property going to the criminal. Text messaging involves my money going to a third party. The spammer isn't going to get a penny of that. The phone company is. This is just reward for providing a service that I requested - the delivery of all calls that are sent to me.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

What the difference between my property being taken by the person directly or indirectly? In the end, I am the one paying for it. SO FUCK YOU BITCH.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

You chose [sic]

Why the "[sic]"? "Chose" is the correct word; it is the past tense of "to choose".

Example: I went into a shop and chose a new phone.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[Steve+B]

Parent has already been deservedly modded down to "-1, Troll" (though this is one of those cases that calls for options such as "-1, Moron" or "-1, Sleazebag", depending on whether he is defending spamming because he doesn't know any better or because he does it himself).

However, the author has dropped several other equally deserving trolls onto this thread, and has not yet recieved his due for those from the moderators....

Re:MOD PARENT DOWN AS A "FUCKING MORON"

There really should be a "-1 Stupid" option, but there isn't.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[91degrees]

Note to moderators - You should focus on modding up good posts, rather than modding down posts you disagree with.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

This 91degrees person is probably a spammer himself, or he wouldn't defend them.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

And you should focus on not spamming anyone. Yeah that's right, I do believe to 99% that you are a spammer, or that you LOVE spam.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[91degrees]

I agree with this guy

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[spickus]

"You chose to have a phone. You knew the risks when you signed up. It's your choice whether to pay for these messages, not mine."

I can only hope that one day you smoke a turd in hell.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[91degrees]

Yeah that's right, I do believe to 99% that you are a spammer, or that you LOVE spam.

Well, you're wrong then. I don't love spam. I don't love SUV's either. I simply choose not to buy an SUV, or any car from a company that targets these things to the general public. I don't love the exploitation of workers in third world coutries, which is why I make sure I only buy products that I can be reasonably sure are exploitation free.

I just happen to like the free market.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

And I choose not to be spammed. However, spammers doesn't seem to agree with my policy.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[91degrees]

It's not your choice. It's theirs. Simply don't buy from spammers if it means that much to you. If nobody buys from them then they will go out of business.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[elflord]

It's not your choice. It's theirs.

Bullshit. The right to swihng your arms around ends where my face starts. There is a right to speech, but there is also a right not to listen. Sorry, if I don't want to listen to you, you don't have a right to scream in my face.

The problem is that spammers go out of their way to avoid having their emails screened out. They don't have the right to FORCE their crap down my throat, but they go out of their way to forcefeed their shit to the recipients, by deliberately going out of their way to evade filters. They evade filters by concealing their identity and forging headers (and act of mail fraud), and going out of their way to disguise the subject line of the message. Basically, spammers use DECEIPT to FORCE their crap into users inboxes, and I don't see how you can sit there and argue that such dishonesty and rudeness is morally defensible.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[Technician]

So, how much money is the wireless carrier loosing when the customers either drop messaging, or drop the service entirely and opt for voice only phone service? UCE to phones with a cost per message would have me think about the service if I had to pay for all my incomming spam. I would look for the carrier that required the sender to use a PIN with the message to have it delivered. A carrier with a wide open e-mail box that gladly accepts spam from anybody and charges me for it would quickly loose my business.

Either the spamming of phones has to be curtailed, or the client will have to be modified to be much less open to anybody. Increasing spam abuse with the current system will kill it as a communications option.

This is the problem large ISP's are having now. They are big enough to attract way too many dictionary attacks. They are being dropped for cheaper local ISP's that are much smaller spam targets. I love a small ISP. I can still use a firstname@domain that I have had for years and my spam level is still much lower than my valid mail. (1-5 spams per week) My dad on a 6 month old MSN with a namenumber@MSN which does not fare nearly as well. He had spam before he sent his first e-mail. They are a dictionary attack target. I think the solution to the dictionary attack is limit the number of e-mail addresses per domain to 5-10,000. Break up all the AOL, MSN, Yahoo, etc mailboxes to other mail domains so dictionary attacks would be very non-productive. MSN mail would then start to look like bobfam246@mailproxy2535msn.com. Having a bunch of small reginal mail domains is the ticket to resisting a dictionary attack.

Re:MOD PARENT DOWN AS A "FUCKING MORON"

[spickus]

Very good points and possibly a good solution but I believe the spammers will just target all of the smaller mail domains with little extra effort.
Spam will never go away. Most people don't want it. Wouldn't it be nice if all UCE's were required to be marked in a very plain and simple manner AND this marking must not be obscured, altered or omitted. Mail could be filtered at the ISP level at the customers request. If this were to come about people who omitted or altered this mark or circumvented filtering in any way could be prosecuted (or at least the originating domains blacklisted). I'm willing to bet that "spam free" mail servers would spring up everywhere. Mail servers everywhere would begin to refuse to deliver any marked as spam mail. Do you disagree with the court's ruling? Or are you just defending other bulk emailers right to do business?

