EU Rolls out Anti Spam Strategy

An anonymous reader was one of several who noted an article about the latest developments in the EUs War on Spam. The article is pretty realistic in pointing out that EU Legislation won't be very effective unless Asia and the US do something as well.

No more Spam

[skidrowe]

The Spam will be no more...it will cease to be!

Re:No more Spam

[Comatose51]

There is no spam here, absolutely none at all. God will roast the spammers' stomach in hell.

Gotta start somewhere

[TopShelf]

The article is pretty realistic in pointing out that EU Legislation won't be very effective unless Asia and the US do something as well.

I think that view is actually overly pessimistic. I'd agree that a relatively complete solution won't exist until the US and Asia also act, but it's not like a global solution is going to be decided upon and implemented in one swell foop. If something like this works well for the EU, it provides a viable option for others to follow. Frankly, I think users would be much better off under the "opt-in" method rather than "opt out" which is being considered here. It will all come down to lobbying, of course. In the opt-out corner are the advertising and marketing industries, while the ISP's basically represent opt-in. Users are left on the sidelines.

Re:Gotta start somewhere

[Transient0]

t only overly pessimistic, but utterly defeatist.

If you are going to buy into the party line that there is no point in the EU fighting spam without North America and Asia follwing step-in-step, you must eventually decide that there is no point fighting spam at all. There will always be somewhere for spammers to run. Because when it comes down to it, even if North America, the EU and Asia all work together to pass anti-spam legislation, there is little chance of Antigua, Cyprus and Sealand following suit.

Really though, every little strike against spam makes real headway. If we can eventually drive all spammers to little off-shore havens, it will that much easier to block them. To be honest however, as a libertarian of sorts I can't help but think that filtering may actually be the better front on which to fight this war.

Re:Gotta start somewhere

[gdiersing]

Can you really legistlate a virtual annoyance/problem withing geographical boundries? How many virus authors have really been punished with similar *country* laws?

It may sound far fetched but SPAM and virus authors need to be held accountable to a virtual Internet authority if one doesn't already exist.

Re:Gotta start somewhere

If you are going to buy into the party line that there is no point in the EU fighting spam without North America and Asia follwing step-in-step, you must eventually decide that there is no point fighting spam at all.

This is very much like the argument that says: "why should I bother to vote? One more vote won't change anything." Or "why shouldn't I drop litter?".

Re:Gotta start somewhere

[fingal]

Ho hum. read the Acceptable Use Policy for HavenCo before you start pointing fingers...

" Unacceptable use of the network includes, but is not limited to... ...Bulk or regular unsolicited communications through email or other Internet protocol. (commonly called "spam") Hosting web content which is knowingly advertised by spam is also prohibited. Mailing lists must comply with the MAPS Mailing List Management Guidelines; they must be opt-in, provide confirmation protection against accidental or malicious subscription, terms of use of address use must be fully disclosed, and unsubscription methods must be provided."

Re:Gotta start somewhere

my bad.

I'm a big fan of sealand as a historic anomaly and data haven's in general. My point was about taking advantage of small countries with (intentionally or not) underdeveloped internet legislation in general. I do however apologize for being sloppy in my choice of examples.

Re:Gotta start somewhere

[bigjocker]

The problem as I see it is the same as with all the IP laws. A technological problem cannot be solved using legal methods, it must be solved technically.

As with IP laws, spam laws will only encourage spammers to find a new way for sending spam. You need a technical solution (be it closing open relays or refactoring the SMTP protocol -my personal favorite solution-) to solve this problem. You can extrapolate the development of the spam problem with the development of P2P systems. Hundreds of times the *AA have already tried to use the law against P2P sharers, but here we always complain that's not the solution, the solution should be found when they realize they are using a outdated business model that cannot be applied successfully in this information era without screwing your customers.

The same way, we cannot expect to make bigger and better laws to solve a technical problem, no matter what we do, the spammers will keep sending spam. It's a proven business model, and as long as people keep buying from them they will keep spamming us.

We must focus on solving this problem the way it should be done: the same way we have been telling the *AA to solve the piracy problem, adapt to the new era, do not pass patches to the legal system.

Re:Gotta start somewhere

[GigsVT]

swell foop

Heh. Spoonerism.

Re:Gotta start somewhere

[fmedio]

Spam, after all, is a deterioration of the signal/noise ratio. This problem can be approached two different ways :

1- by taking an infinite number of monk^H^H^H lawmakers with typewriters until probability laws drives them to pass a bill that actually solves the problem ;

2- by thinking about a nice, clean, simple, standards-compliants solution to clearly identify a piece of information as *not* being noise. (X-something header with a unique hash, anyone ?)

Oh well. The infinite number of lawmakers might end up writing decent Shakespeare, so that's cool too.

Re:Gotta start somewhere

[jason0000042]

A technological problem cannot be solved using legal methods, it must be solved technically.

People flying through the windshield when they run their car into something is a technical problem. The auto industry developed safety technology on their own, thus solving the problem technically. But seatbelts didn't save many lives until they were legislated into all cars.

People still die in auto accidents, and laws don't work completely (I'm so tired of 'click-it or ticket PSAs). But sometimes solving the technical problem isn't enough.

I think this is a case where some laws need to be involved. You can't control people's behavior with software. You can't really do it with laws either, but that *is* their problem domain.

Re:Gotta start somewhere

[ives]

even if North America, the EU and Asia all work together to pass anti-spam legislation, there is little chance of [...] Cyprus [...] following suit.

On May 1 2004, Cyprus (at least the internationally recognized greek part) wil join the EU. So if the EU goes ahead with this anti-spam legislation, Cyprus will have no choice but to follow.

Re:Gotta start somewhere

actually cyprus _is_ joining the eu soon:)

Re:Gotta start somewhere

[antikas]

Ummm... in case you haven't heard Cyprus IS a member of the EU! (one of the newly admitted, will become full member in 2004)
Never the less I do agree with the rest of your post, and definately agree with the "opt-in" method rather than the"opt-out".
The only reason the US is even considering the opt-out, against all logic, is that the goverment is too busy bending over to get fscked by lobbyists...
PS yes I am a US citizen, but am lucky enough to live in the EU... don't think I'll get back untill there are some drastic policy and cultural changes across the ocean

Re:Gotta start somewhere

You've just hit upon an important point[1]; business or technology measures cannot be applied to social problems. Your seatbelt example is a good one, as is drink driving. Litering is yet another. None of these have effective solutions without introducing and enforcing social laws.

[1]: One that many libertarians like to ignore as a mere "small problem".

Re:Gotta start somewhere

[-brazil-]

Nicely said, and total bollocks. The spammer certainly doesn't think of his spam as "noise" and will be at least as good at making it fit any clean, simple standard for "not noise" as 90% of the people you *want* to receive mail from.

Re:Gotta start somewhere

[EvilAlien]

This echos the opinions of some in Canadian industry: "There is little point seeking anti-spammer legislation and enforcement if spam-tolerant countries don't play along".

Re:Gotta start somewhere

[fmedio]

The spammer certainly doesn't think of his spam as "noise" and will be at least as good at making it fit any clean, simple standard for "not noise" as 90% of the people you *want* to receive mail from.

100% agreed. Except if this utopic standard works in connected mode with the people you *want* to receive mail from.

Say, I put a X-something: header with a magic word (hashcode ?) in my emails, and change it periodically. Anybody answering me with an X-something-reply: containing that magic word gets a better rating in my filtering system.

Or anything else... that might in any case be more efficient that the infinite numbers of lawmakers. Who, by the way, often have a really poor signal/noise ratio themselves (okay - this is called democracy).

Re:Gotta start somewhere

[-brazil-]

OK, only now people who answer to your usenet postings or comment on your website are just as likely to be categorized spammers by your filtering system as the real spammers. And *those* will probably find a way to find out such magic words.

Re:Gotta start somewhere

[Anne+Thwacks]

Laws wont stop it - but cruise missiles will.

Spammers need to be declared to be in league with Bin Laden, and splatted.

Re:Gotta start somewhere

Even if all the spam from Europe, US, and Asia dries up, I'll still be getting plenty from Nigeria.

Re:Gotta start somewhere

[fmedio]

Do you seriously use your own, true, primary email address to post on usenet or on your website ? So perhaps you want to be spammed after all ? Would you put your snail mail address and social security number as well ?

Re:Gotta start somewhere

[-brazil-]

Yes, I do. Because I want people who answer to my usenet postings in private or comment on my website to actually reach me, gosh! Besides, it's just a matter of time for any email address being actively used to become known to spammers anyway.

Hrmm

[acehole]

With all the laws, bans and implementations of anti-spam measures, I'm curious to know if there is any reduction in the amount of overall spam?

Are we fighting a losing battle? or have the tides turned against the spammers?

Re:Hrmm

[gowen]

With all the laws, bans

What laws? What bans? The occasional US state law (of which only California's is any good) and ... erm, thats it.

Re:Hrmm

[lennart78]

I think people are slowly beginning to realise that 'spam is evil'. Governments never have been the first ones to embrace 'new' ideas.

Once the majority of the people realizes that the Internet is turning into one huge advertisment brothel, where you will be flooded with advertisments, autodialers, etc. etc. unless you follow a 2 week course on how to protect yourself, things will turn ugly for spammers.

The /. crowd is ahead of this, and it is often hard to believe that people are /not/ seeing spam and popups and spyware as the threat we conceive it to be. Talk about it with your mother or your less 'educated' friends to see what they think of it and be surprised. We need to create awareness before we can create laws...

Re:Hrmm

I think spam is annoying, but government regulating communication is evil.

There's a simple solution to spam - mail servers should use bidirectional publish-subscribe (so that ALL mail is efficiently "opt-in"),and relay only for cryptographically authenticated users and other authenticated mail servers, and should NOT be required to relay mails that the mail server doesn't want to and doesn't know the origin of.

This has a simple real-world analog - just becuase you have a right to free speech, doesn't mean I (a) have to listen or (b) have to tell any of my friends what you said. Consider the mail server "me".

Re:Hrmm

[-brazil-]

Was that cynicism? The overall amount of spam is increasing explosively: on the order of 100% in the last half year alone.

Re:Hrmm

[lommer]

I don't think that we're ever going to reach a stage where a small enough percentage of society responds to spam to make it unprofitable. One only has to look at smoking, drunk driving, and a number of other societal problems to realize that there will always be a small percentage of the population that is just too stupid or self-centered or ignorant or whatever to follow the guidlines. I think a combination of strong (yet carefully crafted) legislation and technical improvements to the mail system is the only possible long-term solution to spam.

