Spammers Pleased with 'Anti'-Spam Act

grung0r writes "A post at Ed Foster's Gripelog explains why the new anti-spam law that Congress is passing isn't a good idea: 'it's clear that only the Direct Marketing Association, Microsoft, AOL and a handful of others had any input into the law, because it's carefully crafted to allow the big marketers free reign. And the loopholes it provides them will be more than big enough to provide aid and comfort for the smallest and sleaziest of spammers as well.' More about the problems with the law can be found at cauce.org." The direct marketers are dancing in the streets over it.

Yay government.

[shystershep]

The lack of the private remedy is bad (there's nothing more intimidating than looking down the barrel of a loaded lawyer), but at least the law requires the spam to be labeled. That will make it a lot easier to filter out - - provided, of course, that those anonymous sellers of penis lengtheners obey the law. If you can't trust someone like that to be a law-abiding citizen, who can you trust?

Re:Yay government.

[satyap]

No, fuck no. I don't want want to filter the spam after it has already gotten into my system and is chewing its way through my procmailrc! I want it to stop outside my network.

Re:Yay government.

[sketerpot]

If spam is labeled, it'll be easy for ISPs to kill it, and advantageous to to so as quickly as possible---they don't like spam wasting bandwidth any more than you do.

Re:Yay government.

[Brad+Mace]

At least it's progress. If the labelling requirement can be enforced, it might give us more meaningful statistics on how spam is clogging the internet. Either way, spam can't go unrestricted forever. The bandwidth consumed by spam is vastly outpacing the bandwidth available. Eventually even our government will understand that spam has to be limited in order for the internet to function.

When spam reaches the point that other, more profitable ecommerce activities can't function, we'll see some real restrictions.

Re:Yay government.

[BrynM]

"but at least the law requires the spam to be labeled"

But not with any specific label and the law forbids the FTC from setting a standard label. Thus, one message might be marked "ADV", and the next one marked "SOL" (solicitation), and the next marked "FOO", and the next marked "Sparky the Sample Bot", and on and on... This will make it pretty much useless to filter as it would raise the false positive rate by adding too many triggering words and phrases (ie: AOL labeling with "Hi ____, here's your updated message.") annoying most users and making the filtering software the villian in their eyes. A nice backhand if I ever saw one. Even the people who will obey the law will be left lots of wiggle room to gunk up and real filtering.

Re:Yay government.

[pheared]

You assume that ISPs have that capability, whether it's possible or not.

Re:Yay government.

[Rev.LoveJoy]

By ISP, I assume you mean the backbone carriers?

+1, wishful thinking.
-- RLJ

Re:Yay government.

[AnotherBlackHat]

I don't want want to filter the spam after it has already gotten into my system and is chewing its way through my procmailrc!

So what, you'd rather read it?

Sure, it would be better to stop spam from being sent.
But filtering is better than nothing, and making that easier is also better.

I'll take what I can get, and ask for more.

Re:Yay government.

[todesengel]

Did you read the article? The bill does specifically states that spam must be labeled, but it fails to mention how. All that labeling will do is make it so spammers have to cleverly hide the word "ad" somewhere in their email. And judging by how smart spammers can be at hiding this sort of thing (think about it, '<a foo>a<!--SDOIGNSDG!--><a>d' or something like that...), I don't think that labeling will do a damn thing.

Re:Yay government.

[satyap]

Read the rest of my post.

Re:Yay government.

[Maestro4k]

• If spam is labeled, it'll be easy for ISPs to kill it, and advantageous to to so as quickly as possible---they don't like spam wasting bandwidth any more than you do.

Yeah, but the only thing that'll actually be labeled properly will be legit E-mails from marketers/companies you agreed to receive marketing from. If an ISP blocks those, I'm quite sure that the DMA will sue them faster than they can sneeze. The real spam will still clog up the bandwidth and E-mail boxes and server resources like it does now. If anything it'll be worse, the spammers can pretend to be legit while covertly making sure they're not. (i.e. screwing with the mandated subject line so it'll start A dv: instead of ADV: and so on.)

This bill won't help at all, at best it'll have no effect, but it'll probably just make things much worse. Hope the DMA jerks are happy, once the spam reachs critical mass, even their mailings won't make it through anymore.

Re:Yay government.

The other problem is the federal law says that it replaces and state laws. So states like Washington with pretty nice anti-spam laws get screwed.

Re:Yay government.

[lseltzer]

What percentage of the spam you get comes from "legitimate" direct markets like the ones disparaged in this /. story? I doubt that 1% of my spam comes from them. 99% of the spam will continue to come in violating the provisions of this law because to honor them would make them easy to filter. So the law is not a sop to marketers, it just won't make much of a difference.

Re:Yay government.

When spam reaches the point that other, more profitable ecommerce activities can't function, we'll see some real restrictions.

I doubt it. More likely the USA will choose to protect its own marketers by going after foreign spam. I can just see them threatening China with trade sanctions unless all those GB2132 emails that hardly anyone can even read stop coming in...

Re:Yay government.

[sketerpot]

Yeah, I wasn't actually saying that this YOU CAN SPAM act was a good thing. It turns out that I was completely wrong about the labeling; there's no uniform standard for labeling, so this just gives spammers easy legitimacy in the eyes of the law. I hope that it'll make it slightly easier for filters to pick out labeled spam (by matching tokens like "dv"), so they can be more certain about the classification, but that's a pittance compared with the disadvantages of this pathetic excuse for the excrement of representative government.

ISPs can block spam before it reaches their customers. I know this because my ISP does it, though I don't know if it's entirely legal. I propose that if an ISP gets the ability to filter spam well, they should offer a free service to their customers to do so---an opt-out service, so you're signed up by default. It would be such a delicious little joke on spammers' "business methods". :-)

Re:Yay government.

[aldousd666]

It will make it nice and easy for me to write a rule for .spamassasin. That's a damn[ed] thing if you ask me.

Re:Yay government.

[DirtMcGirt]

First, I should say that I'm definately not pro-government across the board. However, this

Yay government. The lack of the private remedy is bad.

is a little naive. This law is a private solution! Businesses effectively wrote the law. As long as there's money to be made spamming or selling anti-spam software, no 'private solution' will work. It's pretty sad, but I trust government more than big business.

Re:Yay government.

[Blain]

I think the (in)effectiveness of labeling in making it easy to filter spam will depend heavily on the filter you're using. And the language courtesy of spamlaws.com does indicate that the labeling must be:

(i) clear and conspicuous identification that the message is an advertisement or solicitation;

(ii) clear and conspicuous notice of the opportunity under paragraph (3) to decline to receive further commercial electronic mail messages from the sender; and

(iii) a valid physical postal address of the sender.

There are a finite number of "clear and conspicuous" ways of identifying a message as an advertisement or solicitation, so even static filters shouldn't have too much trouble with that. POPFile has been very reliable in grabbing spam that has used quite a few tricks -- it'll snag these things with no problem at all.

This law clearly isn't a panacaea, and I have doubts about the enforceability of it, but it's a start. And it does require review of its effectiveness and whether it will need to be changed, and that's a good thing. I don't expect congresscritters to get this right the first time out of the box. It shouldn't take long for it to prove ineffective if it's going to be, and the popular hatred of spam will continue to provide political pressure to get something more effective (if change of law will do it).

Re:Yay government.

Good they can all start killing it when it's sent not when it's recieved.

Re:Yay government.

[Zeinfeld]

Did you read the article?

Why bother, the person who posted to slashdot clearly had no idea what was in the bill. All we get is the usual 'Gubermint BAAD' liberweenie rhetoric plus a few anti-Microsoft and anti-DMA rants.

The politics here were that voting against this measure would be like voting to legalize peadophilia, not going to happen. I really wonder who the 5 holdouts were, I bet they are in really safe districts, either that or it is a technical vote to make sure that there is someone in the minority in case they need to fix something.

The DMA was certanly lobbying its ass off. But the DMA is not quite as spammer friendly as it is painted, spam represents the competition. The DMA wants rules that disadvantage the competition from spam but want to avoid precedents that could negatively impact their business.

AOL and Microsoft are spending hundreds of millions on dealing with the spam their customers don't want. They have football pitch size machine rooms where a huge percentage of the capacity is dealling with spam.

The point of the bill was to criminalize the worst of the worst spam. Criminal enforcement is expensive and there are a lot of spammers. That means that the authorities will not be able to go after everyone, they will focus their attention on the worst of the worst. That means the pornographers, phony viagra, identity theft and advance fee frauds.

The big problem in enforcing the act will be finding the spammers to prosecute them. But flip that arround, that means that the spammers are going to have to spend more resources hiding. It also means that authentication mechanisms that can assure the recipient that the sender is a legitimate registered business that has provided a valid address where legal process can be served can have a real effect.

This bill is not the solution to spam, but it is a useful tool in the fight. The sad thing about the spam problem is that there are a lot of people whose main interest is not solving the problem, its taking the credit. There is no single silver bullet solution here, but instead of wellcoming input from different angles there are people whose objective is tearing down any proposal other than their own.

Re:Yay government.

Just had to chime in one more time.
There is a severe critical exploit in all SMTP server software.
Install the update which includes a SMTP spam filter which can't be turned off and deletes all mass mailings at the originating server.

Re:Yay government.

[Moofie]

How do you figure? That's the point: Since there's no specified method for labeling, there is no way to write one rule that will catch spam.

So it's no different than today.

Re:Yay government.

[gcaseye6677]

I didn't see anything in this law that requires ISPs to deliver any mail. If the owner of a mail server wants to block any email coming from someone who's first name is Andy, they are free to do so, its their server. This law certainly won't help things much, but I really don't see how it will make anything worse.

Re:Yay government.

[instanto]

Do you trust your ISP to filter out ONLY the SPAM and not any legit emails you should have received?

So far all the anti-spam tools I've used - or seen - catch a lot of emails that are not SPAM - and it would suck to loose any of them.

Re:Yay government.

[lennertjansen]

If spam is labeled, it'll be easy for ISPs to kill it

Or for the SMTP's to kill it, or to held them responsible for it.

Re:Yay government.

[lennertjansen]

hmm... like he already said:

time to start!! we're not there yet, so don't panic!

Re:Yay government.

[aldousd666]

If you'd read the bill, it says that within 18 months of the enactment of the bill that it would be up to an agency (can't remember which off the top of my head) to come up with a label. (They suggest ADV actually)

Re:Yay government.

You can use postfix regex header checks to filter on the Subject line and reject the email.

It'll never make it out of the postfix process.
It'll also never get checked by spamassassin or amavis.

Re:Yay government.

[sketerpot]

No, I don't trust my ISP to do so. They do pretty well, but it still isn't perfect. So I opted out, and I do my own spam filtering. The thing is, the people who buy things from spam are usually to lazy and/or clueless to set up filtering or to opt out of ISP filtering. If the filtering gets so good it would be acceptable at the ISP level, I think it should be considered. If enough ISPs put filtering in place, it could really hit the spam indistry where it counts---profitability.

Re:Yay government.

[instanto]

What I am afraid of is that the ISPs will decide - at a point - that their filtering is soo good you should no longer have the option to opt out.

THEN it becomes dangerous.

Yes, allow people to have filtering - but ALWAYS allow them to have the option of opting out.

Knowing how some of the larger ISPs work I am quite sure that a point will come in time - when filtering will be non-optout-able... and I will loose emails in the process.

I can do it best myself ;)

Re:Yay government.

That should be "lose", not "loose".

Re:Yay government.

That should be "lose", not "loose".
.

Re:Yay government.

That should be "lose", not "loose". ..

Re:Yay government.

[Moofie]

Why wait 18 months? That's stupid, unless you're a direct marketing executive with a bunch of lawmakers in your pocket.

Oh wait.

Re:Yay government.

[aldousd666]

got me. I guess it just gives them time so the bill can be amended or repealed. Or bought out entirely, to keep in playing with your conspiracy theory -- there is a nice little escape clause that says the committee can reccommend against the label altogether if they so choose.

I hate it when spammers are pleased

But I love it when pleasers are spammed!

I agree, it's not good enough

[r_glen]

With the new bill, we have to rely on and trust the 'opt-out' option, something we've been trained NOT to do.

Re:I agree, it's not good enough

[Txiasaeia]

You STILL can't trust the opt-out option -- what happens if the spam is from outside the US? In this case, you're just as screwed!

Best way is still just to grab the headers and complain to the account from which the e-mail came.

Re:I agree, it's not good enough

[frankie]

rely on and trust the 'opt-out' option

Oh but it's worse than that. The opt-out provision only applies to the specific company being advertised. Start a new shell company (maybe $50 in some states, less in the carribean) and you can spam everyone all over again, 100% legally. Plus you've got all those freshly confirmed addresses!

In fact, I don't think the law prohibits selling your opt-out list to other spammers, for use as their new spam list. Isn't life grand?

Further problems with the law:

• no private right of action. 99.98% of spammers don't cause $5000+ worth of damage and therefore will never be prosecuted by the FBI or FTC. Individuals, companies, and probably even state governments will have to take it up the ass.
• Meanwhile, the big names on ROKSO will know how to abuse the loopholes free and clear.
• Nulls out all existing state spam laws, most of which are stronger than this crap.

But all the Congress-critters get to go home to their districts and say "I voted to protect you from spam!" without even realizing that they're lying (except that as usual their lips are moving).

Re:I agree, it's not good enough

[r_glen]

"...what happens if the spam is from outside the US? In this case, you're just as screwed!"

OTOH, it might be good if all spammers to want to pretend they're from the US... maybe they'll finally learn some god damn English!

Re:I agree, it's not good enough

Best way is still just to grab the headers and complain to the account from which the e-mail came.

Because no one can forge email headers...

Re:I agree, it's not good enough

[menscher]

I don't think the law prohibits selling your opt-out list to other spammers, for use as their new spam list.

Perhaps you should read Section 5(a)(4)(A)(iv). It says there that they can't do that.

Not that I believe any spammers will actually follow the law. Personally, I'd like to see a provision for consumers to be able to sue. Then I could opt-out using a unique email address, and when it gets spammed, sue the hell outta them.

Re:I agree, it's not good enough

[silentbozo]

Any challenger with an ounce of sense is going to run ads saying "incumbent X legalized spam, get rid of the bastard and vote me, candidate Y, as congressman/woman"

Strike first. Set the tone. Make it a campaign issue. You think that voting for an "anti-spam" bill is going to work, when it becomes public knowledge that the bill made it 100% legal for scum-marketers to fill up your mailbox?

As a business owner, voting for a business-friendly candidate means not only lower taxes, but a permanent ban on ALL types of unsolicited e-mails. Anything else is tantamount to a congress-approved tax on my time and money - time to keep my spam filters in good repair, money for my bandwidth and additional equipment requirements, as well as in terms of potential lost business due to the effects of spam.

Vote the bastards out of the House. Vote the bastards out of the Senate. They listened to the wrong special interest this time.

Re:I agree, it's not good enough

[An+Anonymous+Hero]

Oh but it's worse than that. The opt-out provision only applies to the specific company being advertised. Start a new shell company (maybe $50 in some states, less in the carribean) and you can spam everyone all over again

How about something like this: If you want to send commercial e-mail, then all the addresses you send out in it (sender, smtp from:, return address, any urls and links in the body) must be from the same domain.

May be a PITA to comply with, and "defining spam"/"defining commercial" remains tricky, buy hey, these would be the rules if you want to do it legitimately. It certainly won't stop Amazon from sending me an account status.

Re:I agree, it's not good enough

No, no, no, no, no, NO.

Never never NEVER click on an "opt out" link. Never never NEVER reply to the "remove me" address. This only confirms three things that spammers are very interested in learning about you.

#1, your email address is "live" and works
#2, you read spam
#3, you are stupid enough to do what a spammer tells you to do

So your email address gets burned onto the next "MILLIONZ OF LIVE SUCKER ADDRESSES GOLD MINE CD" and sold to Alan Ralsky and Eddy Marin, sucker.

Re:I agree, it's not good enough

[B.D.Mills]

As a business owner, voting for a business-friendly candidate means not only lower taxes, but a permanent ban on ALL types of unsolicited e-mails.

Uh ... I assume you mean spam? "Unsolicited e-mail" is what I must send if I find a business's e-mail address on their website and I e-mail them to ask for more information about their wonderful product or service.

Re:I agree, it's not good enough

[silentbozo]

Whoops. Sorry, that should have read "unsolicited commercial e-mails", aka, spam. Basically, I have objections to people e-mailing me, wanting to buy stuff. People wanting to sell stuff to me should stick to sending me flyers and catalogs.

The worst offenders are the bozos who "merge" e-mails with demographic info, and other data. They THINK they're doing targeted e-mails when in fact they're annoying the hell out of me by spamming my customer support addresses. Some organizations that send garbage to me are people I would have done business with... had they not made the very offensive decision to buy one of these "targeted" lists, that have my personal info, and the assumption that an e-mail address is just like a postal address.

Like I've said before, if this bill is signed into law, I'm turning on whitelisting. NOBODY will be able to reach me, unless they go through a challenge/response system (or via a web feedback form, for as long as that stays unmolested.) Yes, I'll take a hit on business, but letting all these vermin steal my time would do even more damage.

Just in case anyone is interested, the House vote was 392 in favor, 5 against, and 37 no votes. Take a look and see if your congresscritter sold out (mine did, not a surprise.)

Yes

[blackmonday]

Those who can do: Do.
Those that can't do: Spam.

Re:Yes

Those who can, do
Those who can't, spam
Those who can't spam, teach gym

(with apologies to Woody Allen)

I assume they are dancing in the streets because

[Savatte]

they bought 12 van halen cds for the price of 1

Pro-business

[JohnGrahamCumming]

Seems to me that the act is pretty pro-business all around. It's pro-business in the spammer sense since it lets marketers send unsolicited mail and it's pro-business in the anti-spammer sense since the existence of spam will keep anti-spammers in business!

What more would you expect from a capitalist country?

John.

Re:Pro-business

What more would you expect from a capitalist country?

The strongest economy and highest standard of living in the history of the world. But we already have that.

Re:Pro-business

And corporations controlling the law-making. And confinement without trial. And fat kids. And crap telly. And too many lawyers.

Re:Pro-business

And crap telly.

How ironic. A limey making fun of American television when the best things to come out of their little island are Mr Bean and "Keeping Up Appearances".

Re:Pro-business

How ironic. A limey making fun of American television when the best things to come out of their little island are Mr Bean and "Keeping Up Appearances".

How ironic. A yank making fun of British television when the best efforts of sitcomland are "Friends" and "Charles in Charge".

Re:Pro-business

[anthony_dipierro]

it's pro-business in the anti-spammer sense since the existence of spam will keep anti-spammers in business

Sorry. That's the broken window fallacy. If a different bill would eliminate spam, the savings to businesses in terms of increased productivity would far outweigh the loss in terms of a few filtering companies going out of business.

Of course, a different bill wouldn't eliminate spam. Spam is a global problem, it can only be solved by a global solution. If you're going to rely on laws, then we're talking about IANA. All spammers need IP addresses, after all.

Re:Pro-business

[silentbozo]

Pro-business my ass. Rising standards of living are due to increase productivity and worker efficiency. What you're proposing is a DECREASE in productivity and worker efficiency. Any other economy which eliminates this inefficiency will be poised to reap increased benefits from technology, while we wallow in the stone age, with people having to hire gatekeepers to keep their e-mail boxes clean.

What you have here is a powerful entrenched lobby representing a very specific special interest group (marketers) - ironically one that took it on the chin with the do-no-call list (although they managed to stall that too in the courts.) This special interest group does NOT speak for the business community.

Whats the point?

[CrackedButter]

Of having a civilisation if all people are going to do is constantly undermine everything people work for? It could be a hit and a miss with this post but i am unhappy with all the news i hear. I stopped watching TV because its so depressing and now where ever i go on the net, there is conflict after conflict. Its seems that no matter what we create for the benefit of everybody there is countless others who will undermine it and more importantly get away with it. Everything can have a negative effect on society but it seems everybody wants to rob or cheat it. But if its a way of life where does it get everybody? The people who cheat eventually die and leave a shithole for the rest of us.

Re:Whats the point?

[sys$manager]

Welcome to the true realization of human nature.

Your only friends here are cynicism and pragmatism.

Re:Whats the point?

[chriso11]

You know - my main goal in my life is to have left the world a slightly bit better for me being here. I don't know how I'm doing (there is no place to check your score), but I know for a fact I'm not f'en it up as much as a lot of people (e.g. Congress).

Oh well.

Re:Whats the point?

[CrackedButter]

A worthy post with decent replies, only irony can explain the moderation of "troll".

Re:Whats the point?

I agree... but they will be mod^2'd to hell.

Did anyone fool themselves..

[clifgriffin]

...into thinking this would stop spam anyway?

Nothing can stop spam outside of God.

Blogzine.net

Re:Did anyone fool themselves..

Nothing can stop spam outside of God.

I'm sure a 12-gauge will do a good job.

Re:Did anyone fool themselves..

He would, but he's too busy trying to sort through all the prayer spam...

Re:Did anyone fool themselves..

Spam can't be stopped, but it can be slowed down.
What if an ISP charged really low base fees and then 50 cents an email. An average user would still save money by using them (because their email output plus the low base fee would be lower still than their AOL bill now. A spammer would get hit hard.

Imagine if we were to intersperse some federal servers that were programmed to recognize record and track all email that flowed through them. At some base level, the machine would dump the messages (say under 10 per day), but over that would send the originating URL to the federal owners of the server who would demand payment for the use of federal resources at say oh, two bucks a message. Eventually, the ISP's would have a strong incentive to monitor their users and limit the spammers.

Just a musing of a spam fatigued reader.

Re:Did anyone fool themselves..

[ThrasherTT]

Are you sure? I'm convinced that The Watchtower is spam, myself.

Re:Did anyone fool themselves..

[Hoser+McMoose]

How, pray tell, would that affect a spammer?! You don't honestly think that a spammer uses an ISPs legitmate e-mailer servers do you? Let me guess, you also think that those spams with "hotmail.com" from addresses were actually sent from Hotmail too?

Face it, spammers are criminals, and expecting simple laws to stop them is hugely naive when the multitude of existing laws that spammers break continue to go unenforced.

Re:Did anyone fool themselves..

Even God cannot stop SPAM ;-).

Re:Did anyone fool themselves..

[Dhaos]

The problem we have here is the same problem that those of us who work in the tech industry face: the people in charge ultimately fail to understand the technology. You've got to remember that everything your congressman has heard has been summarized and packaged, probably by several lobbyists.

The fact is that legislation alone cannot stop spam. The truly nefarious spammers already break the law and set up drone machines to do their dirty work! The sad thing is, anyone on /. has the intelligence to realize this--those in charge are too stupid or greedy to care.

The fight against spam has to involve technology- not to filter out unwanted mail but to combat it at its source. If the government proposed to do that, I'd be happy to send in extra taxes.

Re:Did anyone fool themselves..

[Kenja]

I named my shotgun God. Saves time all around.

Re:Did anyone fool themselves..

Technology allow will not stop spam either. We've been fighting this battle for almost a decade now and the spammers are winning. I agree that legislation isn't needed. It's time for some law enforcement. I've seen very little of it and only civil stuff. No spammers really fear civil penalties, because they hide behind corps.

Re:Did anyone fool themselves..

[Maestro4k]

• Nothing can stop spam outside of God.

He's too busy processing souls from all the deaths in Iraq to deal with spam though.

Re:Did anyone fool themselves..

Nothing can stop spam outside of God. Unfortunatly, nothing can stop Spam inside of God either. Also inside of God, it's too dark to read.

Re:Did anyone fool themselves..

I'm sure a 12-gauge will do a good job

You are my hero. If you kill them, I promise you I will help pay for your legal defenses if you are caught, and I will promise not to vote to convict you if I am ever on your jury.

Please, shoot away.

Re:Did anyone fool themselves..

[aXis100]

Rather than stop the spammers, how about making it illegal for businesses to have their products advertised via spam. It will be enforcible because they have to supply you with a link their product somehow...

If we remove the spammers customers, then they wont have an income stream.

It's a total scam.

