Copyrighted Haiku Delivers Spam Through Filters

An anonymous reader writes "Remember that antispam company that includes a copyrighted haiku (which I can't quote here due to copyright reasons...) in emails vouching for their nonspaminess and thus bypassing spamfilters? The idea is that a spammer using said haiku to get through spamfilters can be prosecuted under the more stringent copyright laws instead of the weaker antispam ones. Well it seems said haiku has lately been figuring in a large spam run trying to pitch the usual medical remedies for various unfortunate ailments. What do you think? Is it time to start filtering for haikus or will Habeas succeed in thwarting the spam attack?" We mentioned this brilliant anti-spam scheme last April.

screw the copyright - here are the haikus ;)

Train of slick spam (a heller mail than mine), now corpus on third rail - Bill Bailey

art science and law forged together into one synchronicity - Justin S. Houk

Like oceans of wind Habeas SWE clears Email server jams. - Barbara Kane Pilliod

As Habeas shows that spam email can be banned with lawsuits at hand - Stanislaus Jaworski

Messages pile up. Unauthorized, unwanted. Now undelivered. - John H. Lee

Habeas striving to rid my inbox of spam. Hope it will succeed. - Steve Wilhelm

Hasty limerick My gift to all Habeas An honor for me. -Sandy Bumgarner

Habeas Web Page Elegant as your concept Navigating joy. -Sandy Bumgarner

Incorporeal Dear old friends send mail. As do incorporeal robot pretenders. -James Kobielus

Too much spam today Sender Warranted Email Spam-free tomorrow -Stacey Irvine

email said hello, email police jumped on it, now, no one writes me . . . . -Michael Siwinski

I get no email, any day that ends in y, fixed spam problem though . . . . -Michael Siwinski

I lost my baby, I lost my bathwater too, might be my filter? -Michael Siwinski

Awesome find today.. One expanded header full.. Hinted things to come! -Cindy Sue Causey

Habeas info.. In a header full of Shtuff.. Brought new hope at last! -Cindy Sue Causey

I built a new soul Using the remaining pieces Of my Habeas -Anthony Oertel

habeas makes herring out of yucky spam happy penguin -Philipp Droessler

spam free mail inbox clean like the first spring rain thanks to habeas -Philipp Droessler

unwanted porn ads and get rich quick nevermore thank you habeas -Philipp Droessler

Habeus have won once already

[Rogerborg]

Which would have taken any semi-literate reporter or editor ten second to find on their site. I guess that would have spoiled the illusion of a breaking story though.

Re:Habeus have won once already

[Rogerborg]

That's just dissembling. The article gives the impression that this is the first time this has happened (implicitely, by not mentioning anything between now and last April). Basic journalistic integrity means not ignoring relevant aspects of a story just because they happen to lessen the impact.

bayesian filters

[ddent]

I just checked through the mail I've received in the last while, and there is only one newsletter I am on using Habeas -- other than that, I have only received Habeas headers in spam.

Guess what my bayesian filter is going to start thinking of those headers soon... this could prove to be a problem for them if they don't get things fixed ASAP.

I don't quite see the problem...

[ControlFreal]

Looking at my spam-box, I find the usual stuff:

From ukKimble@mailthat.net Tue Jan 13 00:43:36 2004

X-Habeas-SWE-1: winter into spring

X-Habeas-SWE-2: brightly anticipated

X-Habeas-SWE-3: like Habeas SWE (tm)

X-Habeas-SWE-4: Copyright 2002 Habeas (tm)

X-Habeas-SWE-5: Sender Warranted Email (SWE)

(tm). The sender of this

X-Habeas-SWE-6: email in exchange for a license for this Habeas

X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant

X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this

X-Habeas-SWE-9: mark in spam to .

Subject: Fwd: V|@gra, Vali(u)m, X(a)n@x. Prescribed Online and Shipped

... and finally, the real information as far as I'm concerned in in the last header:

X-Spambayes-Classification: spam; 1.00

So whether the spam is "legitimate" (is there anything like that?) or not, SpamBayes doesn't seem to have much trouble with it.