For the short term however, I wonder when some sort of vigilante action will finally take place. Given that a very few people send a large percentage of spam (someone else can google for refrences), if a determined group of people began tracking down the spammers and firebombing their computers/spam centers, or even killing the spammers if they restarted their operations, then spam would stop overnight. Most spammers aren't willing to risk their lazy sorry life to make a few easy bucks. The vigilantes would of course have to stay ahead of the law, and take out several spam operations in the US and possibly even overseas (Korea) before they gained much publicity, but I'm sure that once they did achieve publicity spam would nearly cease and they could retire to some county like Switzerland or the Cayman Islands. This is what it will take to stop spam in the short term.

It's Freedom Spam now

[mao+che+minh]

If you want the US to do something about spam, then pony up the cash. Our government won't help you (or our own citizens) unless they get paid. I always wonder why the Europeans have a hard time grasping that simple fact. Microsoft is putting their money where their mouth is, and by doing so, are able to redefine spam and make it their own. $10 says that eventually (and probably soon) the US government will turn to Microsoft to "save us from spam". Why? Because Microsoft will pay them money, and also take on the expenses, both of which make our filthy politicians happy.

Ahh, the American way.

Re:It's Freedom Spam now

nothing will change the course of spam until people stop buying the products offered in them, isps start cracking down on open relays within their networks, and the government gives some backing to a universal blacklist of open relays and spam friendly isps.

at least that's my 2

Re:It's Freedom Spam now

[davemac30]

But it only takes one person to respond out of a huge number to have made the spam worthwhile. We're talking one in a million here. Even if the response is something like 'Please remove me', it's of value to the spammers, as they've captured a current email address.

Re:It's Freedom Spam now

[tarquin_fim_bim]

Spam, like the environment, is a global issue, unless a worldwide consensus can be achieved there is little point individual nations taking action unilaterally. As seen by the Kyoto Agreement it only take one greedy country to fuck up the quality of life of all those living elsewhere.

Re:It's Freedom Spam now

[Malc]

When will Americans learn that leaving it to business will always be an inadequate solution? When will Americans learn that they pay for it either way: taxes or consumer costs (either directly for a company's products/services, or indirectly through other companies' products/servies that the price has trickled down to.) There are some things I would rather the government legislated on as they are *supposed* to be our representatives, whereas businesses only represent themselves or their shareholders.

Re:It's Freedom Spam now

[mumblestheclown]

I'll wager that $10.

Your naively conspiratorial worldview is junior-high quality. MS will not be tasked with "saving us from spam" bcause the solution that the lawmakers adopt will not be a technical one, but rather a legal one.

Please fax me my $10 at the end of the summer by which time hopefully we will have an anti-spam law in place with no mention of microsoft.

Re:It's Freedom Spam now

[TrollBridge]

If I had a choice of which entity I would like to control this, it comes down to the simple nature of the entities to choose from.

Business - while not perfect, it is in a business interest to operate efficiently.

Government - throughout history, nothing has consistently demonstrated inefficiency as government beaurocracy.

So please, enough with the socialist propaganda. While I support anti-spam initiatives, I don't believe we should be putting our trust in an entity that has absolutely no accountability if it fails.

Re:It's Freedom Spam now

Please fax me my $10 at the end of the summer

While you're at it, can you fax me some more fax paper? I'm all out.

Re:It's Freedom Spam now

[Malc]

You don't trust your government? I guess you don't live in a democracy. Whether your country is a democratic republic, or parliamentary democracy or even a constitutional monarchy, the government is formed from your representatives. If they aren't representing you properly, then you are failing your responsibilities as a citizen.

Businesses OTOH do not represent you. They represent themselves and their interests, which more often than not, do not coincide with your own.

Whether or not a business is more efficient than a government is beside the point - that doesn't make them a good replacement for a government. All a business cares about is maximising profits and extracting as much as they can from you. A government's responsibility is quite the opposite as your interests are *supposed* to be paramount. If they're not, you're not working hard enough as a citizen to ensure they are.

Re:It's Freedom Spam now

Yeah, we should let business make and enforce laws, and send in the AOL-TimeWarner Special Services to restore order in Basra.

"You with the MP3 player! Drop it!"

Re:It's Freedom Spam now

[TrollBridge]

"If they aren't representing you properly, then you are failing your responsibilities as a citizen."

I vote, and that's about all one can effectively do to influence government, short of taking off time from work to protest or donate $$$ to political campaigns, neither or which I can afford to do (I have to pay my taxes, you know).

"All a business cares about is maximising profits and extracting as much as they can from you."

Funny that you mention that. It seems lately that government is the one trying to separate me from my money more so than business. Isn't that what a socialistic government is all about?

If they're not, you're not working hard enough as a citizen to ensure they are."

Please explain what would constitute "hard enough" in your view. We are obviously looking at this problem from a very different point of view.

Re:It's Freedom Spam now

[-brazil-]

Your libertarian propaganda is even more ridiculous. First, you're mixing up two very different aspects: the goals and the efficiency in reaching them. While democratic governments may not have a perfect track record in the efficiency department, at least they are theoretically bound to ethical standards and the common good in their aims. Not so businesses, which have only one aim: to make money, no matter the damage to everyone else. As for accountability, you call a seven-figure compensation even in the face of total cock-up "accountability" and losing your office with no compensation for relatively small mistakes "absolutely no accountability"?

Re:It's Freedom Spam now

[CaptRespect]

---When will Americans learn that leaving it to business will always be an inadequate solution?---

Insightful... in the way that it shows how Liberal and Anti-US a lot of slashdot readers are.

You forget that in order for a business to survive, it must do what is in the best interest of it's customers(which is what is best for them) As soon as a business stops doing this they stop making money.
I always get to choose who I do business with, the government just takes the money, as much as it wants, and has no motivation for doing using it wisely.

Anyway I think having the government police spam will do nothing but increase our taxes. This will make the people that don't give a crap about spam pay to remove it. If we let buisness's find ways to get rid of it, the only people paying for it are the people that want to get rid of it.(and are willing to pay for it)

Besides that, how are you going to say that e-mail isn't covered by the 1ST Amendment? That issues seems pretty simple to me.

Re:It's Freedom Spam now

When will Americans learn that leaving it to business will always be an inadequate solution?

I think Americans understand that there is a classic tradeoff here. The private sector is notorious for being very efficient. Thats why it works well and we have the economy that we do today. Government is just the opposite, slow and inefficient. But they're the only ones that can set broad laws to correct for externalities.

The EU tends to let the governments take care of things first, then let businesses have the rest. The US tends to do just the opposite, leaning on the side of business. There are disadvantages to each approach and there isn't an easy answer to which is better. Fundamentally I don't think either party telling the other how to react to spam is a good idea as it cuts down on the degree of experimentation/diversity we have. But spam is a tricky beast since it crosses national borders. So maybe we should just stick to a technological enforcement mechanisms and avoid putting together laws that we may all regret in the future.

Re:It's Freedom Spam now

[Malc]

"how are you going to say that e-mail isn't covered by the 1ST Amendment?"

What is this first amendment? What ever it is, it doesn't apply to me.

Would it be something about free speech that so many people go on about? I don't see how this is a free speech issue. I don't see why I should pay to have my inbox cluttered up with crap that I can't buy or perhaps even read, let alone whether I want it or not. People/companies can say what they like, but they can't force it on my because I have a right not to listen. I would appreciate not having my life invaded by them.

"You forget that in order for a business to survive, it must do what is in the best interest of it's customers(which is what is best for them)"

Twaddle! Who brainwashed you? How is having my hard drive warranty cut from three years to one year in my best interests? How is having growth hormone in my beef in my best interests? How is pollution from a local chemicals plant that sends its goods to the other side of the world in my best interests? Need I go on?

"I always get to choose who I do business with, the government just takes the money, as much as it wants, and has no motivation for doing using it wisely."

What about the businesses you don't do business with who affect your life? A government has plenty of motivation: they want to be re-elected. If you live in a country where big business has bought off all the politicians, start evangelising or grass-roots campaigning for campaign finance reform.

"Insightful... in the way that it shows how Liberal"

You've capitalised "Liberal" as if I vote for the Liberal party. I don't, but that's beside the point. What is wrong with being "liberal"?

Proactive vs Reactive

[Webtommy88]

The United States is considering a handful of bills that take an ''opt-out'' approach

I don't get it. Why are the states taking such a reactive approach to this instead of a proactive approach?

Both are useless without the enforcement of the legislatures, but "opt-in" is alot more hassel-free.

Re:Proactive vs Reactive

Well, remember, in the Perfect World, the politicians have to weigh both sides of the coin before making a decision. We see only the ISP and user end of it. The massive waste of bandwidth, time, and effort that spam causes. I've recently signed up for a POP3 proxy service that cut down my spam by [at last count] 98.8%. In the last two weeks, exactly 7 spams have creeped through (yep, that's about 1200 spams/month) I get a lot. About 95% of my e-mail is spam.

To you and I, the arguement is simple. Spam costs me (via my ISP) money, ergo, its not allowed.

But, what exactly is spam? Someone who sends 10,000 e-mails about penis enlargers, sure, that's spam. But if my buddy Phil tells me his cousin John is looking for a network guy on the side to help him out, and hands me John's e-mail address, does contacting him to offer my services constitute spam? By the strictest definition, its unsolicited commercial e-mail, but most people would not find such types of communications very intrusive.

Also, there is the issue of hurting commerce. Spammers, despite their shady nature, are, for the most part, legal businesses. You're talking about taking a legitimate part of the economy and eliminating it. In a time when jobs and income are hard enough to come by, its hard for a politician to justify it. But, sometimes they do. Anywhere from 0.5-3 million (depending on who you believe) people will be losing their jobs thanks to the no-call list. Tear in my eye? No...but then again, I'm an insensitive prick.

Now, those are Perfect World considerations. While politicians do take these into account, who do they listen to? There is no massive consumer outcry against spam like there was for telemarketers. Just a few small activist groups and industry groups. These groups are far more outpowered by the larger companies who's potential income sources could possibly be stifiled by any type of anti-spam legislation. Especially any anti-spam laws that weren't very carefully drafted to avoid being too broad, or not broad enough. (Sending your resume to an HR department? BOOM, UCE, you're fined! Don't think anyone wants that).

