Online Marketers to Stamp out Spam?

CodeHog writes "A group of online marketers want to get rid of spam and are proposing a registry base system for transmitting email. They are calling the project Lumos. Computer World has an aritcle on it Online marketers offer new antispam initiative . Doesn't it seem like these are the same businesses that profit from spam? Even better, this is being proposed by ESPC. The member list doesn't look too anti-spam to me." The obvious issue of course is that most spammers won't follow the rules anyway. My spam is up 20% over the 1st quarter of 2003! Yay!

Yes, let's hand email over to marketers

And lets also hand over civil rights to the Klan.

Re:Yes, let's hand email over to marketers

True, but neither are the Bushes big on outspoken atheists. But they aren't going to smash your face in for it. The current aristocracy allows every color as long as it's green, and the Klan every color as long as it's white. Just a different thing to discriminate on, that's all.

Re:Yes, let's hand email over to marketers

You can choose your religion (or lack of), you can't choose skin color.

Re:Yes, let's hand email over to marketers

Your freedom to corporations, your dreams to lawyers, your health to accountants. If this is earth, I want to go to bizarro world.

Re:Yes, let's hand email over to marketers

It doesn't matter. Neither should make any difference.

Re:Yes, let's hand email over to marketers

[brunson]

Sure you can. Look at Michael Jackson

Re:Yes, let's hand email over to marketers

They're not big on Jews either.

Re:Yes, let's hand email over to marketers

All right, let me take issue with this. "Make any difference" where?

Agreed, beating up Buddhists for being Buddhists is stupid, but I'd think twice if he signed up to be a cop. Could a Buddhist shoot someone to protect a fellow officer?

Similarly, I would hesitate to employ someone I know to be a Bible-thumping Catholic at an abortion clinic, although I'm not going to go out and shoot Catholics on sight.

Religion is a choice and thus reflects on the mindset of the individual - mindset matters for many jobs, and can be considered; race is genetic and says nothing except "This guy's ancestors came from such-a-place."

Re:Yes, let's hand email over to marketers

[hesiod]

> I'm not going to go out and shoot Catholics on sight.

I will, but apart from Cathoholics, I still agree with your point, especially about the buddhists, as I hadn't explored that line of thinking before.

-- "All people are [NOT] created equal" --

I think the point was that under the watchful eyes -- or heavy hand, depending on your attitude -- of a government or public entity that those things should make no difference. Real life, as you point out, is entirely different and you have to assume that people are not the same as you. If we always said and practiced seeing everyone as completely equal, there'd be a lot of pissed off people yelling about how unique they are (not that they don't now.
Which brings up my last offtopic point: How can parents and educators teach us that we are all equal, and then turn around and say we are all unique? We are equal in our uniqueness? Hardly.

But, now that your IQ has wavered a bit (not necessarily for the positive) I shall digress.

Re:Yes, let's hand email over to marketers

How insightful... (read: no shit, sherlock)

Like this is going to save the world

[Blaine+Hilton]

This seems like a ploy to legitimize spam. I see this as actually increasing the amount, not decreasing it. The only people that will likely benefits are the advertisers that use this Lumos thing to get their email on a "approve" list. Much like the NAT sensors in a recent slashdot article, this will just make the spammers change their methods, if it even takes off in the first place. Although this plan seems at least to me that it is ill fated, something needs to be done about spam. Like censorship though it's probably best left to the end consumer and not some blind upstream connectivity provider.

Go calculate something

Re:Like this is going to save the world

[Smallpond]

Yeah. There is a company that tried a copyrighted Haiku which you could filter on as a guarantee that your mail message was not spam. The trouble is, the only people that use it are the spammers.

Re:Like this is going to save the world

[Musashi+Miyamoto]

I totally agree. This would probably cause you to recieve more spam as a result. However, it might be a bit more cleaned up and "professionalized".

The only way to stop spam is either re-work SMTP or intellegent spam filters... Its hard to knock spam filters nowadays... They are almost artificial intelligence in their ability to spot a spam e-mail. Its amazing... Try a good one like iHateSpam and see... They remove close to 99% of spam.

I predict the first self-aware system will not be a 2001 HAL-like supercomputer, but a spam filter running on someones desktop.

"What are you doing Dave? How about a lower mortgage rate, Dave?"

Re:Like this is going to save the world

[johnnyb]

Having been involved in Internet marketing myself, let me say that most business don't want to send you email that you don't want to receive. That includes the mail houses that send them. The ones I have worked with get between a 10% and 30% _click_ rate. Why? Because send very targetted emails.

Few people are advocating any longer sending mass emails to everyone they can find an address for. Most people have found that using legitimate sources of addresses (such as your customer list, trade-show lists, and small targetted lists) get great results that customers are willing to pay for.

These people are usually sending out up to 10,000 emails at a time.

The professionals involved _want_ email marketing to be legitimate - because it gets higher-dollar business for them.

Re:Like this is going to save the world

[gclef]

2 thoughts:

1) if there's a public list of direct-email sites somewhere, great...instant blacklist. Let them make a list. I'm all for it.
2) The only *real* way to fix the unscrupulous spam problem is to make it no longer pay. To that end, I'm seriously considering writing a script that will fill spammers' order databases with bogus orders (and will do so through anonymous proxies like Peekabooty). My only concern right now is that it's probably fraud, so I'm hesitating.

Re:Like this is going to save the world

[homer_ca]

"This seems like a ploy to legitimize spam"

It's a ploy by the mainsleaze spammers to legitimize their spam because the scammers and porn peddlers give all UCE such a bad name. This might provide some relief from the scams, porn, Viagra, and penis enlargement spam, but potentially opens the floodgates for just about everything else.

Re:Like this is going to save the world

[StormCrow]

Of course when you post links, it would be a good plan to make certain that Ultimate Search hasn't scooped up the domain and squatted on it when it expired.

As a side note, has anyone ever managed to buy a domain off Ultimate Search? They swiped an expired domain I had my eye on.

Re:Like this is going to save the world

[allism]

Yeah, it probably is fraud, given that when you get junk mail and you mail back the business reply envelope taped to a box of used cat litter, it is considered mail fraud...not that I would ever advocate or do anything like that...

But let us know when you do this and set up a PayPal account so that after your ass lands in jail, we can contribute to your legal fund.

Re:Like this is going to save the world

[Moses+Lawn]

"What are you doing Dave? How about a lower mortgage rate, Dave?"

Dave, I've been meaning to talk to you. I don't think you are pleasing her as much as you could. If you would increase your penis size, Dave, I believe this girl would like to meet you. Here is a video...

Re:Like this is going to save the world

[Jayjay75]

>Try a good one like iHateSpam [ihatespam.com] and see

See another domain snatched up by Ultimate Search like a shark in a wading pool!

Re:Like this is going to save the world

[Pharmboy]

We do opt in mail. Under 10k, once a month, and I design them.

We send them text only, one page only, very quick bullets with links in plain text. The real newsletter is on the site, and we just use the email to say hi and direct them to the site. We explain why we do it this way in the email. We get a great response, good feedback, and less than 1% unsubscribe per cycle. We go out of our way to be and look responsible. Each email has an opt out link and our toll free phone number, that is answered by a real human being.

We have never gotten a complaint by going these extra steps. The way we use it, it is legitimate. We don't send to all customers, ever. Only to those who opt in. Yes, we want email marketing to become more legitimate because most of us are. The only way achieve this legitimatacy is to get rid of the real spam.

Most companies are responsible with commercial email, its just the few who use it as the sole business that make it look bad for those of us who it only plays a small but important role in our marketing.

Re:Like this is going to save the world

[Musashi+Miyamoto]

Whoops... I meant iHateSpam.

Which by the way, I found out it is free after rebate for a limited time from Amazon.com (in the full packaging with manual).

Re:Like this is going to save the world

[1u3hr]

This seems like a ploy to legitimize spam.

Not according to the FA. Basically, what is proposed is an organisation that certifies commercial email. "Certified email" would have a working unsubscribe. More usefully, it would have specified headers, so that if it said you had subscribed, it was actually true (if not, the company would lose its certification). The problem being addressed is that newsletters and other bulk mail that you may really want are being bounced by aggressive filters.

If this organisation can be trusted, you can use it to allow mail with specifc headers through. The incentive is that if they certify spam, peolke will just filter out everything they send. Of course, there are details, such as spammers forging these headers, that must be solved.

Re:Like this is going to save the world

[BuckaBooBob]

SMTP is broken due to spam... and from the language used in thie artice it doesn't sound like they are gonna do anything but change the face in hopes it wont be out right trashed by filters.. It seems more of a PR thing than anything to take some heat and focus off spammers.

Re:Like this is going to save the world

Would this increase amount of spam, after all?
If (and only if) these companies would really play by the rules, their commercial email would be easy to filter out. They would stop from sending you mail you don't want, and at least there would be someone responsible for them, so you don't need to contact every of them when arguing about spam they'll send.

Don't get me wrong; I hate spam. This month I've got more spam than every - and 3 even got trough (300 didn't, thanks to spamassassin). I just don't believe on denying and criminalizing every attempt of making not-so-glorious practicies currently in use less anarchic and more rationalized, same time dropping of those parts of these practicies which can be considered as most harmful and unwanted.

U.S. style has been, or at least seen to us outside, putting people in jail for ages, or punishing with astronomical fines. As far as I've noticed, crime rates or misuse of common methods haven't been lowering.

I believe one of the reasons this won't happen is requirement for these 'things'. Spam relates to need for electronical marketing to masses, and while there seems to be no way of doing this legally, it will be done illegally or on the edge of legality.
I don't like drugs either. Drug abuse is destroying persons and their families. Still, those are used even more and more every day. Punishments don't seem to work, with only making parties economically benefiting of drugs more professional and violent, who don't care abount any rules but their own, and sense of morality has totally been lost. And they are gaining more power all the time.

Why?
There is no alternative choice. But there is need. Need that is feed by our society and lifestyle. Something that isn't going away with just talking nicely. Something that would require so large changes to the construction of society, that it won't be accepted not least by large enterprise companies, which are benefiting of current situation. By companies that, like it or not, controls large parts of our society.

You cannot buy drugs legally (in most of countries). There were violent criminal organizations while alcohol was prohibited, distributing was aggressive and anarchic.
Well, marketing sometimes seems aggressive still, but you propably agree that it's way more rationalized than it was back then.

I'm seeing same patterns with spam. There will always be some way of spamming, even it would be illegal. Even it would result death penalty, they won't stop, if there is way if benefiting of it. If there is no alternative solution, it still will be done, "violently".

Of course, there will always be someone who doesn't care about rules, trying to benefit economically by breaking those. There are still persons, and even organized parties smuggling and trading alcohol. There won't be perfect world, ever. These groups are not causing as much harm as they used to.
I can't say same about spammers and drug dealers.

Re:Like this is going to save the world

But there's no point being on an "approve" list unless people - other people, people over whom you have no actual control - accept the list as legitimate.

So there's a strong reason to police the list. Effectively and visibly.

That's what this is about, and it strikes me as a Good Idea(tm).

Re: Re: Like this is going to save the world

I'm sure this has been posted before, but there was an article on how to reduce spam. Basically, don't open it. By not opening it, ever, you stop giving hits to the original SPAM sender. First, they think it's because you're filtering - so conversely the SPAM increases for a while as the various places try to get past your filters (and empirically research how to do so) - but, if you don't open any of it (no previewing in Outlook or similar program either) after about 2 weeks, the levels of spam start to shrink. Why? Because the spammers think your address has died, so it doesn't make sense to waste time sending to you. Of course, another person may find you eventually, or someone'll use an old list, but for the most part, the spam will stop.

Of course, opening just one message could cause you to get back on their list pretty quickly, so it's not perfect, but my signal to noise ratio has gotten a lot better over the past two months once I started paying attention to what I opened!

Re: Re: Like this is going to save the world

[eaolson]

I'm sure this has been posted before, but there was an article on how to reduce spam. Basically, don't open it. By not opening it, ever, you stop giving hits to the original SPAM sender.

A gentle reminder, it's "spam," not "SPAM."

Unfortunately, this is totally off-base. This only works if your email client interprets the HTML and displays an off-site image or something that allows the spammer to determine that the email has been read. I, for one, don't use such a client. (Eudora or Pine, depending on where I am.) My spam load is only increasing, never decreasing.

Obligatory antispam link for those not yet aware of it: SpamCop

Spam up 20%

[RollingThunder]

My spam is up 20% over the 1st quarter of 2003!

So how can I get spam futures into my portfolio? Something going up 20% a quarter is just what the stockbroker ordered!

Re:Spam up 20%

[Greedo]

Easy: buy shares in whoever provides you with bandwidth.

Incredibly intuitive notion

[mao+che+minh]

Terrific idea. I assert that we should also award the power to draft anti-monopoly legistlation to Microsoft Corporation.

Re:Incredibly intuitive notion

[B3ryllium]

Well, Microsoft has years of experience to draw from. It's like hiring Kevin Mitnick as a security expert. It happens.

Re:Incredibly intuitive notion

[cpeterso]

In related news about foxes watching hen houses, the Federal Trade Commission has selected AT&T to operate the new national do-not-call telemarketing list. Unfortunately, AT&T is #1 on the FCC's list of telemarketing complaints for 2001, 2002, and 2003 Q1.

http://www.msnbc.com/news/904102.asp?0cv=CB20

Re:Incredibly intuitive notion

diss the klan get a +5 funny.

diss microsoft get a modded a troll.

what happened to the good old days of ripping on microsoft just because.

too many MS Borg now infect slashdot.

