Spam and the Law Conference Report

Cowards Anonymous writes "The Guardian has a story about a spam and law conference, recently held by the Institute for Spam and Internet Public Policy, in San Francisco. The conferences are usually attended by anti-spammers, from the major ISPs, and spammers; and are an attempt to bring the two sides together. The article's author notes 'It's oddly intimate, watching the spammers and the anti-spammers mill around each other like this. It feels like a temporary ceasefire in a vicious war that to most of us seems to be a stalemate.' Also in attendance was infamous spammer Scott Richter, or 'high volume email deployer' as he wished to be called on his recent Daily Show appearance. Surprisingly the anti-spammers didn't tear Richter to pieces with their bare hands."

Where's the fuzz?

[k4_pacific]

If spammers have connections to virus writers and do all these malicious things, why weren't there cops waiting to arrest them when they showed up? Were they granted immunity to visit the conference or something?

Re:Scott Richter: A "Good" Spammer?

[BuckaBooBob]

Ok they need to be able to send spam... Make them pay for it... fire up a mail hub that spammers user to relay mail from... charge them for bandwidth and "remote" storage of their mail to be givin to ISP's that do not reject spam in general (Wanting it to stop because it takes up significant resources rather than for customer service reasons)... Right now its a Screw the ISP deal for sending Spam... ISP's loose out in the spam war from costs to "deal" with it.. Would he object to this rational? Probably because it may be enough of a burden to ruin profits... but it could slow the spam down... Its very common to see the same spam mail in the junk box 5-10 times a day... what need is there for this? None!

Sometimes...

[Bishop, Martin]

Sometimes I wonder just how much money these spammers really make from the spam. I've never even looked at a piece of spam in serious contemplation of buying whatever "product" they are selling

Re:What i do with spam

[Deraj DeZine]

You do realize that it's easy for spammers to forge the From address, right? So you might be spamming innocents.

Re:What i do with spam

[Desert Raven]

You know, you'd better hope that you never get one with any of my email addresses forged in it. Because if you forward *me* 100 copies of your spam, I'll be on the phone to your provider to have *your* account closed for being a spammer.

Re:What I do with spam

[azav]

As long as SOME reply-to addresses are bogus, it means that the method is useless.

Also, since these spammers are proceeding with illegal activities in the first place, why would we even THINK that they would obey the new opt out rules and not resort to "they replied so it's a valid address to spam"?

Re:MOD parent up insightful

[MaineCoon]

No, no they don't. They can forge the address easily, it doesn't require any access to anyones system, nor does it even require the forged address to exist. I have gotten spam from forged non-existant users on my system, and I, on rare occasions, also get bounces from spam sent with forged headers claiming my address, yet my mail server and home computers are quite secure, and have not been compromised.

What spammers should do

[Felinoid]

Byond the typical laundry list starting with "opt in," and ending it "don't sell illegal items" I'd like to suggest "clean house".

I've opted in to some spam and had to opt back out again.

Let me make myself perfictly clear. UCE* is what we are bitching about. With the huge volume of UCE the few items of SCE* are lost in the wake.
I have to set up filters for each type of S?E* and a few UPE*.

The fact of the matter is UCE is hurting SCE by flooding it out of existence.

Back in the start Spamford made a play at cleaning the situation up. By play at I mean he actually e-mail bombed anyone who complained and only PRETENDED to handle complaints.
(I should have sued his butt for that)

If your lagit add a code.. Ohh brain drain.. I forget how it works but I use such codes to help me partition e-mail lists I'm on into proper compartments.

I'd like to add a nifty additional suggestion....
As a form of tripple check,
Most Spam is sent in HTML with images downloaded over the web. That means when your target reads the e-mail his computer contacts you.

This is good advice even for the e-mail vetters, harvesters and violaters of the Can Spam act..
If your target dose not conact you in 24 hours (dosen't download the image by reading the e-mail) he isn't reading your message. Your being dumpped into a filter bin.
Just erase that e-mail from your list automagicly or slip into your filter system.
It may also be the person isn't reading e-mail as often as you send it and getting 20 e-mails from the same guy (for any reason) is just dam annoying and instantly earns you a place in the perment filters.