Re:MOD PARENT DOWN AS A "FUCKING MORON"

A slippery slope, since somebody will always buy.

Re:ALL SPAMERS SHOULD BE ASSFUCKED WITH CHAINSAWS

father?

Uh...

>

Blocking software for a mobile phone?

You are aware, I trust, that the email clients for these phones are built in, and cannot really be user modified, right?

>

You mean, like, the phone book?

Nooo!

[Raul654]

I can't live without seeing my daily share of tentacle rape! Whatever will I do?

BAWAHAHAHAHA... YOUR STUPID ASS GOT MODDED

yeah, moderators have a right to exist, BITCH!

Dictionary Spam = DoS Attack

[Michael_Burton]

This kind of mass mailing should be treated the same as a deliberate denial of service attack. Dictionary spammers tie up target servers without any reasonable expectation that most messages will reach an actual user. It is a consciously malicious act, and should result in criminal penalties, including prison time.

Re:Dictionary Spam = DoS Attack

[ShadowDrake]

>Dictionary spammers tie up target servers without >any reasonable expectation that most messages will >reach an actual user

Not quite. a DoS has NO intention whatsoever of having the messages get to valid users. This had a small hope of it. Moreover, the intent to make the service unavailable for others wasn't there.

Re:Dictionary Spam = DoS Attack

"Not quite. a DoS has NO intention whatsoever of having the messages get to valid users. This had a small hope of it. Moreover, the intent to make the service unavailable for others wasn't there."

Nonetheless, the spammer should have his nutsack sliced off.

Sanchez, is your cleaning procedure running?

[Joe+the+Lesser]

DoCoMo investigations found that about 950 million e-mails are sent to i-mode users each day, but about 880 million of these are sent to addresses that do not exist.

[lounge]
Now that's what I call a lazy database admin!
*rimshot*
[/lounge]

In related news........

[dracken]

Japan has sued the peoples republic of china for 10 trillion dollars - the chineese government says that they were just pursuing japaneese ad makers

The difference is choice

[91degrees]

I choose whether or not to receive messages. The choice is all or nothing, but I have that choice. If I want to receive messages I want I have to get messages I don't. The company provides the service if and only if I ask for it. If I ask for it, I pay for it.

Re:The difference is choice

[fmaxwell]

You are so fucking clueless that I'm exasperated.

Why should some spammer get to steal your money? It's your choice who you give your number/address to. It's your service, you pay for it, and you decide to whom you give the number/address.

If I want to receive messages I want I have to get messages I don't.

Why? Tell me why you have to get messages that you don't want. What was it in the contract that said "random third parties will be legally permitted to send you ads at your expense"?

You pay for a phone, I assume, or your mommy and daddy do. Do you think that each person on Slashdot has a right to call you on that phone, day or night, and tell you what an idiot they think you are? If so, what's the phone number.

Re:The difference is choice

[91degrees]

Why should some spammer get to steal your money?

They'r not. The money goes to the telephoj company. If you don't like that find a provider that doesn't charge you to receive messages

Why? Tell me why you have to get messages that you don't want. What was it in the contract that said "random third parties will be legally permitted to send you ads at your expense"?

It's implicit. The phone company would be in breach of contract if they didn't deliver the message. If you have a problem with this, get a better contract.

You pay for a phone, I assume, or your mommy and daddy do. Do you think that each person on Slashdot has a right to call you on that phone, day or night, and tell you what an idiot they think you are? If so, what's the phone number.

+44 209 993 243

Re:The difference is choice

[fmaxwell]

They'r not. The money goes to the telephoj company.

Yes, they are. When they send their ad "postage due", they are stealing your money to pay for the delivery.

If you don't like that find a provider that doesn't charge you to receive messages

There is none. It costs the provider money to deliver the message and they charge the users.

It's implicit. The phone company would be in breach of contract if they didn't deliver the message. If you have a problem with this, get a better contract.

No, it is not implicit. Why would they offer an "unlisted number" service if that was the case?

And where do you find such fairy-land contracts as you keep making up?

Re:The difference is choice

[91degrees]

When they send their ad "postage due", they are stealing your money to pay for the delivery.

Refuse delivery then. Nobody is forcing you to receive the ad. Just reject any message that you are charged for.

There is none. It costs the provider money to deliver the message and they charge the users.

This is because people are willing to pay for this service. It would be just as viable a business model for the telephone companies to charge the sender.

No, it is not implicit. Why would they offer an "unlisted number" service if that was the case?

There's your better contract. Go for an unlisted number.

And where do you find such fairy-land contracts as you keep making up?

