Can-Spam Increased Spam

andy1307 writes "According to New York Times, spam has actually gone up [Free registration required. You gave real info, right?] since the CAN-SPAM act went into effect. There is a graphic in the article that illustrates this increase. Before the CAN-SPAM act was passed, spam was about 60% of all e-mail traffic. Now it's 80%. In a we-told-you-so quote, Steve Linford, the founder of the Spamhaus Project, says CAN-SPAM legalized spam by giving bulk advertisers permission to send junk e-mail as long as they followed certain rules. Slashdot covered this story last year. For companies that offer offshore "bulk advertising" servers, business is booming. A survey from Stanford University estimates the global cost of spam in terms of lost productivity to be at 50 billion $ and 17 billion $ in the US alone. CAN-SPAM does give prosecutors some leverage to go after the merchants - but it must be proved that they knew, or should have known, that their wares were being fed into the illegal spam chain. " The BBC has a related story talking about rates of spam, viruses, and scam mail.

And the spammers seemed like such nice people

Who would've thought they'd abuse a new law?

Re:And the spammers seemed like such nice people

[andy1307]

They should have called it CAN'T-SPAM....What do they expect from people when you tell them they can spam..

Re:And the spammers seemed like such nice people

[Breakfast+Pants]

Who would have thought articles could have bias? An anti-spam law was passed. Spam numbers went up. These two statements don't just magically turn into "Spam numbers went up because of the anti-spam law that was passed." The article gives a little justification with the theory that spam was somewhat legitimized by this act but doesn't look into things like bandwidth being cheaper, the number of zombie boxes constantly rising, etc. etc. etc.

Re:And the spammers seemed like such nice people

[lazybeam]

Why is the law called "can spam" anyway? Is "CAN" a TLA or something?

Re:And the spammers seemed like such nice people

[Demolition]

'CAN-SPAM' stands for "Controlling the Assault of Non-Solicited Pornography And Marketing".

So, technically, 'CAN' is part of an SLA (seven-letter acronym).

D.

Duh...

[GenP]

Seriously, who didn't see this coming? Who loves clueless legislators? Spammers do!

Re:Duh...

I didn't see this coming. Can I have a job as a clueless legislator please?

Re:Duh...

[ackthpt]

Seriously, who didn't see this coming? Who loves clueless legislators? Spammers do!

You get what you vote for.

The day the feds take a real step toward busting spam is the day they enjoin certain IP addresses from connecting into the United States.

It may seem a fantastic idea, but I doubt it would be that hard to pull off. If the PRC get bent out of shape about it, just have Condi fire off a letter explaining the injunction will be swiftly removed once the violator steps into line.

Of course, we hope such powers are only used for good and not evil...

Re:Duh...

[MightyMartian]

> Seriously, who didn't see this coming? Who loves
> clueless legislators? Spammers do!

Well there's that wonderously horrible grey area between unsolicited and solicited spam. We have to deal with this on an infrequent basis, where people actually do sign up for things, and then whine and snivel when mail comes. Clearly you can't define it legally as "anything a user doesn't want to see in his Inbox".

Re:Duh...

[baudbarf]

You get what you vote for.

Stop blaming voters for their government's actions. The last two elections proved that you do not get what you vote for.

Re:Duh...

[soft_guy]

We have to deal with this on an infrequent basis, where people actually do sign up for things, and then whine and snivel when mail comes.

Then stop creating webforms that automatically check the box saying that people want your spam.

Re:Duh...

[Atzanteol]

If you believe that, then I have a scary statistic for you. Since that legislation passed more people have died of gunshots in the US! And my lucky red shirt prevents bear attacks with a 100% success rate!

Corrolation != Cause & effect

Re:Duh...

[Pig+Hogger]

Well there's that wonderously horrible grey area between unsolicited and solicited spam.

You seem to misse a point of semantics here.

Spam is **** NEVER **** sollicited.

Re:Duh...

[bluprint]

...fire off a letter explaining the injunction will be swiftly removed once the violator steps into line.

As if anything done by government is EVER "swiftly" undone. This would just lead to even more problems. Don't know what they would be yet, but I would bet almost anything on it.

Re:Duh...

[Eggplant62]

Why do you think they called it the "You CAN-SPAM" bill?? Sheesh. Any legislation that depends on an opt-out model is broken in my own bug-eyed viewpoint.

Re:Duh...

[jameszhou2000]

totally agree.

the increasing internet penetration rate could be a reason for increased spam.

Re:Duh...

[CritterNYC]

We have to deal with this on an infrequent basis, where people actually do sign up for things, and then whine and snivel when mail comes.

Then stop creating webforms that automatically check the box saying that people want your spam.

Quite right. AND be sure you are confirming opt-ins (ie... send a confirmation email to the address with a unique URL which must be clicked to confirm subscription). Otherwise, anyone can signup anyone else... and there are some mailbomb programs out there that automate this for 100s of sites that don't confirm, forcing the victim to unsubscribe from every list.

Re:Duh...

[mastropiero]

"here's that wonderously horrible grey area between unsolicited and solicited spam"

Not really. Spam is, by definition, unsolicited. The fact that somebody has your email address doesn't give them the right to flood you inbox, and bandwidth. You have to give them permission to do so.

Re:Duh...

[MyLongNickName]

"increasing penetration rate" and slashdot... just think of the jokes.

Re:Duh...

[porcupine8]

I agree that this is a correlative rather than a causative statistic. We can't say the legislation caused more spam.

However, the legislation also obviously didn't result in less spam, which was its intended result. Sure, you could argue that spam would have increased even more without the legislation, but I think that would be a very difficult claim to defend. The legislation may or may not have done any damage, but it did not serve its purpose.

Re:Duh...

[LocoMan]

The question is how are you sure you didn't give them permission (playing devil's advocate here).... just click once on a form with a checked checkbox that says "I allow whoever.com to give my email to business partners and for them to email me here" and you can ever say again for sure you didn't give them permission to mail you... the hard thing there is to define what does "giving permission" mean.

Re:Duh...

[baudbarf]

"I" didn't lose, because "I" didn't vote. But I witnessed the voting of others.

I supplied cold, hard facts and evidence to back up my assertion. I don't see any evidence in your post, though. I see a lot of hot air.

Re:Duh...

[clohman]

My former co. ran a monthly opt-in (w/ confirm) list of 50K subscribers. We honored removal requests, but it was difficult since many had multiple addresses forward to one inbox. One guy subscribed with seven different addresses! I took to searching for all permutations of the requester's first and last name & asking if any of the addresses were also theirs. But in many cases they'd have forgotten addresses based on nicknames or some idiosyncratic combination so even that wasn't enough.

Re:Duh...

[iminplaya]

Why do you call them clueless? They're coming out way ahead of the game. Crooked, maybe, greedy, possibly, but clueless, not. The clueless ones are the people who voted for them.

It's a shame too...

[Powercntrl]

I was truly hoping Can Spam meant sealing spammers up in airtight containers, preserving them for study by future generations.

Re:It's a shame too...

[Tackhead]

> I was truly hoping Can Spam meant sealing spammers up in airtight containers, preserving them for study by future generations.

What do you have against archaeologists from the future?

Re:It's a shame too...

[rbarreira]

Read what he said again ;) "preserving for", not "preventing from" :)

Re:It's a shame too...

[rbarreira]

OK, forget what I said :D

Re:It's a shame too...

[sconeu]

No, it meant that spammers CAN SPAM you freely.

Yes, I RTFA. I know that what it really says is that CAN-SPAM essentially was a nop, and that the rate of increase in spam was virtually unchanged before and after.

Re:It's a shame too...

[Captain+Nitpick]

What do you have against archaeologists from the future?

You know that they're going to dig some Slashdotter up and stick him on display in a museum.

"And here we see 'Tackhead', an example of early 21st century 'World Wide Web' user."

CAN-spam

[fredistheking]

They don't call it the CAN-spam act for nothing.

what's to attribute specifically to CAN-SPAM?

[jxyama]

could the increase be due to natural causes? that people are spamming more, regardless of CAN-SPAM?

what's the fraction of spam that's sent which is CAN-SPAM compliant? how has that increased? (no i didn't RTFA since i haven't registered. does the article answer this?)

Re:what's to attribute specifically to CAN-SPAM?

[spellraiser]

No, the article doesn't really answer these questions. It only has anectodes and theorising, such as this:

"Can Spam legalized spamming itself," said Steve Linford, the founder of the Spamhaus Project, a London organization that is one of the leading groups intent on eliminating junk e-mail. And in making spam legal, he said, the new rules also invited flouting by those intent on being outlaws.

Not everyone agrees that the Can Spam law is to blame, and lawsuits invoking the new legislation - along with other suits using state laws - have been mounted in the name of combating the problem. Besides Microsoft, other large Internet companies like AOL and Yahoo have used the federal law as the basis for suits.

It's hard to know what to believe, really. Personally, I tend to lean towards the notion that spam is simply too large a problem, and the money involved is so great, that combating it with laws alone is simply futile.

Re:what's to attribute specifically to CAN-SPAM?

[1an_m]

You do know that it is easy to RTFA don't you? ... No?
well it's easy, just copy the link to TFA, paste into google, then click on the link on the google page. Even NYT wants to be indexed by google.

Re:what's to attribute specifically to CAN-SPAM?

[snol]

what's the fraction of spam that's sent which is CAN-SPAM compliant?

exactly. Most of the spam I get (which isn't much, admittedly) seems to be of the blatant-identity-theft-scam variety, which of course never comes with removal instructions.

Re:what's to attribute specifically to CAN-SPAM?

[fm6]

You ask questions the NYT reporter should have asked, but didn't. Instead, he interviewed Spamhaus and a bunch of other anti-spam activists, who are strong on zeal but short on facts.

NYT's technology coverage has really gone downhill. All their tech-literate people have moved on, and now most of the stories are written by your typical "technology reporter" whose computer background consists of playing with a PC. They get linked on Slashdot a lot more than they deserve to be.

Re:what's to attribute specifically to CAN-SPAM?

[nick_davison]

Next you'll be challenging the commonly accepted logic:

If your car is speeding towards a pedestrian, don't hit the brakes.

Studies show that fast moving cars, if the breaks are hit, end up further along than they were at the instant the break was hit. Clearly brakes cause cars to travel further!

Re:what's to attribute specifically to CAN-SPAM?

Only on Slashdot could an increase in advertising over a pure electronic medium be attributed to "natural causes".

Re:what's to attribute specifically to CAN-SPAM?

[HitByASquirrel]

From the data it looks like the increase in spam over the past 2 years is basically linear.

It could be said however, that CAN-SPAM did nothing to decrease the increasing ratio of spam to normal email.

Re:what's to attribute specifically to CAN-SPAM?

[Zontar+The+Mindless]

I didn't have to log in to read the article. Odd...

Correlation != Causality

[winkydink]

A fact that seems lost on most journalists these days.

Re:Correlation != Causality

[Trepalium]

Not just journalists, either. Anyone with an agenda loves to forget these things, too. If you look at their handy graph, it looks like fairly linear growth both before and after CAN-SPAM, so blaming the law may be a little out of order.

Re:Correlation != Causality

[Scoria]

When "journalists" begin considering one democratic election to be sufficient justification for not posing appropriate questions, one realizes that most everything is lost on "journalists" these days.

Re:Correlation != Causality

Oh you think so? Well I happen to have some chart over here that shows as correlations increase, causality increases accordingly. Or I'll have a chart in a minute at least.... where's my marker?

Re:Correlation != Causality

[paulzeye]

Actually, the article mentioned that there could be other reasons for the increase in spam. One example was filters blocking more spam, and spammers needing to send out more spam to maintain their levels. The article wasn't bad, you should try reading it.

Re:Correlation != Causality

[Ironsides]

When "journalists" begin considering one democratic election to be sufficient justification for not posing appropriate questions, one realizes that most everything is lost on "journalists" these days.

(For the USA) As I understand it, this started in the mid 80's during the Regan Administration. (Not because of Regan) When Network News started to consider themselves more as Entertainment rather than Information.

Re:Correlation != Causality

[Dachannien]

The article wasn't bad, you should try reading it.

Advice that the original poster might want to take to heart as well.

Re:Correlation != Causality

Dude. I love David Hume as much as the next guy but seriously, there ARE times when correlation happens BECAUSE one thing caused another. If you lived your life by the mantra corr != caus, you'd have a hard time staying alive.

Re:Correlation != Causality

[winkydink]

I did read it. Both pages. Did you see any mention of "other reasons" in the headline (which is all most /.'ers read?

Re:Correlation != Causality

[badasscat]

A fact that seems lost on most journalists these days.

And I see that R'ing TFA is still lost on most Slashdotters these days...

This is not an article about how CAN-SPAM has increased spam. It is an article about how spam has increased despite CAN-SPAM. That is a very different thing. Several viewpoints are given from all sides involved on why it's happening, but at no time does the article itself suggest CAN-SPAM is the cause - only that it has not been an effective deterrent.

I think that's something we can all agree on.

Re:Correlation != Causality

[TubeSteak]

yea yea. Try this: "correlation can provide excellent confirmation of a suspected causal relationship."

Thats why we run all kinds of fun statistical tests to see how relevant certain variables are.

Anyways, solutions: inform these companies (by registered mail, return receipt required, etc) just how their products are being sold.

Now you can show "that they knew, or should have known, that their wares were being fed into the illegal spam chain"

Re:Correlation != Causality

[LEgregius]

However, we can say that it has not stopped spam. It has, essentially, done nothing.

Re:Correlation != Causality

[winkydink]

You're absolutely right. But when there is a cause & effect relationship it can (and usually is) explained. I didn't see any such explanation in this article. It's mostly conjecture being reported as fact.

Re:Correlation != Causality

> As I understand it, this started in the mid 80's during the Regan
> Administration.

When did the ability to spell the names of presidents start to decline?

Re:Correlation != Causality

[Short+Circuit]

I don't recall any particular increase in junk mail with "ADV" in the subject, either.

Re:Correlation != Causality

[Sebby]

"This is not an article about how CAN-SPAM has increased spam. It is an article about how spam has increased despite CAN-SPAM."

Maybe not caused by can-spam, but can-spam gave spammers a shield to do their spamming legally, instead of being outright illegal.

Re:Correlation != Causality

By "journalists", the grand-parent probably meant the Slashdot editors and the Slashdot story submitters. The headline of this article on this website clearly says "Can-Spam Increased Spam" explicitly defining a causality that is just not there. So yet again, Slashdot publishes an article in a flamebait manner. Sad. Frankly at this point, I only read Slashdot to flame the editors and the article summaries.

Re:Correlation != Causality

[TheRaven64]

It depends what you are blaming on the CAN-SPAM act. If you are blaming it for increasing spam, then you are abusing statistics. If you are blaming it for failing to live up to its promise to reduce spam you are entirely justified - not only did it fail to reduce spam, it failed to reduce the rate of increase of spam.

Re:Correlation != Causality

[halivar]

And I see that R'ing TFA is still lost on most Slashdotters these days...

Including whoever named this /. article.

Re:Correlation != Causality

[Ironsides]

When the Public Schools stoped talking about "unimportant dead white guys" such as Washington, Jefferson and many others because it's racist. They don't even talk about George Marshall (much less the Martiall Plan). And sometimes I miss a key when typing (yeah, I see I forgot the 'a')

Re:Correlation != Causality

[Pig+Hogger]

They don't even talk about George Marshall (much less the Martiall Plan).

And Averell Harriman, too. Remember who was Averell Harriman???

Re:Correlation != Causality

[Shimmer]

Right on. The NYT reporter might have a brain, but the person who titled this article obviously isn't too bright.

