Slashdot Mirror
Spammers Not Complying With CAN-SPAM
Zelphyr writes "The Register is reporting on a study done by MX Logic found that of 1000 messages tested, only three complied with the recently enacted CAN-SPAM act. Little wonder why the spammers weren't shaking in their boots when this spam friendly anti-spam bill was passed."
And we're already starting to see spam proudly proclaiming that it's "CAN-SPAM-compliant!" I suspect that we'll soon be able to put in filters to block any message that claims it complies with CAN SPAM because that will be a guarantee that it is, in fact, spam.
And, on the opposite side of the fence, I'm seeing some people claim that relay-testing is now prohibited under CAN SPAM (because CAN SPAM makes unauthorized relaying a crime).
Bah.
It doesn't matter if the crime is though hacking, smuggeling, murder....whatever. The fact of the matter is this. If the crime you commit far exceeds the net total loss from being busted, then why would the suspect want to stop? It's not that hard to figure out.
Sometimes, you have to fight fire with fire. So ladies and gents, let the SPAM hacking begin. Anyone feel like being evangelist for Joe Sixpack with an AOL account?
Life is not for the lazy.
The main idea of the law is to stop non-compliant messages by imposing financial punishment on the spammers. And this won't work. It very easy to avoid such fines, e.g. declare that you don't have any money and then use the absense of local citizen registers to "vanish" from the radar of law enforcement.
I think the real solution would be physical punishment. Just when the feds get their hands on the spammers then they can't avoid punishment. No more bad excuses. Of course, you won't do something imhumane like they do in Saudi-Arabia - cutting of fingers etc. You would just give them a decent spanking. And they would remember that. Furthermore this would be much cheaper than traditional punishment.
Over 90 years and counting !
I actually received a spam the other day that claimed it was CAN SPAM compliant.
It seems someone got the bright idea to take the portion of the law that specifies the primary purpose of an email literally. So the top part of the mail (proudly pointed out as the "primary purpose") was a short joke. Then the email went on to its "secondary purpose"...
And at the bottom, of course, was a disclaimer that stated again which part was the "primary" purpose and which was the "secondary", just in case you hadn't noticed the big notices above.
I'd love to see someone try to argue this point of view to a judge with a straight face...
Methinks we have to get a little more drastic in order to have any effect on spam. I mean, everything else seems to fail.
Let's get extreme and start dropping packets from entire /24s from which spam is originating. In extreme cases, let's drop entire spam friendly ISPs. This is the only way to get rid of pink contracts, if all the customers of an ISP suddenly find that large parts of the Internet become unreachable to them.
If an ISP finds itself dropped from routing tables and unable to reach most/all of the rest of the 'net, I have a feeling they will get tough on spam and on clueless customers with open relays/proxies real fast. They'll have to, or they'll be out of business.
Yeah, I know this is extreme and drastic, but what else is there? SPF records won't be effective, laws don't do squat (a: because this is a global problem and b: because law enforcement haven't got the resources/motivation/whatever to enforce the laws anyway).
I'm just getting so sick and tired of these antisocial scumbags ruining email for the rest of us.
And remember kids: Never trust a computer you can actually lift.
Of the 1452 spam I received in my 3 accounts this weekend there are 157 references mentioning compliance with the Can-Spam act. Twenty of these said that they complied by including a valid reply address, a valid postal address and a working removal mechanism. The only one which actually met all of these criteria was from hurricane-map.com sent to an administrative address - 69.6.58.0/23 is blocked to everything else but to this address :-(.
So Scott Richter, one of the most infamous spammers on the planet, doesn't seem to be complying with Rule #1, what is the world coming to?
Well, after 1/1 the amount of spam I receive on that account went up again. Right now it's about triple the amount before 12/16, and quickly pushing on four times it. I'm also seeing more efforts at E-mail guessing (sending E-mails to every possible combination of account names at a given host). These are pretty obvious when they show up on an account that's never been used, and has never (and still isn't) listed anywhere on the Internet (or otherwise).
From where I'm sitting, looks like the spammers are having a field day, and the only thing that's changed is the problem got worse. Thanks congress, remind me to vote against all incumbents next election.
Now I have something to point to when people go on and on about how bad South Korea is for spam. I know that they are bad when it comes to security (read open proxies), but for the most part, South Korean spammers abide by the regulation that they must put [ADV] in the subject line of the message.
Yup. SPEWS is what happens when spam drives people into an insanity like the one the original poster is on the verge of. Dropping entire blocks results in 'collateral damage' (non-offenders getting blocked) and there's no real rationalization (though many or offered by the likes of SPEWS) that can justify that. No, not even 'well the innocent victims can crusade against the ip provider and serve our just cause in effecting change'. Get real. When it happened to me I just switched to an ip on a different block for the mail server. I say SPEWS can go fuck themselves. And I think that's a pretty common reaction for non-spammers who suffer from them. In the end they defeat themselves by making enemies not only of spammers, but everyone who hasn't quite lost their sanity. Granted, sanity can be hard to hang onto sometimes when considering the spam problem, but it's worth making the effort in the long run.