What, you mean the ones that don;t charge you to receive messages? Every contry except the US.

Re:The difference is choice

Actually, there are wireless providers that do allow you to receive messages no charge. Rogers AT&T Wireless (Canada) is one.

Re:The difference is choice

[fmaxwell]

Refuse delivery then.

How? How do I refuse delivery of a text message?

It would be just as viable a business model for the telephone companies to charge the sender.

No it would not. There would be the costs associated with processing credit cards, getting the sender to agree to a click-thru contract, etc. And the sender could not just send to an e-mail address like they can now. There is also the issue of professionalism. It looks very unprofessional to have a colleague, client, or employer pay to send you a message.

There's your better contract. Go for an unlisted number.

Did you even read the article? The spammer used a dictionary attack. It doesn't matter if your number/address is listed or not if the spammer hits it during a dictionary attack.

What, you mean the ones that don;t charge you to receive messages? Every contry except the US

So all I have to do is emigrate from the U.S. to some foreign country, leaving friends, family, and job behind and then I can get a phone with free, unlimited text messaging -- so that I can receive spam for free. Yeah, good thinking.

Re:The difference is choice

[91degrees]

How? How do I refuse delivery of a text message?

By refusing to pay for a service that sends you text messages in exchange for a fee. You don't know what's in a receiver paid-for letter before you pay for it

No it would not. There would be the costs associated with processing credit cards, getting the sender to agree to a click-thru contract, etc....It looks very unprofessional to have a colleague, client, or employer pay to send you a message.

Yikes! Talk about over-complicating matters. How about simply charging it to their bill. People don't object to paying to call you on the telephone or fax, why wll they object to paying to send any other message?

Did you even read the article? The spammer used a dictionary attack.

Did you read my comment? I said that it was the company's fault for forcing the spammer to use a dictionary attack. If they didn't want them to do this, they should have supplied the addresses. If you don't want that, you go unlisted.

So all I have to do is emigrate from the U.S. to some foreign country,

If it means that much to you, yes. Alternatively, you could ask the telephone company to implement a similar billing method, and point to every other country to prove that this is viable.

My point was that charging the sender works everywhere else.

Re:The difference is choice

[fmaxwell]

By refusing to pay for a service that sends you text messages in exchange for a fee.

But I like messages from friends, family, and business associates. So I give them my address. You seem to feel that spammers have a right to commit a trespass to chattels. They do not. My phone is my property. The service is one for which I pay. It is up to me to determine who is authorized to send me messages. If I don't explicitly give permission, then they are prohibited from messaging me. If they do, then it's a trespass to chattels.

Yikes! Talk about over-complicating matters. How about simply charging it to their bill.

What bill? Someone can send me a text message by e-mailing the address associated with my mobile phone. Since text messages can be sent by anyone with e-mail access, there is no viable way for my mobile phone provider to bill them. How the hell is my provider in the U.S. supposed to bill someone in Zimbabwe who e-mails a text message to me?

People don't object to paying to call you on the telephone or fax, why wll they object to paying to send any other message?

In the U.S., they don't pay to make a local call to me. When there is a charge, it is on their phone bill.

I said that it was the company's fault for forcing the spammer to use a dictionary attack. If they didn't want them to do this, they should have supplied the addresses.

Why should they assist spammers who are pissing off their customers? That's absurd. It's like saying that car dealers should provide keys to people who want to joyride in your car.

Re:The difference is choice

[gl4ss]

*What bill? Someone can send me a text message by e-mailing the address associated with my mobile phone. Since text messages can be sent by anyone with e-mail access, there is no viable way for my mobile phone provider to bill them. How the hell is my provider in the U.S. supposed to bill someone in Zimbabwe who e-mails a text message to me?*

that someone is sending a message to non verified message delivery system provided by your telco, and you pay for the privilidge to receive messages that might be sent (for 'free') by anyone in the world.

paying for incoming messages might sound little weird to somebody from a country with civilised telco culture regarding mobile phones and especially sms. you see, we(end users) DON'T pay for incoming sms messages(like we don't pay for incoming calls either, if we can't control it why should we pay for it), we pay for sending out sms messages. this makes owning a mobile phone not so complicated matter(and truly, this is one of the reasons why everybody and their aunt and their kids has mobile phone). and nobody is excepting to make that call to you for 'free'(they know from the prefix exactly what it will cost to them to make that call), and can know the price beforehand(however, if the receiver is 'roaming', that is being abroad, the receiver pays the extra, not the one that initiated the call). services like getting email forwarded to phone come at extra price to the subscriber, as it is, an extra service that the sender can't be billed.

Re:The difference is choice

[91degrees]

But I like messages from friends, family, and business associates. So I give them my address.

