Slashdot Mirror
OptInRealBig Wins Restraining Order On SpamCop
arikb writes "Some online newspapers are reporting that the infamous Scott Richter and his company OptInRealBig won a temporary restraining order against SpamCop. The TRO prevents SpamCop from sending complaints about OIRB to their provider or removing email addresses from the complaints it receives which regard OIRB. I think we will rue this day for years to come."
Update: 05/12 16:43 GMT by T : The Ultimate Fartkno writes "HillsCap, a fed-up SpamCop user, is now organizing a class-action lawsuit to be brought against Richter and Opt-In. At least 1,000 signatures are needed, so tell your friends!"
Let me make sure I have this straight... who's got a gun to the mailserver administrator's head saying "You must use spamcop to filter your mail"? No one.. ok that's what I thought. So how exactly does OIRB even have a case here? Spamcop is running a service, which somtimes blocks OIRB, they are forcing everyone and their mother who runs a mail server to use them (spamcop)... so why did this even go through? It's not spamcop's fault.. it's the mailserver admin's fault the mail is being blocked. And, unless I'm wrong, mailservers are privately owned pieces of machinery and I have every right to say "Sorry, you can't come trampling on my equipment right now", to someone. So while OIRB might not like it, my mail server is private property.
Isn't this like hireing Diebold to secure your house, and then having someone (say Jehovah's Witnesses) complain and file a suit against Diebold because they can no longer come up to your house and just enter?
I know I know.. I'm stretching the example a bit... but JW can 'technically' come up to my house knock and I can talk to them if I wish. I can also turn them away.. it's MY house.. MY property. I install a third party system which does something or other to keep them away... how's this diebold's problem? or mine for that matter?
Eveyone can thank the can spam act for this but he is still going to win his suits. As long as he is fully following the federal can spam act rules he is on strong legal grounds. Yes it may suck but according to the law he may be doing absolutely nothing wrong.
Got Code?
Now even though I don't sympathize with any spammer, here's the deal. We need to stop those stupid idiots that buy the things from spam. If they didn't waste their money on overinflated products and things that don't actually work, then we wouldn't have a problem. As far as the Can Spam Act goes, the U.S. has been trying to control the Internet for years. There's been plenty of bills that have been passed for control. How much do you want to bet that this has something to do with Big Brother watching us after Bush gets "broadband for the entire nation" in. What ever happened to privacy.
-- Friends don't let friends buy Nokia.
You can kill the ant, but you can't kill all of the ants
Just like the RIAA, opt in will have little success over elminiating all of the spam filters.
And unfortunately, this is likewise vice versa.
What I don't understand is- Caller ID is legal; It's not legal for telemarketers to call if you're on the no-call list. But in no way is it legal to have a 'caller-id' of the email clients installed?
It's a very rediculous control method, and I cant for the life of me understand. It's the equivelent of somone bossing me around on my own computer telling me I can't install a popup blocker;
Apparently the judge and jury love getting viagra emails....
As many of you have said, it expires on May 20th. That's just a week away. If it gets extended then we may have a problem.
According to www.spamfilterreview.com;
12.4 BILLION...not million...BILLION emails per day in spam crosses wires. Thats 40% of total email sent over the entire internet. That is completely insaine.
I say let's legalize spam, this way the spammers dont have to hide their addresses. Then, when we find out who they are; we'll duct tape them to chairs and make them watch teletubbies for months on end with no sleep and no food.
It's not what you know; It's what you can find out.
IANAL, but why the hell does anyone have the right to mess with qhat I choose to do with the email I get? If I put a filter that automatically filters all messages from Microsoft.com, can they sue me for not allowing them to carry on with their business? And that said, if instead of putting that filter myself, if I choose an ISP that uses such a filter, why should they be charged with anything? It was my choice, as a consumer, in the first place...
I wonder if everyone in /. started sending random trash by email to Opt In employees, using up their bandwith and rendering their business mail useless, if they would be so tolerant... Anyone's got a list of those addresses, by the qay? ;)
> The only real method of fixing this is to charge for e-mail.
I disagree. Spammers will simply screw customers *harder* to get more money to cover the operating costs. They won't care if email costs money, but it will make them much more vicious. They will likely have to do massive targeting research to ensure they get the maximum effect from each little email. New email addys would likely receive less spam in a paid system.
There has existed a business model very similar to the spammers' model, for quite some time; junk snail mail. The costs of sending junk snail has no effect to the countless bouts of the crap clogging up mailboxes everywhere. The only difference is that when it costs money to send, you would likely root out all the lame idiots who spam for dollars, but have no infrastructure for doing so... they would disappear, or become soaked up by corporations bent on spamming. My point is, the paid email model will result in tighter groups of spammers earning money together in an organized way.
