When talking to a senior J2EE developer at EDS, I was shocked to learn that he hadn't even heard of JBOSS (that was about a year ago). In addition, their UNIX SysAdmins don't always know UNIX very well (they don't understand what Zombies are, and don't understand how deleted files that are still open can be contributing to disk space filling up).
Yes, EDS should be avoided. It's like they almost try to not be customer-friendly. They require even the most minor changes go through a 30-day change review process. I understand the need for a change review process, but theirs is particularly nasty, and doesn't do a lot of good (noone actually reviews the changes like they should).
Taxes subsidize regular bulk mail. So your point is incorrect. In addition, no one has provided a way for email senders to pay, to it's kind of silly to ask email senders to pay when there is no mechanism is available.
Anyway, I hope you do bounce anything you get from me, as that is your right.
When you aren't obeying laws, you aren't part of any system - communist, capitalist, or whatever. You are, by definition, outside of the system. The fact that you haven't been caught is irrelevant to the fact that you have chosen to not be a part of the given system.
"Now they are yet another example of the horrible things which occur with increasing regularity in capitalism gone out of control. They are a flashing billboard screaming out that our controls are not working and they need updating."
I agree.
"Your statement would indicate that it is not possible for such a company to have ever come into being."
'"Well sure, those people stole the credit card information that was stored on our server, but we're not responsible for that at all! They did it, not us!"'
There is no perfectly secure system. Should the Free Software Foundation be liable to damage done by modified source code in their recent breaking to Savannah? What about Debian? In both cases, they were not using the absolute best security practices.
Why not? Because it's impossible to make a system that is both absolutely secure and completely usable. Every system has tradeoffs. At one end there is gross negligence, and at the other end is a completely worthless system.
I agree that spam == unsolicited email. I just disagree with what you define as unsolicited. I don't find the need to call-back everyone who telephones me to confirm their identity, or mail-back everyone who gives me their business card, or confirm that when people give me their email address that its legitimate.
"If you send email to it without confirming it, that email is spam by all of the commonly accepted definitions."
You are intentionally leaving out definitions you disagree with. I think the Direct Marketing Association would be a reasonable entity to include a definition from, and their definition is much looser than mine. Congress would also be a legitimate source of definitions, and theirs disagrees with yours also. I'm not saying that my sources are better than yours (as I'm not a big fan of the current congress), but just pointing out that your concept of "all definitions" seems to be intentionally leaving out any definition that disagrees with you. It's easy to get absolute agreement when you leave out the opposition:)
Wow. So only the opinions of those who agreee with you matter. Great. What a way to have a conversation.
'They take your email address and enter it into hundreds or thousands of sign-up forms on the web. Perhaps you need to reread that link about "The Story of Nadine" if you don't believe this.'
I'm perfectly aware of it happening. As you notice, my email address is publicly available. When I talk about email marketing, people sign me up for all sorts of wierd things.
However, the act of signing up a third party for an email they don't want is fraud. It's not the list maintainer's fault that fraud happens, it is the person perpetrating the fraud.
"It's still spam. Spam is about consent, not content."
I agree.
"Sorry, your need to advertise does not give you the right to spam."
I agree. We just disagree on the definition of spam.
"I'm not making this up. Go read some anti-spam web pages."
Again, you are assuming that people who agree with you are the only ones out there. I know that there are people who agree with you. There are also people who don't. Using the existence of people who agree with you as proof that you are right is really bad logic.
"A PERSON WHO EMPLOYS A SPAM FILTER DOES NOT WANT SPAM"
This is incorrect. There are many reasons people install a spam filter. Sometimes, they just don't want porn spam. Sometimes, they just don't want annoying emails (you know, the ones with the million exclamation points). Sometimes, they just don't want unsolicited mail.
I agree that using _deceptive_ practices to circumvent spam filters is wrong. However, making sure your content isn't overly image-heavy, that you don't use all caps or too many exclamation points, or that you make sure that your Content-Type header includes a charset="" I think are perfectly acceptable ways of circumventing spam filters.
1) most spam filters are company-wide. Individual users - the ones who sign up for mailings - have no ability to create whitelists.
