Strict New Anti-Spam Regulations In Canada

An anonymous reader writes "David Reese provides an interesting analysis of just how far Canada's new anti-spam legislation goes, and its implications for business. This may provide a valuable template for citizens of other countries, and may also encourage Canadians to prepare for the inevitable push-back from spammers. It is not clear from this analysis whether the legislation would affect telemarketing, but even if it does not it provides a useful precedent for future regulation in that area."

Opt-in? Finally! Wish I was Canadian.

[i+kan+reed]

About time, these companies that deem you to want to know about their "special offers" are a horrible blight on people who want relevant information. Too bad the U.S. government hates non-corporation people.

So what...

[Kinwolf]

I live in Canada, and we still get tons of spam, telemarketing phones calls on home line and cel phone. They simply come from the USA now. Country laws are useless when crime has no more frontier.

Re:So what...

As another Canadian I have to say my personal fav is US spam telling me how i can get cheap drugs in Canada.

Don't worry, after all the exemptions you will still get spam.

You know the first exemption will be "politicians" sending mass email.

Re:So what...

[Cabriel]

Speaking as a Canadian, if a telemarketer from the US calls a Canadian phone, they have to abide by Canadian laws regarding the phone call as should be described in our trade agreements for doing cross-border business. Sign up for the Canadian Do Not Call Registry. It works.

Re:So what...

[AmiMoJo]

I don't know if you can do this in Canada but I set my phone to automatically send "out of area" calls to voicemail. It's really effective because the spammers waste their time talking to a machine and it's easy for me to simple delete anything from numbers I don't recognize without even listening to them.

Re:So what...

[dimeglio]

Agreed. Since being on the list, the number of calls I get from marketing companies at supper time is practically zero.

go canada

[dirtaddshp]

seems they have been doing alot more right than wrong recently.

Re:go canada

[Quasimodem]

I guess you missed Bills C-30 and C-46 which would have forced ISP's to give police access to information on all Canadian Internet subscribers and all their private communications – without a court warrant.

And you must have also missed Vic Toews, former Conservative Minister of Public Safety, saying to an opponent that "he can either stand with us or with the child pornographers."

If Canada is doing anything right, its on account of it's citizenry fighting back against its government.

Re:go canada

[Mashiki]

Pretty sure that no one missed it. Rather that the general public was wholly against the law, made their displeasure known, and it was killed hard and fast for being stupid. Regardless of that, it would have ended up at the supreme court and would have been struck down as over-reaching. Similar to how the warrantless tapping of phones was struck down as unconstitutional even in exigent circumstances(as a note---that was the same wording in C30 and C46.).

Of course it was also the same government that you're talking about fighting back against, who gave the CRTC a kick to the face when they tried to force User based billing(UBB) on everyone, and at rates that would have made being on a TPIA(third party internet provider) so expensive that people would have no choice to go back to the incumbents.

Where are the loopholes?

[denis-The-menace]

You know. The ones for political campaigning, well connected people, etc.

Every single one of these Anti-Spam laws come with them.

I'm Canadian

[ArcadeMan]

Any reply to this comment will be treated as unwanted spam.

Being Canadian, however, I feel the need to say that I'm sorry if my comment offended anyone.

Re:I'm Canadian

[atom1c]

LOL! Well, if any comment is treated as unwanted spam, then I might as well laud you for your actions and attempt at humour... cuz nobody ever wants to be recognized for any actions they've ever taken.

Why would the spammers pay attention?

[Kenja]

There are tons of regulations etc against spam in many countries. Guess what? The people running the spam/scan email systems simply do not care. There is zero enforcement of these rules, so why should adding more regulations make any difference?

Re:Why would the spammers pay attention?

[msobkow]

Yeah, I expect it to be about as useful as the "Do Not Call" registry.

Re:Why would the spammers pay attention?

[Tablizer]

There is zero enforcement of these rules

Often it's because either the perpetrators are in a different country, and/or they are small fly-by-night "shadow" companies that shuffle names and recombine every couple of weeks such that you can't find them.

