Earthlink Wins Another Spam Award: $16 million

linuxwrangler writes "U.S. District Judge Thomas W. Thrash Jr. awarded Earthlink $16 million and an injunction against Howard Carmack for Carmack's use of Earthlink to deliver spam. Given that Earthlink is still awaiting payment of the $25 million it won against Kahn C. Smith last year, it views the injunction as the bigger of the two wins." A few more of these, and maybe the tide of spam will eb. Maybe. Nah.

I wish I could get in on this

[AyeFly]

As my subject line says...I do, but I dont see how anyone other than large corporations can go through the process to actually get a judgement. I mean, I get mostly spam these days, even on an account I made, but never used a single time! Anyway, thats my rant for the day.

Re:I wish I could get in on this

[Eric+Damron]

If you live in states with anti-spamming laws you may be able to sue the spammers. Not for millions of dollars however.

In Washington state we are allowed to sue for up to $500.00 per spam. However, the spammer must do something like give a false return address or misleading subject line.

You should check your state laws.

Re:I wish I could get in on this

[anthony_dipierro]

Don't you know, when Earthlink collects money, all of its customers save money!

(Oh c'mon, it's no more ridiculous than saying that spam costs the recipient money)

Re:I wish I could get in on this

[t0rnt0pieces]

If you live in states with anti-spamming laws you may be able to sue the spammers. Not for millions of dollars however.

In Washington state we are allowed to sue for up to $500.00 per spam. However, the spammer must do something like give a false return address or misleading subject line.

Considering the amount of spam I get (sometimes hundreds per day, and I'm sure that's not an unusual amount), and the fact that 90%+ of them have fake return addresses, at $500 per spam I probably could sue for millions.

Re:I wish I could get in on this

[egburr]

No, it's a lot more ridiculous than saying that. Earthlink won a judgement. To do so, earthlink spent a lot of the customers' money on lawyers. To actually collect the money awarded in the judgement, Earthlink will have to spend more of the customers' money on lawyers, collectors, etc. If they get more money back than was spent on the process, I will be surprised.

So, spam does cost the recipient money, not only in terms of bandwidth, CPU time, storage, download time, frustration, irritation, etc., but also in all the unrecovered costs of prosecuting, persuing, and attempting to collect on the judgement. Customers may not directly pay for all of that, but their monthly rates reflect all those costs.

Re:I wish I could get in on this

[Jeffv323]

In Washington state we are allowed to sue for up to $500.00 per spam.

Actually, it's not up to $500, but exactly $500, or actual damages - whichever is greater.

See here.

-- Jeff

Re:I wish I could get in on this

[Black+Copter+Control]

If they get more money back than was spent on the process, I will be surprised.
If they don't, then they shouldn't have sued in the first place.

Monetary awards are not the only reason for suing somebody (although going into court without a monetary interest can confuse the best of judges..). Here in BC there are many cases of companies going to court go get injunctions against protestors, etc. Although the injunctions are nominally interlocutory (until the case properly goes to court), they often stop prosecuting the case after the injunction is granted (i.e. the injunction is the only reason why they filed the injunction. I was actually surprised to find that they actually proceeded with one of these cases and got a ($6000) award.

Although they seem to have little hope of collecting on the $16M award, the fact that they can have these people arrested for violating the injunction can probably save them thousands of dollars in human an hardware costs.

Re:I wish I could get in on this

[Kryptkrwlr_XTC]

Earthlink is not getting a penny, I live in Buffalo, NY (the home and base of operations of Carmack). Our Hometown News station went to his CRAPPY APARTMENT above his parents house yesterday. He lives in a pretty bad part of town, which isnot so strange since most of Buffalo is a "bad part of town". He definately wasn't making the big bucks.

spammers?

are they ever going to see the money from this settlement?

Legal vs technical vs payperemail

[arete]

I used to believe that legal remedies couldn't stop things like spam, but I think I was wrong.

The very fact that spam is only a problem when it's on a large scale (don't think about recieving on a large scale, think that the list has to be large...) means, I think, that legal solutions can prevail.

arete

Payment in Goods?