Personally, though, I think the government should do nothing rather than do opt-out. Opt-out effectively legalizes spam and opens the doors to more ISPs allowing that kind of activity.

Re:Proactive vs Reactive

[qlippoth]

but "opt-in" is alot more hassel-free

Hey, leave David Hasselhoff out of this!

Re:Proactive vs Reactive

[Webtommy88]

I agree that there are many legal businesses in all that spam, just like telemarketing.

Unlike telemarketing however, spam has begun to significantly erode the ability for people to use email to communicate.

Costs involved in fighting spam is higher than that of telemarketers, and higher in orders of magnitude. My argument to your rebuttal is simply this: revenues generated by spam is offset by the massive cost incurred onto others to fight it. It effectively becomes a displacement of money: from those who fight it to those who make money from spam.

If AOL for example, could spend all the millions they spend on fighting the spam they receive on improving their service (which also creates jobs and thus contributes to the economy), then users of AOL will get more uility from their service which will lead to more customers for AOL.

The point is people who send spam are a minority in the world that is causing significant harm and grieve to a vast majority of other people and entities. For this very reason, I cannot possibly legitimize or even accept spam in its current state and thus am supportive of an "opt-in" system.

It is of note however, that I am conflicted over telemarketers.

Re:Proactive vs Reactive

[frankie]

I don't get it. Why are the states taking such a reactive approach

Because the USA is based on government of the corporate, for the corporate, by the corporate. Big business interests want to get rid of all spam except for their own, so that their "legitimate" advertising messages will be unimpeded by all the other junk. Hence, they strive to craft laws that will hurt Alan-Ralsky-types but not DMA members.

Requiring true opt-in will never pass the US Congress.

too late

[u-238]

Sigh..

before this thing is even PROPOSED, spammers have already implimented a method to deter this

http://www.symantec.com/spamwatch/

they've spread trojan viruses to moron AOL users who's PCs act as proxies thru which spammers safely and anonymously continue their work

Re:too late

[leerpm]

Legislation is not going to take out all of the spammers. In fact most of them will remain. But by forcing them offshore, to use proxies, and seek alternative methods we are making it harder and more expensive for them to do business. Spam is not going to be taken out in one swoop. It will take legislation, enforcement and probably changes in the protocol.

But every little bit helps. When they are forced to use proxies, all sorts of problems start to come up. None of them are insurmountable for the spammers but they do create obstacles. Their bandwidth is limited by the trojan proxy's connection, and they open themselves up to criminal charges for hacking. They run the risk of hitting the wrong computer, perhaps a machine administered by a particuraly ruthless and short-tempered sys admin.

An interesting experiement might be to see how difficult it is to set up a honeypot to catch the spammers using proxies.

Re:too late

[msblack]

u-238 (515248) wrote:
before this thing is even PROPOSED, spammers have already implimented a method to deter this

http://www.symantec.com/spamwatch/

The aforementioned website doesn't match the description provided. The link target is a warning from Symantec regarding illegitimate purveyors of their products. No mention of a METHOD to deter the proposed ligislation. Did you mean to reference a deeper link?

Re:too late

[gav1n]

They've also been infecting students' machines on university networks, which have high bandwith. Also, some students have been agreeing to relay spam through their machines in 'spam-for-pay' schemes. Both of these occured at my school, causing SMTP servers to be banned on the residential network. This is forcing our Tech department to implement brash solutions such as an outright ban on SMTP until they get the resources for a more elegant solution. We are amidst a state-wide budget cut.

No Spam huh?

[I+Like+Swords!!!]

Well, if all of Europe doesn't want our SPiced hAM products, that just means there's more for us...

Wait, I don't like SPAM, too salty.

Oh, you mean THAT kind of spam. Well then, I'm all for it, though I just use my @yahoo.com account for my spam collector and periodically empty it out, like every six months maybe. ;) Then again, I hardly get any LEGITIMATE email to speak of...*frowns* which is pretty sad... *walks off grumbling*

Re:No Spam huh?

Shoulder Pork and hAM, dumbass.

re: No Spam huh?

[Jucius+Maximus]

I don't get spam ... no in my main account anyway. It's a pretty simple feat too: Never give your address out. Use easily trashable redirectors or sneakemail for everything. If one starts getting spam, delete it. I have a quasi-private address at my domain name that my friends get. Thanks to doing it right from the beginning, I get *no* spam.

Re:No Spam huh?

SPiced hAM, asshat.

Look it up.

Optimum-in

[scifience]

I think it would be optimum to use opt-in. :)

Unless Asia and the US...

[robslimo]

I see the US doing something... after a bunch of wrangling with lobbiests and various red-tape cutting, but Asia? By Asia, do you mean, China, India, Japan, S. Korea, Taiwan and more? Gee, that's a large group of governments who'd likely have their own agendas and possibly reasons for not wanting to do anything official regarding spam.

Good luck waiting, but don't hold your breath. I think it will take an international entity like the UN to get anything done in a global scope and I don't have any great confidence in that either.

Re:You, sir, are an asshat

[miles1]

Asshat? That conjures up several mental images, none of which are really appealing.......

Money

[cspenn]

It's all about money. Until legislators and the rest of the folks who run systems that understand this, spam will not stop. Spam is a cost effective, if obnoxious, solution for advertising. Even if spam is illegal, unless the entire planet decides to take unified action, spam will not stop - it'll just relocate to places without extradition treaties. You'll end up having to blackhole entire countries to staunch it.

How many people and how many euros is the EU willing to pony up to enforce these laws? Probably about the same amount that the United States ponies up for speed limit enforcement. 55 MPH is the law, not the reality...

Chris
www.studint.com

Re:Money

[schon]

Spam is a cost effective, if obnoxious, solution for advertising

And burglary is a cost effective, if obnoxious, alternative to working.

Even though theft is illegal, it won't stop people from doing it. Does this mean that we should simply throw all of the theft laws?

Spam is not "cost effective", it's theft - and no legitimate business would engage in the process of stealing from people it wants to sell things to.

We need to start somewhere, and this is as good a place as any.

Re:Money

[cspenn]

True - but the difference between the laws against burglary and the laws against spam are due to the global nature of the 'Net.

A burglar who robs your house in Boston generally would have a hard time doing so from Herzegovinia. A spammer can steal resources from you from pretty much any place online.

I agree that legislation is a good place to start. But we also need to address spam from a technical side, at the server level. Spam isn't profitable if it never reaches its intended destination.

Re:Money

[leerpm]

>You'll end up having to blackhole entire countries to staunch it. This is not as bad as it seems at first. Those countries blacklisted will be forced to take action themselves. It is no different than the controls we have in place for immigration, and importing and exporting. If you come from a country where there is no problem, you normally have no problem. However, if your passport comes from a country that is not on the best of terms with the host country, perhaps say North Korea or Libya (I am probably going to get flamed for choosing them as examples), then you are bound to run into stricter and stiffer controls or filters.

It is possible, this could lead to inefficiencies though if all sorts of nations start to blacklist each other. But this is unlikely as the private sector would run most of this.

Re:Money

[SCHecklerX]

Spam is a cost effective, if obnoxious, solution for advertising.

I'd agree with your post except for the fact that spammers forge their addresses, hijack open relays, bounce their reply-to addresses, etc (seems silly that if I really wanted their product, I have no way to get in touch with them...). If these guys used real addresses on their OWN servers, then they might be able to legitimately call it 'marketing' or 'advertising'

I don't think marketing via email would be quite as offensive if these guys were prosecuted for fraud, and if they had real ways to opt-out (of course, an opt-in only system is preferable).

Get the fsckers on fraud, and make it a federal offense and most of the problem goes away immediately.

Re:Money

[Jadrano]

You'll end up having to blackhole entire countries to staunch it.
Why not? I block mails from South Korea and China already, but many people cannot do that because they rely on receiving legitimate mails from there. When most big countries have laws that have the effect of most spammers using servers in a few small countries where spamming is legal, blocking whole country ranges is much more realistic, and it would certainly be done. When the EU has a good law against spamming, it is certainly an important first step, and I hope that at least the US, China, South Korea and Brazil will follow soon. Although most spam in Europe comes from elsewhere, it would already mean something if it could stop spam sent through interbusiness.it, tpnet.pl (Poland will soon be a member of the EU) and terra.es.
I wouldn't be so pessimistic about the cost of enforcing the laws. Spam samples are easy to obtain (e.g. many peopole report them via systems like SpamCop), and it isn't necessary to trace down every piece of spam, if spammers have to take a significant risk that they are caught and have to pay a hefty fine, this will make spamming much less profitable.

from where?

[geekmetal]

But questions remain about the law's enforcement and reach -- spammers are evasive, to say the least, and most of Europe's junk e-mail comes from elsewhere.

Where, where, where does this elusive, slippery spam come from? Some mysterious nation with a communist government or an evil dictator? Bomb them. $100 reward to the first person to come up with the leading offender.

Re:from where?

[Doctor7]

Well, I'm in the UK and I think I have probably had one or two spams, ever, relating to UK products. All the rest of the 10-15 spams per day relate to US products. The country the actual email originates from is irrelevant, I'd class it all as being 'from' America if that's where the advertised product is available.

If people are going to harvest email addresses, you'd think they'd at least check that the ISP in question was in the right country...

Re:from where?

[geekmetal]

Well, I'm in the UK and I think I have probably had one or two spams, ever, relating to UK products. All the rest of the 10-15 spams per day relate to US products.

That would answer which market drives these spammers, but as far as the law is concerned in stopping the spammers we still need to know where they operate from right?
Of course the US government could surely do a lot more than they are doing in stopping them since the evil spam is basically nurtured by the US market, where everything is driven by profit or the lure of money, and morality is thrown out to the winds. The goeverment here will defend it, saying it creates jobs, wait for this issue to boil over.

Re:from where?

[Doctor7]

That would answer which market drives these spammers, but as far as the law is concerned in stopping the spammers we still need to know where they operate from right?

Not really. A technical solution requires knowing where the spam is sent from, but a legal solution only really requires knowing on whose behalf it is sent.

Re:from where?

[legojenn]

I would like to know why I get German spam. I live in Canada and I read, write & speak German, but I have never (knowingly) submitted information to a German or German language website.

jemand hat für ZBXHDHD eine Livecam-Botschaft in unserem System hinterlegt. Bitte schauen Sie in unseren Chat und rufen Sie diese dort ab. Video-Botschaften werden generell 48 Stunden gespeichert.