Fair enough. The cost of this is that spammers will also send messages. There are other costs, like you have to have a handset, that you need to keep paying to recharge it. Spam is just anothe r one of these little inconveniences.

You seem to feel that spammers have a right to commit a trespass to chattels. They do not. My phone is my property. The service is one for which I pay.

The telephone network is a public resource. You don't want people to "tresspass on chattels", don't connect to it.

The service is one for which I pay. It is up to me to determine who is authorized to send me messages. If I don't explicitly give permission, then they are prohibited from messaging me. If they do, then it's a trespass to chattels.

Yet you willingly subscribe to a service that doesn't give you control over who can and can't call you. And are you seriously saying that if anyone calls anyone they need explicit permission or face criminal charges! I hope I never get a wrong number. This goes against the way most people actually use a phone. The idea is anyone can call anyone. If you don;t like it don;t have a phone.

What bill? Someone can send me a text message by e-mailing the address associated with my mobile phone. Since text messages can be sent by anyone with e-mail access, there is no viable way for my mobile phone provider to bill them.

Of course, an email connection service is a separate feature that should be optional, and should be connected to a proper email service that can block spam.

How the hell is my provider in the U.S. supposed to bill someone in Zimbabwe who e-mails a text message to me?

No, for email based messages, you will have to pay. But if you're going through email, then spam can be blocked. Direct text messages can be billed as long as they come from a service that charges their costomers for making calls (i.e. most of them).

In the U.S., they don't pay to make a local call to me. When there is a charge, it is on their phone bill.

So you are quite happy with receiver pays. Except you're not. You seem to dislike it because it costs you money when spammers send spam. Why not find a network that charges the person making the call? Why is this so unpopular in the US? It is the case for long distance after all.

Re:The difference is choice

[fmaxwell]

The telephone network is a public resource.

My phone is not. The road is a public resource but your driveway is not. Just because something connects to a public resource, one cannot assume that it, too, is public.

And are you seriously saying that if anyone calls anyone they need explicit permission or face criminal charges! I hope I never get a wrong number.

No. I suggest that you look at the tresspass to chattels lawsuits against spammers for a better understanding of this legal principle.

Why is this so unpopular in the US? It is the case for long distance after all.

I'd chalk it up to two things: politeness and business sense.

It seems rude to me to select a plan which forces the sender to pay when most plans do not. It would be like bringing a box of donuts to work and charging your coworkers for them when the coworkers regularly bring in donuts and you eat them for free.

It's also good business sense. If someone can reach me at no cost, then that makes it more likely that they will call me than a competitor. That's why toll-free long distance numbers are so popular for businesses -- receiver pays model.

ARE YOU ON DRUGS?

[fmaxwell]

The "spammer" has a legitimate business activity. You may not like it, but he has a right to advertise.

If that's how you feel, then I'm going to advertise my auto glass service by tying an ad to a brick and throwing it through your car's windshield.

If you don't want to receive his advertisements, then stop being so tight fisted and get some blocking software.

If you don't want to receive my ad-bricks, then quit being so tight fisted and get a garage.

All this company had to do was publically list all valid email addresses. Then the spammer would be able to read that, and only send to names on the list. This would benefit both parties, due to there being fewer lost emails for DoCoMo, and the advertiser would be sure that every one of his messages went to a valid account. This way everyone wins.

Just how does some guy "win" when his cell phone is spammed? How does he win when it wakes him up at 2:30AM to tell him about herbal viagra, multi-level marketing schemes, or "miracle" diets? How does he win when he is billed several dollars a month to receive the ads? How does he win when he can't have his phone turned on because it announces a new spam ever 26.3 seconds?

What a fucktard you are.

Re:ARE YOU ON DRUGS?

[91degrees]

If that's how you feel, then I'm going to advertise my auto glass service by tying an ad to a brick and throwing it through your car's windshield.

!? Mobile phone spam breaks the phone? Wow! This is seriuous heavyweight stuff.

If I was paying someone to provide a service of throwing messages wrapped round bricks through my car window, I wouldn't complain if they did this. I would have cause to complain if they didn't.

Re:ARE YOU ON DRUGS?

[fmaxwell]

Mobile phone spam breaks the phone? Wow! This is seriuous heavyweight stuff.

Yes, it does. When so many spams come in that the owner has to cancel the contract, the phone is 'broken'. But you are obviously too dense to understand the analogy, so I'll simplify it for you:

Mobile phone spam costs the user money. Replacing the windshield costs the user money. Both forms of "advertising" force the user to incur a cost that they do not want.

If I was paying someone to provide a service of throwing messages wrapped round bricks through my car window, I wouldn't complain if they did this.

If you are even semi-normal, you don't pay your mobile phone company to deliver ads to you at your expense. You pay them to deliver messages from friends, family, coworkers, and others with whom you choose to share your number/address.