Seeing as how these spammers probably DON'T have millions of dollars in the bank, and even Microsoft was able to negotiate for penalties being only in software, is Earthlink likely to get a truck load of $16M of penile enhancement cream and Nigerian banknotes in compensation?

Any relation?

[dido]

Wonder if this spammer has any relation to good 'ol John. ;)

About as much chance as...

[Spittles]

"A few more of these, and maybe the tide of spam will eb." Yeah.. and maybe if the RIAA sues the pantaloons off a few more University students, people will be wracked with guilt and delete their collection of MP3's. Maybe. Nah.

Re:About as much chance as...

[arkhan_jg]

There are several differences as to why the threat of (and actual) legal action can be more effective against spammers. First, there aren't very many spammers. Most estimates put most spam to be coming from a few hundred US based spammers, bouncing off worldwide open relays. Bankrupt or imprison them for the various laws they break, not least fraud and deception, and the flood of spam worldwide would become a trickle, and much of that would be nigerian. (don't know about you, but the nigerian scam is only a tiny, tiny percentage of my inbox) This is an entirely different proposition from trying to nail the millions of P2P users. Most P2P users can legimately think that the chances of them getting caught are still pretty remote, especially if they live outside the US. Second, spammers are very very reviled people by anybody who uses email. Just look at what happens to their postbag when their address is known. Thus people will actively co-operate in nailing them, and most big businesses have an interest in getting rid of spammers, even if only to give their legit (optin) direct marketing campaigns a chance of getting eyes on. Again, this is different to P2P, where you're pretty unlikely to be hunted down and attacked at every opportunity. Finally, there are a lot of people trying to ease the draconian grip the record industry have upon our cultural heritage. Whether those efforts will succeed or not is unknown, but it is plain that these businesses need to adapt to the changes in customer preferences. Apple's service is only the start. The only way the spammers can alter their business model is to stop doing what they do, or at the very least, clean up their act and stick to genuine optin marketing. No more porn spam to children, no more herbal viagra, and definitely no more fecking .NET messenger spam (yes, definitely .NET messenger, i'm running kopete on linux!) Either way, we win. And I have to say, it's about time corporate america started using their big bucks and 'most money wins' legal system to do something for the overall good, even if that is only a side benefit to them.

A real jerk

[LittleLebowskiUrbanA]

This guy used his relative's info for setting up accounts. When Earthlink talked to his 58 year old retired uncle, they figured out what was going on when he mentioned a nephew that works at home w/ computers. (I read the Wall Street Journal. Headline news!)

Awards vs. Injunction

[sssmashy]

Last year the company was awarded $25 million in damages in a suit against another big junk e-mailer, Kahn C. Smith of Tennessee. Youngblood said the company hasn't collected that award. But the monetary award, Wellborn said, is less of a victory than the injunction.

Nobody will ever collect civil damages from a spammer, because the vast majority of spam does not come from legitimate companies with assets. Most spammers tend to be individuals: low-rent sleazebags with bad credit and a history of illegal or borderline illegal activities. If they actually had millions of dollars they wouldn't stoop to spamming.

The injunction is a good thing because if one of these lowlifes tries spamming again, they can throw him in jail.

Re:Awards vs. Injunction

[gary+bernhardt]

Generalizations like this do *not* further the anti-spam cause. Spam is most definitely an area where very large financial gain is possible. This obviously precludes spammers being "low-rent" sleezebags.

This reminds me of the thousands of posts over the years on Slashdot asking "Why does anyone spam? Noone buys that stuff." Then about a year ago a story gets posted showing someone who made *millions* spamming, and everyone stopped discussing it as if it had never happened.

Randomly assigning adjectives to someone you view as an opponent will not help your position. All it will do is make you look like someone who blindly slings insults, without giving any thought to the situation.

Re:Awards vs. Injunction

[anthony_dipierro]

The injunction is a good thing because if one of these lowlifes tries spamming again, they can throw him in jail.

You mean this guy was using stolen credit card numbers and identities and he's not in jail already?