Re:Incredibly intuitive notion

I thought that was what you americans had already done with your corporate lobbyists buying up every other politician.

web log spam

[dirvish]

I know this is kinda off-topic but I am kinda fired up about it right now. I just got done posting a comment to the Antispamist's Spam Forum about the increasing spamming of my web server logs. I am using a script that displays the recent referrers and it is currently half full of spam. Has anyone else had problems with this? This recent bout seems to stem from one guy

Re:web log spam

[Greedo]

That's got to be the subtlest way of spamming I can think of. So subtle, in fact, that I fail to see the benefit to the spammer.

Sure, you might peruse your logs and wonder why there is a referrer from www.some-spamming-site.com, and visit it. Once. Then you'll ignore them.

I suppose there is the issue if you make the referrers available on a public part of your site (as opposed to a password-protected staff section).

I also suppose there is the fact that he's using your bandwidth to generate those referrers. In which case, blackhole his IP.

Re:web log spam

[Mr.+Sketch]

I am using a script that displays the recent referrers and it is currently half full of spam.

Hmm, now it seems to be half full of slashdot.org referrers.

Re:web log spam

[dirvish]

Yeah, the offending urls have just about been pushed off the bottome since I only display the last 50 referrers.

Re:web log spam

[dirvish]

The post to the Antispamery: http://antispamist.dyndns.org/forum/viewtopic.php? t=12 w/ a poll


And I believe most/all of the following referrers are faked/spam:

www.sanmarinobasketcup.com[1] 1 : / [go] 0 below minimum threshold (0) www.inchfarm.com[1] 1 : / [go] 0 below minimum threshold (0) www.artifaxx.com[1] 1 : / [go] 0 below minimum threshold (0) www.augustapublishing.com[1] 1 : / [go] 0 below minimum threshold (0) www.aussiebar.com[1] 1 : / [go] 0 below minimum threshold (0) www.bu-derm.org[1] 1 : / [go] 0 below minimum threshold (0) www.arsongs.net[1] 1 : / [go] 0 below minimum threshold (0) www.arizonasba.com[1] 1 : / [go] 0 below minimum threshold (0) www.bobbakazoo.com[1] 1 : / [go] 0 below minimum threshold (0) www.spankit2.com[1] 1 : / [go] 0 below minimum threshold (0) www.search4pornography.com[1] 1 : /Adult-Directories/Big-Dick/ [go] 0 below minimum threshold (0) www.sexyteenerotica.com[1] 1 : /index.php?action=n [go] 0 below minimum threshold (0) www.chaiti.com[1] 1 : / [go] 0 below minimum threshold (0) www.chocoborancher.com[1] 1 : / [go] 0 below minimum threshold (0) www.lambertonline.net[1] 1 : / [go] 0 below minimum threshold (0) www.mathweb2001.net[1] 1 : / [go] 0 below minimum threshold (0) www.oceanroofing.com[1] 1 : / [go] 0 below minimum threshold (0) www.orangecountydiscjockey.com[1] 1 : / [go] 0 below minimum threshold (0) www.ipna2001.com[1] 1 : / [go] 0 below minimum threshold (0) www.questinspection.com[1] 1 : / [go] 0 below minimum threshold (0) www.crc-endocrinology.com[1] 1 : / [go] 0 below minimum threshold (0) www.dreamshaven.com[1] 1 : / [go] 0 below minimum threshold (0) www.enterprise-nx01.net[1] 1 : / [go] 0 below minimum threshold (0) www.pacificbiodiv.org[1] 1 : / [go] 0 below minimum threshold (0)

Re:web log spam

[Chmarr]

There are a number of popular Weblogs (blogs, whatever) that are being hit with this kind of thing. The reasoning is that these logs often display their referrers to the public. So, as a spammer, you can get some free advertising on these sites by accessing the blog with a referrer containing your message.

Stupid, yes, but who is attributing spammers with intelligence?? :)

Re:web log spam

[yintercept]

It actually shows that web sites need to be aware of the way search engines work, and to block pages that they don't want the engines to crawl. It is always best to include a robots.txt with:

User-agent: *
Disallow: /guestbook.html
Disallow: /log/

...and all other pages the site should avoid crawling. It is like any other security issue...any hole in a site will be exploited.

Re:web log spam

[catfood]

robots.txt only works if the client side chooses to observe it. We are talking about spammers.

Re:web log spam

[Dave2+Wickham]

I've had this a couple of times - but not that much. My logs are filled with useful referrers ;).

Of course

[7x7]

I will gladly post my email to a public "do not mail" list. I assume the list will be harvested to "remove" me.

Re:Of course

Please mod parent up. This is seriously funny stuff.

Re:Of course

[amuro98]

Been there, done that. Check Google for defunct companies that did just that, got caught selling their lists to spammers, and claimed "hacker x" did it...

Really now...if folks don't trust the government, do you really think some group of marketters is going to be any more trustworthy?

Re:Of course

[7x7]

Someday I'm going to write EtherSlap! A trojan the gives you a shock through your mouse when you send me spam. I just have to figure out how to get a PS/2 or USB port to jump a spark that far.

Show of hands

My spam is up 20% over the 1st quarter of 2003! Yay!

How many others use (something)@slashdot.org for all the email entries for anonymous ftp servers, web downloads, pron logins, etc, etc?

Thing is, Taco, you and your editors are easy targets, and not all that highly respected. Your spamload is completely atypical.

The company I work for gets very little spam, on the scale of a couple dozen a month for hundreds of users. We have no filters in place at all, it's not a problem here.

It isnt random. You're just the internets chump.

Re:Show of hands

none@yourdamn.biz

Re:Show of hands

[freeweed]

You get a couple dozen a month across hundreds of accounts? Is

Re:Show of hands

[Doug+Neal]

I added an A record to one of my domains to point to 127.0.0.1. Whenever a website wants an email address I just put [something]@[that A record]. :)

me too.

[nege]

I agree- every time I call Verizon I get a nice message in a soothing voice telling me that they respect my privacy. Yet I know they sell my number to telemarketers because I don't give that number to anyone else but personal friends! Then they will sell me some telemarketing blocking technology, and sell the telemarketers anti-telemarketing technology technology and so forth. I don't see how this email stuff will be different...but then again Im completely jaded.

Re:me too.

[kiolbasa]

Every time I call Verizon I get a nice message in a soothing voice that I could probably use voice mail service on my line, a second number or some other crap. I don't expect them to be any better than the telemarketers when it comes to my privacy. Of course they respect my privacy, they just have a definition of privacy that maximizes their revenue.

Oxymoron

[ad0gg]

Kinda like letting the fox guard the chickens. I have feeling this to weed out porn, and "penis enlargement" emails so the marketing companies don't have worry about their spam getting diluted.

Tracking spam

My spam is up 20% over the 1st quarter of 2003!

You track your percentage of spam? And keep historical notes?

WOW! Get a life..
Hrmm...how long can you live without touching a keyboard? Take a deep breath, pry yourself away from the cheap fake leather chair, and go outside. You can do it!

Someone needs to create a support group for people like this...Kinda of like Alcoholics Anonymous.

Meetings would have to take place through Instant Messenger/IRC until you can pry them away from the computer.

Re:Tracking spam

Forgot VOIP.

When they break down in tears it would be hard to type on soggy wet keyboard.

Re:Tracking spam

[AnotherBlackHat]

ou track your percentage of spam? And keep historical notes?

Of course he does. You can too just:
Create a mail folder called "Spam".
Instead of deleting spam, transfer it to your spam folder.

-- this is not a .sig

Re:Tracking spam

[jqh1]

I track spam at spamgourmet.com for about 27,000 user accounts (disposable email accounts). It's actually down about 13% this week. (no, I don't have a life)

We see dips around major (US) holidays, such as Thanksgiving and Christmas, and, for instance, a big one right after Sept. 11, 2001, but I'm not sure how to explain this one.

Re:Tracking spam

>>My spam is up 20% over the 1st quarter of 2003!
>>
>You track your percentage of spam? And keep >historical notes?

Yes, I even wrote a module to do this for me (I am inherently lazy!):

See http://bloodgate.com/spams/stats.html

And if you look at it, you see why I do this: To document how _sick_ the spam problem makes me. For the about 5 personal email I get a day, I get nealry 140 spams per day - and it is rising :-(

This interferes with my life.

Tels

(Posting as AC since not registered)

Re:Tracking spam

I have always wondered how secure SpamGourmet is:

"where someword is a word you haven't used before, x is the number of email messages you want to receive at the address (up to 20), and user is your username. For example, if your username is 'spamcowboy', and you give this address to somebody (or, more probably, some thing):

spamelope.2.spamcowboy@spamgourmet.com

the address will be created here the first time it is used, and you'll receive at most two messages (forwarded to the email address you specify above) on the address. The rest will be indelicately consumed."

What stops me (or Joe Spammer) from just creating "blurb.200.username@spamgourmet.com" when I know "username"? Would that automatically work and forward the email to username's forward address?

Tels (http://bloodgate.com/mail.html if you want to answer per email :)

email mod?

[SHEENmaster]

seems to me that the thing to do is make "user.foo@bar.tld" where bar.tld is the server and foo is the host you gave your email to. A user command or webform would then be able to tell the smtp server to reject incoming requests for user.foo.

Another idea is to not give your address out. I've only recieved 4 sams for my account, all of which appear to be from spambots. (let's hope they don't read /.!)

What would be the best server-side spam filter operated by root, where upon request I could block spam with a particular title or source for all users?

cannot stop spam.

[Musashi+Miyamoto]

Unless SMTP is re-worked to disallow false source addresses, spam is not going to be stopped by a system like this. As long as there is no accountability from the sources of spam, it will continue to be pumped out from overseas. Though projects like PennyBlack and SpamNet are good in concept, the only one that has proven to work is intellegent filtering. Spam filters like Spam Inspector remove around 99% of junk email... You need to have one to make using your e-mail account worth using again...

I couldn't imagine my Yahoo mail without their spam controls... (Unlike Hotmail, which spams you themselves)

Re:cannot stop spam.

Spam filters like Spam Inspector [giantcompany.com] remove around 99% of junk email... You need to have one to make using your e-mail account worth using again...

They claim 99%, but statistical methods may only give 90 to 95% which is next to useless.

I use a different method of analyzing the headers and looking for mistakes that spammers make. This gives me 100% accuracy, at between 300 and 3,000 messages per second.

When a spammer comes up with a new trick, it takes only a short time to code and any new spam containing that flaw is instantly recognized and filtered out.

I will upload the latest version later this evening, but if you'd like to see how it's done, get my source at

http://www3.sympatico.ca/add.automation/misc/spa2e 921.zip

Best Regards,

Mike Monett

Re:cannot stop spam.

[minas-beede]

What is the goal - to stop spam coming to you or to just plain stop spam? That latter would be everybody's spam. Seems like stopping everybody's spam would have the bigger payoff.

You stop your own spam when it comes to you. You stop the spam for everybody when you let the spammer send relay spam to a box you control. To see if you are qualified to do this take this simple test:

If your system receives relay spam do you:

(A) Deliver it

or

(B) Not deliver it?

If you answered (B), Not deliver it, you have passed the test.

The spammers are looking for open relays and open proxes all over, every day. Right now they don't know the difference between a real open relay and a fake. This is an opportunity. Create a fake open relay, let them find it (which means you allow their test message to be delivered) and then watch to see if spam rolls in [remember the correct anser above was (B).]

Re:cannot stop spam.

[amuro98]

Spam is not a technology problem.

It's a social problem. It's a problem of greed, laziness, and a general disrespect for anyone and everyone.

No matter what sort of technological wizardry is concocted, spammers, like cockroaches, will slip in between the cracks.

I don't care about filtering spam. I want a system that will prevent the stuff from ever being transmitted in the first place (like maybe a keyboard that would explode, mortally wounding the user if the keyboard detected that the user was going to spam...)

Re:cannot stop spam.

Good idea dipshit. Then when the spammer tells his spammer buddies they can all spam your relay and thus clog your bandwidth, thus fucking you in the end.

Good thinking!

Re:cannot stop spam.

[AnotherBlackHat]

... the only [spam stopping] that has proven to work is intellegent filtering.

There are two schools of thought on this,
which I like to call "spam assassin" and "spammer assassin".

People in the spam assassin school are interested in not reading spam.
To them, anything that stops them from reading spam "works".
They would rate things like Baysian filtering as incredibly successful.

People in the spammer assassin school are interested in stopping spam from being sent.
They would rate things like Baysian filtering as a dismal failure that "misses the point".

Intelligent filtering is effective against spam,
but not against spammers.
It may or may not "work", just depends on your school of thought.

-- this is not a .sig

Re:cannot stop spam.

[sqlrob]

You throttle it moron. Make it a tarpit.

Re:cannot stop spam.

[myov]

Unless the filter isn't great and filters out *valid* email.

Hotmail loves to filter my mail - my opt-in lists, even mail sent from OS X's mail (if it's not from outlook, it must be spam). So my users never see what they signed up for.

Re:cannot stop spam.

There are two schools of thought on this,
which I like to call "spam assassin" and "spammer assassin".

Hmm. Spammer assassin. Yes. That should work. I know what I now must do. Can you provide their physical addresses?

Re:cannot stop spam.

[Isofarro]

You throttle it moron. Make it a tarpit.

That's short-sighted - amusing for the tar-pit owner but short-sighted. The strengths of tar-pits is that they keep a spammer occupied for the one session he's using it. He is more likely to recognise a tar-pit than a fake open relay, and thus more of a chance he'll move on.

What happens when a spammer finds that an open-relay is too slow or only accepts x emails at a time before slowing to a crawl - he'll move on to other "proper" open relays.