How do they know? If they know I understand German without being told, they should know too that umm I'm not gay so naked women are not terribly appealing. Actually, even if I was gay, the porn wouldn't be that interesting as it is all so androcentric.

Re:from where?

[Vitus+Wagner]

Probably they don't know.
I recieve a lot of spam on Chinese
and Korean, although I don't read these
languages. Thankfully, it is just
easy to tell spamassassin that I never
expect legitimate message with
any CJK charset

Sorry, but....

[Stinky+Glen20]

Sadly, this is utter, utter shite.

While it is possible to forge headers, use open relays, trogan poor @Home users PCs, etc, etc then SPAM will not be defeated by legislation.

Tighten the protocols, then we have a fighting chance.

Back to spoofed headers

[StaceyRey]

They're still going to have to figure out how to deal with the clowns out there that spoof their headers, that aren't within their legal jurisdiction to prosecute. They can make all the laws against spam they want, when they have people from other continents logging in through their servers to send spam they will have a real legal sticky wicket on their hands.

International Computing Organization

[dlosey]

While reading about Iraqis being trained in Linux, I saw that the United Nations supports Linux and its worldwide expansion. It got me thinking (always a bad thing for a /. reader), why can't we have an international group of policy makers for the computing world? They could be created by the UN and eventually form a separate organization which regulates such things as email, domain names, and spam. Sort of like ICANN, but more law enforcement based.

Maybe its just a pipe dream, but a nice thought anyways.

Re:International Computing Organization

[feldspar6]

One already exists ... or haven't you seen the black helicopters?

Re:International Computing Organization

[Peridriga]

I think that qualifies as the Bad Idea(tm) of the day...

Congrats..

Re:International Computing Organization

[mccalli]

why can't we have an international group of policy makers for the computing world?

Because then the schoolchildren of 2103 would have to learn about The Great Vi/Emacs War of 2012, where a group of rogue nations steadfastly clung to their VIM. With Switzerland, of course, using pico and generally keeping well out of things.

Cheers,
Ian

Re:International Computing Organization

[leerpm]

Personally, I think the IEEE has filled this role and done very well up to now. Why the need to get the politicians and diplomats from the UN involved?

Re:International Computing Organization

[hackstraw]

why can't we have an international group of policy makers for the computing world?

Sounds great, but why stop at the computing world? With the "global economy" and market it would seem logical to have a global government/law enforcement, but I don't see this happening any time soon. Multinational corps like being able to pick and choose which country to use for labor and legal reasons. Also, there is national pride within each nation, and the US has pretty much declared themselves policeman of the world since WWII.

Also, their already are a number of existing standards committees, and we all know how well those are followed.

Re:International Computing Organization

[dodobh]

The children of 2103 would learn about the great GNU/BSD license war, which finally ended with the creation of the GNB (GNB's not BSD) license. A license which lead to the creation of the GNU/BSD network OS, a system that so enamoured its creators that they uploaded themselves into it, making it self aware, and in control of the worlds deadliest weapons. With the amount of intelligence in the system, it would not be long before they created a world which resembled the heyday of the tech, dating from the late 20th century. Those who did not like this, were put into pods and made into a Beowulf cluster..........

$2.5 billion per year?

[mofochickamo]

Analysts estimate that the approximately 10 billion spam messages sent via e-mail each day cost European businesses $2.5 billion per year.

Where do analysts come up with numbers like this? I identify an e-mail as spam in about 1.5 seconds (but my Outlook SpamBayes filter does it even faster). If an employee is going to get that distracted by a spam (or 50 of them a day) then they will probably also get easily distracted with other things, like Slashdot ;).

Re:$2.5 billion per year?

[deman1985]

If an employee is going to get that distracted by a spam (or 50 of them a day) then they will probably also get easily distracted with other things, like Slashdot ;)

I'm definitely leaning more towards Slashdot than my spam mail

Paid, company time spent on Slashdot, to date: 100.2 hours ;)

Re:$2.5 billion per year?

[gorbachev]

The article quotes a xs4all.nl spokesperson who says xs4all.nl has 14 of its 250 employees dedicated to handling issues relating to spam.

Let's say they get paid at about $15K / year. That's $200K on a single ISP in a single country.

Add the cost of site licenses on spam filtering software used in Europe. Add a fraction of the cost of all IT support people in every business that's connected to the Internet in Europe. Extra hardware costs to store all that junk, etc. etc.

It adds up.

AOL users alone, put together, pay several million USD every month, because of spam (AOL raised their fees by $2 / month sometime last year because of spam related costs).

Proletariat of the world, unite to kil spammers. Remember to shoot knees first, so that they can't run away while you slowly torture them to death

Re:$2.5 billion per year?

[Abm0raz]

Numbers? Here's some from the company I work for (A top 100 Design and Consulting Engineering firm on the East Coast). I do the spam filtering for them corporate wide, so I know the numbers are true.

For July (first 2 weeks, 1st - 14th, including the holiday):
# Employees: 490
# Spam blocked: 43,126
# Spam/person/day: ~6.28

Now, let's use your premiss that it takes 1.5 seconds to identify and delete spam. Let's also note that our company's net profits from last year was 51 million dollars and the gross asset intake was closer to 150 million.

1.5sec/spam * 43,126spam * 1hr/3600sec = ~18hrs
43,126spam/2weeks * 26 2weeks/yr = 1,121,276 spam/yr
$51mil/yr / 490workers = $104,081.63 profit/worker/year
$104,081.63 / 2080working hrs/yr = $50.04 profit/hr
18hrs * $50.04 profit/hr = $900 profit lost in 2 weeks
$900 * 26biweeks/yr = $23,418.36 (enough for my own personal secretery ... or at least intern)

Now, this is only direct profits, not net flow, net flow is nearly 3X as much, so the loss will be 3 times as much, which means ~$70K. We could've hire another engineer for what it had cost us to deal with spam.

Now, let's take the analysis one step further and point out that 70% of our spam goes to 4 people: CIO, CFO, CEO and VP of Marketting, all of which take home salaries in excess of $400K/year (far cry from the average salary of $55K of the rest of us) so the losses are even bigger than before cause my secretery gets about 2 spam a month (unfiltered).

Now take this $150Mil company with losses of ~$70K and extrapolate out to the Economy of the EU (I'd guess several trillion, no concrete numbers to back that up, though). Let's say 5 trillion for the sake of numbers(*).
150Mil:70K::5Tril: .... $2.3Bil.
So if the EU's GNP is roughly 5 Trillion and spam is rouhly proportional throughout 1st world nations ... then I'd say, "yeah, 2.5Billion in losses is probably a fair estimate."

-Ab

(*) Hey you people accross the pond, is 5 trillion reasonable? I don't follow polotics/economy at all. I don't even know what the US's GDP is.

Re:$2.5 billion per year?

[SillySlashdotName]

XS4ALL say at least 50 percent of all e-mail it handles is spam, much of which it blocks before reaching the in-boxes of consumers. The extra traffic forces it to buy more computer servers, and 14 of its 250 employees do nothing but deal with spam.

Then there is the two big guys to keep each of them working - what, you thought they LIKED dealing with spam? - and the 5 people they had to hire to keep sharp or pointy objects and projectile weapons away from the 14. Seems people who are forced to deal with spam for a living develope INTERESTING psychological problems...

Of course one of the 14 DOES have a 13 foot penis, DDD breasts, and is dating a lesbian Russian co-ed and her horse, using the money he got from his low-cost home mortgage and the viagra purchased on-line...

The article...

[deman1985]

The article fails to mention what the penalties are for companies that violate their new anti-spam laws. Are they simple little fines like are trying to be pushed here or do they have harsher punishments? Simply labelling SPAM as illegal won't do a whole lot unless violators have something serious to fear.

Re:Answer me this

The GNAA are obviously from AFGANISTAN, look what they did to the "linux in afganinstan" article. Anyway I had a sneak peek in their IRC channel (before they /KICKBAN'd me) and they apparently have a bot that checks for the Article and when one appears the "group" which is a group of 20 trolls go and post the same crap at the same time.

See also...

[mutende]

...elsewhere

Who Decides What is Spam??

[Captain_Loser]

My job is maintaining a Web/E-mail server, and I know just what a pain it is to deal with spam. But, if the government starts to regulate "spam" how are they going to decide what is spam and what isn't? MY favorite phrase is "run your life so the government won't have to, you won't like it if they take over" that makes sense. Don't get me wrong, I despise spam, and want to get rid of it as much as the next person, but how is this going to be controlled? I think we should proceed with EXTREME caution in situations like this or things will just get worse.

Re:Who Decides What is Spam??

how are they going to decide what is spam and what isn't?

The thing is, they don't. You're not going to forward your spam to some government department so that they can decide for you if it's spam or not.

There is a pretty simple definition of spam. Go do some googling for "UBE" if you don't know what it is.

Re:Who Decides What is Spam??

[frankie]

how are they going to decide what is spam and what isn't?

The EU definition pretty much matches with the one at SpamHaus: if an email is unsolicited and bulk, then it's spam. Make sure your mass mailings are confirmed opt-in and you're all set.

Re:Who Decides What is Spam??

[two2dog]

One reason to use a bayesian spam filter, client side, is to allow each person to define spam in their own way. InBoxer, located at http://www.inboxer.com is a bayesian filter meaning that it learns by example- your example. It is based on some open source work, check www.spambayes.org for roll your own. It is my personal preference that someone else not be in charge of my bulk mail. For example, I like getting jcrew sales online- I don't like getting amazon book sales pitches, but I do like to know when my amazon order has been shipped. A customizable filter can do that. I decide what is spam.

Has NOBODY thought of this?

[not_a_george]

uhh, somebody call James Bond, or even mr. bean for that matter.

Every time I think about anti-spam wars, I think of shadow boxing.. you don't actually hurt anyone but yourself when governments get into the mix...

(no I didn't get your email dad, did you talk about that new "spy camera" you just installed or the new viagra pills you just tried?)

Well it goes something like this...

[Kjella]

EU thinks "no point, we need the US and Asia"
US thinks "no point, we need the EU and Asia"
Asia thinks "no point, we need the EU and US"

Laws have to start somewhere, and I'm sure there's a reason why all my spam is carpetbombed US crap. I'm pretty sure it's the local laws that are the cause that I have only recieved *one* spam mail in my local language, from a national company, ever. And I sent them a reply stating that next time I would file charges, and I've never heard from them again.