The dangers of knowledge trigger emotional distress in human beings.
Spamcop puts a list of IP ranges and abuse addresses on their front page, along with an annoncement that they are not allowed by court order to send complaints to these addresses about these ranges. They can also provide a cut and paste ability for people to send reports outside of SpamCop for these providers.
FYI-
HillsCap (who I think is an admin at an ISP) has gone on the warpath against Scott Richter. See this thread in SpamCop's forums...
http://forum.spamcop.net/forums/index.php?showt
He's saved up a few *million* emails from Scotty and he has contacts with some interestingly acronymed agencies, if you get my drift. If the right people get on board with this, we just might be able to raze Opt-In and sow the ground with salt after it's gone.
Saying "Scott Richter is still a lying scumbag, a convicted felon and a thief" is not slander, because it is true. However, "kill spammers" is a murder threat as you claim.
"How long before people start posting his address, phone number"
What is wrong with giving him calls on his personal phone at 2 AM, or knocking on his door 18 times a day to sell him fake penis pills? Scott Richter has indicated that he thinks that there is nothing wrong with such intrusions at any time.
I know someone suggested awhile back that e-mail users should have to execute a piece of complicated code for each e-mail they send (was this Billy Gates idea?). Anyway, why don't we allow people to send an e-mail for donating a small amount of time to a DC project? Just think, we could send free e-mail AND search for intelligent life at the same time!
From the last 7,000 messages my server's handled, a grep of the maillog turns up exactly zero occurrances of 'optinbig'.
So, are these guys really that big, or are they really playing by the [albeit stupid and ineffective] rules?
Besides, who honestly gets much Spam originating from US sources anymore...?
Outlook parks spam for me in a junk mail folder, and I can't deal with each individual item.
However, I have recently started a personal mission: every "419" type scam that I receive, I specifically forward (and full SMTP headers) to
(a) "abuse@" all the domains mentioned in the headers and message;
(b) all recipients specifically mentioned.
It doesn't take more a minute or two a day (no more than 5 419'ers or lottery scams a day), but it makes it clear to the senders that someone is taking a proactive approach to stopping them.
I suggest other people do this as well. Obviously it's infeasible to do it to all spam mail: but do it with the scams.
While I agree that spam must be made unprofitable, I think some public awareness can happen. Personally, I'd like to see something like what the government (FTC?) did a while back - set up false pyramid scheme sites, and when people sign up, send them an e-mail explaining that they could have lost millions. Of course, that was a "pull" method. Doing that with spam would require sending out millions of spam mails to lure the idiots to get your message, and I'm not interested in discussing whether or not the ends justify the means.
I suppose they could do it through traditional mail. Or take out ads in newspapers. It's all about public awareness. And don't say the majority of people who buy this can't read. Remember, they have to have computers. Several articles showed that it was mostly white-collar workers getting suckered in by penis pills.
Regardless, people need to be informed that most offers are illegal and they'll end up being screwed. People need to undersand that chances are big software companies such as Micosoft and Network Associates have not endorsed resellers with the e-mail address "muffins@happyhangover.com" (I got that one yesterday, seriously)
Another solution I guess would be to make Viagra free and remove demand, but I bet that's a bad idea...
We need some sort of real-time, content-driven connection throttling on the mail servers of the world, so as to reduce the number of SPAM that can be sent in any given time. The inbound mail can be analysed on-the-fly and if the word pen1s or vi@gara is detected, throttle the connection so that mail takes 60 seconds to send.
Throttling is great, but basing it on words is a bad idea. It won't work. Spammers will keep finding ways around it. That article a while back that showed how people recognize shapes of words proves that there are near limitless ways to "spell" a given word. You can't check for every possibility without putting undue load on a mail server. (This isn't your personal mail server we're talking about - some mail servers get literally thousands of pieces a mail per minute, often more).
Throttling, however, is great. I can't think of a legitimate reason to send more than, say, one or two mails per minute. (All these numbers are guidelines, obviously we'd have to figure out someting that works for most people, but still annoys spammers - don't waste your time flaming me saying you send 3.5 mails per minute). If you violate that, you don't get to talk to the mail server for 5 minutes. Violate it again within 30 minutes, and you don't get to talk to the mail server for an hour. Violate it more than, say, N times per day, and you don't get to talk to the mail server for 24 hours. This would put a huge damper on spamming runs. And if something really needs to get through but you're banned from the mail server, you can use your ISP's webmail service (most offer one), or go get a yahoo account temporarily or something), or maybe you can call your ISP and explain what happened (assuming there was a legitimate reason) and get yourself re-activated.
