Habeas Seeks Poetic Justice for Trademarked Spam

Remember the company who started using haiku to fight spam? According to a news.com article, it will now be tested in court. Habeas is suing two internet marketers, saying that they've included Habeas' haiku in their mail, thereby lowering their SpamAssassin score by 6 points, but allegedly violating the trademark. It's interesting because the end effect of this will be more or less spam, but it's based on trademark law. It'll also be interesting to see how well this holds up across national boundaries.

Tagging

[rf0]

Well I hope that the spammers get whats coming to them. Keeping stats of my email recently there has been a dramatic rise in the amount of spam I've been getting I've thankful for spamassasin to filter off all the crap.As a slight aside I found out today that debian charges $1000 for each advert (spam) posted to the list. Now that is a cool policy :)

Rus

Re:Tagging

[Zeinfeld]

Whats really annoying me now is that I'm getting spam selling anti-spam software. I mean how stupid do spammers think I am. I know how stupid they are

In most cases that is not quite what is going on, sale implies that they own the goods in question which most spammers do not. Basically they are taking credit card numbers in return for the promise of spam software.

In many cases you don't get the spam software anyway, if you do it probably won't be a legal copy and you are likely to find your credit card billed for very substantially more.

Of course then there are clueless services like spam arrest that have a challenge/response spam filter scheme. Then they spam all the people who tried to send email to their customers. Privacy abuse and spam all in one go!

The challenge response schemes are in any case a way of displacing spam, not reducing it. Everyone who sends a user of those vile schemes a message gets a spam set back in return. If everyone used them we would spend all our time answering callbacks and the spam senders would quickly adjust to autoreply. If someone's email has a callback loop on it I send them a fax or fed-ex and add in a note that their email seems to be broken.

How Big A Problem Is Spam Really?

[Farley+Mullet]

I'll admit that I find spam as annoying as the next guy, but I try to take precautions and use a fairly effective junk mail filter, so spam at best rises to the level of minor annoyance. Aren't there better things to spend our money and time lobbying lawmakers and dragging people to court about?

Just a question.

Re:How Big A Problem Is Spam Really?

[401k]

Not to mention some spam content is outrageously obscene, and if you're using HTML-enabled mail on Outlook (which I had to, at my old job), you'll get filthy porno pictures, web bugs, cookies, fucking POP-UPS, all kinds of shit. We'd get this because angry customers would sign us up for it, but frankly it could end up in any little kid's inbox if they went to the wrong website or left their email addy out there hanging.

Just wait until anti-abortion activists start spamming everyone with pictures of dead babies, or terrorists start sending out gruesome pictures of dead Iraqis, and maybe those worthless luddites in government might do something. Or we'll just abandon email altogether. Sigh.

Re:How Big A Problem Is Spam Really?

[amcguinn]

Spam is a small-to-moderate problem. It's big enough to attract attention, but not big enough to justify the sensible solutions.

It's a spin-off of anonymous internet use. The SMTP mail infrastructure allows anyone to anonymously send email to anyone. The solution to spam is to replace the system with a new one that accepts mail only from satisfactorily identifiable people. With that in place, all sorts of mechanisms -- technical, commercial and legal -- can be used against spam. Without it, all measures will be at best ameliorative.

Once the problem gets bad enough -- and it almost certainly will -- these steps will be taken. Very few people need to be able to receive mail from anonymous sources, and they will be able to use other arrangements.

Incidentally, in terms of punishing my inbox, Windows viruses are as big a problem than commercial spam. If all commercial spammers were wiped out, I would still get about 80% as many Kilobytes of unwanted mail as I do now.

patent

Habeas has patented this idea. I don't know if this means they will block others from using the technique, but if so, I hope they go out of business pronto.

This idea is cute but until I wake up one day and get zero spam and zero false positives, I'll remain sceptical. The patent just makes it more annoying.

$100 reward for information about a spammer

[Animats]

I, John Nagle, owner of the US registered trademark "Downside", will pay $100 to the first person who can provide to me the identity of the actual person or persons behind any of the following sites:

• girlswhocry.net
• contipay.com
• profitabill.com

Why? I've received over 16,000 mail bounces from spam advertising these sites. They, or some person associated with them, has been spamming with "downside.com" return addresses.

Rules and comments:

• I already know what Whois and traceroute will tell me, and I know who hosts those sites. That's not helpful. I do have information that indicates that the operation is inside the United States. So I will only pay for a US name and address at which a process server can deliver a summons.
• The sites for "contipay.com" and "profitabill.com" look like sites of businesses that do billing for third parties. They're not real companies; they're false fronts.
• These sites have changed hosting providers and billing arrangements since I started looking for them and talking to their hosting providers. But they tend to stay up, although they move around.

I can be reached at "spammersearch@downside.com". Thank you.

Re:Fine the *originating* companies

[wolf-]

I have to agree with you completely.
We run spamassassin in house to filter out spam destined for our employee accounts.

It gets dropped into a very large file.
Then once a month, 2 employees go through the messages, if the product is from a large national company, we print out the message, find a PR contact and upper level management for the company, and we have a nice form letter that goes out. The idea is, we know who you are, its YOUR reputation on the line (as anonymous spammers have no reputation) and we are letting you know that we know.

Yeah, it costs some man hours. Is it effective? Can't really tell. Have had some large firms appologize.