We need a new mail protocol, with proper digital signing and verification of authorithy (does 231.143.211.35 have permission to send mail using the domain name "hotmail.com"?) as well as integrated feedback possibilities both to mail servers, and if possible, to those administratively responsible for a given netblock (e.g. ISP) as well. If spam was more tracable, it would be a lot easier to shut down and blacklist.

Kjella

Re:Well it goes something like this...

[Montreal+Geek]

We need a new mail protocol, with proper digital signing and verification of authorithy (does 231.143.211.35 have permission to send mail using the domain name "hotmail.com"?)

Yes. And who do you give the keys to that system of yours? Who do you trust?

And I really mean trust. Trust that your "permission to send mail" will not be taken away by a competitor, or givernement, silencing you. Trust that the organisation managing this doesn't mishandle things technically. Trust that they cannot be financially "convince" to give that "permission" to phantom spammers.

Email works because it is unsecure. Sure, right now you get inordinate amounts of spam, but at least you cannot be silenced either.

Fix the cause, not the method or effect. There is spam today; lots of it. The cause of spam isn't the permissive mail system; it's naive pigeons who buy into the snakeoil that they sell.

If you lock mail down, spammers will cheat, lie and bribe their way into sending spam. But your ability to send mail may someday disapear.

Do you think corporate/governement whistleblowers (the Haloween memos come to mind) would still speak freely if the only way they could communicate suddenly needed digital signatures?

-- MG

As a writer from Asia....

[cyberon22]

The vast majority of spam hitting *my* inbox starts coming in at around 9am California time, and then peters out early evening on the East Coast.

What's this about an international problem again?

Re:As a writer from Asia....

Wonder why your spammers don't send mail in the morning from the East Coast or the evening from the West?

Re:As a writer from Asia....

[CyberGarp]

And the vast majority of the Spam I receive is in Chinese. About 100/day. Don't know how I made the Chinese spammer's lists so deeply, but I did. By the way, the only language I speak is bad English. Just cause you don't have the problem, doesn't mean that others don't.

Re:As a writer from Asia....

Thats clearly because all the Open Relays and Trojened boxes in CA do not get switched back on until 9am, due to the power shortages and energy conservation. Once all the MCSE's get into work in the morning and start powering everything up...*pow* the SPAM backlog starts flowiing again!

This is only a half-joke.

Re:As a writer from Asia....

[cyberon22]

I guess it's just a question of mailing lists then. Here's to hoping I stay off whatever you've managed to get put on.... ;)

legislation not necessary

[aggieben]

I don't think legislation is necessary anyway. I'm leary of laws that tell me how and to whom I can send messages. Anyway, if large ISP's would just block ip the sources of the spam (btamail.cn comes to mind) they could do a lot to alleviate the problem. I would rather live with minimal amounts of spam limited by filters than be forced to have laws that forbid it.

Procmail is your friend.

Re:legislation not necessary

[goatan]

Anyway, if large ISP's would just block ip the sources of the spam

Yes but they need to forced with legislation, company's won't do anything with out legislation because it costs money, they need to be forced sadly. Also any spammer blocked would just sue under freedom of speech (that law should have come with the provision that speaker thought first and lies aren't allowed). One way is for government run black lists that block i.p address with out taking out a whole country like some sys admins do at the moment.

Re:legislation not necessary

[maddvibe]

I agree. Do we really want more laws telling us what we can and can't do? Before we know it we won't be able to freely send email to whomever we want. I don't know how we're going to solve the problem of spam, but we should be careful about the laws that are made to stop it. No one wants these laws to be used against individuals to stop freedom of speech.

Re:legislation not necessary

[easter1916]

Jesus Christ! It's "leery", not "leary". The latter is an Irish surname (mine to be precise).

Re:legislation not necessary

No, it isn't necessary. All they need to do is allow mob justice to be sanctioned against suspected spammers.

Problem solved.

Well, that one, anyway....

Re:legislation not necessary

[aggieben]

It's "leery", not "leary".

Actually, it's both. If you look in Merrian-Webster, you'll find that "leary" is a variant of "leery".

Re:legislation not necessary

[aggieben]

Yes but they need to forced with legislation, company's won't do anything with out legislation because it costs money, they need to be forced sadly.

Wrong. That's the whole idea behind capitalism. If your ISP won't block spam, get one who will either block it for you, or get one that will tag it so you can block it yourself. If enough people left a particular ISP over spam, you better believe that they would get their rears in gear and address the issue. What's with this attitude that the government has to do everything for you?

Also any spammer blocked would just sue under freedom of speech...

The "freedom of speech" as found in the first amendment is a limitation on government to prevent _government_ from limiting speech. "Free speech" does not imply that we all have to listen; hence sysadmins can block ip's and domains all they want. All that is also not to mention that the majority of spammers are either (a) not in the U.S., or (b) bound their mail from somewhere outside the U.S., which makes free speech a moot point.

...(that law should have come with the provision that speaker thought first and lies aren't allowed).

Oh, that's genius. Not only is it a terrible idea, but how in the world would you enforce it? That idea would introduces an entire smorgasborg of restrictions on our freedoms and would not be enforceable anyway.

One way is for government run black lists that block i.p address with out taking out a whole country like some sys admins do at the moment.

Hmm....sounds so much like the setup in China that it's sinister. The free market is perfectly capable of handling this and sustaining....it is not capable of sustaining the government bureaucracy and bloat that this would surely introduce.

I think you're generally missing the point. The point was that freedom is more important than not getting spam, not how best to eliminate spam.

Re:legislation not necessary

[easter1916]

I've never seen it spelled that way outside of the US; it must be American usage. Fair enough.

Re:fuck

[goatan]

im just no coward i belive what i say you don't it's simple. like you

Re:fuck

that is why u need the EU to tell u what do, right? can't trust small governments now, can we?

Gotta Start Someplace!

[prs_013]

Just start posting the senators', congress men/women's email ids ANYPLACE spambots roam! Once they start getting the p0rn0 junk, they will start to think about acting on it! Then again, they just might legitamize the thing! (Think Bill cLinton).. my 2 cents worth!

Re:Gotta Start Someplace!

[-brazil-]

I hope so too, but I'm afraid those guys can afford people to screen their email.

EU Convention on Unsolicited Email

[heironymouscoward]

Section 3, Chapter II:

Article 1: All unsolicted electronic communications (UCE) intended for commercial purposes, including but not exclusively for the sale of electronic products, personal services, errection-producing drugs, digital images of a pronographic nature, and percentage offers of the fortunes of deceased African dictators, shall follow the code of conduct established in Article 2.

Article 2: all business email sent to and from correspondents in the member states of the EU shall be provided in all four (4) of the following languages: English, French, German, and Italian, plus any two (2) of the following languages: Finnish, Swedish, Irish, Spanish, Portuguese. The Dutch language may only be used as an encryption device for confidential communications.

Article 3 - Sanctions. The minimum sanction for any natural entity sending emails in an illegal combination of languages shall be no less than twenty years of service in the customer service department of the European Union. ....

I don't see the problem, so long as all EU countries implement this convention fully. That, and castrating spammers should take care of things.

Re:EU Convention on Unsolicited Email

[Malc]

"Article 2: all business email sent to and from correspondents in the member states of the EU shall be provided in all four (4) of the following languages: English, French, German, and Italian"

That goes further than the EU bureaucracy. I was under the impression that there were only three official languages for government plus the language of the current EU presidency, and that German was also often added to official events out of respect for the largest member state. Wasn't there a fuss recently when Finland was holding the EU presidency because they weren't planning to translate everything in to German? Perhaps somebody can elaborate or correct me...

Re:EU Convention on Unsolicited Email

The Dutch language

Otherwise known as, uh, "Dutch" (Nederlands if you're from the Netherlands). Its also quite an easy language to decipher if you can read English and/or German.

Re:EU Convention on Unsolicited Email

[heironymouscoward]

> Perhaps somebody can elaborate or correct me...

Ah, but the EU Convention on UCE is (a) a draft convention, and (b) the choice of Italian represents the current holder of the presidency. Note that article 5 specifically allows unlimited volumes of UCE from any business owned by Berlusconi, and that includes the Cosa Nostra and associated franchises in the rest of Europe.

Re:EU Convention on Unsolicited Email

[Malc]

LOL!

Re:EU Convention on Unsolicited Email

[heironymouscoward]

I remember learning "the English Language" as a child, and it was amazingly close to what is also known as, uh, "English". I believe the intent of the drafters of the EU Convention on UCE when they said "the Dutch Language" rather than "Dutch" was to stress the "language" part, because there are many things "Dutch", including cheese, hash, beer, and large annoying humans. Many EU conventions have been sabotaged by michieveous Hollanders trying to write their memos in Gouda or Edam instead of prose. Sneaky kaaskoppen.

Also I believe your posting proves conclusively that only one in three people here can actually "read English" at all.

Re:EU Convention on Unsolicited Email

[Allen+Varney]

Article 3 - Sanctions. The minimum sanction for any natural entity sending emails in an illegal combination of languages shall be no less than twenty years of service in the customer service department of the European Union. ....

Modded as "Informative," huh? Moderators see "Article 1-3" and their eyes glaze over. Funny, though.

Re:EU Convention on Unsolicited Email

Yet the joke never refered to "The Irish Language", "The Italian Language" or in fact any "Laungage". "The Dutch Language" is the only one. Are you saying that it would be fine for the Irish to write in Potatoe or the Italians to use pasta, but the Dutch could not write in Gouda?

The post was clearly a joke. Pointing out that a post is a joke (Especially posting "Oh my God, you people didn't get the joke!") is the lamest possible thing you could do. A lot like you did in fact. Instead I produced my own joke. Although it was not a very good one, it seems that the one out of three around here who read English didn't read it. Although you did, but that doesn't help if you didn't comprehend it and had to tack a character sideswipe on the end of your bad joke.

It is hot. I am grumpy. Bite me, with your high user I.D

Wrong!

[www.sorehands.com]

If spam is illegal, and someone uses "affiliates" that spam to promote their pills, the seller is still responsible for their agents.

Even if the person is using a ralksy to send spam from servers in China, the person hiring the ralksy is still liable.

At some point, if the product originates or the money goes through the country that's laws have been violates, you may be able to get it.