Re:Correlation != Causality

[Fulcrum+of+Evil]

If you look at their handy graph, it looks like fairly linear growth both before and after CAN-SPAM, so blaming the law may be a little out of order.

I dunno about that - if spam growth is unaffected by CAN-SPAM, wouldn't that be a zero-correlation, and wouldn't blaming the law be called for, as its stated purpose is the reduction of spam?

Re:Correlation != Causality

[TiggertheMad]

The article wasn't bad, you should try reading it.

Uhh...is that actually allowed here? I thought that you could get your account pulled for that sort of thing....

Re:Correlation != Causality

[funk_doc]

Who would have thought, another government program not doing what the politicians promised it would do. Now they're going to start asking for more money to "reform" the legislation.

News for all of you, no government program does what the politicians promised it would do. Can anyone here name one?

I would prefer if they would just stay out of regulating the internet and my computer. My spam filters work just fine. Once again the free market is solving a problem that government can't.

Re:Correlation != Causality

[Tim+C]

It depends what you are blaming on the CAN-SPAM act. If you are blaming it for increasing spam, then you are abusing statistics.

Well, the /. headline says "Can-Spam Increased Spam", so I think it's clear what the submitter was blaming on it.

Re:Correlation != Causality

[TheOriginalRevdoc]

The problem is the way that reporters are expected to behave. The reporter isn't allowed to inject his/her own ideas into the story; they are only allowed to report what someone else says.

Therefore, even if the reporter knows full well that correlation is not cause, they can't just *say* that; they have to find someone else who does. They then have two problems: one, finding someone whose comments aren't tainted (for example, the a spammer won't have much credibility in this situation); and two, stopping the subeditor from dropping the last half of the story with those comments because it's not "news". And you can't stop a sub from doing that.

Besides, it isn't the reporters that need to do this, it's our education systems. Unfortunately, basic statistics, scientific method, and logic don't have a high priority in our society.

Re:Correlation != Causality

[dcam]

The Can spam act does not require this. It reuqires that spam be marked as such, but does not specify how it should be marked.

Re:Correlation != Causality

Welcome to slashdot. You have a high UID, you are worth shit. Childs.

Re:Correlation != Causality

[Threni]

Surely if it's racist then it's a relevant part of American History and should be taught? You were lynching innocent black men only half a century ago. Those who forget their history and all that.

http://www.spartacus.schoolnet.co.uk/USAlynching .h tm

Re:Correlation != Causality

It does not look like linear growth, the graph just shows the data in a way that produces a straight line. You need to look at what it is actually comparing. If you assume that the amount of non-spam email is constant then it is trivial to figure out that it takes more spam to go from 60% spam to 80% spam then it did to get to 60% spam in the firstplace.

Re:Correlation != Causality

[Ironsides]

Those who forget their history and all that.

Yes, unfortunately they don't teach anything about this part of US history either.

SPAM!

[LegendOfLink]

I don't understand why people hate fake meat so much? I mean, put it on sandwich, with some horseradish, and you're all set to go!

Re:SPAM!

How much spam can CAN-SPAM can if CAN-SPAM can can spam?

Correlation != Causation

[jkujawa]

It's likely that spam would have increased anyway.

Re:Correlation != Causation

[pclminion]

It's likely that spam would have increased anyway.

Exactly. Look at the graph. What exactly do they think that graph shows? To me it looks like a perfect trendline.

Re:Correlation != Causation

[KontinMonet]

That's no excuse for not putting together some decent anti-spam laws. 80% of traffic (that I'm paying for indirectly) is classed as utter junk. When will legislators do something, when it's 99.99999999% of all traffic, when corporates at last start complaining 'their' business is being hurt? Sheesh.

Re:Correlation != Causation

[Rosco+P.+Coltrane]

and not to mention, causation != causality. That's how unrelated those two facts about spam are!

Re:Correlation != Causation

eighty per cent of _email_
eighty per cent of traffic is bittorrent

Re:Correlation != Causation

[suso]

Actually, what this graph shows is the failure of the CAN-SPAM act to do anything.

Re:Correlation != Causation

[Reziac]

Also, I've noticed in the past that non-viral spam spikes come a few months after the introduction of some new spamming software, as judged by changes in the headers, the types of content nd/or attachments, etc. At a guess, there've been a couple "new and different" types over the past year, which probably helped grow the average.

CAN-SPAM may have "legalized" spam, but also made it easy to filter *compliant* spammers, so I expect the net effect of the law was zero.

Could this have nothing to do with Can-Spam?

[tabkey12]

We don't want to know if the relative amount of SPAM has increased - that is no surprise given that it is supposedly a good (if unethical) business model. How about whether the rate of increase has changed - that would be the only analysis that would show CAN-SPAM legitimised some spam messages.

Here's the problem

[elid]

"There's way too much money involved," Mr. Gillespie said, noting that his service, which is currently down, provided him with a six-figure income at its peak. "And if there's money to be made, people are going to go out and get it."

This is the problem. Until the business of spamming stops producing profits, spam won't stop. It's beyond my comprehension why anyone would buy anything from spam.

Re:Here's the problem

[RandoX]

I could give you a thousand reasons. Give me your email address...

Re:Here's the problem

...says the guy with a free iPod link in his sig.

Re:Here's the problem

[Xzzy]

They're not making money by making sales. They're making money by being paid to advertise (spam).

Response rate for junk-mail in the real world is something like 2%, maybe less. Yet advertisers throw piles of money into doing it, because the income that 2% brings them is worth it. To them.

Spam is even easier.. there's no material cost involved to print up paper. Assuming spammers charge normal advertising rates, their profits are up a considerable amount.

Re:Here's the problem

[gunnk]

There is something deeply ironic about a post stating incredulity that people would buy anything from spam... ... in a post with a sig to a "offerprizes.com" -- "free" iPod stuff.

Re:Here's the problem

[siriuskao]

Still someone has to purchase the advertised product or service, or else why would an advertiser throw $$$ with 0% of return?

Re:Here's the problem

[The_Wilschon]

Maybe the spammers all buy stuff from each other, just to keep the market alive.

Re:Here's the problem

[kaustik]

Seriously, mod this hypocritcal, ipod spamming dick down. That will teach him...
sigh

Re:Here's the problem

[skae]

"It's beyond my comprehension why anyone would buy anything from spam."

My question to you is, have you ever bought a pizza with a discount coupon that was left hanging on your front door?

Not all spam is about penile enlargement.

;o)

Re:Here's the problem

[RpiMatty]

Pot Kettle, Kettle Pot.
yeah, i can't believe how he is questioning how spam makes money, when he is helping someone with an equally shady business model

Re:Here's the problem

[forand]

Maybe that is why it is moded "funny" and not "insightful" as most other statements of the predominate feelings seem to be.

Re:Here's the problem

[IANAAC]

I can't believe people still compare printed junk-mail with spam. They economies are very different.

Surely, you realize that.

Re:Here's the problem

[Buran]

A-fucking-men. The original poster is a hypocrite. Stop whining about spam when you're spamming other people trying to get them to basically buy something for you.

Re:Here's the problem

[skae]

I don't believe I said that the economics are similar. What I did do was provide a reason why people purchase from spam.

Merriam-Webster Online Dictionary
Pronunciation: 'spam
Function: noun
Etymology: from a skit on the British television series Monty Python's Flying Circus in which chanting of the word Spam (trademark for a canned meat product) overrides the other dialogue
: unsolicited usually commercial e-mail sent to a large number of addresses

And Yes I do consider unsolicited mail at home spam.

Re:Here's the problem

[VoidWraith]

The profit model isn't as simple as that. What usually happens is abuse of an affiliate program. Corporation pays advertising agency, advertising agency says, okay affiliates, lets get this advertising on as many banners as possible, so we'll pay you by commission. The affiliates decide, the best way to get people to view these ads (doesn't matter if they click on it or not) is to send them email disguised as something they'll open (like these ones I get that say Joe Smith "RE: Important" or Annie Smith "hi" and things they'll expect me to click, and I probably would if it didn't get filtered, and if it didn't matter because I view the messages in plaintext). Every time someone mistakes the spam for something they want to read, which happens a lot more often than somebody buying something from it, the spammer gets a few cents from their advertising company. Its very profitable for them.

Rules

[vertinox]

CAN-SPAM legalized spam by giving bulk advertisers permission to send junk e-mail as long as they followed certain rules

So um... If they are following a standard set of rules, then logic seems to tell me that someone isn't apply their server side rules to full effect. No?

Re:Rules

[Sylver+Dragon]

This was my thought the moment I read the submitter's blurb. If the spammers are following the CAN-SPAM act, then great, we've won. The way I see it, there are certain things that must exist in "legitimate" spam. With a half decent baysian filter, these words should be quickly associated with spam, and will, therefore get deleted. In time, and with a bit of training, users won't even see this stuff.
Of course, this still leaves the problem on the server side. Which can be mitigated with things like blacklists.
I will grant that it is not a complete solution, but it's a small step. Whether we like it or not, SPAM is here to stay, the best thing for us to do is make them tag it as such, so that it can be easily filtered. Perhaps the only solution is going to be something along the lines of mandating an update to the SMTP standard, and include a command which basically says, "I'm about to send you SPAM instead of normal email", maybe a SPAM TO: instead of a RCPT TO:, this could then be filtered per user at the server level.
e.g. Each user is allowed to either accept all or reject all SPAM TO:me@domain.com. Or, if an ISP is feeling adventerous, they could allow a user to keep a list vendors which they want to see spam from.
The last part of this would be to legislate that companies must use this on all commercial email, with nasty fines if they don't. Something like $1000 per message which didn't use this. And a revoking of business license for repeat offenders.

Slashdot, Jxyama. Jxyama, Slashdot.

[LordPixie]

Welcome to Slashdot. Where correlation does not mean causality for things like piracy, but does for things like legislation inducing spam. The trick is to remember that the evidence supports your position, and then figure out why.


--LordPixie

Can-Span?

[FortKnox]

So what's Can-Span (see title of slashdot article)?

Re:Can-Span?

[SCOX_Free]

Well, I can tell you this much, there are going to be a LOT of spanners out there quaking in their boots when they here about this important piece of legislation...

Re:Can-Span?

[GreyWolf3000]

It's a new cable station that broadcasts political proceedings--much like C-SPAN and C-SPAN2, but geared towards children.

Oh well...

[garcia]

A growing number of so-called bulletproof Web host services like Mr. Gillespie's offer spam-friendly merchants access to stable offshore computer servers - most of them in China - where they can park their Web sites, with the promise that they will not be shut down because of spam complaints.

And this is exactly what we have been saying all along. No matter what laws are passed, no matter what we do to combat spam, the spammers will always find another way to make a buck.

One of the spammers quoted in the article claimed that he didn't care about the lawsuits... He was making too much money to stop.

If you're making too much money and they somehow make a law that actually works stick do you think that they are just going to go away? Yeah, I do, to other countries where those laws won't mean anything...

Keep those firewalls banning entire countries (.kr and .br) and keep banning /16's and /8's until it is gone. The spammers are here to stay.

Re:Oh well...

[Hoi+Polloi]

1. They need to go after the people who are paying the spammers. You advertise with a spammer your business gets shut down plus you get time in jail, a big fine or both.

2. Banning countries won't work because they can just bounce it off 3rd country's domains. The TCP/IP protocols themselves need to be redesigned.

3. Maybe going to private networks will be necessary where activity is monitored and certain activities are blocked (such as IRC, spyware websites, etc). Obviously this won't appeal to the privacy concious but right now any twit with a phone line can connect and ISPs rarely do much to stop abuse. This would probably appeal more to businesses than to individuals.

Re:Oh well...

[WolfWithoutAClause]

Yeah, but consider that those that have tracked the spam back to the people who actually paid for it to be done, have shown that Americans pay for the vast majority of spam mail shots. Those are the real culprits.

Re:Oh well...

[Pig+Hogger]

Banning countries won't work because they can just bounce it off 3rd country's domains. The TCP/IP protocols themselves need to be redesigned.

Sheeesh.... If you gonna take the trouble to redesign TCP/IP, you might as well simply invent a new unspammable mail transport protocol.

Re:Oh well...

[Anne+Thwacks]

One of the spammers quoted in the article claimed that he didn't care about the lawsuits... He was making too much money to stop.

Thus proving the case for cruel and inhuman torture as the appropriate punishment.

Spam will stop when the american anti-terrorist forces slam cruise missiles though the spammer's bedroom windows, and probably not before. As a government committed to the use of force for the pubic good, they need to do a bit more for the public good, and a bit less for the spammers good.

Re:Oh well...

[gowen]

The TCP/IP protocols themselves need to be redesigned.

There's nowt wrong with TCP/IP. It's SMTP that's showing that its roots are from a more trusting time. And there are already a number of secure mail protocols in existence.

Re:Oh well...

[Hoi+Polloi]

DOH! You're right, I meant SMTP. I didn't have enough coffee.

Re:Oh well...

[keeboo]

Keep those firewalls banning entire countries (.kr and .br) and keep banning /16's and /8's until it is gone. The spammers are here to stay.

Funny thing is that I live in .br and most of the spam I get comes from the US.

You've better refraining your cowboy unilateralist behaviour...

Re:Oh well...

[Antique+Geekmeister]

It won't work. Too many machines are now being zombied to send spam from scattered hosts. The blackholing of careless providers is understandable, but there's no way a major ISP can control all the machines in their network.

The blocking of outgoing port 25 to all but a provider's own mail servers is helping, as are efforts like SPF that allow an ISP to publish a description of the only hosts that are allowed to send from that domain. This will help against the zombie and forgery issues that plague anti-spam efforts now, especially against the email worms and email worm bounces that count towards the spam totals.

Some solutions to spam

[mgv]

I've had this thought for a while, about what can be done about spam, and I have a couple of ideas for the /. community.

1) Legislate so that merhandise sold using spam cannot legally demand payment (eg via visa/mastercard). Puts alot of pain onto these companies, but also would make it quite unattractive to sell stuff this way if you knew that the money you got could be reclaimed if it was demonstrated that you used spam as an advertising medium

2) Employ teams of people to respond to SPAM (at a government level). SPAM works because they get a low return rate, but the people who do respond actually buy stuff. Thats what keeps it all going. If we made it so that a decent percentage of the replies were time wasters, the average company would suddenly have to employ lots of resources to deal with false responses. In effect, it would spam them. Suddenly its no longer as cheap to advertise this way.

Just a couple of thoughts, but I'd love to see what the /. community thinks of these, or if anyone else has any ideas on what to do about spam. (And I don't mean better filters by this).

Michael

Re:Some solutions to spam

[Ironsides]

2) Employ teams of people to respond to SPAM (at a government level). SPAM works because they get a low return rate, but the people who do respond actually buy stuff. Thats what keeps it all going. If we made it so that a decent percentage of the replies were time wasters, the average company would suddenly have to employ lots of resources to deal with false responses. In effect, it would spam them. Suddenly its no longer as cheap to advertise this way.

This wouldn't work as they use a computer system to take order, like at amazon. They don't involve themselves personally in the sale.

Re:Some solutions to spam

[rbarreira]

2) Employ teams of people to respond to SPAM (at a government level). SPAM works because they get a low return rate, but the people who do respond actually buy stuff. Thats what keeps it all going. If we made it so that a decent percentage of the replies were time wasters, the average company would suddenly have to employ lots of resources to deal with false responses. In effect, it would spam them. Suddenly its no longer as cheap to advertise this way.

That does wonders against scammers. Against spammers I guess it would be hard in most cases...

