Copyrighted Haiku Delivers Spam Through Filters

An anonymous reader writes "Remember that antispam company that includes a copyrighted haiku (which I can't quote here due to copyright reasons...) in emails vouching for their nonspaminess and thus bypassing spamfilters? The idea is that a spammer using said haiku to get through spamfilters can be prosecuted under the more stringent copyright laws instead of the weaker antispam ones. Well it seems said haiku has lately been figuring in a large spam run trying to pitch the usual medical remedies for various unfortunate ailments. What do you think? Is it time to start filtering for haikus or will Habeas succeed in thwarting the spam attack?" We mentioned this brilliant anti-spam scheme last April.

It was always going to happen

[Ckwop]

Darwinian Selection is the governing rule of spam.. If appending a Haiku makes a message 'fitter' it will survive the slaughter more readily and therefore make it into your inbox more often.. until some realises what's going on and combats it with a new filter.. and then the process starts all over again.. :) For this reason, I think we're going to be fighting spam for a long time to come :) Simon.

I've gotten a few

[ghettoboy22]

About 5 in the past couple days. I noticed the unusual X-headers and finally remembered what it was. Increased the SA score yesterday and now I get none! woot!

I can see this company being semi-successful in taking spammers to court under copyright lawsuits, however like the article says the latest rash is (not suprisingly) zombied broadband hosts, making their chances of finding someone to sue almost nil.

Never likely to work

[DrPepper]

In theory the Habeas scheme is very clever. It's difficult to get spammers under any anti-spam law (where they exist), so change the ballgame so that you can prosecute under copyright law instead.

Unfortunately though, I suspect it's going to be difficult to track these people down, and even when Habeas do, they will need to mount a prosecution in another country - wherever that happens to be. The spammers may even win given that each country enforces copyright laws differently.

According to the statement given, the latest version of SpamAssassin should be able to filter these out. We're running what I think is the latest (2.61) and it still seems to be letting them through - thanks to the Habeas mark. I'm beginning to think I should just disable the Habeas rules completely and let these get scorded normally.

translation of article header

[JimBobJoe]

The idea is that a spammer using said haiku to get through spamfilters can be prosecuted under the more stringent copyright laws instead of the weaker antispam ones.

Which should read:

The idea is that a spammer using said haiku to get through spamfilters can be prosecuted under the more stringent laws that are difficult to enforce instead of the weaker laws which have proven so hard to enforce.

I'm amused by the idea, but it seems to me that if you couldn't get (find) them under anti-spam laws (especially the newest ones) then how could you get them on copyright laws? Are the new anti-spam laws so lacking in punishment that they pale in comparison to copyright laws?

Re:bayesian filters

[silentbozo]

I've already manually kicked the SpamAssassin score for Habeas to -.5. If things don't get better, I may help out the bayes filter by turning Habeas scoring off (set to 0). Habeas should be spitting brass tacks PRwise - every day that goes by without a peep from them just enboldens other spammers thinking about trying the same stunt.

After all, Habeas was whitelisted because they promised legal action against spammers infringing on their copyrights... well, the spammers are infringing. Where are those spam-eating lawyers we were promised?

Attack of Haiku-Resistant Killer Spam

[leoaugust]

It just illustrates the lengths the spammers will go to, including taking on Habeas' proven legal capabilities, to distribute their spam.

It is interesting that they tout their proven legal capabilities rather than "proven" technology. Will it be enough to stop the Attack of Haiku-Resistant Killer Spam. RIAA and SCO are trail blazers in using the legal system to stop ....

Our patent-pending Sender Warranted Email(TM) service vets messages for legitimacy, guaranteeing that they're not spam.

Guaranteeing? Sounds like a pretty tall claim now. Not to say what should happen to the pending-patent - a review of the claims perhaps ?

Adding the IP addresses to the HIL (aka Habeas Blacklist) should not impact the legitimate mailing activities of the owners of the compromised PCs.

It would be nice if it works well, but I am curious as to how they are going to distinguish from a single IP address whether the email was sent from the compromised PC when it was "alert" or when it was in a "zombie" state.

Your reporting here of spam you've received with the Habeas Warrant Mark will help us track down and prosecute the responsible parties.

Habeas - Welcome to the Party. In addition to the call for rounding up a posse, if you need some help from the Feds, write in to the FTC at uce@ftc.gov. Despite having the Federal powers to kick a**, I am not really sure how successful they have been.

What Can I Do With the Spam in my In-Box? Report it to the Federal Trade Commission. Send a copy of unwanted or deceptive messages to uce@ftc.gov. The FTC uses the unsolicited emails stored in this database to pursue law enforcement actions against people who send deceptive spam email.

Hey, and I forgot - What happened to the CAN-SPAM ? How long before we have Attacks of the CAN-SPAM-Resistant Killer Spam.

Why should the spammers worry about copyright?

[MROD]

Now, we've seen spammers use a copyrighted poem in their spam headers. I'd like to know how much they're worried about being taken to court about this. After all, they're not exactly on the right side of the law already...

(1) They subvert other people's computers to relay spam: illegal in most juristictions.
(2) They send out viruses and worms to break into other people's computers: illegal in most juristictions.

So, if they're already doing two illegal things, why should they worry about a third?