[grub]

..just like the anti-virus industry. The laws have glaring loopholes through them but were worded well enough to calm down the masses. Now the anti-spam software industry will grow like mad as spam continues to flood inboxes. It's no coincidence that Microsoft was consulted on the spam laws, they have a vested interest in the after market antispam business.

Re:It's a total scam.

[Otter]

I may just be "the masses" but this looks like a huge win:

• It bans forged headers (which is huge for me, as I get bombed by hundreds of returns every day from some moron forging my domain, plus retaliations from the idiots who know enough to be a nuisance but don't know that headers can be forged).
• It bans address harvesting, meaning a potential end to obfuscating addresses, a huge PITA.
• It provides a national opt-out list!
• It requires a real opt-out mechanism, instead of the situation today where we're afraid to use them.

So what are these loopholes everyone is talking about? I'll revise my opinion when someone explains them, but so far all I've seen is random yelling.

Yeah, Microsoft and AOL wrote this to suit their own interests. You know what? Good for them. If a bill can slash the number of scumbag spams I get, bless Bill and, uh, is Steve Case still there? Anyway, this isn't Arctic drilling -- a faulty anti-spam law isn't going to be with us forever.

Re:It's a total scam.

[Hoser+McMoose]

Umm.. Microsoft does not currently offer any anti-spam products.

On the other hand, they pay probably hundreds of millions of dollars to deal with the spam problem. Hotmail.com receives at least a billion spam messages a day, and probably closer to 2 billion. Do you know how much money it costs Microsoft to pay for that bandwidth? How many extra servers they have to pay for? Not to mention how much they're already paying third-parties anti-spam software companies?

And that isn't even starting to touch the huge amount of lost productivity at Microsoft caused by their employees receiving boatloads of spam (think: computer industry company with tends of thousands of employees, you better believe that MS recieves a lot of spam).

There is no way that MS is ever going to cover the expense of their receiving spam by any products. Trust me, MS wants spam to stop just as much as any other major corporation that has to deal with the problem.

Re:It's a total scam.

[WuphonsReach]

It bans forged headers (which is huge for me, as I get bombed by hundreds of returns every day from some moron forging my domain, plus retaliations from the idiots who know enough to be a nuisance but don't know that headers can be forged).

Hmmm, so the people who are currently using forged headers are suddenly going to start behaving and obey a new law? Why? What benefit do they gain by no longer forging headers? This does nothing to fix the issue of forged headers other then to merely say "it's a bad thing". Spammers don't care about some silly laws.

It bans address harvesting, meaning a potential end to obfuscating addresses, a huge PITA.

Again, the people doing address harvesting are not the most upstanding citizens in the first place. Might have some effect, but only on the 1% of spammers who thought that spam was a legitimate way to market a product and who actually care to follow laws.

It provides a national opt-out list!

You mean an international opt-in list? Because that's exactly what the list will be treated like outside of US borders. The only reason that the telephone opt-out list works is because (a) the sender pays for the call and (b) the phone system keeps records of every phone call. E-mail has no centrally controlling authority.

It requires a real opt-out mechanism, instead of the situation today where we're afraid to use them.

Rather naive to think that suddenly all of those spammers who are using the current opt-out links to verify addresses are suddenly going to give up that tactic.

This bill is nothing more then a placebo pill so that the masses think that congress did something. The actual effect is going to be zero-zilch because spammers already don't play by the rules.

Loopholes, eh?

[Loki_1929]

Guess we're stuck with Plan B.

(Just Kidding)

Re:Loopholes, eh?

[pyros]

Why not just get a machine hooked up on a network that will allow it and have it do nothing but send properly labeled emails to the retards who wrote this, on the order of thousands a day. If we can just squat and flood their inboxes, and their servers, within the bounds of the law, we can show them that the law sucks. And then we'll probably be sent off to Cuba as terrorists for depriving Congressmen access to their IT infrastructure.

Re:Loopholes, eh?

[Wolfier]

Death threats don't work. C&D letters that make you sound like a lawyer do.

Alternatively, we can put contacts of companies who hire spammers onto spam lists to let them taste their own medicine.

Re:Loopholes, eh?

why isnt this done? it sounds fun, theres lots of underground movements like warez, im sure some can conjure up impressive looking letters for the US spammers (which we already have address to).

I did sign up some Alan M Ralsky to lots of FREE!!! magazines.

MS Legislation

Microsoft co-authors a piece of legislation that goes easy on spammers? I say they're just sharing the love they got from the "don't let us catch you doing it again" DOJ verdict they got.

As for AOL, they should change their "You've Got Mail" to "You Ain't Gonna Stop Getting Mail" voice. So easy to use, no wonder it's number 1 indeed.

Re:MS Legislation

[rworne]

Actually I think that was the:

"Don't let us catch you doing that again, again" DOJ verdict. MS is a two-time loser.

Spammers need to be SHOT

...end of story. The filthy assholes have NO sense of responsibility. They don't care that they're pissing people off every day or that spam traffic is choking the internet. Kill 'em all, and make 'em suffer.

Re:Spammers need to be SHOT

[cgranade]

And apparently, you see no sense of responsibility, either. Nor do you seem to care about pissing people off. Violence won't solve spam- it's a problem that is rooted deeper in the culture than "there are evil people: kill them." For instance, the problem could have been kicked a decade ago if more people took the problem seriously and didn't say that it was only an annoyance. Furthermore, if mega-ISPs like AOL and MSN actually tried to block spam, or if gov't-owned ISPs such as KoreaNet were less sesceptible to hacking, then we wouldn't be getting near the same level of spam today. But, alas, we have the problem and killing the spammers won't help. Why? Because there is a system now in which there is money to be made from spamming, so more spammers will rise to take their place.

Re:Spammers need to be SHOT

[quantaman]

Kill 'em all, and make 'em suffer.

Compiler Error: Statement "make 'em suffer" is unreachable

Re:Spammers need to be SHOT

[brucet]

Careful now

-Bruce

Re: Spammers need to be SHOT

[demo9orgon]

I find it unfortunate that it took an AC to say the obvious.

The needs of the many outweigh the needs of the few and nobody needs spam except the amateur P.T. Barnum's of the world who know that some fool somewhere is going to think the email they just recieived is anything more than a "ping" with a bandwidth "hoover" attached to it.

The law is of no use to anyone here except the politicians, who see another way to take taxpayer dollars and a possible vector to ratcheting more control over what people do or say on the Internet.

When someone forms a professional, international association that is underground, working with cells and transferring funds through a system of hard-to-track parcels and couriers that can "touch" spammers and let them know that they have screwed up and that the law cannot help them. They get one warning and a probation period. After that, they're a bounty. Imagine the time and money that would be saved by large corporations or even individuals who could effectively stop the problem for a relatively small ammount of money.

In some countries, such a system has existed and is usually affiliated with trafficking controlled materials and protecting said supply-lines. It would be nice to see something like that influencing the idiots who think they've just found a get-rich-quick scheme.

Idiots don't care unless you tap them on the shoulder and let them know that someone they have affected can touch them back.

And the idiots that don't learn.
They need to be double-plus touched.

It's not just double-speak,

Re:Spammers need to be SHOT

You only have to kill two people, but they should be done within the same week: One in the USA and one overseas. Kill them and brand the word SPAMMER on the body. The news wires will pick it up the stories and spammers will know that merely spaming outside of any one country is no defense.

If you'll excuse me, I have an alibi to establish.

Re:Spammers need to be SHOT

[e_AltF4]

twice - just to be sure :-)

Re:Spammers need to be SHOT

[Haeleth]

"Kill 'em all, and make 'em suffer."

Compiler Error: Statement "make 'em suffer" is unreachable

Not necessarily. For example, the parent poster may be among those who believe that the wicked are doomed to spend all eternity burning in the fires of hell. Even an all-merciful god might be prepared to make an exception for spammers.

Re:Spammers need to be SHOT

Not at all, pal. I'm an agnostic.

Still, it is a nice thought. I'd love to see the spammers burning like a tire dump for all eternity...

Re:Spammers need to be SHOT

[esnible]

To stop spam we must make it so ineffective that it generates no revenue.

One technique is to frighten the average spam respondee. I propose that a white-hat spammer send out an advertisement for Viagra. Everyone who replies gets their full names and city listed on 'impotent-and-small.com'.

Re:Spammers need to be SHOT

[jcr]

Violence won't solve spam-

Maybe, maybe not, but it's worth a try.

-jcr

Re:Spammers need to be SHOT

I'm not sure about any of this, jst somethink i've thought about:

claiming oneself to be christian, heathen or in your case agnostic is generalization and/or "moores law" like:

We may find beliefs that "fits our angle" but they're all part of mans logical sense and looks reasonable. However they are not complete, since reality is ever so complex (explaining the "theoretically this should work" saying).

They're more like short sets thats compatible with a mans current perspective on life/reality, but when he learns more and get broader perspective, he finds how much they are lacking.

In short its creating closed-minded people, but thats every religions ultimate goal, to preserve it self. Even though beliefs like the "agnostic" is very harmless and reasonable, it is no different from the church that tells its disciples:

"your faith is but a seed, which needs nutrition and care, so it can grow big with strong roots"

Effectively making people fanatics.

Recognize that your view on reality is limited by your senses and your minds capability of understanding. Can a being really understand its own existence?

No, go after knowledge that is logical and gives perspective, heres some, every "living" (in common sence, not some scientists term something that consumes and wastes are living henche a car is living) thing on this planet need oxygen (well most stuff anyway including us) every minute to survive. If you've been inside a jail and not seen the sky in years you would be thrilled to see it again.

Here we have beauty in the logical sence of a mans outburst when he see blue sky once again, then we have the knowledge that not many other planets are habitable for beings like us. We also understand the belief that maybe people should suffer a little to be able to have fun, even be happy.

yes pain give perspective and its awfully nice when its over but i wouldn't ever bring it upon any other being, or advice this belief.

In any case here we have a good reason most people, every 3rd actually, are willing to do something for the environment.

Only way to fix this...

Post you politician's e-mail addresses everywhere you can. Don't sign them up for SPAM, as that wouldn't be opt-in. Let the spiders find them and hit 'em hard. See if they support it then.

What a bunch of morons. Why do I vote again? Oh yeah, I stopped voting since I realized it doesn't matter who wins - things only get worse but never improve.

Re:Only way to fix this...

[phorm]

I would highly doubt that they check their own mail without having it filtered through somebody first anyhow. Likely it passes through antispam, then through a person, then to the recipient (and if it's opposing their views, into the great round filing cabinet).

In the end, it would probably be up to their technicians to solve any spam problem, and the screaming load on the servers would just be footed at the expense of taxpayers.

Re:Only way to fix this...

[mcpkaaos]

Why do I vote again? Oh yeah, I stopped voting since I realized it doesn't matter who wins

If you don't vote, then guess what? You don't get the right to bitch and moan when things don't go the way you want them to, plain and simple. It's fucked up, this political system we have, but at this point in time our only voice is by voting. I know you feel rebellious to say it, but understand that this is a very real case where if you aren't trying to be a part of the solution, you are, by default, a big part of the problem.

Post you politician's e-mail addresses everywhere you can

Politicians doubtfully are the first to read their email. More than likely you'd be targeting an intern, whose job is to wade through the inbox to pick out the handful of real emails. I don't think your point will get across to them, do you?

Re:Only way to fix this...

You don't get the right to bitch and moan when things don't go the way you want them to, plain and simple.

Does the OP pay taxes? yes? well, yeah, then he's got a right to bitch.

Re:Only way to fix this...

If you don't vote, then guess what? You don't get the right to bitch and moan when things don't go the way you want them to, plain and simple.

I thought only congress could vote on wether or not to pass a bill?

Isn't bitching and moaning the way we're supposed to get politicians to realize that there's a problem?

So since he's not in congress, then he doesn't have the right to convince congress that there's a problem?

Re:Only way to fix this...

[Afty0r]

Politicians doubtfully are the first to read their email. More than likely you'd be targeting an intern, whose job is to wade through the inbox to pick out the handful of real emails. I don't think your point will get across to them, do you?

While true, when the politician has to pay 8 interns to read their email instead of 1 intern, and they all complain about the amount of disgusting porn they are seeing, they might be more likely to do something about it.

Re:Only way to fix this...

[NewtonsLaw]

Yeah, but the current "democratic" political systems being used around the world are not democratic at all.

What's needed is a significant change that empowers *the people* to have the final say on attempted government abuse of rights and excesses.

Although this paper was written with a different political system to the US in mind (the Westminster system) it's still every bit as applicable to the USA.

Take a look and ask why citizens aren't demanding this "final say" in laws that are passed?

Recoverable Proxy.

Re:Only way to fix this...

[droleary]

If you don't vote, then guess what? You don't get the right to bitch and moan when things don't go the way you want them to, plain and simple.

George Carlin has a hilarious routine that argues just the opposite: those that participate in a system they know to be wrong have no right to complain when it behaves as expected. Only those who do not vote can reasonably say they are not responsible for the misdeeds of those who have been elected to office.

It's fucked up, this political system we have, but at this point in time our only voice is by voting.

If you really believe that is your only voice, you are as powerless as those you vote for want you to be. If you instead believe your cause is just, revolution is possible. That may sound like terrorism to some, but I shouldn't have to point out to anyone on Slashdot that from the perspective of England, the actions in the American Colonies were just that. Or, to quote an American President 40 years dead: "Those who make peaceful revolution impossible will make violent revolution inevitable." -- John Fitzgerald Kennedy

Re:Only way to fix this...

[geekoid]

Before I begin, I would like to state that I vote.

"You don't get the right to bitch and moan when things don't go the way you want them to, plain and simple"

No. nowhere in the constitution does it say the right to speech is governed by whether or not you vote.

The fact that they feel disenfrnchised mean us voters need to work at showing them that getting involved does, in fact, work.
I would hate to miss a good point someone may make because they didn't vote.

" but at this point in time our only voice is by voting."
Actually, writing letters, emails, collect petotions, join like minded political groups, letter to the editor of you local newspaper, etc ...
we have many voices. The just need to be used.

" I know you feel rebellious to say it, "
haha, The Irony of feel rebillous doing something most people do is often lost on the young. ;)

" but understand that this is a very real case where if you aren't trying to be a part of the solution, you are, by default, a big part of the problem."
so that means, if you like the way things are going and do nothing, you're part of the solution?

"Politicians doubtfully are the first to read their email. More than likely you'd be targeting an intern, whose job is to wade through the inbox to pick out the handful of real emails. I don't think your point will get across to them, do you?"

actually yes. When they get 200 viagra ads an hour, and they can't opt out, they'll get the picture.

A lot of money went into campaign coffer to stop the telemarketing bill, and it still passed.

I forget who daid it, but Jr. Senators used to get told:
"If you can't take there money, drink there liquor, and fuck their women, and then vote against them, you're in the wrong line of work"

Mostly paraphrased.

Re:Only way to fix this...

What's needed is a significant change that empowers *the people* to have the final say on attempted government abuse of rights and excesses.

Ahh, but we do have the power! Here's how it could work. 60 million Americans use KaZaA. That's more Americans than there were voters for the last president. Suppose that KaZaA did a little research into the candidates for the next race, and labeled them 'good' or 'bad' based on their record dealing with the file sharing issue. Now, KaZaA releases a mandatory upgrade to their app, get it or get disconnected. Inside this upgraded app is the code to display and print "The List" around election time. In addition, there is a built in network shutdown that occurs on election day. Open the app on election day and get a dialog "Vote today to make sharing legal tomorrow. Don't vote Republican, don't vote Democrat. Vote AGAINST the people responsible for lawsuits against 12 year old girls and grandparents!". It then requests that you enter your Zip code and it spits out your printable KaZaA approved politicians list. After printing, the app closes, because today you VOTE. I promise, "national no file sharing day" will not be all the RIAA had hoped. If just a fraction got up and voted KaZaA style, landslide KaZaA victories would occur all around the country. That, IMHO, is very plausible and would certainly get the attention of our leadership in ways even contributions can't.

Back in the old days, people would start a whole newspaper just to slander/expose bad politicians. Things are different now because big corporations own the popular media. KaZaA potentially has 60 million voters at their disposal. It would be civically irresponsible for them not to do this!

I realize this is really off topic, but it's time they started to listen to us again. They work for us, and they damn well better start acting like it.

Re:Only way to fix this...

[Zirnike]

Goddess, no... That's an TERRIBLE idea. The masses vote for laws that benifit them, and to hell with anyone else. Free speach would be killed off by that kind of change. Blacks and women would have never gotten the right to vote. Etc. etc.

Never make the mistake of thinking that the majority of people are less stupid than the average person.

Re:Great Link No Goatse here!

Can you say..Moooooooo

Is this really his name?

[m0smithslash]

"We're really, really happy that SB 186 will not see the light of day," said Al DiGuido, chief executive of e-mail service provider Bigfoot Interactive, New York.

Ok, is this really the name of a spammer or is this a hoax?

Re:Is this really his name?

Nice Shirt

The law was not about stopping spam

Our government will shortly be saying that they can not regulate Spam unless they can watch all things moving across the wire. This includes the Net and Voice. The US government is slowly setting up the reason for why they have to monitor everything in our lives.

Re:The law was not about stopping spam

If you think Big Brother is watching:

1. PGP for email.
2. Cash for transactions.

Re:The law was not about stopping spam

[BostonPilot]

"slowly" ?????

Re:The law was not about stopping spam

[anthony_dipierro]

Both of which are illegal in certain situations.

Re:The law was not about stopping spam

www.cloudshield.com

Re:article text

[sqlrob]

"My guess is the number of people willing to risk that amount of fines and jail time is not many," said William Nussey, chief executive of Atlanta e-mail service provider Silverpop.

Like that's stopped those spammers that trojan machines. They'll just keep going, and now add "legitimate" spam to the mix. Stuff is going to get a *lot* worse

Obligatory defeatest, cynical comment

[fiannaFailMan]

"This bill is not going to single-handedly eliminate all the spam in the universe overnight all by itself, therefore it's a waste of time and not worth the bother and typical of big government trying to control things and yadda yadda yadda...."

Re:Obligatory defeatest, cynical comment

[sketerpot]

You're either missing the point or trolling. I'm going to give you the benefit of the doubt and assume the former.

This gives credibility to spammers as long as they label their spams in an unspecified way and include a working way to opt out. It overrides tougher state laws, and so it makes things less tough on spammers, while appeasing voters who just look at the headlines. And you.

no, it's meaningless

I hate spammers, but this law is meaningless, as are ALL anti-spam laws:

1. Spammers will ignore the law. Which leads to the next point:

2. Laws are meaningless unless enforced. How will it be enforced? When I get hit with spam that violates this law, who do I complain to? Who will investigate my complaint and then pursue and punish the spammers?

3. Where will all the money and resources come from to enforce this law (see point #2 above) -- to actually enforce this law will take FAR more money and resources than anyone realizes or will admit.

And even if significant money and resources are allocated to enforce the law:

4. What about all the spam originating from servers outside the U.S.

Re:no, it's meaningless

[TheCoop1984]

most spam comes from the US. The UK is implementing a much harsher anti-spam law (opt-in), but it wont do diddly-squat since most spam comes from outside the uk ie the US.

Re:no, it's meaningless

[pyros]

most spam comes from the US

maybe the spam you get does, but most of the spam I get comes from Asia and South America. I sincerely hope you don't just see the masses of email that say they are from aol.com, hotmail.com, msn.com, and yahoo.com and believe them without tracing the headers (have a look at spamcop.net if you're not at all familiar with it). Basically Spam only comes 'from' the U.S. en masse in that there are people in the U.S. who offer the service of sending it. But they actually use offshore PCs, mostly in Asia and South America, because they would be perpetually signing up for new service providers if the used domestic servers, as the ISPs drop customers very quickly for such actions.

Re:no, it's meaningless

[rhizome]

Spamcop puts your address in the report it sends to the spammers and their ISPs!

Re:no, it's meaningless

Funny, first you say this:

most of the spam I get comes from Asia and South America

Then you say this:

there are people in the U.S. who offer the service of sending it.

So which is it? If the company is sending is IN THE US, it doesn't matter where the sending MTA is - the spam is coming FROM the US.

Re:no, it's meaningless

[thentil]

How will it be enforced? When I get hit with spam that violates this law, who do I complain to? Who will investigate my complaint and then pursue and punish the spammers?

I shouldn't *have* to complain to someone, or rely on someone else to protect me - if I'm spammed, I want the ability to file a lawsuit - which this legislation prevents. The SEC is supposed to protect me from fraud, too - but they haven't been doing too good a job recently. If you call the FBI about fraud, they won't do anything unless your losses are above xyz amount. The point is, the government should be enabling the individual to protect himself, not forcing the individual to rely on an underfunded, overworked, special-interest-and-politically-compromised body.

Re:no, it's meaningless

[abischof]

That's not correct. Spamcop sends reports on your behalf from an anonymized address (something like anon30957@spamcop.net).

Re:no, it's meaningless

[Progoth]

I hate spammers, but this law is meaningless, as are ALL anti-spam laws:

exactly. I just wrote a fairly crappy (but I got a 100!) paper on this very topic. I've posted it before, but here it is again: http://www.progoth.com/spam/termpaper.html. I really do hate politics sometimes...

Re:no, it's meaningless

[TekPolitik]

What about all the spam originating from servers outside the U.S

The way things are going, everywhere outside of the US will have a real anti-spam law before the US does. This opt out piece of crud doesn't qualify as anti-spam.

While Americans are running around saying "spam will come from other countries that won't fall in line and ban spam", they fail to realise that the US is the very country that isn't falling in line and banning spam as is being done outside the US.

Re:no, it's meaningless

[pyros]

If the company is sending is IN THE US, it doesn't matter where the sending MTA is - the spam is coming FROM the US.

It sure matters to me. If service providers don't allow customers to send 500 million bulk emails a day then the spam problem will be greatly reduced. Do you seriously think that U.S. spammers use offshore servers because it might not be legal here? They do it because service provides here won't tolerate it. Over here if you are suspected of using your service to send spam, you will be dropped faster than you can puke hormel. A legal solution to the problem would require an effective global enforcement agency. I believe the only way to overcome the problem is for the community to do it, and that means don't give bandwidth to the people who do it.

Re:no, it's meaningless

4. What about all the spam originating from servers outside the U.S.

And the tougher the US laws are on spam, the more it encourages people to operate overseas. All the profits from this "Email Spam Industry" end up in some foreign bank account, and it hurts the US economy.

I think this is true for any Internet law that only applies to the US.

Re:no, it's meaningless

I'd really like to know how this affects people who use systems as a relay.

Today, I dealt with a mellow lot who got their new broadband connection and (ahem) a Windows 2K SBS server a month-or-so ago. The company doing the *professional* installation ($30k) didn't bother to set the relay rules. The poor fuckers pushed 2G of somebody else's spam, and ended up with 800-odd "exchange queues" (which are a nightmare to kill, if you've ever been in that position).

Bad news. And how is *that* guy gonna pay? He's not, the IP traced back to a machine in Brazil. We're in New Zealand. End of story.

And, it's happened to a few sites in my city in the past week -- we're in the firing line.

End of story: nice for the US. Useless for the rest of the world. Typical.

Re:no, it's meaningless

most spam comes from the US via foreign servers.

It's still californians sending it.

Re:no, it's meaningless

I seriously doubt the taxes on spammers are enough to matter. IF they pay taxes at all, being such a legitimate business as they are.

The US knows better than to beg from small-time crooks, it goes to the ones with real money.

Re:no, it's meaningless

[JuggleGeek]

Most of the spam you get may be routed through machines overseas, but most of it is still probably advertising for businesses located here in the US. It's sent by US spammers, advertising for US businesses and US conmen. (From where I sit, any business advertised by spam is a con, but I'm assuming there may be a dividing line that I can't see.)

See http://www.spamhaus.org/rokso/index.lasso for their list of the top 200 spammers. I counted (once, quickly) by hand, and actually found 160 listings. Then I counted just the ones that were not based in the US. 30 entries from other places, and 130 from the US.

And I suspect that every spammer on the list, US based or not, is in favor of the "You Can Spam" law that they are trying to pass.