Re:Some solutions to spam

[shic]

Further to your second point, this ties in nicely with an idea I had about unsolicited telephone calls. The bogus calls are very easy to recognise because the caller has no interest in exactly whom they are talking to... I usually wait for a pause, say "I'm not interested" and hang up - but this is a very dull approach.

I want to hand the call off to an automated time-waster - then set up league tables to show how long a call the automated system could provide. Heck - it could even become a competitive sport! A sophisticated system may 'listen' for keywords and then use them in its responses... but I think there would be great mileage in just asking the caller to repeat what they just said because "the line is bad and I'm a bit deaf..." by feigning memory problems or introducing bizarre non-sequiturs. I know it would be a lot of work - but I think the comedy value of the pay-back would make it all worth-while.

Re:Some solutions to spam

[cryptochrome]

Prosecute the companies that use spam for spamming. Make the spamming companies and ISPs liable as well. If you're feeling particularly uncharitable, make it so that people whose computers were infected with spammer trojans are also liable, but give them the option of suing their OS maker. Prosecute aggressively.

Re:Some solutions to spam

[Hoi+Polloi]

Getting the credit card companies to cooperate and refuse service to those who use spamming services would be a great way to put a major dent in their profits. Most people who order things through the mail are not going to send a check and certainly not cash. Unfortunately anyone buying the crap they advertise probably isn't that careful or bright in the first place.

I'd also make people who let their machines become "zombies" legally liable. Just like you can't drive a car that is falling apart and is a threat to public safety you shouldn't be allowed to connect an infected machine to the internet. If you do then you should be liable for any spam your machine sends out (ISPs should be included). It would force people to be more careful with their systems.

I hate to say it but the administration of the net needs to be taken over by the government. There isn't a strong enough profit motivation on the ISPs, domain admins, etc part to take the action they need to crack down on spam. Traditionally services needed by the public, but not conducive to private for-profit operation, have fallen under the aegis of the government (i.e. fire/police protections, "free" libraries and schools, etc).

Re:Some solutions to spam

[rhizome]

for #1, how are you going to draw the line between spam and non-spam (ham)? How do you figure out who "these companies" are? Are you going to tell PayPal/eBay that they can't take payments for certain transactions, and how will they know which ones are spammy?

Re:Some solutions to spam

[deblau]

Legislate so that merhandise sold using spam cannot legally demand payment

Even if a merchant wanted to comply, a law would require them to know ahead of time that their email wasn't spam. That's impossible, because everyone has a different definition of spam. Besides, any attempt to tell merchants that they can't collect money from willing customers will be shot down by Congress as being Un-American.

If we made it so that a decent percentage of the replies were time wasters, the average company would suddenly have to employ lots of resources to deal with false responses.

Are you suggesting a government-funded campaign to make it incredibly expensive for free-market businesses to close sales with willing customers? If we took all of the junk mail-order catalogs and made up a bunch of fake responses, it would be pretty much the same thing. That hardly seems fair. And I don't want to spend my tax money on it.

Re:Some solutions to spam

[The42]

Since "attacking" the spammers themselves is practically impossible, it is of course no surprise that anti-spam legislation failed. The government simply doesn't have the power to enforce it. Personally, I think that the most logical solution is challenge-response filter systems (when a "new" contact emails you, they are asked to verify their identity so that you can decide whether to accept them or not). The inherent flaw of "content filters" is that there will ALWAYS be a way around. There's always another clever way to spell "viagra", as long as the spammers are willing to find it. Someone (usually the software companies) must constantly update the filter to match newer workarounds. Also, with this method, there is always some blocked legitimate mail. Challenge-response does not have these problems. Spammers won't recieve a challenge message, so their spam never reaches the inbox. Legitimate contacts will recieve a challenge, and it takes mere seconds to complete the form. So an occasional "check" (about once every week) is still required to the "quarantine" to make sure no legitimate mail slipped through, but no spam EVER reaches the inbox. If enough people used systems like this, spam would become impossible. I use ChoiceMail

Notice the trend - Noncausal

Correlation (or lack thereof) does not imply causation (or lack thereof).

If you look at the graphic carefully, you'll notice that there is a nice linear trend line. I'd like to argue that CAN-SPAM is entirely irrelevant to criminal activities, and posit that whether or not the bill had been passed that we'd still be exactly where we are today.

As a side note, with a 20% growth per annum, by next year illegitimate email traffic should reach 100% of all email traffic!

Misleading Statistic

[Ironsides]

Nothing is to attribute this directly to CAN-SPAM. If you look at the graph supplied, there has been (on average) a linear increase in the % of email sent that is spam. Spam has always been on the increase and CAN-SPAM has done nothing to slow it down. Its all just a missrepresentation of the information.

Re:Misleading Statistic

Holy crap! Pretty soon, then, we're going to have 110% spam!

"That's impossible. No one can give more than one hundred percent. By definition, that is the most anyone can give..."

Re:Misleading Statistic

Thats funny, but you trolled yourself.

slashdoting so efficiently that you're your own troll.

Stats appear at least vaguely correct..

[James_G]

For what it's worth, the graph of spams seems to mirror quite nicely the spam stats I've been tracking for a couple of years.

I have to wonder if you can really say that CAN-SPAM made it get worse. To me it looks like there was a brief drop off, and then it resumed the normal climb. Do we seriously believe that a significant amount of spam wasn't sent before CAN-SPAM, because the originators were worried about it being illegal? Seriously?

What percentage of the spam complied?

[Malc]

We also expected the volume of spam to increase with or without CAN-SPAM. So what percentage of this current volume of spam actually complies with CAN-SPAM?

Obligatory quote

HAH HAH!

Coincidental Correlation

[kajoob]

Post Hoc Ergo Propter Hoc

Definition:

The name in Latin means "after this therefore because of this".
This describes the fallacy. An author commits the fallacy when
it is assumed that because one thing follows another that the
one thing was caused by the other.

Examples:

(i) Immigration to Alberta from Ontario increased. Soon
after, the welfare rolls increased. Therefore, the increased
immigration caused the increased welfare rolls.

(ii) I took EZ-No-Cold, and two days later, my cold
disappeared.

Proof:

Show that the correlation is coincidental by showing that: (i)
the effect would have occurred even if the cause did not
occur, or (ii) that the effect was caused by something other
than the suggested cause.

References

(Cedarblom and Paulsen: 237, Copi and Cohen: 101)

Re:Coincidental Correlation

[Psiolent]

I certainly agree that there's no evidence that the act increased the amount of spam. However, I think what is telling is that the act failed to decrease the amount of spam.

Re:Coincidental Correlation

"Post Hoc Ergo Propter Hoc"

"The name in Latin means 'after this therefore because of this'."

Then why didn't you just say that in English in the first place!!!

Support the Society to End Foreign Language References Just So You Look Clever

Re:Coincidental Correlation

> Support the Society to End Foreign Language References Just So You Look Clever

Sorry too busy with the Society to Laugh at Indignant Assholes.

PS. Your punctuaion on the 3rd line is all wrong.

Re:Coincidental Correlation

[haxor.dk]

True, but at least it should it likely that CAN-SPAM has been ineffective in combating the spam problem.

Re:Coincidental Correlation

[learn+fast]

At least cite where you copy-and-pasted from. Ingrate.

"Can-Span" increased Spam....

[tekiegreg]

*sigh* and I mentioned this while it was still in the mysterious future, your funeral CmdrTaco :-/ I tried...

Increased?

[tgibbs]

Actually, the chart suggests that the act produced a short-lived decrease in spam volume, after which spam continued to increase at about the same rate as before the law.

Re:Increased?

[Peyna]

I wouldn't even give the act credit for the short decrease, as it appears that the level of spam goes through series of decreases and increases but a pretty much overall linear increase in level.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[FortKnox]

Thanks for the new sig. Superb!!

Can-Span

[Luigi30]

Can-Span? Is that a law legalizing screwdrivers?

Re:Can-Span

[mmkkbb]

A spanner is a wrench, no?

Re:Can-Span

[Misch]

Can-Span? Would that be the Peace Bridge?

No Registration Link & Article Text

[tabkey12]

http://www.nytimes.com/2005/02/01/technology/01spa m.html?ei=5094&en=f7486f68b21cb2cc&hp=&ex=11073204 00&adxnnl=1&partner=homepage&adxnnlx=1107278156-1s aospHSGtVgrInqBD7sAg

Article Text:

A year after a sweeping federal antispam law went into effect, there is more junk e-mail on the Internet than ever, and Levon Gillespie, according to Microsoft, is one reason.

Lawyers for the company seemed well on the way to shutting down Mr. Gillespie last September after he agreed to meet them at a Starbucks in Los Angeles near the University of Southern California. There they served him a court summons and a lawsuit accusing him, his Web site and 50 unnamed customers of violating state and federal law - including the year-old federal Can Spam Act - by flooding Microsoft's internal and customer e-mail networks with illegal spam, among other charges.

But that was the last the company saw of the young entrepreneur.

Mr. Gillespie, who operated a service that gives bulk advertisers off-shore shelter from the antispam crusade, did not show up last month for a court hearing in King County, Wash. The judge issued a default judgment against him in the amount of $1.4 million.

In a telephone interview yesterday from his home in Los Angeles, Mr. Gillespie, 21, said he was unaware of the judgment and that no one from Microsoft or the court had yet followed up. But he insisted that he had done nothing wrong and vowed that lawsuits would not stop him - nor any of the other players in the lucrative spam chain.

"There's way too much money involved," Mr. Gillespie said, noting that his service, which is currently down, provided him with a six-figure income at its peak. "And if there's money to be made, people are going to go out and get it."

Since the Can Spam Act went into effect in January 2004, unsolicited junk e-mail on the Internet has come to total perhaps 80 percent or more of all e-mail sent, according to most measures. That is up from 50 percent to 60 percent of all e-mail before the law went into effect.

To some antispam crusaders, the surge comes as no surprise. They had long argued that the law would make the spam problem worse by effectively giving bulk advertisers permission to send junk e-mail as long as they followed certain rules.

"Can Spam legalized spamming itself," said Steve Linford, the founder of the Spamhaus Project, a London organization that is one of the leading groups intent on eliminating junk e-mail. And in making spam legal, he said, the new rules also invited flouting by those intent on being outlaws.

Not everyone agrees that the Can Spam law is to blame, and lawsuits invoking the new legislation - along with other suits using state laws - have been mounted in the name of combating the problem. Besides Microsoft, other large Internet companies like AOL and Yahoo have used the federal law as the basis for suits.

Two prolific spam distributors, Jeremy D. Jaynes and Jessica DeGroot, were convicted under a Virginia antispam law in November, and a $1 billion judgment was issued in an Iowa federal court against three spam marketers in December.

The law's chief sponsor, Senator Conrad Burns, Republican of Montana, said that it was too soon to judge the law's effectiveness, although he indicated in an e-mail message that the Federal Trade Commission, which oversees its enforcement, might simply need some nudging.

"As we progress into the next legislative session," Mr. Burns said, "I'll be working to make sure the F.T.C. utilizes the tools now in place to enforce the act and effectively stem the tide of this burden."

The F.T.C. has made some recent moves that include winning a court order in January to shut down illegal advertisi

More spam

[g0dsp33d]

Weird, I've been getting less and less. Between my 4 accounts, I only get a few peices of spam a week. And my one account has been used as a spam-sucking email account for online forms etc.

Re:More spam

[Ironsides]

Weird, I've been getting less and less. Between my 4 accounts, I only get a few peices of spam a week. And my one account has been used as a spam-sucking email account for online forms etc.

Yeah, I've been trying to figure this out too. I've got 3 accounts, and 2 never get spam. The third one has some filters set up that eliminates most of the minute amount that is left. I rarely get more than 4 emails a month that I actually have to do anything for.

Re:More spam

[zerocommazero]

You're not taking into account the spam your ISP is probably blocking. With just about all ISPs using more form of anti-spam protection, they're the ones to get the accurate numbers from.

Re:More spam

[g0dsp33d]

It isn't my ISP, I use webmail. Some have spam blocking features, but its nothing to get excited about. Plus my trash folder isn't showing much. Unless the webmail servers are bouncing it or blocking it outright. But I don't know if thats so good, considering how useful mail has ended up in my trash can with their filters.

Re:More spam

[jfengel]

Got me. I monitor a couple of "promiscuous" addresses, e.g. info@websitename.tld, where I'm expecting unsolicited emails from potential clients. These do get spam, presumably from where the scrapers have pulled the names from the web site.

I had assumed that these would get TONS of spam; once you're on one spam list you're on every spam list. Instead I get spams-per-day instead of kilo-spams-per-day.

At least some of it is the ISP blocking it. I don't know how many false-positives I've suffered, causing me to lose business, but I have reason to believe it's not very much.

But that couldn't be all of it; some spam still gets through. I dunno what's up.

Re:More spam

[tetsuji]

Lucky you. Last week, I got 10,000 in one day.

Re:More spam

[g0dsp33d]

really? I have this nifty tool that allows me to bounce emails after 25 megs. :p

Even at a few k a message, thats gotta hurt someone's servers, hopefully not yours?

GREAT EXAMPLE.

hot-linking: as long as it's a big corporate bitch, it's OK! Way to set an example.

Not quite...

[Spy+der+Mann]

The figure shows that SPAM increasing rate was more or less the same before and after the CAN-SPAM law.

Ok, in plain text: It didn't accelerate SPAM. It just didn't do anything to stop it.

Re:Not quite...

In fact, now that you say it, I realize spam only started in mid 2002.

The problem wtih trying to outlaw spam

[KiltedKnight]

When you try to outlaw it in the US, someone will move it to Russia, China, or some other country that would just love to get the money from someone who wants to buy bandwidth, server space, computing power, etc.

The only way we'll actually see a reduction in spam is to put true measures in the MTAs such that there is absolutely no way to mask the sender's address or host, and completely disallow any form of relaying. Then, you have to start setting up the MTAs to not accept any mail delivered by older versions.

Yes, I realize the impact this would have on the internet and e-mail delivery... but if you want to eliminate it, or at least be able to truly identify the sender, this is about the only way to actually do it.

Re:The problem wtih trying to outlaw spam

[Kainaw]

completely disallow any form of relaying.

I know this is not what you mean, but how about making it normal and allowed for mailservers to refuse to transport spam? For instance, a mail from some spammer hits my server and has to be delivered to you. I know it is a spam, so why do I *have* to forward it? Everyone says you have to forward emails becuase it isn't your authority to decide what is and is not spam. That is where this relates - what is your authority to decide relaying is all spam?

In my opinion, it is my server and my choice. If I don't want to forward any emails with the name "David Hasselhof" in them, I should be allowed to do so.

Re:The problem wtih trying to outlaw spam

[KiltedKnight]

I know this is not what you mean,

No, completely disallowing open relays is precisely what I meant. Open relays are the way spammers currently get a lot of it out onto the network.

Go look at your current sendmail config files and see about the "allow relaying" stuff. If you want your mail server to be blacklisted, go right ahead and allow open relays. You can leave it as a configurable option, but when you are an open relay, you are subject to not having any mail sent through you transferred to the recipient.

Re:The problem wtih trying to outlaw spam

[iamcf13]

The only way we'll actually see a reduction in spam is to put true measures in the MTAs such that there is absolutely no way to mask the sender's address or host, and completely disallow any form of relaying.

Done. Give it a try....

Re:The problem wtih trying to outlaw spam

[KiltedKnight]

That's a mailbox scanner... not an MTA.

MTA, or Mail Transfer Agent, meaning sendmail or postfix, or any similar program that is supposed to deal with SMTP.

Re:The problem wtih trying to outlaw spam

[ahodgson]

No, completely disallowing open relays is precisely what I meant. Open relays are the way spammers currently get a lot of it out onto the network.

