Habeas Seeks Poetic Justice for Trademarked Spam

Remember the company who started using haiku to fight spam? According to a news.com article, it will now be tested in court. Habeas is suing two internet marketers, saying that they've included Habeas' haiku in their mail, thereby lowering their SpamAssassin score by 6 points, but allegedly violating the trademark. It's interesting because the end effect of this will be more or less spam, but it's based on trademark law. It'll also be interesting to see how well this holds up across national boundaries.

National boundries don't matter

[WCMI92]

For spam to American e-mail addresses to be effective, a product has to be delivered TO an American physical address.

Any judgement against the spam should be enforced against the money being transacted to the spamvertiser.

Cut off the money supply to the spammer's customer, cut off spam.

Tagging

[rf0]

Well I hope that the spammers get whats coming to them. Keeping stats of my email recently there has been a dramatic rise in the amount of spam I've been getting I've thankful for spamassasin to filter off all the crap.As a slight aside I found out today that debian charges $1000 for each advert (spam) posted to the list. Now that is a cool policy :)

Rus

Re:Tagging

[WCMI92]

I've been using PopFile for the last month and a half... Out of thousands of emails I've received, Popfile has made only a handful of mistakes. It runs over 99.3% accurate. I've used the same e-mail address for 5 years, and it's obviously on virtually all spam lists...

I too have noticed that the number and voracity of spam has increased DRAMATICALLY in the last few months. And lately some seem to find their way around my blockers.

I don't get it... If I am going to such extremes to AVOID spam, why should the spamemr WANT to go to lenghts to get around it? I obviously am someone who DOES NOT and WILL NOT patronize their products... So why waste the effort?

PopFile, btw, is free software:

http://popfile.sourceforge.net/

Re:Tagging

[Zeinfeld]

Whats really annoying me now is that I'm getting spam selling anti-spam software. I mean how stupid do spammers think I am. I know how stupid they are

In most cases that is not quite what is going on, sale implies that they own the goods in question which most spammers do not. Basically they are taking credit card numbers in return for the promise of spam software.

In many cases you don't get the spam software anyway, if you do it probably won't be a legal copy and you are likely to find your credit card billed for very substantially more.

Of course then there are clueless services like spam arrest that have a challenge/response spam filter scheme. Then they spam all the people who tried to send email to their customers. Privacy abuse and spam all in one go!

The challenge response schemes are in any case a way of displacing spam, not reducing it. Everyone who sends a user of those vile schemes a message gets a spam set back in return. If everyone used them we would spend all our time answering callbacks and the spam senders would quickly adjust to autoreply. If someone's email has a callback loop on it I send them a fax or fed-ex and add in a note that their email seems to be broken.

Fine the *originating* companies

[nurb432]

I've been saying this all along.

If you fine the people who advertise improperly, then they will stop hiring spammers to do it.

Plus its easier to track down the company that is offering the product/service then the scummy spammer that will hide from you.

Re:Fine the *originating* companies

[Chymaera]

Ugh...:(

Fools who don't preview
Should never be modded up--
Should leap from tall cliffs.

Re:Fine the *originating* companies

[WCMI92]

"he problems I've seen from large companies is that they hire "marketing" companies who say they have "opt-in" lists and then proceeds to spam the living hell. Complaining seems to just get you listwashed so I just end up blocking them. Seems to work"

Doesn't matter how many layers deep the originating company buries it. Somewhere there is STILL a transaction of money from that company that ends up in the spam.

And somewhere from the spam there is a resulting transaction that results in profit for that company.

Which, if it's a LEGAL enterprise, is all on the books. Else the company, managers and officers are comitting felonies.

If it's NOT a legal enterprise, then obviously the spammer himself is aiding and abetting, itself a crime.

How many want to guess how much crime and fraud have been aided and abetted by Ralsky and co?

Re:Fine the *originating* companies

[wolf-]

I have to agree with you completely.
We run spamassassin in house to filter out spam destined for our employee accounts.

It gets dropped into a very large file.
Then once a month, 2 employees go through the messages, if the product is from a large national company, we print out the message, find a PR contact and upper level management for the company, and we have a nice form letter that goes out. The idea is, we know who you are, its YOUR reputation on the line (as anonymous spammers have no reputation) and we are letting you know that we know.