Re:no, it's meaningless

[pyros]

You're the fourth person to 'point that out', and I've responded twice already. I used quotes there because I even said that there are U.S. based spammers who use offshore servers in my original post. You're numbers don't add up to me, out of 200 spammers you found 160 listings of what? I would assume spammers based in the U.S.. So that leaves 40 not based in the U.S., but then you say 30 entries from other places, and 130 from the US. Since they add up to 160, I'd have to assume that is the division of the original 160 you mention. But that conflicts with my prior assumption. Is it 130 U.S. based spammers or 160? Either way, I don't think the law will change anything. Service providers here don't like spammers, someone else suggested offshore servers are just cheaper. I tend to think it's just that offshore servers are more numerous than domestic ones.

Re:no, it's meaningless

[JuggleGeek]

Spamhouse describes it as the top 200 spammers, but when I did my own (admitedly quick, and possibly not accurate) count, I counted 160 on the list. Of those 160 on the list, 30 were based out of the US. The other 130 were US spammers. Even if they use offshore hosting, if the spammers are in the US, and the products/companies/scams that they advertise are in the US, then they are US spammers, IMO.

In some cases, I'm sure it's a matter of offshore sites that are simply willing to host spammers, or who are willing to host them cheaper. But in many cases, I believe that the spam routed from overseas is sent via open relays and similar things.

Re:no, it's meaningless

[pyros]

Spamhouse describes it as the top 200 spammers, but when I did my own (admitedly quick, and possibly not accurate) count, I counted 160 on the list. Of those 160 on the list, 30 were based out of the US. The other 130 were US spammers.

ah

Even if they use offshore hosting, if the spammers are in the US, and the products/companies/scams that they advertise are in the US, then they are US spammers, IMO.In some cases, I'm sure it's a matter of offshore sites that are simply willing to host spammers, or who are willing to host them cheaper. But in many cases, I believe that the spam routed from overseas is sent via open relays and similar things.

I seem to be in the minority of thinking a global problem needs to be viewed in terms of global effort to stop. The proposed law is stupid. Any law proposed would be stupid. Even if it proved effective for U.S. operations, there will still be servers in the rest of the world sending spam, which is the point I was trying to make, apparently poorly. To make a poor analogy, there are probably 'businesses' in the U.S. which drive certain drug trades, but getting rid of those 'businesses' will just open the door for the next one. You ave to take away the infrastructure which is used by those 'businesses'. Remove the cause, not the symptom. I guess we just have different views on what the cause is in this case.

Re:no, it's meaningless

[proj_2501]

except when sending reports to an ISP who refuses the anonymized addresses, such as verio.

this is by request only, though.

From the you've-got-spam dept.

[cgranade]

I wonder if AOL would pay more attention to this if they had to record someone saying "you've got spam!" to be played six times for everytime the "you've got mail!" sound plays. Perhaps then they'd actually try to do something about it.

Re:From the you've-got-spam dept.

[fiannaFailMan]

I briefly used an AOL dial-up account before I got DSL. I never told a single soul about my AOL email address and never used it. After a few months I thought I'd check my AOL email for the first time just for the hell of it. There were about 500 messages in there, all of it spam.

A Bill Name that Makes Sense

[chickenwing]

I thought polititions were smart about naming bills (USA Patriot) so that they could dupe the electorate into thinking anyone who didn't vote for it was the spawn of Satan.

I don't know how signing a bill called "CAN Spam" is going to help anyone get re-elected.

Re:A Bill Name that Makes Sense

[glenrm]

I think of CAN like put it in the trashCAN or CAN it buddy, oh crap I sound like a sixty year old...

Re:A Bill Name that Makes Sense

[EmbeddedJanitor]

Joe sixpack thinks: All the SPAM comes from Canada. Gotta tighten up the fences... Better give the border security folks more guns to shoot up the foreign threat.

Re:A Bill Name that Makes Sense

[Misch]

Can:

1.c. Used to indicate possession of a specified capability or skill: I can tune the harpsichord as well as play it.

That's the can that got passed here.

Re:A Bill Name that Makes Sense

[HTH+NE1]

I don't know how signing a bill called "CAN Spam" is going to help anyone get re-elected.

It's the same doublespeak that brought us Operation Enduring Freedom.

Re:A Bill Name that Makes Sense

[BrynM]

It's the same doublespeak that brought us Operation Enduring Freedom.

I'm being a bit trollish and offtopic, but I can't resist sharing a friend's view of Operation Enduring Freedom: Bush is only enduring freedom until it can be legislated away.

Gripelog?

[willfulbard]

A post at Ed Foster's Gripelog

Does that make it a glog?

Re:Gripelog?

No more than a weblog is a wlog.

Welcome to reality, Mr. Morrissey

[RobertB-DC]

So Brian Morrissey, the Senior Editor of the DMNews, thinks spam isn't all that bad. That consumers shouldn't be able to sue to take back their inboxes.

I guess we can't say he's not putting his money where his mouth is, though... he put his email in a clickable link right there on the DMNews.com site.

Of course, some spammers may exclude dmnews.com from their spidering. That does Mr. Morrissey a huge disservice! Clearly, unsolicited email is something he strongly supports, and we should help him in any way we can.

So if anyone would like to include bmorrissey@dmnews.com on their email list, I'm sure Brian Morrissey would not mind at all! After all, Mr. Brian Morrissey (whose email address is bmorrissey@dmnews.com) is Senior Editor of "The Online Newspaper of Record for Direct Marketers." He probably knows the Webmaster and the Postmaster, too, and I'm sure they would never consider UCE to be Abuse.

This has been a public service of the Slashdot community. Don't worry, you can thank us later!

Re:Welcome to reality, Mr. Morrissey

[segment]

So Brian Morrissey, the Senior Editor of the DMNews, thinks spam isn't all that bad.

Shit... I think spam is actually pimped in an omelette, on crackers, chicks, macaroni and cheeze (kraft), and after some beers when you don't feel like cooking. Seriously though... I agree with you on Mr. Morrissey. I mean how dare he have an opinion, that's so uncharacteristic of someone to have an opinion. Making judgments for himself, and expressing his thoughts shit man someone ought to teach him a lesson. Why don't you join Ashcroft and pull for the asinine Patriot 2 act, and teach this luzer a lesson. I'm with you there buddy.

No freedom of thought!! ... Down with objectivism!!

Re:Welcome to reality, Mr. Morrissey

[RedHat+Rocky]

You are free to express whatever you want. You are NOT free, however, to avoid the responsibility for what you express.

Opt- out works for regular mail

[acomj]

The DMA (Direct Marketing Association) web page has an opt out of junk mail page hidden in there somewhere, where for 5$ via internet or free via mail you can opt out of junk mail. I did it and it works remarkable well. It takes time to start up , but all members of the DMA are required to not send to addresses on the opt out list.

I was pleasantly surprised.

Of course one has to wonder how many spams are from legit businesses that are members of DMA?

Re:Opt- out works for regular mail

[CrazyDuke]

While it may be a lagitimate creative business in the United States of America, in most parts of the world, that is called extortion.

Re:Opt- out works for regular mail

Here's the link.

Re:Opt- out works for regular mail

How is it extortion if it is free? Dumass.

Re:Opt- out works for regular mail

[CrazyDuke]

"How is it extortion if it is free? Dumass."

Besides the obvious...*cough*dumbass*cough*

". . . 5$ via internet. . . "

Last time I checked $5 wasn't free. Oh, I suppose you mean:

". . . or free via mail. . . "

Please tell me, where can you mail stuff for free, that would really help. Oh, and you think your physical address is worthless? Oh, great, not instead of spamming your inbox, now you get flooded with "offers" in your mailbox.

This is of course assuming your letter doesn't get misplaced in the circular file.

Re:Opt- out works for regular mail

[cyberformer]

Of course one has to wonder how many spams are from legit businesses that are members of DMA?

Very few right now, because of state anti-spam laws. However, the federal You Can Spam act will make these unenforcable, so many otherwise-legit businesses will soon start spamming.

The one hope is that sensible companies will see that spamming is ultimately self-defeating: For every sucker who buys as a result of a spam, millions more people will decide to boycott the company advertised. Unfortunately, a lot of companies are run by idiots. Prepare for SMTP to be rendered completely useless early next year.

Re:Opt- out works for regular mail

Wow you're stupid. That $5 internet/free by mail thing is talking about SPAM BY MAIL, not EMAIL. And if you can't afford 32 cents to stop getting junk mail, you're a freaking retarded dumass (like the gp said).

Re:Opt- out works for regular mail

[CharlieG]

Disclaimer - my wife works for a company that does direct mail, and USED to spam, but has given up on "spam"

MOST DMA members are fairly GOOD about not mailing/spamming you if you request off their mailing list. It's just common business sense - don't piss off potential customers

My wife helps "select" the names that get mailed, and they are VERY careful to remove all "Opt out" names from their mailings

Re:Opt- out works for regular mail

[anthony_dipierro]

There's a part of the world where it's illegal to send junk mail? What part of the world would that be? After all, extortion means that you're threatening something illegal.

Re:Opt- out works for regular mail

Well, exquige me for assuming the gggp was on topic instead of going off in a tangent.

Re:Opt- out works for regular mail

The Red Herring argument.

Re:Opt- out works for regular mail

[haxor.dk]

5$ to stop recieving something you didn't want in the first place ?

Extortion tactics.

Re:Opt- out works for regular mail

[dsmoses]

The $5 charge is only for their opt-out of postal mailings.

There is a free opt-out of emails internet registration.

Re:Opt- out works for regular mail

[JuggleGeek]

The DMA admins the MPS - Mail Preference Service. Likewise, they have something called EMPS - EMail Preference Service. You can sign asking that they not market to you.

The DMA requests that their members honor those lists. The DMA does not, however, require their members to honor those lists.

I'm sure that some of the marketers actually do remove you. I've also heard of people signing up using a fake name, or adding a apartment number (even though they have a house), and having mail come to the fake name or with the Apt # in the address, so at least some of the marketers use that list as a way to *find* people to market to.

Personally, I get very little junk mail, and I haven't signed up, because in my case I think it would be more likely to increase the amount I get than to reduce it. If I were already getting a lot of junk mail, I'd sign up.

So let me get this right

[jlechem]

It's not going to stop SPAM just make it honest. They have to provide a real address, label it as commercial, and provide an opt-out that really works. How does this keep me from getting SPAM? I don't give a rats ass about opt outs or addresses I don't want this crap in my in-box to begin with. I'm not even going to mention the bastards overseas who are under no obligation to follow these rules( like they would if they had to anyway).

Re:So let me get this right

[lurker412]

It's not going to stop SPAM just make it honest.

Yeah, right. And Microsoft is going to make Windows secure.

Re:So let me get this right

[Dimensio]

It's not going to stop SPAM just make it honest.

Oxymoron.

Re:So let me get this right

[anthony_dipierro]

How does this keep me from getting SPAM?

In and of itself, it won't. But if a spammers are honest about who they are, then it'll make blacklists much easier to use.

I'm not even going to mention the bastards overseas who are under no obligation to follow these rules( like they would if they had to anyway).

And that might be the best part. If spammers can survive under US laws, then they won't have any incentive to move abroad. Sure, it's bad for the idiots who don't know how to use filters, but it's good for us techies who do know how to use them.

Re:1st freakin frack

Mr Troll,

With this first post, you are spoiling us!

DMNews is Amusing

[zeasier]

The site has rather conservative advertisements. For example no pop-ups or animated adds in the middle of a text body. What would the site look like if it had the same advertising to content ratio direct marketeers create in their mediums?

government is bass-ackwards

[happyfrogcow]

!thhp ...tnemnrevog gib

Only improvements to SMTP will fix spam

[KeithH]

The US government still hasn't clued in to the fact that The Internet is a global resource. As such, local entities such as governments are going to have very little power to control it.

The proper solution is to get off our butts and start migrating away from SMTP.

Re:Only improvements to SMTP will fix spam

I agree. A new mail protocol that prohibits clients from sending mail with forged headers would be a good start. People who want anonymity can stick with the old SMTP protocol.

Re:Only improvements to SMTP will fix spam

[wtrmute]

Yeah, just like we migrated away from NNTP and will have to migrate from Instant Messaging, and heck, why not Bluetooth?

Anything which can be used to communicate can be spammed, so moving over won't really accomplish anything other than rack up huge costs in replacing infrastructure...

Re:Only improvements to SMTP will fix spam

[alienw]

How exactly would an improvement to SMTP stop spam? Why the fuck is everyone pushing SMTP as the problem? Really, SMTP is just fine as-is.

Spam is as fundamental a problem as junk mail and saying that SMTP causes spam is like saying that the shape of the envelope causes junk mail. SMTP has nothing to do with it. Really, in ANY e-mail system, if you can send someone an email, you can send them a junk e-mail. No improvements to any e-mail protocol are going to change that fundamental factor.

Shady Spammers Rejoice!

[Broadband]

With this new bill marketers must offer an unsubscribe link and respect it. However these is no guarentee your address might reappear by methods they'll claim were opt-in. Additionally we have all been trained that by clicking unsubscribe guarentees you MORE spam and not less. While *some* spammers might follow the rules and properly label their spam and offer reliable unsubscribe options, the shady spammers are guarenteed to gain. Their already operating illegally under a shroud of secrecy so being caught isn't really an issue and they might even see higher click throughs on their unsubscribe links :(

AOL/MSFT

[lunartik]

it's clear that only the Direct Marketing Association, Microsoft, AOL and a handful of others had any input into the law, because it's carefully crafted to allow the big marketers free reign. And the loopholes it provides them will be more than big enough to provide aid and comfort for the smallest and sleaziest of spammers as well.'

AOL and MSFT probably deal with more spam headaches than anyone else. I don't really notice them using spam, just trying to filter it in vain from their services.

Re:AOL/MSFT

"This address cannot be blocked".

That's the message Hotmail gives, when I try to block SPAM I receive from Microsoft, even though I already have a white list that DOES NOT include their address (actually, the white list blank = no mail at all allowed, because I use the address for MSN Messenger / GAIM only).

Re:AOL/MSFT

Yes, that's because Hotmail is a free service. You don't want those mails, get a paid account at Fastmail or Runbox.

spam revenue structure

[slavitos]

I don't rememeber the source (I think it was UK research), but I read a report somewhere that said that the biggest "source" of income for spammers is not even the money they receive from 0.001% who do respond to their messages, but what they make when they re-sell the list (less bouncebacks, of course).

It looks like some bizarre vicious circle: the spammer doesn't even care if you are going to respond to the "opt-out" clause in their mailings simply because by the time the opt-out reaches them, they wil already have sold your address to 5 other spammers and made their money on you.

Am I wrong or the bill simply doesn't address the list reselling practice? (Granted, I haven't read the actual legislation - just the press coverage).

Re:spam revenue structure

[blamanj]

From the bill:

4.a. In general - If a recipient makes a request using a mechanism provided pursuant to paragraph (3) not to receive some or any commercial electronic mail message from such sender, then it is unlawful -
(i)...(ii)...(iii)...(iv) for the sender, or any other person who knows that the recipient has made such a request, to sell, lease, exchange, or otherwise transfer or release the electronic mail address of the recipient...for any purpose other than compliance with this act.

[Damn PDF for not allowing cut and paste.]

Re:spam revenue structure

[tb3]

Great, just great. Now, how the heck are you ever going to prove this in court?

Re:spam revenue structure

If you mean this PDF, you can cut a paste from it. For some stupid reason Adobe requires you to choose the "Text Select Tool" before you can highlight text. You can also crack "protected" PDFs to allow cut and paste, but I don't think the version you had was protected.

The people at Adobe who think multi-minute application launches are acceptable probably designed this as well.

Re:spam revenue structure

[slavitos]

Thank you (and thanks for typing that!). However, it still sounds that if they re-sell quickly enough, this clause doesn't protect you much.

Also, I noticed that many spamm... er.. marketers have pretty lax deadlines for themselves to take you off the list. "We received your unsubscription request. Please allow 5-7 business days for processing". (They might as well add "in those 5-7 business days we'll spam the hell out of you and rent your address to every spammer we know")

Re:spam revenue structure

[Shimmer]

The biggest "source" of income for spammers is not even the money they receive from 0.001% who do respond to their messages, but what they make when they re-sell the list

That would create a pyramid structure which, as we all know, is unsustainable. Since spam doesn't seem to be losing any steam, I don't think this theory could possibly be true.

-- Brian

Why?

[Angram]

"Under the federal law, consumers cannot sue og have sex at any given time."
"The bill bans harvesting of e-mail addresses from goatse.cx sites and breaking into computers to send spam."

Why did you add that junk to the article? Was it supposed to be funny or something?

Mod parent down.

Re:Why?

Don't you know that it's the latest trend in crapflooders?

http://en.wikipedia.org/wiki/Slashdot_trolling_p he nomena

Re:Why?

Organized trolling is not a way of life, it is life. Mod parent up!
TROLL KRU UNITE!

Re:Why?

"Organized trolling is not a way of life, it is life."

Nope, it's only a pitiful approximation of life, but you have to take what you can get. At least you know your limits.

We should ban all forms of marketing

If you think about it, marketing as a whole is idiotic. Marketing doesn't produce anything. It's just about steering the masses toward one product at the expense of a competitor, whose product could actually be better.

How about a world where you simply submit your new product to a system of independent reviews, which then informs consumers of their options? I think it would be much better than the system we have now, where effective marketing tends to border illegality.

Marketing isn't needed. Marketing is an ongoing demonstration that mankind is unsophisticated. Get rid of marketing.

Re:We should ban all forms of marketing

[innocent_white_lamb]

If you think about it, marketing as a whole is idiotic. Marketing doesn't produce anything. It's just about steering the masses toward one product at the expense of a competitor, whose product could actually be better.

I own and operate a movie theatre in a small town. I send a monthly flyer out in the mail that lists the shows coming up in the next month. That's marketing. I'm not competing with anyone else, I have the only theatre in town.

I'm still marketing, though.

Re:We should ban all forms of marketing

[Jarnis]

Sure you are. You are competing with other forms of entertainment. Television, internet, sports events...

Re:We should ban all forms of marketing

[Killshot]

Hmm i dunno
marketing can be annoying
but as long as we live in a society where people purchase or trade goods and services from each other.. there has to be marketing there is absolutely no other way except to live on a mountain and cut yourself off from all other people and only provide everything you need for yourself

The politicians dont get it .. yet

[elfuq]

I saw last week that something like 49% of the UK population now has regular access to the Internet. You'll start seeing significant percentages like that across industrial democracies. And, once they have been online for a while, well they are going to start getting seriously pissed about spam.

Maybe it will take longer in the US, as the politicians seem more insulated from the voters, and more beholden to corporate interests than other democracies, but those politicians are going to start getting the message loud and clear from a mojority of their electors 'FOR GODS SAKE DO SOMETHING EFFECTIVE ABOUT SPAM!!'

And why the hell would Microsoft be opposed to an anti-spam bill? Spam must cost them hundreds of thousands of dollars in Hotmail hardware, filtering and abuse staff.

Re:The politicians dont get it .. yet

[CrazyDuke]

"Maybe it will take longer in the US, as the politicians seem more insulated from the voters, and more beholden to corporate interests than other democracies, but those politicians are going to start getting the message loud and clear from a mojority of their electors 'FOR GODS SAKE DO SOMETHING EFFECTIVE ABOUT SPAM!!'"

Thats when our fun little corporate interests bri...err...convince parts of our government and other corporations to apply trade sanctions against any country that tries to pass any truely effective Anti-Spam legislation.

Foggetabatit!

[Txiasaeia]

"Hey Guido, I'm gonna make you an offer you can't refuse. Gimme five bucks, or my friends here with their big fucking baseball bats are going to practise on your kneecaps, tough guy. And no, wiseguy, you can't get a receipt. By the way, same time next week?"

Re:Foggetabatit!

It's free via snail mail, so that's not really fair. The telemarketing version also works wonders.

Re:Foggetabatit!

Mail isn't free and would you be so kind to explain why opting-out via internet costs 5$ even though it should be easier/cheaper to process for the DMA too? In case you can't think of a reason: It is not free, because they want to discourage victims from using an otherwise easy way out.

Re:Foggetabatit!

[luckyguesser]

...Or maybe they don't want to be flooded with emails? ...7...8...9...10...11... oh what the hell, that's long enough

If they spam you...

[pr0ntab]

then they are entering a business transcation with you.

At that point, feel free to inquire over, and over, and over again about all of their services, and not purchase anything. And their upstream marketing service providers. Chat up their 1-8xx call center staff. Try to see if they're free on Friday.

You will strangely find the front pages to all their websites VERY interesting, worthy of 200 views per hour. Especially all the images in the /images directory.

It's pro business, after all. Pro-ISP and Pro-Telcom... hehehe.

Re:If they spam you...

[Ophidian+P.+Jones]

Well, that might be a good idea, if we were all fucking losers like you with nothing better to do.

Oh yeah, look for some more reposts from me real soon, asswipe.

Re:If they spam you...

[Wolfier]

Relax and read between the lines.

I guess it's simply suggesting that we use wget or something like that, to automatically retrieve stuffs for later viewing....

And it may happen that, due to packet losses, we might have to do it again and again, like 100 times a second, to ensure the information we need is downloaded. ;)

Pro-spam

[Rank+Amateur]

There. You have it. The anti-spam bill is a pro-spam bill.
I still wonder how the government will justify the fact that spammers use, without paying a red cent, the facilities of others to do their dirty deeds.
This is in direct contrast to other direct marketers. Junk mail? Every letter requires a 37 cent postage stamp. Junk faxes and phone calls? These require payment by the sender of flat phone rates and calling charges.
Spam, however, is virtually free for the sender, piggybacking on other people's equipment. It's the first form of direct marketing *in history* in which the unhappy recipient pays (through increased ISP costs) for the priviledge of receiving messages.
The US government, in effect, has declared that all online citizens will be forced endure, and to pay for, receipt of unsolicited spam -- and, what's more, have no recourse, as private individuals, in the courts. A sad day overall.

Re:Pro-spam

[tickticker]

Excellent points... now where's my mod points when I really need them?

Re:Pro-spam

[djneko]

Bulk mail (junk mail) rates are SIGNIFIGANTLY cheaper than you or I sending a first class letter.

Go look at the what the metered postage on it says sometime. Those little postcards cost just a few cents to send. Except, they're now moving from human readable to weird scancode only, so you'll never be able to bitch that your junkmail cost them less to send to you than you have to pay.

Solution: Write return to sender on everything you don't want. Then go dump it in a post box somewhere across town. Pretty soon the post office will hopefully be pissed enough to raise bulk rates (but more likely we'll just have 45 cent stamps)

Re:Pro-spam

[Plugh]

There. You have it. The anti-spam bill is a pro-spam bill.

Most slashdotters understand intuitively the fact that laws just don't fix the problem, in such cases. Unfortunately, many are probably not aware of the detailed reasons why this is so.

Milton Friedman (a Nobel laureate) covers the details in his book Free to Choose, for which he and his wife (and co-author) received a Pulitzer Prize.

It's worth a read. You'll understand a lot more about how, and why, the world works.

Re:Pro-spam

but most people wont read that book, much less buy it, so just pick out whats relevant and make it easy understandable.

that requires intelligence, here is an example

http://www.arts.cuhk.edu.hk/humftp/E-text/Russel l/ agnostic.htm

I'm not sure about any of this, jst somethink i've thought
about:

claiming oneself to be christian, heathen etc etc or in
this case agnostic is generalization and/or "moores law"
like:

We may find beliefs that "fits our angle" but they're all
part of mans logical sense and looks reasonable. However
they are not complete, since reality is ever so complex
(explaining the "theoretically this should work" saying).

They're more like short sets thats compatible with a mans
current perspective on life/reality, but when he learns
more and get broader perspective, he finds how much they
are lacking.

In short its creating closed-minded people, but thats every
religions ultimate goal, to preserve it self. Even though
beliefs like the "agnostic" is very harmless and reasonable,
it is no different from the church that tells its disciples:

"your faith is but a seed, which needs nutrition and care,
so it can grow big with strong roots"

Effectively making people fanatics.

