Slashdot Mirror
What You Get When You Buy a Spam CD
defender writes "Recently over here in The Netherlands, the spam versus anti-spam 'war' has hardened. More professional spamming coming from a handful of hard-core spammers utilizing bulletproof hosting in India, chained open proxies, more and more false whois information, etc. One of the more known anti-spam people has been sent one of the subjects of those spams: a CD with millions of e-mail addressess of 'individuals' and hundreds of thousands of 'businesses'... Rejo Zenger has done an analysis of such a CD, which is fuelling new debate as to why the recent EU anti-spam directive was weakened because of businesses complaining or indicating that spam wasn't a big issue for them."
Well, I heard only a week or so ago that the European Union was going to make sending spam illegal in the near future, or has already done so.
Unfortunately, as this article on the Register points out, most spam comes from outside of the EU, or turns out to be untraceable anyway... so the question is if this new legislature would have any noticeable effect.
A quote: Anti-spam software outfit, Brightmail, says the legislation only affects European registered companies and they're unlikely to flout the legislation. However, it claims nine out of ten spam emails are either untraceable or come from operations outside the European Union. Either way, professional spammers - whether inside or outside the EU - are unlikely to heed the new legislation. So in effect, this new law will make bugger all difference to the amount of spam we get in Europe.
IMHO this new law certainly is a step in the right direction, since the ISP's would be legally obliged to take action against spammers on their network. Now if only the rest of the world would go in the same direction...
He refers to addresses ending with a dot as "unregular syntax", then later as "no TLD". However, the address with a trailing dot is the canoncial form of a domain name - the final dot refers to the "root" domain, the one that Verisign gets to play with.
I can't say that I don't give a fuck. I've just run out of fuck to give.
Over here, the rule is opt-in. The recipient of the spam has to have consented to it beforehand. (for the Norwegians here - markedsforingsloven 2 b).
I used to have a job where I had to deal with different kinds of questions from the public that dealt with, among other things, spam. After contacting various Norwegian spammers to lay down the law, I found that a lot of them bought CDs or whatever with e-mail addresses. They seemed to (usually arrogantly) think that because they bought these lists, they were fully legal to use. This is not the case.
I don't know if these CDs were sold with the implication that their use was legal. Hindsight is 20-20 and I realize now I should have told these spammers to demand their money back from the people who sold them the CDs.
People say I'm crazy, I got diamonds on the soles of my shoes...
It's called SPF, Sender Permitted From.
Having run an opt in mailing list for a previous employer I can tell you that some people sign up then go complain to spamcop when they actually get the email.
I don't run a mailing list, but some of our customers do - and you're correct, this part does happen.
then the mail server gets an Instant blacklist thanks to the automated system
Never seen this happen. In every spamcop case, we were always given the chance to respond - we've never been blacklisted. (A simple response showing the opt-in confirmation clears things up.)
The problem gets worse when they black out the email addresses so it becomes impossible to tell who actually wanted off.
Blacking out the email address doesn't make it impossible to check the recipient - unless you have the (bad) habit of deleting your mail logs too soon (IMHO a month is pretty much a minimum to keep logs - which shouldn't be a problem, as spamcop rejects submissions that are over 3 days old.)
You'll have the destination server and the SMTP ID - both of which are in your logs. (If you don't have access to the logs, your ISP should be more than willing to provide them - especially if your claims about being blacklisted are true.)
All in all, spamcop does a pretty good job.