Spam Lawsuit Clearinghouses?

cloudscout asks: "Spam is getting worse. Despite complex filtering and DNSBL systems the volume of unsolicited eMail continues to climb. The only promise so far has been an increasing number of laws designed to impede the spammers while others are using existing laws to tackle the problem. So when are we going to see this legal process become a commodity? There are already countless lawyers around the country who will accept a set price to fix traffic tickets, handle divorces and get the IRS off your back. When will we see attorneys who are willing to sue the spammers on your behalf for a reasonable, fixed fee?"

I dunno...

[NanoGator]

I'd rather deal with SPAM by making it technically harder to send out messages like that. I guess I'm just a little paranoid that one day I'll send out a message and find myself in court.

Why should I pay them?

[gmhowell]

Wouldn't a contingency system work better? Why should I pay the lawyer a set fee when the recovery will likely be greater than that? Why not have it so that I get 10-40% of the recovery, and let the lawyer take the rest?

I see a few problems: first, is there any case law to make this a matter of filling out the correct boilerplate and dropping it off with a judge? Second, how does one collect from out of the country spammers?

It's way too early to do this kind of stuff. Divorces and traffic tickets have been around for quite a while, and the kinks have been worked out of the systems.

Re:Why should I pay them?

[PD]

I'd even have it set so that the lawyer gets 100%. All I want is for the spam to stop. If a lawyer can successfully sue a spammer on behalf of a client, I'd consider that money WELL earned, and the lawyer would deserve all of it. I'm not anti-lawyer. There's quite a lot of really great ones out there, good people. When they work hard and do a good thing, it's a good thing for them to make money at it.

Why a fee?

[clambake]

I'd be happy to just let the lawyers have whatever damages they can get from the spammers. They could set up a database and an email address and I could forward all my spamassassin tagged email to them and they could handle them on my behalf. I wouldn't pay them anything, and they would get to collect on whatever damages they can get, but I'd still be getting something out of the deal (less spam). Everybody wins! Even the spammers, no doubt, who will then begin spamming each other with, "Are you tired to getting sued for spamming others? Use SekretSpam, only $19.95!"

Re:Why does filtering work for me?

[josepha48]

NOt everyone is using spamassassin. The problem is that ISP's need to install it and then set it up. They don't, so we get spam. I get LOTS of spam each day and about 75% of it gets filtered through my mozilla filters. I'm now working at a different approach.

I now have a new folder call it inbox_xxx. If someone is in my address book it gets into this email folder. If it gets to one of my mailing lists or other filters it gets in the proper folders. Otherwise it now stays in my inbox, where it is considered hostile spam and gets nuked!

I just started this approach and think it could work. I don't get mail from people I don't know so I hope this works. Still testing.

Re:Why does filtering work for me?

[Steve+B]

I've heard and read many people (including mail engineers at Y!Mail or Hotmail) claim that spam filtering doesn't work, can't work, the spammers will always be one step ahead, etc.

I still think that the key is to apply the existing computer-cracking laws against the various methods the spammers use to stay "one step ahead". Why is coming up with new variations on how to spell "viagra" any different from shoveling a dictionary into a password prompt, when the objective in both cases is to get into a computer despite a system that was put there to keep you the hell out?

Re:Why does filtering work for me?

[linuxwrangler]

Probably because you don't have screaming customers. It's one thing to filter mail for you or a small group of understanding people. It's quite another to deal with a large customer base.

One batch wants all the newsletters from {fill in favorite hobby/group} but that mass mailer is blacklisted because they got an unscrubbed list from an unrelated client.

Meanwhile the small business person is afraid that they really might miss the "BIG $1,000,000 ORDER!!!"

A friend of mine is researching anti-spam for her company. Of course the PHBs require no false positives, quarantine everything evil for review, customize on a per user basis, etc. Outsourcing this to an ASP will probably cost them $15k+/year.

What is AOL rejecting? Something like 1 billion messages every day and that only represents a fraction of the spam they get. Even a false positive of 1 per thousand rejects means 1,000,000 legit emails rejected every day. They have to be very careful.

It's way easier blaming the spammers than explaining why you rejected the legit message a customer/boss needed.

Then again look at the source...big companies who don't believe the RFCs apply to them anyway (postmaster is a required address that must go to a live person not an autoresponder but just try to reach postmaster at aol/hotmail/yahoo).

Re:Why does filtering work for me?

[Motherfucking+Shit]

So, why does filtering work for me when it is supposedly futile?

As others have pointed out, filtering works for you because you're the one implementing your own mail filters. You know what you consider to be wanted and unwanted messages, and you've set up SA with some particular ruleset(s) to match. Unfortunately, this just doesn't work well at the ISP level. There are two reasons, really:

1. Who decides what does and doesn't get filtered? If you put the ISP in charge of this, invariably you're going to wind up with users missing legitimate email (remember, it's up to the user to determine which messages he or she thinks are legitimate). When Jane User loses an email from Mom talking about how things are going - which happens to mention how Dad got a prescription for Viagra - she's going to be ticked.

2. How much computing power is needed? You get 1,000 emails a day. AOL gets billions. And while AOL probably has the cash to invest in a few Gibsons to scan billions of inbound email messages looking for keywords, your average ISP is unlikely to make such an investment. (Interesting now that I think about it; if they're filtering for spam, what else might the world's largest ISP - conveniently situated in the middle of Spookville - be looking for?)

Point 2 becomes an extension of point 1 when you think about the "obvious solution" to the question of who decides what's filtered. That obvious solution, naturally, would be to implement a system where each user gets to set up his or her own filters; similar to what Yahoo mail has done on a rather limited scale. The problem there is yet more processing time. Instead of blindly applying the same filter to all inbound messages, with each message the recipient must be determined and their unique filter rules loaded.

It's not that filtering doesn't work. It does work, but it loses both effectiveness and accuracy when control moves away from the individual recipient. I don't want my ISP filtering my email based upon their idea of what looks spammish, or their idea of which hosts should or shouldn't be sending me email. But my ISP doesn't want to invest in the resources to let each of its users control their own spam filtering. As long as that catch-22 exists, ISPs are either going to filter everything equally or they aren't going to filter at all.

Even if there were a real solution available (aside from shifting the burden of filtering to the end-users), you'd still see the major ISPs suggesting legislation instead of filtration. The reason is that even bit-bucketed spam costs money to receive. AOL filters something on the order of a billion emails a day; assuming an average of 1KB per message, if my calculations are right that comes out to approximately a terabyte of bandwidth per day comprised completely of inbound trash. You can bet they'd rather see spam outlawed than have to sit around and pay for it.