2) it requires that the user know a) that they have spam filtering software installed (most corporate users do not) and (b) know how to set up whitelists properly. These two rarely occur.
3) If the whitelists are based on the server it is being sent from, this would also require that they know the details of how SMTP works, and know from which server they want to whitelist. This never happens.
I'm actually a big fan of the spam filters that just modify the subject line to "[may be spam]". This way, all email is delivered, and the user has to modify their settings for automatic removal. This makes sure that the end-user is the one removing the email, not another entity.
You would not believe the number of companies we have talked to, where the bosses didn't even know that they had spam filtering software set up until they started not getting the Monday Morning Memo from our chamber of commerce.
"See Enron for an example. They were held up as a shining example of the wonders of capitalism before it was widely reported that the leaders of the company were, in fact, scum."
Exactly. Before people knew they were corrupt, we thought they were a great company. Now that we know that they were involved in illegal businesses, we know that they are not. This proves my point.
"Because I didn't give my addy to the guy at the door for purposes of emailing me crap from random event participants. I gave my addy to him because he said it would only be used by the event producers to notify about future events."
I did not read the agreement that they agreed to, but you are definitely making blind suppositions here.
The response to that mailing was amazingly positive - and we continued to have click-throughs until a year later (the email tool I wrote has a nifty feature that allows you to see the longevity of your email - how many people are clicking it over a time period - very useful information - it's helped us learn to build emails that are useful for longer periods).
1) Noone is paying for the time it takes for me to open snail mail that I didn't ask for. This is a lot more costly than the stamp.
2) The incident rate of that happening is extremely low.
3) The cost in that case should be on the shoulders of the person who fraudulently filled out the form, not on the person who sent the email.
Having said all that, if there was a legitimate, well-accepted way to reimburse people for bandwidth usage, I don't think my company would have any problem paying it. I can't imagine that, for the volume of emails sent using our service, that it would be over $25/month. I don't see why people blame _certain_ people who send email for not paying for end to end costs, when a mechanism for doing so DOES NOT EXIST! Should offtopic posts on technical mailing lists come with the same penalties?
"That is theft of service, plain and simple."
No, that is _getting_ service, plain and simple, unless you want to start throwing aunts and uncles in jail who email their entire addressbook the most recent joke they just heard along with the email headers for the last 1000 people that received it.
You go to a convention. You voluntarily give your email address to the guy at the door (not required for entry). A week later you get an email from a company that was at the convention, who informs you that they got the email address from the convention.
"Here's a mental experiment, since you're obviously in denial. If you run a web site, and you accept sign-ups for a mailing list, then anyone can enter any email address."
You are right, and the people who sign up others should be prosecuted for fraud, since that is what they are doing.
This is no different than any other non-email system. Do you apply the same standards to them? Do you require that the government first send you a confirmation of address notice before sending you your tax rebate check - and if you don't return your confirmation of address notice they'll just keep the check?
The fact is, many non-technical email users get confused by confirmed opt-in, and don't know what to do with the message. They don't understand why they are receiving it, and think that the message itself is a scam (why else would someone be re-requesting confirmation when I already submitted my email address?).
The fact is, every action you require your userbase to take will drop off responses by about 80% (except for opening, which is usually a fairly high rate). So, if it takes 4 clicks to buy something, you are almost certain to have next to no one at the end of the line. Similarly, if you require people to confirm their opt-in request, you will have a similar drop-off, even though those people would have wanted to receive your email - they just didn't want to go through the extra step to get it.
"ANYTHING ELSE MAKES THAT SITE A SPAMMER."
Based on what, you and some of your friends? I don't think so. Our ISP (who makes spam filtering one of their main businesses) doesn't think so. Our customers don't think so. Their recipients don't think so. I think you need to rethink your position.
"The law needs to treat circumvention of a spam filter the way it treats circumvention of any other computer security measure -- do it for the purpose of gaining unauthorized access to somebody else's system, do 5-10 years in prison (real don't-drop-the-soap prison, not Club Fed)."
It depends on what you mean by "circumvention of a spam filter". When I say that I'm talking about simply sending your mail through spamassassin, and then checking the test results. Honestly, I've had to train some individual users how to "circumvent spam filters" for their personal email, because their _personal_ mail was being flagged as spam. Should that qualify for a "don't-drop-the-soap" prison sentence?