That's how most colleges deal with bandwidth hogs. (It's a shared resource, not a right, deal with it.) If you go over the bandwidth cap (which is publicized, unlike Comcast, and is quite generous (on the order of several GB/week) once, you get a warning. The next time, once you use up your bandwidth for the week, it's gone. You're SOL until Sunday. Some colleges provide a "reserve", which you can activate to get your work done, but if you go over that, too bad. You get to go to the library and do your research the old-fashioned way, or you get to go to a public cluster. Does this inconvenience students? Not really. The primary use of most college networks is for academics (check the AUP you
There is no sig, there is only Zuul.
I'm no spam fan, but some of the spam blocking services out there are becoming overzealous. Ever heard the saying "Don't throw the baby out with the bath water"? It is better to get a few spam emails than to have an important email blocked.
Through a series of events that were no fault of my own, I was black listed in one of the spammer databases! I'm speaking specifically of SPEWS here, which in my opinion is the most reckless, least responsible one out there.
I went to their website to get my address cleared, and the faq basically says, "So sorry you're in our database. You're screwed, we'll never take you out."
I have countless emails returned to me every day from people who's email service checks SPEWS. I have to call each IT department to get whitelisted, which is a huge waste of my time.
My point here is that even though in this particular case the guy actually IS a spammer, there has to be some level of accountability for spam blocking services. If they go telling everyone you are a spammer and that no one should listen to you, they'd better be right, or they are committing a form of libel.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
I remember when Spamcop was purchased and the company that purchased them also makes the hardware sold to spammers. Its too much work to find it but I know it was in the news.
So the company was working both sides of the fence. Because of that, it sounds like the company is being sued by one of it own customers, IF anyone can confirm the spammer is a customer of Spamcop's parent company. This would almost sound like a conflict of interest in that your selling to the guy suing you.
So this really is not a surprise, as Spamcop's parent company likely knew that someday they would be in this legal position.
"Your having a bad day when the voices in your head put you on hold"
The judge didn't reject the restraining order because Iron Port didn't bother to answer the complaint. With no rebuttal, the judge will rule for the complaintant.
The same thing works for a lawsuit. If a lawsuit is filed against you and you choose to ignore it, the judge will enter a default judgement against you.
It would be interesting to know why Iron Port didn't bother to answer the complaint. Even if Iron Port thought the spammer was completely off base they still should have shown up in court and said so!
SpamCop does not have the power to "get anybody shut down." They generate temporary email addresses to users who want to complain about unsolicited email and provide automated header analysis to determine addresses to complain to. Anybody who receives such a message can respond to the complainant requesting the email address which received the spam. Note that while the CANSPAM act requires mass mailers to provide an address for removal requests, it does not prohibit spam recipients from complaining about spam if they don't want to divulge their email address to the spammer (thereby confirming it as a "live" spam target).
SPEWS (and you, and all others who support this kind of blacklisting) would do well to realize that this advice is not always practical.
I'm thinking specifically of geographical areas that have only one monopoly broadband provider, who happens to be insufficiently zealous against spam. Are you seriously suggesting that people who live in such areas uproot their jobs, their families, and move to another town, to get another ISP, just to send a message to the ISPs?
The depressing part is that from reading the SPEWS FAQ their answer is clearly "yes".
What's more, since there is no way to get off the SPEWS database, there is also no incentive at all for rogue ISPs to improve their policies. SPEWS needs to realize that vigilantly removing reformers is just as important as vigilantly adding infringers. So far it is completely obvious that they are much more interested in adding people than removing people.
I'm not pro-spam here (nobody is). I'm not telling SPEWS to chill out because I want more spam. I'm telling SPEWS to chill out because their extreme radical position is not in their own self interest. Every mail server administrator I know (including myself) avoids SPEWS like the plague because their database is so heedless of false positives as to be useless.
Or to use my example of Omaha Steaks again
If I had a really bad experience with a Border's brick-and-mortar store and swore never to buy a book from their company again, I'd want to drop their newsletter and regular supply of Border's 20% off coupons. If I found a place that did a better and cheaper job of cutting my hair than Supercuts, I'd cancel their haircut reminder and discount coupon service. Etc. Etc. There are a zillion reasons why someone would opt in for a list, then later decide to leave it when their needs changed.