Re:Awards vs. Injunction

[datavortex]

Sorry, but in this case unfortunately the generalization is correct. That's pretty much how it's played out I'm afraid. There's only a couple spammers like Milette and he's more clever (and able to find scumbag salespeople at desperate bandwith providers) than many would like to admit.

Re:Awards vs. Injunction

[dubl-u]

Spam is most definitely an area where very large financial gain is possible. This obviously precludes spammers being "low-rent" sleezebags.

Even if somebody lives in a high-rent place, they can be a low-rent sleazebag. Hollywood is full of them, for example. And that the gain is possible doesn't mean that all spammers get it; the spammers I've taken the time to track down and talk to have often made very little from it.

Generalizations like this do *not* further the anti-spam cause.

Well, actually, they do, especially when they're true. It makes it much easier from a PR and lobbying perspective to be able to say paint spammers as beyond the pale.

I recently chatted with a fellow who's in the on-line porn industry. Although he doesn't spam, he knows a number of spammers. He seemed quite convinced that they were sleazebags. I've met a few myself, and all of them, excepting the once who were just plain clueless, were all sleazebags.

And all the ones I've seen profiled in the press were pathetic excuses for human beings, too. Like the guy in Minnesota, who previously was a cop. Until he got busted for selling drugs to children, that is.

So if you know some spammers who are smart, upstanding, concerned citizens, hey, share the details with us. I'd be fascinated to find once who is a vegan pacifist buddhist. No, scratch that, I'd be fucking floored.

the problem

the problem of course is that all the spammers will just move overseas, where US law won't hurt them and they are ignored by local government.

Huh?

[Evil+Adrian]

They say injunction.

I say injection.

stolen identies/cc #'s

[Pootie+Tang]

Carmack and others kept the bulk e-mail flowing through Internet accounts opened with stolen identities and credit card numbers.

Considering this and the fact that he didn't even show up to defend himself in court, why bother obeying the injuction? They don't arrest people for this stuff anymore?

Obviously Earthlink isn't going to get $16 mil out of this. I take it verizon didn't collect on their $6.9 million judgement either.

Re:stolen identies/cc #'s

[poot_rootbeer]

The spammer can just put the $16 million charge on the stolen credit cards he used. Problem solved!

Solution or a bigger problem

[failedlogic]

I've looked up our friend Mr. Ralsky on spamhaus and it would seem he's probably not paid anything yet in damages. http://www.usatoday.com/tech/news/techpolicy/2002- 10-29-spam-suit_x.htm http://www.spamhaus.org/rokso/search.lasso?evidenc efile=1290 Further it would seem he has enough money to hire lawyers to appeal convictions and the other normal legal ramblings which take forever to settle lawsuits. Won't this suit/injuction simply be more of the same?

erm...

[2MuchC0ffeeMan]

wait, i have earthlink, do i get a piece of that pie? how many users does earthlink have? 10 milion? good, that's like a buck twenty i should get off my next bill.

I don't understand

[theirpuppet]

If Earthlink, and company, have been doing side deals with spammers for years, and some people have the documentation to prove it, why isn't there a class action lawsuit or something. Lately, in the interest of customer appeasement, brand recognition, and some more advertising many companies like Earthlink have been suing spammers, except we all know they'll never get any money. They already got their money from the 'secret deals'. They are now flaunting their 'respectability' and 'anti spamness', and this should be more reason to applaud them for their legitimate efforts and penalize them for their shady dealings.

I'll never understand why people accept apathy. I know the reasons, but they still get on my nerves.

Re:What about spammers with foreign servers?

[Seth+Able]

Did they get nailed for the CC fraud or for illigal/unauthorized use of the servers? From what I read, the later is what won Earthlink the money. I imagine the CC will be another Federal matter, won't it?

Seth

Death of a spammer

[Animats]

As I've mentioned previously, we had a problem with a spammer forging our Downside(tm) return address, resulting in over 16,000 mail bounces. It's been a headache, but all 24 of his "extreme rape" web sites, plus his billing sites, are now off the net.

