UK ISPs to Shut Down Spamvertised Websites

JebuZ writes "The Register is currently reporting that UK ISPs are targeting ecommerce websites run by spammers in a new 'get tough' policy on junk mail. ISPs belonging to the London Internet Exchange (LINX) have voted through a code of practice which gives them the mandate to shut down websites promoted through spam, even if junk mail messages are sent through a third-party or over a different network. The move is intended to remove the financial incentive to send spam." There's also a BBC story.

How long...

... until people start spamming using their competition's address to facilitate them getting thrown off their host?

Re:How long...

"No! I swear I've been framed! I would *never* send out spam for my site. I'm totally legit! We here at xhegfr.24873xx.pills4u.com are a 100% above-board business!"

Re:How long...

Then again. providing an 800 number is nice clue for spam filters that it IS SPAM.

Of course, like most of the people I deal with at work, my email signature includes our 1-800 number.

Re:How long...

I'd assume that they'd check things out first. Besides, spamvertised websites are rather easy to recognize: I think 95% of all *.biz and *.info sites are spamvertised sites. There's also this whole thing about using fake names, no contact information, companies based in countries where the law isn't taken very seriously or where the law allows spamming, etc.

Re:How long...

It's going to be investigated, not just automatically booted off their host by a postfix script who grepped the URL from an email... :)

Re:How long...

Not long. Not long at all.

Worse yet, spammers will put random innocent web sites in spam just to poison the process.

They'll do it. It's an obvious way to get ISPs to stop blocking web sites.

Another nail in the spam coffin then

Spam is already becoming unreadable with the leet spelling and insertion of random words and phrases. Now they are going to link to random sites as well? So the customer, already not very bright, will now have to first do a enigma style decoding to get the sales messages and then do a guess as to wich link to click?

The harder spam becomes to send the better it is. There is no instant cure, stop watching Oprah you american. The real world requires you to work had on multiple fronts to solve a problem. This is just one tiny drop on the hot plate. But together with all the other little drops it is making a difference.

Re:How long...

... until people start spamming using their competition's address to facilitate them getting thrown off their host?

They have been doing that for years. It's called a joe job [everything2.com], after the first victim of such a scam. These are generally quite easy to detect, though, so they do not generally lead to the victim's website being shut off. The main damage is in the annoyance and the bounces and responses received by the victim, which constitute something akin to a DDoS attack.

In any case, the existence of joe jobs is no reason to penalize actual spammers and stop them from profiting from their spam runs. The only way to do that is shutting off their websites.

Re:How long...

They have been doing that for years. It's called a joe job, after the first victim of such a scam

Not quite. Assume sites X and Y, spammer S that is hired by X (or may be X), user J, and another spammer, T. J is not connected with X, Y, S, or T. A joe job is when S sends mail advertising X, setting the from address to J.

What the original poster is talking about is the case where Y hires T to send spam advertising X. If T sets the return address to J, then that will also be a joe job, but that is not relevant here.

Re:How long...

I'm not clear on how the difference can be detected. If spammer S sends out spam advertising site X, how is anybody going to know if X had hired S (legitimate spam) or competitor Y hired S (a joe job). Basically, you have to know who hired the person doing the spam. Will this come down to an interrogation of spammer S, review of their financial and phone records to find some connection to X or Y? Even that is fairly easy to trick by having S get X to phone them for some reason, and/or have some legitimate financial transaction between them. Perhaps there's something I'm missing that can show Y is really behind the spam.

Re:How long...

They have been doing that for years

Actually, this is different. They are going to shut of sites that are advertised in the spam, so all a spammer has to do is send out a 'free' promotion for a valid website. The addresses used in the spam mail are irrelevant, what they are looking for is site addresses included in the body of the spam.

This is already going on. Last month I got a notification from our ISP at work of a possible spam violation (a very annoying, threatening notification) on our site. It appears that a spammer included our domain name in one of his messages and our ISP was alerted. I explained the we did NOT send out the message, was NOT selling viagra and did NOT want the traffic generated from the spam message, so we still have a website and that was the end of it.