Re:Why would the spammers pay attention?

[godel_56]

There are tons of regulations etc against spam in many countries. Guess what? The people running the spam/scan email systems simply do not care. There is zero enforcement of these rules, so why should adding more regulations make any difference?

Not at all. It looks like Canada has pretty much copied its legislation from Australia, and the Australian laws have been working pretty well for several years.

You can only send ads/spam if you have an established business relationship with the recipient or have opted in in some manner (filled out some kind of promotional form, most likely), and every message must have a working unsubscribe link. The amount of spam generated by Australia dropped to almost zero compared to what it was before the legislation was introduced, and there is proper enforcement — some bulk spammers have been fined millions of dollars.

Re:Why would the spammers pay attention?

[sjames]

The fines are big enough to make law enforcement interested.

When spamming is illegal, only criminals will spam

[Gothmolly]

Oh wait, that's happening already. Thanks for a useless law.

Do Not Call List

[intermodal]

I expect that this will probably be about as frequently enforced at the USA's National Do Not Call List.

Re:Do Not Call List

[Em+Adespoton]

Well, the Canadian DNC list had the effect that now all telemarketing calls to Canada come from Texas. I'm all for a law that stops Canada being a spam source, even if they just incorporate in Texas. It narrows the field, and makes it easier for me to decide if something's legit or not. Once all calls and emails coming from Texas are deemed unsolicited, it's an easy step to blocking Texas until they clean up their act.

Re:Do Not Call List

[Khopesh]

I expect that this will probably be about as frequently enforced at the USA's National Do Not Call List.

I agree. It takes a substantial amount of infrastructure to merely facilitate a complaint-receiving mechanism let alone to act on it. (I would know, I work on SpamCop, and our "enforcement" consists of sending abuse reports to network owners and/or blocklisting IPs on the SpamCop Block List.)

Re:Opt-in? Finally! Wish I was Canadian.

[JackieBrown]

About time, these companies that deem you to want to know about their "special offers" are a horrible blight on people who want relevant information. Too bad the U.S. government hates non-corporation people.

Or the U.S. government doesn't want to put the final nail in the U.S. Post Office's coffin.

Uhhhm, yeah.

[Kimomaru]

They don't think that maybe email should be retired and replaced with a secure technology? Maybe they can get started legislature that will mandate more memory for the Atari 2600.

Opt-in

I think opt-in is the only way it should be done. Germany also has this i think, double opt-in via email is the method implemented, so you even have to confirm your opt-in. I dont think it will harm businesses as much as stated in the article as it is working elsewhere. What is interesting is the penalties. I think they should be percentage of gross earnings instead of a flat rate penalty. The biggest issue which is not addressed is not spam from canadian firms but spam coming from other countries where the canadian law does not apply.

Re:Opt-in

[Khopesh]

You "opt in" whenever your RFID badge is scanned at a conference or buy a product online. That's why they're giving out so many "free" iPads at conferences.

Most businesses claim that they would be crippled by using confirmed opt-in. That's probably an exaggeration, but the next step to winning that iPad could merely be confirming the opt-in email notification (which is increasingly trivial due to email-ready smartphones).

You also need to consider international marketers, who aren't subject to most of these laws (and/or risk nothing by way of enforcement). They'll keep doing whatever they like. Beyond that, there's the straight-up criminals, and there's nothing stopping them from buying lists from shady (or legit) marketers, scraping emails off the web, or even walking through a conference with a homemade RFID badge reader.

Re:Opt-in? Finally! Wish I was Canadian.

[i+kan+reed]

No, I'm pretty sure there's a faction that has been actively trying to do exactly that for decades, irrespective of the existence of the internet.

Re:When spamming is illegal, only criminals will s

[KPU]

Many businesses spam customers. Banks are especially bad about this. No I would not like a balance transfer.

Dead Tree Spam

[Russ1642]

I get so much dead tree junk mail that I'm surprised there aren't laws trying to stop it.

Re:Dead Tree Spam

[Em+Adespoton]

I get so much dead tree junk mail that I'm surprised there aren't laws trying to stop it.