Originally, he was buying hosting from several US ISPs, including Rackspace. We asked the ISPs to identify the site owner, as required by law (because he accepts credit cards) and when they found they didn't have good info on him, they killed his accounts. He was using about five ISPs at a time, and had his own DNS server so that he could quickly switch from one ISP to another as he was kicked off. The spam itself went out via open Telnet proxies. Whois info is plausible, but fake.

This seemed like a big-time operator, but over time, a different picture emerged. It became clear that this guy's business isn't porno. It's collecting credit card numbers. The porno sites were very shallow. ISP operators told us they were typically $5/month hosting sites with maybe 1MB of content. Some of the web sites were purchased with bad credit card numbers.

This guy kept coming back, typically buying bottom-level hosting through resellers. He tried a hosting service in Mayalasia and got kicked off. He tried one in Brazil and got kicked off. He tried a "bulk friendly" ISP in the US and got kicked off. Finally, he ended up with everything on a server in St. Petersburg, Russia. It took a few days, but he's been kicked off there, too.

We have some hints of who he is. We've spoken to some people he's dealt with. When we get a solid ID, we'll go after him for trademark infringement.

It's possible to win these things. It's time consuming, but persist. Trace where the money goes, not where the spam comes from. Follow up daily. Half an hour a day keeps the spammers away.

Re:Death of a spammer

[Animats]

California Business and Professions Code section 17538.

(d) A vendor conducting business through the Internet or any other electronic means of communication shall do all of the following when the transaction involves a buyer located in this state:

• (1) Before accepting any payment or processing any debit or credit charge or funds transfer, the vendor shall disclose to the buyer in writing or by electronic means of communication, such as e-mail or an on-screen notice, the vendor's return and refund policy, the legal name under which the business is conducted and, except as provided in paragraph (3), the complete street address from which the business is actually conducted.
• (2) If the disclosure of the vendor's legal name and address information required by this subdivision is made by on-screen notice, all of the following shall apply: (A) The disclosure of the legal name and address information shall appear on any of the following: (i) the first screen displayed when the vendor's electronic site is accessed, (ii) on the screen on which goods or services are first offered, (iii) on the screen on which a buyer may place the order for goods or services, (iv) on the screen on which the buyer may enter payment information, such as a credit card account number, or (v) for nonbrowser-based technologies, in a manner that gives the user a reasonable opportunity to review that information. The communication of that disclosure shall not be structured to be smaller or less legible than the text of the offer of the goods or services. (B) The disclosure of the legal name and address information shall be accompanied by an adjacent statement describing how the buyer may receive the information at the buyer's e-mail address. The vendor shall provide the disclosure information to the buyer at the buyer's e-mail address within five days of receiving the buyer's request. (C) Until the vendor complies with subdivision (a) in connection with all buyers of the vendor's goods or services, the vendor shall make available to a buyer and any person or entity who may enforce this section pursuant to Section 17535 on-screen access to the information required to be disclosed under this subdivision.
• (3) The complete street address need not be disclosed as required by paragraph (1) if the vendor utilizes a private mailbox receiving service and all of the following conditions are met: (A) the vendor satisfies the conditions described in paragraph (2) of subdivision (b) of Section 17538.5, (B) the vendor discloses the actual street address of the private mailbox receiving service in the manner prescribed by this subdivision for the disclosure of the vendor's actual street address, and (C) the vendor and the private mailbox receiving service comply with all of the requirements of subdivisions (c) to (f), inclusive, of Section 17538.5.

...
(g) Any violation of the provisions of this section is a misdemeanor punishable by imprisonment in the county jail not exceeding six months, by a fine not exceeding one thousand dollars ($1,000), or by both that imprisonment and fine.

This is very straightforward. No ambiguity here. Accept a credit card number on the Internet from someone in California without first providing real contact info, go to jail.

This is enough to get you talking to an ISP's management levels or their legal department, rather than the abuse department. From there, progress is usually rapid.

