Spammers Not Complying With CAN-SPAM

Zelphyr writes "The Register is reporting on a study done by MX Logic found that of 1000 messages tested, only three complied with the recently enacted CAN-SPAM act. Little wonder why the spammers weren't shaking in their boots when this spam friendly anti-spam bill was passed."

Re:Duh!

[GammaTau]

Most spammers are from overseas in non-cooperative countries (with the US).

There is evidence to the contrary.

Re:Duh!

[abelsson]

No, most spammers operate from the US.

No kidding, violation logs from today...

As I understand it, CAN-SPAM makes it illegal to use open proxies to relay messages. We run a proxy scanner on every email that comes into our server, through an exim pipe. Any sending host which is an open proxy on a common port is reported to us via IRC. The following IRC log can be explained one of three ways:

[01:02] <SpamBot> SpamTrap found a proxy! 82.138.193.50 (host1.greenwichtraining.adsl.telecomplete.net)
[ 01:05] <SpamBot> SpamTrap found a proxy! 200.95.36.167 (dsl-200-95-36-167.prod-infinitum.com.mx)
[01:08] <SpamBot> SpamTrap found a proxy! 200.45.247.170 (host247170.arnet.net.ar)
[01:41] <SpamBot> SpamTrap found a proxy! 200.90.212.26 (26-212-90.adsl.terra.cl)
[01:41] <SpamBot> SpamTrap found a proxy! 200.95.74.41 (dsl-200-95-74-41.prod-infinitum.com.mx)
[01:59] <SpamBot> SpamTrap found a proxy! 218.75.131.4 (218.75.131.4)
[02:10] <SpamBot> SpamTrap found a proxy! 194.2.149.201 (194.2.149.201)
[02:18] <SpamBot> SpamTrap found a proxy! 61.233.205.110 (61.233.205.110)
[02:29] <SpamBot> SpamTrap found a proxy! 200.84.79.92 (dC8544F5C.dslam-03-24-3-02-01-01.rmg.dsl.cantv.ne t)
[02:37] <SpamBot> SpamTrap found a proxy! 81.134.29.16 (host81-134-29-16.in-addr.btopenworld.com)
[02:55 ] <SpamBot> SpamTrap found a proxy! 200.43.19.71 (dsl-200-43-19-71.users.telpin.com.ar)
[02:57] <SpamBot> SpamTrap found a proxy! 200.225.210.173 (iplus-ura-225-210-173.xdsl-fixo.ctbcnetsuper.com. br)
[03:07] <SpamBot> SpamTrap found a proxy! 200.42.43.63 (200-42-43-63.dsl.prima.net.ar)
[03:27] <SpamBot> SpamTrap found a proxy! 62.236.142.192 (62-236-142-192.hpna.wlannet.com)
[04:50] <SpamBot> SpamTrap found a proxy! 81.225.52.204 (h204n5c1o1044.bredband.skanova.com)

[Note: rogue spaces in the timestamps were inserted by Slashdot.]

1) USA-based spammers don't give a shit about the new law

2) Overseas-based spammers have increased exponentially

3) USA-based spammers are offshoring just like every other IT industry

Will we soon be inundated with reports of Bangalore being the spam capitol of the world? After all, they aren't subject to the jurisdiction of USA-based spam laws. Forget offshoring your tech support, now you can offshore your spamming operations and be in total compliance with the law...

Re:No, you got it all wrong...

[fjin]

You haven't heard before about:

Spamassassin
SpamAssassin(tm) is a mail filter to identify spam.
Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify "spam", also known as unsolicited commercial email.

and Razor
What is Vipul's Razor?
Vipul's Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures.

They don't bust spammers for fraud, either

[swb]

So why should they bust them for violating the spam law? The government has totally ignored the absolutely fraudulent nature of spamvertised products, despite the fact that the money trail is easier to follow than the email trail.

I suspect there will be political pressure to "bust" a couple of spammers, and they probably will nail a couple of small-timers and will trumpet it as a success, saying something like "Mr. Spam King sent over one million spam messages" -- the same bogus logic used in drug busts, when they value the drugs based on their smallest-possible-street-transaction value instead of the likely wholesale value.

Part of the reason I think there will be little enforcement, at least from the Bush administration, is that I've read that mainstream businesses are actually profiting from spam indirectly by selling customer lists that include email addresses. They don't sell directly to spammers, but they filter through direct marketers who ultimately DO sell to spammers.

Re:If it's so spam friendly,

[Halo1]

Stop being stupid and blocking IPs. It's counterproductive. You're throwing napalm on an ant hill and most of the time, the ant you're going after has already moved somewhere else.

If that were the case, almost nobody would use blacklists.

It should be a punishable offense for such idiots who block legitimate IP from sending e-mails.

The recipient has full rights to determine for himself who is legitimised to send him mail.

If a company is using an ISP that happened to get a spammer onboard and the company ends up being blacklisted and losing business, the makers of the blacklist should rightfully be sued for lost business and denial of services.

Blacklists don't block anyone's mail. Its users do, and those users have the full rights to decide who gets to make use of their property or the services they pay for.

Imaine if a citizen set up a road block on a highway just because they heard criminals used it.

Blacklists merely advise you to avoid a highway. They can not and do not block anything.

I'd like to see lawsuits start being brought against blacklist runners and won. Their method is in many cases as reported on slashdot but not called as such, criminal.

Voicing an opinion is actually one of the rights protected in pretty much every constitution around the world.