With -bd's suggestion and implementation of fake open relays, the spammer _thinks_ he's emailing millions, so he continues using this "open relay". The relay doesn't forward the email on, just forgets it. That equates to less spam being delivered.

-bd has been doing this on a 486 for well over a year. Maybe he can give us an accurate figure of how much spam it has not delivered?

Once in a while the spammer will send a test email - once this pattern is recognised, allow that email and no others through, and the spammer is none the wiser about this "open relay".

IIRC one of the regular users of -bd's relay is Alan Ralsky himself.

I use

me@me.com. I bet whoever owns me.com hates me.

1/3 of all email is spam according to PCWorld

[zbowling]

According to this artical on PCWorld 1/3 of the email on the internet is spam and the rest is mostly person-to-person communications. http://www.pcworld.com/news/article/0,aid,105525,0 0.asp I support anti-spam legisitlation.

Re:1/3 of all email is spam according to PCWorld

[freeweed]

According to this artical on PCWorld 1/3 of the email on the internet is spam and the rest is mostly person-to-person communications.

If it isn't a person sending it to me, it's still spam in my book, so I guess that makes sense ;)

Although others are pegging that ratio closer to 40 or even 50%.

Re:1/3 of all email is spam according to PCWorld

[einTier]

I only wish my ratio was 50%. I probably see 60 or 70 spams to my email daily. I get maybe 20 or 30 legitimate emails.

But the thing that's really pissing me off is when they use topics and names that are just bland enough that I can't safely delete the stuff without wondering if I'm deleting legitimate email.

cell phone spam

[ratpick]

One more piece of spam on my cell phone (an address I have been VERY careful with), and I'm going to purchase an automatic weapon--keep posting their home addresses.

Marketers

[jawtheshark]

SPAM makes Marketers look bad. I know people around here have no love for marketers at all, but I'm going to show you they are not all bad. My best friend *is* a marketer and I'm an IT guy. (He works for Panda Software , just to advertise a bit for them)

Anyways, when I told him about practices that spammers use like reselling email lists, scavenging webpages for emails, etc... He was outraged. Yes, you read that right. It just went completely against ethics for him, because that is not what they teached him at the business school.
He even got more outraged when I explained him what spyware is, but that is another can of worms.

Essentially, SPAM and Spyware is what the "real" marketers look bad. They're just the scum of the industry.

Re:Marketers

Oh, you mean the Panda Software that keeps spamming my work account with offers for anti-virus software??? The one who uses false headers???? The one who can't seem to take a hint that no means no???

Pot=Kettle=Black

Re:Marketers

[Random+BedHead+Ed]

Quite right, jawtheshark. My girlfriend also works for a marketing company that sends direct e-mail; in fact it's one of the members of this ESPC group. She is similarly outraged by spammers.

What's the difference between spam and the e-mail that these companies send out? The difference is huge: they let you unsubscribe, they don't hide their sending server, and they don't use open relays as a go-between.

If one of these companies sends you mail, you probably asked for it - and if you don't like it, you can easily prevent its recurrence. Though I don't personally like commercial e-mail, many people do ask for it. There are reasons for solicited commercial mail: travel sites send updates about low-cost vacations, Red Hat sends info on its GNU/Linux offerings, and so forth.

These companies send non-spam, and spammers threaten to ruin their businesses. While the idea of a DNS-type lookup service for SMTP is something we shouldn't jump right into, it's good to see that these companies are generating ideas.

Of course if everyone (and I mean everyone) used RBLs like Spamcop that might also take a chink out of the spam problem.

Re:Marketers

[Random+BedHead+Ed]

Sorry - that was a chunk out of the spam problem. My keyboarding class isn't until next week.

Re:Marketers

[jawtheshark]

I only get spams for Norton Antivirus, and I'm pretty sure it's not Norton behind it. Why would any company associate with spam? It makes them look bad.
Sure you didn't opt in while buying on of their products? Opt-in is not spam, annoying, but not spam.

Re:Marketers

[freeweed]

Your best friend works for Panda Software (a fairly well known anti-virus vendor), and he doesn't know how spammers obtain email addresses, nor what spyware is? How the hell did he get that job in the first place?

Oh wait, you said marketing... ;)

Re:Marketers

[sqlrob]

If the company sends it without you giving consent, there is no difference between her company and the penis enlargement ones. The hiding of originating servers is irrelevant.

Consent is the only thing that matters. Anything else will lead to a meltdown of the e-mail system.

Re:Marketers

[jawtheshark]

You're funny. Yes, indeed... He's a marketer, not one of us. He still is a nice guy. Contrary to common thought around here, not everyone is tech-inclined. He thinks that flash is nifty and that's about his level of tech-knowlegde.

I once had to explain to him what a database was. He thought of it just as an excel file. I'm pretty sure you have encountered such users.

I once worked for a bank where I had to write an ebanking application. Of course, you get marketers on your back then. (The ebanking thing is after all something a client will get to see) I think I had to explain her about 20 times that the colour on a computer screen is not fixed and that everyone will have a different redition of it. Still she insisted on changing the colour of and image by 2 values of red (you know, from red:245 to red:243...)

Re:Marketers

[ElectricRook]

How the hell did he get that job in the first place?

He's probably is a POWER POINT guru.

That's what gets you promoted where I work!

Re:Marketers

[Lozzer]

I recently got spam from Panda entitled "HOW TO FIGHT THE NEW E-MAIL WORMS (Advertising)". Do you think that because Advertising was in the title its OK? Wrong. Tell your marketing friend that he is no better than the rest of the scum that he professes to hate. Or maybe they'd like to add some validation to their sign up, plus leaving the please forward this to anyone who you think might like it crap off the bottom.

Re:Marketers

Any marketer that interrupts me is evil and must die in agony. I don't care if it's spam, banner ads, TV ads, telemarketers, or the fucking 10 year old trying to sell me candybars because the public school can't make efficient use of the money it steals from individuals through property taxes.

If I want to buy something, I'll find you. Don't call me; I have a voice and am perfectly capable of calling you.

Hmmm

So, they want to get rid of the bad spammers, so that they can spam us all over again, but this time with "quality" unsolicited email.

Riiiiiiiiiiiiiight.

I use

I always use webmaster@.com

Adobe starting blocking that recently.

I'm a spam newbie!

[I'm+a+racist.]

Unlike most people, I've been pretty immune to spam.

I've been using email regularly for 8-10 years (since somewhere in high school). I never recieved any spam throughout my undergraduate education (kind of before spam got really big). I haven't stuck with the same email account for more than 3 years, so far. I currently have three accounts that I use regularly.

I posted quite a bit to Usenet for a while as a teenager (enough to get banned from at least 1 ISP). Sometimes, but not always, using the defunct anonymous remailer. Maybe that was just too long ago to be much of a problem. At my last job (first one out of college), despite being on a number of mailing lists (WAP Forum, IETF, etc), I never got 1 piece of spam in over 2 years.

On my email account for graduate school, I've gotten 2 pieces of spam. Both were from the same place, Britney Spears' resturaunt, Nyla.

My personal email account has never recieved any spam. Again, I'm on a few mailing lists (Optics Society of America, ISOC, etc). But, I do find newsletters to be a bit of a nuisance. Now, at my latest job I'm getting regular spam. I have not made this email address public. I began recieving spam within the first two days of my account being active. The first one I recieved was clearly a dictionary attack (the same username at a bunch of different domains).

I must say, the IS/IT guys at my old company must've done some great filtering. They were generally good people, always knowledgeable and helpful, so I'm not too surprised.

My current university must also be doing a decent job, despite them not being very strong in computer science (note: I don't study computer science there).

Oddly, the bogus email account I use to register for things, gets surprisingly little spam. Mostly, it just gets the crap sent to me when I forget to check/uncheck the "I'm a gullible dumbass" box.

whats wrong with spam??

i am debt free
i got 3 more inches
i get viagra without prescription
girls got a crush on me
i got free stuff

Re:whats wrong with spam??

That was pretty damn funny, d00d, although since the moderators around here are such fucking idiots, they probably won't mod it up. (not that that really fucking matters, anyway, especially since you're posting AC)

But just know you made me chuckle... :)

My Spam is down -(1/0)% in the past month...

[tigersaw]

...thanks to mailblocks (click here for original article about it). It was a pain at first getting all my contacts and listservs entered into my safelist, but since then I've been 100% spam-free. I just check my pending folder once a week or so for stranded messages. And heck, $10 for a 12MB inbox for three years is a deal compared to the big boys.

Porcus Percoquere Ad Nauseam

[jazman]

Hmm, Guild of Spammers...sounds like something Terry Pratchett might have thought up for the next installment of Ankh-Morpork.

(Couldn't find "spam" in my Latatian dictionary, which also doesn't have a section on how to convert the infinitive to past tense, so "to cook pig" will have to do.)

Re:Porcus Percoquere Ad Nauseam

Often when a word is new to a language it is simply used as-is. (Think of common foreign words used in English, such as "croissant.") After the word has been used a while, sometimes it becomes a word native to the language but with a spelling that is easier for the native speakers to pronounce (for instance, the Spanish word for shampoo is "champu").

Re:Porcus Percoquere Ad Nauseam

\LatinGrammarNazi
As any reasonably intelligent 6-year-old would tell you, the perfect tense infinitive is formed by dropping the -i and adding -isse to the 3rd principle part, ergo "percoxisse," you uneducated boor.
\LatinGrammarNazi

ESPC are spammers

[gorbachev]

"The member list doesn't look too anti-spam to me."

That's damn right. It's the Who's Who of spam-for-hire operations. Every single one of them spams. It's just that they claim their spam is not spam.

Proletariat of the world, unite to kill spammers. Remember to shoot the knees first, so that they can't run away while you slowly torture them to death.

Gulp

Now I'll have to figure out somewhere else to get my Blue Pills. I guess I've have to make an embarrassing trip to the doctor's office. Dang ;)

Sure fire way of stopping spam

[dfn5]

[wildstar] # sh /etc/init.d/sendmail stop

Re:Sure fire way of stopping spam

[minas-beede]

[wildstar] # sh /etc/init.d/sendmail stop

sendmail -bd used to work, too. For stopping relay spam. It came in, it stayed.

It's more complex now:

http://fightrelayspam.homestead.com/files/antispam 06132002.htm

Email is more useful then the phone

[zbowling]

With all this talk about spam, I wondered the legitimacy of using email. I rarely ever get an email from hand-written from anyone anymore, and I ussally send about 1 email a month at most. I mostly use it to register for websites now. I must be wrong though. According to this artical on PCWorld, more IT people prefer using email over calling someone.

http://www.pcworld.com/news/article/0,aid,110409 ,0 0.asp

"80 percent [of IT professionals surveyed] said they see e-mail as a more valuable communications method than the telephone, and 74 percent said they would have more difficulty if they lost e-mail access for five days than if they lost phone access ... E-mail is apparently more important [to users] than some companies think"

Re:Email is more useful then the phone

[Sylver+Dragon]

E-mail offers one feature that a phone doesn't: a paper trail. This may just be me, but way too often I have had to deal with some weasle who won't give me information in writing. Instead, they want to just tell me over the phone really quick, and then they bitch that what I did was wrong. As such, I am now a real bastard when it comes to getting a written scope of work, the verbal, over the phone spec has two problems:
1 - I don't have a photographic memory, so yes, I do occasionally get things wrong.
2 - The person telling me either gets it wrong, or changes their mind after telling me, and uses the lack of documentation to blame me.
Using email just makes sense in a business environment. It has a much better memory than I do, and it keeps the weasles honest, or at least catches them when they aren't.

I use

bob@smith.com

I've sent a couple of test emails to that account from one of my 'other' email accounts and they haven't bounced, so I assume it's legit. That guy's gotta be drowned in spam. :)

Oh, and on my real email address, I get like 50-100 A DAY, so it's not just well-known people like the slashdot editors who get buried by this crap.

Eugenics a cure for Spam?

[kramer2718]

Why not disallow procreation for those who respond to the penis enlargement e-mail that I see advertised in my inbox every day? No one respond to spam -> Spammers do not profit -> Spammers quit spamming

Re:Eugenics a cure for Spam?

So I guess that means you responded to spam, thats why you get it.

Re:Eugenics a cure for Spam?

[Moses+Lawn]

Perhaps the 'enlargement' process actually makes you sterile. That would help the problem.

Not exactly spam...

[MadAnthony02]

Supposedly, the point of Habeas is that the companies that use it are opt-in and actually have options to let you unsubscribe that let you unsubscribe instead of just sending you more spam because they know that you are an active address. Arguably, if the people who use it don't conform to not being spam, then people who manage mail servers won't let Habeas through

The only sender I've noticed using this is HarrisDirect, an online polling company. I did subscribe and am cool with getting mail from them, so I don't consider it spam. I consider that mail vastly different from some random AOL account sellin me penis enlargement pills.

Re:Not exactly spam...

[sqlrob]

I consider that mail vastly different from some random AOL account sellin me penis enlargement pills.
In some cases, it's not. HarrisDirect has spammed people before. In your case it's not spam (you gave consent), but in others it is.

Re:Not exactly spam...

[amber_lux]

The only sender I've noticed using this is HarrisDirect, an online polling company.,

Topica.com uses it. At least for some email. That still did not get it out of Spews.

I have seen a few individuals use it. First report I saw for it, was by a spammer.

One other thing, the spammer gets one free pass. Which, to my way of thinking, means that the spammer can forge the Haiku, and spam all year long, without any consequences of alleged copyright violation.

Wind under They Wings

Amber

Re:Ask Slashdot

I don't know about your second question, but to add yourself to the proxy group, simply edit /etc/group (as root) and add your username after proxy:

You then have to log out and back in.

hth...