I have it on good authority that this TRO has been dissolved as of this morning. Dovuments from Pacer should be available shortly.
--Og
Imagine that you sold furniture, and I went to all of your wood suppliers and told them that you were operating illegally and they should stop providing you with wood,...
No, that's not it at all. It's more like if you built torture racks for Iraqui despots, and I went to all your wood suppliers and simply told them the truth about what you were doing, because they _all_ have strict policies prohibiting the use of their wood to build instruments of torture for export to terrorist nations.
What if you were a mugger and, after a couple of tries at just giving you my wallet in the hope you will go away, I get sick of you and track you down and give your address to the police. They find my two stolen wallets in your posession and arrest you and convict you of felony assault. Now, as a convicted felon, it will be _much_ tougher (or at least much more expen$ive) for you to procure the guns and ammo you need to pursue your "career".
Could you then sue _me_? For defamation of your reputation? Interfering with your career?
This is what SpamCop is doing to Richter (among others). They've gotten zero relief from direct complaints (do NOT believe that they haven't tried _that_), and they're going to their suppliers and persuading them into enforcing their existing AUP policies prohibiting spammer scum. Of course the spammers hate this.
What if you had a pawnshop and I bought some stuff from you and then quickly found out that it was stolen. What if I went back to you about it and was flatly told "all sales are final". What if I then ran an ad for you publicizing you as a good "fence"? You'd see an initial surge of business, but this would include narcs, and you would soon be out of business.
Could you then sue _me_ for interfering with your "business"? I think you would be on shaky ground if I could bring stolen property into court and testify that I had bought it at yer pawnshop.
We _all_ have spam from Snotty Scotty, _all_ of it claiming we 'opted-in'. He can rot in hell.
Exceeding the recommended torque is not recommended.
The big argument that OptIn is using (and apparently with success) is that they are never being given the email addresses of those people who wish to opt out.
It's not SpamCop's responsibility to facilitate opt-out services, the vast majority of which are irrelevant in the first place. As a SpamCop member, the last thing I want are these people getting my e-mail address. It's much more likely they'll use it to harass those who report them, than remove them from their lists.
As for SpamCop working with agencies to stop spammers, it's a nice idea, but you first have to find any agencies that are capable, much less motivated to take action against spammers. At this point, there aren't any on any level.
Once upon a time, my wife and I started a bulletin board for people with a specific problem. Lots of people had been discussing this problem on another board, but huge TOS limitations and draconian, inconsistent enforcement of same made it an undesirable place to talk.
/dev/null 'em.) Thanks, fellas.
Within a few days of our board going online, the other board's "administrators" contacted us. It seems that OTHER people were telling each other on THEIR board about OUR board, and they wanted it to stop. They told us to shut our board down or they'd report us to our ISP as spammers. Extortion, essentially.*
Now here's the thing: when the other board contacted us (via the yahoo address my wife had used when setting up an account on the old board) I replied with a newly created email account on my domain. The only email I ever sent from that address, in fact the only time I ever used that address EVER, was during the email exchange between myself and the other board's folks.
The end result? Well, we didn't give in, so they complained to our ISP. As "proof" of our spamming, they submitted a huge pile of URLs linked to forums (most old and no longer actively administrated) filled with recent posts containing ONLY the email address I used with them, and links to other identical forum posts. You guessed it -- they took my email address and posted all of these forum links THEMSELVES to make it look like we did it. Even now, I can find tons of these posts on google -- they never seem to go away.
Oh, and my mail server gets hundreds of emails A DAY to that address, all of which is spam (I finally set the server to
So yeah, I could see why the SpamCop folks hide the address, and even though I don't use their service, I think they're terrific for taking that approach.
*Note: we basically called our ISP, sent them the extortion letters, and were told "we'll look into it and let you know." They were supportive and professional, and did in fact investigate it just in case we WERE spamming -- which was the right thing to do -- eventually returning a verdict of "you did nothing wrong, their complain is not legitimate, and you did not violate our TOS". Best. ISP. Ever.
Correction: It wasn't a decade ago. According to this, the conviction and probation for the stolen goods charges resulted from an investigation carried out by authorities during a period from 1999 to 2001, three to five years ago. That's pretty recent activity.
Now, look at guys like Alan Ralsky (insurance and securities fraud), Thomas Cowles (B&E, fraud and theft), Charles Childs (domestic violence & aggravated menacing), I think we have a pretty stereotypical description of spammers--people who don't give a fuck about the rules, laws, etc, and will do anything to make a buck, even screw their own families over, if it will earn a nickel.