Extra SpamAssassin rules for this batch of spams

[mehu]

My roommate told me he was getting a bunch of spam last night that was going through SA. I noted that I hadn't. Of course, I got 2 today, and while looking through w/ -t to check everything (it should've been quite obvious), noticed the Habeas X-Headers in there, & found their little notice about this rash of spams. So, rather than just add a score of 0 for HABEAS_SWE, I figured I'd give them a chance & added the following to my ~/.spamassassin/user_prefs, which takes care of the current rash:

body PHARMAWHAREHOUSE /pharmawharehouse.biz/
describe PHARMAWHAREHOUSE Link to pharmawharehouse.biz

body PHARMACOURT /pharmacourt.biz/
describe PHARMACOURT Link to pharmacourt.biz

body VALUEPOINTMEDS /valuepointmeds.biz/
describe VALUEPOINTMEDS Link to valuepointmeds.biz

score PHARMAWHAREHOUSE 10
score PHARMACOURT 10
score VALUEPOINTMEDS 10

Looking through my mail, it turns out some of my valid mail actually does contain those headers (would never have noticed them), and a few spams, even w/ the haiku headers, have been blocked by HABEAS_VIOLATOR (RBL: Has Habeas warrant mark and on Infringer List), so the company does appear to be doing its job..

Re:Fair Use

[Sircus]

bright-ly an-tic-i-pa-ted

5 syllables in anticipated, for a total of 7 on the line, making it (assuming you pronounce SWE as Swee and ignore the tm) 5-7-5, with a mention of seasons. Seems valid to me...

Disable habeas rule

[mattiv]

To disable the Habeas rule, edit file $HOME/.spamassassin/user_prefs
add line

score HABEAS_SWE 0

Re:translation of article header

Until recently, nobody was really sure if spam was legal or not. There were basically no laws. Now there's the Can-Spam act, which says you can spam all you like as long as you provide a way of confirming live addresses to be resold (the traditional 'unsubscribe' mechanisim).

OTOH, Copyright Law (as demonstrated by the RIAA) is a free licence to shut down any site or identify any end user with little more than a fax to the user's ISP.

Exactly the kind of tool we need to combat spammers, and good on Habeus for finding a way to apply it.

Re:Never likely to work

According to the statement given, the latest version of SpamAssassin should be able to filter these out. We're running what I think is the latest (2.61) and it still seems to be letting them through - thanks to the Habeas mark.

You have to enable network checks to filter these. Then when someone sends you an email with the Habeas mark, Spamassassin will check to see if the originating IP is on the infringer's list. If it is, then they don't get the credit for using the hiaku.

This assumes that Habeas has listed the spammer's IP address in thier list. I don't know how long it takes for it to get updated.

Make sure your report to Habeas

[p2sam]

Since they will add the offender's on to the blacklist, make sure you report that spam at http://www.habeas.com/report. That way the next unfortunate receiver of that spam would have adjust their score accordingly.

See: http://www.habeas.com/supportBlackList.html

Re:translation of article header

[ezraekman]

Are the new anti-spam laws so lacking in punishment that they pale in comparison to copyright laws?

In short, yes. CAN-SPAM, for the most part, weakened our ability to go after spammers, rather than strengthening it. It takes precedence over existing spam laws, and removes the power from individuals to go after spammers, even if a state law would have allowed them to. Copyright laws give the power back to the people, as it were.

Legally dubious

[Mammothrept]

OK, I hate spam as much as the next homicidally enraged Slashdot reading spamee. Habeas' business plan though is legally dubious at least with respect to copyright law. The trademark thing, though, just might fly.

The purpose of copyright law is to protect original works of expression. There are also built in limitations the most notable of which is fair use. There is no bright line definition of fair use but quoting a few lines of Haiku hardly seems unfair. The attempt by a private party to turn copyright law into a de facto anti-spam law is not likely to be upheld. Congress wrote a copyright law. Congress also wrote an anti-spam law. If Congress wanted to use copyright law to stop spam, it presumably could have figured out how to write such a law. It did not.