Right

"Lets us take care of our own, don't let the government legislate us out of business!"

Right. And HOW MANY people WANT unsolicited email again?

This might actually help...

[Ironica]

Consider the movie ratings system. It's not in any way government regulated; it's run entirely by the Motion Picture Association of America. Whatever disputes I have with their policies and practices, you have to admit, the industry has been fairly successful at eliminating the need for government regulation through self-regulation.

It sounds more like these spammers are getting together to find a way to continue sending requested marketing email. Spam has gotten so bad that the baby is being thrown out with the bathwater at the ISP level, before the consumer even implements their own filters. They're afraid of losing the ability to market via e-mail *period*, so they've come up with a way to screen it.

If it actually works as they claim (in terms of unsubscribe rules, identifiability, and so forth) it might be a way ISPs could filter out commercial email that *doesn't* conform to this protocol, while still allowing commercial email to happen.

I'm not saying I think it will (or won't) work, but I think this is probably a sincere attempt to regulate commercial email in a manner that will be acceptable to consumers.

Re:This might actually help...

[nnet]

Consider the movie ratings system. It's not in any way government regulated; it's run entirely by the Motion Picture Association of America. Whatever disputes I have with their policies and practices, you have to admit, the industry has been fairly successful at eliminating the need for government regulation through self-regulation.

You can choose what movie to see, or not to see, or whether to see one at all. We don't have that choice with unsolicited email.

Re:This might actually help...

[stratjakt]

The point of the grandparent is that industries are capable of regulating themselves without a bunch of government involvement, or some bill dancing around Congress getting all sorts of zany email restrictions tacked on to it (and I can't believe thats what slashbots want - more government involvement and monitoring in their communications).

Most commercial emails I've gotten were from companies I've done business with in the past. Some I've opted out of and never heard from again, some (like lik-sang.com) I let send me their biweekly product announcements because I want it.

Using email as a marketing tool is effective and non-intrusive when done with some ethics. If I say "dont call/email me again", they shouldnt.

There's only a handful of assholes out there responsible for the Nigeria scams and herbal viagra type crap. Most organizations are legitimate.

If they think they can effectively police themselves, I say we give them the chance. Whatever they do, you better believe it's better than the feds (directly or by proxy through your ISP) scanning all your outgoing data to see if you're spamming.

Re:This might actually help...

[amuro98]

The article makes a bunch of blunders...

First off, it tries to call *ALL* commercial messages "spam" which is incorrect.

The generally accepted definition of spam is "Unsolicited commercial email." Some also go with "Unsolicited bulk email."

That first word is the most important one - UNSOLICITED.

I'm on a couple of commercial lists with vendors whom I trust. They respect my privacy (no selling my name) send me only stuff when I've signed up for it, etc.

Now tell me how any of the companies (including excite) listed in the article deal with solicited commercial email. They don't. They make their money from indiscriminatly sending ads to millions and millions of users who never asked to be on the list in the first place - in other words, opt-out spam.

Anyone who thinks opt-out spam is "OK" need only consider your local yellow pages, and all the 1000s of companies contained within. If opt-out spam becomes "OK", how much spam are you willing to deal with? 50/day? 100/day? 2000/day?? Kiss email, and for the most part, the internet goodbye.

Re:This might actually help...

[KC7GR]

The only way that marketing E-mail would EVER be "acceptable" to me is if it is not sent at all unless I explicitly ask for it first, AND confirm that request with a unique and randomly-generated token that the sender will keep on file along with my request.

That's confirmed opt-in. That's the right way to do E-mail marketing because anything you send with it is not spam by default; It was asked for by the recipient(s).

Oh, BTW, people that send "requested marketing email" are, by definition of the term "requested," not sending spam to begin with. You've got some self-contradiction in your post when you say that the spammers are just trying to send stuff that was requested. Heck, that might even be believable if they weren't all known career spammers to begin with.

The issue of spam is not now, and never has been, about CONTENT. It has always been about CONSENT. As in 'advance, explicit, informed, and confirmed' consent to receive the stuff. Spam would vanish overnight if the DMA and other marketdroids would just get that fact through their collective thick skulls.

Re:This might actually help...

[AnotherBlackHat]

The generally accepted definition of spam is ...

There is no generally accepted definition of spam.

Re:This might actually help...

Bullshit.

http://www.elsewhere.org/jargon/html/entry/spam. ht ml

Unsolicited commercial e-mail.

Period.

Re:This might actually help...

[BuckaBooBob]

I think its more PR.. after all.. There will tonnes of people that wont want to go through the process and send it anyways. Currently there is no mechansim in SMTP is enfore ANYTHING other than only accepting mail for valid recepiants... and that isn't 100% either :)

Re:This might actually help...

[Ironica]

The issue of spam is not now, and never has been, about CONTENT. It has always been about CONSENT.

I dunno... I'd have a lot less hostility toward spam if it wasn't always telling me I should enlarge my (non-existent) penis (yay XX chromosome). In general, there would probably be less hostility toward spam if it was not saturated with products that most people don't even *want* to want. It's the stuff that has the hardest time selling... so they sell it the hardest way possible.

Consent is a big issue, too. If they actually set up this system as they say they will, then consent will be part of it. You'll at least be able to tell the emails you consented to from the ones you didn't. That's a big if, but it's conceivable.

Re:This might actually help...

[AnotherBlackHat]

There is no generally accepted definition of spam.

Bullshit.

http://www.elsewhere.org/jargon/html/entry/spam. ht ml

Unsolicited commercial e-mail.

Period.

Spam is flooding the Internet with many copies of the same message;
http://spam.abuse.net/overview/whatisspam.shtml

Spam is unsolicited bulk e-mail;
http://kb.indiana.edu/data/afne.html?cust=7352

Spam is any mass electronic mailing you did not ask for;
http://www.umich.edu/~itua/email/canthespam/what.h tml

Spam is something you receive that you did not ask to receive;
http://www.stop-spam.org/On-Line_Spam/spam.shtml

"Spam is about conSent, not conTent", "Spam is about Bulk", "Spam is about selling stuff",
"Spam is not about selling stuff", I've heard them all, and many others I'd just as soon not mention.

Anti-spammers who want you to believe that their's is the one true definition is what is Bullshit.

-- this is not a .sig

Give them spam back

[Pettifogger]

If everyone really wants to get rid of spam, do what I do. With every delievery, I forward it to my free "spam" account on Yahoo. Then I either send in a bogus order or ask them a lot of pointless questions about their product.

A number of people here have mentioned the extremely low response rate to spam. This is what allows it to survive. Imagine if their response rate went up something like 5000%, but 99% of those were fake, but realistic responses. This would *instantly* kill the profit motive. More staff will be required to process the fake orders/replies, and they'll have a devil of a time weeking out the true from the false responses. Eventually, the profitability scale will tip, and that is when spam will end. No program, list or change in technology is going to stop spam until everyone stands up and gives it right back to them.

Re:Give them spam back

[enjo13]

I disagree. What your proposing really skirts the line with fraud, and much of it would illegal in about 85% of the world.

I do think your on the right track. The key is to find a way to make Spam expensive. After all, the problem is that these people can send out 80 million e-mails and the total cost is the price of a list and a few dollars in bandwidth. We need to find a way to fight back and make the cost of transmission higher.

How? I have no idea.. but I'd love to hear some ideas.

Re:Give them spam back

[Xerithane]

I disagree. What your proposing really skirts the line with fraud, and much of it would illegal in about 85% of the world.

How is responding to their spam and asking for more information fraud? This is actually a decent idea, and I'd like to setup a script to do it. You send me spam, if my bayesian filter marks it as such you get a response from a freshly created mailbox on my mail host asking for more information on your product. If there are web links to be had, to a wget on those to grab some bandwidth.

That'd be kinda fun, actually.

The key is to find a way to make Spam expensive. After all, the problem is that these people can send out 80 million e-mails and the total cost is the price of a list and a few dollars in bandwidth. We need to find a way to fight back and make the cost of transmission higher.

The bandwidth doesn't matter. Bandwidth is cheap. Getting personal intervention is what will do it. Create throw-away email addresses to ask for more information. If there isn't a valid reply to email in the spam, find their webpage and write a script to scour for sales@, contact@, support@ and send them a nice form mail.

This would be hysterical, really. Then, when they respond to the throw-away email address, you can have a human intervention step. If they respond, then start asking much more questions about their product until they give up on you as a piker.

Re:Give them spam back

[dcmeserve]

More staff will be required to process the fake orders/replies, and they'll have a devil of a time weeking out the true from the false responses.

Hmmm, you know a lot of them have on-line ordering, including a step where they validate your credit card number. I wonder, what's the effect of an invalid card number being entered? Obviously they have to check w/ the card company to see if it's valid. Is there a cost associated with that? i.e. does the company have to pay 0.01 cents or something per query?

If so, that could be a way to directly increase the cost of sending spam (or of hiring a "marketing firm" to send spam). You go to the spam-sponsor's web site, fill out the order with bogus information, including dummy credit card info, then repeatedly hit "send". Could a script could be set up to do this? Hmmm.

Re:Give them spam back

[ElectricRook]

That'd be kinda fun, actually.

Yeah, have a pool of letters requesting for information. Make sure to have the letters in HTML, with lots of annoying widgets, and slot to load images. Then become... Well a spammer.

Re:Give them spam back

Someone has to pay for transactions that don't go through. Some places charge, othres don't but when you get a few hundred bad cards real quick, the bank may pull the account because they know they are going to get hit with fraud. You can take out spamers that way. About the only requirement that gets checked before the bank is the 1st 6 digits are for a real bank and the mod 10 check works and the expire date is reasonable. Once it hits the bank, someone pays.

Re:Give them spam back

[trudyscousin]

"...and they'll have a devil of a time weeking out the true from the false responses."

'Weeking?' Are you saying that spammers use guinea pigs to process their replies?

('Wheeking' is the term given a guinea pig's loud, strident squeaks when, for example, they hear you rattling the plastic bag in which their timothy hay is packaged and know they're about to be fed.)

Re:Give them spam back

[Xerithane]

Yeah, have a pool of letters requesting for information. Make sure to have the letters in HTML, with lots of annoying widgets, and slot to load images. Then become... Well a spammer.

If spam is outlawed, only outlaws will have spam!

Re:Give them spam back

[myov]

I just sign their address up for more spam (behind a proxy). Less effort, and it makes it harder for them to see *valid* mail (unless they're filtering as well)

Re:Give them spam back

Does not work. Spammers don't even answer legitimate requests about their products.

Re:Give them spam back

If by "invalid" you mean "totally random number", it doesn't cost them anything - CC numbers have checksums to detect bogus numbers - checking this SHOULD be part of their order form (it won't even attempt to submit a bogus number to the bank for processing). Although I'm sure you could find out what the algorithm for generating your own bogus CC numbers is... But, OTOH, if you were to get a card, say, in your dog's name (with a tiny credit limit) and then submit a huge order, they would pay...

Re:Give them spam back

[ElectricRook]

At first, I thought spamming spammers might be a good thing. Then I discovered spamming a spammer, made me a spammer.

I decided that I hated spam more than spammers, and determined that I would not become the very thing I am fighting.

Re:Give them spam back

[Xerithane]

At first, I thought spamming spammers might be a good thing. Then I discovered spamming a spammer, made me a spammer.

This isn't spamming spammers though. This is requesting more information of the product advertised through automated means. Spam requires unsolicited email, right? This is very solicited, regardless if it is automated or not. This is why I think it's much more ethically "pure" than spamming them.

Meaning

[kkirk007]

Ah yes, " Lumos ", from the Ancient Greek meaning " really dumb idea "

Re:Meaning

[tinfoilgrrl]

Maybe from the Ancient Greek lume meaning outrage, maltreatment, corruption, damage, etc.

Or they've been reading too much Harry Potter.

The plan is backwards

[mattsucks]

Their idea, which boils down to a giant opt-out list of email addresses, impresses me not. If they proposed a giant opt-in list, I'd be a bit more excited. Of course, nobody would sign up ... I can't imagine too many email Oliver Twists out there saying "Please sir, may I have some more [spam]?"

And would you entrust your email address under any circumstances to an organization who's entire business is sending marketing email?

Re:The plan is backwards

[Masem]

If the "commercial email" was highly targetted, 'lightweight' (nothing beyond basic HTML) and marked in such a way as to be able to filter it 100% (e.g. "[ADV]" at the start of the subject), and that by opting in to receive such email would give me a discount/benefit on some site, and that I could opt to get out at any time (and losing such benefit), I'd considering opting in.

This is comparable to Salon's all day premium pass, where by watching a short flash ad gives you free access to all of Salon's premium content. It's a minor tradeoff, at least IMO, to get some of Salon's better articles. When I don't want to see the articles for a day, I simply don't watch the ad, and that's it.

However, the email needs to be minimally intrusive; no extreme tracking or cookies or other payloads, and the like. Maybe you can active your benefit by following a specific link in the email, such that you're forced to read it (as opposed to filtering it to /dev/null).

While this would easily work, I don't have a lot of trust in email marketing to follow such rules, which means this will never happen, and even if it did, you as the email receiver would have much less ability to control how the marketers use your info.

Re:The plan is backwards

[BuckaBooBob]

Well... if you Notice 99% of the Spam that pops in your Box says that you have chosen to opt-in at one of thier related websites. Now anyone getting annoyed by spam would actually opt-in?!?! So of couse an opt-in list would be pointless :)

Not all the mail YOU don't want is spam...

[seigniory]

Just because you get an email from one of these companies in your inbox doesn't automatically quantify it as spam.