That's so ... 1998.

Most spam is sent via trojanned Windows machines, a vast army sitting on every broadband network in the world, created by several rounds of viruses over the last few years.

Most of the rest is sent by dedicated spam factories using various tricks to make it look like it's really coming from dial pools or 3rd world countries, or pretending to be "opt-in" so they can safely spew directly from MCI or Savvis or SBC or other spam-friendly ISP's.

Open SMTP relays are well-mapped by the DNSbl's and hardly used for spam at all these days.

Email is dead

Well, not dead, but dying. People aren't going to use something when they spend their time deleting crap they don't want. They'll use something else. Messaging, IP telephony, and similar things spring to mind. It always seems to get past spam filters, however well configured they are. There's nothing quite like seeing 2000 spam emails in your business email account every day to put you off email for life.

Moles

Can anyone say whack a mole? You either need to re-engineer SMTP or find better ways to remove the economic incentive. Can-Spam was just theater, like most other US legislation.

Stopping Spam

[CmdrGravy]

The only real way to stop Spam is to take action against the companies using these spammers services.

I realise this might not be the easiest thing in the world to do, given the shady nature of both spammers and their clients but on the whole I would imagine the companies are the kind of companies trading standards etc would be interested in anyway.

What we need is new laws and investment into shutting down dodgy businesses who feel the need to use spamming and other annoying bulk marketing.

IPTables really helps.

[PornMaster]

Just blocking China and Korean IP space from connecting to port 25 does wonders for reducing spam. See: http://www.okean.com/iptables/rc.firewall.sinokore a

Re:IPTables really helps.

just block the $ sign, stops 99.99% of spam in my inbox and as we (thebuisness) don't deal with that currency it has yet to make a false positive
of course if you use that sign in your currency then its no good for you

Re:IPTables really helps.

[gammygator]

It also does wonders for opening your company up to discrimination lawsuits.

My company tried blocking China and Korea and we were almost immediately threatened with lawsuits (from our internal users) because we were discriminating against an entire country.

I hate to admit it, but the users probably were correct in their complaints.

Quite honestly, I hope they choke on all that spam. :-)

Re:IPTables really helps.

[urlgrey]

For smaller companies and individuals, blocking traffic from these netblocks is a tremendous help. I do it myself, in fact. Unfortunately, for those people and companies who do legimate business with Asia, this isn't really a viable solution.

And the quest continues.

Re:IPTables really helps.

[KC7GR]

I don't think the complaints or threats of lawsuits were at all valid. They're your servers, your bandwidth allocation, your routers. You have total authority to configure them however you please.

The ONLY legal obligations you have to your users are those that are spelled out in your Terms of Service agreements that said users accept when they sign up with you.

Now, this doesn't mean that widespread blocking won't cost you some users if you do it. The decision point is what's going to cost you more: Dealing with the spammer spew, or losing a few users because they're pissed off at you for dealing with said spew.

Keep the peace(es).

Re:IPTables really helps.

[IANAAC]

Unless you're and ISP or in the import/export business, this is probably not an issue. Most corporations these days have employee usage statements that prohibit company email for personal use. That would be all that is needed to block huge portions of the internet.

Re:IPTables really helps.

[Buran]

Let them check a box on a webform for managing their account that lets them receive mail from foreign domains that spam. Explain what the blocking is about, default it to on, but allow them to remove it if they really want to (e.g. if they call to complain, tell them how to get to the admin page).

I think that could do it ... then they can turn the blocks back on if they start getting excessive spam.

Re:IPTables really helps.

[eventhorizon5]

I've also got some scripts on my anti-spam website that I use to analyze spam stored in mbox files. One script lists all of the machines that sent the spam, in decending order according to the amount of spam they sent, like so (this is the top of the most recent results):

(instance, IP, hostname)
5 81.198.237.219 unknown
5 211.243.68.48 unknown
5 209.58.246.26 softdnserror
4 67.140.111.166 h166.111.140.67.ip.alltel.net
4 219.6.220.121 yahoobb219006220121.bbtec.net
4 203.227.243.182 unknown
4 201.6.33.39 c9062127.virtua.com.br

and then another script takes all of the IPs that sent 3 or more spams and dumps them into a block list. Machines that connect to the server are first checked by a script to see if they exist in the block list, then are checked to see if they are listed in Spamhaus, and then are checked to see if they are listed in the ORDB. Finally the message is transmitted, and sent to Spamassassin, which tags the message if it's spam. Another script moves the message to the user's inbox if it's not tagged, and to the spam archive (/var/mail/spam) if it is. Then the webmail system filters out certain messages based on it's own rules.

All of this and still an increase in spam lol

The stuff (including statistic graphs) is here:
http://www.tliquest.net/spam

-eventhorizon

'Nother example

[KontinMonet]

All trousers have two legs
All men wear trousers
Therefore all men have two legs.

Re:'Nother example

[MaestroSartori]

I am a Scotsman, you insensitive clod!

(kilts are better than trousers, clearly) :)

Re:'Nother example

[Reziac]

Lad, I dinnae where ye been, but I see that thanks to herbal viagra, ye've won first prize!

Its frustrating sometimes...

[Goronmon]

This is the sad state of journalism these days. Why just claim that something had no affect when you can claim it was worse? Oh I know why, because news has become about entertainment instead of informing the public. And since bad > neutral, you get articles like this.

I think the issue is...

[SirFozzie]

That a great deal of the (uninformed) public and the (uninformed/bribed , take your choice) politicians thought this would at least put a dent in spam here in the US.

Of course, the spammer scum (I know, don't need to add scum, spammer covers it) figure that it's a law for show, which it is..

The top 10 spammers are responsible for something like 3 quarters of the spam sent. If Only half of those spammers were locked up in jail (where you have to admit they belong, because of their tactics, never mind the UCE itself).. spam would drop noticeably.

The law needs to be improved. The law needs to have teeth.. and the law needs to chew some big time spammers.

That's the only thing that'll slow things down.

Re:I think the issue is...

People Talking in Movie shows.. people smoking in bed.. people voting republican.. GIVE THEM A BOOT TO THE HEAD!

Hi, SirFascist(442268). How's it going? Burned any good books lately?

Re:I think the issue is...

[SirFozzie]

Ah.. you don't know the Frantics comedy routine. Shame. For that I bequeath you.. a life time supply of icecream.

(AC asks Ice Cream? What Flavor?)

Boot to the Head!

(Insert sound effects if thwapping, ow! etc..etc...etc.. :D)

Re:I think the issue is...

Doesn't make you any less a fascist. The sad thing is, you don't even realise that. But then, a fascist wouldn't.

Re:I think the issue is...

[SirFozzie]

Anyone else notice the irony that a guy who's sig has a line from a comedy skit about giving people who vote for the Republicans a boot to the head being called a facist? :)

Oh wait.. let me jumble up the letters for you (what do you think folks, double ROT-13 it?) so you can call me a crypto-facist?

I assume you take issue with my point that the top ten spammers deserve to be in jail, for their tactics in sending bulk UCE.

These so-called professional spammers are behind many popular viruses and trojans on the net, that attempt to hijack people's computers to send their crap, because they know they couldn't keep a net connection if they sent it from a net connection they paid for.

Ask a net.admin who just had to clean up after a spam run how harmless spammers tactics are. Ask some helpless guy who just saw his net connection yanked because some spammer hijacked his box to send further virused emails (like all viruses, they have to spread to live), scams, fraud, and Make Penis Fast emails.

Trust me, I'm MODERATE when it comes to jerks like that.

Re:I think the issue is...

You assume wrong. I couldn't care less about your position on spammers.

Also, please learn the definition of irony. That word does not mean what you think it means.

Spam Has Gone Up

[PeteDotNu]

Is this some sort of density-related thing? Are they whipping the spam more, so that it is fluffy? This surely means that there is a lower percentage of real meat in the product?

Shame on... shame on you.

Missing the point

[Otter]

As a bunch of others have pointed out, correlation doesn't demonstrate cause. But more importantly, who cares?

As a user and a domain owner, the overall volume of spam isn't of particular concern for me. (Obviously ISPs and carriers have different priorities.) If CAN-SPAM succeeds even partially in demanding filterable subjects and outlawing address forgeries, that's far more important to me than whether the total volume goes up or down.

Sherlock

[MasTRE]

> Can-Spam Increased Spam

Of course! You can SPAM! DUH!

Saw this on Usenet

[DSP_Geek]

I've been wondering this for a while, and the recent article on Slate - http://slate.msn.com/id/2101297 on the economic logic of executing worm writers - compels me to put pen to electron with the following Modest Proposal:

Allow me to set forth a number of propositions:
1) Spam is now 60% or more of all email in the world, and increasing monthly.
2) The lost productivity costs to industry of dealing with spam is estimated to be from $10 billion to $20 billion yearly.
3) There are about 100 to 200 spammers behind 90% of the world's spam.
4) Thus each spammer can be estimated to cost industry globally around $100 million dollars.
5) The EPA and DOT value a human life at between $3 million and $7 million dollars.
6) Many people in the United States are underinsured medically. Some of them need expensive medical care they cannot afford, and therefore die as a result. Call the affordability threshold $100,000 to $1,000,000. If major ISPs and corporations could be ironbound to honour their word, admittedly no small task, then one could posit a regime where:
a) The leading 1000 connectivity consumers place half their antispam spending in escrow
b) Guido the Fish and Two Finger Tony get hired to smoke the top 100 spam offenders, reducing the need for antispam spending worldwide, and freeing the cash for:
c) The escrowed funds then get used to save a large number of lives who would otherwise be lost due to pricy medical care.

At this point, one must ask: What is a spammer's life worth? The economics of the situation means more people get saved than spammers blown away, therefore the sum total is that a greater good is served by the above scheme as more people survive with a higher quality of life than the status quo ante.

Re:Saw this on Usenet

However, one more life is saved if you just prevent spammers from spamming, rather than killing them.

Re:Saw this on Usenet

>b) Guido the Fish and Two Finger Tony get hired to smoke the top 100 spam offenders, reducing the need for antispam spending worldwide,

I would recommend the Russian mafia. They are computer-literate, efficient, and inexpensive, although they can sometimes be unnecessarily brutal.

They have an office in Coney Island, Brooklyn, New York.

Re:Saw this on Usenet

[Pig+Hogger]

b) Guido the Fish and Two Finger Tony get hired to smoke the top 100 spam offenders, reducing the need for antispam spending worldwide, and freeing the cash for:

Are you aware that if you google for "Guido the fish", you get kiddy porn????

Re:Saw this on Usenet

This reminds me of the anonymous hit contracting plan that some guy wrote up... shan't link it because I don't want to gosearching for it at work. :)

Re:Saw this on Usenet

[LouCifer]

I would recommend the Russian mafia. They are computer-literate, efficient, and inexpensive, although they can sometimes be unnecessarily brutal.

There is no unnecessary brutality when it comes to spammers.

But the problem arises when the computer-literate Russian mobster then turns around and becomes the spammer himself.

Who do you turn to then?

Re:Saw this on Usenet

[Redchrome]

I have a Simplified Modest Proposal along the same lines. I propose that we classify spamming (along with any intrusive advertising, like junk mail) as a form of premeditated mass murder.

Frank Herbert sums it up very nicely:
Between depriving a man of one hour from his life, and depriving him of his life there exists only a difference of degree. You have done violence to him, consumed his energy.
--Frank Herbert, Dune Messiah

Since spammers collectively waste many lifetimes that could otherwise be productively spent, we should take the valuable organs of these heinous criminals, and donate them to people who are waiting for a replacement organ. This simultaneously relieves the suffering of people who need replacement organs, and rids the world of some of its most insidious criminals.

Re:Saw this on Usenet

[IchBinEinPenguin]

we should take the valuable organs of these heinous criminals, and donate them to people who are waiting for a replacement organ

now we're talking!
If you could keep them alive while harvesting their organs we'd finally negate the standard "killing them that was is not slow/painfull enough" objection.

This is what happens...

[m2bord]

when Legislators listen to the industry its about to regulate when drafting laws to regulate them.

the line in the article that says this legalized spam, is pretty much right.

the only anti-spam laws that can work is to force an opt-in and to also make it criminal to employee/contract with a spammer.

even if you get the current batch of spammers to stop, the money and the drive to spam will remain.

you need to go after the folks like avenue a, and others who pay outside mailers to handle this and don't follow up on who is being spammed.

Re:Karma Whore

I think you need to stop drinking coffee.

Yeah, The Feds Really Have the Answer

[ClippyHater]

I recently submitted a complaint about unrequested emails being received, and the sender refusing to stop sending. Got back a nice form letter stating spams a problem, they recommend I delete the spam and simply ignore the problem. My tax dollars hard at work.

A reasonably accurate APNIC assignment reference?

[swb]

I've been tempted to block portions of APNIC space, do this but have been stymied by the lack of a decent reference.

Is there one?

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[Night+Goat]

While I agree with your point, Slashdot's not to blame here. The headline of the NYT article is "Law Barring Junk E-Mail Allows a Flood Instead". So the conclusion jumping is being done by the Times here, not Slashdot. Of course, the sensationalistic tone of the submission is what got it posted. But give credit to the right group of exaggerators.

Correlation, not causation

[Junior+J.+Junior+III]

Seriously, spam would have increased without CAN-SPAM. There's no way to establish that CAN-SPAM actually contributed to spam increasing. The increase in spam since the inception of CAN-SPAM only shows that CAN-SPAM isn't succeeding in reducing spam, not that it's causing an increase in spam. /.'s editors should at least TRY to write a decent headline, instead of the usual distored, sensationalist bullshit.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[LordPixie]

Hah ! I'm honored. Thank you !


--LordPixie

What's more frustrating

is people who can't use correct punctuation (it's frustrating) and correct word choices (had no effect). And since illiteracy > literacy, you get posts like this.

Re:What's more frustrating

[Goronmon]

Haha, it's even more funny that an AC would post something like this. At least if you are going take on this air of superiority, the least you could do would be to create an actual name to do it with ;)

Another study finding.

[Raven42rac]

All the people who ate carrots in 1875 are dead. OMG BAN CARROTS!

I don't think it's the law

[iamacat]

Spammers never had scruples to actually follow some law to spread their stuff. Not the majority using zombie nets to send from fake addresses and confirming your e-mail address/executing IE exploit when you click an opt-out link.

It's just the more spam they send, the less likely people are likely to respond, the better spam filters are developed, the more spam they have to send to make money... This will reach a peak and wink out because there would be just no way to make money. Did you see a door-to-door salesman lately.

Global Cost of Spam

[Standmic]

A survey from Stanford University estimates the global cost of spam in terms of lost productivity to be at 50 billion dollars.

How can this be? Spam is a pain in the ass when I have spend 1 minute a month checking/deleting the contents of my spam inbox, but I don't see how it costs that much money. Yes, I know time is money and even 1 minute of my time is probably worth something, but I just can't see it adding up to 50 billion. I can see companies purchasing spam blocking software, but again, not 50 billion worth. Could someone please explain where they get this figure from?

Re:Global Cost of Spam

[Spad]

Lost productivity + Time & effort into blocking/filtering + anti-spam purchases + wasted bandwidth

When you're getting billions of spam emails generated every month, it soon adds up.

Re:Global Cost of Spam

[zaren]

Mail server's disk fills up with spam, add new storage - $$$
Mail server bogs down trying to process all the incoming spam, add new server - $$$
New server still can't handle the spew, add a dedicated spam filtering device - $$$
Train / hire additional staff to manage anti-spam system - $$$
Upgrade network connection to handle the ever-increasing spew - $$$

and so on, and so on. It's not just the time metric, or the cost of the anti-spam software, there's a ton of other stuff involved.