There's a big difference between sending email that isn't annoying (which is usually what is setting off spam filters like SpamAssassin) and breaking into computers and circumventing security systems.
Have you ever signed up to receive notices of books from half.com? Isn't that email marketing? Is there something not legitimate in what they're doing (there may be - I don't represent them - but I haven't found any spam problems from using their service).
"you keep selling e-mail addresses to spammers."
My company does no such thing. Why do you allege that all companies act like the ones you receive mail from? We don't rent lists except for an extremely limitted set of circumstances, and we never sell lists, and we make sure our customers don't, either.
In fact, we have lost a lot of business because we refuse to do those things. The reason why you haven't received mail from us is simply because our mailings are very targetted, usually to the direct customers of the businesses we are mailing to.
"You had your chance to distance yourselves from the spammer"
Hold on a minute. _I_ did? Do you even know me?
"the DMA has positioned itself to be spam-friendly with their staunch opposition to confirmed opt-in mailing."
I would have to agree with the DMA. In no other part of marketing is such a strict standard as confirmed opt-in required. It would be silly to require such for email.
For instance, if you sign up to receive a magazine, should they have to send you a second letter verifying your mailing address that you fill out and return before actually sending you a magazine? What about flyers? Personal contacts?
"The only "legitimate" mailers will a) use confirmed opt-in only, no exceptions"
Disagree entirely.
"b) never buy/sell/share email addresses"
Agree almost entirely (I approve of cooperative emails, such that one company is sending on behalf of the others, but it is clearly stated who owns the email addresses. For example, if company ABC has the addresses, and company XYZ wants to send to that list, company ABC can send out a message saying something like "company ABC introduces company XYZ", which gives the members of the list an opportunity to sign up for company XYZ's list, and also to unsubscribe from ABC's list if they don't like receiving that kind of email).
"c) refuse to work with any service/product that uses spam in any form."
Agree.
"Since nobody adheres to these standards then that list of "legitimate" mailers is very short indeed."
Even with my relaxed rules, you are correct that the list is very short. In fact, many ISPs contribute directly to spam by selling addresses.
"does your company send messages to people who haven't subscribed to your list in the first place, or do you just remove the people who complain?"
We have only sent out two campaigns to people who did not subscribe directly to that companies emailing. In both cases they were sent to a trade show mailing list at which the company was a part of the trade show, and the fact that they were receiving the email because they had signed up at the trade show were clearly stated.
Other than that, everything we send is from being directly subscribed, or to existing customers of a company.
He's BSing. The company I work for sends legitimate email, and we have one of the best unsubscribe-handling engines in the industry (maybe that's why we're so small!) It doesn't cost hardly anything to handle unsubscribes correctly.
"All you need to do is make it easy for the people receiving the newsletters to opt out, make sure they know someone requested it and it's not spam, and require some sort of verification to make sure anyone can't sign them up."
Trust me, even this doesn't always help.
"If a user complains in the first place, you have a problem with them getting a newsletter that they didn't want."
Do you forget how stupid some people are? When I worked for Wolfram Research, we sent out our monthly newsletters, which included the email address that it was being sent to. We had complaints from people who asked us to take them off our list, but they kept on giving us the wrong address - we were sending it to an old address, and they never bothered to look (even though we told them to) at the bottom of the email to see what address the email was being sent to. It took several months and we received several really nasty emails from this idiot.
You post is somewhat true. However, the law only applies to unsolicited bulk email. I'm sure there will be a million ways to "accidentally" solicit email in the near future.
"Before being added to the list you must send a confirmation email to each new address, and the person must reply or repond some way (with a unique, unforgeable token.) If you do not do this you are a spammer, regardless of what you may think."
And you base this on... what exactly? It makes someone a spammer because _you_ say so? I disagree, and so do most people.
I personally can't stand having to sign up multiple times for email I want.
Slashdot Mirror
When talking to a senior J2EE developer at EDS, I was shocked to learn that he hadn't even heard of JBOSS (that was about a year ago). In addition, their UNIX SysAdmins don't always know UNIX very well (they don't understand what Zombies are, and don't understand how deleted files that are still open can be contributing to disk space filling up).