Re:ARE YOU ON DRUGS?

Mobile phone spam breaks the phone?

No, you moron, it doesn't. Just like a brick thru a windshield doesn't stop the car from running. It does cost money, though.

Re:ARE YOU ON DRUGS?

[spickus]

"!? Mobile phone spam breaks the phone?"

No but many of us are charged for the minutes of airtime used by telemarketers.

"If I was paying someone to provide a service of throwing messages wrapped round bricks through my car window, I wouldn't complain if they did this. I would have cause to complain if they didn't."

What the hell does this mean?

The post you are replying to is pointing out that SPAMMERS and telemarketers are costing people money.

Re:ARE YOU ON DRUGS?

[91degrees]

And people have chosen to pay this money for the service. If they don't want to be used in this way, cancel the service. People want to eat their cake and have it too.

Re:ARE YOU ON DRUGS?

[spickus]

"And people have chosen to pay this money for the service."

What service are you referring to? I pay my ISP for mail service for my personal use not for people to send me garbage that I don't want. My ISP pays somebody for bandwidth to be used by their customers. Very few people want this type of email or commercial phone messages. It wastes resources (money). The only people who defend these practices are profiting from it. I suppose that if I was making my living by wasting others money, I would also view this from a different perspective.

Re:ARE YOU ON DRUGS?

[91degrees]

I pay my ISP for mail service for my personal use not for people to send me garbage that I don't want.

Really? I want a provider that will agree to send me only email that I want. Who are you with? My agreement says that the ISP will deliver messages that are addressed to me.

Very few people want this type of email or commercial phone messages.

Some people do though.

The only people who defend these practices are profiting from it.

I never made any profit from spam.

Re:ARE YOU ON DRUGS?

[fmaxwell]

Really? I want a provider that will agree to send me only email that I want. Who are you with? My agreement says that the ISP will deliver messages that are addressed to me.

He told you what he was paying for, not how the service would be provided. If you asked me why I bought flares for my boat, I would tell you that it was for use in an emergency. Would you say "my flares say that they will light any time for anyone who follows the directions. Where do I get some that only work in emergencies?"

I pay the utility company for water. I have a garden hose. I might tell the neighbors where it is in case they need to use it in an emergency. But it doesn't mean that you have a right to come on to my property and help yourself to water from my garden hose just because you found out where the spigot is. Nor does it mean that the utility company should publish information about who has garden hoses and where they are located.

Re:ARE YOU ON DRUGS?

[Fujisawa+Sensei]

Obviously it did. Otherwise they wouldn't have lost the court case.

It's about time...

[hafree]

It's about time someone set a precedent in determining the cost of spam. Not just in terms of denial of service, but also the amount of time it takes people to deal with it.

Many people don't realize what a hassle spam can be, until you try to put a monetary cost on it. Let's forget about the resources it uses and just look at how much time it consumes to delete... For the sake of using round numbers, let's say it takes someone 5 seconds to identify a message as spam and delete it. That means in an hour they can theoretically delete 720 pieces of spam. I don't know about the rest of you, but I regularly receive about 100 pieces of spam on a typical day. That means that about 2.6% of your paycheck goes towards you deleting spam. For an employee that makes $50k/year, this comes out to approximately 3.5 cents per piece of spam received, or $1277/year...

Re:It's about time...

[tburkhol]

For the sake of using round numbers, let's say it takes someone 5 seconds to identify a message as spam and delete it.[...] this comes out to approximately 3.5 cents per piece of spam received, or $1277/year

This is why it's hard to estimate the cost of such things-5 seconds to identify spam?? I'm not a fast reader, but I can pretty easily identify a spam subject header in under 1 second. If I'm using a decent spam-filter, I can reduce the amount of daily spam I see to 5-10. The first observation drops your estimate to $$250/year; the second to $2.

The place where spam costs real dollars is administration (unless you want to put a dollar figure on your pain-and-suffering). If-like docomo--you have to have infrastructure to support literally 10 times as much e-mail as is even deliverable, then you're talking about real, identifiable money.

Re:It's about time...

[Kombat]

it takes someone 5 seconds to identify a message as spam and delete it.

5 seconds??? Are you insane? Look at your watch. Now wait 5 seconds. That's an eternity. Why on Earth would it take anyone that long to look at an email and determine "Hey, who the %*#@ is this and why are they emailing me about penis creme?"

Personally, I can scan through a list of email subjects and senders (i.e., the folder - don't even need to see the messages' contents) and identify spam by the dozens. Even still, for the sake of argument, let's say it takes a whole second per spam.

Now, for the other holes in your ludicrous argument.

I don't know about the rest of you, but I regularly receive about 100 pieces of spam on a typical day.