You say you spend a minute a month deleting spam? How many messages is that in a month? What kind of filtering do you already have in place? I have an email account that I used to sign up for some contests and some mailing lists without having any sort of spam-busting in place, and even after auto-/dev/null'ing blatent spam with contents like "diploma", "pills", "mortgage" (and all the l33t derivatives), as well as any mail with html in it, I still receive hundreds of spams a day in that account.

Re:Global Cost of Spam

[chochos]

1 minut a month? well, many people who use email as part of their work receive at least 40 spam mails a day, that got through all kinds of filters. God knows how many were blocked by ISP filters + filters you define yourself in your email reader, etc. So it's more like 5 minutes a day, because you have to sort through that spam to make sure you don't delete real messages.
5 minutes a day is almost half an hour a week. 2 hours a month lost to spam (if you sort through it fast - I guess it takes a lot of people much more than 5 minutes if they read every message, probably checking for porn or reading the messages or something). In an office of ten people, that's at least 20 hours a month lost because of this.

Re:Global Cost of Spam

[An+Onerous+Coward]

If you assume there are 100M e-mail users in America, that they each spend "a minute" deleting spam in a given month, and that their time is worth $6.50/hr, that's already $130M a year. So huge numbers arise very quickly.

My personal experience would put spam at closer to an hour a month where I deal with spam personally. So if my experience is more representative than yours, the number is likely closer to the $10B range.

But I'm lucky in that most of my spam gets flagged and put in a separate folder. More important, I don't care much about false positives.

If, on the other hand, I was in a position where I had to manually check every piece of flagged mail, then even skimming each of the 3000+ subject lines would take up a good hour or two, roughly tripling the amount of time I spent.

All this ignores the increases in bandwidth and storage capacities needed to handle all that additional traffic, and the time and expertise needed to keep the spam from ever reaching your inbox. Those costs are tacked onto your ISP bill, your tax bill, etc., and also onto the bills of every business which uses the Internet.

I don't like item 2

[Mustang+Matt]

I think that's the wrong direction and a waste of taxpayer money. I'd rather see that money be used as the budget for a team following money trails to spammers.

I think the proper way to deal with spam is to crystal-clearly define it and make it illegal. Then have a division of the FBI that purchases items and follows the money trail.

If it truly is 90% American companies that are behind the actual products sold in spam this should work.

Cross your T's and dot your...

[vikramrn]

thats CAUSALITY. you left an 'i' out of your .sg :)

Re:Cross your T's and dot your...

[FortKnox]

so you might say the i was a casualty? Heh, thanks.

Offering opt out doesn't help

[jtbarron]

One of the big problems with legislating an opt-out is that it will only work if you have a way of determining if it's a legitimate, versus confirmation that your address is real. Given that there's no way to determine what's "legal" spam, you can't safely use the opt-out option on ANY spam.

Re:Offering opt out doesn't help

[enosys]

Some spammers that offer an opt-out option have a huge number of mailing lists. Sure, you can opt out of one mailing list but that's not going to help much. You'll still be on all the other lists. Yes, you could keep opting out every time you get spam but you'll end up spending a lot of time on that and the spammer can always create new lists. In fact it seems that they every list typically gets used once so you're not accomplishing much.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[MostlyHarmless]

This may not have been true when you posted your comment - but at the moment, I see three separate, top-level, +5 comments reminding us that correlation does not imply causation, one of which invokes the Latin term for the fallacy involved.

So it seems that the pessimism is unwarranted :-).

Fraud enforcement is the key, not spam enforcement

[swb]

If you want to stop spam, you have to be willing to do the law enforcement on the fraud and illegality associated with spam. Follow the money and you'll start solving the problem.

As long as you led criminals operate, they'll continue to break the spam laws.

right...

[Keebler71]

....right, because we all know that correlation equates to causality. In the same vein, the proliferation of the Machintosh is responsible for the rise in autism and velcro caused aided.

Re:right...

[Keebler71]

woops...velcro caused "AIDS"

Dude,

it's a skirt. Just admit it to yourself and move on.

War on spam?

[Deanalator]

Sort of fits in with the whole "war on drugs" "war on terror" thingies. Not a very constructive comment, seeing as how I dont really have any better spam fighting ideas.

People just need to keep contacting the isp of whatever machine sent you the mail, and make sure that the machine gets cleaned if its a zombie, or the guy's account gets suspended if he is actually running the spam server himself.

Also I blame microsoft for allowing worms to spread the way they do, and not offering protection to the people who need it most. I also blame bush, rainy days, and that kid who used to beat me up in middle school.

[tt]:Duh...

[tomhudson]

Who loves clueless legislators? Spammers do!

Of course. Who do you think is stupid enough to keep clicking on all those "3NL4RG3 Y0U4 P3N1S" ads? Can only BE a congresscritter.

These are the same people who put exemptions in the law to allow them to send unsolicited bulk email to you.

Me, I'm saving ALL my spam for the next election. (I also keep it so I can train my filters, but that's another story).

Any politician who wants my vote can have it easily:

1. Offer to bring back the public stocks in the village square, and lock any spammer in it.
2. Make him live on a diet of printed-out spam for a week - let him EAT his own words.
3. Make him pick up 1 piece of roadside litter for every piece of cyber-litter he's sent.
4. And revoke the driver's permit for anyone stupid enough to answer spam - if you're dumb enough to believe someone wants to give you $19 Million, you're obviously incompetent.

FTFA:

the global cost of spam in terms of lost productivity to be at 50 billion $ and 17 billion $ in the US alone.

The cost of lost productivity due to:

• Spam: $17 billion
• Windows bugs, etc: $50 bazillion
• Surfing slashdot: Priceless

Disclaimer: No spammers were harmed during the making of this post - DAMN!

Re:[tt]:Duh...

I ordered from one of those "3NL4RG3 Y0U4 P3N1S" ads. All I got was a new boss, and he was a bigger dick than my last one.

CAN-SPAM was not the only factor...

Rememerb that SPF (Spam Preferred From but renamed to the fancier Spam Policy Framework) was catching on during this period, too.

Law of Unintended Consequences

[lildogie]

CAN SPAM is a good illustration about how hard it is to write a law to solve a technology problem.

Just keep that in mind when worrying about DMCA, etc.

Imagine a world where tools like PGP become more and more successful because the corporate/government oppressors are trying to get more control.

Technologists just want to be free.

That's more than double

[dtfinch]

If non-spam email remained constant, then spam growing from 60% to 80% would mean that spam has more than doubled. A 267% increase. 6/(6+4)=60% 16/(16+4)=80%.

If non-spam has increased, than spam has increased further by that. Suppose non-spam has doubled, then spam would have increased by a whopping 533%. blah blah

the most effective solution...

[x40sw0n]

in this space the most effective thing i can think of is if there were an alliance of those people who are able to cripple networks... those who we do not speak of. Who were to put together a rally with DDOS attacks in sequence on the websites using SPAM as a solution. or the spammers servers directly. I know that many of them are using zombie networks, but they have servers somewhere. shut them down for a while, then keep shutting them down. hack them, crack them obliterate them. what are they going to do? arrest you? christ these guys are illegal to, in your home country. maybe what REALLY needs to happen is what happened back in the early days of real piracy. Maybe the government needs to issue a 'privateering letter' absolving hackers of legal damages for hurting spammers servers, or advertisers who use spammers services.

-In Absentia- out, as always

Re:I THOUGHT TO I UP THE FUCK SHUT YOU TOLD

[Rufus88]

Re:I THOUGHT TO I UP THE FUCK SHUT YOU TOLD

Remember kids, Jolt Cola and HP calculators simply DO NOT mix!! Just say no.

CAN-SPAM, CAN'T-SPAM, Canned-Spam...

[Sun+Tzu]

CAN-SPAM is easiest defined by what it is not; it
is simply the opposite of an imaginary CAN'T-SPAM
act. In order to ban spam you first have to
define it. Any gaps left in the definition, therefore, are implicitly legal. Hence, CAN-spam.

Heh.

Re:CAN-SPAM, CAN'T-SPAM, Canned-Spam...

[superpulpsicle]

Dude you must be a lawyer. That was super recursive wording you used there.

shortcut to zero spam

[adeydas]

don't put your email address on public sites or give in to un-trusted sources. trust me it works.

New mail system is the only way

A new mail system is unavoidable. Spam has already reduced the usefulness of email considerably, and it's only going to get worse. I think it's going to have to be a public/private key sender authentication and maybe a telephone system style termination fees.

The submitter needs an education

Andy1307 is probably (prolly?) 12 years old or at least writes on a 12-year-old level. It's so difficult to trudge through his grade-school dribble.

"50 billion $" should be "$50 billion"

"...but it must be proved that they knew..." should be "...must be PROVEN..."

Flame me, mod me down, but Slashdotters with poor writing skills (skilz?) come across as idiots and not the technical elitists they pretend to be.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[ChuckleBug]

LordPixie has just made the most perfectly on-target post I've seen on slashdot (and I've been here a while). Damn.

Please bend the rules, powers that be, and mod this one 6, Painful Truth.

Kudos, sir.

What a lot of people are forgetting...

[eno2001]

...is that spammers need to work too. If the American economy is to improve, we need to make sure we're keeping all the opportunities WIDE open. To cast a wide net, so to speak.

Think about how the global economy would collapse if the spam industry were stamped out tomorrow. Originally, a lot of the spammers used to be in the telemarketing business. But the Do-Not-Call list damaged that industry, so they only had one place to go: spam. Most of the U.S. economy supports everyone else on the planet. If it weren't for the United States, who would buy all the stuff that all the other countries sell? India? Forget it. There would be no need for tech support, so India's growing economy would be destroyed if spammers were stopped. Japan? Their economic woes would grow exponentially when Americans stop buying SUVS because they aren't recieving "get a bigger penis now" spams. In fact, every nation on the planet would feel a great collapse in their economies if spam was reduced.

The Bush administration wisely chose the route of CAN-SPAM because it legitimizes spam as a marketing tool. Kind of the same way that multi-level marketing is legitimate too.

The only way to riches and success for every person on the planet is to encourage more spam! Think about it! Joe Smith in Utah gets a spam that says he doesn't need to be bald. He looks in the mirror and realizes that he doesn't want to be bald, so he buys into the natural Propecia from the whybebald.biz site. When he gets it in the mail and tries it, it works! Not that he's not bald anymore, but he FEELS less bald! So his confidence increases. This leads him to consider the herbal Viagra that he's been reading so much about in his e-mail. He gets that and... it works! He's able to finally get it up and give his old lady a good time again! Since he's riding high on top of the world, it's time for him to step out and buy a car that only men with large genitalia can own: A Hummer. We all know that term means... ;) Sex sells! Profit margins are up for not just the herbal viagra and natural propecia industries, but the Hummer market sees a bulge in its bottom line and can afford to stop sending out the herbal viagra and natural propecia spam for a bit!

So there you have it. If we allow spam to increase, it will naturally decrease as it induces buyers to have the confidence to buy what they are told they need in order to be virile, normal Americans. The fact that we've seen a jump to 80% is good news, not bad news! If spammers were put out of work, we all know there would be more muggings because people would be out of work. Since the welfare system was dismantled, all of the previous benefactors have moved to doing spam work for the wise marketers of other products. Penis spam supports the auto and gun industries. Porn spam supports the pharmeceutical and insurance industries. Loan spam supports the big box stores like Best Buy, Walmart, CompUSA, etc... So that's all there is to it. Spam is good for the economy and if you anti-capitalism anti-free-market hippies knew what was good for you, you'd shut up and join the party.

Re:What a lot of people are forgetting...

[Steve+B]

There are plenty of alternatives. For instance, spammers could also be used to fill potholes.

The repentant ones could, instead of actually filling potholes, be permitted to shovel asphalt into them.

I cannot read the article...

[erroneus]

... but I'll make some guesses based on what I've read in the comments so far.

It would seem that the article is attempting to draw a cause-effect relationship between the CAN-SPAM act and the amount of spam flowing about.

I haven't read anything that classified the SPAM flowing about as being in compliance or not in compliance with the law. But I can say that almost none of the SPAM in my inboxes are in compliance with the CAN-SPAM act and can conclude that the CAN-SPAM has had very little effect, good or bad.

Give them some credit

[Timmy+D+Programmer]

They honest to goodness did a good job on the do not call list. They just need a better understanding of what they are voting on. Their previous failure might help them get a better law in place.

not here

[mattyrobinson69]

my spam was significantly reduced, i mean like 5 emails a week with no false positives compared to 40 a day i used to get.

Nothing to do with the legislation though - i started using spamassassin

Exactly the point

[phorm]

Which means that, despite new laws, SPAM has steadily increased. This includes both legal and illegal SPAM. How many messages in your junkbox start with [ADV]? Most of mine is still for illegal V14G4R4, penile enhancements, and copies of XP.

I agree

[gtrubetskoy]

Interestingly, their graphs looks very similar to mine.

I don't get it...

[SQLz]

They passed a law called "CAN-SPAM", hoping that it would stop spam.... Isn't it obvious by the name that is allows people to spam?

resources are out there...

[EmagGeek]

I used to get easily 50 or more spams every day at one of my accounts... I implemented spamlist.org and now it's more like 5 or 10. Spamassassin on top of that cuts it to 1 to 5.

They say that spam accounts for so much lost productivity, but they fail to mention that spam has spawned a whole new race of products and services that keep people employed. The Anti-Spam industry is thriving and contributing to world economic growth. As with everything, spam may be a nuisance, but it does have its benefits. As usual, regular users are caught in the crossfire.

Re:resources are out there...

[srNeu]

They say that spam accounts for so much lost productivity, but they fail to mention that spam has spawned a whole new race of products and services that keep people employed. The Anti-Spam industry is thriving and contributing to world economic growth.

That's like saying crime is good becuase it keeps cops employed, or that terrorism is good because it keeps the military employed. The point that is missing, is that the net cost of crime, terrorism, and spam typically is greater than the economics of the industries spawned to combat them.

Yeah, I know, comparing spam to terrorism is a bit of a stretch, but I think the point is valid.

Re:resources are out there...

[shuz]

In the United States it is a federal crime to break into someones computer. Someone who breaks into a computer in the Unites States is considered a terrorist. A common medium for spam are zombie networks, which are large groups of random computer infected with some type of backdoor allowing a spammer to give that computer commands to send out massive ammounts of spam. Thus comparing a spammer to a terrorist isn't really that far off.... At least accourding to US law.

Re:resources are out there...

[WolfWithoutAClause]

They say that spam accounts for so much lost productivity, but they fail to mention that spam has spawned a whole new race of products and services that keep people employed.

That's the broken window fallacy.

It probably hasn't pushed up overall employment, at best it has employed software engineers instead of other forms of employment, and the end users have lost out with what else they could have bought with that money.

Re:resources are out there...

[learn+fast]

They say that spam accounts for so much lost productivity, but they fail to mention that spam has spawned a whole new race of products and services that keep people employed.

This is like saying arson is great for the construction industry. Not to mention firefighters, they would be in much greater demand with more arsonists.

So, get out there and start some fires, people!

Re:resources are out there...

[coopseruantalon]

"or that terrorism is good because it keeps the military employed." No the Republican Party is good because it keeps the military employed.

Re:resources are out there...

[Travy.b]

I implemented spamlist.org and now it's more like 5 or 10. Spamassassin on top of that cuts it to 1 to 5.

OR, you could just use Mozilla Thunderbird like many of us do, and not worry about any extra 'products'. not one false positive in 3 months.

Re:resources are out there...