Yes, EDS should be avoided. It's like they almost try to not be customer-friendly. They require even the most minor changes go through a 30-day change review process. I understand the need for a change review process, but theirs is particularly nasty, and doesn't do a lot of good (noone actually reviews the changes like they should).
I don't see how this is a result of capitalism. It seems to be a result of evil people.
Taxes subsidize regular bulk mail. So your point is incorrect. In addition, no one has provided a way for email senders to pay, to it's kind of silly to ask email senders to pay when there is no mechanism is available.
Anyway, I hope you do bounce anything you get from me, as that is your right.
When you aren't obeying laws, you aren't part of any system - communist, capitalist, or whatever. You are, by definition, outside of the system. The fact that you haven't been caught is irrelevant to the fact that you have chosen to not be a part of the given system.
"Now they are yet another example of the horrible things which occur with increasing regularity in capitalism gone out of control. They are a flashing billboard screaming out that our controls are not working and they need updating."
I agree.
"Your statement would indicate that it is not possible for such a company to have ever come into being."
I guess you totally misunderstood my statement.
'"Well sure, those people stole the credit card information that was stored on our server, but we're not responsible for that at all! They did it, not us!"'
:)
There is no perfectly secure system. Should the Free Software Foundation be liable to damage done by modified source code in their recent breaking to Savannah? What about Debian? In both cases, they were not using the absolute best security practices.
Why not? Because it's impossible to make a system that is both absolutely secure and completely usable. Every system has tradeoffs. At one end there is gross negligence, and at the other end is a completely worthless system.
I agree that spam == unsolicited email. I just disagree with what you define as unsolicited. I don't find the need to call-back everyone who telephones me to confirm their identity, or mail-back everyone who gives me their business card, or confirm that when people give me their email address that its legitimate.
"If you send email to it without confirming it, that email is spam by all of the commonly accepted definitions."
You are intentionally leaving out definitions you disagree with. I think the Direct Marketing Association would be a reasonable entity to include a definition from, and their definition is much looser than mine. Congress would also be a legitimate source of definitions, and theirs disagrees with yours also. I'm not saying that my sources are better than yours (as I'm not a big fan of the current congress), but just pointing out that your concept of "all definitions" seems to be intentionally leaving out any definition that disagrees with you. It's easy to get absolute agreement when you leave out the opposition
A little ego-centric, aren't we? It appears you want the world to revolve around you. Sorry, it doesn't.
"Look, there is no debating this."
Wow. So only the opinions of those who agreee with you matter. Great. What a way to have a conversation.
'They take your email address and enter it into hundreds or thousands of sign-up forms on the web. Perhaps you need to reread that link about "The Story of Nadine" if you don't believe this.'
I'm perfectly aware of it happening. As you notice, my email address is publicly available. When I talk about email marketing, people sign me up for all sorts of wierd things.
However, the act of signing up a third party for an email they don't want is fraud. It's not the list maintainer's fault that fraud happens, it is the person perpetrating the fraud.
"It's still spam. Spam is about consent, not content."
I agree.
"Sorry, your need to advertise does not give you the right to spam."
I agree. We just disagree on the definition of spam.
"I'm not making this up. Go read some anti-spam web pages."
Again, you are assuming that people who agree with you are the only ones out there. I know that there are people who agree with you. There are also people who don't. Using the existence of people who agree with you as proof that you are right is really bad logic.
That's true. It took me a while to convince him that sending email cost the recipient money.
"A PERSON WHO EMPLOYS A SPAM FILTER DOES NOT WANT SPAM"
This is incorrect. There are many reasons people install a spam filter. Sometimes, they just don't want porn spam. Sometimes, they just don't want annoying emails (you know, the ones with the million exclamation points). Sometimes, they just don't want unsolicited mail.
I agree that using _deceptive_ practices to circumvent spam filters is wrong. However, making sure your content isn't overly image-heavy, that you don't use all caps or too many exclamation points, or that you make sure that your Content-Type header includes a charset="" I think are perfectly acceptable ways of circumventing spam filters.
The problems are:
1) most spam filters are company-wide. Individual users - the ones who sign up for mailings - have no ability to create whitelists.