That stuff supports the postal system.

Interestingly, in Canada, if you affix a sticker to your mailbox indicating you do not with to receive bulk mail, they're supposed to honour it. Unfortunately, they rarely do.

Re:Dead Tree Spam

[green1]

I have a sticker on my mailbox that says "no flyers" they honour it some of the time, when they don't, I file an online complaint with Canada Post, that stops the junk mail for a couple of months, and then they start delivering it again.
I had an argument with my letter carrier at one point, I caught them putting jumk mail in my mailbox, I asked if they would please stop doing that, they told me to get a sign, I pointed at the one already there, and then they claimed that they never put junk mail in mailboxes with signs like that! (ummmm... I just caught you doing it!!) Of course even those signs also won't help with "addressed admail" which is usually addressed to "current occupent" or "resident" They insist they have to deliver those ones by law. Unfortunately I do still get the occasional important item by mail, so I can't just put up razor wire around the mailbox and tell Canada Post to stick it.

Re:Dead Tree Spam

[aclarke]

Don't forget the crap they just throw onto your driveway that has nothing to do with Canada Post.

Try unsubscribing

[clarkkent09]

I used to just delete spam but one day I went through a whole bunch of them and clicked on unsubscribe. The amount of spam went down to almost nothing. Totally worth the 15 min of effort. Legitimate companies (who make up most of the spam I get these days) honor unsubscribe requests, the illegitimate ones will not care about any anti-spam laws anyway.

Re:Try unsubscribing

[i+kan+reed]

It's still an unnecessary hassle to reduce the noise levels. Nobody asked for it.

Re:Try unsubscribing

[Beardo+the+Bearded]

Then filter out any email with the word "unsubscribe" and whitelist the stuff you do want.

In real life, you still have to take out the garbage and recycling.

Re:Try unsubscribing

[Hamsterdan]

The difference is nobody sends you unwanted garbage bags

Re:Try unsubscribing

[Tom]

Legitimate companies don't send you crap that you didn't sign up for.

I unsubscribe from stuff when I actually did want it once, or if I registered somewhere and probably forgot to uncheck the "please fill my inbox with crap" box.

But everything that is actually unsolicited commercial email will very, very, likely not come from a legitimate company, because those wouldn't subscribe you to anything without your knowledge in the first place.

What you do when you click on that link is considerably raising the value of the address they can then sell to others, because they have now verified that not only is it a valid address, it also belongs to someone who actually reads the shit and apparently has bad spam filters.

Congratulations, you just made a spammer a couple bucks.

Re:Try unsubscribing

[aclarke]

If only that was true. I'm mysified how it's legal (in Canada) for people to dump piles advertising printed on dead trees on my driveway several times a week. Why is there no opt-out of that, or better yet, opt-in?

Re:Try unsubscribing

[dryeo]

Put a sign up, "No Papers Delivered Here". Works for some people I know with the community papers full of flyers in the Fraser Valley.

Re:Try unsubscribing

[icebike]

I used to just delete spam but one day I went through a whole bunch of them and clicked on unsubscribe. The amount of spam went down to almost nothing. Totally worth the 15 min of effort. Legitimate companies (who make up most of the spam I get these days) honor unsubscribe requests, the illegitimate ones will not care about any anti-spam laws anyway.

Perhaps things have changed. But probably that only works with companies you actually signed up with yourself at one time.

The bulk of spam is something you've never signed up for, and historically unsubscribing simply got your address passed on
to someone else who would start sending you spam. You might be surprised how often this is still the case. I will occasionally
signup for some temporary thing with a unique name and see how far it spreads.

With Spamassassin or gmail filtering my mail these days I get very little spam.

The spam bin is chock full, but I never look in there. It purges itself after a few days. I seriously don't even look any more.

All those millions of dollars of missed business due to false positives never showed up, and all the fear mongering about not daring to arbitrarily delete spam turned out to be nonsense.

Re:Try unsubscribing

[icebike]

In real life, you still have to take out the garbage and recycling.

But in digital life, computers do that for me.