[mesterha]

The point that is missing, is that the net cost of crime, terrorism, and spam typically is greater than the economics of the industries spawned to combat them.

I think the missing point is that all these people creating spam and fighting spam aren't contributing much to society except at best canceling each other out. These people could be doing something good for society if their time wasn't being wasted with spam. (Not to say spam fighters aren't doing something good, but they could do other good things if they didn't have to fight spam.) Just like telemarketers. They might be getting paid but they're actually a negative on society.

Re:resources are out there...

[EmagGeek]

You certainly do have a point... but I don't think it invalidates my argument all that much. The same argument can be made for just about any industry, good or bad. The point is, people working is better than people not working. Even if 50% of the work is toward a nefarious end and 50% is negating that, it's better than no work being done at all. In the latter case, people aren't thinking, innovating, problem solving, or developing themselves. Sure, spammers are a bunch of dickheads that deserve to be beaten, but what we're talking about here is unwanted email. Unwanted email - data on a hard disk... it's about as far from terrorism as you can get.

Viruses, backdoors, and cybercrime are a different issue and CAN be compared to terrorism because the intent is malicious. Spam is there to sell you stuff you don't want, not to destroy your data or take over your computer.

Re:resources are out there...

[EmagGeek]

I've replied to one of the other charges of fallacy here... I wasn't condoning spam at all, however. I wasn't making any implications at all regarding spam's effects on overall employment. I don't see how that conclusion could be definitively reached without more research. However, what I was saying was that there is a new industry that would not otherwise be there, and that industry contributes to the economy. It would be great if there were no spam, wonderful in fact. However, pointing out a positive effect of an otherwise negative condition is neither fallacious nor is it an endorsement. It's merely an observation of fact.

Pah

should have called it can-not spam

your stupidity != political correctness

Got that tin foil hat on?

Re:your stupidity != political correctness

[Ironsides]

I'm serious:
http://brianwilson.net/pages/ethnic.html
http://worldnetdaily.com/news/article.asp?ARTICLE_ ID=30692
http://www.usnews.com/usnews/opinion/baroneweb/mb_ 040603.htm
http://www.rfcnet.org/news/default.asp?action=deta il&article=79

http://www.google.com/search?hl=en&lr=&q=%22dead+w hite+guys%22+school+%22founding+fathers%22

I said it once....

[netruner]

...and I'll say it again:

Spam isn't necessarily bad. It does have a use. If over-aggressive surveilance is something you fear, the camoflage that spam offers should be a comfort.

Think of all the spam you receive at work that slips past the filters- do you really think that corporate security has the time to manually filter everything else for the inappropriate emails your girlfriend keeps sending?

I'll leave it as an exercise for the reader to think about the implications that stegonography presents.

Idea

[Spy+der+Mann]

1) Make it illegal to send SPAM from the US.
2) Make it illegal to have ANY financial relationship, direct or indirect, with spammers no matter their origin.
3) Make all earnings coming from products sold thru SPAM, illegal. People will have then to do moneylaundring, which is illegal, too! :)

Even when spammers use foreign ISPs, many reside in the U.S. With my proposals 2) and 3), you're forcing them to MOVE OUT.

Re:Idea

[KiltedKnight]

1) Make it illegal to send SPAM from the US.

The courts have already ruled that the sending of spam itself is protected by free speech, so long as you do not falsely advertise or advertise that you will provide something that is already illegal. What you could make illegal is exactly what CAN-SPAM does... masking your identity, failure to comply with requests for removal from mailing list, etc. This, apparently, doesn't help.

2) Make it illegal to have ANY financial relationship, direct or indirect, with spammers no matter their origin.

Doesn't that go against the basics of a free market system? What would be the grounds for doing this? You're just entering into a business contract when you do anything like that. Unless they're spamming to do something illegal, as long as both parties meet the terms of the contract, there's nothing the government can really do.

3) Make all earnings coming from products sold thru SPAM, illegal. People will have then to do moneylaundring, which is illegal, too! :)

Oh, how I wish... but if the product or service itself is legal to begin with, this can't be done. You've got a perfectly legal business contract between two parties.

Even when spammers use foreign ISPs, many reside in the U.S. With my proposals 2) and 3), you're forcing them to MOVE OUT.

Hmm... import tarrifs... we could nuke the federal debt if we levy a high enough tarrif on products sold via spammers who spam from foreign sites... their advertising came from outside, therefore tehy should be a "foreign company," subject to the same import regulations anyone else is, even if their warehouse is here in the US...

Re:Idea

[Spy+der+Mann]

The courts have already ruled that the sending of spam itself is protected by free speech, so long as you do not falsely advertise or advertise that you will provide something that is already illegal.

But they're STEALING RESOURCES to do so. It would be as if some vandals took over CBS and started selling their own viagra and stuff. SPAM is illegitimate not because it advertises, but because it uses YOUR RESOURCES to do so. Your bandwidth, your servers, etc.

Free spech has nothing to do with this.

>2) Make it illegal to have ANY financial relationship, direct or indirect, with spammers no matter their origin.
Doesn't that go against the basics of a free market system? What would be the grounds for doing this?

If you're earning money from ILLEGAL ACTIVITIES (which is assured by item 1), then you're a criminal. Period.

I'm suggesting this because the European Union ALREADY ruled any kind of unsolicited advertising, illegal. It's the E-Privacy Directive Proposal.

If it was done, it can be done.

(OK i admit it, maybe I have some technical flaws. But just contact the EuroCAUCE guys. They obviously know what they're doing).

CAN-SPAM did increase spam.

[EvilStein]

There are many on here that are saying "Spam was already increasing, CAN-SPAM didn't cause more spam."

I think that's incorrect. I worked for a company that decided to pump out millions *more* emails *because* of CAN-SPAM. That stupid law really has helped "targeted email marketers" (notice how they change the term to avoid the word "spammer?")
They said "Hey, it's legal, as long as we follow the guidelines in the CAN-SPAM act.." and increased the volume of email.

CAN-SPAM really has caused more spam. It's empowered spammers. It's a green light to bombard users with unsolicited email because CAN-SPAM has stupidly easy to follow guidelines.

I wish it wasn't true, but I've seen it with my own two eyes.

I'm in the US, but...

[blueZ3]

does anyone else find amusement in the line that talks about "the global cost of spam in the US alone"? US != global (unless "global" has some new meaning of which I am unaware)

Re:Slashdot, Jxyama. Jxyama, Slashdot. [winhat]

Sounds like slashdot. So, since you obviously support this decision, you must believe that ordinary citizens should be obvious from my ability to move, and does not mean causality for things like piracy, but does for things like piracy, but does for things like piracy, but does for things like legislation inducing spam. Because it is to remember that the tfm should include a description of all worlds, and then figure out why.

don't confuse causation with correlation

[Khashishi]

I think spam would have gone up irregardless of CAN-SPAM

Duh??? Nah, payoffs.

[www.sorehands.com]

I contacted several legislators and also the person who was reviewing the bill in presidents office of Technology to explain how bad it was. I even faxed them a days worth of spam, so they could even see it (but, most of the time, it only went partway through the 170 pages). But they still passed it.

At first I got the impression that they did not read it, but just voted, but then when it seemed like it would not pass in 2003 -- as time ran out, it just flew right through and got signed. This is makes me think that some payola was involved.

Re:Duh??? Nah, payoffs.

[ahodgson]

This is makes me think that some payola was involved.

duh. CAN-SPAM was bought and paid for by the DMA. It never had anything to do with actually reducing spam, but was intended to supplant more effective state laws and indirectly legitimize big-company spam.

penny stocks

Go after the companies profiting from the spam. I'm getting multiple spams per day peddling penny stocks, OTC stocks and other stocks. The spams are being sent by a spammer hired by a company that was hired by the public traded company, and paid in cash and stock for the promotion. So they are complying with, or attempting to comply with SEC regulations on disclosure on who paid them, and how they were paid (stock and cash) for promoting the public traded company. Since the SEC/NASD is so closely following how the promotions are being paid and implemented, the "merchants" in this case the public traded companies are fully aware that the company they hired to promote them is using spam to promote them. They are avoiding being prosecuted for spam by purportedly complying with Can-Spam regulations (they aren't, the spam doesn't comply to return email, headers, and other problems, though they do have opt-out addresses iirc), so they are using Can-Spam to legally spam.

Someone/some AG/some state/someone who has the power and who gives a damn has to get on the SEC's and the NASD's asses and demand that they implement rules that absolutely ban all forms of spam for promoting stocks. Violation? De-list the company. The ultimate nuke switch. These penny stocks, otc stocks, small cap stocks are basically pump and dump stocks for the benefit of boiler room and even legit (if there is such a thing) stock brokers to use to reward big money clients so they pour more money into their accounts for further investing, and to reward other Martha Stewarts and legislator clients. They get their favored clients in early, pump up the stocks, then dump the stocks on the smaller investors, getting themselves and their favorite clients out at the top.

Penny stocks/pink sheets/otc/small cap stock spams are the easiest spams to shut down, if the will is there. Spam your company for a better stock price? Get de-listed. Simple, fast and very effective.

If there was an 'Elected internet administrator'

[zymano]

that had powers to shut down computers that scan or send spam then we could really do something about this.

But, you forget something!!!!

[www.sorehands.com]

The I-CAN-SPAM act pre-empts states laws that ban spam. In the case of California, it would have allowed ANYONE receiving spam to sue the spammer (including the scum that hired the spammer) for $1,000/spam.

This would have the effect of making it unprofitable to spam where each spam sent could cost them dearly.

Spam blocking routers

The only way to stop spam is to drop it in the backbone routers. This will eventually happen and we will end up with a censored net.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[Ctrl-Z]

That headline seems to imply that the act is ineffective, not that it has caused an increase of spam. The worst thing that headline might be guilty of is a mixed metaphor.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[zev1983]

Well, if you take a look at the graph they have in the article it looks like the percentage of spam rised at a constant rate right up a diagonal line. The only difference between Pre-CANSPAM and Post is they changed the color to indecate the different time frames, the rise in percentage stayed the same.

You can't karma whore with funny posts

In fact, it hurts your karma since (+1: Funny) mods don't give you karma and all the humorless moderators modding (-1: Overrated) chip away at your karma. You've got to be a machocist to post anything resembling comedy on Slashdot - it's downright karmakazi.

Money?

[doombob]

You can make money by spamming people? Where do I sign up?!

-1 REDUNDANT

thanks for your fresh and insightful root level posting

so how much

[geekoid]

for your lucky red shirt?

Correlation vs. Causation

[staeiou]

Just because the number of spam messages increased after the law was passed, it is faulty logic to assume that the cause of the increase _was_ the law. It's called the Post Hoc fallacy. Just because B happens after A, it doesn't prove that A caused B.

The real reason could be that spam grows with time, just like the population of a species. Sure, the act could have affected it, but it doesn't prove that the growth was 100% attributed to it.

Punish the seller NOT the spammer.

[johnjaydk]

The only surefire way to end this crap once and for all is to go after the companies whose products are being hawked through spam. In 100% of the spam I get I can clearly figure out who wants to sell me something. Whack that guy and the spammer will crawl back under his rock.

The seller can always claim ignorance but would any semi-sane person send out 10^7 mails pointing to your web-shop if You didn't pay them to do it ?

Re:Punish the seller NOT the spammer.

[NoOneInParticular]

Maybe a simply measure could already be a bit effective. If every email receiving computer would as a default behaviour scan for urls in the email, and simply (w)get the url (making sure the portion that would be rendered is obtained), a normal spam campaign would backfire on the less bandwith endowed companies. Note that this should work for existing and non-existing usernames alike. An innocent message with a url will also get hit, but unless it's send to 10^7 users, this is not going to bring the site down. See it as an inverse email-tax, or better, a url-tax on sending urls through email: every email will result in at least a hit. So if someone wants to send a message containing an url to 10^8 people of which 9^8 recipients don't exist, it better be capable of handling 10^8 times #relays hits in a fairly short time.

Of course, vigilante, microsoft won't put up with it, etc., but the idea might have merit considering that it targets the clients of the spammers, the sellers, and makes it cost money to operate a site based on bulk advertisement.

Funny haha, or funny peculiar?

If he hadn't posted AC, would he have been more right and you more wrong? How come you believe content becomes more correct when it has a pseudonym attached to it?

Re:Funny haha, or funny peculiar?

[Goronmon]

Its not about correctness. I was making a statement about how the media handles news and all I got as was that I missed an apostrophe and switched a letter, it has no relevance to the current issue, and indication that my opinion was somehow irrelevant because of these "major flaws" in my argument.

I just think meaning is more important than form.

Re:Funny haha, or funny peculiar?

[Goronmon]

To answer your question more specifically...

The internet is already pretty darn anonymous, people can pretty much say or do whatever they want on message boards like these, and this allows people to be annoying, ridicule others without fear of being recognized.

The fact that someone attacks another person posts as an anonymous person along with an anonymous name just amuses me I guess =)

Most Aptly-Named Law on the Books

[EatingPie]

Among other things, one huge red flag was the idiotic name.

The "Can Spam" act... As in... I can spam, you can spam, we all can spam with spammedy smam.

Microsoft pushed this legislation, as opposed to another bill that was opt-in, and potentially a real detterrent.

Is it a coincidence that they impemented an "open source" (hah!) mailer ID technology to fight spam within months of the passage of this law? The paranoid in me says they pushed for CAN SPAM cuz they knew it'd fail, giving them an opportunity to gain control of one aspect of the e-mail protocol...

-Pie

Whats worse, idiots or idiots with stastics?

[NoMercy]

Spam has increased since the introduction of the can spam act.. well murder in america has gone up since the space program started too...

The question is, what is the diference between the prediced trend before and after the introduction of the bill... most likely it will demonstrate that it has had no effect one way or the other.

Re:Whats worse, idiots or idiots with stastics?

[crashnbur]

...or idiots comparing relevant statistical comparisons to irrelevant statistical comparisons?

Re:Whats worse, idiots or idiots with stastics?

[NoMercy]

Well, ok the analogy was streching it, but my main point is that using the heavilly reduced stasticic that 'spam has increased since the can-spam act came in' can't be used on it's own to conclude anything more than exactly what it says.

It can't be used to determine if the act had any effect what so ever, positive or negitive.

Cause and Effect

[LO0G]

I'm not sure that there's necessarily any correlation between can-spam and spam levels.

Certainly the spam I'm receiving isn't conforming to can-spam, which would be expected if there was a correlation.

Most of what I see is either fake viagra, hosting services, free rolexes, or Nigerians that just want me to take their money. None of which complies with can-spam.

Just because spam has increased in the period since can-spam was passed doesn't mean that can-spam's responsible for it.

Re:Cause and Effect

[flyingsquid]

Just because spam has increased in the period since can-spam was passed doesn't mean that can-spam's responsible for it.

Any more than an increase in global temperature following the Can-Spam Act must mean that the law is causing global warming. Looking at the graph, spam rapidly increases after Can-Spam goes into effect, but it was rapidly increasing anyway. You can't pick out any effect of the law one way or the other.

spam inflow counts

My spam inflow is increasing each and every month:

Jul 2004: between 22000 and 23000
Nov 2004: between 38000 and 39000
Dec 2004: 45663
Jan 2005: 59097

I may be a lowly AC here, but these are real numbers. (I'm not in front of my email right now and I don't remember the numbers for other months.) I wonder what Feb 2005 has in store...

Needless to say, it gets annoying to delete ~2000 unsolicited commercial emails each and every day.

Where spammers buy their email address lists...

Mod this up so people can see it in action...

Ever wandered how/where spammers buy and sell the databases of e-mail addresses with home address too?

http://www.gofuckyourself.com/showthread.php?t=425 348

My blood is boiling.....