Recognize that your view on reality is limited by your
senses and your minds capability of understanding. Can a
being really understand its own existence?

No, go after knowledge that is logical and gives perspective,
heres some, every "living" (in common sence, not some
scientists term something that consumes and wastes are living
henche a car is living) thing on this planet need oxygen (well
most stuff anyway including us) every minute to survive. If
you've been inside a jail and not seen the sky in years you
would be thrilled to see it again.

Here we have beauty in the logical sence of a mans outburst
when he see blue sky once again, then we have the knowledge
that not many other planets are habitable for beings like us.
We also understand the belief that maybe people should suffer
a little to be able to be happy.

(yes pain give perspective and its awfully nice when its over
but i wouldn't ever bring it upon any other being, or advice
this belief at all in my current knowledge.)

In any case here we have a good reason most people, every 3rd
actually, are willing to do something for the environment.

Re:Pro-spam

[daftgirl]

Go ahead and write return to sender on the junk mail you get. The post office will just throw it away. Bulk mail does not usually include 'return to sender' or 'forwarding' service.

War is good for business

[Facekhan]

The more the laws are written by marketing companies that insist on their right to use other people's property to send their unsolicited and unwanted advertisements there will be plenty of anti-spam jobs and business opportunities for geeks like us.

In addition we can keep blacklisting large blocks of addresses as we please. That is the best private right of action that we have. As long as the DMA does not get a law passed that prohibits black hole lists and filters then we are at least empowered to protect ourselves with our ingenuity.

Deep down everyone is a Ferengi.

Abandon Email.....What choice do you have?

[Broadband]

It's really sad because as of late I have nearly abandoned email as an effective tool for corporate communication. To begin with spam is so terrible that any legit emails are bound to get lost. Yes I have a 98% effective spam filter but still 2% are lost and on top of that it took me months to train it to this level of reliability. Additionally with all the server side checks I'm finding that more and more of my emails never even reach the recieptants. Whether it be that the spam filter catches them or the mailserver deems my mailserver too small to trust. Are there ANY alternatives that seem to have the possibility to go mainstream or should I just continue to rely on my phone and fax for communication which sucks!

somewhere to send it all

[tickticker]

I just want the email address of somewhere to complain to so I can redirect all my spam at all the sites I administer from /dev/null to ?

administrator@whitehouse.org
postmaster@whitehouse.org for starters

any more suggestions?

--This sig is not spam

Will this interfere with blocking "legit" spam?

[weave]

OK, so this law is passed and everyone gets one free shot at spamming people. Will this little fed stamp-of-approval stop ISPs and businesses from filtering out this spam? Will spammers be able to litigate using the ole restraint of trade argument, if this is signed into law and makes spam legal?

Re:Obligatory reply.

This bill is not going to single-handedly eliminate all the spam in the universe overnight all by itself, therefore it's a waste of time and not worth the bother and typical of big government trying to control things and yadda yadda yadda...."

If this bill was just a waste of time and money, then I wouldn't care.

But this law is worse than no law at all,
since it prevents the states from passing laws that have a chance to do something, how ever slight.

Contradiction in Terms?

[syphax]

From the article:

legitimate e-mail marketers

Re:Contradiction in Terms?

I get marketing email from thinkgeek. I asked for it. Are they spammers?

Idiot.

thank god for iptables

[Indy1]

this is a bullshit law, but fortunately it will impact my users and myself on a minimal level. Why? I heavily firewall off spamming isps at my mail server plus i do several rbl checks after the firewall. Any spammer stupid enough to even try spamming me gets an immiedate block. So bring it on Dma, i still got PLENTY of space in iptables for you.

Well this sucks

[doodleboy]

Plutocracy: a government by and for the wealthy, i.e. spammers have the money to buy lobbyists, who in turn buy politicians, who then pass convenient laws for the spammers. It's all so tidy and efficient.

I'm as cynical and jaded as the next genX geek, but it still pisses me off that no one gives a shite about the common good. You get the sense that those in power would laugh out loud if you even mentioned it. Bastards.

Oh by the way, even good legislation would be useless against spam. How is these people are too stupid to figure that out?

Typical Liberal Thinking

[Mullen]

Alright, I always thought Schumer was stupid weak minded liberal who thinks government can solve all of life's woes, but this proves it:
"It's not going to solve all the problems, but it's the first real step," said Sen. Charles Schumer, D-N.Y. "The public is demanding something. It's going to happen. We're going to get it done."
Okay, spam is not a government problem, it is a technical problem and no amount of praying or laws (Smart or dumb) are going to solve the problems of spam. Now here is the list why:
1) Most spam that ends up in U.S. mailboxes comes from overseas, so no US law is going to stop that.
2) Spam actually works on an economic level, if it did not, then no one would spam. Spammers spam, because spam works. Destroy the profitiblity of spamming and spam will go away.
3) Spamming is easy. Make it so addresses can not be spoofed, email headers can't be forged and MX records have to match up with A records (All those modem pool modems would not be able to send because no will accept mail from a machine that does not have an correct MX record). I think if you fixed this, then a lot of the spam would just go away.

Re:Typical Liberal Thinking

[Concerned+Onlooker]

What does being liberal have to do with this? Would it be any different if a weak minded conservative came up with it? Aside from the fact that we be obligated to send death squads to other countries, I mean.

Re:Typical Liberal Thinking

1) That is incorrect. Most spam comes from US companies (86%) but they tend to route it through a computer overseas.
2) I agree. I wish people would just stop buying crap from spammers.
3) People are working on it but it's difficult because participation is voluntary.

The bigger problem is that most spam is ALREADY ILLEGAL. If the FTC would use the laws we already have and get off their ass they could take care of a huge part of the problem. And forged headers could be considered fraud. They creatively prosecute lots of people, why not spammers?

Re:Typical Liberal Thinking

[greenhide]

I think the parent's posting is largely insightful, except for his partisan take on it. My experience is that, across the board, government officials are very stupid (or evilly clever) when it comes to making decisions regarding technology. I mean, it wasn't just Democrats that voted for the DMCA, right?

As another poster, unfortunately marked as troll, pointed out, there are representatives from both sides of the aisle who are praising the bill. What's dumb is that we know who the spammers are. They're corporations that are set up here in the US. If I remember correctly, there are really only 3-4 major spam companies that send out a majority of the spam. If we could just shut down those companies, that would be a good start.

I disagree with people who think that there is a purely technological solution to this problem. As has been seen, spammers are very good at adapting to new anti-spam technologies. Basically, all of the nice features of e-mail -- anonymity, cheapness, simplicity, user-friendliess, automation -- would have to be abandoned in order to make a form of electronic communication that a spammer couldn't work around. Ultimately, we have to make it painful for spammers to exist. We have to apply pressure, also, to credit card companies and merchant account providers that set up accounts for these jerks. Instead of introducing laws defining what kinds of email are illegal (really, it's more like porn -- I know something is spam when I see it), it would be better to introduce laws governing credit when a company spams. Merchant Account companies should be forced to take down a merchant account when that company knowingly engages in spamming (say, after the second offense), and a record must go into their credit check (both for the individual and for the company), so the next time they try to set up a merchant account, that note will be there:
Account shut down due to non-comformance with US. Code blah blah blah.

Merchant account companies that actually set up accounts for people with that in their credit report could be held liable or fined.

Yes, that sort of law might be more intrusive. But damn would it work. Without access to a merchant account, a spam-based commerce site basically would collapse.

Re:Typical Liberal Thinking

[EinarH]

Without touching your other points; I think you are wrong on #1:

1) Most spam that ends up in U.S. mailboxes comes from overseas, so no US law is going to stop that.

Even though the spam comes from overseas, 90% of the worst spammers comes from US. According to ROKSO 90% of the 200 worst spam operatios are US based.
So if the US Congress criminalized sending spam people could have sued the shit out of these people as long as you can prove it.
But hey, can't do that; that would have destroyed the industry!

Re:Typical Liberal Thinking

[pjrc]

Most spam that ends up in U.S. mailboxes comes from overseas

But it is send on behalf of companies within the US, selling products targeted at the US market, to US citizens. Make any of these illegal and vigorously enforced, and most of the current spam will stop.

Make it so addresses can not be spoofed, email headers can't be forged and [snip, IP number authentication]. I think if you fixed this, then a lot of the spam would just go away.

The unfortunate obstacle to implementing this is that a good portion of all legitimate email transmitted today is misconfigured, and effective "forges" its sender address. Examples include people who send "from their work address" using their home computer and ISP (no VPN connection to the corporate email server). Likewise for sending as if from yahoo or hotmail, using your ISP rather than having to use the web interface. Sales people and other road warriors often depend on being able to transmit email from within a hotel room or off-site location, using whatever mailserver they can find. "Vanity domain names" are also a big issue, since nearly all of these are hosted by an ISP who simply forwards received messages, and transmitted messages are effectively "forged". There are also a large number of organizations that simply haven't configured outgoing mail properly, sometimes at the server, and more problematically on hundreds or thousands of client machines which all send through some mail server, effectively "forging" their outbound mail.

SPF is the leading effort right now to add simple, IP-number based sender domain name authentication to existing email. (the others were RMX and DMP). SPF allows many different ways (called "mechanisms" in the spec) to check if the transmitting IP number is authorized to send for that domain name. You can read all about it at the SPF site by following that link.

But despite SPF's simplict and backwards compatibility (and the very similar RMX and DMP proposals), there has been massive objection to it. For a truely sad tale of these objections, search for the draft proposals of RMX and scroll to the section near the end about the objections raised. For anyone who believes some technical improvements to adding authentication to SMTP, or replacing SMTP, is a viable solution to stopping spam... reading about the objections in the RMX draft should be a sobering wake-up call and put the enormous inertia of SMTP's forgability into perspective.

Re:Typical Liberal Thinking

[mwillems]

Mullen, let me explain why I disagree with at least one of your argumants.

First, though: namecalling never helps. Whether this senator is liberal (whatever you think that means - I think it means "in favour of freedom" - cf, your dictionary) or not should not affect his arguments. Now as for your arguments.

>>>1) Most spam that ends up in U.S. mailboxes comes from overseas, so no US law is going to stop that.>>2) Spam actually works on an economic level, if it did not, then no one would spam. Spammers spam, because spam works.>>3) Spamming is easy. Make it so addresses can not be spoofed, email headers can't be forged and MX records have to match up with A records

Mm. Now who believes in big government? The government dictating how tech works? That is hwo we ended up with Bell, selling 1940 style phones in 1980...!

Cheers,
Michael

Re:Typical Liberal Thinking

[Onan]

I'm a big fan of technical solutions over administrative solutions. But in this case, technology has failed to solve the problem, and gives every evidence that it will continue to fail to solve the problem. Many of the world's greatest minds and largest budgets have been bent on technical solutions to spam, with very limited success.

Your assertions that spam is effective and easy don't distinguish it from other crimes. Mugging people is a fast, easy way to make money. We could either encourage a technical solution to the problem (perhaps based around guns which use mind-reading devices to determine the purity of the intent of their wielder, and only fire in approved circumstances), or we could go with the administrative solution of saying it's illegal to mug people.

Would the technical solution be better? Hell yes! Once it exists. Is the administrative solution better than nothing for the years or decades until the technical solution happens? Yep.

Re:Typical Liberal Thinking

1) That is incorrect. Most spam comes from US companies (86%) but they tend to route it through a computer overseas.

Actually, no. The spam is not really being routed overseas except by the smaller spammers. AOL, Yahoo, and MSN actually generate a large portion of spam and no study will show it. These companies use their own IP space to make it appear that it is from overseas.
MSN is now gouging. For one spammer, MSN is raising the price high enough that they were looking at another major hosting company to do instead. That company is a huge DSL hosting company and will most likely use their customers IP address/domainname iff they went forward.

RTFA

[nate1138]

Did you even bother to read the article? Yes, it has to be labeled as spam, but the label isn't defined. As a matter of fact, the label is up to the spammer to decide! The FTC is PROHIBITED by this law from defining the label. So how are you supposed to filter out mail based on an arbitrary label defined by the sender?

Re:RTFA

[sketerpot]

Wow, I retract my comment about this making spam from the US trivial to filter out. This looks like just a voter-appeasement act that leaves the spammers with as much leeway as they want.

Congressional scum meet spamming scum. Who is worse?

Re:RTFA

[nate1138]

Yup, yet another bill from GW and friends that sounds good but benefits nobody except his big-business buddies (just look at the medicare and energy bills currently passing for more examples)

Re:RTFA

[orthogonal]

Yes, it has to be labeled as spam, but the label isn't defined.

Precisely. Mod parent up, mod grandparent down.

Given what I'm seeing in the spam I'm currently getting, the advert label will probably look like this:

4dv3r7153m3n7

(or be composed of European characters which Slashcode won't properly show)

or for the really upscale spammers with thesaureses:

• "broadcast circular",
• "publicity promulgation",
• "commercial communication",
• "endorsement endorsement"

Re:RTFA

[shystershep]

The label is meaningless, but not because it is not defined. How much spam do you get from "legit" sources? None of those "See-young-boys-getting-it-on-with-farm-animals" emails are going to be affected at all by this law -- because the egregious spammers, the ones who have raised the problem from the level of junk mail (of the snail variety) to the scourge of modern communication, will simply ignore the law.

Re:RTFA

[dwsauder]

Did you even bother to read the article? Yes, it has to be labeled as spam, but the label isn't defined. As a matter of fact, the label is up to the spammer to decide! The FTC is PROHIBITED by this law from defining the label. So how are you supposed to filter out mail based on an arbitrary label defined by the sender?

I'm not happy with this law either. It's not going to reduce spam. However, not to be the total pessimist, I have always had the impression that most laws sketch out basic guidelines that are then spelled out explicitly by regulations from the exectutive branch (FTC, FCC, etc). Does it really explicitly say the FTC is prohibited from indicating how spam must be labeled? My interpretation is that the law's intention is to mandate the executive branch to spell out how messages should be labeled. I could be wrong.

Re:RTFA

[dheltzel]

Passed on a 392-5 vote, the House bill largely mirrors "Can Spam"

It looks to me like the entire house are "GW's friends" in this case. I apologize in advance for offending you if the facts I'm pointing to interfere with your prejudices.

The issue here is that all politicians (including the ones you like) are too stupid to be making laws like this. To the man (or woman), their only concern is re-election.

Re:RTFA

[Keeper]

Read section 11. The IETFS (Internet Engineering Task Force Standards) will define how the subject line of the message should be labelled.

Re:RTFA

[Odin's+Raven]

Does it really explicitly say the FTC is prohibited from indicating how spam must be labeled?

I had the same question after reading the blog entry. Apologies in advance for the length of this reply, but I wanted to cite the portions of the bill that I think are relevant (as opposed to just declaring "yes" or "no" without providing any supporting evidence).

Technically, I believe the blogger is correct in this assertion, but after reading the full text of the bill I suspect the prohibition isn't quite as stupid as it initially appears. (For those who wish to follow the bouncing ball at home, a PDF copy of the actual bill is available here.)

The prohibition shows up in Section 13(b) of the bill:

(b) LIMITATION.--Subsection (a) may not be construed to authorize the Commission to establish a requirement pursuant to section 5(a)(5)(A) to include any specific words, characters, marks, or labels in a commercial electronic mail message, or to include the identification required by section 5(a)(5)(A) in any particular part of such a mail message (such as the subject line or body).

So yes, there is a prohibition against defining identification labels in the bill.

But context is important here. Section 13(b) is placing restrictions on the preceding paragraph, 13(a), which states:

(a) IN GENERAL.--The Commission may issue regulations to implement the provisions of this Act (not including the amendments made by sections 4 and 12). Any such regulations shall be issued in accordance with section 553 of title 5, United States Code.

So Section 13(a) gives the Commission authority to start making regulations based on this bill immediately. But some sections of the bill weren't intended to be implemented immediately, and instead call for the Commission to do some research first and report back to the House and Senate with recommendations.

Section 5(a)(5)(A), the part which the Commission is explicitly not authorized to implement yet, is the portion of the bill that would require "clear and conspicuous identification that the message is an advertisement or solicitation". Obviously, before companies can comply with (or be prosecuted for failing to comply with) regulations related to 5(a)(5)(A), the Commission will have to specify exactly what qualifies as a clear and conspicuous identification.

And indeed, down in Section 11(2), we find that the commission has been tasked to come up with a report on how this identification is to be performed:

Sec 11: The Commission shall transmit to the Senate Committee on Commerce, Science, and Transportation and the House of Representatives Committee on Energy and Commerce [...] (2) a report, within 18 months after the date of enactment of this Act, that sets forth a plan for requiring commercial electronic mail to be identifiable from its subject line, by means of compliance with Internet Engineering Task Force Standards, the use of the characters ``ADV'' in the subject line, or other comparable identifier, or an explanation of any concerns the Commission has that cause the Commission to recommend against the plan.

So it seems to me that Congress is leaning towards using an 'ADV' tag in the subject line to identity "legitimate" UCE, but that they're really not sure how any of this email stuff actually works, so they stopped short of making this a requirement in the current bill. Instead, they're telling the Commission to go off and get familiar with the relevant IETF standards, figure out if 'ADV' or some similar subject-line tag approach could be done without breaking anything, and have the Commission report back with either (a) rules on a workable method for identifying UCE from the subject line, or (b) a danged good explanation why this can't be done.

Rather t

Re:RTFA

[Kaboom13]

Yeah Damn that Bush and his Republican cronies. They have even taken to enslaving democrats and making them produce pro-spam legislation like these (from the MSNBC Article):

"Rep. John Dingell of Michigan, the senior Democrat on the Energy and Commerce Committee, called the effort "an important first step in restoring consumers' control over their inboxes."

" "It's not going to solve all the problems, but it's the first real step," said Sen. Charles Schumer, D-N.Y. "The public is demanding something. It's going to happen. We're going to get it done.""

If we had a Democrat President, I'm sure he would've veto-d the legislation, seeing how it passed on a narrow 392 - 5 vote. Why I bet he walked right into congress and proposed and sponsored the bill himself, oh wait he can't do that. He did have Wyden, Ron - (D - OR), Breaux, John - (D - LA), Landrieu, Mary - (D - LA), and Schumer, Charles - (D - NY) to do his dirty work and co-sponsor the bill. Yep just mean old GW (who hasn't even had a chance to sign it into law yet) and his friends to beat up on the little guy.

Re:RTFA

The energy bill is not going to pass!

Re:RTFA

Time to vote in some Greens, Libertarians, and other independents. There's no difference between the Republicats and the Democrans anymore.

Re:RTFA

[nate1138]

Ok, give me a break. What politician in his right mind will vote against ANY anti-spam bill? The fact that almost nobody votes against it for fear of public retribution at the polls makes it easier to put any kind language in there that they want to put in. This bill was a gift to marketers, and to pretend otherwise is to be blind to the realities of politics.

Re:RTFA

[nate1138]

I must have missed that. Thank you for the correction.

Re:RTFA

[nate1138]

And did you really expect ANYBODY to vote against an anti-spam bill? That would be political suicide, no matter how fucked up the bill is.

Do Not Call has been great, demand more!

[HDlife]

At least the "do not call" list has made junk phone calls come to a complete halt. Only a very few exempt calls sneak in. I think consumers will demand more once they see that junk spam is not reduced. I have to agree that by far the worst spam is the fraudulent kind. Fake Vi;a|gr-a, male un1t enhancement pills, and varius p0rn are the worst offenders (in both senses of offend). The "legitimate" spammers are the easiest to silence. But, unfortunately, that will have to wait for a later date.

Criminals Aren't Phased By New Laws

[Slider451]

Spammers make a choice to hijack systems to cover their tracks, leech bandwidth to make others pay their costs, increase the burden on mail servers everywhere, and flood the Internet with needless traffic.

How is a new law going to suddenly convince them they're doing something wrong, morally or legally?

Re:article text

ITS LINKING TO PORN CORRECT LINK! ADMINZ, PLZ BAN CATO FROM TEH INTERWEB Lameness filter encountered. Post aborted! Reason: Don't use so many caps. It's like lolling.

The law we actually need...

[crow]

The law we actually need to deal with spam is a an allocation of $10million to the FBI to investigate and prosecute violations of existing laws where such violations include the use of bulk email. Then the FBI would have the resources to track down some of the spammers who are using hacked systems to send spam.

Only once the Department of Justice has done everything they can to enforce the current laws should new laws be passed.

Also

[sulli]

You really need to hear what these execs have to say. Don't forget to check out the DMNews website. In case it's slashdotted, try again! Then try again! And if you're not sick of it yet, try again!

MOD PARENT DOWN

Modification of original article text: "Under the federal law, consumers cannot sue og have sex at any given time."

Re:MOD PARENT DOWN

I want to touch your budding nipples.

Nipples :)

Anti-spam registry and opt-out...

[HTH+NE1]

A registry and opt-out links are of no help to me when the message also contains no information identifying which of my e-mail addresses they addressed their spam. Mail to any username at my domain goes to me. With Bcc'd spam, I can't identify the address they used to tell them to stop.

On naievity...

[mrex]

If anyone here thinks for a minute that this abominable piece of legislation is an "accident" caused by those writing it being non-technical, wake the hell up.

Every single word of this bill was intentionally crafted to do what it does -- make Congress look anti-spam to everyone except spammers. This is a Congressional "wink and nod" to all the scum out there who are more than happy to cost you money to try to sell you something.

Remember, kids, messing with other peoples' computers "for fun" is bad and wrong and the FBI will hunt you down. If you're going to make money at it, and of course you allocate some of that money to bribing^Wlobbying Congress, thats a whole different story. Sigh.

Laws Don't Stop Spam Technology Does

[Brainiac252]

I know that we've been debating spam the effectiveness of Spam legislation here on slashdot for the last couple days. YES, it might momentarily stem the flow of spam, but really laws like this allow too much leeway! If you think this will stop spam you have another thing coming!

Technology on the other hand is the way to go. I recently got feed up with my hotmail account due to spam and I switched to another free site called Shadango.com. It allows me to check both my students address and hotmail thru one interface and it filters the spam out of my email, which is something this new law won't do.

I'm not saying that services like Shadango.com are the answer but they are definitely a step in the right direction! And that's my two cents!!!

Brian

Re:Laws Don't Stop Spam Technology Does

[mrex]

I know that we've been debating spam the effectiveness of Spam legislation here on slashdot for the last couple days. YES, it might momentarily stem the flow of spam, but really laws like this allow too much leeway! If you think this will stop spam you have another thing coming!

I agree with you that this law will not stop spam. However, you make a leap from saying that this law will not work to "laws don't work", paraphrasing your subject. On that point I vehemently disagree. If the incentive to spam is strong, certainly there are far more lucrative crimes which the law has succeeded in reducing if not eliminating. Laws can be effective, because law enforcement can be very intimidating. That's their job. We simply need a strong law against spam. But we both agree, the (U)CAN-SPAM act is not it.

Technology on the other hand is the way to go. I recently got feed up with my hotmail account due to spam and I switched to another free site called Shadango.com. It allows me to check both my students address and hotmail thru one interface and it filters the spam out of my email, which is something this new law won't do.

That's great for you as a consumer, but what about me as an ISP? Don't I have a right to own a business and sell internet access to my users without having to pay for beefier hardware and fatter pipes just to handle the amount of completely unsolicited and unwanted junk e-mail we take in?!?

I'm not saying that services like Shadango.com are the answer but they are definitely a step in the right direction! And that's my two cents!!!

Nothing personal against shadango, I'm not that familiar with their service, but these band-aids are just that, they are not a step in the right direction. They're just another step in the arms race.

Re:Laws Don't Stop Spam Technology Does

You can tell this dork is rotating accounts. Look at his history. He goes idle like this every now and then. Once no one can reply to him, he attacks everyone who dared disagree with him. Of course he does that AC.

Re:article text

TROLL-KRU OF THE WORLD UNITE

The accusations don't make sense

[Brad+Mace]

Obviously there's money in spam, but other companies are making far more money conducting legitimate business over the internet. Spam isn't nearly profitable enough for these companies to turn away while such an important means of doing business is destroyed.