At work? Then your work for a really crappy company. Even the tiniest of companies use spam filtering software. In the last 4 years, and at two separate companies, I've only ever recieved I think 2 spams IN TOTAL. Certainly not "100 per day." Sure, I get that much at home, but no one's paying me for that time, so you can't count that as lost productivity or economic cost or whatever.

So for normal employees, who can identify spam in 1 second instead of 5, and who receive 2 spams a year on their work account instead of the 26,000 you assert you receive, that amounts to about 0.0000001% of their paycheck, or precisely $0/year. Zero net impact on the company, other than loading down their mail servers a little more than usual as the spam filters do their thing.

If you get 100 spams a day on your work account, then either you're self employed and too lazy to set up even the most rudimentary spam filters, or your company sucks, or you're an idiot and use your real, work email address every time you sign up for a Honda mailing list or NASCAR "Speed Bulletins."

Stop the FUD. Spam sucks, but don't pretend it costs us more than a few seconds of our time or a few dollars of extra IT work. I get a kick out of all these people who complain that it takes them 30 valuable seconds of their free time in the evenings to delete a few dozen spams. Yet they'll sit there and waste hours on a Diablo game. If their time is so valuable, how come they spend so much time planted in front of the TV or surfing useless websites?

Re:It's about time...

[InadequateCamel]

I consider the original post to be spam.

Estimating 250 posts on this article with 100 times more readers than posters, as well as further posts relating to the parent comment, I figure that there is

(250 posts + 25000 readers)*7 seconds reading time + (3 posts after this one*25250 readers)*20 seconds reading time
= 1691750 seconds

Assuming that I can identify a spam in 1 second and charging you 1 cent per spam, you are directly responsible for $16917.50 in losses. I will forward this total to my Nigerian colleague who will need your bank details to complete the transfer.

Interestingly if you were 1 second less long-winded you would have saved enough money to buy this fantastic penis enlarger that my good friend bigmembernow sent me.

Re:It's about time...

[Dirtside]

Stop the FUD. Spam sucks, but don't pretend it costs us more than a few seconds of our time or a few dollars of extra IT work.

It costs more than that. I don't particularly want to see pictures of women covered in horse semen when I get home from work and check my email -- or worse yet, when I'm at work and my screen is visible to a half dozen other people.

If their time is so valuable, how come they spend so much time planted in front of the TV or surfing useless websites?

Because then they're spending time in the way that they chose. Having to go through spam -- even for only a few seconds per day -- is an unwanted intrusion on my time. It's not (usually) the amount of time involved; it's that that time is being wasted without my consent. You can certainly argue that I "consented" to being spammed when I decided to participate on the Internet, but that's about the same as claiming I "consent" to being carjacked whenever I drive to work.

Dealing with dictionary attacks

[andy@petdance.com]

If their mail servers are swamped with 880,000,000 emails daily from dictionary attack, I'd think the easiest solution would be to throttle the mail servers. "Oh, I got an invalid recipient, I'll pause 5 seconds before I respond." (Adjust 5 seconds to whatever makes most sense) For most legit users, that shouldn't be a problem. For the spammers, it means they can make at most 17280 attempts per day per MTA.

Re:Dealing with dictionary attacks

[XCondE]

Postfix does that out of the box.

Re:Dealing with dictionary attacks

[spacefight]

Spammers have already tools to distribute their attacks trough multiple "raped" MTAs, it is an idea for the poor guy spammer - it won't stop hard core bulkers tough I assume.

YOU'RE A TROLL AND YOUR LOGIC IS GUTTER TRASH

trollllllllllllllllll ... you should wake up and realize you are a troll and everyone hates your pasty white ass. BITCH

If Only

[SCHecklerX]

This would happen here. I looked through my sendmail logs the other day only to find thousands of lines of 'unknown user' errors. These fsckers need to be tortured to death over several months.

Anybody have a link on how to configure sendmail to not log/respond to email destined for addresses that are not on your server?

Re:If Only

[Nevyn]

Anybody have a link on how to configure sendmail to not log/respond to email destined for addresses that are not on your server?

You can tell exim to start refusing everything if a sender gets more than X RCPT addresses wrong.

Sweet Sweet Justice

[theghost]

Maybe i'll move to Japan when things get too ugly under the Ashcroft regime! Guess i'd better learn Japanese just in case - time to watch more anime!

Re:Sweet Sweet Justice

Maybe i'll move to Japan when things get too ugly under the Ashcroft regime! Guess i'd better learn Japanese just in case - time to watch more anime!

And don't forget, learn how to live in an apartment that costs you $1000/month - per square meter.

Re:Sweet Sweet Justice

[The+Ape+With+No+Name]

That's different from Manhattan, how?