Why would I spend one minute evaluating spam, when Google or Spam Assassin can do it for me?

Re:Try unsubscribing

[Stan92057]

If they were legitimate they wouldnt have spammed you or me in the first place. Report them all to Spam@utc.gov and Spamcop they get enough complaints they will get big fines. Who spams me now? Facebook,E harmony they have a massive TV ad campaign going on as well now. breyers ice cream, but hate breyers its nothing but air. Which is another complaint i have we are getting assraped by ice-cream makers. I dont unsud from anything i never used or asked for and thats that it all gets reported. PS wasn't there a web site that did the unsubscribing and got death threats so tey quit doing it. Bluefrog something.

Re:Try unsubscribing

[geezer+nerd]

I have done exactly that. I have pretty much eliminated all the spam which had an "unsubscribe" link. I am left with a fair amount of traffic that does not have an "unsubscribe" link in the body of the message. The from addresses seem to morph daily, so setting a "whitelist" or "blacklist" is kind of hard. I quickly peruse my spam folder every day and take out the messages that are not spam, then empty the folder once a day. Now what is bothering me is the messages that get into the spam folder which are not spam. I use Thunderbird, and with POP3 mail I used its spam-detection capability and I could tell it that a piece of mail was "not junk". Now, I get mail via Google Apps using IMAP protocol and Google does the spam detection and the ability to say "not junk" has disappeared in Thunderbird. Does Google Mail have a "whitelist" capability? I did a little bit of searching for an answer, but did not find such a capability.

Re:Try unsubscribing

[dimeglio]

Those dead trees, when exploited reasonably like they are in Canada, are a renewable resource and generate employment. They are also very useful when starting a fireplace fires.

YAY FOR US

[maliqua]

victory is ours

Yes...strict...rolls eyes.

[TheSkepticalOptimist]

Strict as in Canada's Do Not Call list, which only means once every 30 days you get telemarketers calling you, and you ask to be removed for the next 30 days. Also Strict in the sense that you still get hounded by charities and politicians calling you because they are exempt. And strict as in the sense that it's useless because I now get telemarketing from randomly generated phone numbers from foreign countries.

So yes, Canada implemented a useless regulation, again, yay.

The solution to spam is a good email client connected to a great email server. Running your own email server does not count. Creating a law does not work.

Re:Yes...strict...rolls eyes.

[djmurdoch]

So yes, Canada implemented a useless regulation, again, yay.

Don't cheer yet. In fact, though the anti-spam law was passed in April, 2011, but hasn't yet come into effect, because the regulations haven't been finished, so in fact *nothing* has been implemented.

According to the government web site http://fightspam.gc.ca/eic/site/030.nsf/eng/home, "A specific date for coming into force of the law will be set in the coming months." This lets us cheer twice: we can cheer when the date of the useless regulations is announced, and again when that date arrives (if it hasn't been pushed back...)

Re:Opt-in? Finally! Wish I was Canadian.

[suutar]

I would think opt-in would help the post office, by pushing unsolicited mail back from email to paper. Or were you assuming an opt-in approach to the post office as well?

Be careful with unsubscribe links!

[Khopesh]

Hi. I'm in the anti-spam business. You got lucky.

A lot of spammers use fake unsubscribe links as a way of verifying your address and the fact that you read the message. Some questionable businesses have verification elements to their unsubscribe links that will note the fact that you visited the site but then due to a bug fail to process your unsubscribe attempt (thus netting the same effect).

I will sometimes unsubscribe from things, but that's because I want to see how successful it was (and I can deal with the trouble caused by attracting more spam). I do not suggest this for others. Use sites like myWOT to research the link before trusting it enough to follow it and perform the request. Use sites like SpamCop and KnujOn (and, if you're in France, Signal Spam, which has legal enforcement power) to report anything else as spam. All of those reporting agencies are tied to actual enforcement (in some way; KnujOn busts registrars, SpamCop informs network operators (and builds its blocklist), Signal Spam prosecutes if in France).