I have to believe that Microsoft understands what spam is doing to the internet, and they must want it to continue working. They are the ones running hotmail after all. No one can buy them off, and any money they might make off spam wouldn't even be visible next to their other products.

I have some hope for this bill

[jfengel]

Obviously this won't get rid of any spam, but it will do two useful things:

1. For "legitimate" spammers, it will be easy to filter them out, preferably at the server level. (I wonder if we could convince, say, AOL to bounce all email self-designated as spam.)

2. For illegitimate spammers, we will now have some sort of legal recourse. I know that this won't be easy, since illegitimate spammers don't include valid return addresses, but it's a start. We can also use it to punish legitimate companies who use illegitimate means to acquire email lists, since they _do_ have well-known addresses.

Immediately, we've gained very little, and it's the least-offensive spam that is most easily filtered out. But if this is just the first step, maybe we can get to the real bad guys eventually.

Get a clue guys

[fleener]

What did you expect from politicians? Did you really expect an effective law? If it doesn't line pockets or permit illegal activity, it's not worth their time of day.

The point

[Kelz]

is that the govvies are at least TRYING (however uselessly) to solve some of the spam problem. I would've given each spammer 40 lashes, but seeing as special interest groups (including spammers) dominate government nowadays, I'll take what I can get.

Spam Laws are stupid.

Spam Laws are just the good guys version of idiotic things like the DCMA and they are an abuse of the legislative process.

The appropriate laws are fraud and deceptive trade practice laws and they are already on the books. Enforce them and with a vengence.

If you want to stop spam then design a better router and protocol and dump that shit in the bit bucket. Trying to legislate your way out of a problem never works...fix the problem instead.

Labelled how?

[Chris+Pimlott]

As the post states, the bill does not give any specific manner for how a piece of spam should identify itself as such.

From the text of the bill, the mail must provide

clear and conspicuous identification that the message is an advertisement or solicitation

But what does that mean? Putting "[AD]" in the subject title? Adding a "is-spam: true" header? Ending the message with "BTW, this is spam"? Some of them? All of them? Any could be could be considered a valid indentification but the vast variety of methods and phrasings could make it very difficult to actually filter out based on these "clear" identifications.

Re:Labelled how?

[Eric+Savage]

Actually, it kind of does do this in a kind of weak manner in Section 11:

"The Commission shall transmit to the Senate Committee on Commerce, Science, and Transportation and the House of Representatives Committee on Energy and Commerce--a report, within 18 months after the date of enactment of this Act, that sets forth a plan for requiring commercial electronic mail to be identifiable from its subject line, by means of compliance with Internet Engineering Task Force Standards, the use of the characters `ADV' in the subject line, or other comparable identifier, or an explanation of any concerns the Commission has that cause the Commission to recommend against the plan."

That's pretty loose language, including the ability to say it shouldn't be done, but I doubt IETF is going to side with marketers here.

Re:Labelled how?

[TekPolitik]

I doubt IETF is going to side with marketers here.

I doubt the IETF will do anything. Their structure and conduct is such that they couldn't organise getting laid in a brothel. The Commission will have to go forward without IETF help.

Hell, there was more productive protocol and standardisation work done per week before the formalisation of the IETF than gets done per year now.

Re:Labelled how?

Perhaps someone should, anonymously, send all the congresscritters about 10,000+ emails saying nothing but "THIS IS SPAM. THIS IS IN COMPLIANCE WITH THE CAN SPAM LAW!"

It MIGHT clue them in, but then again...

Re:Labelled how?

[Particle010]

Hmm... Makes me wonder if "ADV films" will have a problem with this.

I agree. The fact that the discretion of identifying spam is left up to the spammer essentially puts us right back to square one. The government has failed time and time again to give the specific requirements to control spam and other technical problems because they simply don't know what they're dealing with.

I think that ultimately, the best way to control spam is to alter the very foundation of emailing all together. It's been discussed many times before, but when in the course of our human events will we geeks as the capable people actually DO the required steps to make it happen instead of just talk about it? What's it going to take? 100 spam a day, 1000? 10,000?

I already miss vital emails because it's just too damn cumbersome to sift through it all. My ISP's spam filters are SO powerful that valid emails get filtered, thus I have to go through the filter list jst to find missed valid emails, which kind of defeats the purpose of filtering in the first place.

Re:Labelled how?

[andreMA]

You'd need a commercial purpose, I think. Perhaps offer to sell them "For Sale to Highest Bidder" buttons, noting that they seem to have a need for such...

Re:Labelled how?

No, I think they have no need for such buttons. It is obvious.

And that would be?

[unicorn]

Just out of curiousity, what would Microsofts vested interest be, in the anti-spam business?

Re:And that would be?

[grub]

Companies develop anti-spam products for MS software, that helps sell more MS software. Pirating MS products helps MS in the end as it becomes more ubiquitous, thus killing competition.

Re:And that would be?

[sfjoe]

Just out of curiousity, what would Microsofts vested interest be, in the anti-spam business?

bCentral.com and it's marketing product, ListBuilder is wholly owned by Microsoft.
They are some of the most unscrupulous web harvesters of unuspecting email adresses around.

This will greatly ease filtering

The text of the bill requires that SPAM be labelled in the subject line (The subject must begin with "ADV:" or "ADV:ADLT", as appropriate) which takes all the guess work out of filtering. The only SPAM you'd have to worry about is SPAM trying to skirt this law, which means that this can't "make things worse" as some are saying here.

Not to mention....

[macshune]

the main cause of spam:

I hate it when companies "rent" out their lists to marketing groups, after stating in their privacy policies that they do not sell their lists. This shit should be illegal, end of story. It's misleading, morally wrong, etc.

It's similar to letting people rent a copy of the cd you bought last night at Best Buy, or renting a copy for free off of Kazaa.

Re:Not to mention....

[Ruzty]

Dell sells (leases?) their customer email addresses out. I have an address that has only been used for an account on the Dell store and it started receiving spam recently. No one is immune to corporate greed...

-Rusty

Re:Not to mention....

Parent is (+5, Funny).

Re:Not to mention....

[Golias]

Far be it from me to rush to Dell's defense about anything, but this could just be a case of spammers brute-forcing all the likely "@dell.com" addresses. It happens with all popular e-mail domains, eventually.

Re:Not to mention....

[Ruzty]

Nope, this was a username @ mraz.org address with "username" specific to use only on Dell's small business store website. It was/is a quite unique address and would be very unlikely to be brute forced. Plus I have a funnel on my domain and would have seen other junk if the domain was being brute forced. Dell definitely sold or leased my email address out on some kind of list that got into the hands of spammers and is now poisoned.

I will NOT ever do business with Dell again due to thier behavior in this case.

-Rusty

We must act NOW!

[www.sorehands.com]

We must take action before this crap bill is passed!

Take a few hours of spam, and fax it to your congress person and senators. Include a letter that explains how the bill is such a bad idea and it will increase the spam. I sent 25 pages to my people with a letter that explained that this was 6 hours of spam on a Sunday. That the bill, if passed will make this much worse. That only opt-in will work and that there must be statutory damages and a private right of action.

Of course, they are welcome to opt out of this campain, from each of us who add them to the list. They may get the point if 500 people do the same thing every few days, and they have to opt out from all 500.

This will only effect the good spammers

[pens]

Like the last story, this law will only really effect the spammers who are already following good practices. The bad spammers will not be affected by this, just like pirates will not really be affected by any DRM.

I'll never understand

I'll never understand anyone that would apply some sort of tropical paste or consume anything they got from a spam that has intentions of enlargening a part of their body. I mean, can you imagine if this thing doesn't stop growing? I mean imagine if this thing that doesn't stop growing get supplimented with something that makes it 'rock hard' for days on end. Could you imagine the issues? And on top of that, the gaurentee you get from these people is "MAYBE" you'll get your money back, if you can hunt them down. So you're stuck with some sort of 12 foot, rock hard object that you have to walk around town with. They should be sent a darwin award with each purchase too..

An Alternate Strategy...

[Dr_Ish]

It seems to me that legislative and technical measures against Nigerian toner enlagement offers have only had limited success. For some time, it has occurred to me that an attack on the spammers business model might be a more effective strategy. It only takes a very few idiots who respond to spam to keep the bad guys in business. I suspect there will always be idiots, so this is not likely to be an effective way of attacking spamers. However, they may still be vulnerable on the cost side. For instance, if every slashdotter was to ask a spammer to spam on their behalf (and then of coursze not follow through, or pay up), then spammers would be forced to spend a great deal of time and energy detecting real customers amongst all the time wasters. This would undoubtedly raise their costs. All it would take is a few people with 'disposable' e-mail accounts, to give spammers a real headache. Has anyone tried this approach? Would anyone be prepared to organise such an effort? I am sure that I know a few people who would be more than willing to spend 10 mins a day causing spammers trouble. What do you all think?"

The REAL point

[JetScootr]

Is that it doesn't do anything. The govvies weren't trying to help "we the people". They wrote and enacted a law that shelters spammers from "we the people".
How can you tell if a law is unjust? If it makes **ANY** provision at all preventing people from suing those who break the law.
We have been denied access to the third branch of government in order to protect the business interests of spammers.

Forget the politicians

[mabu]

Politicians are useless. Law enforcement bodies don't even have cyber-crime issues anywhere on their priority list, much less the resources to fight it.

I encourage the population to engage in a number of active efforts to negate the value all these advertisers have, and their tendency now to bombard us all into oblivion with their repetitive, misleading and obnoxious messages.

* When you get spam, report it to Spamcop. Don't even bother with cutting-and-pasting the html source, the web hosting companies of spammers don't care about complaints. Make sure the complaints go to the ISPs who manage the IP space the spammer is operating from. But more importantly, when you report spam to spamcop, the source gets immediately flagged as a spammer and thousands of systems around the world refuse to accept mail from the source. It's VERY effective and the sooner you report spam, the more effective it is. The crap messages don't even get to peoples' mail servers this way. It WORKS!

* Turn off your TV and refuse to let yourself be turned into a quivering ADHD blob with the constant barrage of commercial suggestions. If you must watch TV, do yourself a favor and get a TiVo (it will be the best money you ever spent) and record what you want, when you want, take back your life and best of all skip the commercials!

* If you're feeling the need to waste time complaining, send a letter to your congressman and senators telling them that if they don't put more resources into cyber-crime enforcement you'll make it the center of your life to ensure they can't get elected to anything ever again.

* Spread the word that the only realistic solution to spam is licensing outbound mail relays via a sanctioned body that is nowhere near as incompetent as ICANN. We need an opt-in, international SMTP mail relay whitelist with ethical rules for being included.

* If you've had any bad experiences with companies who've ripped you off, do us all a favor and put up a web page on it and list it with the search engines. Peoples' apathy towards getting railroaded encourges the continuation of these scams. Know someone who's been burned by home-mortgage scams? Publish it! Put it out there forever. Every little bit helps to educate the feebleminded populace,make them more skeptical of suggestions (as well as editorial packaged as "news") and negate the value of quantum advertising.

* Forget client-side e-mail filtering as a spam solution. It will never work and it is a black hole of resources, time and money. Filtering is good for viruses and idiots who still insist on clicking attachments, but it won't ever do much for the spam problem.

* Encourage your ISP to employ relay blacklisting to thwart spammers so they can't even connect to remote systems.

* If you still find yourself occasionally watching tv and are annoyed at misleading ad campaigns, do what I do: dial the 1-800 number repeatedly over the course of the commercial's airing, making the advertiser's efforts counterproductive and sending a message that you're tired of being bombarded, emotionally manipulated and lied to.

* Don't buy any products advertised in any manner in which you find offensive or annoying regardless of the quality/desireability of the product.

* If you still feel your penis isn't big enough, just go to the local store and buy some multi-vitamins or just deal with it. You don't need a bigger penis, newer car, a George Forman grill, closet organizer, no-money-down real estate, second mortgage, questionable mexican placebos packaged as drugs, or to see Holly hump a German Shephard. Pick up the phone and go hang out with friends who like you for who you are and don't buy into the media's constant message that you're inadequate and money will solve this.

Re:Forget the politicians

[Micah]

> If you still find yourself occasionally watching tv and are annoyed at misleading ad campaigns, do what I do: dial the 1-800 number repeatedly over the course of the commercial's airing, making the advertiser's efforts counterproductive and sending a message that you're tired of being bombarded, emotionally manipulated and lied to.

What does that have to do with spam? At least a company is paying for TV time, paying for 800# phone lines, paying for operators, and there are ways of knowing exactly which company is advertising.

If their product is a scam, you can go after them through the FTC. If you don't want to watch their ad, change the channel.

Re:Forget the politicians

[SagSaw]

* Spread the word that the only realistic solution to spam is licensing outbound mail relays via a sanctioned body that is nowhere near as incompetent as ICANN. We need an opt-in, international SMTP mail relay whitelist with ethical rules for being included.

Sorry, I disagree. I (and by extension anybody) should be allowed to run whatever services they want so long as they do so in a responsible manner. For example I run my own incoming and outgoing mail server. I should not be prevented from running my own e-mail server simply because some individuals can not figure out (or care) how to set up their servers not to be an open relay.

* Encourage your ISP to employ relay blacklisting to thwart spammers so they can't even connect to remote systems.

One of the reasons I run my own e-mail server is so that I can employ whatever blacklists and filters I want on the server side. Also, since I control the server, I can set-up 'throw-away' and temporary addresses for specific purposes. If I need to give an e-mail address to an entity I do not trust, I simply set up an alias specifically for that purpose. If I start receiving spam via that alias a.) I know where it came from and b.) I can get rid of the alias and avoid any future spam. Of course, if all smtp server had to be on a whitelist, I couldn't do this because I probably couldn't afford/meet the requirements for inclusion.

Not to downplay the problem, but I've always been able to manage spam simply by setting up a decent set of client-side filters (yes, I know this still causes problems on the server side). At least in my experiance, spam is not a big enough problem to warrant crippling e-mail.

Re:Forget the politicians

[mabu]

As I said in my message, the same advertising constructs apply to television that are being employed on TV: bombard the user with repetitive messages interrupting the content they're there in the first place to view. Not to mention the fact that in many cases, we're seing the same campaigns on tv as in spam (home mortgage offers, penis enlargement, porn/girls-gone-wild, "free" software deals, etc.) This issue is larger than the Internet.

Re:Forget the politicians

[mabu]

* Spread the word that the only realistic solution to spam is licensing outbound mail relays via a sanctioned body that is nowhere near as incompetent as ICANN. We need an opt-in, international SMTP mail relay whitelist with ethical rules for being included.

Sorry, I disagree. I (and by extension anybody) should be allowed to run whatever services they want so long as they do so in a responsible manner. For example I run my own incoming and outgoing mail server. I should not be prevented from running my own e-mail server simply because some individuals can not figure out (or care) how to set up their servers not to be an open relay.

I'm would never suggest you not have the freedom to run your own smtp server. But I bet you have your own domain, and how much hassle was it to get that registered? The same effort could be put into "registering" smtp relays (with perhaps a more substantive ethical enforcement). If you don't want to be part of the whitelist, that's your perrogative -- nobody's suggesting you can't still run your mail server, but some ISPs and other networks may choose to only accept mail from systems who are regulated and committed to not routing spam mail. If you don't intend on spamming, why would you have a problem with spending an extra five minutes to register with the whitelist and make a pledge that your participation in the list is contingent upon you not routing UCE? The whole process could be automated. And participation, both in terms of using the whitelist and subscribing would always be voluntary, but a central authority managing the list would have substantive power to impose such a very useful measure.


One of the reasons I run my own e-mail server is so that I can employ whatever blacklists and filters I want on the server side. Also, since I control the server, I can set-up 'throw-away' and temporary addresses for specific purposes. If I need to give an e-mail address to an entity I do not trust, I simply set up an alias specifically for that purpose. If I start receiving spam via that alias a.) I know where it came from and b.) I can get rid of the alias and avoid any future spam. Of course, if all smtp server had to be on a whitelist, I couldn't do this because I probably couldn't afford/meet the requirements for inclusion.


I do the same thing with my servers. Why do you think it would be so difficult participate in a SMTP whitelist? If you don't spam, and you don't run open relays, you register once and it's done. If you're running a rogue SMTP relay on non-static IPs, you're probably blacklisted already on dozens of open proxy servers, so it's in your best interest to "register" and agree to maintain ethical practices and be part of the whitelist. I don't see how it isn't a very practical, very effective solution.

I think the problem is ICANN has set a very bad example for how top-level Internet services should be managed and this has made everyone skeptical that any other regulatory bodies would be just as ineffective, but I disagree - we learn from the mistakes and uselessness of ICANN and improve upon it.

Not to downplay the problem, but I've always been able to manage spam simply by setting up a decent set of client-side filters (yes, I know this still causes problems on the server side). At least in my experiance, spam is not a big enough problem to warrant crippling e-mail.


The e-mail system is already crippled because of spam. Major ISPs have unnecessary delays because of the volume of noise-mail and the measure they have to put in place to deal with spam. Peoples' mailboxes reach their quota will crap and then reject all other (as well as legit) mail.

My idea is all about: a) making sure that legitimate mail gets through and b) bandwidth/resources are not stolen by spammers. This is the only solution I've found that actually can address the issue in a realistic manner. It's obvious you don't pay based on your bandwidth, but for

Re:Forget the politicians

[mabu]

Let me also add that in your case, you're talking about POP3 (inbound) services and not SMTP (outbound). The whole, "i can create my own temporary e-mail accounts to thwart spammers" is irrelevant. Sending and receiving mail are completely different systems. Anyone running an inbound, mail-receiving server would not be regulated. They would merely have the choice as to whether they wanted to accept only mail from whitelisted systems or not.

Unless you're an upper-level ISP, you probably are paying someone else for Internet connectivity, and therefore have the use of their outbound mail relays. It would be their responsibility to choose whether they wanted their server to be "registered" and if there was a centralized "whitelist", it would be of great benefit for them to participate.

What this basically boils down to is some TEETH that forces ISPs to actually enforce their Terms of Service. Almost all ISPs do not allow their customers to send out UCE. There is not way to regulate whether they enforce this or not. An SMTP whitelist would make sure they enforce their policies. If they choose not to, then at least other ISPs have the option of deciding if they want to deal with systems that have rejected the anti-UCE standard. It makes tons of sense and best of all, it has NOTHING to do with analyzing the content of mail and preserves the security and integrity of communication between parties. What other solution does that?

Re:Forget the politicians

[notcreative]

You don't need [...] to see Holly hump a German Shephard.

You obviously weren't paying close attention, if you're talking about episode 0F6A. It's an English Shorthair. _Mindy_ was with the German Shephard, in a different episode.

Re:Forget the politicians

[SagSaw]

Let me also add that in your case, you're talking about POP3 (inbound) services and not SMTP (outbound). The whole, "i can create my own temporary e-mail accounts to thwart spammers" is irrelevant. Sending and receiving mail are completely different systems. Anyone running an inbound, mail-receiving server would not be regulated. They would merely have the choice as to whether they wanted to accept only mail from whitelisted systems or not.

I think there is a bit of confusion here. To send mail, I connect to port 465 (smtp-over-ssl) on my sever. When others wish to send mail to me, they connect to port 25 (smtp). This is what I meant by outbound and inbound mail respectivly. you probably are paying someone else for Internet connectivity, and therefore have the use of their outbound mail relays. It would be their responsibility to choose whether they wanted their server to be "registered" and if there was a centralized "whitelist", it would be of great benefit for them to participate.

You assume that the comany which can provide me with economical, reasonable-quality, decent-speed, consumer-class internet service is also capable of running a decent outbound mail server. In many cases, they are not. Mine, for example, occasionally rejects outbound email based on the From: header, occasionally silently drops messages, and has unusually long delays for sending e-mail. Other than their outbound e-mail, though, they seem to do a good job.

To answer the content of your other reply: Who decides who qualifies to be on the white-list? What are the requrements? How much will it cost? etc. I would happily register myself with any whitelist that has reasonable policies on all of the above.

I would happily register myself with any reasonable third-party white-list. However, if it is run by a government as a matter of law, or run/administered by the likes of versign et. al, I doubt reasonable would describe the system.

87.26%....

[stonewolf]

According to my Popfile email filter 87.26% of all the email I get is spam.

I am very thankful for popfile.

Is there any possible form of active counter measures that can be incorporated into spam filters? I like the idea of having a spam filter down load and ignore the contents of every URL listed in every spam I recieve. *BUT* that would allow someone to ddos anyone by just sending an obvious spam with a bogus URL in it to a few million of us.

Stonewolf

B2B UCE - an important item not to forbid

[ClarkEvans]

While this law is weak -- it is nice that it isn't going to prevent Business 2 Business Unsolicited Commercial Email. We should start slow, and get more strong. I'm not talking *bulk* UCE here. Many startup tech companies spend _alot_ of time finding potential business customers and making them aware of services that are being offered. A carefully researched electronic mailing usually can return a high response rate if the people being addressed are the appropriate contacts in the companies in question, if the message is clear and targeted well, etc. I'm glad that the current law will not prevent this sort of necessary communication. In short, if you put your email address on a company website as a contact or listing you in your position with an email; or you are listed in the directory of a non-profit or similar organization... you should be willing to receive UCE.

What this law does, and I'm glad to see it, is ban fradulent UCE. And many bulk UCE techniques, such as harvested lists or guessing names. In general, I think the problem is with bulk email, not in general commercial email. If you're email address is listed on your company's web page you *are* in my humble opinion soliciting commercial responses and I'm glad this legislation does not ban this sort of communication as the god awful, anti-business, California law did.

Parent is a troll.

Parent is a troll. Please mod down.

Opt-out?

[Sir+Brialliance]

As far as opting out goes, I figure what have I got to lose?
Most spammers can verify the validity of your email address because of those script images (ex <img src="spammer.com/address.php?addr=myemailaddress@d omain.com">), right?

Re:Opt-out?

Most spammers can verify the validity of your email address because of those script images.

No spammers can verify the validity of my e-mail address that way, because I'm not a total idiot.

Re:Opt-out?

[orthogonal]

Most spammers can verify the validity of your email address because of those script images (ex ), right?

Not if your firewall prohibits your email client from connecting to port 80.

In my setup, my email client is only allowed to connect to ports 25 and 110, and those only at my host's mail server.

So all those web bugs and pictures come through as broken links. I can still click on URLs in an email, because clicking a link passes the address to my web browser, which is allowed out (not directly out, of course, but via two proxies that reformat HTML and remove cookies.)

So even though I'm running the notorious Microsoft Outlook in "show preview" mode, I have no problems.

Re:Opt-out?

Only if you're using your web browser as a mail program (a stupidity that Netscape started, and Microsoft continued).

At least Mozilla mail doesn't download external files.

Re:Opt-out?

[pqdave]

Only if you're using a misconfigured or brain-dead email client. Evolution will render HTML, but can be set so it won't connect to external images. Plain text mail clients will just show the raw HTML--This is a feature.

inmates have the keys?

spam is the least of yOUR problems right now?

SPAM, what's the big deal?

I simply use the whitelist feature in my free xmail.net account which blocks all spam. Spam laws are useless since most spam comes from mud hole countries in any case. Good luck in threatening some Nigerian 419 scam artist with an anti spam lawsuit!

Spam is the new pollution

[CrackedButter]

No wonder big business is happy, its not going to destroy the wildlife and its surrounding environment... Its more selective with its ability to destory...and thats US the netizens.

YHBT

To make you bite on it, mister.

MOD PARENT DOWN!

Why don't companies understand...

[ShortedOut]

I don't want you to call me to sell me something, I'll call you.

I don't want you to mail me with advertisements, I'll mail you.

I don't want you to knock on my door to talk to me, I'll knock on your door to talk to you.

I don't want you to send me an e-mail, If I want your product, I'll send YOU an e-mail.

I don't want to drive down the street and look at your signs, I want to see the trees.

I, like many other intelligent people, like to buy things that we need, or want based on research, or discussion with friends and their experiences with the product or service.

So, in conclusion, remember two things,
1. Forcing your product on me is a good way to NOT sell it to me.
and
2. Don't call me, I'll call you.