Re:Sweet Sweet Justice

[louzerr]

"When" things get too ugly? How far does this corporate rule have to go?

You know, if only CEOs were allowed to vote, I'd feel better about our system. At least there would be no more delusions about being in a 'democracy'.

any lawyers?

could dictionaly spamming count as a denial of service attack? (even if it isn't big enough to actually take down the service)

Cost of spam?

[Brian+Blessed]

From the /. post:
The fine is about $55,000 and was based on an estimated cost to NTT of 1.2 yen per undelivered spam ($0.01) for the 4 million spams that were undeliverable. What is most startling is NTT DoCoMo assertion that ... each day, 880 million are not deliverable!

If this is true, doesn't that make the cost of spam to NTT DoCoMo around $12M per day, or $4.4Billon per year.

This seems a bit much, although I agree with the size of the fine - I'm just questioning the way it is rationalized.

- Brian.

Say no to excessive "costs"

[morcheeba]

I like the verdict and think that the fine is appropriate, but I don't like how it was calculated. Maybe the article misrepresented it, but charging $0.01 per spam seems excessive.

The article says 880 million undeliverable emails are sent every day. At a penny a piece, that's USD$8.8million / day, or $3.2 billion/year. The company does $42 billion in sales per year, I doubt that they spend 7.6% of their income on spam. Or, for that matter, give me $3b/yr and I'll provide the equipment to totally filter all of their undeliverable mail -- they'll save their shareholders $200 million!.

I just wish they said "it cost us 1 man-year of work to stop this guy" and cost it that way instead of making up numbers per message. It's this kind of unjustified damage estimate that "cost" sun $80 million of money that was good enough to tell a judge under oath, but too bogus to tell their shareholders. A doubt NTT has a $3.2b line-item on their annual report.

(and, as others have pointed out, this 880milMsg/day is misaddressed mail - trivial to filter out and it never consume any expensive RF bandwidth)

Re:Say no to excessive "costs"

[PetWolverine]

They're talking about lost revenues, which are different from actual costs. They charge ~$.01 for each email delivered, so if all those 4 million emails had been delivered they'd have earned $55,000 (rounding makes up the difference, I guess).

They're not saying it actually cost them that much to handle all that bogus mail. They're saying that it cost them something, and that normally they would be reimbursed in a certain proportion to the cost, so they should be reimbursed in the same way in this case.

Re:Say no to excessive "costs"

[morcheeba]

Thanks for the answer. I guess the judge fell for it -- he said "The damage caused by large amounts of e-mail not reaching their destinations should be covered by the sender", but what he should have said was "The loss of potential revenue should be covered by the sender", which is what actually happened. Why should NTT expect to make a profit on illegitimate messages?

Re:Say no to excessive "costs"

[PetWolverine]

They have a legitimate right to expect to make a profit on messages they transfer. The fact that a huge number of the messages they transfer never reach anyone, and therefore don't net them a profit, is not for a legitimate reason, but rather due to some damn fool exploiting their servers, so they sued him. It makes sense.

What will come?

[PhxBlue]

On a somewhat related note, while we may not see opt-in mandated for a while, I'm sure companies will be quick to adapt:

By signing up for our free Britney Spears subscription service, you ackwnoledge you have agreed to our draconian privacy policy which allows us to sell your personal data to anybody we want and spam you from now 'till doomsday. To activate your account, we will send you an e-mail shortly. The spamming will begin soon thereafter.

This is one of the reasons why legislating a technical problem won't make it go away--there's always a loophole; and it takes longer to fix a legal loophole than it does for Microsoft to fix their bugs.

Who would have thought...

[bobdotorg]

Lawrence_Bird writes...

Who would have thought that Larry Bird would be spending his retirement years posting on Slashdot...

money FROM Spammers

[rodney+dill]

DoCoMo has the right idea we need money from spammers

... Thats where I want to go
way down in Do Co Mo ...

(with apologies, but not royalties to the Beach Boys)

Re:ALL SPAMERS SHOULD BE ASSFUCKED WITH CHAINSAWS

Yes?

telco was happy to profit from delivering the spam

[cdn-programmer]

You may note thst DoCoMo was quite happy to deliver this spam to their end users and profit from it.

Had the spammer used valid email addresses I'm sure this would not have ended up in court. :-(

Does this mean?

That I am liable for all those calls to women in bars who gave me incorrect phone numbers?

Re:Not deliverable? How about, not readable!

