Slashdot Mirror
FTC Declares Can-Spam a Success
TheSixth1 writes "ZDNet is reporting that the FTC announced in a recent report to Congress [PDF Warning] that the Can-Spam act is 'effective in providing protection for consumers.' The report boasts that the substantive provisions of the Act have mandated adoption of a number of commercial email "best practices" that many legitimate online marketers are now following. Second, the Act has provided law enforcement agencies and ISPs with an additional tool to use when bringing suit against spammers. The more than 50 cases brought to date by the FTC, the Department of Justice, state Attorneys General, and ISPs demonstrate CAN-SPAM's enforcement efficacy."
I still get 50 spams or so a day and only 25% or so are even in english.
I work for one of the major email security companies. I can't say that CAN-SPAM has had much effect at all on spam and the spamming spammers who send it - we see just as much spam as ever, and it's just as obfuscated as ever. If anything, the spammers have evolved to be better at hiding their identities than ever before, to avoid CAN-SPAM prosecution. When the law took effect, zombies were out there, but there were also still a lot of netblocks handed to spammers by providers; now, zombies rule the day and static netblocks used by spammers are becoming rarer all the time. Defined in those terms, CAN-SPAM is a bust.
:-)
However, if you want to define "success" as "Good for us and our competitors, who are all signing up lots of new customers every month and seeing better revenue streams all the time" then yes, CAN-SPAM is a resounding success
... we'd still be relying on SPEWS to bully innocent bystanders
By "innocent bystanders," do you mean people helping to finance an ISP which caters to spammers?
into bullying ISPs into shutting down spammers after the event.
So you would prefer that the ISPs not shut down spammers?
You obviously don't understand SPEWS.
SPEWS does not wait for spam to happen. They list IP blocks which have been repeated sources for spam. If an ISP sells services to spammers, their IP blocks will end up listed on SPEWs. Those using the SPEWS list can block all traffic from that ISP -- including traffic from spammers who will use those IP blocks in the future.
Before SPEWS, "pink contracts" were becoming all-too common. A pink contract is a contract between an Internet service provider and a spammer in which the spammer is exempted from the usual terms of service prohibiting spamming. Pink contracts came into existence because ISPs could charge the spammer much more than they would a normal client. Such contracts were quite profitable.
So how do you fight against such practices? You blacklist the ISP's IP blocks. That means that "normal" users will find that the ISP cannot reliably deliver e-mail. Those users will pressure the ISP into not writing pink contracts and not tolerating spamming. A blacklisted ISP will not be able to survive on pink contract revenue alone and, thus, will be forced to stop writing pink contracts in order to remain solvent.
The title of the paper is misleading, it stated that the "FTC staff conducted interviews with 98 individuals," which suggests that with the "enactment of CAN-SPAM, spam volume has begun to decline as has consumer frustration". Of course, the paper is written in such a way that CAN-SPAM was responsible for the "technological and marketplace developments in email since the enactment of CAN-SPAM." In other words, this is nothing but a government agency trying to hide the uselessness of a law they passed by taking credit for the technological advancements that combat spam.
At our site we have about 100 users. We get around 65000 messages a day with about 0.5% being real emails. Each day we get email sent to about 4000 different user names. So I guess the can spam act does work after all.
It was never the legitimate online businesses you had to worry about, anyway. The impetus to comply with the law only means increased operating expenses for legitimate businesses, and working overseas for the rest.
The whole world hates spam, UN anti spam efforts
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
Man, talk about your misnomers...
I get just as much spam in my inbox as I did before this useless law. It does absolutely nothing to punish or restrict anyone outside of the United States (or who uses botnets and the like). That coupled with the fact that many commercial retailers bury their stupid opt-out in the bottom of several pages of spamvertisements in their emails (hey, they are technically complying after all) pretty much make this a useless law. Google's filters don't work for shite in this matter either, and they don't seem to care when you complain about it. C'est la vie.
When oh when are we ever going to get some techinically savvy politicians elected...
@Mindless Drivel: 100% of Twitter posts ever Tweeted.
The more than 50 cases brought to date by the FTC, the Department of Justice, state Attorneys General, and ISPs demonstrate CAN-SPAM's enforcement efficacy.
Since when did a simple number demonstrate efficiency? They got 50 spammers.. out of how many? 500? 5000? 50,000? Who knows.
We eliminated the two major drug cartels in town. Great JOB! I'm sure that there won't be even more rising from their ashes, and maybe even a turf war.
There still is a need for SPAM, so spammers will still exist.
v4sw6PU$hw6ln6pr4F$ck 4/6$ma3+6u7LNS$w2m4l7U$i2e4+7en6a2X h
It seemed to me that Can Spam was 100% government corruption. A few have been prosecuted, for show. However, spam has increased.
The purpose of Can Spam was to stop U.S. states from enacting their own legislation. Can Spam made all the laws in the states invalid.
For every problem there is a solution that is simple, obvious and wrong.
80% of spam in the US is sent by Windows PCs that have been infected by an Outlook worm and converted into a zombie spambot. So an idiot customer at my cable ISP shares an IP block with me and his Windows spambot causes my email to be blocked? That's fair.
Why is your ISP not complying with the FTC's request to block port 25 as part of Operation Spam Zombies? I'm sick and tired of dealing with spam from infected home PCs. If you don't have a need to run a mail server, then you don't need port 25 open to the rest of the net.
A Windows spambot with a cable ISP connection can send A LOT of spam. High bandwidth providers need to run software that detects spam (an outgoing spam filter) and shut down a user before a huge volume of spam can be sent. But the ISPs have largely taken the attitude that sending spam is not their problem.
And when they end up on SPEWS and customers start complaining, then they will probably change their attitude.
The FTC and other government agencies have done fuck-all. A few high profile arrests, but the real credit belongs to us long-suffering and now nearly-mad mail admins who have spent the last five years playing catch-up with these bastards and having to deal with all manner of big, medium and small ISPs who didn't give a shit what was spewing out of their networks. My small ISP spent thousands on hardware and software to fend off spam, and worst of all, distributed dictionary attacks that reached into the millions of attempts per day. It was no government agency that came to our rescue, but our own ingenuity and advice from real spam fighters.
The world's burning. Moped Jesus spotted on I50. Details at 11.