Yeah, it costs some man hours. Is it effective? Can't really tell. Have had some large firms appologize.

Re:Fine the *originating* companies

[Threni]

"companies who say they have "opt-in" lists"

Then a $1,000,000 dollar fine should convince them that it's worth ensuring that the companies they deal with don't lie.

Trademarked Haiku

[idfrsr]

I have trademarked this
Use it at your own expense
I'll see you in court

How Big A Problem Is Spam Really?

[Farley+Mullet]

I'll admit that I find spam as annoying as the next guy, but I try to take precautions and use a fairly effective junk mail filter, so spam at best rises to the level of minor annoyance. Aren't there better things to spend our money and time lobbying lawmakers and dragging people to court about?

Just a question.

Re:How Big A Problem Is Spam Really?

[Beryllium+Sphere(tm)]

If you don't think bandwidth use is a problem, if you don't think needing spam filters is a problem, if you don't think storage space is a problem, if you don't think that losing legitimate email when a spam filter malfunctions is a problem, if you don't think unauthorized computer access is a problem, if you don't think that crashing mail servers under abusive volumes of traffic is a problem, if you don't think wire fraud is a problem, then consider this:

Spam is threatening connectivity and shutting down useful services. Open relays used to be a public convenience. Because of spam, if you set one up today, you'll find thousands of places blocking your traffic. Mailing lists used to allow non-subscribers to post. Because of spam, you now have to subscribe first before asking a question. We used to imagine the net as a worldwide utility. Because of spam, many people are now blocking everything from China.

Does this answer your question?

Re:How Big A Problem Is Spam Really?

[WCMI92]

"here are better things, for sure, but spam is not a small problem. It's fine that you can block out most of it and make it a minor annoyance, but what if everyone would do that? The end result would that there would that you would get more spam, because the spammers would be forced to find a way around your filtering system, which undoubtedly they eventually would do. Also, spam is overall a drain on resources: a drain on bandwidth, a drain on processing power passing them on from server to server, and a drain on disk space storing them, so spam is a problem, and it should be stopped, even if right now it is only a "minor annoyance"."

So, we should all leave our front doors unlocked, and the keys in our car's ignitions just to prevent the crook from having to WORK HARDER to violate our space?

I fail to see the logic in your agument, though I agree filtering is not the answer.

What should be illegal is unsolicited advertising that uses the victim's RESOURCES. That is theft.

Re:How Big A Problem Is Spam Really?

[Caveman+Og]

Spam is a VERY big problem.

The trouble is that you, as an end user, can't possibly SEE how big the problem is. In addition, filters, while protecting you, the end user, only MASK the extent of the problem.

The costs incurred by spam are incremental, and are spread out among all the various parties who must decide whether to transmit, or block each spam message. These parites include far more than the sender and the recipient.

There's an interesting whitepaper at

http://word-to-the-wise.com/whitepapers.htm

The first doesn't bear on this issue, but the second one was a presentation given at the recent meeting of the IRTF's Anti-Spam Research Group. Those are real-life figures based on what real Internet providers are seeing.

The numbers, when you add them up, are scary.

--Og

Re:How Big A Problem Is Spam Really?

[gmuslera]

Lets say that you are sick, and for that you head hurts, and you take an aspirin to solve this. You just did a temporary fix to one of the simptoms, but not are cured of the real problem. And worse, you became addict to aspirin, so you will have another problems (i.e. have the risk of losing a critical mails).

Ignoring a problem will not make it disappear, but could make it grow worse until you really notes it, and maybe then will be too late.

Re:How Big A Problem Is Spam Really?

[amcguinn]

Spam is a small-to-moderate problem. It's big enough to attract attention, but not big enough to justify the sensible solutions.

It's a spin-off of anonymous internet use. The SMTP mail infrastructure allows anyone to anonymously send email to anyone. The solution to spam is to replace the system with a new one that accepts mail only from satisfactorily identifiable people. With that in place, all sorts of mechanisms -- technical, commercial and legal -- can be used against spam. Without it, all measures will be at best ameliorative.