Time is Nature's way of keeping everything from happening at once... the bitch.
I berated a 'sales consultant' that definitely sounded more like a telemarketer, although he claimed it was a 'courtesy call.' When I mentioned that I was on a do-not-call list (I don't know if there is a federal one that has any teeth yet, but we do have a state list) he claimed that they were exempt because "we" had a 'prior business arrangement.' His reponse sounded very scripted, meaning they had anticipated curmudgeons such as myself protesting. This prior business arrangement was dubiously linked to a warranty card I had filled out for some product made by a subsidiary company.
There will be all sorts of loop-holes... and all the caveats attached to the emails will take up even more bandwidth- just as arguing with a telemarketer about a calling list wastes even more time.
The pathetic aspect of all this is someone somewhere is making money on it, or it would not exist-
Those that suggest you "dance like no one is watching" really want to see you make a complete fool of yourself.
Very good point.. but you did leave out one of the 'up and coming' spam launching points -- zombie computers.
I recently upgraded a few networks at a local school, and noticed two very sluggish machines. They were the same build as the rest of them, but seemed to be working pretty hard even when they were just sitting there unused. I suspected a problem, so I isolated them and scanned their hard drives. I found a virus -- nothing unusual there (it is a public school) -- but I also found that they were firing off spam as fast as they could work. No mass email program had been installed, but it was working through a backdoor that the virus had opened.
Very good point.. but you did leave out one of the 'up and coming' spam launching points -- zombie computers.
I recently upgraded a few networks at a local school, and noticed two very sluggish machines. They were the same build as the rest of them, but seemed to be working pretty hard even when they were just sitting there unused. I suspected a problem, so I isolated them and scanned their hard drives. I found a virus -- nothing unusual there (it is a public school) -- but I also found that they were firing off spam as fast as they could work. No mass email program had been installed, but it was working through a backdoor that the virus had opened.
I've heard about this happening in the past, but I'd never witnessed it first hand. I was alone in the room, and it kinda sends chills down your spine to realize that somebody else in the world is also using that machine, and that they'll notice when you turn it off. I mean, I'm sure he had a million others.. but still.. creepy.
I wanted to delve into the problem further -- to see how he was controlling them, and from where -- but alas, I was running short on time as it is. Also, an individual like this obviously has 0 morals anyway.. I'd hate for him to find out I was the one who shut down some of his handywork.
Anyone else had experience like this?
I agree with much of your post, but do you think maybe you're being a bit too negative?
That's true, of course, but simply ruling out the sexual and financial stuff would be a good start.
That's unfortunate when it happens, sure. OTOH, I've received plenty of e-mails in my time telling me that I've "opted in" to something that I most certainly haven't (because I never opt in to any commercial mailing list unless I'm having direct dealings with the company involved, and usually not even then). Thankfully, I've seen few of these in recent months, but it used to happen all the time.
Finally, I agree that it's best to have concrete tests, and as such making it illegal to forge identifying information in an e-mail could be useful. OTOH, a law that says, "You must include a valid, working unsubscribe address" doesn't really help much, does it? Surely anyone who's ever administered an e-mail system would advise against ever replying to any spam mail, so the law has just "legitimised" one of the spammers' favourite tactics for no benefit at all.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Most of the spam does NOT come from the US.
It DOES. It's only RELAYED through foreign computers.
Professional American spammers set up boxes and rape relays outside of the US to avoid being linked with the originating IP of their spam.
Some of the best known spammers are known to have hired servers at Asian and Third World providers. And then there are the current waves of mail viruses that turn the victims' computers into spam relays, also with the primary intention of setting up a network of spam relays to hide the spam's origin.
But most of the professional spammers DO operate from Northern America. Look up the listings on Spamhaus.
(And yes, we in Europe have the same problem. There is a Swiss professional spammer who has set up his computers in South America and a German spam gang using computers in Holland and Eastern Europe. It's easy to hide your tracks that way. But the spam DOES originate in Switzerland and Germany, it's only RELAYED through other countries.)
------------------
You may like my a cappella music
most spam does not come from the US!! Seriously. And the rest of the world can give a sh*t about the laws we pass. [..] Our laws will have no affect on the big fish.
The big fish are Americans.
------------------
You may like my a cappella music
Did you read the law? It does not say it's OK to spam. It bans the vast majority of spam and prescribes harsh penalties. It allows up to one year imprisonment for sending spam with false headers, which is pretty much all the spam I get. Without false headers, spam becomes impractical for lots of reasons.
And what is your basis for claiming that there is no enforcement? The Justice Department doesn't usually publicize investigations until they're over. It will take months for investigators to start tracking down spammers and building solid cases against them.
This is a good, strong, well-designed law. For some reason the groupthink on slashdot claims it is "weak". I'd urge everyone to actually read the law before commenting on it.