What happens if a spammer, rather than just including my address, crafts a marketing message promoting my site. Might be a little harder to convince my ISP that I didn't initiate the spam.

Re:Spam Whiners: Shit or get off the pot

Either somebody does *something*, however imperfect or flawed, or they do nothing. The whining and the complaining and the doing of nothing adds up to exactly nothing but noise.

It wasn't a whine nor a complaint. And it can have very serious reprocussions. How happy would you be if your legitimate, non-spamming online business was blacklisted because someone else forged fake spam?

I want actions taken, and I want them taken *now*. Collateral damage? Unavoidable -- any solution strong enough to work is going to cause collateral damage.

Wonderful attitude. "Fuck the innocent as long as I'm happy (and it doesn't happen to me)"

This system could be useful, but considering there was no detailed mention of how they're going to deal with this potential problem its a valid question.

SDOS

SDOS

Spam Denial Of Service?

Okay, that acronymn is pretty crappy. What can YOU come up with?

Re:SDOS

Duh. Multitarget Spamming Denial of Service.

Another common type of attack, though not spam-related, is the Distributed Relay Denial of Service. A recent Slashdot story covered the Politically Conceived Denial of Service.

And let's not forget the Systemwide Offensive Linking All Remote Internet Sites, a truly ghastly crime against nature, itself second only to the destructive powers of the terrorist organization known as the Society for the Literal Annihilation of Sites Hosting Data Oriented to Technology (motto: Nothing Ever Withstands the Society; Fear Our Response. Now Eventually Readers Duplicate Stories, Stories That Unfortunately Flopped the First Time, Horribly. Although Taco May Attempt to Tend Things, Evil Results Somehow.)

This message brought to you by the Key Atomic Benefits Office of Mankind.

And this is interesting how?

The Web Hosting company I work for has been doing this for years. You spam, you lose. Simple. From our AUP [amhosting.com]:
# UBE ("spam"): sending unsolicited bulk e-mail, using UBE, even if not sent from American Internet, to advertise (spamvertise) your site, providing any service to spammers such as mailboxes or Web sites.

Is this just now catching on? Shocking.

Re:And this is interesting how?

To those of you saying how bad this is because you could basically DoS your competitor by spamvertising their site, here is a basic explanation of how it should work.

Complaints start rolling in. If its not caught soon, dsbl lists will start blocking the ISP. Is the spam legit? Lets contact the owner of the site. Not legit? Prove it. Usually, it IS legit. We investigate thoroughly and determine the source of said spam, and if its truly not legit spam, done by someone else (this *has* happened with us) then we notify spamcop or whatever list needed that an investigation has been done and its taken care of.

So, with due diligence when it comes to enforcing policies such as this, and not a "shoot first ask questions later" attitude toward shutting off sites, then it becomes a reasonable policy.

Third-partying

1. Start up competitor to /.

2. Send out spam promoting /.

3. See /. shut down.

4. Profit!!!!

Re:Third-partying

1. Start up competitor to /.

2. Send out spam promoting /.

3. See /. shut down.

4. Have your site DOSed by a hoard of angry slashdotters

5. Bankruptcy

Good idea, but...

what will just happen is that these fine folks (cough) will just move elsewhere. It's not like they haven't done it already.
Since there is apparently less than 100 people worldwide responsble for sending out the spam, just find them and shoot say, half of them as a warning to others.

This will only be marginally effective...

...as they're likely to have the same kind of site hosted in multiple places to avoid this problem. :( At best, it will drive up the costs of maintaining said sites, but those costs aren't that high to begin with.

Furthermore, this does nothing to the spammers whose hosters are in collusion with them, and who are profiting themselves.

Re:This will only be marginally effective...

It will do something to those spammers - the ISPs can (and will) block the IP addresses. We're not talking about a citizen's action group here, but a collaboration of every major ISP in Britain.

Re:This will only be marginally effective...