2) it requires that the user know a) that they have spam filtering software installed (most corporate users do not) and (b) know how to set up whitelists properly. These two rarely occur.
3) If the whitelists are based on the server it is being sent from, this would also require that they know the details of how SMTP works, and know from which server they want to whitelist. This never happens.
I'm actually a big fan of the spam filters that just modify the subject line to "[may be spam]". This way, all email is delivered, and the user has to modify their settings for automatic removal. This makes sure that the end-user is the one removing the email, not another entity.
You would not believe the number of companies we have talked to, where the bosses didn't even know that they had spam filtering software set up until they started not getting the Monday Morning Memo from our chamber of commerce.
"See Enron for an example. They were held up as a shining example of the wonders of capitalism before it was widely reported that the leaders of the company were, in fact, scum."
Exactly. Before people knew they were corrupt, we thought they were a great company. Now that we know that they were involved in illegal businesses, we know that they are not. This proves my point.
"Because I didn't give my addy to the guy at the door for purposes of emailing me crap from random event participants. I gave my addy to him because he said it would only be used by the event producers to notify about future events."
I did not read the agreement that they agreed to, but you are definitely making blind suppositions here.
The response to that mailing was amazingly positive - and we continued to have click-throughs until a year later (the email tool I wrote has a nifty feature that allows you to see the longevity of your email - how many people are clicking it over a time period - very useful information - it's helped us learn to build emails that are useful for longer periods).
You're missing two things:
1) Noone is paying for the time it takes for me to open snail mail that I didn't ask for. This is a lot more costly than the stamp.
2) The incident rate of that happening is extremely low.
3) The cost in that case should be on the shoulders of the person who fraudulently filled out the form, not on the person who sent the email.
Having said all that, if there was a legitimate, well-accepted way to reimburse people for bandwidth usage, I don't think my company would have any problem paying it. I can't imagine that, for the volume of emails sent using our service, that it would be over $25/month. I don't see why people blame _certain_ people who send email for not paying for end to end costs, when a mechanism for doing so DOES NOT EXIST! Should offtopic posts on technical mailing lists come with the same penalties?
"That is theft of service, plain and simple."
No, that is _getting_ service, plain and simple, unless you want to start throwing aunts and uncles in jail who email their entire addressbook the most recent joke they just heard along with the email headers for the last 1000 people that received it.
Okay, let me get this straight.
You go to a convention. You voluntarily give your email address to the guy at the door (not required for entry). A week later you get an email from a company that was at the convention, who informs you that they got the email address from the convention.
I'm sorry, how is that spam?
"Here's a mental experiment, since you're obviously in denial. If you run a web site, and you accept sign-ups for a mailing list, then anyone can enter any email address."
You are right, and the people who sign up others should be prosecuted for fraud, since that is what they are doing.
This is no different than any other non-email system. Do you apply the same standards to them? Do you require that the government first send you a confirmation of address notice before sending you your tax rebate check - and if you don't return your confirmation of address notice they'll just keep the check?
The fact is, many non-technical email users get confused by confirmed opt-in, and don't know what to do with the message. They don't understand why they are receiving it, and think that the message itself is a scam (why else would someone be re-requesting confirmation when I already submitted my email address?).
The fact is, every action you require your userbase to take will drop off responses by about 80% (except for opening, which is usually a fairly high rate). So, if it takes 4 clicks to buy something, you are almost certain to have next to no one at the end of the line. Similarly, if you require people to confirm their opt-in request, you will have a similar drop-off, even though those people would have wanted to receive your email - they just didn't want to go through the extra step to get it.
"ANYTHING ELSE MAKES THAT SITE A SPAMMER."
Based on what, you and some of your friends? I don't think so. Our ISP (who makes spam filtering one of their main businesses) doesn't think so. Our customers don't think so. Their recipients don't think so. I think you need to rethink your position.
"The law needs to treat circumvention of a spam filter the way it treats circumvention of any other computer security measure -- do it for the purpose of gaining unauthorized access to somebody else's system, do 5-10 years in prison (real don't-drop-the-soap prison, not Club Fed)."