Shadango

[Gorillaka]

I think that laws can't hurt things...but i also know that technology certainly helps things. I actually was a beta-tester for shadango.com about 6 months ago. I've been using it ever since and my inbox has been virtually spam-free. I don't know if spammers just don't know about it yet or if their filters are just that good.

Plus it's got a bunch of nifty options like a file manager, disposable email addresses, and it's got 20MB of space.

Definitely worth the gander....

-Kevin

Actually, the law is good

[Thagg]

Forgotten (or ignored) in the cited rant, the law before congress now also mandates a "Do Not Spam" list. This would make moot the question over how the spam was labeled, questions about opt-out, and everything else. It would make it illegal to spam you in any case.

This is a good thing. I'd get on the list, whitelist all of my foreign correspondents, and consign the rest of the world into a seldom-checked file. This would be quite nice.

The real solution is e-postage. But for that, a federal do-not-spam list is a good idea.

thad

Re:Actually, the law is good

[mabu]

Forgotten (or ignored) in the cited rant, the law before congress now also mandates a "Do Not Spam" list. This would make moot the question over how the spam was labeled, questions about opt-out, and everything else. It would make it illegal to spam you in any case.

1. Almost all spam is already illegal. This bill doesn't change the status quo. Header forging, relay hijacking, computer tampering, etc., are felonies in most areas.

2. The bill does not address the most important issue of how the 'illegal' activity would be enforced, or whether it would be. The authorities have a clear track record of not pursuing these cases and this bill doesn't address that problem one bit.

3. You'd be really naive to think an opt-out list would work. Spammers operate in anonymously and misrepresent themselves differently in each and every campaign. Tracking them down is the problem.

4. There's no provision to address international issues. An opt-out list would only apply to the U.S. and it would take 10ms for a spammer to get around that loophole.

5. You speak of whitelisting... yes, a whitelist would work, but an smtp whitelist, not an e-mail address whitelist. An e-mail opt-out list would be a veritible gold mine for spammers.

6. An opt-out list would also represent a huge privacy invasion, as demonstrated with the do-not-call list, which allowed AT&T to create a massive IP-based identity database. If anyone used a static IP connection to register for the do-not-call list, AT&T now can identify exactly who you are and what you do online like never before. An opt-out e-mail list would be just as bad.

The IP identity database is the biggest threat to online personal privacy ever. And worst of all, there are really no enforceable privacy laws for anyone over the age of 13. AT&T is now sitting on top of one of the most valuable and revealing databases ever created of online users, and they can likely sell or use this database however they'd like. Of course, they're probably not even going to acknowledge its existence but we all know they and several other companies, (like one starting with "Cyv") are doing just this.

The real solution is e-postage. But for that, a federal do-not-spam list is a good idea.

Why do people actually think there's any way such a system would ever work, much less be practical?

the ISP has some responsibility

[fermion]

The problem with most spam laws is that they tend to exempt the ISP from any liability. The language is such laws generally assume the ISP has no control over the spam and is completely innocent.

Which is of course completely wrong. There to appear to service providers who are helping the spammers. These organizations will not respond to complaints. The organizations will say that it "is not our problem" even though it appears they receive compensation from the spammer. The organization seem to have a business model that depend on spammers. However, because they are only the conduit, they are not held responsible.

In some ways this is ok. Just like UCE would be much more palatable if the sender did not forge headers and use other deceptive practices. What i would like to see is the ability to prosecute service providers that do not enforce a minimally acceptable terms of service or have a pattern of behavior that aids the spammers.

Re:I assume they are dancing in the streets becaus

[e2d2]

I assume they are dancing in the streets because they bought 12 van halen cds for the price of 1

I suspect they also have viagra hard penises and oxycontin enhanced stares. Careful, they might charge. Keep your distance from these swine. They might request your credit card # to verify your identity.

An axiom of capitalism

[Mag7]

The price of capitalism is marketing

Not quite.

[Angram]

There's a fine line between making the text offensive/misleading and adding in a few words that obviously don't belong. I'm well aware of the normal trend of trolls modifying stories, however this doesn't really qualify on a significant level. It's not funny or offensive - in essense, why'd they bother putting in the effort?

freedom to speak implies freedom not to listen

[rbird76]

Mr. Morrissey can think and write as he wishes - but I should not be obligated to read his output (or that of the millions of spamming brethren he represents) or have either me or my business pay for them. Spam forces others to listen to the author's viewpoint and forces the unwilling listener to pay for it. Spam as free speech is a method not entirely consistent with the 1st Amendment you claim to defend.

If spam is free speech, then there's nothing wrong with Mr. Morrissey getting some. If it's wrong, then there's something wrong with his defense of it. Your defense of his stance is thus not consistent. Don't worry, though, there's still time for you to join the SCO legal team before they go out of business - they could use your incisive wit to support their further incursions into legal insanity.

Let's hit the politicians with their own medicine.

[herrvinny]

What about spamming them? Each person is a separate advertiser, right? So each slashdotter can fire off one message /day. Even if the pols try to unsubscribe, it's a combination of senders and advertisers, right? So one slashdotter can authorize the rest of the slashdotters to send an email, then another, etc.

Spammers Dancing in the Streets

[Creigh]

Not to put too fine a point on it, but if you're in the USA, Spammers SHOULD be happy and you should be happy that they're happy. It's called the First Amendment and it's a lot more important than anyone's petty convenience. Some of those anti-Spam fanatics really just don't get it. But they should would if those short-sighted folks ended up without a First Amendment. A little trash mail is a very small price to pay for protecting our precious rights, like the First Amendment.

Re:Spammers Dancing in the Streets

[Steve+B]

This is a PROPERTY RIGHTS issue, not a FREE SPEECH issue. Period.

Re:Spammers Dancing in the Streets

[e_AltF4]

Can't the spammers' tiny brains remember the fact that SPAM IS NOT free speech ?

Re:Spammers Dancing in the Streets

[mudshark]

You are an idiot. You're also wrong. Here's why:

1) Spam is theft of service. This is illegal activity, not protected by the 1st.

2) Spam is also fraud and misrepresentation, typically in the realm of interstate commerce. Once again, highly illegal on many counts and not protected.

And even if you stick your fingers in your ears and scream, "LA LA LA I CAN'T HEAR YOU," to my first two points, then 3) spam is commercial in nature and thereby not subject to 1st Amendment protection.

Have a nice clue.

Hmmm... sounds like this law is about as good...

[Trolling4Dollars]

...as the "let the market decide" mantra of the capitlists. Letting the market decide has been an abyssmal failure as I am certain this federal anti-spam bill is likely to be. Both of these failed approaches rely on businesses being "good citizens" which they have proven over and over again that they are not. If there is some way for a business to bypass a law or rule in order to make more money, they will do it. But, the current administration doesn't have a problem with this. As long as they are in power, we are going to see more of our freedoms taken away (like the right to the pursiot of happiness which in my case is a commercial free life) and more of the corporate "rights" bolstered.

Keep this in mind when you're at the polls in 2004: "Businesses are not inherently good".

DAMN GOOD IDEA

[sulli]

I will try this tonight or tomorrow. Very clever.

Re:DON'T LIKE THE HONORABLE MR.BUSH, PUSSY LIBERAL

> -- A proud patriot and Republican voter

My condolences.

HAVE A PROBLEM WITH OUR LEADERS, COMMIE?!

Don't like it here in the good old US of A?! Piss off and move to fucking France, asshole!!!111

-- A proud patriot and Republican voter

Re:HAVE A PROBLEM WITH OUR LEADERS, COMMIE?!

Stop fooling around with the intarweb, Ashcroft.

Re:HAVE A PROBLEM WITH OUR LEADERS, COMMIE?!

Don't like it here in the good old US of A?! Piss off and move to fucking France, asshole!!!111
-A proud patriot and Republican voter

PUBLIC NOTICE: Contrary to the impression conveyed by the parent, not ALL "patriots" and Republicans are potty-mouthed scumsucking morons. Most of them, perhaps, but not all.

---
Patriotism (n.) The last refuge of scoundrels.
-Samuel Johnson, author of the first dictionary of the English language

what a defeatist

That's like saying just because criminals don't obey gun purchase laws means all gun control laws are useless.

Hey, ya gotta start somewhere.

Huh?

[hendersj]

OK, it's a nit, but:

Violators are subject to awards up to $2 million, potentially tripled for intentional violations, and five years in prison.

Come again? Violaters get an award but spend time in prison?

Make it international, and you could buy your way out of prison. Sounds like a heckofadeal to me!

Slightly Amended?

[Fjord]

"On Saturday morning, after an all-night session, the House voted 392-5 to pass the slightly amended version of CAN-SPAM."

Is it me, or dd this article make you want to know what those slight amendments were?

A real spam solution

[commonloon]

wire cutters, cat 5 cable, 10 seconds.

If it's anything like the spam I get...

[IANAAC]

About, oh, 80-100 characters to the right of the Subject line is a very clear label - "afdgkbj gfda hnrabs sf bgfb sfgfda nhmflwje" :-)

Re:If it's anything like the spam I get...

Filtering on several spaces in a row does catch some spam and a shitload of worms.

PROBLEMS WITH HONORABLE BUSINESSMEN, COMMIE PIG?!

Don't like it here in the good old US of A?! Piss off and move to fucking China, asshole!!!11

-- A proud patriot and Republican voter

Outrage

The FTC is PROHIBITED by this law from defining the label.

This is what was bought and paid for by the corporate authors of this bill.

Ugly

[mark_space2001]

Well, I'm pretty disappointed. I'm not sure there's much to do other than wait for the backlash for this POS. I can't believe how obviously venal our federal legislature is.

Maybe a little activism will help? Anyone interested in writing letters to congress-critters and newspaper editors? Maybe appearing on local news explaining the issues? Post a follow up to this if you are. I ain't the most photogenic or articulate guy so I have to help out in the background. If more than a few responses show up, we'll get organized and do, I don't know what, but something. I'm just P.O.'d right now.

DON'T LIKE PATRIOTISM, LIBERAL PIECE OF SHIT?!

Don't like it here in the good old US of A?! Piss off and move to fucking France, asshole!!!1111

-- A proud patriot and Republican voter

Re:DON'T LIKE PATRIOTISM, LIBERAL PIECE OF SHIT?!

"A proud patriot and Republican voter"

AKA an oxymoron. Stress on the moron.

Finaly the Truth!

[forty-2]

``This bill does not stop a single spam from being sent. It only makes that spam slightly more truthful. whoo hoo! now my penis realy will be 20% bigger!

Jeebus help us all...

[Eggplant62]

This is the worst thing to hit in the spam wars yet. Mainsleazers are given free reign to "prospect via email" and this law will be like all the rest: Window dressing that won't be enforced. Without private right of action, this bill is toothless--the victims of the crime are at the mercy of the enforcement authorities. Seeing how well the enforcement authorities have done so far -- remember how Monkeys.com and Osirusoft.com both got Denial of Serviced off the net by virus-wielding spammers and the Feds paid *no* attention to the complaints by both operators? -- this law will be enforced no differently: NOT AT ALL.

Feel free to call your senators and house members up and *thank them* for the spectacular way they bowed to the forces of $$BIG MONEY$$ yet again. And ask them kindly if they can spare a bottle of Astroglide(tm) to ease the situation.

not SO bad

[DrJAKing]

Practically speaking, it's not as bad as folk are making out; sure, it means we'll still get too much crap, but these days the only spam that gets through my filters is thatwhich deliberately includes big sections of low medium frequency non-spam words to try and pollute my bayesian corpus. None of the spam that complies with this law will fit that bill, so I won't see it.

And don't forget, spam is like a little ping to tell you your mail server's OK - if you don't get any for a while you know something's up. These guys are doing us a service!

DON'T LIKE THE GOVT', COMMIE?!

Don't like it here in the good old US of A?! Piss off and move to fucking China, asshole!!!111

-- A proud patriot and Republican voter

Re:DON'T LIKE THE GOVT', COMMIE?!

[Just+Jim]

A proud patriot and Republican voter Oxymoron (or is it just moron?) alert

National opt-out list

[sulli]

Which will be treated as the national opt-in list by the first foreign spammer to get a copy of it.

Its out of control.

[i_am_syco]

Spam is totally out of control. Even if laws were made to counter spam, they wouldn't be enforcable because they aren't tracable. However, something must be done. They cause huge problems for users, who must sift through penis enlargement and get 7 billion trillion buckets of ice cream licking stamps to get to the actual email they read (my personal inbox consists of over 300 pieces of spam a day, with as little as 3 or 4 emails I care about). They also create huge problems for mail providers, especially ones for smaller ISPs, who have ALL that traffic. It probably destabilizes the entire internet as whole. It'd be interesting how much bandwidth spam email takes up over the course of a day. BusinessWeek alerted me to a good idea for how to eliminate some spam. Using a similar technique as web forums and such that have those cool randomly generated number images, email systems could require that a user enter a number to send an email. It'd reduce the amount of auto-gen spam by a huge number while still not being too much of an irritant to users.

Re:Its out of control.

[aXis100]

TDMA is similar - you send mail to someone, it sends you back a confirmation, you reply, then you get whitelisted.

This way, a new sender must have a valid return address to send unsolicited mail. You could even make the process more manyal by having the image you talk about.

Re:DON'T LIKE THE HONORABLE MR.BUSH, PUSSY LIBERAL

bahahaha! what a fuckwit.

What choice do you have? Well, maybe...

[Dynamic+Ranger]

Some people have two emails; one is called a "spam farm" (I think). This email address is what you put on any form or webpage that requires it to get stuff done.

The other you give to friends etc. If your spam account overflows, who cares? You didn't give that address to anyone important.

Re:DON'T LIKE THE HONORABLE MR.BUSH, PUSSY LIBERAL

I concur.

All pansy liberals should be moved to reeducation camps.

After we accomplish that, we'll get the pansies and liberals left over, then we can get the gun-owners, the labor agitators, the activists, and anyone else subversive.

Get Martin Luther's "The Jews and their Lies" for required reading for how we are obligated by Holy God to drive and burn out these terrorists non-white scum.

Good old free America.

Changes Made to the Bill by the Senate on Tuesday

[langles]

If you pay attention to some of the news stories today about the Senate vote, you will notice that the Senate has revised the bill slightly.

Some of the changes are listed in a news release from Sentator Burns' website:

The final CAN SPAM Act includes changes not in the earlier Senate passed version, including increased damages up to $250 per spam e-mail with a cap of $2 million that can be tripled for aggravated violations. For e-mails using false or deceptive headers, the cap does not apply. Additionally, the revisions to the earlier bill enhance FTC enforcement authority.

This means that the House gets to vote again on the revised bill - probably after Thanksgiving

I don't know about you guys (and gals), but...

[NWRefund]

...I wrote to my Senators and my Representative, describing why I'm so disappointed in what they've done. I'm willing to bet that most Senators and Reps were first introduced to computers when they got elected, and someone showed them the magical wonder of "electronical mail."

I think we need to educate them, folks. Write them and explain why this issue is so frustrating.

How about a new protocol?

[miskatonic+alumnus]

I know it's been suggested before. I'm no IT expert, so maybe I'm talking out of my ass. But here goes: Suppose there was an e-mail protocol similar to ftp -- that is having a control port and a data port. Very long crypto keys would be exchanged over the control port for authentication -- a key-pair for every sender/receiver. Then, if the header of an e-mail over the data port is missing the correct key, the mail gets dropped. The keys could be kept on a database at the users ISP. The keylength would essentially keep the spammers from effectively guessing and reaching an inbox. If a key were compromised, notify the ISP to drop the key. Then establish a new key with whoever the previous key worked with. As an added benefit, you would have some information about who compromised it. I'm sure those more experienced in these matters will shoot this full of holes. But perhaps with modifications it could work. My $0.02.

Spam means nothing to me.

I use a whitelist email addy for my friends and family and I use junk email addys when I sign up anywhere for anything that might result in my getting spam. As for an email account for buying things on the Net, I use it only for buying things and I don't have any spam problems. Unfortunately, many people have email addresses which they can't change or which are posted on websites, so for them spam is a problem, but for me spam means nothing.

Re:PROBLEMS WITH HONORABLE BUSINESSMEN, COMMIE PIG

fucktard

That's absurd

[unicorn]

The decision to implement Spam filtering is going to be made, long after the apps that it runs against are implemented.

And anyone that is shopping for apps/servers and is sufficiently aware of problems like Spam, is going to be aware of the sercurity holes prevalent in MS code, and will avoid their stuff anyhow.

Waste not....want not.

[Stumbles]

Well if the spammers are pleased by the bill it most certainly means our legislators wasted a bunch of our money for nothing.

JUST READ CHOMSKY TO UNDERSTAND THIS

[Cryofan]

Chomsky explains all this in his writings. Basically, what with the extremely low voter participation rates in this country, we have pretty much given over control of the state to corporate interests. The govt and the media collaborate with corporate interests to make sure we are a captive audience for advertising, and a captive labor pool.

Re:JUST READ CHOMSKY TO UNDERSTAND THIS

Hey Cryofan,

Comrade, nice work bringing Chomsky into the discussion...the Party is pleased with the reference.

Speaking of which, it's your turn to hold the cell meeting this week. Make sure to bring extra copies of Pravda to distribute.

Signed,
Your Fellow Traveler

p.s., The only thing Chomsky explains is that, outside of linguistics, he's a blithering idiot. Both he and you are followers of a thoroughly discredited political philosophy.

Re:DON'T LIKE THE HONORABLE MR.BUSH, PUSSY LIBERAL

[F34nor]

+1 Sarcasm

ISP's can sue, but users can't?

[forevermore]

Not that I can find the exact text of the law anywhere, but everything I've read about it says that only ISP's and Attorneys General can sue spammers. My question is what consitutes an ISP? I'm an end-user in most sense of the term, but I own/host several domain names for friends/family, including email services. I do this as a favor and don't make any money off of it, but I am providing an internet service. Does this mean that I can sue spammers as an ISP? After all, it's my mail server, my paid-for bandwidth (even if just a DSL connection) being wasted, and my time wasted trying to beef up my filters to keep the spam out.

Re:ISP's can sue, but users can't?

[Ken+McE]

It's worse than you thought. As an ISP you can sue, but you have to be able to show damages. You also can't file in small claims or the local county courthouse. You have to file in a FEDERAL court. If you can't show $75,000 (US) in damages they don't want to hear about it. Also, at this level no normal person can even try to represent themself, you are looking at a licensed attourney and probably $20,000 (US) in legal bills if you want to win.

Re:PROBLEMS WITH HONORABLE BUSINESSMEN, COMMIE PIG

stfu, paedophile

And the name of the Act:

[RPoet]

I can't see anyone has mentioned the hilarious and honest name of this new act: CAN-SPAM ("Controlling the Assault of Non-Solicited Pornography and Marketing Act").

At least the DMNews article is honest.

[leeward]

I found the lnguage in the very first sentence in the DMNews article to be refreshingly honest. It refers to California's anti-spam bill versus federal spam legislation. It looks to me like they are acknowledging that the purpose of the federal legislation is to promote spam.

this will be determined during rulemaking

It is typical for details like this to be filled in during rulemaking by a body such as the FCC.

What is an ISP? Potential loophole?

[B.D.Mills]

From the CAUCE website: The law would only permit the FTC, state Attorneys General, and ISPs to bring actions against violators.

So what, under the definition of this legislation, is an ISP? Can you hook up a modem to your home box and claim to be an ISP because you have the capability to supply dialup internet services? If so, then you could hook up a modem and start suing the spammers....

There will be no opt-out list

[leerpm]

The law only gives the FTC the authority to make the list. But the FTC has stated they have neither the resources nor the technology to implement such a list.

FTC is prohibited from defining the label?

where does it say this in the bill text?

This is just the groundwork

[mikey504]

Once the law is in place and spammers are allowed to let fly with impunity without fear of prosecution (because, as one person pointed out, it's free for them to use the resources of others in order to do so), then someone will get the bright idea of making it cost money to send spam.

And viola`-- they will have conned us into begging them to "tax the internet", which is something they have been trying to figure out ever since it showed up on their radar screen. Sure it's neat, but how can we TAX it?

Re:Typical Conservative Thinking

[UdoKeir]

This weak-minded conservative appears to like it:

"Now we can go back to looking forward to opening our inboxes in the morning because we'll have notes from our friends rather than herbal supplements and mortgage offers," said Rep. Heather Wilson, R-N.M.

The only weak mind in action at the moment is the original poster that sought to link this useless bill to his paranoia of "librul" politicians. Or perhaps it was a carefully crafted troll designed to look like an idiot?

so, only bulk UCE should be banned?

or only UCE directed at consumers. I mean, I have a new type of razor I want to sell. Why should a company get spam and a person not? Oh, beacuse the company has listed their email address on their main page?

Spammers happy with 'anti'-spam act?

[danme]

If they are happy - I'm not happy...

Scammers

[meatpopcicle]

Why did the government consult the spammers? You dont make a deal with the criminals do you? Why should the government get involved with these people? They are the ones causing the problems and will most likely have it written so that the law will be ineffectual.

For a world power the United States sure has no backbone when dealing with criminals! Once lawyers get involved, it appears all the military might in the world proves to be useless.

Obviously sinc our Government has failed us

[Bruha]

It's time for the people to stand up and use technology to deal with the problem.

And maybe it's high time we all demanded a law that prevents our politicans from getting any money from businesses or orginazations.. We pay them enough already it's time they represent us not those who fund their campaigns!

Sue 'em all.

[H8X55]

So we're getting rid of spam. And telemarketing.

And while they're at it, how 'bout a law against junk (snail) mail? You know, i'm tired of those coupons that Val-Pak keeps sending me. Let's write legislature against them too. You know, those women at the cosmetics counter at the high dollar department stores harrass my wife every time she walks by, can we get a congressional inquiry on that as well? i really hate going into my favorite consumer electronics store, buying a new whatever, and then being harrassed by the folks trying to sell me a performance service plan. let's fine these guys!

My point is these are all inconvenient, even rude ways to sell products and services. I hate spam as much as the next guy, but should we really involve the government?

Re:DON'T LIKE THE HONORABLE MR.BUSH, PUSSY LIBERAL

pansy liberals should be moved to reeducation camps

Well, it would be alot cheaper if we just accuse them as terrorist, that way we don't need a trial and we can impose the death penalty -- who wants to re-educate when we an exterminate! The Nazis had the right idea.

Let's be realistic...

[Philosinfinity]

Anti-spam legislation is useless for two major reasons. First, state sponsored anti-spam laws are ineffective at holding spammers accountable for spamming. The methods of hijacking misconfigured international email servers allows an effective anonymous status to those who send the spam. Second, I don't see why home users cannot effectively use whitelist filtering to control inbox spam issues.

Filtering will still be possible

[Rick+Richardson]

Since the postal mail address of the spammer must appear in the body of the email, we will be able to make a list of those addresses and filter based on that.

This is actually better than filtering based on a single tag like [ADV], as you will be able to whitelist and blacklist based on the postal address.

Born in the USA!

[ThatTallGuy]

Bad news, pyros: of the 200-odd major spammers who account for 90%+ of the world's spam, most are US-based. They are only routing their... um... product... through offshore servers to avoid detection. See the ROKSO list at SpamHaus.org.

Re:Born in the USA!

[pyros]

That's what I said, at least that what I was thinking when I typed it. I honestly believe that the offshoredness of the servers used has nothing to do with skirting the law, it has to do with service providers here disconnecting you at the drop of a hat if they think you're using that service to send spam. Perhaps if offshore service providers would take the same stance as U.S. service providers then the U.S. companies wouldn't have access to enough bandwidth to send the crap.

Like a tolling bell

[isomeme]

If, as is expected, the Senate gives final approval and President Bush signs it into law, we may well be witnessing the end of Internet e-mail.

Wow, a prediction of the imminent collapse of (part of) the Net? Isn't that supposed to happen on Thursdays, not Tuesdays?