You know, it doesn't really matter. It is the Right Thing To Do(tm) regardless of how effective it actually is on the problem as a whole. In the end, I don't really care how many other people are in in collusion with spammers. I can say with pride that the ISP I work for is tough on spam. And I can say with pride that the ISP I use for home Internet is tough of SPAM. And that is about as much as I can really expect. The idea is to get others to do the right thing and I commend these UK ISPs. Good for them.

-matthew

How tolerant?

I suppose it all depends on how much investigation ISPs are required and/or willing to do.

gives them the mandate to shut down websites promoted through spam

So in theory:

1. Pay spammer $N to include competitor's website in massive deluge of email
2. ???
3. Profit!

This is the way it should go

Fighting with spammers is not going to work ever, as long as they can make even a single penny of profit from their sleazy operations. If their income source is forced to dry, their flow of spam will follow the trend.

IMHO, the companies, who sell their products through the spamvertized channels should be put into the same tight squeeze. I want to see Pfizer sweat for those Viagra ads I receive day in and day out in hundreds.

Nothing new....

My company had one of its accounts suspended briefly last year when one of our clueless clients hired a US company to send e-mails for them to "1 million opt-in UK addresses".

BTW: how gullible can you get? A single opt-in list with about 5% of the Internet-connected population on it? Wow.

Start sending spam from Microsoft and SCO

This is the solution to all of our troubles. Spam as a DOS attack.

I think this is a pretty stupid way to regulate spam. I had a freind that simply set up a dialer to dial the 800 number in the spam 24 hours a day. This seems like a better disincentive to me.

... and thus the casualties begin ...

I can see it now...

You have a competitor in UK? Eating through your market share?

We can take care of that! We, at SPAM, inc, will simply do a wave of aggressive spamming "touting" the virtues of your competitor, and arrange for a few hundred copies of that mailing to reach the sysadmin of the hosting ISP. Say "Goodbye!" to your competitor's web site!

And, for a small extra, we'll even include some advance fee fraud or otherwise illegal contents to the spam. Watch in glee as your competitors are harrased by the authorities to boot!

Hmmm. Sounds like a really, really good idea now doesn't it?

-- MG

i can imagine all kinds of complications here

In theory it sounds nice. However, there are several problems here. First, the offending web site may be hosted by an ISP that doesn't give a damn. It may be overseas. It may be in Russia, or North Korea for that matter. If it is in a non-british jurisdiction all they can do is block access to it. There is no way to take it down. The link may be a referral. As others have already noted, the linked address may be that of someone the spammer doesn't like, resulting in the shutdown or blocking of an innocent web site. With so many potential problems, I doubt whether this initiative has a chance of succeeding.

Get a B1GGER p3nis with L1N UX! (here you go)

Dear friend, The only operating system proven by science to enlarge your penis and make you wealthy is Linux, powered by SCO Technology. visit SCO.com to learn more! refrigerator penguin lovely tang information fr4556631

About time..

As long as they investigate correctly to make sure that the web site in question isn't being framed by someone else, this is excellent.

I'm fairly tired of sites, particularly 'meds and pharms' sellers in Canada. Quite a few seem to have an associate program where 'associates' get paid for the referalls they send. Of course spamming is an ideal way to get these referalls.

Sites using these spam privateers deserve to be shut down.

*applause*

Could we do that in the United States, too?

But what about repeat offenders? Those that open up a new website and advertize by spam on that site, too? Setting up a webpage isn't too hard these days, and one could always send one's servers offshore. This needs to be an international policy.

Not just shut down.

Not just shut down the site, but set up a page saying they were shut down and have the real data on the spammer, and some of the original page.

That allows the people who have been spammed to identify and track the spammer.

Good thinking

Other than the obvious abuse possibilities, this is a good way to remove the incentive to spam people. Until I started getting too much junk mail to keep up with, I would go to the website that was advertised (stripping out the personal identifier junk-text string) and e-mail the webmaster saying that I would never buy their product because of their advertising techniques and that I would actively warn people away from them. I doubt that they took me seriously, but it was nice to rant anyways, and yes I did follow through in my threat for many of those advertisers.