God forbid that you, as an individual, forget to uncheck a box when you bought your last DVD or CD or book or whatever online. God forbid that you own up to your own impatience and your click click click lifestyle that results in you glazing over or not even caring about the terms and conditions of your latest purchase.

Does it suck that it's so easy to get signed up for some mailing lists? Absolutely. But you know what? The fact remains that even if you make it as easy as possible and have DOUBLE-opt-IN mailing lists, it's inevitable that someone will complain and accuse you of spamming them. It's human nature. I know from experience.

Are there shady companies scouring around for email addresses? Sure, but any established company with a decent bankroll, employees, investors, would NEVER stoop to such levels - it's too much of a risk. You wouldn't believe the legal mumbo-jumbo I have to go through just to send out my monthly newsletters - and I'm not even considering myself one of those "established companies". All conspiracy theories and "Well I had a bad time with..." experiences aside, as a majority, companies DO respect your wishes when it comes to receiving email - they DO respect your wishes to keep your address private - and they DO make sure that you're happy with the way you're treated. They have too much at stake to behave like children and rebels when it comes to mailing you.

Like a number of other issues bouncing around this world today, the SPAM problem seems to have taken on a life of its own. Everyone's all about jumping on the anti-SPAM bandwagon and complaining on message boards about "The Man" and his itchy SMTP trigger finger. Is spam annoying? Sure. I'll be the first to say that something really needs to be done about all the huge penis emails I get every day - I'm fine with my super-python - leave me alone already!!! :-P

Well you know what? These people that do email for a living ARE trying to do something about it and what do we hear on /. ??? The classic "(insert name here) is trying to take our rights away and make money off of us and they suck. Open source forever and Linus rules my world and does email suck so much when blogging is the communication method of the future".

These companies know that they need email to survive, and so they're making sure that classic penis/Viagra/Nigeria spam doesn't give them a bad name. Pure and simple. You should be glad that something like this is happening. It might not cut down on the solicitations you get in your email, but at least all those ads will be for things you like, or have signed up for. Ever wonder why you don't see commercials for Gerritol & Depends on Cartoon Network at 2:00am? No old people are up watching it because the advertisers have a well-defined and mature methodology of knowing where and how to promote their products on TV and they don't have to worry about their audience getting annoyed by ads for things that they don't want.

Marketing and advertising is here to stay for good, people - it's everywhere, including email. Even if this plan isn't perfect, we should at least be applauding someone for doing something proactively about the issue instead of reactively. Not all ads are "evil". Spam sucks, targeted marketing about things I'M interested in is welcome - if there's no easy way to filter out the good from the bad everyone loses.

Re:Not all the mail YOU don't want is spam...

[Frostalicious]

Ever wonder why you don't see commercials for Gerritol & Depends on Cartoon Network at 2:00am? No old people are up watching it because the advertisers have a well-defined and mature methodology of knowing where and how to promote their products on TV and they don't have to worry about their audience getting annoyed by ads for things that they don't want.

Don't compare spam email with television ads, there is a fundamental difference.

TV ads help pay for my TV experience.
On the other hand, spam emailers make me pay for receiving their emails, through higher ISP bills.

One of these situations is a mutually beneficial business agreement, and the other is exploitation. Can you guess which is which?

Re:Not all the mail YOU don't want is spam...

[ArmorFiend]

the advertisers have a well-defined and mature methodology of knowing where and how to promote their products on TV and they don't have to worry about their audience getting annoyed by ads for things that they don't want.

What TV are you watching? That doesn't sound so bad.

When I was a kid watching cartoons I *swore* never to spend a penny at Smith's furniture because they totally over-advertised during Battle of the Planets. And I'm sticking to it. Ditto for snuggle fabric softener, etc.

Now I'm bombarded by car ads. I think driving is immoral. I have no car and won't buy one untill I'm too old to bike. Yet 30% of tv commercials are car ads, and most of them are really REALLY inane and stupid.

When we have real pervasive directed advertising, like some sponsored links on search engines, will be a great day. I would even go so far to say that if target audiences could "rate" ads they're subjected to, and dumb or irrelevant ads cost the advertisers more, and cool, funny or apropos ads cost the advertisers less (and hence they actually make a profit).

Re:Not all the mail YOU don't want is spam...

[seigniory]

Understood, and I agree (to a certain extent - not so sure about the higher ISP costs, but that's another discussion).

But you missed the point of the comparison... it was not meant to be a comparison between two symbiotic business arrangements. It was meant to illustrate the point that people (in general) will deal with TV commercials, but get super-annoyed by spam?

Why do you think this is the case? It's not because someone's trying sell you something...

If you see an ad for something that you WANT or LIKE on TV, you might go buy it, and thus, you help the company that is advertising. But if you saw a lot of ANNOYING commercials for crap you didn't want, commercials would be much less tolerable than they are now, and you'd be LESS likely to buy ANY product on any commercial out of spite, even if it was a commercial for a product you might actually consider buying.

If fly-by-night commercial producers were able to induce the same type of "anti-AD" feelings in TV viewers that spammers induce in email users, you can bet that the TV Marketing Association would be doing everything they could do to get rid of the menace.

TV's been a round a LOT longer than email, and had to go through similar growing pains when it first started. The only difference (well, one of the differences is that society in general didn't expect a free lunch - they didn't expect to be able to get all this free programming without some kind of corporate subsidy.

Flash forward 50 years - coddled sissy internet users are confusing free (as in speech) networks with the free (as in beer) access to that network. Ads aren't going away at all, so let's give some props to the people that are trying to make it at least more tolerable for the rest of us.

As an aside, if you want to make an issue of the negligible effect that spam has on your wallet, let's calculate all the money you COULD have earned while you were watching commercials. Someone making $20 an hour would "lose" about $3.33 an hour by watching 10 minutes of commercials. That's a far cry from the $0.001 it might cost you to receive a spam. Do you get 3,300 spams a day? :-) That's your break even point.

Re:Not all the mail YOU don't want is spam...

30% of tv commercials are car ads, and most of them are really REALLY inane and stupid.

Damn right. Almost every car ad I see shows the vehicle skidding or sliding sideways - do they not realise that I would prefer to buy a car that holds the road well? And don't get me started about the dork and his NHL ringtones - are we supposed to aspire to be that cretin?

Re:Not all the mail YOU don't want is spam...

[hburch]

Someone making $20 an hour would "lose" about $3.33 an hour by watching 10 minutes of commercials. That's a far cry from the $0.001 it might cost you to receive a spam. Do you get 3,300 spams a day? :-) That's your break even point.

One spam costs me a couple seconds to recognize and delete if my Spam filter does not catch it. It also can cost me much longer if I want to not receive it in the future, finding the unsubscription instructions and figuring out if the sender is of sufficient quality that I believe that unsubscribing is even worth it. Presuming that it's SPAM from a real company, then I have follow the unsubscription request. Then, about 30% of the time (or more), when I get another e-mail a month later, I have to find out who cares at the company and tell them that their unsubscription system is buggy and that would they please manually delete me.

$0.001 at $20/hr is 180 milliseconds to perform all those actions, which is probably not enough. Let's say 2 minutes per e-mail (a conservative estimate), which is $0.66 of time, assuming the same $20/hr number. Now the "break even point" is 5/day (presuming your numbers, which I do not), which is well below the amount of SPAM I get a day.

If your alternative strategy for dealing with SPAM was to delete SPAM as it comes in, you have to carefully balance the time spent to make sure it is SPAM and the probability of deleting a legitimate e-mail.

Re:Not all the mail YOU don't want is spam...

[Frostalicious]

But you missed the point of the comparison... it was not meant to be a comparison between two symbiotic business arrangements. It was meant to illustrate the point that people (in general) will deal with TV commercials, but get super-annoyed by spam?

Because 1. TV commercials are targeted (your point which you mentioned before). 2. TV commercials help pay for my TV watching (my point which I just said). If TV commercials did not contribute financially to the process, I would be damned pissed when I saw a commercial.

As an aside, if you want to make an issue of the negligible effect that spam has on your wallet, let's calculate all the money you COULD have earned while you were watching commercials. Someone making $20 an hour would "lose" about $3.33 an hour by watching 10 minutes of commercials. That's a far cry from the $0.001 it might cost you to receive a spam. Do you get 3,300 spams a day?

I suspect you underestimate the cost of spam, but still, I can easily manage it. I would believe spam support would be 3-5% of my ISP bill. However, it is more than the dollar amount that is an issue. The point is, it's massively insulting. It's like I'm walking along the street and people are reaching into my pockets and pulling out 10 cent coins and running. Hey, they could do that all day and I would survive, but it's a slap in the face and I would not tolerate it.

Then there is the issue that sexual products are being marketed to children through spam. That is just inexcusable, and even the most responsible parents are hard pressed to defend against that.

I have heard of people getting thousands of spams per day, although not me. I seem to be quite lucky and only get about 10/day. I think it is due to my name (and thus email address) being unusual. However remember that I not only pay for the email I receive, but for the billions that are bounced during spammer dictionary attacks. Sure, they get bounced at my ISP, but somebody is still paying for that bandwidth.

As far as internet marketing goes, there are alternatives which I appreciate -

Google's ads are brilliant. They are highly targeted, and I often click on them. Plus they are unobtrusive, and they help to support Google! Everybody wins!

Banner ads can be quite annoying, however I tolerate them because they help support the websites I am going to. Plus, I'm not going to see offensive banner ads at a site like CNN or something. I would compare these to TV commercials. I occasionally click on them.

Re:Not all the mail YOU don't want is spam...

[seigniory]

Actually the whole spam / cost analysis thing was an aside, a P.S., if you will, and I wasn't prepared to havea full fledged debate about it, because there's no real way to quantify things like this.

Everyone's going to have their own formulae and constants and ultimately a conversation like that would deteriorate into your run of the mill "I'm right, you're wrong" type of thing, and that's not what I'm up for right now.

Again, I will say, though, that the problems youhave getting off some lists are NOT the people that are trying to getter the system here - I have as much disdain for "actual" smallers as you do.

Re:Not all the mail YOU don't want is spam...

[Sylver+Dragon]

God forbid that you, as an individual, forget to uncheck a box when you bought your last DVD or CD or book or whatever online. God forbid that you own up to your own impatience and your click click click lifestyle that results in you glazing over or not even caring about the terms and conditions of your latest purchase.

There is, in this, a large part of the problem why UCE is viewed in such a dim light. I have highlighted the applicable section. These things should always be opt-in, always and without exception. It really is just a sneaky method of getting people to agree. If it is known that most people will fall into the next-next-next mode when going through a series of forms, and you don't want to send emails people don't want, then your design should plan for this. Have the box unchecked by default, and allow those users who want the email, to check it. You are simply lying to yourself and us if you belive that an opt-out methadology can ever co-exist with the desire to only send email to those that really want it.

Well you know what? These people that do email for a living ARE trying to do something about it and what do we hear on /. ??? The classic "(insert name here) is trying to take our rights away and make money off of us and they suck. Open source forever and Linus rules my world and does email suck so much when blogging is the communication method of the future".

I agree with you here, it would appear that the companies involved in this are making a valid attempt to get the real spam under control. Though, I think this could be better solved by creating a huge opt-in list (which is not sold or publicly printed) such that, if a company wished to send a bulk email campaign, they send it through this list, and it then gets forwarded on to the intended and willing recipients. Probably also have some preference settings, which a recipent selects during sign-up, that allow for filtering based on interests, thus making the ads more targeted. And lastly, allow for immediate remove, by a user, of their email address from a list. Oh, and the hard part, give some sort of value for allowing one's self to be marketed to.
Of course, there would still be those abusers, you will never be rid of them. We will still get our "Enlarge Your Penis and Keep It Up Forever with Viagra" ads, but then we could start working on this problem, and not bother people who run legitamte mail-lists.

Re:Not all the mail YOU don't want is spam...

[seigniory]

Hey, I agree with a majority of your points - don't get me wrong. You'd never see ads for porn and dildos on TV, and that's kinda my point. If it was as easy to create and air a TV commercial as it was to send an email, you'd see titties all over the place between Futurama and Family Guy, and I'd be pissed about that too.

"Classic" spammers? I'm sure I hate them as much as you do... my point still stands, though, that if the whole "email marketing" gig were cleaned up, spam would not create the same level of outrage that it does now.

Too often on /. people tend to have a predetermined response to everything. "EMAIL ADVERTISEMENTS?!?!?! BAD. CORPORATIONS?!?!?! BAD. Both together T E R R I B L E!" and it's that kind of thinking that's only keeping things where they are.

Re:Not all the mail YOU don't want is spam...

[seigniory]

You are simply lying to yourself and us if you belive that an opt-out methadology can ever co-exist with the desire to only send email to those that really want it.

Exactly. I don't believe that an opt-out methodology can co-exist with the desire to send email to those who truly want it. A simple example: I hate Real Networks's registration that hides 4 checkboxes at the bottom of a scrolled list.

Re-read my original message... how else do you think that I'd know that even a double-opt-in solution still has problems? :-)

My main point is and always will be - let someone try to clean up email marketing - until it's as accepted and as "regulated" as regular TV marketing, you're just gomma have a bunch of people complaining about it.

Re:Not all the mail YOU don't want is spam...

[Frostalicious]

"Classic" spammers? I'm sure I hate them as much as you do... my point still stands, though, that if the whole "email marketing" gig were cleaned up, spam would not create the same level of outrage that it does now.

Yeah sure, I never objected to your main point. I only objected to your implied comparison between spam and TV commercials. I think we've covered that now.