Re:Wrong!

Not if the spammer is an independent contractor.

Re:Wrong!

[leerpm]

But it is not always clear in spam emails, just who the selling company is. And you cannot always just go after the company who produces the products being sold. There is a company that has been sending out spam recently offering to sell various copies of Norton Anti-Virus. Symantec has tried to track down the vendor, but has not succeeded as far as I know.

By tightening the protocols, we eliminate a need to even bother doing detective work to find out who is actually behind the company selling the products, because the email won't even reach your inbox.

There are issues that need to be resolved with the protocol, but I think that the IETF task force will be able to come up with a reasonable solution to this part of the problem.

Re:Wrong!

[www.sorehands.com]

An company is liable for their agents, even if they are an independent contractor. It depends on the authority these people are given and if the company accepts what the spammer does.This is a much looser test than the employee v. independent contractor test.

Re:Wrong!

[www.sorehands.com]

I am not talking about going after the producer of the product. I am talking about going after the seller. If the seller is not the spammer, they are engaging the spammer to do the spamming.

Actually, Symantec has tracked down the person as selling the illegal copies of their stuff, Dr. Fatburn aka George Alan Moore and filed a lawsuit against him. AOL has also filed a lawsuit against him for using their servers.

I was about to file a lawsuit against him for spamming me, but figured that after AOL and Symantec finished with him, there would be nothing left.

One Region Can't Do It All

[chia_monkey]

I'm going to have to agree with the EU's stance that there should be similar objectives put in place by the US and Asia. I think there should be more countries involved also, but these were the two that were mentioned. In a similar stance, think about having just Iowa and Kansas (random states chosen) with strict anti-spam measures. Fine...spammers will move to VA and PA. Same will happen all over the world.

We DO need a worldwide organization to help curtail this. Isn't this the global economy nowadays? Let's treat it like one.

I would like to see however, someone being proactive. Yay EU! Pity Asia may wait and see. Pity the US may wait and see. If we all act at once, it may send the signal we're serious about this and not just testing the waters and not truly committed to ridding ourselves of this global economy drain.

Re:One Region Can't Do It All

[easter1916]

Asia is a continent, not a country.

what kind of opt-out?

[Draghkhar]

Unfortunately this discussion's overly simplistic. What kind of opt-out legislation is the US considering? There's 2 main kinds I can think of. The first is to opt out with each provider. That approach seems disastrous -- spammers just change their name or address, and what a miracle, they can spam you again. The second type is to opt out through a national registry, similar to the "do-not-call" registry that's been/being implemented in several states (including Massachusetts). If enough e-mail users opt out of spam (and why wouldn't they?) it could cripple the commercial viability of spam (at least in the US).

A final point: maybe the European approach is more effective, maybe not, but I don't see why legislative uniformity is necessary.... As long as all countries are effective in decreasing the incentive/legality for spammers to exist, does it matter? Silly example -- let's say large country A fined each piece of spam at $1 million, and large country B implemented the death penalty for spamming -- I think spam would decrease a lot pretty quickly. Anyway, if several competing approaches are tried on a large scale, and one is far and away a success, others will follow suit. Please don't posit US government conspiracies to protect spammers -- all the Nasdaq-100 companies hate spam (e.g., Yahoo, Microsoft, Apple). So do 99.9% of their online constituents. Those are the parties US legislators will (at least try to) protect.

Re:what kind of opt-out?

[statusbar]

$1 million fine? Death penalty? This would be fun if there were someone I really didn't like - It would be easy to make it look like he was spamming. Death by virus!

--jeff++

Spammers Challenge Legislation....

[pauly_thumbs]

France surrenders.

Re:Spammers Challenge Legislation....

Mod parent up +1 insightful

Oh, we realize it.

[siskbc]

When will Americans learn that leaving it to business will always be an inadequate solution? When will Americans learn that they pay for it either way: taxes or consumer costs (either directly for a company's products/services, or indirectly through other companies' products/servies that the price has trickled down to.) There are some things I would rather the government legislated on as they are *supposed* to be our representatives, whereas businesses only represent themselves or their shareholders.

Oh, we understand that. Doing something about it when you have an incredibly strong and politically active business sector is rather difficult, actually. And here, with 280M people, political campaigns are very expensive. Hence, congressmen have to sidle up to Big Business.

You have to remember, because America is so huge, we're faced with some interesting problems that Europe doesn't typically consider. Also, since we fashioned our modern democracy first, perhaps we didn't do it best, allowing others to learn from our mistakes in some ways.

However, none of that means that Americans don't realize how we're getting bent over in a lot of ways.

Re:Oh, we realize it.

[Malc]

A little off-topic, but...

"Also, since we fashioned our modern democracy first, perhaps we didn't do it best, allowing others to learn from our mistakes in some ways."

I would say a lot of the problems today aren't to do with being first at fashioning a modern democracy, but rather the revolutionary nature of that democracy. Things that are no longer particularly pertinent to the modern world have been set in stone and are no very hard to change. But then what do I know? I come from a country with no single constitutional document that evolved (and still evolves) in to a modern democracy over a thousand years. ;)

Re:Oh, we realize it.

Also, since we fashioned our modern democracy first, perhaps we didn't do it best, allowing others to learn from our mistakes in some ways.

Jesus H. Christ. Sometimes the ignorance of the slashdot readership leaves me fighting for breath. Norway, Finland and Australia had real representative democracies when white America was still beating the shit out of its slaves. (Unless, of course, "modern democracy" means slavery and genocide.)

I appreciate that "America was the first modern democracy" is drummed into you in ethics class (right after they make you salute a flag), but that don't make it the truth.

Re:Oh, we realize it.

[siskbc]

I would say a lot of the problems today aren't to do with being first at fashioning a modern democracy, but rather the revolutionary nature of that democracy. Things that are no longer particularly pertinent to the modern world have been set in stone and are no very hard to change.

What, you are implying our 2nd amendment might be slightly unsuited to modern society? How dare you! ;) That is a good point though, I certainly agree.

But then what do I know? I come from a country with no single constitutional document that evolved (and still evolves) in to a modern democracy over a thousand years. ;)

I'll grant you 788 years, and no more! ;)

Re:Oh, we realize it.

[siskbc]

Jesus H. Christ. Sometimes the ignorance of the slashdot readership leaves me fighting for breath. Norway, Finland and Australia had real representative democracies when white America was still beating the shit out of its slaves. (Unless, of course, "modern democracy" means slavery and genocide.)

Then it looks like that lack of oxygen to your brain killed a few cells up there. We were a democracy when Australia was still a bunch of fucking criminals. Some say they still are. And yes, a democracy is still a democracy when it doesn't have 100% representation. That's the definition, deal with it. Check out the policies of Athens sometime, the world's first democracy. I didn't make the rules, dickhead.

I appreciate that "America was the first modern democracy" is drummed into you in ethics class (right after they make you salute a flag), but that don't make it the truth.

Again, check the def. of democracy. And I don't salute shit, so piss off. And where the fuck are you from, AC?

Re:Oh, we realize it.

[darco]

Small footnote: The second amendment also forms our military. Without it, we would be up shit creek. As for the right to bear arms, *shrugs* I'll refrain from comment.

A good example of something being outdated is the 7th amendment:

In suits at common law, where the value in controversy shall exceed twenty dollars, the right of trial by jury shall be preserved, and no fact tried by a jury, shall be otherwise reexamined in any court of the United States, than according to the rules of the common law.

Twenty dollars!? hah!

Re:Oh, we realize it.

[MS]

And here, with 280M people...
...because America is so huge, we're faced with some interesting problems that Europe doesn't typically consider.

And you didn't consider, the European Union has about 367 million inhabitants.
Since 1995, the 15-member Union has become the world's first economic power.

:-)

Re:Oh, we realize it.

[siskbc]

And you didn't consider, the European Union has about 367 million inhabitants. Since 1995, the 15-member Union has become the world's first economic power.

Actually, I did consider the EU, though it's not really a fully political entity. And no offense, but you've seen what a mess it's become, though it certainly has its advantages. And that's without any sort of elections that span the continent. Politics and economies don't always scale easily, eh? ;)

Re:Oh, we realize it.

If and when the EU becomes a fully political entity, I say we give them exactly ONE vote in the U.N., not the 15 they have now. Whatcha think about that? Until the your-a-peein's are willing to give up all those votes, I can't take them seriously. By the same standard, should the U.S. have 50 votes?????

Re:Oh, we realize it.

[Anne+Thwacks]

280m is not anywhere near the size of the European population. But I post without access to facts, as true ./ers always do!

Re:Oh, we realize it.

Apparently the best solution is to use wheighted electrol colleges that ensure that smaller states do not get an unfair advantage in the vote? So the EU would get 5 votes compared to the U.S 2.

Re:Oh, we realize it.

[LeftOfCentre]

Actually, you're wrong there: every five years, there are EU wide elections for the European Parliament. Together with the Council, which is nothing other than the combined elected governments from each member state with a more fancy name, they are the ones with the power to pass legislation. The EU does have its problems, but it's not nearly as undemocratic as a lot of people (including people in Europe, particularly in Scandinavia and the UK) believe.

BTW, the previous poster was a little wrong on the population size -- the EU is nearly 380 million people now, and around 100 million more (if I'm not mistaken) next year following the accession of the new member states.

just let there be spam

internet's gonna be monopolized by the big corporations anyways eventually...
might as well let the small guy (porn affiliate) spam his link to make a few bucks here and there.

Re:just let there be spam

[setzman]

You mean it isn't already monopolized by big corporations?

Until they target the spammer's clients,

[crovira]

the companies who want to sell you the damn Viagra and fine their butts off, its all useless.

The only way to stem the flood is to target those who think they benefit from it.

If the VENDOR who uses Spam has to cough up a massive fine, they will put the spammers out of business. It has nothing to do with who sent you the friggin' email but who's trying to get youto spend money. Once it COSTS THEM far more than their RateOfReturn, the Spammers will suck wind.

To Fix This Problem...

[mgeneral]

It's going to require more than just new laws and legislation. To fix the spam problem, you need to fix the SMTP protocol. At one time it may have seemed ok to allow anonymous, unverified mail services, but today, it is unpractical. A lot can be done to diminish spam if we can improve the SMTP protocol. Source address verification and usable certificate services wouldn't take that long to implement and would drastically reduce the quantities of SPAM.

Re:To Fix This Problem...