This is way too hard

[ChrisWong]

The WSJ article today goes into some detail about the arduous chase with little pay-off. Earthlink must have some really dedicated anti-spam activists to even try this. Think they are getting big bucks? Hardly. From the WSJ:

The lawsuits rarely collect payments because most spammers don't have much money. Last year, EarthLink won one of the industry's biggest settlements -- a $25 million judgment against a Tennessee spammer, but it hasn't yet collected a cent. The Federal Trade Commission has brought 48 actions against spammers who make false claims about products or identities, but it hasn't recovered much money either. "Many times, there is no money left," says Brian Huseman, staff attorney at the FTC.

And it involves a lot of grunt work per spammer. How much is your time worth? It's like "The Cuckoo's Egg" story again. For just this one guy, for example:

The pursuit of the Buffalo spammer became Ms. Youngblood's top priority early last year. She spent about 10 hours a week on the case, and her employees spent another 10 to 20 hours a week, in total, hunting to see where he was hiding on the network.

Unless we start seeing some high-profile jail time, there won't be much of a victory.

Re:This is way too hard

[minas-beede]

And it involves a lot of grunt work per spammer.

Who are the spammers in the Tulsa, OK area? I've got some pretty good evidence against someone there. Wasn't much work at all. I received a relay test message from him, I delivered it, now spam is arriving that (so sorry, Mr. Spammer) isn't getting delivered. Over 5000 recipients so far. The spam comes to my fake open realy through open proxy systems.

He's sending the relay tests from:

adsl-65-70-89-125.dsl.tulsok.swbell.net

He spams:

Subject: FWD: ASSET - BACKGROUND - MISSING PERSON SEARCHES..
Subject: FWD: BACKGROUND & ASSET SEARCHES - SAME DAY!
Subject: Fwd: background & asset reports - same day..
Subject: WE FIND MISSING PERSONS FOR YOU...OR NO CHARGE..
Subject: Re: WE FIND MISSING PERSONS FOR YOU...OR NO CHARGE!
Subject: Re: BACKGROUND & ASSET REPORTS - SAME DAY"
Subject: Re: background checks - same day service!
Subject: ASSET SEARCHES - SAME DAY SERVICE.
Subject: Re: BACKGROUND & ASSET SEARCHES - NATIONWIDE SEARCHES'

with this phone number for the marks to call: 1-877-269-3892

His relay test message went to timsmith777@connectfree.co.UK

He's been sending tests from that same IP for quite some time so I think it's the spammers IP, not an open proxy.

Let's have the DEATH PENALTY for spamming

[dilute]

I can only think of a few crimes that merit the death penalty, and spamming is one of them.

Other crimes that definitely merit death include:

-- Serving popup ads

-- Peeing in the alley behind my apartment building (dogs get clemency)

-- Sending emails without subject lines

Re:This is what is needed...

[Gojira+Shipi-Taro]

I dunno. A 12-guage shotgun blast to the face would stop one pretty good.

(that's meant as a joke, folks, go ahead and take those two or three big points of karma away for trolling anyway though, I'm sure it'll really hurt me)

I like the idea of financialy annihilating them though. I like that alot. facial tatooes of "I'm a spamming piece of shit. I wasted your money and the money of your children. Please punch me in the face until I pass out and spit teeth into the gutter" would be acceptable as well.

Why isn't he in jail?

[runchbox]

The WSJ article said he'd used 350 stolen identities and credit cards to set up accounts. We've got the laws we need to put people in jail for credit card fraud -- so why is he at home avoiding phone calls?

Re:Why isn't he in jail?

[silentbozo]

A WSJ article from last month says it all. Basically, the credit card companies aren't interested in prosecuting fraud because they pass the costs directly to the merchant to accepted the card (with extra penalties to boot.) If you (as the merchant, or the customer) try to get the credit card company to follow up on a fraud attempt, they'll just ignore you. As a consequence, identity theft goes unpunished, customers are lulled into a false sense of security (oh, we'll just deactivate your old card and issue you a new one), and merchants get a lossage rate of up to 2% when accepting credit cards for card not present transactions...

Besides, for criminal cases, you need a prosecutor to file a case. Unless the amount is above a certain number, they'll typically just ignore you.