Re:When spamming is illegal, only criminals will s

[Em+Adespoton]

It's usually better to go with non-nebulous terms like Unsolicited Commercial Email. Annoying emails from banks and organizations which I have a connection with ARE Unsolicited Commercial Email if they are a) unsolicited, b) commercial and c) sent electronically. It doesn't matter if I have a bank account with them; I never told them I was interested in their other offerings. If we had any other conversations over their other offerings, it was me telling them I never wanted to hear about their credit card offerings. Interestingly, if *I* try to contact THEM about such things, they tell me that the credit card stuff comes from a different company held by their parent corporation. Which goes full circle to the fact that I don't have a relationship with that company, and so should not be receiving offers from them.

Hopefully this law will close that loophole.

Wrong results

[EmperorOfCanada]

Any bad companies sending spam will be off-shore and/or untraceable. The legitimate companies sending out emails that people subscribed to will be nailed for not following the exacting letter of the law. Just one more nail in the coffin of non mining businesses in Canada.

A simple predictive test for how effective laws of this type are in Canada would be the 3-5 calls I get per week where I have won a trip, can lower my CC rates, or have a problem with my "Windows" that I must immediately fix. Since the DNC came into effect I receive more, not less. This sucks because I am now answering zero long distance calls where I don't recognize the number.

Re:Wrong results

[Capt.DrumkenBum]

Possibly interesting side note.
I was in a really bad mood, when I received one of those "You have won" calls. As I said I was in a bad mood, so I thought I would take it out on a telemarketer. So I stayed on the line, waiting for someone to yell at. No one came on the line, and after a few minutes they just dropped the call.
Not sure how they make any money when if you don't hangup on them, they hangup on you.

I am always unpleasant and abusive to telemarketers. I figure I am encouraging them to go look for another job. (It's just one of the public services I provide.)

Do Not Call List

[DarthVain]

Sounds very similar to the telemarketing Do Not Call List.

Same problems likely. Too many loopholes. No enforcement.

However it is a step in the right direction. Seems every now and again they might try and make an example of the very worst to make it look like they are actually doing anything about it.

Anyway got to start somewhere I suppose, even if useless and toothless. Typically this kind of legislation is setup to get at the worst offenders, while allowing a lot a pass for economic reasons mostly. Even if it isn't initially enforced, the law is in place that will allow it to be should the public make a big enough fuss about it politically.

Re:When spamming is illegal, only criminals will s

No they don't. Spam is unsolicited and from criminals 100% of the time.

Annoying emails from banks and organizations which you have a connection with are NOT spam. Annoying, yes, but spam they are not.

Oh, and those ones from Citibank aren't actually from Citibank. They're spam from criminals.

Actually, it is

I get monthly mailings separately from Rogers Wireless (I haven't had a Roger's cell in years), Rogers Cable TV, and Rogers Hi-Speed Internet, offering their latest/greatest bundle. I did not opt-in to marketing-spam, and this new law covers that, meaning that if I get letters from them now offering services I repeatedly tell them I don't want, then I can sue them (or at least rat them out and get them a huge fine).

Similarly I get monthly mailings separately from Bell for Wireless "As an existing customer" (I've never had Bell for wireless) and Bell Satellite TV (again, never had dealings with them). Both of these mailings come from a door-to-door marketing firm running through the neighborhood, for whom I opened the door and confirmed I'm the resident (they subsequently signed me up for all of their BS)

The only correspondence I might care about from Rogers is a notice of increase in my existing Cable TV rates (they are legally obligated to send those notifications, so I have time to cancel my service before it goes into effect), or default on payment (which I've never done, but I'd still like to know if I ever do), and I want no correspondence from Bell, ever.

Part of this new law is "Opt-In" is mandatory, instead of "Opt-Out".

I, for one, look forward to our new lack of unsolicited snail-mail.

The standard form

[Megane]

Your post advocates a

( ) technical (X) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(X) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
(X) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(X) Asshats
(X) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
(X) Joe jobs and/or identity theft
(X) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
(X) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(X) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

Re:When spamming is illegal, only criminals will s

[Obfuscant]

meaning that if I get letters from them now offering services I repeatedly tell them I don't want, then I can sue them (or at least rat them out and get them a huge fine).