[pizpot]

Spam suxxor, but since I stopped forwarding my "spam" emails to my maim email account, I have got none. I was getting about 20 per day, and all of them from usenet posts to wpg.forsale.computers (I'm from wpg). So a good short-term solution may be not to enter your main email address in web-forms or news posts. (flame suit on)

Re:"defending other bulk emailers right

[Technician]

I'm not defending spammers. I think the use of open relays, bogus return addresses, joe job return addresses, and the like show simple laws don't work. In an international community the cover of obscurity provides a great place to hide from proscution. Facing that fact, I don't think a simple law in some single country will ever fix the problem. A technical encumberment could be employed to severly limit the effectiveness of a dictionary attack. Think about it. If you had a mailserver or hundreds with only 5K users each and someone started a dictionary attack, It would be simple to have the server purge all mail to all users that matched most of the body of the mail as well as automaticaly real time blacklisting the source IP. Any bulk mailing with a greater than 50% failure rate could block the incomming mail for say 15 days and purge all matching mail from all inboxes. (the way I view it is too much spam makes the server sick and it then vomits the spam overdose and refuses any more un-tasty morsels) If widely implemented, it would be instant death to dictionary attacks.
You would need a serious validated mail list to do anykind of bulk mailing. Subscription lists would have to be regulary purged of stale addresses. Failure to do so would trigger blocks. Most mail lists should be opt in and renewed at least annualy. That would auto purge those who had a troublemaker sign up to a list where you can't unsubscribe.

Re:"defending other bulk emailers right

[spickus]

First, great idea.

"I don't think a simple law in some single country will ever fix the problem."

You are correct but if something like this (spam marking) were implemented in the US (hopefully other countries too) it should alleviate some of the problem. This, in addition to your idea would put a huge dent in the spam business.

Re:telco was happy to profit from delivering spam

[linuxdoctor]

True enough. But one may logically ask the question whether the ultimate receiver of the said SPAM could turn around and send a bill to the spammer for wasted bandwidth, lost productivity in having to deal with SPAM and even an accounting charge for the CPU time and disk storage necessary for your system to accept, process, filter (if you have one) and ultimately deliver it.

Might be worth thinking about. In fact, SPAM filters might be fitted with routines to do this sort of accounting. Finally, a group of SPAM victims could then get together and launch a class action suit against those individuals and organizations involved in SPAMming.

OUCH.

[lorcha]

Then your mailserver must keep a connection open for 5 more seconds than required. Each connection consumes system resources (which resources depends on your OS, but likely candidates are RAM, INODEs, extra connections that count toward the limits set at the OS or MTA level, you get the idea), so you would effectively be hurting your own server.

This is why some busy websites choose to disable keepalives or set the keepalive timeout to something short like 1 second. If the webserver keeps that connection open while waiting on the user, the resources consumed are more than the resources of creating and destroying that conection. Better to get that connection closed ASAP.

Or did you assume that the spammer would be nice and wait for one attempt to fail before starting the next? :-)

Re:Sweet Sweet Justice (OFFTOPIC)

[theghost]

When i no longer have hope that things can be fixed, then that's when i'll know it's time to leave. I'm discouraged now, but not yet ready to give up. I think that far too many Americans love "America", but don't really hold to heart the ideals upon which this nation was founded. If only they could understand . . . then their patriotism would be more than callous tribalism.

I just got back from a trip to NYC. I went to Liberty Island and remembered that it was recently-reviled France who gave us our most-cherished monument. I have never felt so patriotic as i did while visiting Ellis Island. To see the many different faces, stories, and cultures that are integral to America, that was inspiring. They came not because they loved the material America - the plains and mountains, rivers and forests. Though they saw possibilities there, they came because they loved the idea of America.

That idea has been lost to so many - those who love what they have - the comforts and artifacts of their lives. They want to preserve these things and try to keep them just as they are, not realizing that unless America is constantly growing and adapting in response to the ever-growing and ever-changing world, it is dying.

I do not love the flag. I do not love the President. I do not love the power we wield. I love America - its ideals, its dreams and hopes for itself, and the promise of what it could be.

Hate to throw a wrench in it...

[x-guru]

...but most spammers make four times that amount per deal. So, the company that spammed that particular deal still made a huge profit.
I say pahtuey (sp?)

x--

Re:"defending other bulk emailers right

You can solve the problem by rigorously enforcing spam traps. If a host mails a spam trap address, quarantine it until a human can review the situation. If you see a bunch of obvious dictionary-type attempts while inspecting the logs, keep the block in place.

Taken to its logical extreme, the dictionary attack lusers will have to spread out their actions across a wide base of hosts - open proxies and such. There are only so many open proxies around, and eventually you will have a good number of them on your quarantine list.

This also works well to stop the situation where spam is sent with a forged address to a never-valid address through a secondary mail exchanger. Normally it would double-bounce to the admin, but this stops it at the border.

Let's face it - most of our MTAs are dumb. They blindly accept things they probably shouldn't. The good news is that some of them support helper programs (like sendmail's milter) that can be used to give it some teeth.