Also, if the spammers are getting a [very low percentage] click-through number, I wonder how many of those are people who have never gotten spam before. The number of people on the internet is growing so quickly, I'd imagine that many of the click-throughs are actually people who have never seen a "bulk unsolicited e-mail" before.

i need you help

DEAR SIR,

i want assure you this no spam i found you email by search web i son very important buznes man who in some politcal truble now rite and need you help get money out bank
in case you no believe you go see please his site SCO [sco.com]

PLEASE TO HEAR YOU RESPONSE.

N!GTXBALU GNTEMBI


darn filter won't let me submit in all caps :(

Code of practice not law...

Please note the article is refering to a code of practice not a law. There will without doubt be different ways in which ISPs might and will implement it. If a competitor is spamming "on your behalf" then you're going to get a warning from your ISP saying that they're considering yanking your plug... you'll then get to address that and show circumstance.

Then if the chaps framing you are in the UK there's legal action you might take against them.

This is a good thing. It's not a draconian law, it's a business consortium agreeing that they they to focus on an issue and deciding common policy on how to address it.

Code of practice, not law.

Increase your Manhood with Microsoft!

Microsoft [microsoft.com] has a temendous new product [microsoft.com] guaranteed to increase your manhood [microsoft.com] by up to three full inches [microsoft.com]! For a no-risk trial [microsoft.com], simply click on the link below:

I want to increase my manhood with Microsoft [microsoft.com]

Hey, a guy can try...

This is a Very Good Thing

SPAM has become a total cancer on the internet. It's growing and sucking resources away from legitimate activities... it's discouraging use of email and costing ISPs and corporations way too much money.

This tumor is so rooted in the Internet, that there is no way to cut it all out without removing some healthy tissue. There is probably no perfect solution to this problem, but it HAS to be addressed.

I truly can't see people resorting to trying to advertise competitor's web sites via SPAM to get them shut down. They'd open themselves up to way too much liability if that actually happened.

IMHO: This solution does a pretty decent job of targetting the tumor without removing much healthy tissue. Again, no solution will perfectly home in on just spammers... innocents will always get caught up in the effort to remove this problem. The trick is to just come up with items and balance it's positive effects against its negative effects.

So now I can Joe Job any .uk site right offline?

Any measures in place to prevent that?

What (if any) recourse does a site accused of spam-vertising have? Do the ISPs just refer to the vague "we can do whatever we want with your account and redefine what's acceptable as we see fit" language in the FAP to drop sites?

I've never seen spam redirect me to a .uk page, I dont know if spammers are just smart enough to keep geography in mind, or what..

How many spamvertised sites are in the UK?

When I submit my daily dose of spam to Spamcop [spamcop.net], I can see that 90% of all websites referred to by spam mails are hosted in China and Brazil, and I don't think either country will do a similar move anytime soon.

It is already common practice for spammers to use bullet-proof hosts (which is even mentioned in TFA).

So I don't think this move will change anything as far as spam goes, but the potential for abuse (see some of the previous comments) will increase, given that most sites hosted by UK ISPS are legitimate.

What's this going to do?

So you shut down a spammer's porn site. They move it to a new host (outside the UK), and continue to spam. If they can kill or gain control of the domain name along with shutting down the site, perhaps this could work.

I hope it does.

I hope they punish more than just email spam, too. Usenet, IRC, and instant messengers need help, too.

new DOS ?

great, now I just have to send SPAM for my competitor to this provider (with fake ads so that it is not a very intersting product), i blur the trace to me and the competitor loses market shares

might that happen ?

Good idea, but...

What happens when spammers do a "fake" spam run to try to get a (non-spamming) competitor's website removed?

Not a way to create denial of service attacks.

The LINX [linx.net] Best Current Practice on Unsolicited Bulk E-mail ("the spam BCP [linx.net]") is carefully written so as to avoid being a way to create denial of service attacks.