Once the problem gets bad enough -- and it almost certainly will -- these steps will be taken. Very few people need to be able to receive mail from anonymous sources, and they will be able to use other arrangements.

Incidentally, in terms of punishing my inbox, Windows viruses are as big a problem than commercial spam. If all commercial spammers were wiped out, I would still get about 80% as many Kilobytes of unwanted mail as I do now.

Reminds me of Coy

[bahwi]

perl -MCPAN -e shell
cpan> install Coy ...blah...blah...blah...
cpan> exit
bash-2.05b$ perl -e 'use Coy; die();';

-----
Lao Tse departing
beside a dam. A
singing lark. A dove.
-----

Bankei's commentary...

Died

(Sayings of -e: line 1.)

Ahh, at least perl can die a nice death. Check the man page too, all in Haiku.

Now if only PHP and GCC had this. Then I'd be truly happy and transcending. Or at least able to procrastinate a bit longer.

embolden?

[DataSquid]

It's a perfectly cromunlent word.

ode to spam

[1nv4d3r]

I love to get spam
you can block it all you want
meanwhile, my dick grows

$100 reward for information about a spammer

[Animats]

I, John Nagle, owner of the US registered trademark "Downside", will pay $100 to the first person who can provide to me the identity of the actual person or persons behind any of the following sites:

• girlswhocry.net
• contipay.com
• profitabill.com

Why? I've received over 16,000 mail bounces from spam advertising these sites. They, or some person associated with them, has been spamming with "downside.com" return addresses.

Rules and comments:

• I already know what Whois and traceroute will tell me, and I know who hosts those sites. That's not helpful. I do have information that indicates that the operation is inside the United States. So I will only pay for a US name and address at which a process server can deliver a summons.
• The sites for "contipay.com" and "profitabill.com" look like sites of businesses that do billing for third parties. They're not real companies; they're false fronts.
• These sites have changed hosting providers and billing arrangements since I started looking for them and talking to their hosting providers. But they tend to stay up, although they move around.

I can be reached at "spammersearch@downside.com". Thank you.

habeas business plan

[1nv4d3r]

step one is haiku
step two is vast deep unknown
step three is profit!

Re:habeas business plan

[cperciva]

step one is haiku
step two is many lawyers
step three is profit.

Interesting...

[Fnkmaster]

You could do this same thing with any arbitrary bit of text that is long enough to be considered a novel work under copyright law. There is nothing particuarly unique about their "SWE" haiku-containing chunk of email header text. The interesting part is that I gather they were aiming to produce something long enough to be copyrightable (the haiku is a "work of art" that is definitely protectable under copyright law) and the use of their trademarked phrases and slogans in the header pattern is protectable by trademark law.

This gives them a dual-pronged legal attack approach on anybody who uses their header without permission, which I suppose makes it easier to enforce. And, in fact, they force their own hand by including trademarked slogans, because failure to sue violators would result in possible loss of trademark rights over time.

However, the part that irks me is that according to their FAQ they have patented their "system". Their system? How the hell can you patent the use of a legal mechanism? There is no technical novelty to their spam filtering mechanism, and in fact, they provide no spam filtering themselves, you just set up Spam Assassin or other programs to account appropriately for their particular headers. I've seen plenty of other header-flagging schemes for assisting spam filtering. The novelty then is claiming both copyright and trademark to the header text? Okay, this makes me not terribly fond of this company, even though it's nice and all that they are giving royalty-free "licenses" to individuals, I am not clear that they could ever successfully prosecute a patent case against anybody else who uses header-filtering of copyrighted or trademarked text of their own choosing to fight spam. Anyone have any information on case law describing patents of legal constructs? How would that differ from trying to patent a tax shelter mechanism? If you could actually do that, don't you think KPMG et. al. would have been using patent law to protect their legal constructs all along?

This is just one of those funny, small, novel legal ideas that would be nice to generate and give away to better humanity, but is simply crazy to try to build a business around.

Why put the poem in the extended headers?

[1nv4d3r]

haiku in header
not viewed by your Aunt Tillie
she won't know to sue

Re:Waiting....

