>Although he should have thought twice about calling the spammers "criminals" or a criminal gang.
Exactly.
Clearly you can call up a spammer's ISP and say "make your sleazy customer stop spamming me".
It would likely be quite difficult to sue you over such a request.
If however you allege things about the spammer that might open you up to liability.
So keep complaining about spam, but watch what you say, especially in writing.
Maybe the solution is to have the TCPA law and damages apply to the telecom service providers as well and equally.
Then they would get their head right, there would be a liability for them to sign up spammers, junkfaxers, etc.
There are many ISPs, telecom providers, etc. who are losing money, or nearly so. They badly want the revenue from the shady customers who fill our inboxes with crap while pretending to be white hat.
If they had definite liability for the people the agree to do business with things would be better. For us, maybe not for them, at least in the short term. The phone companies are loathe to take responsibility for what their customers do. But it's way past time they did. And the government is gonna have to jamb that responsibility down their throat.
Which is what I said. They don't have the expertise to determine whether a software product is new, novel or non-obvious. Those are the elements required for a patent to be issued.
Thre is obvious danger in letting the USPTO attorneys determine what they are unable to determine, and issue patents that are ill-advised, and by no means novel or even new.
The issue here is clearly that the USPTO's attorneys do not have nearly the expertise required to determine the validity of software patent applications that reach their desk.
The solution to that is for them to get some expertise, or post somewhere where the community can comment on pending applications, which would all have to be done without mentioning the patent application.
Un-issued patent applications are confidential.
They should not be issuing patents on technology that they don't know enough about.
You Said:
>OK, so spammers have to work 10x harder.
The war on spam, which the DNSBLs are a tool is about increasing the cost of spam. Making spammers work harder, keep opening new accounts, and changing ISPs is the strategy.
>As long as there is a margin in spam, people will continue to spam. The fact that spam is increasing suggests that it still pays. At what point are blocklists going to stop spam paying? I have a hunch that the answer is 'never'.
You may be right!
>Turning off the blocklists would indeed be interesting, but, unless the spammers are completely stupid, I wouldn't expect it to have much immediate effect at all. Do they really continue to send to blocked addresses, long term?
Yes, they almost never have valid return addresses so they never know whether the mail gets there or not. The just have stats based on hits on sites and web bugs in html mail. So the answer is yes, they do send long term to blocked addresses.
There were some stats on that, how much actual spam was being blocked by spews, for example.
If you are a customer you have horsepower with the company that is hosting the spammers. I have no such horsepower. I am just another complaint.
If your mail is not being delivered because of activities at your ISP, you can do many things:
1. you can obtain oursourced SMTP for your use and deduct it from your bill.
2. you can move elsewhere.
3. you can sue your hosting company and make them address it.
I can't do any of those things.
Why is spam increasing?
Spam is increasing because spam is increasing.
Spammers have said in nanae that they have to send out 10x as much to get the same amount delivered as they did 2 years ago. That is because of DNSBLs. They have to work harder. Lots harder.
As a test I would propose the three main blocklists (SPEWS, SBL, ORDB) disable their lookups for 24 hours.
Assuming you have 150 spams a day now, and you get 3000 that day, well, that would be illustrative, wouldn't it?
A wake up call.
You said:
In our case, it is because one machine in our 16-bit IP range had been used for spam, so SPEWS blocked 65,000 machines, each of which is administered by a different person/company.
That is to get you up off your butt and call the hosting company and scream bloody murder at them.
As a customer you should have way more influence on them than the victims of the spam sent from the machine at their facility.
The system works.
Sad that we have come to this, though.
I have to hide my email from spammers, when I really want anyone who has anything to say to me to be able to use it.
Hopefully the blocklists will eventually make it impossible for an ISP to provide any services to spammers and stay in business. That is the real goal.
Then we can post our email addresses freely, and interact freely with each other. Now, we gotta hide out.
Ridiculous.
You said:
> Tell EVERYONE you know never to click on any spam links, or buy spamvertised products. People spam because it WORKS. The only real way to stop it is to STOP BUYING SPAMMED PRODUCTS.
There is a term for that.
The Boulder Pledge
"Under no circumstances will I ever purchase anything offered to me as the result of an unsolicited e-mail message. Nor will I forward chain letters, petitions, mass mailings, or virus warnings to large numbers of others. This is my contribution to the survival of the online community."
as proposed by Roger Ebert
http://www.zdnet.com/yil/content/mag/9612/ebert961 2.html
Personally, if I see a banner ad or popup that does actually interest me I avoid clicking on it-- I paste the link into a new browser window, delete any extra stuff in the url, and take a look. That way I just came from nowhere and the miscreants won't get the idea that their advertising worked.
As for the current passive rollover javascript exploit, (and it IS an exploit) the sites that are running those ads should be charging $100 an ad impression.
If Otherwise/Orbitz wants to use such tricks to drive traffic they can just pay for it.
Slashdot Mirror
Just to shut him up. That's all.
>Although he should have thought twice about calling the spammers "criminals" or a criminal gang.