*Translations:
UCE: Unsolicited Commertal E-Mail. (V!agra)
UPE: Unsolicited Personal E-Mail. (I love your website, Wana swap links? I like your artwork. Baka Kitty? Couldn't you be more original or is that all the Japanise you know?)
SCE: Solicited Commertal E-Mail. (Yes please tell me when the new Yugi cards come out. Horray I won an eBay auction. Oh joy someone bought some more "Voodoo computer" pin dolls from me.. Time to ship)
SPE: Solicited Personal E-Mail. (It's your mother. Your computer is making noises. Are you experementing again?)
S?E: All solicted e-mail
U?E: All unsolicted e-mail.

Re:Scott Richter: A "Good" Spammer?

[Dimensio]

However, at least Scott Richter is willing to do something that most other spammers won't... admit that he does it and is willing to talk about it.

What are you talking about? Lots of spammers are willing to admit what they do, to an extent. They admit that they send unsolicited email advertising. They won't admit, however, that they break a number of laws when doing it, because they don't care that they're breaking the law. They won't admit that they deliberately circumvent spam filters so that people who don't want their garbage receive it anyway. They won't admit that they are harassing and trespassing on private property. They will use the most absurd and obvioius lies to "justify" their criminal acts. All of the above are true for Scott Richter.

Scott Richter deserves to die. So does every other email spammer out there. If I ever met Scott Richter, I would kill him with whatever means I had available. He deserves horrible, painful death. That is the ONLY way to stop spammers; they are sociopaths and there is no way to convince them to change their illegal business practices short of a crowbar to the skull or similar alternative.

Re:Scott Richter: A "Good" Spammer?

[tx_kanuck]

I don't like spammers anymore then you do, but are you sure you want to make a death threat? That just opens you up to a huge host of problems that you might not want to deal with. If I was Scott Richter, and I read this, then I would not take a death threat lightly. It wouldn't matter how many I got, I would still report it to the cops, just in case. If he died, how would you like the cops knocking on your door the next day?

Think carefully about what you post, this will stay around for a long time.

Re:Sometimes...

[LostCluster]

Spam now falls into two categories:

A: To sell something illegal/immoral. Any doctor who is writing any perscription for somebody who has never been to his office is on the wrong side of the ethical line, and in most cases steps over the legal one as well. Scammers love the lack of tracablity.

B: Lead generation. There's no actual product, but they collect the list of signups to send direct mail or phone marketers your way from more-legit companies. Of course, the more-legit companies don't want leads created this way, but they have no way of telling the difference from the ones they do want.

Good, bad, and ugly

[A nonymous Coward]

In some ways (SOME!) I actually see spam as something that could be useful ... in a weird way. See, I classify spam as good, bad, and ugly. Ugly is easy, it's the viruses and phishers. Bad is the stuff with forged headers, misleading subject lines (account canceled, your resume). These two deserve no sympathy whatsoever. They are fraudulent and ought to be dropped in the ocean and fed to the fish.

But the other spam, well, calling it good is pretty optimistic. I would say only that it is not as bad as the other stuff. When I see a spam whose subject is actually correct, even if for viagra or teenage nympho web sites, my blood pressure doesn't get quite as high as with the fraudulent stuff.

But I get 400-500 a day ... 80% is pure trash, with invalid users (I have my own domain), non-ascii in the subject. The rest I have to look at sooner or later just to see what should not have been classified as spam.

You know, if I only got 10 legit spams a day, real advertising for real products, it wouldn't be so bad. But these idiots send it to webmaster, postmaster, root, faxmaster, every sort of imagineable name, and that puts it in the bad category, it is fraudulent. No way has any admin account ever signed up for anything. And sending spam to the admin accounts is just plain deceitful, instantaneous self-indictment of their fraudulent intentions.