[mistered]

Nah, Hormel's cool about using the term spam to describe unsolicited commercial email. It's so refreshing to see a company have some common sense when it comes to trademark issues.

We do not object to use of this slang term to describe UCE, although we do object to the use of our product image in association with that term. Also, if the term is to be used, it should be used in all lower-case letters to distinguish it from our trademark SPAM, which should be used with all uppercase letters.

This slang term does not affect the strength of our trademark SPAM. In a Federal District Court case involving the famous trademark STAR WARS owned by LucasFilms, the Court ruled that the slang term used to refer to the Strategic Defense Initiative did not weaken the trademark and the Court refused to stop its use as a slang term. Other examples of famous trademarks having a different slang meaning include MICKEY MOUSE, to describe something as unsophisticated; TEFLON, used to describe President Reagan; and CADILLAC, used to denote something as being high quality.

How to beat the spam detectors

[tramm]

If I were to ever become a spammer, I would:

• send my mail with gnus (-6.4 points)
• add an 'X-Cron-Env' header (another -6.4 points)
• add a fake 'In-reply-to' (-3.3 points)
• include the sendmail X-Auth warning (-1.008 points)
• have a sig dash with dense sig (another -6.4 points)
• include some diff -u output (-6.027)
• Have 'foo@bar wrote:' attribution (-6.6)
• Have quote text (-3.3)
• Fake a good Exchange ID (-5.8)

At this point, the message has a -45.135 bonus and would have to be super spam to be scored as spam. Let's hope none of those scum read the comments on Slashdot...

Re:How to beat the spam detectors

[Dwedit]

Mod parent down! Scum DO read slashdot! Censor this post!

Junk Faxes Too

[Badmovies]

Going after the people who hire spammers is a good idea. If they know that their company will be held liable for spam, they will not hire anyone.

I play the same game with junk fax idiots. I call each and every company and talk to a company officer about the TCPA violation. At the end I make sure to remind them that they have been informed their advertiser is willfully breaking the law. Then I forward a letter to the FCC (copies of faxes included) asking for action to be taken against the parties.

Eventually a federal law will be passed about spam. Then there will have to be some work to get other countries oboard with mutual enforcement agreements.

Of course, the other option is overhauling how email works. 1/100th of a cent for each email? Sure.

Re:$100 reward for information about a spammer

[callipygian-showsyst]

Good for you!

I used to own a domain name that was a common word. (I registered it years ago, before the WWW.)

I had to give it up because spammers were forging email from "my" domain, simply because of the common word I had registered.

After spending a few weeks seeing if there was anything I could do about it (I was getting letters/phone calls from idiots (mostly Macintosh users for some reason!) who thought I was spamming them, I just decided to retire the domain.

In a perfect world, the people ruining my good name would be sitting in jail (or dead.)

Missed his point

[siskbc]

So, we should all leave our front doors unlocked, and the keys in our car's ignitions just to prevent the crook from having to WORK HARDER to violate our space?

No, his point is that, at best, spam can be solved only for the technologically aware elite who know how to use mail filters and such better than others. His point is that if everyone else learns how to use our tools, spammers will find better tools, forcing us to find yet better ones.

In other words, it's like the old joke about two guys that are attacked by a tiger. One guy puts on his running shoes, and the other guy says "You think you're going to outrun a tiger?!?" The first guy says, "No...I only have to outrun YOU." Point is, the only reason we don't get so much spam in our inbox is that spammers are perfectly fine feeding off of people who don't have our abilities, and I'm not OK with that. As you say, it doesn't mean I'll take off my mail filters, but I don't think anyone was suggesting that.

Ultimately, I agree with him - I think finding a solution that works not only for me but for less capable compter users is a good thing.

And, as he says, eventually the bandwidth problem will be so severe that spam will increase the cost of internet access for everyone, and that, I think we can agree, is bad, and makes spam a problem that is worth solving - ask any operator of an ISP how much of their traffic is spam-related.

Re:$100 reward for information about a spammer

[AndroidCat]

If you want to unleash the experts on the people who joe-jobbed you, you should post this to the newsgroup news.admin.net-abuse.email. Most of the people there would help out just to bag these turkeys. (And some might have a good idea of who they are already.) High noise ratio, but no worse than Slashdot.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Go, Habeas, go!