Anecdotal Affirmation

[crashnbur]

For several weeks I was receiving only a few junk emails per day, or maybe about 50-80 in any given week. This past Sunday, I received a total of 82 junk emails within 24 hours. And I've already received 80 more since clearing my junk mail at midnight Sunday night.

So, yes, I am receiving more. Apparently CAN-SPAM just gave the spammers clearer guidelines.

Mod parent up!

[khasim]

Damn straight.

Not only was this law SUPPOSED to reduce spam (by the charts, it hasn't) ...

But it was also supposed to make it easier to prosecute spammers who failed to follow it ...

AND it REPLACED state laws that were far stricter in their definitions and punishments.

It's a damn sight more difficult to get a FEDERAL case filed than it is to get one in your STATE courts.

We need to get rid of that stupid law and let the state courts handle it (they need the money from the judgements, anyway).

where's the proof of cause?

[DunbarTheInept]

The title of the slashdot summary claims the bill in question is the cause of the increase. I don't see how it can make that claim. The rate of spam is rising, but it has always been rising. The most the article can claim is that the bill failed to slow the rate of spam. It cannot make the claim that the bill caused the rate to go up.

Re:where's the proof of cause?

[crashnbur]

Maybe I'm wrong, but the idea I'm trying to suggest (so informed people will at least know to tell me if it's wrong or not) is:

Maybe the new law just gave the spammers clearer guidelines to work around.

SPAM Sucks

[rawg]

Junk Email Stats for my 52 user WISP:

Total Emails / Seven Days: 9688
Total Blocked Attempts: 3117
Total Filtered(SA) Junk Email: 1555
48.2% of email detected as junk
Estimated 19,000 junk emails per month.

This is for like 60 email addresses.

Spammers don't even try anymore

[myov]

One of my recent spams was:

Subject: [Bulk] Message subject
To: notme@myisp.com

%CHILL
%DICK

%CONTACT http://%URL/d/1.php

%BYE
%ASSHOLE y
--

How would I even attempt to buy the product (if I wanted to) or flood the spammer?

SpamAssassin always catches them though, simply because of all the RBL's.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[siskbc]

This may not have been true when you posted your comment - but at the moment, I see three separate, top-level, +5 comments reminding us that correlation does not imply causation, one of which invokes the Latin term for the fallacy involved. So it seems that the pessimism is unwarranted :-).

No, it only proves that slashdot includes three intelligent non-zealots. Okay, and the 12 people that modded them to 5. So I'll give you 15.

As Paul Vixie once said:

[Nethead]

This was on the NANOG list some time ago:

The internet has no government, no constitution, no laws, no
rights, no police, no courts. Don't talk about fairness or
innocence, and don't talk about what should be done. Instead,
talk about what is being done and what will be done by the
amorphous unreachable undefinable blob called "the internet
user base." -Paul Vixie

Re:As Paul Vixie once said:

Don't talk about fairness or innocence... Instead, talk about what is being done

And then he proceeded to prove his point by saying that the Allied firebombing of civilians in Dresden Gemany during WWII was necessary.

He and his pals also blackholed routes to the competing anti-spam service.
http://www.dotcomeon.com/?CssUID=&CssServer=&Sessi onName=&msgfeed=sendmailbbs

So if we are talking about "what has been done by him" relating to the internet - there are serious ethical breaches that exceed those of our sworn enemy. What is worse an obvious enemy or a leader who wraps himself in the flag of your cause just to horde money and power.
This guy is up to his ears in conflicts of interest and back room power plays - the relationship between BIND and his commercial DNS software company, the community built RBL system that he privatized, and on and on.

http://www.dotcomeon.com/?CssUID=&CssServer=&Sessi onName=&msgfeed=sendmailbbs

Re:As Paul Vixie once said:

[DavidTC]

Did you actually read that URL? Someone got on MAPS by running an open relay. It's right there, in their own words. As that was what MAPS was for, I fail to see the problem.

And, at that point, everyone was operating in the 'ask people to close their open relays first, and then block them if they refuse', so they were knowingly operating an open relay and refusing to close it. At the time that 95% of all spam was sent through open relays. (Nowdays, you just get blocked, period. No one has time to track down idiots anymore, no one emails you first.)

And, my God, he got sendmail to not relay by default. That bastard! No, wait, that makes me respect Vixie more than I already did.

There's absolutely nothing there to support the claim these people were blacklisted by the (now defunct, thanks to lawsuits) MAPS because they were a competitor.

And, by their suggesting the nuisance lawsuits that caused MAPS, a valuable resource, to close down, I think it's rather obvious who was attacking a competitor. And it wasn't MAPS.

What about the positive side?

we always here about estimated money lost due to spam, but what about all the money made from the spam industry? Ofcourse there is the money that spammers make, but besides that how much money is made by companies creating Anti-spam software?
Sure you can say people are wasting time trying to find clever ways to fight off spam from their servers and that time is lost money, but if your company is being paid to find ways to fight spam, then that time spent is actually profit, not expenditure.

SPAMERS don't care

[gremlins]

First the CAN-Spam act does stop spam. The problem is it stops spam from people who follow the law. That usally means though they are a legal bulk email provider (like when you sign up to a news letter from a stie). The people who could care less for the law aren't following the CAN-SPAM act and thats why SPAM is going up. So before we throw the baby out with the bath water, we really need to understand that just a law won't stop spam.

Make it illegal to respond to spam?

[NathanBullock]

What if you just make it illegal to respond spam? You could start setting up sting ops to catch those people who find spam actually interesting.

Are the solutions to the problem really any better than the problem? More beaurocracy, more laws. Why not just try to breed smarter people?

Re:Make it illegal to respond to spam?

[oostevo]

Because at that point you're making it illegal for someone to access publicly available information (no matter how useless it is) online.

Free country and all, right?

Sorry, you can't

[Jerry+Smith]

Every company will claim it's a joe-job, purely meant to give them a bad name.
http://en.wikipedia.org/wiki/Joe_job
If I would collect door-to-door advertising stuff for a year, till I had a load of over 100 kilo's, and then dump it all at once in your mailbox: who would you blaim? The companies? They'd claim they didn't do it. And you wouldn't know I did it because you would think the companies did it. Same goes for email, but then easier.
The solution is legislature. Reverse verification, eliminate zombies, that sort of stuff. And keep your emailaddress hidden.

SPAM solution

[DarthVain]

As we all know, SPAM exists because it makes money. Therefore it is not a big leap to say that if you eliminate the profits then you eliminate SPAM. Another fact is the the only reason people buy products advertized with SPAM is they are either a) idiots or b)old people (no offence, I am sure there are many old slashdotters here that are quite informed, but on the whole...come on). Anywho, you start off by fighting SPAM with SPAM. No I do not mean something childish like SPAMMING the SPAMMERS, what would that accomplish? No what I refer to is you set up a great deal (doesn't matter what. Its fake anyway), and SPAM away. Then you just wait for all the orders to come in. After you have been saturated with orders, you then take that address list you just built (which contains the addresses of all the idiots and old people), and you prodeed to hire our 'contracts' to 'deal with' the problem. This will solve the SPAM problem once and for all, or your money back!

Just in case you have no sense of humor, this is a joke...
DarthVain

Re:SPAM solution

[shuz]

If the deal looks too good and is setup to look legit then you might get some false positives which would just piss people off. Also remember that a spam message needs to look like a spam message else it will either be easily blockable or easily ignored.

If education is the soldier in a fortified defense against a problem, Law is the wall and the weapons the soldiers use again the invasion.

We need both Law and Education to properly defend against this problem and socially unacceptable problems in our world today.

Re:SPAM solution

[joto]

Then you just wait for all the orders to come in. After you have been saturated with orders, you then take that address list you just built (which contains the addresses of all the idiots and old people), and you prodeed to hire our 'contracts' to 'deal with' the problem.

Nope, that won't work. The only thing you would have achieved is to rid the world of a few people responding to spam. But even if you got rid of, say 70% of the people responding to spam, it wouldn't affect the economy of the spammers much.

Because spam is essentially free to send out, you will still have 30% of the idiots left, who will continue to send money into the system. Thus, you may have reduced the spammers income a bit, but you have not reduced their costs. In the meantime, spam technology makes it even cheaper to be a spammer, and new users/idiots gain access to the Internet.

To be really effective, there is only one solution. Scrap e-mail. It's dead. Anything that allows someone to reach thousands of people with a net cost of 0 is doomed to have the same problem. I've done this myself. If someone needs to reach me, they can use snail-mail, or use the phone. And by the way, ask your local cell-phone companies to increase the cost of SMS-messages... It's getting too cheap these days!

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[LordPixie]

[Parent]No, it only proves that slashdot includes three intelligent non-zealots. Okay, and the 12 people that modded them to 5. So I'll give you 15.

Hey now, I've got excellent Karma. So it only took three people to mod me to +5. Now all we need is Mary McDonnell to decrement the whiteboard to 14...

[Grand Parent]This may not have been true when you posted your comment - but at the moment, I see three separate, top-level, +5 comments reminding us that correlation does not imply causation, one of which invokes the Latin term for the fallacy involved.

So it seems that the pessimism is unwarranted :-).

Indeed, there are several such people. However, they all did it after my post. Post hoc, ergo propter hoc. They only posted as much because *I* convinced them !*

In all seriousness, this was obviously a bad example, and I jumped the gun. My bad. However, I think the overall point still stands. The general spirit of Slashdot ("Slashgeist" ?) often applies different rules of logic depending on who the players are. There's just a very strong disposition with regards to Microsoft/Linux/Apple/Real Player/etc that seems to overwhelm objectivity.


--LordPixie

* Yes, it's a joke.

Injunctions..

[ackthpt]

As if anything done by government is EVER "swiftly" undone. This would just lead to even more problems. Don't know what they would be yet, but I would bet almost anything on it.

Oh, I dunno about that. We've had trade disputes with Canada over lumber, Italy over shoes, France over wine, etc. for ages. It's just a natural extension of the idea into commerce by wire, so to speak.

We want that.

[khasim]

So, if all the spammers move their servers to "bulletproof" ISP's in China ... GREAT!

It makes it easier to block those specific ISP's.

Keep those firewalls banning entire countries (.kr and .br) and keep banning /16's and /8's until it is gone. The spammers are here to stay.

You don't have to block entire countries. Just the specific bulletproof ISP's in those countries.

The problem right now is that spammers are decentralized. If you get 1,000 spam messages, they could have come from 1,000 different addresses in 1,000 different ISP's across a dozen different countries.

And this is exactly what we have been saying all along. No matter what laws are passed, no matter what we do to combat spam, the spammers will always find another way to make a buck.

Hardly. This is a problem and it can be addressed the same as any other problem.

#1. Identify the avenues used to distribute spam.
1a: Zombies
1b: Open relays
1c: Spammer purchased site

#2. Identify and implement counter-measures for each avenue identified.
2a: ISP's block outgoing port 25 on their home services.
2b: ORDB
2c: Block the ISP's that allow spammers to operate on them.

#3. Allow the various states to write their own anti-spam laws and to pursue the companies that spam and advertise via spam.

It's a multi-prong approach. But spam is solvable.

It's in the SIG,

not in the message. It's like if your friend sends you an e-mail with an Amazon affiliate link on the bottom. Unusual, maybe, but not ironic.

Not more SPAM, just less email?

[LudicrousSpeed]

Is it possible that this increased trend is more related to the seemingly decreased number of emails being sent? With BLOGS, IM, etc, there seems to be less emails flying around than in the past. At least this is the case for me. I tend to get just as much SPAM as I did over the last few years, but I get less legitamite email. I have no quantitative evidence to support this, so I may be full of *something*.

No method = madness

[catdevnull]

It's getting a bit ridiculous. Maybe it's time to re-think e-mail protocols--or implement the current ones properly: mandatory authenticated SMTP, proper registration of MTAs, etc. The problem is that it's simply too easy to bombard the current setup and the rules shouldn't be political they should be technical. The big players need to lead the way--Hotmail, GMail, .Mac, AOL, (insert other here) etc. (They're also the ones who will benefit the most!). Everyone else would follow suit. If all the rogue or spoofed MTAs out there are left in the cold and the properly registered sources of abuse are uniquely identifiable for blacklisting, SPAM as we know it will become manageable. Of course, like roaches, the bastards would find another way in, but the raging river could be cut to a trickling stream.

Until then, I think this is a great investment opportunity. [Not a plug--just making a point]

Spamassassin is King

I'm lucky. With an account my former school hosts, I have user-mode access to Linux, Spamassassin and Squirrel-mail. With some tweaking now and then, it's almost perfected.

With Spamassassin I made a rule that said:
1) Mails in .spam folder are spam. A cron-job will start the learning program on them.
2) All else is ham, even Trash (I must be pendantic where I trash my mail). The same cron will teach Spamassassin on all my other folders and also purge the spam-folder.

Besides that, I have one folder where spamassassin puts "maybe spam" based on points. It contains only spam now, unless some company sends me something spammy I need for registration.

Combined with a procmail-filter I grabbed from the net filtering out viruses, a custom filter to block all suspicious attachments, all delivery failures/returns, antivirus warnings, but never filter out mails with my true mail address + a special name I use for identification of my own mail (so my own returns I will see).

I'm now surprised to see spam in my inbox. Maybe 1-2 new ones per month, and the same type never shows up again.

I'm so confident in this, I delete all spam permanently except the virus, possible spam, delivery failure folders, which might contain something interesting someday.

With 100 spam mails per day, it's pretty freaky it works so good. Kudos to SpamAssassin and people working out scripts for procmail etc.

No Effect

[SlipJig]

Funny, looking at the graph, it seems like the law has had no effect on spam. It was on an upward trend before the law took effect, and it has continued at more or less the same rate since.

Even if there were a change, I'd hesitate to assign causality until I was reasonably sure there weren't other factors that might have caused the change.

The i-name solution to spam

[ortholattice]

This has been on slashdot before, where it got terribly trashed with all kinds of greed and DRM conspiracy theories (I don't think anyone really understood what it is about), but nonetheless I bit the bullet and signed up for an i-name (yes, I actually plunked down real money, $25, for a 50-year i-name and 2 years of broker service). So far after almost 2 months, I've had zero spam from it (i.e. no spam whatsoever) even though I have it posted publicly. I decided I'm tired of wasting time training spam filters and now pretty much just ignore everything not on my whitelist, to which I add people automatically when they make it through the i-name service. Life is so much simpler, especially after returning from a week's vacation away from email. I know there are some free alternatives but they tend to have annoying, ad-ridden sites unlike the simple, clean i-name service.

What? The Government didn't protect us??

[Mr.+Cancelled]

You're kidding? These are the same people who introduced non-native species to counteract native pests, and that turned out good (he says, slapping away a Japanes ladybug-looking beetle). Ok... So maybe that's not a good example.

But what about how efficient our government is with paperwork and such? Surely that must have helped them in this case (he types, remembering that Nasa spent $12 billion dollars developing a pen that would work in space, rather than using a pencil as the Russians did)

But... But...
Well, at least they're consistent.

Seriously... Anyone who thinks government involvement in our personal life is a good thing is frickin' nuts! Watch the Republicans and Democrats fight with each other next election, and then think about whether or not you want these buffoons inserting themselves in our daily lives. You'll probably have time to ponder this as you're sweeping your (now legal) Spam from your inbox.

Re:What? The Government didn't protect us??

[10Brett-T]

...Nasa spent $12 billion dollars developing a pen that would work in space, rather than using a pencil as the Russians did...

Nope.