Sure, it would be great if we could have responsible spammers who loose sleep worrying if they send dildo ads to some teens, and carefully selected email addresses to prevent bandwidth abuse. I don't see that happening anytime soon though.

Re:Not all the mail YOU don't want is spam...

[Sylver+Dragon]

I apologize, I misunderstood you on the opt-in/out part. And yes, I do agree that there needs to be some sort of regulation on email marketing, as it isn't going to go away. The can's open, the worms are gone. I'm am even willing to go so far as to try and let the industry regulate itself, and am happy to see it starting to do so, but until a good structure is in place, I am going to keep making noise about this, if its allowed to just quitely slip away it will never get done.

Re:Not all the mail YOU don't want is spam...

[Frostalicious]

Too often on /. people tend to have a predetermined response to everything. "EMAIL ADVERTISEMENTS?!?!?! BAD. CORPORATIONS?!?!?! BAD. Both together T E R R I B L E!" and it's that kind of thinking that's only keeping things where they are.

Hey, reading through all your other posts, I recognize the possibility that you might be some kind of "honorable" spammer. Maybe you honor removal requests, and really do some opt-in thing.

So, assume this is true, and this is not just part of your spammer mind control. Surely you must empathize with everyone here when they react badly towards the spam situation. I mean, I guess you are right, there is some "good" spam. But when the hardcore nasty spam outnumbers the good stuff 100-1, I think people can be forgiven for making the generalization.

Re:Not all the mail YOU don't want is spam...

Spam is like weeds. A weed is defined as an unwanted plant. Spam is defined as an unwanted email. All unwanted email is spam.

Re:Not all the mail YOU don't want is spam...

[OMEGA+Power]

Since each TV ad aired reaches thousands, if not millions, of people and the TV networks don't know exactly who is watching what show it is impossible to target to individual taste. Instead they target their ads to broad demographic groups. For example young and middle aged men make up the majority of people watching football so they run ads for products typicall associated with those groups (ie. beer, cars, etc). Children are most likley to be watching saturday morning cartoons, so they advirtise things like toys and kool-aid

Re:Not all the mail YOU don't want is spam...

[ArmorFiend]

Unfortunately innocent civilians are getting fragged in their rush to carpet-bomb consumerdom. I can't wait for ads that are actually useful. This can't come about while TV is in its current state. It can come about through "evil" doubleclick monitoring of web surfing. Just a thought.

Re:Not all the mail YOU don't want is spam...

[dvdeug]

God forbid that you, as an individual, forget to uncheck a box when you bought your last DVD or CD or book or whatever online.

God forbid you actually try to get my consent by leaving the box unchecked until I check it.

Marketing and advertising is here to stay for good, people - it's everywhere, including email.

When I see an ad on a website, it helped pay for that website. When I see an ad on TV, it helped pay for that TV show. When I see an ad in my email, I paid for it. See why I might object?

Re:Not all the mail YOU don't want is spam...

[BuckaBooBob]

Well UCE and opt-in are too diffrent things.. If you opt-in then its not UCE anymore... U being Unsolisted...

Re:Not all the mail YOU don't want is spam...

[L.+J.+Beauregard]

Look, maybe some obscure check-box that says the equivalent of "Yes, please spam me!" might hold up in court. But in terms of public goodwill, the only rule that counts is the golden one, and I don't mean "he who has the gold makes the rules."

Weasely marketing tactics do no one any good.

Re:Not all the mail YOU don't want is spam...

These companies know that they need email to survive, and so they're making sure that classic penis/Viagra/Nigeria spam doesn't give them a bad name. Pure and simple. You should be glad that something like this is happening. It might not cut down on the solicitations you get in your email, but at least all those ads will be for things you like, or have signed up for.

I will never be "glad" about spammers sending minors pornography.

I will never be "glad" about spammers relay raping SMTP servers.

I will never be "glad" about spammers sending peadaphilia even if I somebody *is* interested in it.

I will never be "glad" about harrassment and useless lawsuits from spammers.

I will never be "glad" about spammers using my property so that they can make money.

I am not "glad" about spam at all.

Image Makeover

[Steve+B]

Basically, these guys want to shake off the image of the sleazoids who sell you herbal Viagra to get your larger penis up while you watch images of hot teen lesbians.

However, they don't show any sign of being willing to bite the bullet and accept a pure Opt-In model -- which is the only way they can avoid the name "spammer".

Re:Image Makeover

[amuro98]

If excite wants to shake off its image of being a host for so many spammers, maybe they should listen to complaints and boot their misbehaving customers off?

Sorry, but excite earned their reputation all by themselves. No mail from excite.com's IP#s is allowed into my mailbox, because there's a 99.99...% chance it's spam.

It is now escalating out of control

[Boss,+Pointy+Haired]

As the owner of several domain names I am now facing the problem from 2 angles -

That of me receiving SPAM to my personal email account(s), _AND_ that of my domain names being used in the from/reply-to addresses of SPAM email.

The latter I actually find more frustrating. What makes it worse is my domain name is being used in HTML emails - your average [l]user has no idea that it is HTML, and in the message body sees only "EXTEND YOUR PENIS NATURALLY CLICK HERE" in big bright purple letters. The fact that the link goes to http://www.iamascumbagspammer.com/ is not apparent - what they do see however is my domain name in the from line of their email client.

I actually think that the we would be better off if the anti-spammers stopped pursuing their cause and just let spam take out the Internet's email system.

Then we can start again from scratch.

Surely SMTP's time is up.

Re:It is now escalating out of control

[nnet]

A complete rewrite of smtp is an excellent idea. Prevent spoofing of source email addresses, disable html in email, possibly even limit attachment types and/or sizes.

Re:It is now escalating out of control

[jepaton]

An article on spam is quite appropriate right now, particularly as dozens of mailer daemon responses fill my inbox - it is abuse my address to spam day :( It *should* be easy to sue for impersonation, but it most definately isn't. When the lawyers fail, it's time for a technical solution - replacing SMTP *could* help.

Re:It is now escalating out of control

[sik0fewl]

I agree. The Spam Mail Transfer Protocol's time is definitely up.
Why'd they call it that anyway?

Re:It is now escalating out of control

Yeah. YEAH.

Let's also make sure it uses words of five letters or less, only allows PCX and GIF as image formats and doesn't allow CC or BCC addresses.

Oh, and no signatures (possible spam location, you know, like a single URL).

Let's make e-mail USELESS! WOOHOOOO!!!

Re:You are a fucking moron

[Ataru]

A while back I was a bit busy so I stopped checking my home email regularly. As I was getting over a hundred spams a day, it was quickly mounting up. A couple of times I sat there and deleted 500 or so, looking carefully for anything from friends and family. Just over a month ago I was overwhelmed. I got 127 today, so now I have 5521 messages in my inbox. That email account is basically fucked. I have no idea if there are any legitimate emails in there. Fucking spammers. Hanging, drawing and quartering is too good for them.

YES - logs are full of it

[Boss,+Pointy+Haired]

So much so that I no longer bother with referrer or user-agent logging.

I've put other methods in place to track what I want to track.

What amazed me was how slow many in the webmaster community were to catch on to it.

"Hey, has anybody heard of XXXXXXXX server monitoring company? For some reason they're hitting my website, but i've not signed up with them...."

DUH.

Re:YES - logs are full of it

[dirvish]

Yeah, I noticed a while ago and saw mention of it online but it has recently increased greatly in my logs.

Turn $25 into $500,000 in 6 months

[DrSkwid]

Hello,
You may have seen this business before and
ignored it. I know I did - many times! However,
please take a few moments to read this letter.
I was amazed when the profit potential of this
business finally sunk in... and it works!

With easy-to-use e-mail tools and opt-in e-mail,
success in this business is now fast, easy and
well within the capabilities of ordinary people
who know little about internet marketing. And the
earnings potential is truly staggering!

Send me $25 and I'll send you the tools.

How to do this for real

[mdfst13]

Since this proposal seems aimed at making it more difficult to become a spammer (you have to get certification to bulk mail) but protects "authorized" spammers, I would say that it is a spam promotion mechanism. The largest spammers will be able to send spam, because they can afford to buy the certification (which also protects them from ISP blacklists, etc.). Smaller spammers will no longer be allowed to compete. Further, it would also eliminate the ability of *legitimate* mailing lists to send newsletters, etc. without certification.

I think that this is way overcomplicating the situation. What is the number one reason why spammers can't be detected? They use relays and proxies to hide their identity. How to fix this? Only accept SMTP mail from servers authorized to send email for that domain. This would require a new DNS record (call it an SMTP record for now). If a server does not have authorization to send email for a domain (say yahoo.com), then when the receiving server looks up the SMTP record, it won't find it and will reject the email.

If the server is authorized, then the email will go through. If it turns out to be spam, then the sending server can either stop sending email for the spammer or be blacklisted. This will make relaying much harder. Also, it makes it useful for SMTP servers to authenticate users. Currently, this is meaningless in the fight against spam, since one could just use an open relay instead. However, if only authorized smtp servers were allowed to relay mail, then requiring authorization prevents spammers from sending mail under a false email address.

This would create a traceable system and allow spammers to be identified without forcing client software changes (might have to change SMTP configuration). Spammers would have to own an account or a domain name in order to send spam. Either requires payment and contact info. Faking the contact info would be fraud which would be prosecutable by tracing the payment.

Leverage existing law with proper infrastructure.

Re:How to do this for real

[Blaine+Hilton]

Now this seems to make more sense then what they are planning on doing. Too bad the spammers have more spare change for lobbyists.

ESPC Link -- Sure, I'll give my E-mail address

[richg74]

The ESPC page linked to above has this headline:

Fighting Spam While Protecting Email as a Legitimate Communication Tool

Then, they helpfully offer to send me details of their proposal. What a good idea! I am just totally convinced of their sincerity by their request for my E-mail address so they can explain how helpful they'll be.

Do they think turkeys vote for Christmas ?

It's not just editors

[Sabaki]

I read this too, and did a quick calculation, and yes, my spam is up about 20% this quarter too.

So it's not just Slashdot editors.

The IETF has an anti-spam research group

[NFW]

Why don't these people get involved, and discuss their plans with people who really understand the issues involved in reinventing SMTP?

Perhaps because that that is the very last thing these people actually want?

Faking Google Link Popularity.

[DeionXxX]

By having links to your site in someone else's logs that are visible through a browser. It creates a LINK from YOUR site to the SPAMMER site. Therefore inflating their google score. I had a client as me what I thought about this idea and I told him that it was underhanded and a bad idea, so he didn't pay the money to do it.

What about Bonded Sender?

[andrewm]

Bonded sender already exists, and the spam still flows: http://www.bondedsender.org/

Do we need yet another similar organization... oh wait, the spammers want to run this one themselves this time. Ya, I have a lot of confidence in them to do it right.

Are you sure it's spam?

[ryanvm]

Are you sure those are spams, Taco?

I thought I was getting 50 spam messages a day. Then I found out it was just my wife wanting me to get a bigger penis.

Taco, you track your spam by quarter?

[Call+Me+Black+Cloud]

Dude, you have a wife now. Can't you think of something better to do with your time?

Announcement of great religious significance

Sorry to interrupt, but Jesus just sent me a message through /dev/urandom. The message is "CUMBOX VR". I don't know what it means. It might be Nintendo's secret console project.

Their crazy statistics

[Sans_A_Cause]

According to the article:

"36.3% of all e-mail received by consumers in March was spam; the ESPC's estimate is 40%"

What horseshit. AT LEAST 90% of the e-mail I get is spam, and that's being generous. I get something like 40 spams per day, and probably around 4 legit messages. Their article makes it sound like spam is less of a problem than it really is.

I don't like the idea of...

[nametaken]

totally centralizing anything. No one company or organization should have complete control over the practical functionality of something as pervasive as email technology.

Re:I don't like the idea of...

[nametaken]

...oh, and I should say, I AM aware of the fact that there are already a number of similar models already in existance for internet technologies. I just don't like it. : /

Add a whitelist to your email

[mdfst13]

Go to tmda.net and add a whitelist to your email account. If an unauthorized sender tries to send you an email, you send back a challenge. If they respond to the challenge, you know that a real person sent you the email. Then you can accept the email add them to the whitelist. If you later decide that you don't want them on your whitelist, you can move them to your blacklist and email from them will be rejected.

Alternately, you can change SMTP. I offered a suggestion in another post entitled "How to do this for real."

P.S. IANAL, but if you fill out the order form with relevant but useless information, I don't think you can be prosecuted for fraud. Try something like this:
First name: Hello
Last name: I
Address: was
City: unable
State: to
Zip: respo (or 73560 if you need to be 1337 to make it numeric)
Comment: nd to your email address, so I am submitting an order instead. Please stop sending me emails. I do not want your products. I will never buy your products. I think that your marketing tactics are immoral.

Should be legal enough.

Re:Add a whitelist to your email

Yes, please start installing auto-repliers, everyone. That way, when that idiot in Brazil who's forging my (and many other) domains, we get EVEN MORE responses. It's bad enough that I get the bounces, but now I'll get TMDA replies and similar things.

Listen up: responding to ANYTHING that isn't properly formatted is just causing more trouble! I'm even thinking about neutering my majordomos to make them not say a thing unless they get a valid command. Anything else is just contributing to the "backscatter" when spammers forge addresses.

Slightly OT?: Why do you get so much spam?

[|_uke]

I honestly don't get that much spam. Even to my hotmail account (which I get some... maybe a spam a week).

I think it all depends on how you use your email address.. Lately, when I need to post my email on a web page... I will generally create an image with the text of the address in there.

This will require either sophisticated software (which most spammers wont be using) .. or human intervention. (Although its possible, I truly dont see spammers sitting there typing in thousands of emails manually)

It might be annoying for people who wish to email me.. but it works =)

Another few things...