[alazar]

There may be something to this idea. So the question I have is; Is there something being done to address the defficiencies in the SMTP protocol? A quick browse through ietf.org, and I didn't find anything that specifically handled it.

Although it may actually mean more than extentions to the protocol, since extentions implies that the new mechanism is not necessarily required. I can see providers, not supporting them, because there is no critical mass. Maybe in order to effectively reduce spam this way a new protocol is required all together.

This leads me to another question: Will the IETF address this (if it hasn't already) or are we going to wait until it is legislated?

Not to mention that the problem also extends past e-mail, and into IM now. In the past week I've gotten 2 prono SPim (SPam in IM). That prompts me to turn on the whitelist (those in my "buddy list") which is not quite what I want either.

Re:To Fix This Problem...

[Comatose51]

I think SMTP is fine as it is. If we add something on top of it, we will end up violating the end-to-end principle. In other words, if we want to add extra functionality, do it at the end points and higher up on the stack. I think Bayesian filters are a step in the right direction. If you truly care about the identity of the sender, use public key to verify it before accepting it. We might as well all adopt cryptography as part of our Internet life as more and more of our life gets move onto the Internet.

Which Laws, only EU Directive

[Raindeer]

Which laws? As far as I am aware there is only an EU privacy Directive available now, which has to be implemented by October (some countries won't make that date) As far as I know there are no laws in the US yet against spam, all of them are still proposals. (Correct me if I am wrong please) There is certainly no US wide law in effect today.

BESTSET WURD EVAR!

Fucktard

Try it on your friends! Combine it with other great words to create excelent images, such as "asshat fucktard"! Hours of fun for you and your family (If you havn't already murdered them)

That wouldn't work

Mandatory castration of all spammers would be nice.

They would just grow them back with their penis enlargement devices.

Re: Universal Remove List (tm)

[gorbachev]

There're a lot of problems with the Universal Remove List (term coined by spamming scum) aka "do-not-call" approach.

Most of them do not allow sitewide opt-out or wildcards.

Most of them only allow number of Email addresses per user (I have an infinite number of potential Email addresses, and at least 25 active ones I use regularly).

A listing in DMA's list expires after a year or two. What sort of bullshit is that?

There is no way in hell there's going to be a "do-not-spam" list that will work, ever.

Still, I think, I'd personally welcome one, if it was managed by a pro-consumer 3rd party (not a .gov office, marketers or spammers) and there was some REAL sanctions on spammers that do not use it.

There's been plenty of examples of Universal Remove Lists ran by spammers (spammingbureau.com, Sanford Wallace had one, Walt Rines had one too, iemmc.org, etc. etc.). All of them are/were fronts set up by spammers to keep an appearance of respectibility.

Proletariat of the world, unite to kill spammers. Remember to shoot knees first, so that they can't run away while you slowly torture them to death

Re:Maybe...

[setzman]

What should the truth be modded as Flamebait?

aw, come on...

[ed.han]

surely you realize this is just an invitation to the many libertarians to start harping on about the joys of free, unfettered capitalism and how it will go on to create the perpetual motion machine, etc....

and to be honest, i disagree that "leaving it to business" is always an inadequate solution. i would argue that leaving it to a big-brother/nanny state government is equally wrong-headed and equally inflammatory. :>

ed

Re:aw, come on...

[Malc]

"to be honest, i disagree that "leaving it to business" is always an inadequate solution. i would argue that leaving it to a big-brother/nanny state government is equally wrong-headed and equally inflammatory. :>"

Personally I think it's somewhere in between. Excesses of socialism, or capitalism, or authoritarianism or libertarianism/anarchy are bad. I think a balance of them is required for a healthy society and the well-being of the citizens. Sometimes leaving things to business works *very* well, sometimes it doesn't and the goverment must step in. Trying to choose the balance that works best is probably the hardest part of the equation. I don't want to leave things to a large, inefficient, expensive and invasive government; nor do I want to be raped by big business.

re: aw, come on...

[ed.han]

you know, that's really what i meant to say...i wish /. let us edit our comments...

i've always been of the opinion that alexander had the right idea: "everything in moderation".

ed

Correction

[Doctor7]

Just noticed that I referred to spammers as 'people'. Sorry!

ROFLMAO

[Kjella]

Informative? I can't wait to metamoderate this one... did you read the comment at all? I mean I know slashdotters don't read the articles, but if you don't read the comments either, what's the point? :)

Kjella

No, we're fighting the *wrong* battle

[swb]

We've decided that the enemy is the guy sending a mail message to my inbox, which is exactly the wrong enemy, and the hardest to catch for all the reasons EU officials think it won't work (overseas mailers, hijacked systems, etc).

The enemy is the person operating an ongoing fraudulent enterprise which motivates the guy sending the mail to do that. This is also the EASIEST person to catch, since they have to get paid somehow and the money CAN be followed.

If governments were willing to actually police the fraud, the market for spam-senders would shrink dramatically.

What mystifies me is why they're not willing to do this. Is it some BS gung-ho pro-sales "caveat emptor" mentality? I find this hard to believe, since I don't think any of the products I've seen turn up in ~/mail/bogofiltered are even remotely legitimate -- quack potions, stock and money schemes, 419 scams, et al. We're not talking about laundry soap that really doesn't get my whites their whitest, we're talking about products that are prima faciae nonfunctional.

I suppose I shouldn't be surprised about this, though, since at least the US government doesn't really care about fraud generally. How long have we been putting up with slamming and cramming? Has anyone gone to jail, or just "admitted no wrongdoing and paid a small fine"? Shit, even the number of culpable execs who deliberately and systematically lied and lined their own pockets on Wall Street who actually will end up in jail is probably countable on my two hands.

Overall I think if the government actually was interested in prosecuting the fraudulent practices and business contained in spam, spam itself would have a serious dent in it.

Instead, they do nothing, letting the spam problem get so far out of hand that the only thing left is to implement heavy regulation of email -- why do I seem to see John Ashcroft smirking in the corner during the otherwise laughable keystone-cops debates on spam?

Re:No, we're fighting the *wrong* battle

[Ben+Hutchings]

What mystifies me is why they're not willing to do this. Is it some BS gung-ho pro-sales "caveat emptor" mentality? I find this hard to believe, since I don't think any of the products I've seen turn up in ~/mail/bogofiltered are even remotely legitimate -- quack potions, stock and money schemes, 419 scams, et al. We're not talking about laundry soap that really doesn't get my whites their whitest, we're talking about products that are prima faciae nonfunctional.

Marketers see this, and realise that if even obvious fraudsters can make money out of spam then legitimate businesses with legitimate pitches are likely to do even better, if only they can get the law to say that spam is OK.

Re:No, we're fighting the *wrong* battle

[JaredOfEuropa]

"The enemy is the person operating an ongoing fraudulent enterprise which motivates the guy sending the mail to do that. This is also the EASIEST person to catch, since they have to get paid somehow and the money CAN be followed."

I wholeheartedly agree that in the fight against spam, the guy hiring a spammer is our enemy as well. However what's to stop me from hiring a spammer to promote my competitor's business, thereby landing him in legal troubles?

Re:No, we're fighting the *wrong* battle

[eaolson]

I wholeheartedly agree that in the fight against spam, the guy hiring a spammer is our enemy as well. However what's to stop me from hiring a spammer to promote my competitor's business, thereby landing him in legal troubles?

My guess this would be a public relations disaster for any company, and would probably result in massive trademark infringment civil suits and possibly criminal fraud prosecution as well.

And I missed one:

[heironymouscoward]

Article 4: any electronic communication containing more than 10% irony or thinly disguised humour shall be moderated as "informative".

What the heck is up with Slashdot, can't I even flame the good old EU without being praised as a savant?

It was a joke, guys. No-one would actually use Italian as one of the four main languages. And yes, Dutch is easy to decipher, vooral voor ons nederlanstalige. Nom de dieu, quelle band de connards. C'etait une blague, mes amis. T'was een grapje. Probleme eza te. Malamu, malamu.

Re:And I missed one:

[MountainLogic]

Dutch may be easy to decipher, but it's sure not easy to pronounce. One side of my family came from Holland, but I sure can cough and spit it correctly.

Re:And I missed one:

[Inda]

I think the looooong first sentence did it.

lol. Well done.

Re:And I missed one:

[easter1916]

You should have your own site -- this is some of the funniest lampooning of EU laws I've ever seen. It's up there with standardized bananas and condoms.

Cyprus

[Chep]

Actually, Cyprus better follow EU suit, or inaugurate its first non-transposition penalties

(not that N.T.P never happen to any member state)

Illegal

[phorm]

And then when the catch who does this... it's time for the ol' Federal Pound-me-in-the-ass prison.

Why... because as of yet spamming in many areas is not illegal. Breaking into servers and abusing poorly secured SMTP hosts is, but it can be hard to trace (especially if an admin isn't smart enough to secure against open relays in the first place).

Now, take a trojan that is infecting possibly thousands of different machines to allow spammers access. The spammers still have to control and abuse this system from somewhere... and they also have to have a recipient of revenue from said spam attempt. While the thousands of computers make it easier to flit from place-to-place, it's a large amount of computers to potentially charge them for if they get caught.

Hopefully some enterprising geek can write tools to help lure the trojan users into a trap.

Inmate A: I was convicted for violating 3 nuns and burning down the nunnery
Inmate B: I'm in for mass-murder
Inmate C: I'm a convicted spammer...
A & B: A spammer, you sick bastard. Get him!

Stupid stupid moderators!

[frankie]

The minimum sanction for any natural entity sending emails in an illegal combination of languages shall be no less than twenty years of service in the customer service department of the European Union

Anyone who marked this Informative (instead of either Funny or Troll) should be sentenced to no less than 20 whacks with a LARTing mallet.

"Informative"??

[CrystalFalcon]

Whomever moderated this post "informative" clearly didn't read the post. I particularly liked this section:

The Dutch language may only be used as an encryption device for confidential communications.

LARTing Mallets

[heironymouscoward]

Unfortunately for LARTing fans, the use of physical violence against natural entities (even Italians) is strictly controlled by the EU Convention on Applied Interentity Violence, section 3, chapter III, articles 5 to 10. LARTing mallets are permitted but only from July 1 to July 14 (so you missed the season), and only if you hold a grade 3 license in applied LARTing.