LINX does not adjudicate complaints; our ISPs members do. You can complain to an ISP for tolerating spamvertised web sites just like you can complain to them for tolerating someone sending spam. If they follow Best Practice they will cut off the web site if, only if, and not before they satisfy themselves that the spam was sent by or with the consent of the web site owner.

Of course, it is possible that they could get it wrong; miscarriages of justice do occur in every area of life. This is not a reason not to have any rules at all. It is up to the ISP to take care when considering a complaint so as not to cut their customers off without good reason. Naturally, some will consider this an unnecessary delay - and even evidence that the ISP is not serious about cancelling the account. Well, it's not possible to please everybody all the time; you've just got to craft the best policy you can and run with it.

Malcolm Hutty
LINX Regulation Officer.

Why not do it yourself?

I have mentioned this before at Slashdot and I'm always ridiculed for it. However, I greatly reduced my spam intake from well over 2,000 spams a day to well under 100 by simply blocking any email that contains a link to a server that I've put in my "that is a spam-advertised IP address" file. It isn't difficult to do. In fact, I make what I've written freely available on my website.

Every time I mention this, someone says, "Oh my God! You're going to block some good little Mom&Pop store because they share a server with a spammer!" If that is what you are thinking, you didn't read my previous paragraph. I block any email WITH A LINK TO A SERVER that is in my block list. I DO NOT block any email originating from a server in the block list.

As this article explains, the incentive is to remove the profit margin from spam. I think my method works better than kicking them off the server if my method was used by a majority of the Internet users. The reason is that my method hopes the spammers keep the same IP addresses. If you kick them off the server, they change IP addresses and I have to block the new one.

SCO spams IBM

I hate to give narcissistic folks ideas but Ild like to make a point about bad laws.

Suppose SCO decides to hire 3rd parties to conduct a massive spamming campain FOR IBM web sites.

will spyware/malware sites be next?

This is at least a good start, but what about the spyware / malware sites? Will those be next? Or will there be a hosts file blacklist generated to block them out from company domains?

good intentions

They don't really specify what will be considered spamvertised web sites in the article, but consider the possibility of hiring a spammer to shutdown a website for you by advertising their site through spam :)

Also, how can they determine the difference between warranted and unwarranted emails so easily? Just because people didn't uncheck the "Send me offers.." box doesn't mean they didn't accept it. Turning off access to a website is a pretty big deal..

Quick!

Quick! Everyone send spams promoting microsoft products!

Why don't ISP's install effective mail filters ?

Maybe I'm too stupid, but I do not understand why all this crap is going unfiltered through mailservers as long as the recipient exists. Most of the spam/virus crap can be filtered out by well known and effective mechanisms like Reverse lookup, Open Relay Databases, Spamassasin, Virus filters ...

My mailserver gets rid of hundreds of them per day. I'm not a professional IT-Admin, I'm just running my own server for business and private usage and host some friends. Some of this things make it through from time to time, but the ratio is less than 1:1000. Look also on public mailing lists where the spam rate is impressingly low.

Things which are not available are not annoying and cannot do any damage.

Sure ISP's might argue that this costs to much, is violating freedom of information or whatever.

Costs: I'm sure that most users would be willing to pay a +$1 fee, if the spam/virus mail plague is removed or at least significantly reduced.
Freedom of Information: Default setting should be spam/virus filter on. If somebody want's to get it, he must enable that feature by clicking the "I want to be spammed and infected button. I confirm that I'm responsible for the resulting damage myself. I acknowledge that I'm aware of the fact that this makes me a part of the spam/virus problem and therefor I will be prosecuted in case of damage of uninvolved parties."

Mailservers are the optimal place to fight this plague IMHO. I'm positive that most of the big email virus attacks could have been defeated this way before they even reached the critical distribution count.

Screw the spammers. Go after the market...

The Spammers will keep on doing this as long as there's a buck to be made. They'll stop when you dry up the well.

Their market is all the 'drug'stores and wet-dream merchants who want to use this technology to shill their crap.

Fine them BIG time, leaving the co