It depends on what you mean by "circumvention of a spam filter". When I say that I'm talking about simply sending your mail through spamassassin, and then checking the test results. Honestly, I've had to train some individual users how to "circumvent spam filters" for their personal email, because their _personal_ mail was being flagged as spam. Should that qualify for a "don't-drop-the-soap" prison sentence?
There's a big difference between sending email that isn't annoying (which is usually what is setting off spam filters like SpamAssassin) and breaking into computers and circumventing security systems.
"There is no legitimate email marketing."
Have you ever signed up to receive notices of books from half.com? Isn't that email marketing? Is there something not legitimate in what they're doing (there may be - I don't represent them - but I haven't found any spam problems from using their service).
"you keep selling e-mail addresses to spammers."
My company does no such thing. Why do you allege that all companies act like the ones you receive mail from? We don't rent lists except for an extremely limitted set of circumstances, and we never sell lists, and we make sure our customers don't, either.
In fact, we have lost a lot of business because we refuse to do those things. The reason why you haven't received mail from us is simply because our mailings are very targetted, usually to the direct customers of the businesses we are mailing to.
"You had your chance to distance yourselves from the spammer"
Hold on a minute. _I_ did? Do you even know me?
"the DMA has positioned itself to be spam-friendly with their staunch opposition to confirmed opt-in mailing."
I would have to agree with the DMA. In no other part of marketing is such a strict standard as confirmed opt-in required. It would be silly to require such for email.
For instance, if you sign up to receive a magazine, should they have to send you a second letter verifying your mailing address that you fill out and return before actually sending you a magazine? What about flyers? Personal contacts?
"The only "legitimate" mailers will a) use confirmed opt-in only, no exceptions"
Disagree entirely.
"b) never buy/sell/share email addresses"
Agree almost entirely (I approve of cooperative emails, such that one company is sending on behalf of the others, but it is clearly stated who owns the email addresses. For example, if company ABC has the addresses, and company XYZ wants to send to that list, company ABC can send out a message saying something like "company ABC introduces company XYZ", which gives the members of the list an opportunity to sign up for company XYZ's list, and also to unsubscribe from ABC's list if they don't like receiving that kind of email).
"c) refuse to work with any service/product that uses spam in any form."
Agree.
"Since nobody adheres to these standards then that list of "legitimate" mailers is very short indeed."
Even with my relaxed rules, you are correct that the list is very short. In fact, many ISPs contribute directly to spam by selling addresses.
"does your company send messages to people who haven't subscribed to your list in the first place, or do you just remove the people who complain?"
We have only sent out two campaigns to people who did not subscribe directly to that companies emailing. In both cases they were sent to a trade show mailing list at which the company was a part of the trade show, and the fact that they were receiving the email because they had signed up at the trade show were clearly stated.
Other than that, everything we send is from being directly subscribed, or to existing customers of a company.
He's BSing. The company I work for sends legitimate email, and we have one of the best unsubscribe-handling engines in the industry (maybe that's why we're so small!) It doesn't cost hardly anything to handle unsubscribes correctly.
"All you need to do is make it easy for the people receiving the newsletters to opt out, make sure they know someone requested it and it's not spam, and require some sort of verification to make sure anyone can't sign them up."
Trust me, even this doesn't always help.
"If a user complains in the first place, you have a problem with them getting a newsletter that they didn't want."
Do you forget how stupid some people are? When I worked for Wolfram Research, we sent out our monthly newsletters, which included the email address that it was being sent to. We had complaints from people who asked us to take them off our list, but they kept on giving us the wrong address - we were sending it to an old address, and they never bothered to look (even though we told them to) at the bottom of the email to see what address the email was being sent to. It took several months and we received several really nasty emails from this idiot.
I love this idea.
You post is somewhat true. However, the law only applies to unsolicited bulk email. I'm sure there will be a million ways to "accidentally" solicit email in the near future.
"Before being added to the list you must send a confirmation email to each new address, and the person must reply or repond some way (with a unique, unforgeable token.) If you do not do this you are a spammer, regardless of what you may think."
And you base this on... what exactly? It makes someone a spammer because _you_ say so? I disagree, and so do most people.
I personally can't stand having to sign up multiple times for email I want.