I wish spam actually were a useful, cheap advertising medium. I might actually see something once in a while that was useful. But hundreds a day, for pills or porn or loans, that is not useful.

Re:How to avoid spam.

[Dwedit]

That's a nasty thing to do, sending Bounce messages to random innocent people who happen to be in the forged From address. Getting lots of false bounced junk messages myself, I say you are part of the problem.

Yeah, I do...

[Anonymous Coward]

What's the future of spamming? There's enough effort now being expended that spamming won't continue. So where's the future? What's the sustainable model?

A lot of bad shit happens in this world. For some reason, it never makes the front page. Hell, it's unusual for it to make any page in the US papers.

What's the story on 9/11? Sounds like the US really fucked up. We knew about the threat in advance. Just didn't respond to it. You can read all about it in the UK papers, back long before the US papers picked up the story...

What about that drug raid at a high school a few months back. High school kids handcuffed and thrown on the ground with a gun to their head if they didn't "cooperate" fast enough? Over a hundred kids abused. Video footage available. No drugs found...

The list goes on and on. Ashcroft's porn views. The "lets confiscate all their property and drive them out of business" technique for suing companies. IRAQ. (Need I say more?) What about that guy who spoke against invading IRAQ, and was courtmatialled for it. Or the recent decision to allow arbitrary searches (withOUT cause) of gas tanks belonging to citizens, including removing them from the vehicle by underpaid, underskilled government employees. The Patriot Act? How the Patriot Act II was slipped through congress? Or the efforts currently underway to re-active the draft in 2005?

IN THE US, WE HAVE FREEDOM OF THE PRESS. But that only holds true when you own the press.

EVENTUALLY, INEVITABLY someone will discover spam as a means of publishing "alternative" viewpoints. Probably with google-style text ads. And they'll make a mint...

Re:Jesus Christ People.

[jfengel]

Spamming is very impolite. The objections aren't really about electricity, or even bandwidth and disk space (for which the costs do begin to mount up) or even the time it takes (which can be a serious imposition.)

The core objection is about impoliteness. Spammers are _very_ impolite on am immense scale. A little bit of impoliteness annoys you. A person pumping out a million pieces of impoliteness an hour...well, that adds up to genuine rage. Especially when it is clear that he knows he is annoying you and hopes you don't care, which is the case with the guy hoping that v1@gr@ will slip past your spam filter.

There's a limit to how loud one is allowed to speak. Beyond that, one is disturbing the peace. A violation of politeness becomes a crime. It's unfortunate when we have to regulate politeness, and it's unfortunate that you can't play your stereo as loud as you'd like, but that's how we live together.

"Courtesy is the lubricant of social interaction," Heinlein said. Spammers are sand in those gears, and that grit is annoying out of proportion to how much actual damage it does.

Is violence justified? No, but I do have to keep reminding myself of that.

Re:What i do with spam

[AndroidCat]

I hope you "bounce" the spam to someone who thinks exactly like you.

Re:The (c) BILL NEILL Solution to SPAM

[dargaud]

THis seems stupid to me. It's just like the current throwaway accounts. Get on a mailing list. You UNC key becomes visible. Spammers grab it and start spamming you with it. Back to point one. That doesn't solve anything at all.

Why this got modded up is beyond me...

[Xhad]

Everyone knows free speech is about being able to state opinions without government intrusion, not the ability to say whatever you want whenever and wherever you want. Outside of the classic "Shouting fire in a crowded theatre..." example, "commercial speech" is a concept that's been around for awhile. Look at legal cases surrounding the Do Not Call registry for more information.

Re:The (c) BILL NEILL Solution to SPAM

[It'sYerMam]

Where is the difference between this and the current method? (Apart from the obfscatory capital letters)

Were this to be implemented, you have to tell everyone who you want to e-mail you your key. You already tell people your e-mail address. If you want any old joe to e-mail you, you put up your key, and then you get spammed. Since you can already use an ISP e-mail adress where you decide what comes AFTER the "@," you can already do this, should you wish to.

So if you'd kindly explain the difference between this and the current solution...