Exactly.
Clearly you can call up a spammer's ISP and say "make your sleazy customer stop spamming me".
It would likely be quite difficult to sue you over such a request.
If however you allege things about the spammer that might open you up to liability.
So keep complaining about spam, but watch what you say, especially in writing.
The defendant is a graduate student. Not the spammer.
Maybe the solution is to have the TCPA law and damages apply to the telecom service providers as well and equally.
Then they would get their head right, there would be a liability for them to sign up spammers, junkfaxers, etc.
There are many ISPs, telecom providers, etc. who are losing money, or nearly so. They badly want the revenue from the shady customers who fill our inboxes with crap while pretending to be white hat.
If they had definite liability for the people the agree to do business with things would be better. For us, maybe not for them, at least in the short term. The phone companies are loathe to take responsibility for what their customers do. But it's way past time they did. And the government is gonna have to jamb that responsibility down their throat.
That was reported to be an additional function of the SOBIG worm from last week.
I haven't seen it confirmed yet, but it was reported.
Which is what I said. They don't have the expertise to determine whether a software product is new, novel or non-obvious. Those are the elements required for a patent to be issued.
Thre is obvious danger in letting the USPTO attorneys determine what they are unable to determine, and issue patents that are ill-advised, and by no means novel or even new.
The issue here is clearly that the USPTO's attorneys do not have nearly the expertise required to determine the validity of software patent applications that reach their desk.
The solution to that is for them to get some expertise, or post somewhere where the community can comment on pending applications, which would all have to be done without mentioning the patent application.
Un-issued patent applications are confidential.
They should not be issuing patents on technology that they don't know enough about.
You Said:
>OK, so spammers have to work 10x harder.
The war on spam, which the DNSBLs are a tool is about increasing the cost of spam. Making spammers work harder, keep opening new accounts, and changing ISPs is the strategy.
>As long as there is a margin in spam, people will continue to spam. The fact that spam is increasing suggests that it still pays. At what point are blocklists going to stop spam paying? I have a hunch that the answer is 'never'.
You may be right!
>Turning off the blocklists would indeed be interesting, but, unless the spammers are completely stupid, I wouldn't expect it to have much immediate effect at all. Do they really continue to send to blocked addresses, long term?
Yes, they almost never have valid return addresses so they never know whether the mail gets there or not. The just have stats based on hits on sites and web bugs in html mail. So the answer is yes, they do send long term to blocked addresses.
There were some stats on that, how much actual spam was being blocked by spews, for example.
If you are a customer you have horsepower with the company that is hosting the spammers. I have no such horsepower. I am just another complaint.
If your mail is not being delivered because of activities at your ISP, you can do many things:
1. you can obtain oursourced SMTP for your use and deduct it from your bill.
2. you can move elsewhere.
3. you can sue your hosting company and make them address it.
I can't do any of those things.
Why is spam increasing?
Spam is increasing because spam is increasing.
Spammers have said in nanae that they have to send out 10x as much to get the same amount delivered as they did 2 years ago. That is because of DNSBLs.
They have to work harder. Lots harder.
As a test I would propose the three main blocklists (SPEWS, SBL, ORDB) disable their lookups for 24 hours.
Assuming you have 150 spams a day now, and you get 3000 that day, well, that would be illustrative, wouldn't it?
A wake up call.
You said:
In our case, it is because one machine in our 16-bit IP range had been used for spam, so SPEWS blocked 65,000 machines, each of which is administered by a different person/company.
That is to get you up off your butt and call the hosting company and scream bloody murder at them.
As a customer you should have way more influence on them than the victims of the spam sent from the machine at their facility.
The system works.
Sad that we have come to this, though.
I have to hide my email from spammers, when I really want anyone who has anything to say to me to be able to use it.
Hopefully the blocklists will eventually make it impossible for an ISP to provide any services to spammers and stay in business. That is the real goal.
Then we can post our email addresses freely, and interact freely with each other. Now, we gotta hide out.
Ridiculous.
You said: > Tell EVERYONE you know never to click on any spam links, or buy spamvertised products. People spam because it WORKS. The only real way to stop it is to STOP BUYING SPAMMED PRODUCTS. There is a term for that. The Boulder Pledge "Under no circumstances will I ever purchase anything offered to me as the result of an unsolicited e-mail message. Nor will I forward chain letters, petitions, mass mailings, or virus warnings to large numbers of others. This is my contribution to the survival of the online community." as proposed by Roger Ebert http://www.zdnet.com/yil/content/mag/9612/ebert961 2.html
Personally, if I see a banner ad or popup that does actually interest me I avoid clicking on it-- I paste the link into a new browser window, delete any extra stuff in the url, and take a look. That way I just came from nowhere and the miscreants won't get the idea that their advertising worked. As for the current passive rollover javascript exploit, (and it IS an exploit) the sites that are running those ads should be charging $100 an ad impression. If Otherwise/Orbitz wants to use such tricks to drive traffic they can just pay for it.