Further (I know, this is a long post, but these conventions are very detailed), the number 20 is not a valid EU number. This may surprise some people, but in a ruling by the EU Commission on Trade and Industry in 2001 (ref. PB/221/2231) the number 20 was ruled as being "unfair" and "discriminatory". A great effort has been made to move all businesses to 19 or 21, and this has largely been successful. However, the EU is now faced with cheap imports of 20 from Eastern Europe and counterfeit 19's and 21's from China (since there is now a shortage of these numbers). There is a decision pending that will create a superfund to pay for the production of extra 19's and 21's, and some people have even suggested using 22's, but the Italians have vetoed this, saying that 22 is a fascist number. And they should know.

--- Brussels, July 15th, 2003.

Asia is not a problem, if

[Baki]

you just block all mail coming from Asia.

90% of spam I received came from Asia (korea, china etc) until I added the following to my postfix access config file:

202 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
203 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
210 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
211 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
218 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
219 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
220 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
221 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
61 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM

Re: Universal Remove List (tm)

[SN74S181]

Proletariat of the world, unite to kill...

I have .sigs disabled when I read Slashdot comments.

Yet you persist in spamming us with your faux-Marxist blather by pasting it at the bottom of your comments.

Please desist your spamming, brother.

Charge

[basingwerk]

To fix this spam problem, combine micro-payments with a (very small) charge to send mail. The charge could be 0.1 penny. It would be charged at the forwarding mail server. Email clients would have a spam button. The reader could press it if it's spam, and she gets to keep the tenth of a penny. What a bonus. That's it... spam gone.

Re:Charge

You have to realize that this scheme won't work at all. I send out mail that some people would consider spam to some of our former clients, and each time we send 60,000 emails we make at least $1500.00. A $60 fee leaves us with $1440.00. Hell, even if it was a cent per email we would still be making money... and so would the people sending the mail for us. The one thing nobody accounts for in the micropayment system is who ends up getting all this damn cash that people pay to send emails. If the provider gets paid to send email, exactly what motivation do they have to keep spammers from using their servers? none. They're already getting a cut, regardless of how good or bad the spammer's email campaign actually does!

Re:Charge

[Vitus+Wagner]

It's easy - money should go to addressee
of message.

During normal communication there are
approximately same amount of letter in
each direction, so it would be zero total.

If you subscribe to mailing list, you
pay subscription fee, which would
be returned to you eventually with messages from the list.

But if you are sending spam,
you are paying people to read it.

If it wouldn't stop spam, it would
at least make it more bearable.

Re:Charge

[basingwerk]

Spot on! Some people might even plant thier emails so that spammers would pick them up, then get paid for nothing. Once you had enough spam to buy the groceries, you could give up work.

Re: Universal Remove List (tm)

[gorbachev]

Please feel free to NOT read my posts, if they so annoy you.

Proletariat of the world, unite to kill morons

I say, kill'em

Very good point.

Between your comment and one of them further up, am I the only guy to think that all it would take is a massive termination (as in death) of the 200-ish recurrent spammers to send a strong message to the spamming community out there ?

Most of you guys in the USA have weapons... Think of the greater good and go use them for something useful !

Not in European law.

If sending spam is against the law, so is paying
people to do so. And they can be catched.

Not death.

If they die, then they don't suffer. Long slow painful torture for years. Or maybe wires from the computer speakers to the groin so when the computer says, "You have spam" they will feel it.

Unless APIC Countries do something we are screwed

I have been running a spam honeypot for about 2 weeks now as an open relay. And as far as I can tell all the source ip addresses are from APIC countries.

Just for kicks I did the following:
grep queued /var/log/maillog* > count.tmp; \cat -n count.tmp

414686 /var/log/maillog.1:Jul 11 23:37:30 pot sendmail[16117]: h6C3bRV16117: to=, delay=00:00:02, mailer=esmtp, pri=30535, stat=queued

The above email is from a spammer checking the relay.....I have to manipulate the queue daily to make sure they get the response they are looking for:-)

In two weeks time It has nabbed about 400,000 spams and all of them originate from APIC addresses where the Sysadmins and upstream providers ignore complaints.

So all is useless unless apic countries do something.

Useless

[jmuscatelli]

Personally, unwanted email and unwanted phone calls are annoying, but what is the bug deal? Is it actually worth it to have this kind of action while we should be focusing our efforts on drugs, war, and hunger? I realize it gets tiring, but scrolling through email, reading the good mail, and then deleting the rest is a pretty simple task. I think this is more of a laziness issue.

Ignorance must be punished too

[Vitus+Wagner]

Do you think that people whose PCs are
infected by trojans are innocent victims
of spammers?

No, I'd disagree. They are actively helping them by their ignorance.

If people who send out macroviruses
are to pay fines, they would quickly
learn how to use few checkboxes in their
mail client.

Of course, if ingnorant users are fined, software publishers who sell
mail clients "designed to allow virus
propagation", operating systems with
no access rights support and word
processors which are able to incorporate viruses into documents,
should be treated as drug dealers.

Opt in in the us

[matfud]

I can't see how opt in would work in the US. As
soon as you opt in to one company their "business
partners" would start sending you "solicited
emails" too.

Would you not also need some form of personal data
protection legislation?

matfud

Re:Opt in in the us

[radja]

yes, indeed you do. data protection legislation is already in effect in the EU.

Which is great, if...

[Kjella]

...you have no business relatiionships there, no friends there, no people you know moved there. It works on your very own little personal server, but it doesn't deal with the spam problem for an ISP, a corporation, or anything else of magnitude.

Maintaining personal blacklists is pretty easy, but how much time would it take millions and millions of people to all do that? It'd be as bad as the problem it is trying to solve.

Kjella

Re:Which is great, if...

[Baki]

If Asian countries don't implement laws to effectively fight spam, this might be a way to force them. If people and businesses can no longer send us e-mail because personal servers, but also ISP's simply blacklist an entire country, I think it might have some effect.

Using relays based in other countries won't be possible either, since relays are also blacklisted.

An anonymous reader was one of several who noted..

[gav1n]

An anonymous reader was one of several who noted an article
Sucks to be one of the several others, unless of course they were all anonymous....

Right. But do they enforce it?

[sean.peters]

Of course they're going to have a policy like that... the question is whether it's anything more than window dressing. "Of course, Mr. ($CompanyRep), if we were to find out you were spamming with this account, we'd have to cancel it... wink, wink; nudge nudge..."

Sean

Re:Right. But do they enforce it?

[fingal]

No idea if they do enforce it, but with their current rates, they are not going to be offering a particularly attractive deal for spammers when their profit margins are already dropping as time rolls on...

not more Europe?

[siskbc]

280m is not anywhere near the size of the European population. But I post without access to facts, as true ./ers always do!

First, that's not as far off as you'd think. Particularly if we're defining "europe" as "EU members." Comes to 380M, which is about 1/3 bigger. Second, Europe's never had an election, and has yet to be integrated into anything resembling a whole. Using the same currency doesn't count. If that was all, every country that pegged its currency to the dollar would be American. Doesn't work that way. Doesn't bring the same problems of scale.

Re:not more Europe?

[LeftOfCentre]

Europe does have elections -- to the common parliament every five years, and indirectly to the EU council via local parliamentary elections.

Re:not more Europe?

[siskbc]

Europe does have elections -- to the common parliament every five years, and indirectly to the EU council via local parliamentary elections.

Those are not elections by the people, those are elections by their representatives. Indirectly doesn't count. THere is no election, unless I missed something big, where the 380M-odd people of Europe participate in the same election. Doesn't happen. And since my original point was that American national elections are on such a scale that no one but the very rich *can* run, that's relevant.

Re:not more Europe?

[DOsinga]

The 380M-odd people of Europe *do* participate in the same election when they vote for the common parliament every five years. Everybody votes on the same day and there are even sort of European parties with their own fractions in the parliament. EU council is indirect.

The parliament isn't very important, of course, but it has some power.

EU did what?

[Kwiik]

End users are smart enough to do what now?
Err..
Been taking too many case notes.

Limit but effective Anti-spam email add-on

[Jarth]

*Breath*, Here i go . . .

I'm pretty concerned by all this legistlation efforts on spam, not becaus i mind the spam to end. But because it's a great workaround for any privacy laws in place. Mind the life-log project and other similar enhancements. Might a simple software proposal not cause enough effect ?

In the end let's not forget spam is not allways unwelcome to some, and there's both legal and illegal mass-mailing.

The general idea is to have some talented programmer(s) write a standardised (rfc'ed) plugin for a number of email client(s) wich will improve point-to-point authentication and even point-to-list/group authentication. As such spamming could be ended by letting the user CHOOSE wich he or she want's to receive mail from. Much like an ICQ-client does but, preferably, more secure and with some funtionality to counteract some actions like authorisation-flooding. I allready but some work into this idea, cough*, but AFAIK lack the skills to write one myself.

I've posted this proposal here and there on a couple of occasions but for now people are baffled by the available brainpower interested in earning millions. Amazingly enough these people are proposing humongous databases wich will cost a LOT, wreak havoc on any privacy law out there and in the end will probably fail at really resolving the spam issue.

That's what we call dotbangers (xXx) over here, though the word's pretty hard to translate.

Feel free to send me a mail or message if you'd like to start a project on this.

Re:Limit but effective Anti-spam email add-on

There's not really a need for a software solution.

All it needs is a decentralised database (read: ISPs, companies, in fact, any domain/SMTP provider can do this to all their accounts) which contains some unique watermark for _each_ account.

If incoming mail doesn't have this watermark embedded in the body in a specific place (like after the main message or whatever: it'll have to be put in manually, so an anti-bot device such as driverguide's download engine which gives you a 3-digit code in gif format would do for that) it'll bounce/simply be deleted.

The spammer would get no reply, and the intended recipient wouldn't even see it in his inbox.

OK, so that would take the onus away from each state to take positive action against spam, but it does give incentive for providers who want to retain their customer base. If spam filters were more effective (ie stopped before they got to the inbox), that would, IMHO, be enough to scotch the whole spam industry before long. End-user filters which sit on client machines are just too damn slow to catch on to new tricks. Watermark legitimate mail and reject the rest. Problem solved.

I hear ya, what about the watermark? Put it in manually, you say? Sure. You going to insert uniwue watermarks in a hundred thousand messages for a measly hundred bucks? Only if your time's worth about .02cents an hour...

And which is a muddle...

[jotaeleemeese]

... in which legislatores, politicians and judges have to fight hard to find the correct thing to do.