Seriously speaking, I have absolutely no idea whatsoever why anyone is bothered by spam. My ISP runs SpamAssassin, which spam-scores every inbound message and munges the headers with that score. My procmail sorts anything over a particular score into a spam folder, which I periodically empty, usually with a cursory glance to see if there are any false positives (I haven't seen one for four months, by the way). Anywhere from zero to five spams reach my inbox every day, which I delete; if the number starts to creep higher, I might lower my filter threshold. And that's it. Total labor input from me is about fifteen minutes a week. I spend more time than that rinsing out the office coffee pot. So why all this outrage and law-making and angst?

Re:Like a tolling bell

[aXis100]

Im inclined to agree with you, as my ISP also maks my spam. I tend to only get about 1 - 2 a day. However, here are just some of the reasons why people hate spam:

1) Not every ISP runs a spam filter.
2) There is no limit to the amount of spam you can recieve
3) Spam costs you money/bandwidth
4) Multiply the money/bandwidth costs by the billions of spam, and the waste/cost is unbeliveable
5) Spam is often deceptive and offensive. E.g, little kids mailboxes getting porn spam.

Re:Like a tolling bell

[isomeme]

All good points, but all amenable to technical and economic solutions -- if you don't like spam, learn to fight it, or pay someone to fight it by choosing an appropriate ISP. For that matter, if people would stop responding to spam with their wallets, the problem would go away this week.

Your point 5 is commonly used as a bludgeon by would-be regulators, which makes it especially infuriating to me. I refuse to support making the Net safe for children. Parents should learn to make their own computers safe for children, and far more important, to make their children safe for the net. And I am a parent myself, so I'm not blowing smoke here.

I am extremely reluctant to let government in to solve a problem which individuals can readily solve for themselves. Government regulation is like a Viking or a vampire -- once you let it in, you're already doomed, so the trick is not to let it in.

Re:Like a tolling bell

[oshy]

Re: point 5
Its not just children that it can offend. When I first started to get some in my home account, it looked like they were from someone I had been having an afair with. My wife saw my inbox and freeked. Took quite quite a bit of explaining before she understood that it was junk. Bet there are some split up couples out there where a partner hasn't been able to get their head round the idea of spam.

As for spam filters. You buld a better filter and someone makes more advanced spam that gets past it. They will become more and more like real mail (with their advert hidden inside) untill it will be hard for even a human to tell. Need to stop them at the source.

CAN-SPAM

[Flunitrazepam]

"On Saturday morning, after an all-night session, the House voted 392-5 to pass the slightly amended version of CAN-SPAM."

Awesome name for an anti-spam bill dudes! No wonder DMers are dancing naked in the street

Why were the technophiles suggestions ignored?

[craXORjack]

The federal bill does not ban unsolicited commercial e-mail. Instead, it requires that marketers include a physical address and valid opt-out mechanism in messages along with notice that the messages are ads, plus an honest subject line.

So spammers now must rent a mailbox to stay legal but there is no law that says they must collect their mail. Valid opt out mechanism means nothing because they could take you off the viagra mailing list as you requested but still send you spam for every other client that comes to them. Many spams say they are ads in the body of the message but we need a way to drop the connection before it gets to that point. And "honesty" is only a relative term amongst lawyers.

Microsoft chairman Bill Gates called the bill "a milestone in the battle against spam."

Now I *know* it's a bad law.

As usual, this law just seems to raise the bar for the little guy. So in the future we will still get spammed but instead of getting it from some dick in a Florida trailercourt, we will get it from MSN and AOL who have layers of lawyers and billions of dollars.

can we forward the spam to congress?

[SolemnDragon]

"Dear congressional representative:

I know that you voted for the 'anti-spam' measure recently enacted. However, as many watchdog groups predicted, it has completely failed to stem the flood of spam. In fact, it's gotten worse. Please see the attached piece of mail as a representative sample of what's getting through."

Repeat, with minor variations, with a sizable quantity of the spam that you recieve in your personal inbox. Heck, print some out and send them by post. Even if only a few come in from every hundredth person in their district... that'll get their attention. Label the emails different things... "My response to your vote," "Commentary on recent legislation," "upcoming election." It can't be argued that they don't have a business relationship with you if you're in the US, as they represent you in congress.

Re:can we forward the spam to congress?

[gte910h]

Oooh...There is the way to kill spam. Make it legal to forward all spam to your representative/senators....I bet something effective would come accross really quickly.

A Silver Lining?

[strelitsa]

I can see email whitelists becoming a LOT more popular if this new law passes. Its the only way that email will continue to be usable as a communications medium if spammers are allowed free rein into people's email boxes.

Ed Overstates things

[unicorn]

"If, as is expected, the Senate gives final approval and President Bush signs it into law, we may well be witnessing the end of Internet e-mail."

Basically allowing the deluge to continue as it has been, isn't really going to cause a huge change. We're annoyed now, we'll continue to be annoyed. So be it.

Interesting idea to get the message to politicians

[mabu]

I think we're preaching to the choir complaining about the effectiveness of the bill here, but it might not be a bad idea to address what someone else mentioned, of using technology, but NOT to deal with the spam problem. In truth, this isn't a spam problem, this is a law-enforcement, political priority problem.

Maybe this has been done before, but if not, it seems like a great idea:

How about if we get everyone within their local calling region with the resources to hang a modem on their PC and map an e-mail address that goes directly to the fax machine of their local senators, representatives and district attorneys?

While letting spammers hit these e-mails and bombard politicians' fax machines seems appealing, it might be even more effective to make it very easy for people within their regions to send an e-mail that goes to a politicians' fax machine. (We know most of them don't read e-mail)

I'd be willing to do this in my region. What if we got enough people to do this so we had a nationwide network of e-mail/fax gateways? It seems it would be much more effective to bombard a politician's fax machine with frustrated cries from their constitutients than home-mortgage scams.

The Opposite of the ADV Subject

[Eric+Savage]

While the law doesn't specify a way to mark a message as spam, it does say:

"(2) PROHIBITION OF DECEPTIVE SUBJECT HEADINGS- It is unlawful for any person to initiate the transmission to a protected computer of a commercial electronic mail message if such person has actual knowledge, or knowledge fairly implied on the basis of objective circumstances, that a subject heading of the message would be likely to mislead a recipient, acting reasonably under the circumstances, about a material fact regarding the contents or subject matter of the message (consistent with the criteria are used in enforcement of section 5 of the Federal Trade Commission Act (15 U.S.C. 45))."

So if you were to write a negative test on "this is not an ad" in the subject line, any spam getting through would be breaking the law.

Not realistic, just an illustration that this bill isn't COMPLETELY useless. At least it makes forging headers explicitly illegal, that alone is a big step.

Re:The Opposite of the ADV Subject

[Steve+B]

The only way in which this would be any help is if 1)it is strictly interpreted so that ANY attempt to evade anti-spam filtering (e.g. offering to enlarge your "p3n1s") is prohibited, and 2)the law is energetically enforced.

no need for another law

i dont know why people want to regulate everything, when there is no real need, i find my emailproviders spamfilter extremely effective, it alone kills off over 95% of the spam i get. while i find maybe 1 or rarely 2 spammails in my inbox, the filter catches 30-50 per day. and the best thing is that the whole service is free.

Re:no need for another law

[Simple-Simmian]

Dear Mr Dipshit. I am getting over 400 different peices of SPAM a day.
My fiter catches about 1/3.
I tweak the filter to 99% and in about 2 weeks it's back to catching 1/3 again.
I simply don't want to get any spam. I don't want to have to keep playing games with these spammers.
It's a waste of my time.

Making the wolf outlaw teeth

[northwind]

It was to be expected. It is the way it had to be.
Consider what politicians are doing every day: Trying to sell their ideas as todays sliced bread. Are the pamflets they are handing out at election time spam or information?
How do you spot the difference between "get rid of your debt" and "we clearly need more jobs for people".
Of cause - you can't - you asked the politicians to limit something they can't live without.

Re: Watch the lawyers come stop that...

Just watch. Now that there would be rules in place, the spammers could easily sue ISPs who kill the spam before it gets to their intended recipients.

The only functional anti-spam tool is a whitelist

The only way to end spam is to use a whitelist. Of course this requires a spoof-proof DNS/IP address technology.

Here's the plan:

Write a secure (no buffer overrun braindamage) MTA type server which encrypts from MUA type client to client (PGP with key revocation would be a good start), uses a non-spoofable user/group identity protocol (encrypted, of course), rigorously defined base data types including support for end user defined data types, which delivers only to those identities listed in a whitelist. Support identities of "other" and "anonymous user", in addition to normal identities, with the MUA deciding whether or not to accept delivery.

If separate ciphers were used for encryption of data and encryption of routing and whitelist information, the MTA's could push the whitelist private keys throughout the MTA delivery chain (kinda like routing information forwards throughout the net) and do the whitelist checks as early as possible to kill spam faster.

Each MTA would still run the whitelist check when requested to deliver data and when MTA foo receives a delivery request from an MTA bar, which MTA foo had already forwarded a whitelist to which it knows should have rejected that delivery, MTA foo knows MTA bar is a spammers MTA and can act accordingly.

With a worst case senario of a Spammer MTA in the network, it could be isolated (removed from the MTA whitelist) and new whitelist keys distributed. This assumes the DNS/identity server is clean. In any case data encryption is not compromised, since whitelist scrubbing and data routing is encrypted with a separate cipher.

Allow the encryption key generation and whitelist to be transparently implemented on part of the MUA's. Architect the client and server such that data transport, data encryption, user identification, MTA identification and data type identification are separate plugin modules allowing for differences in hardware or software and easy upgrade of components via version controlled component interfaces.

Give this new protocol a new port to use and license it in such a manner as to prohibit embrace and extend changes, user identity spoofing, MTA identity spoofing, content type spoofing, component version spoofing and SPAM.

This should seriously curtail spam. Additionally it will prevent the carnivores/corporate spies and BOFH of the world from snooping our data.

Plonk! "Chomsky" triggers my mental spam-filter

[Cid+Highwind]

In this case he's right, but I had to force myself really *really* hard to read your post, instead of giving it the standard "subject contains 'Chomsky'; roll eyes and scroll down" treatment. I do the same thing with any subject containing "Ayn Rand" (and a few others, too). I suspect a great many other people have subconsciously trained themselves in the same way.

I really don't have a point here, just musing about the effect certain words have on my opinion of a post before I even read it.

Yes, you "can spam" all you want!

[gessel]

And we made sure there's no useful legal remedy against you!

As an added bonus, we're going to require, at no extra charge, already included in your kind and generous campaign donations, a special feature whereby your victims have to go to your very own webpage to hunt for some "opt-out" mechanism - wink wink!

Just think of all the pop up ads you can sell!

Spamming has never been so profitable and thanks to your very own congresspeople, such as Billy Tauzin, every legitimate business trying to pump up next quarter's earnings has a whole new "legitimate" revenue stream!

We heard your concerns that requiring an identifier might make effective spam filters possible, reducing the profitability of the CPU time and disk space of your victims that you steal, so we made sure the mechanism is utterly useless by making it illegal for the FTC to define a uniform identifier!

But what's that you say - those jail times and fines sound scary? Not to worry - nobody but the FTC can even instigate a prosecution and to do so, your victims have to "prove" your address obfuscation was intentional haha! Ever hear of someone proving a negative?

So no worries - you're home free, thanks to us, your humble legislative servants. We've delivered, now give us our next contribution.

Sincerely,
Congress.

Time for Open Source to code a DNS (Do-Not-SPAM)..

[openmtl]

Sounds like its time for the Open Source community to create a do-not-spam list server for the Feds to host. Screw waiting for the Feds to take another 10 years (i.e. from 1991 for the do-not-call). Give a whole new meaning to DNS - DO NOT SPAM, because such a list srever would have to be as grunty as a root DNS. I also envisage a hash server for real spam too to show that the do-not-spam was searched. The spammer does an MD5 hash of the spam message and then passes this to the do-not-spam yes/no server with your email address. The do-not-spam replies back with a timestamped cryptographic hash made up of the spam MD5 hash+your email + yes/no reply from do-not-spam. Thus end user mail servers can verify that the spam content is intended for that particular email destination and was not-not asked for. Sounds like an easy to implement thing to me.

Maybe we should try something else...

Actually it would be technically quite possible to make spamming so (computationally) expensive that it wouldn't be feasible. Only the e-mail clients would have to be changed slightly..

http://www.cypherspace.org/adam/hashcash/

http://www.cypherspace.org/adam/hashcash/docs/ha sh cash.html

why spam is evil

[harlows_monkeys]

The reason spam is evil, and must be stopped, is that it is not tied to the rate of consumption of anything the recipient does.

Consider TV ads. You get, say, 15 in a half hour. Watch more TV, see more ads. Watch less TV, see less ads. If a new advertiser wants to get a TV ad to you, they have to displace some other ad. You still get 15 an hour.

Same with ads in magazines. Read N pages, see K ads. Read 2N pages, see 2K ads.

Same with banners ads on web pages. View a slashdot story, see a banner. View two stories, see two banners.

With spam, if someone wants to send you a spam, that adds one to the total number of spams you get. It's not tied to the amount of mail you send, or the amount of non-spam you receive, or your amount of time online. It is capped by your mailbox capacity, but that is about it.

No form of advertising should be allowed that is not directly tied to the rate of consumption of something at the recipient end, unless the recipient agrees to it.

Note that this means that not only is spam bad, but email advertising even from companies you have a business relationship with, unless asked for, is bad, even though that is usually not considered spam.

heh

[phillk6751]

what kind of a dumbass lets Microsoft and AOL, of all corperations, make the decision on an anti-spam bill?

RNice sig, but I like Ambrose Bierce's line better

Patriotism (n.) The last refuge of scoundrels.

However (regarding patriotism) I would submit that it is the first. -- Ambrose Bierce

make them pay!

[daniel23]

So may be I miss something but I think the solution to the spam problem is not that hard to find and it is not by legal measure, will take only some technical expertise in implementation and relies basically on the economics of spam and some organization.

The economics of spam have been described like this: the costs of sending spam do not vary significantly wether a spammer sends hundreds, thousands or bazillions of mails. With zilch costs per spam mail a return rate of 0,0000001 still makes a lucrative business model.

Now do the calculation with setting the costs/spam at 1, 3, 5 cents (and it makes no real difference which currency you take here) - suddenly spammers see themselves confronted with a risk. IANAMBA but I assume that even a minor fee per mail would push most of the spammers out of business, leaving only the trademark behemots who in turn will be easier to grasp for some regulation like that US legislation discussed.

Who would suffer?
Everyone sending mails facing a new fee?
Nobody cares about real mail traffic, there should be some generous margin gratuite to cover most of the legitimate users, say 20,000 mails/day.
Those millions of legitimate mail list servers with a community around them? The bulk of them would be covered by a quota of 20k mails/day but some would not. So there should be some mechanism to validate a list server by it's recipients' vote (like counting/checking subscriber submissions or asking subscribers to forward some incoming posts to an address).
Policies of this kind would have to be implemented by ISPs and doing it would cost them real money. Plus, there would probably be a need to have some authority to handle disputes and testify compliance. That body would need some financing as well. On the other hand, ISPs who enforce such policies should receive a significant rebate on a global spam tax added on all interconnection fees. Again, there may arise the need for some authority to organise this.
So we get a white list of testified ISPs with low spam probability. Getting on this list pays for an ISP since it helps avoid the spam tax. The 'good guys' get more customeers since they can offer less expensive services, the other ISPs have the freedom to go on like they wish, but they face the costs they induce as they have to pay the spam tax. The spammers may spam as they want but they will end up paying for the trouble they make, one way or the other.
What it takes to create such a structure is: a) an according intiative and b) a accepted body to conduct. Icann? What are they doing anyway with regard to a problem which has grown to be a threat to the net?

Not too late...

[rmckeethen]

According to Yahoo!, this afternoon the US Senate approved changes to the 'Can SPAM' Act, i.e. S.877. If I'm reading this right, it means that the Congress will need to go back and vote on the measure again before it hits the President's desk. Since House members are already off for the Thanksgiving holiday until Dec. 8th, we'll still have several days to let Congress know that we're unhappy with the bill before the final vote. While I realize there's little chance we'll see any major changes in the bill, you never know, stranger things have happened.

Personally, I was looking forward to suing SPAMers here in California. It sounded like a nice new occupation for all of us out-of-work IT staffers.

Re:Not too late...

[sik+puppy]

You are correct - any changes to the bill must be re-approved.

However, expect this to be a rubber stamp. Everyone needs to speak up loudly. Call your local newspapers and television stations and ask them to report on how this bill will actually make spam worse.

When calling a television station, ask for the news director.

Lets kill this POS before its too late

This law does have some slight advantage

[Julian+Morrison]

Namely: to comply they have to mention it's spam. Yeah I know the law doesn't say HOW they have to mention it. But they have to do it somehow or other. The english language and its derived acronyms are bountiful, but not infinite. Sooner or later, all the boilerplate phrasings are going to make their way into my bayesian filters. Likewise with the boilerplate for "opt me out".

I suspect a lot of spammers will comply (or at least emulate the appearance thereof), so as to paint themselves as "legitimate". My filters thank them in advance, for they shall feed well. *insert sfx: deep booming evil laughter*

OOPS - my reply reposted WITH all the text

[mwillems]

Mullen, let me explain why I disagree with at least one of your arguments.

First, though: namecalling never helps. Whether this senator is liberal (whatever you think that means - I think it means "in favour of freedom" - cf, your dictionary) or not should not affect his arguments. Now as for your arguments.

[1) Most spam that ends up in U.S. mailboxes comes from overseas, so no US law is going to stop that.]

Not true: US law can stop the beneficiaries. The sleazebag with the PO Box in Reno who in the end receives your penis patch money.

[2) Spam actually works on an economic level, if it did not, then no one would spam. Spammers spam, because spam works.]

Yes. But if we make it even just a bit more difficult they will not earn money as easily.

[3) Spamming is easy. Make it so addresses can not be spoofed, email headers can't be forged and MX records have to match up with A records ]

Mmm. Now who believes in big government? The government dictating how tech works? That is hwo we ended up with Bell, selling 1940 style phones in 1980...!

Cheers,
Michael

Not even improvements to SMTP will fix spam.

[Onan]

Unfortunately, all the improvements to SMTP that I've heard proposed would still be rendered moot by the insecurity of Windows.

Strong authentication to a mail server that knows you personally? Unforgeable headers? Hash cash? Great ideas, but not ones that will have any effect on millions of compromised Windows systems each sending a small number of messages properly through their own mail servers.

Do you have some improvements in mind which would obviate the zombie-army problem? I'd love to hear them.

Re:Not even improvements to SMTP will fix spam.

Do you have some improvements in mind which would obviate the zombie-army problem? I'd love to hear them.

Once you have strong authentication (e.g. this e-mail comes from Donald Smith, US passport number KT162093), centralized spammer lists start to become effective. i.e. press a button to declare a spammer; if too many mails from Don Smith are declared spam, Don Smith appears on blacklists. You're free to choose which blacklists you're using to block your spam and which blacklists you're contributing to (if any).

If some compromised Windows system is used to send spam wrongfully coming from Don Smith, Don Smith can apply for a new authentication key and he'll be clear. Just make it a PITA to get a new key (having to pay a few $, or having to fill forms and show pieces of identity).

Re:Not even improvements to SMTP will fix spam.

"Do you have some improvements in mind which would obviate the zombie-army problem? I'd love to hear them."

Try this one

Re:Not even improvements to SMTP will fix spam.

[schon]

if too many mails from Don Smith are declared spam, Don Smith appears on blacklists. You're free to choose which blacklists you're using to block your spam and which blacklists you're contributing to (if any).

How is that any different than what we've got now?

Epitome of fucking-loser-with-nothing-better-to-do

[pr0ntab]

I think we can all agree on that: The Serial Slashdot Troll.

After all, you should know.

It's even worse than that!

[eberry]

Even if there were a way to limit how much spam you get based on how much mail you send, what gives anyone the right the spam you? Unlike TV/Radio/Etc, spammers are NOT providing you with mail service. In much the same way as telemarketers don't supply the phone system but still hassle you every minute about a lower mortgage.

And btw, this proposed law will do nothing. Take a random sampling of spam you receive and check the IP address. All mine comes from China. Do you ever get the idea that this country is run by D students?

It's even worse than you think

[Animats]

The opt-out provision only applies to the specific company being advertised.

No. It's even narrower than that. It only applies to the specific line of business of the specific company being advertised. So one spammer can send you a Viagra spam, a mortgage-refinancing spam, an inkjet cartridge spam, a long distance spam, a cigarettes-by-mail spam, an extend-your-warranty spam, an online greeting card spam, a dating service spam, a credit card spam, a debt-consolidation spam, and a wireless video camera spam. You then have to opt out of each one separately.

What Can We Do About This?

[alizard]

Tell everyone you know who did this to us. If you know anyone running against an incumbent, let that challenger know who did this to us, and why that person's level of spam has gone up and very possibly, why his ISP bill (and yours and mine) has gone up as well.

Chances are, your Congresscritter and Senators voted YES!!! But to be absolutely sure:

• Congressional roll call vote
• Senatorial roll call vote

And if your representatives voted YES, vote for ANYBODY else. This isn't just about screwing up our inboxes and the Internet itself. A Yes vote means that the representative is so dangerously and completely clueless about technology as to endanger us all.

You want a person clueless enough to screw this up deciding what high-tech weapons systems DOD gets, or what NASA projects need funding, or about anything else having to do with the Internet? The Net isn't just about geeks anymore. It's the communications backbone on which governmental, military, and business communications depend. Imagine the kind of traffic the last Windows megavirus attack being normal on the Internet. Is this likely to improve its efficiency?

Will this help businesses (other than spam) function better? Would you like to be in a war zone and discover that you can't find what the hell you've been ordered to do because your inbox is full of "Penile Enlargement" messages, each in full compliance with S.877 with a real snailmail address on the bottom?

Most of us have been saying for years that our Congress is dangerously and fundamentally clueless about technology. The DMCA passed by comparable majorities. At least in areas where the voting machines aren't e-votescam hardware, we might have a chance to get rid of some of these idiots.

This is about to become proof visible even to Joe Sixpack that Congress does NOT know what the fuck is doing. IF Joe Sixpack is told what it means. The typical Internet user is Joe Sixpack now.

Don't depend on the media to get this story out.

Finally, here's the honor roll of every single member of Congress who voted NO. (there aren't any Senators who opposed this. Vote for these guys and support them, regardless of what you think of the rest of their political views.

• Honda
• Kucinich
• Paul
• Jackson-Lee (TX)
• Lofgren

We know that bad decisions about technology by elected officials can endanger our jobs, the economy, public safety, and the lives of members of our armed forces. So far, it's just us that knows because the comprehension gap between us and Joe Sixpack is just far too great.

If Joe Sixpack is getting 50 spams a day instead of 20, and he is informed that a law passed by his representatives made this possible, he'll get it. So as soon as this happens, tell your non-tech friends and families and co-workers.

Don't worry about the "Do Not Spam" registry, anyone who opts out of US spam will get it replaced by Nigerian and Chinese and Taiwanese spam. How long before spam ads for the "Do Not Spam" registry CD of "XX million e-mail addresses confirmed by the US Government" show upin your e-mail?

This is a unique opportunity. Don't let it go to waste.

At least the bill is aptly named.

"CAN SPAM" Act, indeed!

"Yes Sir, Mr. Ralsky, now you CAN SPAM all you want, because we're overriding all state laws--especially the ones like California's, that had some teeth--and legitimizing spam! Also, it denies all private right of action, and allows hundreds, if not thousands, of loopholes for creative 'direct marketers' like you to use!"

I wonder how much bribe money--oops, I mean "soft money"--it took to buy this bill. It's worse than no Federal anti-spam law at all.

Congress has been bought off by the spammers, and they've sold us all down the river.

MOD Parent Up

[miskatonic+alumnus]

Thanks for the info. I checked out http://www.ietf.org/internet-drafts/draft-danisch- dns-rr-smtp-03.txt Good read.

You want to get rid of spammers?

Put a "Kneecap Spammers for Jesus" bumper sticker on your car. If you see anyone giving you a shifty look, grab your hammer!

DMA?

[CelticWhisper]

You better not be spamming my RAM!

The horse is already out of the barn, friend...