I use my hotmail account for anything that must be public... if I am going to get spam, its most likely to that account.

My other account... I use for personal stuff.. friends.. etc... which I generally dont give out at all.

Anyways... thats just me. I realize say, an author on slashdot is going to have a lot larger presense on the net than say... a programmer like my self... But even for people with a high presense, it never hurts to practice safe email posting (hehehe)

Re:Slightly OT?: Why do you get so much spam?

I was in slightly the same situation as you. Actually, I had two hotmail addresses - one for personal friends, one for posting to the internet. As expected, the "posting" address got spam, which was pretty annoying, but, as I said, expected.

Then, after about a year, suddenly my "private" address started getting hit. First it was one spam a week, then, after a couple months, I just gave up on the address, as I was getting more than 10 spams a day from various companies - remember, this is with the address that I only gave out to close friends.

I have since gone through 2 other addresses, which also went through the same pattern of no spam->some spam->too much spam.

However, with my latest address, my ISP offered SpamAssassin, which I would advise anyone to use - I've never had a false positive with it, and only about 3 spams have gotten through. That's 3 spams total, for the whole time I've been using it, whereas it catches all others, which are averging around 15-20 per day lately.

Spam

[blackmonday]

I'm about to submit an article about these researchers that did a study on spam and found you should never put your email address on a web page. I don't think its ever been on slashdot...

Reminds me of...

[dacarr]

IEMMC. I think that was the International Electronic Mass Mail Committee, which was started (and promptly failed) in mid 1997 as a sort of opt-out thing. Their Las Vegas executive office was a failure, and I understand that they were basically evicted.

The article is right, they won't follow their own protocol, they will not service the public, and they will fail miserably.

The poor things...

[Peterus7]

My spam is up 20% over the 1st quarter of 2003! Yay!

Those who are not so net saavy who I have had experience helping get set up on the wired have complained that they don't get any spam. They feel inadequate, or something, and feel left out.

I try to resist the urge to lay smackage down on them. I really do try.

The Four Rules Regarding Spammers...

[KC7GR]

Rule #1: Spammers lie, cheat, and steal.

Rule #2: If you think a spammer is telling the truth, or being honest, see Rule #1.

Rule #3: Spammers are stupid.

Rule #4: Spammers define spam as "That Which I Do Not Send."

This isn't rocket science, folks. ;-)

Re:The Four Rules Regarding Spammers...

[interstellar_donkey]

I have to take issue with rule #3. From what I can tell, spammers are very clever when it comes to circumventing anti-spam measures.

But everything else is right. The spammer's mindset is not unlike that of a car salesman. Very convoluted ethics.

Re:Where is Jon Katz?

Hrm, that's very interesting. I wonder if he was fired... or killed.

People suck

...and this gets confirmed more to me every day. I try very hard not to get too depressed about it, but it's not easy.

Spammers and telemarketers couldn't give a single shit about your privacy, yet they'll lie right to your face and say they do. Just to make a buck. Ah, yes, the almighty profit dollar! I'm a 'good merkin' and I believe in the market economy and all that, but unfortunately, people are just fucked.

The other night I got a call that the caller ID registered as 'CIC' with a local number. I figured it was a telemarketer but in the past I've found that answering and then saying 'please take me off your lists and stop calling this number' works pretty well. So I said 'Hello!', she said, 'May I speak to (my name)' I said 'That's me' and she HUNG UP! Man, did I feel stupid. And pissed off.

This happened while I was fighting with Qwest over my DSL circuit (it was down at the time, still is), the news was blaring something about a bunch of people dying in various horrible ways, and I was still stressed out after my commute home being constantly tailgated and cut off, even though I drive with the flow of traffic, whatever the speed is, in the right hand lane.

Pretty tough to keep a smile on your face sometimes. Now I know why my brother lives in the middle of 40 acres up in the mountains.

Thank you for letting me rant....

interesting twist

[perlchild]

isn't this more of a "we are the true professional spammers, get the amateurs out of there" because the smaller players, by having less means, are diluting the market for the big guys?

*stamp* out spam

postage is the only way to eliminate spam. Spammers could not pay $0.05 for each email, and if you cant afford $0.05 you should get a job.

I'm tired of this bullshit.

[twitter]

Unless SMTP is re-worked to disallow false source addresses,spam is not going to be stopped .... As long as there is no accountability from the sources of spam, it will continue to be pumped out from overseas. Though projects like PennyBlack and SpamNet are good in concept, the only one that has proven to work is intellegent filtering. [plug for anti-spam software]

Accountability has not stopped telemarketers from using the 1:1 network known as the telphone system. Only laws which make abusing a public network with advertisements will make spam go away. Public networks are made for communications not spam and it can all be over tomorrow if a reasonable law were passed. So called "accountability" schemes that add intellignece to the internet will only divert money to those who run the servers and further degrade the ability of normal people to contribute real content.

Re:I'm tired of this bullshit.

The telephone system doesn't have an obvious method for delivering identity data. Sure, there's caller ID, but anyone with their own switch and a PRI can defeat it.

With IP, you at least have the source network to use when correlating good neighborhoods vs. bad.

It is this "reputation" system that will ultimately be used to decide whether unsolicited mail should be accepted or denied. Networks that allow spammers to use their connectivity won't be able to reach people who don't dig that sort of thing.

This is not the way to stop spam

[bigberk]

New email registries will decrease spam? Set up by online marketers? No, sorry, I don't buy that at all. Remember what their interests are. The problem at hand is... most spammers don't care about creating inconveniences. They are like greedy undisciplined children, and won't stop spamming unless they are forced to (by law, vigilante retaliation, etc.)

To say something constructive now. There are two neat server side spam filtering projects I really like because neither uses IP-based blacklists (blacklists can bring a lot of collateral damage and require frequent judgement calls).

Spamprobe can be run from .procmailrc and uses a Bayesian scoring type of approach. It's a user-level solution which requires some training, but once it's accurate it's quite amazing. Currently it's missing only 3% of my incoming spam.

The Distributed Checksum Clearinghouse also runs server side and uses fuzzy checksums to identify mail that is being received by a suspiciously large number of mail hosts around the world. A brilliant idea which works better than you may think. I have never seen a false positive with this system, and it misses about 1/4 of incoming spam. Effectiveness will improve as more hosts join the distributed checksum system!

They just can't leave me alone.

[slumos]

It wasn't that long ago you could search for 'Lumos' and get one hit (me). Then it was some company, then a Harry-Potter-ish font, (then a hundred other Harry Potter things) and now I'm a spam registry.

Anybody else out there with extremely rare last names but the domains are all taken by companies anyway?

I guess I should be grateful that they opened up .us and I was able to jam myself in there before somebody else did.

it's a lie.

[twitter]

Funny you should mention the motion picture industry, yet another cartel. Yet Hollywood looks honest next to spammers and phone hucksters. There's nothing sincere about this effort but the desire to make money by obnoxing all of us.

These turkeys just want to keep out their competitors. Shemes to add intelligence to the internet are all designed to make it imposible for any but a select few to send the adverts. They seek legitmacy and government protection for their abuse of a public network. That's not something I'm willing to give up my ability to run a mail server for. Nor do I wish for my ISP to be forced to pay fees for the new service which will garantee spam forever.

So called "accountability" schemes to rework mail protocal are equally evil. The 1:1 network of copper wires known as the telephone system is abused all day long.

The answer is to simply outlaw these obnoxious practices. Unsolicited comercial calls are abuses of public networks and should not be tollerated. People who would abuse their neighbors this way should be fined and put in jail.

Re:it's a lie.

[Ironica]

Funny you should mention the motion picture industry, yet another cartel. Yet Hollywood looks honest next to spammers and phone hucksters. There's nothing sincere about this effort but the desire to make money by obnoxing all of us.

It's all about making money. Duh. That's the entire point to *commercial* speech. But it's entirely possible that they're trying to bring the obnoxiousness down to a tolerable level, for the purpose of making more money. Let them give it a shot.

Shemes to add intelligence to the internet are all designed to make it imposible for any but a select few to send the adverts. They seek legitmacy and government protection for their abuse of a public network. That's not something I'm willing to give up my ability to run a mail server for. Nor do I wish for my ISP to be forced to pay fees for the new service which will garantee spam forever.

I don't think we read the same article. The one I read was very vague about implementation, and described a system which would actually NOT be abuse of a (privately-owned, publicly populated) network. Nor did it say anything about giving up your mail server or charging ISPs... I don't think it even implied that.

There are good ways and bad ways to implement a system such as the one described in the article. To take it as fact that they will choose the worst possible way of implementing it is jumping to a conclusion. Sure, it's likely. But it's far from in evidence.

The answer is to simply outlaw these obnoxious practices. Unsolicited comercial calls are abuses of public networks and should not be tollerated. People who would abuse their neighbors this way should be fined and put in jail.

Unsolicited commercial calls and faxes *are* in many cases illegal. It helps so much. Automated calling, automated answering machine messages, continuing to call after being requested not to... all illegal, all practiced. How do you propose to *enforce* such laws?

Re:it's a lie.

[twitter]

Unsolicited commercial calls and faxes *are* in many cases illegal. It helps so much. Automated calling, automated answering machine messages, continuing to call after being requested not to... all illegal, all practiced. How do you propose to *enforce* such laws?

It does help. In places that junk faxes get you fined, there are few if any junk faxes. Anyone trying to sell you something will make sure you know who they are and how to get in touch with them. Laying down the fine is not hard. Few companies wish to risk their reputations and cash that way. Everything else has been a failure.

fux0r (was re: I call bullshit)

[freeweed]

(stupid new keyboard)

You get a couple dozen a month across hundreds of accounts, with no filtering going on? Is this some recently registered domain with only 3 people actually using their email? You sure your email server is even working?

I have a less than a year old address, never posted on a web page, newsgroup, or on IRC, given out to maybe half a dozen friends, and I'm getting something like 20 pieces of spam EACH DAY. That's roughly 600 a month, from one account.

I won't even start on the amount we see at work (10,000 accounts, government domain). When you have to upgrade your mail servers due to spam, it's a sad day indeed.

Nice troll either way, but I really doubt Taco actually checks each (something)@slashdot.org as a personal account, and counts the spam from it.

Re:fux0r (was re: I call bullshit)

[Robert+The+Coward]

I agree I have a domain and I have 2 Address that I have never given to anyone just created the account and left them there and they get 20-30 a month.

I don't care

As long as I can tke them to small claims cout and sue them and get $5000 per judgement, I don't care.And if all the contact come from out of the USA, fuck 'em.

I don't believe you

[Crag]

I've been a Verizon customer for six years and haven't gotten any telemarketing calls on my cell phone.

Re:I don't believe you

[vondo]

Verizon is also one of the largest providers of local phone service.

Re:I don't believe you

[nege]

Actually I think cell phones are handled differently - obviously if that happened and people knew about it on their cell phone they would cancel the phone because they are paying to hear telemarketers talk to them - not acceptable. So verizon wouldnt jeapordize that. But people dont care as much when the line is free and all they have to do is hang up.

ESPC

[mark_space2001]

The ESPC website is darn interesting, check it out. In particular, they have a mailing list on yahoo groups, ostensibly for people to complain about false positives by spam filtering software. Really, it's a way for spammers to communicate about filtering, but it's really interesting to go there and browse through the list archives, which are freely available. Any admins out there might be well served by checking up on this list periodically.

The ESPC website also has a box where you can add your email address and receive "information" from them about the ESPC itself, which I would *ahem* not recomend. ;-)

Re:ESPC

[myov]

The ESPC website also has a box where you can add your email address and receive "information" from them about the ESPC itself, which I would *ahem* not recomend. ;-)

nai@networkadvertising.org
...
webmaster@doubl eclick.com
...
webmaster@advertising.com
...
w ebmaster@yesmail.com

(see http://www.networkadvertising.org/espc/members.asp )

I'm a retard

[Crag]

I replied to the wrong thread.

I don't believe you

[Crag]

I've had a Verizon cell for six years and have received no telemarketing calls.

Some people do want the marketing information

[Ra5pu7in]

At issue here is what each person calls spam. To some people, anything that is not personal mail from a friend or family member is automatically spam. Not everyone is this stringent about considering any and all marketing to be spam.

What if, because of laws and technology to eliminate spam, you were unable to get nearly instant quotes for auto insurance or mortgate rates? What if, because of laws and technology to eliminate spam, you could not get price notification from a favorite vendor?

In reality, I would like the chance to opt in knowingly for certain things and be on the mailing list for information that is relevant to me. That doesn't mean I want registerng for a site to mean I am added to 5000 third-party mailing lists for everything from Viagra to vacations in the Carribean.

If you actually review what the referenced system would do, it may be a step in the right direction ... without (sorry for the cliche') throwing out the baby with the bathwater.

Nothing new

[taustin]

This is just another version of Habeas, only from people who don't even pretend to not be spammers. People who maintain legitimate email lists (confirmed opt-in) don't need it. The only people who have any reason to want the certification are spammers.

dont stomp on my spam unless you just showered

[l29sjdh]

i dont want my meat dirty! i LOVE spam!.
keep it real like matrix4.net

Parent came from a spammer or spam supporter

[Dimensio]

The fact remains that even if you make it as easy as possible and have DOUBLE-opt-IN mailing lists

I stopped reading right here. There is no such thing as "double-opt-in". The term is used by spammers who have apparently taken the phrase to mean something that does not, in any way shape or form, involve the recipient consenting to receive the e-mail.