The trademark angle is more promising. The purpose of trademark law is to identify the source of goods in trade. Insofar as Habeas' goods are emails that it warrants are free of spam, it would be a trademark infringement for another company to identify the source of their spam as Habeas.

Re:Extra SpamAssassin rules for this batch of spam

[mutende]

body PHARMAWHAREHOUSE /pharmawharehouse.biz/
describe PHARMAWHAREHOUSE Link to pharmawharehouse.biz

Please note that there is not such domain as pharmawharehouse.biz. Habeas has missspelt the name on the web page, the proper domain is pharmawarehouse.biz.

pharmacourt.biz hacked?

[stevenp]

Has someone of the slashdotters already hacked the pharmacourt.biz site?
This is what I find at their products page: We are some stupid spammers!!

Re:pharmacourt.biz hacked?

[l0wland]

If you had read the thread from the beginning, you might have noticed this reaction. Also the contents of the about- and contact-pages have been altered.

BTW, as you are implying, this does not necissarily mean that one of the Slashdot-readers is responsible.

Re:Just... make... me.... UGHRHGH!@~

[rawshark]

Maybe this would help?
The Spammer's Compendium

Re:habeas?

[singleantler]

As far as I can tell, this was aimed mainly at people producing things like e-mail newsletters.

The Lockergnome newsletters started to use the Habeas haiku a while ago because they had problems when people started marking their sign-up newsletters as spam when they didn't want to receive them any more, rather than using the unsubscribe options. The people on large ISPs that aggregate what people think of as spam were then banning the newsletters from other subscribers.

Getting yourself unbanned from ISPs usually involves contacting their staff and convincing them that you're not a spammer. In the case of Lockergnome the second part was straightforward, but it was taking up a lot of time, and you only know you've lost subscribers when someone asks when the next newsletter's coming because they haven't received any for a while.

The Habeas system gives the ISPs an easy way to let through stuff marked with it, as long as Habeas defend their haiku against spammers successfully. So far they've done this, but finding the spammers to enforce their copyright, as they're trying to do in this latest case, isn't always easy/fast.

Re:Fair Use

[Derkec]

Proper haiku is defined by the number of Japanese characters involved. The whole 5-7-5 concept is a rough approximation that they give to secondary school teachers who enforce it to teach students discipline. If you're writing in English, you can drop the 5-7-5 nonsense, try to approximate that a bit and write some poetry. More important to haiku is the use of nature imagery used to discuss the human condition. That being rather tough, and difficult to grade, it's not a big focus for most jr. high or high school students.

Re:Geeks with basic poetry skillz: Haiku verse for

[stormhair]

Argh

Five for the first line
Seven for the second line
Then five for the last

Re:A question about Zombies..

A Zombie network is basically a network of compromised (Mostly windows, but I have seen botnets consisting of unsecured linux hosts, as well.) machines on home or university broadband connections. They are *very* common, and are almost always used in DDoS attacks. Common "bots" you'll see are litmus and sub7. Fizzer was also an (failed) attempt at creating a *HUGE* botnet. They're easy to set up and control because the average home user knows nothing about properly securing their machine. The reason you dont hear from firewall/antivirus vendors about this sort of thing is because the average "zombie" host runs neither, which is usually why it got infected in the first place. Updating/patching one's OS of choice helps, too.

Though I am loath to point traffic to this idiot, Steve Gibson's Site gives an interesting, though sensational story of being a DDoS victim (this guy is by and large full of shit, but he does tell a pretty decent story)

I hope this helped clarify things a bit, though if you'd like first-hand experience with zombie networks and the kiddies who run them, I would suggest visiting EFnet

Syllables

5-7-5. Plus you need the nature element, and to convey a feeling, etc. etc. if you do "real" haikus.

How to say it so / that it can be grokked well / have an example .

WTF are you talking about?

[Burning1]

That passage was related to the Habeas Whitelist and not the Habeas Haiku . It is a License Agreement and has nothing to do with copyright infringment . Furthermore, it only specifically covers situations where people attempt to blacklist sites on Habeas' whitelist ; somthing no sane admin would ever want to do.

Please tell me you just made a mistake, and aren't smoking some really, really, really strong crack.