[TrentC]

We must take action before this crap bill is passed!

You apparently missed the part where this bill was passed last week. Only the lack of a presidential signature is keeping it from law at this point.

Jay (=

Re:The horse is already out of the barn, friend...

[JuggleGeek]

You apparently didn't RTFA that you just linked to. The Senate has passed a bill. The Senate has passed another bill which is similar, but different. Before anything goes to the president (who I'm sure will sign whatever nonsense they eventually agree on) they have to pass the same bill. That has not yet happened.

I'd just as soon they agree, pass it, and see just how useless it is. After that, maybe they'll consider a true anti-spam law, instead of one designed to make spamming OK.

Microsoft said: "Let There Be Spam!" (was AOL/MSFT

[elvey]

Proof AOL/MSFT support spam:

. . . And On The 17th Day Of June, Microsoft Said: "Let There Be Spam!"
6/17/2003
AS MICROSOFT ANNOUNCES LAWSUITS AGAINST SPAMMERS IN WASHINGTON, IT WORKS TO LIMIT ABILITY OF CALIFORNIA SPAM VICTIMS TO GO AFTER SPAMMERS

SACRAMENTO - Backed by Microsoft, America Online (AOL) and Yahoo!, the Assembly Business & Professions Committee today refused to permit a vote on SB 12 by California State Senator Debra Bowen (D-Redondo Beach), a bill that sought to create the country's toughest anti-spam law by requiring advertisers to get permission from computer users before sending them unsolicited ads.

"Spam accounts for more than half of all e-mail sent, sticking businesses with a $20 billion tab for unsolicited ads they didn't ask for and don't want," said Bowen (D-Redondo Beach). "Spam isn't legitimate advertising and it's not free speech - it's basically high-tech junk faxing that forces e-mail users to pay for someone else's advertising campaign through slower computer service and higher Internet access fees."

Today in Redmond, Washington, Microsoft announced it filed 13 civil suits against U.S. spammers for sending unwanted, deceptive, commercial e-mail to Microsoft customers. Meanwhile, at that same time, Microsoft was testifying in Sacramento, California, before the Assembly Business & Professions Committee against Senator Bowen's bill, that would have banned spam and created an "opt-in" system for sending unsolicited commercial e-mail. If enacted, it would be the strongest anti-spam bill in the country, but Microsoft opposed it because it would have required businesses to get permission before sending e-mail ads (a concept known as "opt-in") and would have allowed individual e-mail spam victims to sue spammers for $500 per spam.

"Who do you trust to protect your e-mail inbox in the war against spam, Microsoft, AOL, and Yahoo! or the Attorney General and California's Privacy Rights Clearinghouse?," asked Bowen, referring to the three leading opponents and the two leading supporters of SB 12. "If you don't want to be sued for sending spam, don't send spam, it's not all that complicated.

"Microsoft, AOL, and Yahoo! sit in committee with a straight face, saying they're trying to improve the bill, while at the same time they're back in Washington, pushing measures to wipe out this bill and every single anti-spam law that states have adopted over the past half-dozen years," continued Bowen. "Why? Because they don't want to ban spam, they want to license it and make money from spammers by deciding what's 'legitimate' or 'acceptable' unsolicited commercial advertising, then charging those advertisers a fee to wheel their spam into your e-mail inbox without your permission."

SB 12 repeals California's "opt-out" spam statute in favor of a tougher "opt-in" system modeled on the federal law that bans unsolicited fax advertising. The bill requires companies that want to send e-mail ads to get an e-mail user's permission in advance if they don't already have a business relationship with the person. SB 12 allows any Californian who receives unsolicited ads to sue the sender and the advertiser in court for $500 per spam and the judge can triple the fine if he or she finds the sender willfully and knowingly violates the California ban. The bill also requires the court to impose an additional $250 per spam civil penalty to be directed to high tech crime task forces throughout the state in any spam judgement.

A June 10 report by the Radicati Group found e-mail spam will cost companies $20.5 billion in 2003, and by 2007, businesses will be forking over nearly ten times that amount of money, or $198 billion, to battle spam. A June 2 report by MessageLabs, a private anti-spam service, found 55.1% of all e-mail sent in May 2003 was spam. Jupiter Research found U.S. e-mail users received more than 140 billion pieces of spam in 2001 and an estimated 261 billion pieces in 2002 - an 86% increase. A Harris Interactive (www.harrisinteractive.com)

Re:Microsoft said: "Let There Be Spam!" (was AOL/M

[Keeper]

The language of the law essentially defined spam as "unwanted email from a commercial source". This means that if you didn't want it, it was spam. That means if you didn't want the confirmation email which said "the book you ordered is on it's way, and here's the tracking number", it was spam.

The problem with the law was that it was too broad, and would prevent any commercial entity from sending email (ie: it didn't just deal w/spam).

Mod parent up.

[Atragon]

Ya know, that would be a really GOOD idea. I've been recieving bounced email from mail daemons because some spammers have been using my email address in the 'from' and 'reply-to' fields of their spam.

Correction

[Atragon]

To stop spam, we must make it unprofitable for the spammers to continue sending it.

One thing i've always wondered

[Lord_Dweomer]

When big companies, such as Yahoo for example, change their policies like Yahoo just did where you have to reset your preferences on whether you want to be spammed or not, in the window of time between when they inform you through email, and the time you actually reset your preferences back to NOT recieve spam, do they spam you? Do they sell your address during that time period?

I always thought opt-out stuff was a joke aside from the regular reasons because they say "it'll take 24-48 hours to process it in our system", but I've always had a hunch that in that time frame they just sell your info to someone who you haven't opted out from.

yeah, that is WACKY stuff about voter apathy

[Cryofan]

Chomsky is PLAINLY wacked out for suggesting that the USA with its extremely low voter turnout as compared to other western democracies...and that leads to corporate control of our govt. Just how paranoid and insance that Chomsky must be to suggest such a thing....

Horse Spam!

[SEWilco]

"...allow the big marketers free reign"

Amusing as that phrase may be to the spam king, the correct spelling is "free rein". As when letting the horse go where it wants to.

Re:(not spam)The Opposite of the ADV Subject

[megabunny]

Might be all that is needed ....

MB

It still has to be passed

[www.sorehands.com]

The compromised bill still must be passed again by both the full house and senate.

Then signed by the president.

i expect incompetance

I can't see what the big deal is. This is a first version = anti-spam 1.0. How many programs do you write that are perfect first time? Well, that's how many laws are perfect first time.

There will be anti-spam 2.0, and 3.0 and so forth. Each reflecting voter wishes, AND money donations, AND actual lawmaker beliefs/knowledge.

Be happy. Educate a congressman. And write some code.

CAN spam act, not ANTI spam act

[DickBreath]

I thought the name of the act was self explanatory.

According to the recent article on it in Slashdot, the act was called...

The CAN spam act.

Not the anti-spam, or stop-spam, or castrate-spammers, act, or anything like that.

Re: adding more fuel to fire...

[Phantom_newbie]

I would have never thought that these new things allow spammers to act freely. Not only does this annoys me to an extent the fact that we get a whole bunch of unnessary trafic added to our connection thanks to the spammers who have all their time in the world to do all this... I recalled there was some news about somewhere in US, a state, is putting ban on firewalls. These days, common win32 firewalls are equipped with spam blocking (basic, but somewhat efficient in someways). If I were to live in that state, I wouldn't even care about having my firewall on plus with a whole bunch of other ways to block unnessary internet traffic.

The only acceptable spam label

[raxxerax]

To: /dev/null

So let's make Congress take the deserved credit!

[alizard]

Every single word of this bill was intentionally crafted to do what it does -- make Congress look anti-spam to everyone except spammers.

Right.

We're just going to have to undo this. I think we can do this. We're the people who explain technology to the clueless around us, and we can prove what we say in non-technical terms.

Know anyone at your local paper? As soon as the new spam epidemic hits, explain that the spam was directly caused by a fake anti-spam bill written by the spammers themselves, add the URLs from the original article for explanation . Tell everybody you know who isn't a tech type. Write op-ed letters. Talk shows. This is something that can be gotten across "people to people".

The American people need to know that our elected Congress is totally, absolutely clueless about technology and there is no solution other than replacement.

I'd avoid the "Do Not Spam" registry before it shows up being spamvertised as "50,000,000 e-mail addresses confirmed by the US Government"... I think the Nigerians will have real fun with this.

Imagine Congresscritters taking public credit for "anti-spam" legislation, and discovering that everybody is correctly blaming them for the amount of crap hitting our inboxes doubling or tripling.

Clear, conspicuous and amorphous

[87C751]

Not only does the bill not define what "clear and conspicuous identification", it forbids the FTC from clarifying that part of the law, vis:

SEC. 13. REGULATIONS.

(a) IN GENERAL- The Commission may issue regulations to implement the provisions of this Act (not including the amendments made by sections 4 and 12). Any such regulations shall be issued in accordance with section 553 of title 5, United States Code.

(b) LIMITATION- Subsection (a) may not be construed to authorize the Commission to establish a requirement pursuant to section 5(a)(5)(A) to include any specific words, characters, marks, or labels in a commercial electronic mail message, or to include the identification required by section 5(a)(5)(A) in any particular part of such a mail message (such as the subject line or body).

The can't say what qualifies as identification. They can't even say where the identifying portion must appear.

This is such complete bullshit!

I guess no one actually reads the law in question

[mlilback]

I just read all 56 pages of the law. Here are some points people are misunderstanding.

1) Creating 5 hotmail accounts with false info or 5 domains with false info isn't illegal. It is illegal to do so by script or other automated means and then send spam from it.

2) While opt-out lists only apply to the specific line of business (if the rcpt sees on that name and not the parent company), once a user opts-out it is illegal to give/sell that email address to anyone. So you can't take the address and start a new company to send spam as another post suggested.

3) The FTC gets to decide on a subject label for all porn spam.

4) Address harvesting off websites is illegal. I think that is a good thing.

5) Not just the FTC can prosecute. The SEC can prosecute mesages related to investments, FDIC for banks, etc.

6) Any state agency or official can bring a civil action.

7) The FTC is required to develop a plan for offering rewards to those who report violators of the act. Hopefully, Congress would then implement it.

8) The FCC can make harsher regulations for delivery of email over wireless service. So if you read your email on your phone, that sounds pretty good.

I agree that this law really sucks and doesn't do much. But it does do something. It makes it illegal to fake headers, use a mail relay without permission, and not honor opt-out requests. It won't stop every person, but I would hope it would help stop those few top spammers who are responsible for most of the spam out there. They are U.S. citizens and we have plenty of people who can track the spam back to them.

One problem is with the ISP civil action limitation. While I can understand not wanting the court system flooded by a lawsuit for every spam message sent, I think it should have been written to apply to anyone running a mail server. That is who has the real problem with spam, not just ISPs. (For many businesses, their ISPs have nothing to do with email.)

The only thing that bothers me is the requirement for a physical postal address in all spam. For businesses that don't have a physical presense, I'd prefer to see website, email, and/or phone required.

Add Inches to your SPAM with the Patch

[ahodgkinson]

I just got this mail. Maybe this can help us eliminate SPAM:

> Subject: Does SPAM size really matter? You bet it does!
>
> Nine out of ten women report better *rgasms and less junk
> mail in their Outlook Express Inbox, when their
> men use the SPAM-PATCH.
>
> Use the Doctor recommended SPAM-PATCH, the world's
> proven most effective p*nis patch, proven to
> eliminate SPAM and add inches to your p*nis.
> It's 100% safe and effectve at filtering unwanted
> SPAM and adding inches.
>
> We guarantee our patch will increase you P*enis
> s*ze and stop all SP*M. Or you Money Back (Shipped
> discretely in a Plain Package)
>
> Click here to to learn more about our exciting product.
> Click here to stop receiving these mssages.
> aafrdebcjfzeav kwrpcarplcyqc oujagydvocugp afwofsdcbxg

I know, it's does seem to be too good to be true, but hey, they guarantee your money back, so what have we got to lose?

There is a Ray of hope...

[Joe+Wagner]

S.877 will supersedes state laws on Jan. 1, 2004, but the wording is interesting:

SEC. 8. EFFECT ON OTHER LAWS. [snip] (b) STATE LAW- (1) IN GENERAL- This Act supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto.(emphasis added)

So, here's the question we are pondering: CA, (and MD, WA, etc) have/will have laws that prohibit "falsity or deception." Do those stay intact? The wording seems to indicate so. If so, then CA (and MD, WA, etc) offer several enhancements; do those remain intact? For example in California's case on Jan. 1st will there be:

1. Private right of action
2. Right of action against email "Advertisers" rather than just the untraceable spammer who sends the message, as provided by CA's new 17529.
3. Much larger penalties. It's not the $1000/message CA law would have made but it is up to $2500/message -- at the judges option which would make it easier for small ISPs to mount an action without having to do a class action to ensure a spammer is stopped for everyone.
4. Right of action for local District Attorneys -- S.877 only allows state AGs to bring criminal actions, not local county District Attorneys. I'm having enough difficulty getting San Mateo County's DA office to move forward on our complaints with criminal actions. I've no hope the AG of California will do anything -- they prefer to do only civil actions unless there is a conflict with the local DA's office and the AG has to step in.

There is some ray of hope in this debacle perhaps. Initial conversations with our lawyers seem to show that as worded, many portions of state laws may stand. Joe

We never needed this or any other law

[vacuum_tuber]

Almost everyone is missing the fact that laws, even when well written and targeted, are poor substitutes for economic solutions when the undesired activity is economically driven and economic solutions are available. And this law seems particularly badly written. It is pointless to whine and wring our hands over this, since it's fundamentally bad policy to wait for someone else to save us from things we're unwilling to deal with ourselves. Anti-spam legislation was bound, if not to fail utterly, at least to start very badly, like Billy Bob's Mail Order Plans For Home Fusion Power. If you'd like to empower yourself, read the remainder of this post. If you'd just like to gain the satisfaction that there is hope,, read this post.

Why does spam exist?

Most spam seeks to sell something, directly or indirectly. Most spam solicits visits to what might be called "beneficiary Websites" -- the Websites where the touted products are actually sold, usually via e-commerce. Some small percentage of spam solicits responses by phone or fax, a smaller percentage by snail mail, and a very tiny percentage advises you to come to Jesus or some such with no response solicited.

So almost all spam exists because someone hopes to make money from it, and almost all spam solicits responses to beneficiary Websites.

Forget who sends it: Who is responsible for it?

OK, so the largest percentage of spam solicits visits to product or service Websites. Follow the money. Other than the rare "Joe job," such spam is obviously sent either by the Website operator or by a contractor acting on behalf of the Website operator. No one else stands to benefit from the responses to the spam, so no one else will lift a finger to attract traffic to the Website except in some very rare scenarios.

So the true beneficiary of the spam, who is also the party who funded sending the spam, is generally readily visible and reachable. The true beneficiary is almost always also the true source of the spam. The question is: knowing this, what can one do that will be effective?

Counterattack the source

Paul Graham, the researcher and LISP expert who advanced Bayesian filtering a little over a year ago, followed up a few months ago with a paper on Filters that Fight Back (FFB).

Paul Graham

The fatal weakness in spam that attempts to attract visits to beneficiary e-commerce Websites is just that: it invites us to visit, and explicitly so. When we accept the invitation and visit the beneficiary Websites, the additional traffic marginally increases the costs of operating the Websites. "So what?" you might ask.

Here's what: the Websites count on the millions of recipients of the spam who are not interested, not to visit the Websites. The flip side of the near-zero cost of sending spam is the near-zero cost of the unresponsive among the recipients. The Website operators send or cause to be sent millions and millions of spam emails but they only have to pay for the server capacity and bandwidth for the tiny response rate from the morons who actually buy stuff. While we can't easily change the low cost of sending spam, we certainly can change the low cost of hosting the servers that have to handle the Web visits that can result from spam. We can do that simply by accepting the invitations contained in spam, and not only accepting the invitations but clicking on every link they have, to make sure to navigate through all their pages.

But that sounds like too much work!

Sure. And dangerous, too, because your browser may not be configured for maximum security. If it were, you wouldn't be able to surf most of the major sites on the Web. But there's a completely legitimate set of tools for downloading Websites for offline browsing. WebWhacker is an old one that

This law is the result of the FTC Spam Conference

[DynaSoar]

It covers precisely the range and points that were widely accepted by the end of the conference. And yes, that means it ended poorly.

A few of us tried to make the point that filtering done at the receiving end does nothing to stop the wasted bandwidth. Furthermore, carrying that extra bandwidth, whether a given user ever sees it or not, means greater equipment purchase, maintanence and replacement costs, and those costs are passed along to the consumer.

Unfortunately even some of the supposedly anti-spam community got suckered into accepting "labeling" and "the false positive problem" and other nonsense. I think they were trying to be fair to the few truly ethical online marketing folks, but in so doing forgot to consider the actual numbers related to the issues, and lost track of perspective.

My hero of the conference was Commisioner Swindell, the older ex-Marine gentleman who found himself seperating a spammer's lawyer and his intended target it a near brawl. I spoke with him, and he was one of the few there who maintained the recognition that the problem is far greater than the stuff that annoys people when they find it in their inbox; an equal problem is that part of their bill due to spam whether they receive it nor not.

A suitable response to this law would be for everyone (in the US at least) to forward any spam they receive to the inboxes of the boneheads who initiated and supported this law, with the statement "IT AIN'T WORKING!"

"Nuke 'em from orbit. It's the only way to be sure." -- Lt. Ripley

mod parent up

nm

Re:Spamcop

[ysachlandil]

Yes, Spamcop, I remember that brilliant service. The biggest easiest email-DOS there is. Go over to their website and check out the fine print:

SpamCop administrators do not, and cannot verify the claims made by it's users. Not only are there simply far too many reports filed for anyone to manually review them, but even if we were to, there is no way for us to know whether a user actually did or did not solicit a message prior to reporting it as spam.

Therefore, it is trivial to DOS a domain:

-Get a couple of free emailaddresses
-Fake a spam coming from the domain, just use a real spam and change the headers
-send a report about the fake spam to spamcop using the free emailaddresses you've got
-Bingo, the domain cannot send mail to all mailservers that use spamcop for filtering
-if you want to be a real bastard, repeat every day, and they will never get of the blacklist ;)

bottom line: do not use spamcop

Why US spammers use offshore servers

For the same reason as US companies offshore many other functions. They get offered a better price. Simple as that.

We Want Happy Spammers

[Creigh]

For those of you who believe the Spam issue turns on some property right or involves theft of services, do you also believe that buying a TV and hooking it to your cable company makes you the owner of the cable network? ISP's are generally subject (in the US) to the same laws as telephone company and broadcasters - their networks are essential public property (as is the Internet) and they are obliged to carry legal traffic. And that includes calls to sell you a newspaper subscription or ask for a political contribution to your "Do Not Call" home telephone. As an Internet subscriber you have every right to block traffic you don't want from reaching your mail queue, but you have no right to demand that I refrain from sending lawful e-mails. No offense intended. It's your First Amendment, too. Defend it; don't throw it away.

Re:We Want Happy Spammers

[Telemach]

Dear Cretin, Firstly, it's plainly obvious that you posted this only so that you could get all excited and pleasure yourself alone in front of your PC at all the outraged comments you expected. Get a new hobby. Secondly, alough you're wrong about it being a first amendment thing (as it's commercial, theft of service etc.), I couldn't give a damn anyway. Not everyone lives in the USA Moron. As a UK citizen, I can only agree with the first ammendment point if every spammer takes steps to ensure that no email on their bloated lists leaves America. When you've made a list that contains millions of email addresses scoured without biased with web-crawlers and such, this becomes an impossible task of course, as you probably well know.

What are we going to do about it?

[kulakovich]

These are our reps - what can we do?

Personally, I have saved every single SPAM message I have ever received, and have a 10-year 30,000+ message deep resevoir of them. Like Groundskeeper Willie's "retirement grease" I am hoping a class action will one day finance my tropical off-shore data center/submarine factory/hermit crab farm.

But seriously - what next? Should I start faxing my archive to Washington? Set up forwarding addresses to .gov email systems and get them on board with their own legislation?

If we do nothing, it will be years before something else is done. I used to get junk faxes, and even after repeated requests to the junk-fax system's 1-800 to remove my number with their add/remove system, nothing happened. So after finding a pile of vacation offers on the floor one morning a week later, I added several numbers via their 1-800 - mainly the local Better Business Bureau's fax machines. A short time later they stopped.

THAT is the sort of thing we need to do here.

kulakovich

The best way to stop spam-spam-spam...

[el_gregorio]

did anyone ever think to just shout, "SHUT UP!! .... lousy vikings.... "

More information on my site.

[www.sorehands.com]

I put the fax numbers for the Whitehouse, Tauzin and Burr on my website at http://www.barbieslapp.com/spam. There are also links to pages to look up your representitive on my pages.

Act NOW!

Re:PROBLEMS WITH HONORABLE BUSINESSMEN, COMMIE PIG

[JohnGrahamCumming]

Did I say I didn't like it in the USA? No.
Am I a communist? No.
Am I a coward who hides behind an Anonymous Coward name? No.

Uhmmmmm

[unicorn]

Those would be examples of MS having a vested interest in the Spam industry, not the Anti-Spam industry, actually.

Simple Solution

[kenp2002]

Private Invite Only Email clients that unless the sender is on your invited list the mail doesn't get in. Hotmail has it and I have never been happier.

The real solution

[jcrosby]

...is here.

Just kidding ;-)

Re:article text

[JuggleGeek]

I agree. I believe this law will lead to more spam, not less. However, I'm still in favor of it.

Why? Because the politicians are not going to outlaw spam until they've tried some nonsense approach like this one. A year or two from now, it will be clear that this law was completely useless and did not help. At that time, it's possible that they'll do what they should have done in the first place, and require confirmed opt in for any email advertising.

Without this step, the next step will never happen. So while I consider it useless, I still think it is necessary.

Re:Microsoft said: "Let There Be Spam!" (was AOL/M

[elvey]

Bollocks! The word 'unwanted' doesn't even appear in the bill. (err... does /. have censors - oh right- no just moderators that vote posts up or down).

Re:Microsoft said: "Let There Be Spam!" (was AOL/M

[Keeper]

'unsolicited' is a synonym for 'unwanted'. The hypothetical scenario I describe still applies, as the bill allows joe schmoe to decide what is and isn't wanted instead of clearly defining it in the law.

Though in all fairness, the revision of the bill you linked to has gone through several revisions since I last read it, and now it isn't nearly as bad. Read it without all of the 'advertisement' words and you'll read something much closer to what was posted on slashdot earlier this year.

Re:Spamcop

[mabu]

Yes, Spamcop, I remember that brilliant service. The biggest easiest email-DOS there is. Go over to their website and check out the fine print:

SpamCop administrators do not, and cannot verify the claims made by it's users. Not only are there simply far too many reports filed for anyone to manually review them, but even if we were to, there is no way for us to know whether a user actually did or did not solicit a message prior to reporting it as spam.

Therefore, it is trivial to DOS a domain:


You obviously know very little about Spamcop. Spamcop doesn't DOS anything. Spamcop's RBL encourages exactly the opposite. It keeps spammers from DOSing everyone else. It also helps id the real source of spam so innocent victims of forged spam are not DOS'd by bounces and the [responsible] ISP from which the spammer is operating can take action to stop this as quickly as possible.

As far as abusing the reporting system, every system can be abused. And Spamcop and other responsible services have means to deal with it. That's no excuse to deny the value of the service. Should we not use cars because some people have run down pedestrians? Should we dismantle the telephone system because people make crank calls? Get real.

Re:What choice do you have? Well, maybe...

I have an account with a service provider called geekmail. They allow me to host my own custom domain, and route any email inbound for that domain to my master account.

What I then do is signup for Amazon with amazon@mydomain.com or eBay with ebay@mydomain.com and so on... as a result I have a perfect mechanism for tracking who spams me and, more importantly, who sells my account. Those all end up in my inbox until I create a procmail rule, which geekmail lets me do, to filter messages to that account straight to the trash.

Amazing what would happen if we could all prove the source of the resale of our email address and go after them, hein?