Re:Parent came from a spammer or spam supporter

[seigniory]

Thanks for proving my point that people who want to complain about spam will do so incessantly and blindly.

Companies DO respect the consumer - they have to. Of course some don't, and I bet there are a lot of brick-and-morter businesses near you that don't, as well. Email does not make a bad person - it's only a tool. It's up to the person who uses the tool to be a gentleman, or an asshole.

If I say I'm doing a double opt-in, I'm doing a double opt-in. If you don't believe me, fine - I'll win (and keep) more than my share of customers with my online integrity and reputation than I'll lose from sending out what people think are UCEs.

Re:Parent came from a spammer or spam supporter

[Dimensio]

If I say I'm doing a double opt-in, I'm doing a double opt-in.

What the hell is double opt-in? Antispammers everywhere would love to know exactly what the phrase means.

Re:Parent came from a spammer or spam supporter

As a former employee of one of the ESPC members, I can say that the concept of "double opt-in" (or "confirmed opt-in") is something that CAN be defined, and IS discussed and suggested by more responsible employees of the particular member I worked for, but is too troublesome for the marketing dept (and the PHBs) to accept.

1. $user (intentionally or unintentionally) checks a box on a web page. This would be opt-in #1. Granted...pre-checked boxes are a dirty trick here...but I personally always think twice before I put my email address in *any* text slot.

2. $company sends a *single* email to that user saying "we see that you checked this box...reply ONLY IF you want to receive our email..." At this point, $company should plan on that being the *last* communication to $user.

3. If $user replies (opt-in #2), then $user gets added to the list. If not, then the address is dropped and forgotten.

Theoretically, this is possible. Its akin to a web site making you confirm your membership via email after you've signed up. The problem with it is that PHBs consider it too expensive, or too much of a bother to actually put it into practice. Or, dirty as it is, it may just be too "honest" for spammers to accept.

I'm glad I left the company when I did :)

Re:Parent came from a spammer or spam supporter

[Dimensio]

If the original poster was referring specifically to "confirmed opt-in", then this is just a misunderstanding. Confirmed opt-in (with unique token identifier) is an accepted practice amongst legitimate mailers. However, many spammers have taken to claim to use a technique called 'double opt-in', and as such that phrase has become a buzzphraze indicating 'this is nothing but pure spam and the sender is a lying thief'.

Re:Parent came from a spammer or spam supporter

If I say I'm doing a double opt-in, I'm doing a double opt-in

No, it just means you're a God-damed lying spammer.

Re:Parent came from a spammer or spam supporter

[dreamquick]

Just because you don't understand what a phrase means doesn't make it something wrong...

Double opt-in is when you ensure that the user relly does want to be sent an email (ie they have to physically do something to get email - it wont happen by default).

That's the first stage of opt-in.

Next you verify that they gave you the correct email address by sending a test email which asks them if they still actually want to recieve your email.

Again to continue they must physically do something - if they do nothing then wont be added to the list.

This is the second stage of opt-in.

There were two opt-in processes so that's why it gets called "double opt-in" - it's not rocket science.

Re:Parent came from a spammer or spam supporter

[elemental23]

The original (and preferred) term for it is "confirmed opt-in". Spammers started calling it "double opt-in" in order to give the impression that it requires twice the work on the part of the end user, and is therefore undesirable.

Obviously, spammers (and even many legit companies and organizations) don't like the idea of confirmed opt-in, because it requires verifiable confirmation from the user that they want to be included on a mailing list. In other words, they get fewer subscribers when they can't use sneaky and/or deceptive means to get people on their lists.

Re:Parent came from a spammer or spam supporter

[Dimensio]

A nitpick:
Obviously, spammers (and even many legit companies and organizations) don't like the idea of confirmed opt-in, because it requires verifiable confirmation from the user that they want to be included on a mailing list. In other words, they get fewer subscribers when they can't use sneaky and/or deceptive means to get people on their lists.


If they are using sneaky and/or deceptive means to get people on their lists, then they are not "legit".

Unsubscribe Buttons

[yintercept]

Thanks to Seth Godin, spammers had a year or two where they could claim legitimacy by including an unsubscribe button at the end of the message (the popup that you put on the unsubscribe page often pays for the spam.)

Now that people know the unsubscribe button is a ruse, it no longer buys legitimacy. Making a big national unsubscribe service that is trusted will give the email marketers another year or two of legitimacy.

The funny thing. Spammers themselves tend to hate spam. I should say, they hate the spam sent by competing spam shops. The competing spam dilutes the audience. They especially hate new spam shops. As a result, most would agree to proposals that reduce the over amount of spam...so long as they don't lose their share of the market.

I wouldn't be surprised to see existing spam shops try and form mechanisms that reduced spam, and closed the market to new comers. It would buy legitimacy and preserve their share of the market at a reduced cost.

Of course, the emarketers are in a tight situation...they know the other people in the group are emarketers looking for any advantage and that they cannot be trusted.

So What ESPC....

[sogoodsofarsowhat]

uses this page to get email addresses to sell/use in spamming campaigns? This is there 'alternative' opt-in/request for spamming... Anybody else notice there is no privacy policy stated on the page? hmmm....

My response to spammers

is to ask if they have any openings...

I bet they're like this!
(include pic of goatse guy)

Topica

[brunnock]

I'm guessing that Topica is spearheading this. They've been trying to whitelist themselves for months. They just had a falling out with Habeas. They're hosting the mailing list for ESPC.

Yes, it is!

[Fefe]

Spam sucks, targeted marketing about things I'M interested in is welcome

Speak for yourself. I am not interested in any ads. If I want information about a product, I will ask for it directly. I do not buy from companies that send me ads, however "targeted" they may be.

They know..

They know they don't want to pay to send you email, like www.paidstamp.com proposes.

So they come up with there own solution... which is no solution at all.

Can't have it both ways

How can you outlaw spam if you won't outlaw on-line copyright infringement?

Answer: you can't, at least not without being a hypocrite.

You bitch about spammers "stealing bandwidth" (which is a pantload to begin with, right? Hey, it's unlimited, there's always more, right?) while you warez music, software and movies all day, and come up with all kinds of excuses to rationalize it.

Hypocritical bullshit.

Re:Can't have it both ways

[interstellar_donkey]

Could it be that online file sharing, while technically illegal, hurts only big giant corperations who have no interest in representing either the artists who feed them or their customers, while online spam hurts the average person and only benifits questionable businesses?

Since anti-spam and pro file sharing are both pro-consumer and anti bad business, I'm not sure that mindsest as sypocritical.

The plan might actually work

[dwsauder]

Didn't anyone read the article? There was no mention of an opt-in list or an opt-out list. There was the mention of a registry. There aren't a lot of details given, but we can make an educated guess as to what the ESPC has in mind.

First, here's the problem: spam filters block too much. Anyone who runs a mailing list knows how frustrating this can be. So, finally a group is stepping out with plans to find a solution to the problem.

And what is the solution? Create a registry that is a white list of responsible senders. Then the RBLs and other spam blockers can stop deleting legitimate messages from the authenticated senders on the white list (which they call the registry).

Look, I have no interest in getting regular updates from eBay or Amazon.com. But sometimes I like to get technical newletters from IBM, Sun, or other companies. And I want the filters to leave these messages alone -- stop deleting them.

So, in theory, I think this is a good idea. We would have to wait and see the details. Presumably it's easy to get kicked off the registry. But is it easy to get on it? Can a spammer get on the registry under one company name, get kicked off, then get back on under a new name? And do it several times a day? Will it be easy to spoof the mechanism that authenticates the entries in the registry? I don't see any real showstoppers.

This idea is not much different from a white list that you might use on your end system, except that this would be a white list that works for intermediate systems, like ISPs mail filters. It doesn't solve the spam problem. But it might just solve one part of the spam problem: collateral damage to innocent email.

Not Surprising: just like drug dealers

[jadavis]

Drug dealers only make their high profits *because* of the Drug Enforcement Administration (DEA). The DEA restricts supply to the U.S., thereby increasing prices and taking out the "little guys". Generally, when the DEA gets a tip, it's from a rival drug lord.

It's the same with this SPAM thing. They want fewer "little guys" around so they try to force the supply of SPAM down which increases the effectiveness of their own SPAM. Not altruistic by any means, but if it lands fewer junk emails in my box each day, it's fine by me.

In-fighting in the spam industry?

[IWannaBeAnAC]

Is this evidence that it is getting harder to make money from spam, and therefore spammers are resorting to attacking each other? If some group of spammers can make their spam legal while making the other-guy's spam illegal, they stand to corner the market - at least for big spammers. Then, any spammers spammer not in the ESPC cartel who make enough money to get noticed in RL gets a knock on the door from the FBI, while ESPC spams away untouched. (Small-time spammers will probably always slip under the radar, but I suspect its getting increasingly harder to make money this way, so ESPC don't care as much about it.)

None of this applies to spammers based outside the USA of course.

www.ProjectLumos.com

[pontifier]

Geez, now I realy wish I hadn't registered that name.

I don't trust them

[interstellar_donkey]

I tend to be cynical, because I don't trust spammers. I have never consciously opted in to get on any spam mailing list. So I look at their plan with a great deal of reservation, and can see immediately what they plan to do.

Certification to ascertain the mailer's identity in order to provide transparency.

This from the people who hide a 'I agree to receive spam' deep inside otherwise boilerplate documents then claim "But you told us you wanted to receive this!" without blinking an eye when people complain.

The only way you can be 100% sure is through a no holds barred certification and authentication. Starting with a clear "Do you want to receive unsolicited email from us?: Yes or no", then a verification email sent to the address saying "If you really want to be on our list, please reply to this email". And you have to do this separately from any offers or services the consumer initially wanted to take part in.

Volume mail standards, including standardization of all sender information in the mail header and the use of an identifiable, trackable unsubscribe Web address.

This just looks like an inconvenient trap. By 'standardizing' bulk mailing headers, this simply makes it easier for spam to masquerade as legitimate, wanted bulk email (a subscription to a mailing list, for example), and places more difficulty on anti-spam filters.

Secure identity, an authentication process that provides secure proof of the sender's identity in the Simple Mail Transfer Protocol header.

Yes. And let's also call for a magic wand to end world hunger. The basic architecture of the SMTP, as I understand it, does not provide for a fool proof, secure identification. At least one that can't be easily spoofed.

Performance monitoring, a process that captures, monitors and reports performance data for all senders and mailers.

Isn't that called 'market research?' This seems on it's surface to be nothing more then putting an additional strain on ISP and mail providers to provide spammers with hard, factual data on the success of spammers e-mail campaigns. "Hey, hot mail is reporting that only 52% of our spam messages or getting through. Thanks hotmail! We will adjust our plans accordingly"

Again, this may seem a bit cynical, but again, I really don't trust these spam marketers. If they were completely honest with their clients they would be out of business, because a very small portion of the Internet population enjoys, or even wants to receive unsolicited bulk email. Regardless of how 'cool' or 'amazing' the offers they have are.

+1 Funny +1 Useful

[eugene+ts+wong]

I laughed twice. Once when I read the 1st half of the last line, & again when I read the last half.

Thanks! I guess I will get that pellet gun, after all.

On an unrelated note, I just thought of a way to figure out what is in those bottles under the sink. 1 is water, & the other is bleach. I just can't remember which.

What we need....

is some undercover law enforcement to contact those spammers and ask for their services. Then, knowing the origin of the spam, everyone that gets a spam from them can sue them, for getting a profit from something that its mine (my email address). Maybe a class suit will do too.

Trademark infringement?

[Dwonis]

They call themselves "NAI". I wonder what Network Associates will have to say about that!

Opt-out lists, guarded email

[dwheeler]

If you hate spam (I do), you might find these interesting:

http://www.dwheeler.com/essays/stopspam.html: An essay about stopping spam. Although I think opt-out lists are a poor solution, they can be made to work - but they have to be run by someone without a conflict of interest (not true here!), and in a way that doesn't increase spamming (e.g., just store hashes, not the email addresses themselves). Make the spammers pay for the opt-out list upkeep. Most importantly, it has to be supported by law, not by lame "self-regulation".

http://www.dwheeler.com/guarded-email: A paper about Guarded Email, a particular challenge-response approach. Unlike heuristic approaches, these approaches kill off the attack / counter-attack cycle we're stuck in.

Enjoy!

Oh my ..

Are they finally realising that annoying the shit out of your customers isn't a good business plan? WOW!

20%? Luxury!

[Misfire]

"My spam is up 20% over the 1st quarter of 2003! Yay!"

Lucky you. Mine is up 200% over the same period.

yay. :-6

Forward the SPAM

The best thing to do is to take all the SPAM that you get for enlarging your penis or breasts and send it to the SPAMmers that want you to visit their porno sites. Imply that they need to provide a better product. Take the get rich quick schemes and forward them to the folks begging for money. You may as well cut out the middle-man. If enough people do this it might just piss them off. I doubt it will stop them from sending the SPAM. Oh, by the way, make sure you fake all the addresses to prevent retaliation.

Confirmed opt-in vs Double opt-in

[frankie]

There were two opt-in processes so that's why it gets called "double opt-in"

No. You just described confirmed opt-in. That's the technical and proper term used by reputable mailing lists.

Whereas, double opt-in is a spammer weasel phrase that actually means "I bought two email harvester CDs and they both had your address on it".

Double opt-in vs Confirmed opt-in

[frankie]

If I say I'm doing a double opt-in, I'm doing a double opt-in.

Quote from CAUCE: There is no "Double" Opt-In. There is Confirmed Opt-In and there is net-abuse.

Also increases performance and security

[metamatic]

And if you then do

% apt-get install exim

you keep the performance and security increases, and get all the original functionality...