How to beat the spam detectors

[tramm]

If I were to ever become a spammer, I would:

• send my mail with gnus (-6.4 points)
• add an 'X-Cron-Env' header (another -6.4 points)
• add a fake 'In-reply-to' (-3.3 points)
• include the sendmail X-Auth warning (-1.008 points)
• have a sig dash with dense sig (another -6.4 points)
• include some diff -u output (-6.027)
• Have 'foo@bar wrote:' attribution (-6.6)
• Have quote text (-3.3)
• Fake a good Exchange ID (-5.8)

At this point, the message has a -45.135 bonus and would have to be super spam to be scored as spam. Let's hope none of those scum read the comments on Slashdot...

Junk Faxes Too

[Badmovies]

Going after the people who hire spammers is a good idea. If they know that their company will be held liable for spam, they will not hire anyone.

I play the same game with junk fax idiots. I call each and every company and talk to a company officer about the TCPA violation. At the end I make sure to remind them that they have been informed their advertiser is willfully breaking the law. Then I forward a letter to the FCC (copies of faxes included) asking for action to be taken against the parties.

Eventually a federal law will be passed about spam. Then there will have to be some work to get other countries oboard with mutual enforcement agreements.

Of course, the other option is overhauling how email works. 1/100th of a cent for each email? Sure.

Re:$100 reward for information about a spammer

[callipygian-showsyst]

Good for you!

I used to own a domain name that was a common word. (I registered it years ago, before the WWW.)

I had to give it up because spammers were forging email from "my" domain, simply because of the common word I had registered.

After spending a few weeks seeing if there was anything I could do about it (I was getting letters/phone calls from idiots (mostly Macintosh users for some reason!) who thought I was spamming them, I just decided to retire the domain.

In a perfect world, the people ruining my good name would be sitting in jail (or dead.)

Go, Habeas, go!

[eggboard]

I signed up for Habeas more because I wanted to help essentially fund their ability to sue spammers. I figured it would be a very short period of time before someone violated their trademark and copyright.

If Habeas takes off, then everyone's headers will have Habeas lines in them, making SpamAssassin even more useful. If their spam suit succeeds, then spammers will be too freaked out about judgements to include Habeas headers.

Of course, it won't solve spam, but anything that reduces volume and immunizes email -- spam can't necessary mutate against Habeas's particular immunity -- has a positive benefit.

SpamAssassin now filters out about 95 percent of the spam I used to get. Since installing it in January, I believe I have saved myself several hours of deleting and filtering email, reduced my download time for email when I'm on the road (even headers), and made my email box so delightfully clean.

And I have received not a single call or follow-up from someone whose email wasn't received that should have been. That is, no false positives at a level that I filter to /dev/null.

Re:Sounds dangerous

[amcguinn]

Absolutely right. We're all more or less anti-spam, but this is actually a frightening development. The same sort of tricks have been tried before, I believe, for example requiring console game cartridges to print a specific copyright message in order to have them run. I would like to see this lawsuit fail, on the grounds that the spammers are simply "reverse engineering" the interface of the anti-spam tools.

A better mechanism would seek to apply anti-cracking laws rather than IP laws. (I don't know US law, but for example the Computer Misuse Act in the UK outlaws unauthorised access to systems.) If someone could work out the details of a scheme that forced the spammers into breaking that kind of law it would be much healthier than this operation.

The crucial difference is that in this case the purported legal victim is a more-or-less unrelated third party. If unauthorised access laws are being used, then the legal victim is the real victim -- the recipient of the spam, whose systems have been accessed in a manner they do not approve of.

We need a new protocol for mail

[infernalC]

Internet springtime
the academics messaged
amongst their boxen

the diverse systems
without the scourge of commerce
by s m t p

cooperated
microsoft and sun and dec
unisys, hp

then came eye candy
if you build it they will come
e-commerce flourished

summertime came soon
venture capital dodo
the money dried up

quick buck was desired
send lots of mail to granny
she is rich and dumb

in greed's bosom born
marketing technique evil
electronic mail

spam spam spam spam spam
filtering is most futile
protocol not good

header forging easy
there must be a better way
new rfc please

even with new way
migration would be a bitch
forget about it

Why this might not be so good.

[mindstrm]

Because.. it's a trademark suit. Trademarks must be defended.

Now. those people actively using this trademark in their emails, do they have a contract with the trademark holder?

If not, what differentiates their use from a spammers use of the mark?

Yes, we know what the trademark holder INTENDS.. but remember, a tradmark is a mark identifying a product or service.. and they must be defeneded, and clearly indicated as a trademark.

Trademark does not give absolute power over a series of words.

If this wins, it could set bad precedent.

the double quotes did nothing

It was determined to be legal to use that phrase merely because it was used as a key phrase and thus it was not copyrightable. The quotes did nothing. Many of the cloners didn't use any quotes.

And yes, this is precdent. See my Sega v. Accolade post below.

It's 5-7-5 syllables, season or nature themed

[spun]

A flower blossoms
Poetry fights evil spam
Fresh spring for email.

Spammers pluck blossoms
good idea wilts like cut
flowers in summer

A golden leaf falls
Harvest time for Habeas
Copyright on poems

Alas, bitter cold
These lawsuits are frozen in
Chinese court system