[eggboard]

I signed up for Habeas more because I wanted to help essentially fund their ability to sue spammers. I figured it would be a very short period of time before someone violated their trademark and copyright.

If Habeas takes off, then everyone's headers will have Habeas lines in them, making SpamAssassin even more useful. If their spam suit succeeds, then spammers will be too freaked out about judgements to include Habeas headers.

Of course, it won't solve spam, but anything that reduces volume and immunizes email -- spam can't necessary mutate against Habeas's particular immunity -- has a positive benefit.

SpamAssassin now filters out about 95 percent of the spam I used to get. Since installing it in January, I believe I have saved myself several hours of deleting and filtering email, reduced my download time for email when I'm on the road (even headers), and made my email box so delightfully clean.

And I have received not a single call or follow-up from someone whose email wasn't received that should have been. That is, no false positives at a level that I filter to /dev/null.

Re:Sounds dangerous

[amcguinn]

Absolutely right. We're all more or less anti-spam, but this is actually a frightening development. The same sort of tricks have been tried before, I believe, for example requiring console game cartridges to print a specific copyright message in order to have them run. I would like to see this lawsuit fail, on the grounds that the spammers are simply "reverse engineering" the interface of the anti-spam tools.

A better mechanism would seek to apply anti-cracking laws rather than IP laws. (I don't know US law, but for example the Computer Misuse Act in the UK outlaws unauthorised access to systems.) If someone could work out the details of a scheme that forced the spammers into breaking that kind of law it would be much healthier than this operation.

The crucial difference is that in this case the purported legal victim is a more-or-less unrelated third party. If unauthorised access laws are being used, then the legal victim is the real victim -- the recipient of the spam, whose systems have been accessed in a manner they do not approve of.

We need a new protocol for mail

[infernalC]

Internet springtime
the academics messaged
amongst their boxen

the diverse systems
without the scourge of commerce
by s m t p

cooperated
microsoft and sun and dec
unisys, hp

then came eye candy
if you build it they will come
e-commerce flourished

summertime came soon
venture capital dodo
the money dried up

quick buck was desired
send lots of mail to granny
she is rich and dumb

in greed's bosom born
marketing technique evil
electronic mail

spam spam spam spam spam
filtering is most futile
protocol not good

header forging easy
there must be a better way
new rfc please

even with new way
migration would be a bitch
forget about it

Why this might not be so good.

[mindstrm]

Because.. it's a trademark suit. Trademarks must be defended.

Now. those people actively using this trademark in their emails, do they have a contract with the trademark holder?

If not, what differentiates their use from a spammers use of the mark?

Yes, we know what the trademark holder INTENDS.. but remember, a tradmark is a mark identifying a product or service.. and they must be defeneded, and clearly indicated as a trademark.

Trademark does not give absolute power over a series of words.

If this wins, it could set bad precedent.

Re:Why this might not be so good.

[sharph]

Yes, they do have a contract with the contract holder. They give away the right to use the trademark in e-mails for personal or ISP use.

Re:$100 reward for information about a spammer

[quintessent]

IANAL, but couldn't you sue "John Doe", and then find out who they are via discovery from their hosts?

Where's the fraud enforcement?

[swb]

Where's law enfrocement when it comes to fraudulent businesses, anyway? At least half the spam I have is for products that are obviously fraudulent, and some (like untested medical products) that may be illegal.

About the other half is for porn, of which I presume a large precentage are running credit card scams.

The Iraq T-shirts ad may be about the most legit spam I've gotten, but who knows. But I got only one. The other 99 in my bogofilter-current directory are all total BS.

Is it the war on terror or something, or does the federal government just not give a shit about prosecuting fraud?

It's 5-7-5 syllables, season or nature themed

[spun]

A flower blossoms
Poetry fights evil spam
Fresh spring for email.

Spammers pluck blossoms
good idea wilts like cut
flowers in summer

A golden leaf falls
Harvest time for Habeas
Copyright on poems

Alas, bitter cold
These lawsuits are frozen in
Chinese court system