At ~.02 per spam, that's still a bargain

[BreadMan]

Without knowing what he charged his customers, his fine doesn't seem all that large.

I think it's about time ISP's started charging for each e-mail both sent and received, somewhat like stamps. Something tells me the elasticity looks very vertical in this market and a small cost will do wonders for reducing spam.

SPAM? What's that?

[tony1c]

I'm starting to believe that the SPAM problem is more of an educational issue now. I've used two different programs that have been highly effective against SPAM (spamnet and POPFile). I use POPFile exclusively now, and I've almost forgotten what SPAM is. Yes, it's still a major problem for users out there (especially those using web-based clients), but there is highly effective technology out there to counter it. We don't need to launch costly and ungainly legal offensives against spammers - we already have software that can render them irrelevant.

Re:That's "ebb"

[adamfranco]

While "grammar nazis" seem like a PITA, their presence does help make the comments on /. better spelled. While my "grammar" might not always be the best, I at least paste into OpenOffice and spell-check so as not to look like some completely ignorant fool.

Yes, "grammar nazis" can be annoying, but they do serve a purpose.

Speaking from personal experience

Speaking from a front line position in certain corporations *coughs* phone monkey *coughs* in no way represents any corporations opinion (just what I see at the job)

I'd say besides connection issues...

Spam and pop ups tend to be the most irritating thing about the internet to those unfamiliar with it in general... I'm quite sure it's caused plenty of customers to cancel regardless of quality of service of the connection or the quality of customer service of any company...

Not only the cancelation but the support of the end user with these issues also costs money. Running 24/7 tech support with MSN, Earthlink, AOL or any major ISP...

1800 systems don't come cheap. Money is measured in minutes.

When 50% of your calls are due to spam and pop ups... With the rest as connection issues... If somehow you can kill the reason that the end user has to call in you already saved yourself a ton of money.

Of course I've talked with people who wanted to cancel their internet because they saw a banner ad saying "You are broad casting you IP!!"

Explaining the nature of pop up ads to the user is one thing, but when they are highjacked by Xupiter, Newdotnet, or "insert your spyware of the week" it's hard to understand from their end... Not to mention those same programs will cause IE to DIE! on say Windows computer if the program itself dies. (I'd say Newdotnet is horrible for that if it eats your wsock32.dll in win98... and embedds itself all over the registry... no web pages for you...)

Heck if I know how it gets on their computers.

"Do you have Kazaa on your computer?"

Usually the answer is "yes"

Personally, I'd like to see a few ISP companies go after these Spyware companies... Sure the end user can't sue because they agreed to a EULA but it often costs their ISP large sums money in terms of support costs...

Re:Is it just me or....

[Raven42rac]

Basically, spammers make money because some "John Doe", who does not know any better is buying their stuff. If no one clicked through and bought their stuff, it would just fizzle out. But hopefully these huge settlements will scare the "casual" ass, I mean "mass e-mail marketer" out of the "business" and the rest will be sued into oblivion. IMHO, the crux of this matter will be proving that someone either did or did not "opt-in" on some website somewhere with some "checked tiny ass checkbox" located on many websites. "I did not sign up for that", yes you did, on this date at this time. On the other hand, if you contacted them and they did not stop sending you things, then you should have a legal ground.

Moral is: do not buy their wares, and scrutinize all websites that ask for you e-mail address, read the privacy policies, and make sure you do not inadvertantly sign up for mail from "affiliates".

Hosting my own server

[Nonillion]

This is why I host my own e-mail server. It is FAR easyer to block unwanted spam than to have no control of my ISPs based e-mail account. SPAM has to be rejected at the mail server, accepting the e-mail and then filtering it out with your e-mail client does no good at all. It will be interesting to see if any of these SPAMers ever pay up.

Maybe when hell freezes over SPAMers will finally catch a clue...nahhh, I doubt it..

Avoid court fines now !

[Alain+Williams]

I'm just putting the finishing touches to my sure fire way of avoiding court fines, something that I am willing to share for a mere £100. Could all slashdotters please help me in this noble enterprise by sending me the email addresses of all the spammers that they know.