No surprise

well i for one was not surprised... it is after all called the "can" spam act, not the can't spam act

correlations

[Christoff+Ka+Sin+Chu]

You can't link just anything. There might have been more spam anyways, regardless of CAN-SPAM or not. I can't say "Internet grows after CAN-SPAM" CC

Misleading title!

[adiposity]

"Can-Spam Increased Spam"!?

Too bad no one has shown a causal relationship, simply posited a correlation between two pieces of data. There is no evidence here that CAN-SPAM increased spam, only that after the law was passed, eventually spam inreased (although immediately after, for the first time in a long time, spam actually decreased).

In fact, the graphic shows that spam increased at approximately the same rate that it was increasing before the act. So, the act apparently *did nothing*. It did *not* "increase spam" as far as I can tell.

The only noticeable difference in relation to the passage of the act is a temporary decrease in spam. Needless to say, the act seems to have been useless, but perhaps the enforcement of it will accomplish something, eventually.

To blame this increase on "CAN-SPAM", however, is ridiculous. Based on previous trends, it would have occurred regardless.

-Dan

Is spam traffic the right measurement?

[AlpineR]

The chart shows that the fraction of email volume that is spam is increasing, but is that really the measurement that matters? The worst thing about spam is that it wastes a reader's time and makes it harder to find personal emails in one's inbox. But if spam filters stop the reader from seeing that spam traffic then why would he care that it was sent? I've found that in the past year the amount of spam that appears in my inbox has decreased since my provider's filters have improved. If all spam were marked unsolicited, as required by CAN-SPAM, then I'd have a happy inbox containing only personal emails.

All the chart shows is an increase in spam traffic, not in spam impact. I suppose spam traffic is a bother to ISP's and carriers, but I suspect that the bandwidth consumed by spam emails is small in comparison to other traffic such as html and images.

AlpineR

Re:Is spam traffic the right measurement?

[10Brett-T]

I suspect that the bandwidth consumed by spam emails is small in comparison to other traffic such as html and images.

What do you think most spam is made up of these days?

Blocking US IP space would help even more [-nt]

[munch117]

[This space intentionally left blank]

Good news

[Jump]

Spam level over 80% --- this is good news. Spam
can only grow to 100%, at which point we will stop using email and start to use the phone again.

Well, duh.

[www.sorehands.com]

I know that and you know that. But many people don't. Besides that you have these congress-scum and these spokes-holes, saying that it is to reduce spam -- not line their pockets.

I'm so lucky..

[ashitaka]

I have an office door to close so my fellow workers don't think I've gone nuts laughing my ass off all of a sudden.

God, that was funny.

Just like Campaign Finance Reform...

[hanshotfirst]

... was supposed to stop soft money.

This past election certainly showed how well THAT worked. :|

Solution:

[Kadmos]

OK, spammers evade laws by doing things in other countries where laws don't affect them. So, how can we also take advantage of this? Are there countries where hiring an assassin is not illegal? Could a group of people simply not hire somebody to hunt down and kill the top 100 spammers?

I'm sure that would put a dent in the spam.

spam as a percentage

[daevt]

Is it the case that the can-spam act caused this increase? What was the mechanism for doing so? Is a percentage change as good an indicator as the source numbers (part of the increase could be caused by non-spam decreasing over the cited period due to increased use of another channel for communications like mobile phones/txt messaging)?

Re:I THOUGHT TO I UP THE FUCK SHUT YOU TOLD

[Webmoth]

Mad is Yoda, think I.

More Web traffic than spam

[AlpineR]

What do you think most spam is made up of these days?

Taking a random spam email from the bulk folder of my rarely-used Yahoo account:

4 kB html
28 kB image (via http, not attached; so it's only transmitted if I read it, which I don't)

Versus the front page of Slashdot:

14 kB html
40 kB images

Or my comments page for this article at a threshold of 3:

23 kB html

So reloading Slashdot ten times a day (or playing World of Warcraft for an hour) swamps out the spam traffic I receive.

AlpineR

Did anyone really expect any different?

[ralphclark]

It should be obvious to everybody from since about the time of the dotcom crash that Republicrat conservatives (and their equivalents in all other countries) absolutely detest the internet, because it empowers ordinary people to organize themselves into power blocs, disturbs the status quo and therefore threatens their stranglehold on power.

What easier way could there be to eliminate this menace than to clog it up with sewage and drown out the voice of the people in the noise? No - spam, and the website equivalents of spam, are surely the ruling elite's friend.

Dollar daze

[windowpain]

Hey there Cmdr,

You wrote:

"Stanford University estimates the global cost of spam in terms of lost productivity to be at 50 billion $ and 17 billion $ in the US alone."

In my country we would have written that something like this:

"Stanford University estimates the global cost of spam in terms of lost productivity to be at $50 billion with $17 billion of the loss in the US alone."

Reads better, doesn't it?

Re:Dollar daze

[windowpain]

Oops, didn't mean to address that necessarily to CmdrTaco, but the guy who wrote the blurb.

According to who???????

[theVP]

According to New York Times

'nuff said. I can't RTFA because I'm not a member of the NYtimes, but I would much rather read an article from a NEWS source or a research paper. NYTimes is nothing more than analysis these days. Calling upon them for a source is like using Slashdot for a reference manual.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[RedWizzard]

So the conclusion jumping is being done by the Times here, not Slashdot.

Not at all. Look at the headline again: "Law Barring Junk E-Mail Allows a Flood Instead". Note that they said "allows", not "causes". "Allows" implies that the act is doing nothing to stop spam. Slashdot's headline, however, unambiguously blaims the act for the increase.

If present trends continue...

[windowpain]

I estimate that by late next month 99% of all Internet traffic will be either spam or p2p traffic.

A simple, straightforward, impractical solution.

[Captain+DaFt]

Ban all commercial E-mail to consumers, period! Make it totally, completely illegal.
Imagine that, the only e-mail in your inbox would be from your boss, your friends and relatives.

Customers or potential customers could still E-mail businesses, but businesses would be restricted to snail-mail and telephone to contact customers, just like they did until the mid-eighties or so.
(Of course internal e-mail, between offices, branches, subsidiaries, and employees would still be permitted.)

But of course, no one wants to wait for a letter, or hang by the phone waiting to hear about the latest Hello Kitty (TM) waffle iron brush that they just have to have 'RIGHT NOW!'
And certainly too many companies out there can't wait two to three business days to get their hands on the customer's cash to permit such a ban, so... spam it is.

CAN-spam?

[recharged95]

Make sense, when you open the internet pipes to Canada, you get the added spam from vendors up there! Duh! ;)

I noticed something really interesting...

In 2004 - I noticed two very sharp dips in that graph that was linked from this article. each of those dips coincided exactly the times we had launched a massive spam reporting campaign, reporting an average about 15,000 spams a day to the ISP's responsible for sending them.

I'm sure spamcop has me beat by a factor of 10, but our very highly directed spam reports to participating ISP's has in effect caused an average of about 500,000 proxy shutdowns a month (assuming the ISP's are telling the truth they HAVE acted on our complaints.

This massive spam reporting campaign took place early april, stopped in June, and started up about mid July continuing up through the month of Sept and stopped at the end of that month.

This was the testing of our automated spam reporting system which for the most part ran by itself, other then the manual inspection if each spam submitted (we don't trust any spam filters).

We honed down our spam by re-assigning new Email addresses for our Email customers, but keeping their old Emails active until gradually ONLY SPAM was arriving in the 80 or so emails, mostly obtained from Dictionary attacks on our server - which for a time, brought our mail system to a halt until we replaced our mail servers with OpenBSD boxes, and re-wrote Sendmail to hold up the socket connection once it was determined a non-existant mail address was "tried". This brought the Dictionary attacks to a complete halt.

After that - I wrote an automated spam reporting "engine" and over the past 2 - 3 years have built a huge database of every IP block on the internet, and who really "owns" them.

In June of last year, we ran small scale field tests with participating ISP's who were very appreciative in getting these reports.

Once our Email users were weened off their OLD Email addresses, and it was evident that ONLY SPAM was getting to them, I re-directed them to our Auto-reporting system. our Users were most cooperative and provided us with "white lists" of people they expected mail from, which we used to pick out legit ones from the spam.

Eventually - 100% of all of the 80 mailboxes were getting pure spam. Now we had a HUGE supply of PURE spam with NO possibility of any non-spam being sent into them. This generating a daily diet of about 15,000 to 20,000 messages of pure spam.

Each and everyday, a huge spam pot was collected, and a daily cronjob was activated which ran through each of the spams, picking out IP addresses NOT in our ISP database (only about 3 - 5%), and rejecting them.

The rest went into well formed spam reports, giving the ISP's all the details they need to locate and shut down the customer's infected PC's. As all of the expected "Auto-replies" started pouring in, We kept track of ALL of them, and automatically entered them into a database, correlating and tabulating large lists of the most Spammy ISP's which at one time we started posting in the mail.abuse mailing lists.

As these auto-responses came in, the ISP's would write follow ups into our special Auto_response mailbox, which went into a database (again - automatically).

Tallies were kept, and the numbers indicated we were able to shut down approx 500,000 infrected machines.

June - 50,000 were shut down
July - 150,000 were shut down
Aug - 500,000 were shut down
Sept - 350,000 were shut down.

We stopped the test at end of Sept.

We obtained this data from our Auto-responses we get back from participating ISP's.

Due to other opportunities that has arisen since then, we were forced to stop our efforts, and instead, I may make these tools available to others - but they (the tools) DO need care and feeding... but this is why I think these DIPS in the amount of spam were indicated in that graph...

I've had two other indications of the effectiveness of our reporting efforts, and hope I have time again to start this effort, or find some entity that might (ahem!) even pay me for the

Hosting Costs

[NilObject]

If your server gets spammed like mine does and you get unsolicited spam like I do, set up a SpamVampire. Check out the one on my site. (Mad props to this guy for writing it.)

Running up their hosting costs is an effective means of reducing spam.

Re:Slashdot, Jxyama. Jxyama, Slashdot.

[peachpuff]

Welcome to Slashdot, where you can put words in someone's mouth for the purpose of calling them a hypocrite.

The statement that CAN-SPAM has caused spam to increase was clearly attributed to a guy named Linford and the statistic showing correlation was attributed to the New York Times.

I guess it's easier to accuse all of slashdot of hypocrisy than to notice that one submitter and one editor are passing along a NYT story with attribution.

Or maybe it just gets you more mod points.

Readable version

http://shit.slashdot.org/article.pl?sid=05/02/01/1 627201

CAN-SPAM

[lnxpilot]

Can- as in "is able to".

Now they can... :)

this is the USA...

surely if the penalties provided under law do not provide a sufficient deterrent, the only thing to do is impose a custodial sentence, right?
Oh wait, these guys are rich...

Gmail

[kintarowins]

Yet, I have not had one spam messege reach my inbox. My email is published in the open in many places, at the bottom of certain popular articles that any spam bot can pick up easily, spam is not my problem anymore. :D If you want an invite, ask and I will send you one.

PROOF of causation!!!

[noidentity]

I offer proof that the CAN SPAM act caused more SPAM. Here is a graph of SPAM volume, starting when the CAN SPAM act was passed. Note how it increases after the act was passed. I think this should persuade anyone that the CAN SPAM act was the cause of this increase.

More /
/
/
/
/
Less /
- - - -
CAN SPAM Present

Spam increases

[eventhorizon5]

I don't know if the CAN-SPAM act is directly responsible for the overall increase of spam (there isn't really any data that shows a good correlation), but the general amount of spam has definately been going up. I run a small email server that serves a handful of users, and also has an extremely aggressive spam filtering system that I designed (a 5-stage filter, including Spamassassin, Spamhaus, realitime blacklists based on number of spams from machines, etc) and the amount of spam is still going up. A while back when I added the 5th stage to the filtering system, there seemed to be a noticable increase in spam, even though the machine was filtering much more accurately. It's just insane

I have a webpage on the machine with all the stats, graphs, etc of the spam, and even the spam itself archives in gzipped mbox files (used for graph generation and other analysis) at: http://www.tliquest.net/spam

-eventhorizon

Anyone Here Take Statistics 101, or Logic 101?

[MSTCrow5429]

This could be another causal fallacy by those twin titans of journalism, Slashdot and the NYT. One would have to have a much longer trend line to even discern if the amount of the increase in SPAM is abnormal or not. Even then, you'd have to run a regressive analysis to figure out what the liklihood that the SPAM increase was related to the CAN-SPAM Act was or not. Techies are supposed to have logical, reason and statistical skills. Slashdot isn't for techies anymore, and hasn't been in years.

spam is annoying...

[torrents]

but what is rediculous is that taxpayers money (who knows how much) was used to create legislation that had the exact opposite effect it was meant to have... write your member of congress, tell them to go home, less will "get done" and more will be achieved...

Registration NEVER needed at nytimes.

use bookmarklet/webform at New York Times Link Generator. pass it on.

Prosecute them for bandwidth wastage!!

[Jafar00]

Face it. We all filter our email with Spamassassin or something similar so we don't see any of the SPAM anyway! All SPAM could then be considered wasting bandwidth. Is there a law against creating useless traffic on a server? You could probably somehow call SPAM a sort of low-level DDOS attack particularly on small mail servers like mine as precious bandwidth and CPU cycles(when the SPAM filter kicks in) are used up just in dealing with it. What if you are on a limited bandwidth ADSL plan and the SPAM actually puts you over the limit and costs money. Could you then sue the Spammers?

Sad but true: China and Korea increases

[puhuri]

Actually, I was quite surprised by the change where the spam is delivered (last hop before "good" mail server). Earlier US has had significant proportion (ATT and C&W), but now it looks that Korea and China have taken their lead in Information Age :-(

1. AS4766 1901 KR
2. AS4812 173 CN
3. AS9318 145 KR
4. AS7132 106 US
5. AS4134 84 CN
6. AS29761 73 US
7. AS3356 47 US
8. AS4670 41 KR
9. AS9277 32 KR
10. AS4837 32 CN

The list entries above are AS numbers, count of spam messages received to my private email address from that AS and country where it is located (by whois). Figures are from this year.

No wonder that many people in China and Korea has to use webmail services to be able to send their messages.

Possible change

[FredMenace]

The article does address going after the advertisers themselves (those selling the products), but says it is difficult to prove they knew the advertising was via spam, and that this is required under CAN-SPAM in order to find wrongdoing.

One thing that could help, either by setting a precedent in court, or via modification of the law, is to say that unless their advertising contract has a clause saying something like "if we discover that any of this advertising went out via illegal spam, no fee or commission will be paid", then by default they are considered to have potentially opened themselves up to participating in spam advertising. In that case it would be much easier to go after the companies advertising the products, who would then have to shy away from the spammers to keep from getting sued. Of course, they could insert such clauses in their contracts then ignore them (saying "we didn't know they were spamming, and now that we do we'll stop paying them"), but then a lawsuit could perhaps force them to open their books to prove they didn't pay the spammers any fees or commissions.

Since the spamming operations themselves are so slippery, I think going after the original advertisers may be the more productive legislative avenue, in conjunction with the various technical approaches to verifying the source of emails.

You forget

[Engineer-Poet]

CAN-SPAM overrode several state laws against spam, including ones with stiffer penalties and private rights of action against spammers.

If you don't think this contributed to an increase in spam, you're not informed.

All it takes 15 is in a million

[DaveMQ]

"It's beyond my comprehension why anyone would buy anything from spam."

How many guys are so desperate for a larger penis that they would try anything - even spam!! Maybe 2 in 100? Yes, that includes those who tweak their spam filters every day to keep the stuff out!! They know its a fraud, but they just can't resist.
As Robert DeNiro said, "Don't let the little head think for the big one."