The web page linked in TFA that talks about this law says nothing about letters, only electronic communications like email.

I, for one, look forward to our new lack of unsolicited snail-mail.

Citation required.

Best part is the handwringing

[Bieeanda]

Because you know, I could give a shit about spammers. It's the otherwise legitimate companies that drag their feet taking me off mailing lists I never signed up for, or make it an ordeal to find the unsubscribe information on their page or in the e-mail-- in the latter case, that shit sometimes doesn't even show up in the plaintext version.

Christ on a crutch. Just today, I got an e-mail from OnLive because some bot or idiot used one of my addresses to sign up with. I went to their opt-out page, and among other things was given the option to reroute their fucking newsletter to someone else's inbox without verification. In retrospect, I should have looked one of their executive e-mail addresses up and given it that.

Re:Opt-in? Finally! Wish I was Canadian.

[icebike]

Correct.

Ant that is why TFA itself says

Will individuals see an effect once the new law is in force? Probably not.

All this means is that Canadians won't spam (if the law is enforced).

Punish the minority despite the majority....

[hawkingradiation]

...Is the mantra of the Harper government. This bill can be seen in the same light: Get real tough (millions of $'s) to punish the few, while still leaving it open for other non-intentional or honest people to get taken to court. If I had a business, I would not like having to ask people to send them emails, I would rather have an "opt-out" system where an initial contact was made with an easy way to say, no thanks. A simple link or button would do, which is less effort than it takes now to opt-out from most spammers and seems to be a more sensible approach.

Reporting to SpamCop does help

[Khopesh]

If you're using SpamCop you might have noticed that more and more ISPs just bounce such reports... Contacting such ISPs via Facebook just gets you list washed (in my experience). The real problem, IMO, are the ISPs that just care more about paying customers than a whining geek bitching about spam.

I don't dispute any of that. SpamCop does not listwash and does not condone listwashing. (I can't speak for Facebook, but they do have a good presence at the last remaining anti-spam conference and they do care.) SpamCop is not really an enforcement mechanism because it has no legal weight. Responsible network admins will be notified, those who ignore or otherwise don't play fair won't. That's merely the first pass; there's also the blocklist. Not perfect, but at least there can be some repercussion (so keep on reporting! Even if it seems like it's not doing anything, we may just not be getting critical mass for action, which can change over time).

We're basically set up to plug right into a legal body for real enforcement. Hint hint.

Re:Wth that I suggest this & why

[Khopesh]

ooh, the nutorious APK spammer, this time spamming us about anti-spam. hi. would you like me to rip you to shreds?

• 1. This would need to be run on your MX record (which likely isn't Windows ...)
• 2. SMTP does not use DNS. You get a connection from a spammer, it dumps email content to you.
• 3. DNS lookups used by anti-spam don't actually resolve domains in links, they use third-party URIBLs.
• 4. If you're suggesting that some anti-spam engineer (hi) design a mechanism to use your hosts file as a URIBL, you're suddently competing with far larger indices that update every few seconds. Your flat hosts file updates ... sorry, I don't see any updating capability on your ad site. The last engine update was 44 days ago.
• 5. Even URIBLs only have visibility into domains that have already been spammed, not new ones.
• 6. There is such a thing as a hosts file that is too big, making me dubious of how scalable APK really is at doing the next-to-nothing that it does.
• 7. You are proud of a program that merely manages a text file that consumes 37MB of memory? Why does your program even need to run after installation? It doesn't appear to get updates.
• 8. You spammed us to advertise your software. Great strategy.

APK, what is your argument?

[Khopesh]

What on-topic points have you made? What citations of efficacy? You can't just say "you're protected" and leave it at that. That's no argument.

I understand how hosts files work. You appear to have a clever system to work around the size limits and make it work efficiently. Great. How performant is your data against live threats? What's your miss rate? How does it compare to URIBLs? How do you deal with non-link threats delivered via email (e.g. 419, attached virus)?