Re: "Patriot" Legislation...

[nametaken]

Couldn't they bend 'spam' into a legally actionable offense by calling it 'terrorism'?

I know the idea of a site that sells penis enlarging devices and offers college degrees for $19.95, terrorizes me.

Re:SPAM? What's that?

[Spetiam]

It's both a matter of principle and spam does have a financial and quality of service impact on companies and consumers.

In order to dodge spam, companies/consumers have to either spend the time manually deleting spam or put out the money to buy software to filter spam. In both these cases, spam still eats bandwidth.

Companies also have to be careful (i.e., spend time/money) that software filters do not delete legitimate email, as this could potentially have a severe imapact on their business dealings, service record, etc.

Finally, the burden of spam should fall on those responsible for it, not those that are "victimized" by it. So let's still nail the spammers.

how big is the fish ?

[huistr]

I'm wondering how does he size up against the "top 180 responsible for 90% of all spam". Apparently, he is not in the ROKSO list.

Re:SPAM? What's that?

You're missing an important point. Even if you don't see your spam anymore, you're still paying for it. Spam is a major part of your bandwidth bill - why are you and I paying for their actions?

Re:SPAM? What's that?

[CodeBuster]

The problem with this argument is that even if we all ran Bayesian Filters and blocked 99.9% of all spam messages from hitting our inboxes there would still be billions of messages going back an forth between mail servers before they are caught by the filters. This is a major drag on Internet bandwidth even if all of us never actually saw another spam in our inboxes ever again. These people who abuse their network privileges and degrade the network for the rest of us should be caught and punished for their behavior. Another thing that would really help is for slashdot people to advocate proper mail server configuration, including disallowing open relays, and education of all of the part-time mail sysadmins out there who perpetuate the problem with their own ineptness. There are groups already trying to do these things and it is helping, but it will take much more work on the part of mail admins and users to shut the spammers down for good.

Treat Spammers like hackers!!!

[pkinetics]

1. Spam is theft of services and or equipment.
2. Spam is often misrepresented, ergo fraud.
3. Spam is often sexual harrassment.

Why not go after these people for real crimes and send them to the slammer, confiscate their equipment, and all that other stuff the FBI loves to do? Also gotta figure if these guys are making any money, their probably violating some IRS law, so send more feds after them.

Bah... until judges and politicans actually grow up around this stuff, or have to answer their own emails, they'll never pursue it.

I bet when Bill Gates kids start getting spam, we'll see some radical solutions.

Subpoena SWBell to get his address

[billstewart]

It shouldn't be too hard to get his address - doing a lawsuit in small claims is probably enough to get SWBell to cough up the address of that DSL line. And you should be able to come up with an excuse to sue him. You might be able to get the SWBell security folks after him, but more likely they'd just cancel the account and it'd be protected by their privacy policies.

OK, I have a friend who is a sleazebag^W spammer

[Simon+Brooke]

I went round to see a friend last night. She is a mostly sensible, mostly reasonable, fairly tech literate person. Her values are on the whole mostly in the right place. She runs a small bunsiness and until recently her business has been mostly servicing a government contract. That contract ended and was not renewed. She has laid off most of her staff, but she has no income and still two employees to pay, and she's desperate to find new work.

A couple of months ago she came and talked to me about how to set up a bulk email thing and I thought I'd succeeded in persuading her that it was a seriously bad idea and she shouldn't do it. Apparently I hadn't; last night she told me she'd started sending bulk UCE.

This isn't someone whom I'd describe as sleazy, and it isn't someone who's stupid. It's someone who is desperate. I think you will find a lot of spammers are.

The problem can be tackled, it seems to me, at two levels. Yes, if there's legislation (particularly if it has real teeth) then peopel will get a good clue that this is not a good thing to do. But it also needs there to be a professional ethic among systems and network administrators that we will not allow the infrastructure we control to be used for this sort of thing, and that we will kick offenders off and cancel accounts; and that if our management say different we will refuse to work for them - a sort of hypocratic oath for geeks.