UK ISPs to Shut Down Spamvertised Websites 299
JebuZ writes "The Register is currently reporting that UK ISPs are targeting ecommerce websites run by spammers in a new 'get tough' policy on junk mail. ISPs belonging to the London Internet Exchange (LINX) have voted through a code of practice which gives them the mandate to shut down websites promoted through spam, even if junk mail messages are sent through a third-party or over a different network. The move is intended to remove the financial incentive to send spam." There's also a BBC story.
Re:How long... (Score:5, Informative)
They have been doing that for years. It's called a joe job [everything2.com], after the first victim of such a scam. These are generally quite easy to detect, though, so they do not generally lead to the victim's website being shut off. The main damage is in the annoyance and the bounces and responses received by the victim, which constitute something akin to a DDoS attack.
In any case, the existence of joe jobs is no reason to penalize actual spammers and stop them from profiting from their spam runs. The only way to do that is shutting off their websites.
Code of practice not law... (Score:5, Informative)
Then if the chaps framing you are in the UK there's legal action you might take against them.
This is a good thing. It's not a draconian law, it's a business consortium agreeing that they they to focus on an issue and deciding common policy on how to address it.
Code of practice, not law.
Re:And this is interesting how? (Score:1, Informative)
Oh, and
"I don't even have a little dog Toto..."
Re:How long... (Score:4, Informative)
Not quite. Assume sites X and Y, spammer S that is hired by X (or may be X), user J, and another spammer, T. J is not connected with X, Y, S, or T. A joe job is when S sends mail advertising X, setting the from address to J.
What the original poster is talking about is the case where Y hires T to send spam advertising X. If T sets the return address to J, then that will also be a joe job, but that is not relevant here.
Not a way to create denial of service attacks. (Score:4, Informative)
The LINX [linx.net] Best Current Practice on Unsolicited Bulk E-mail ("the spam BCP [linx.net]") is carefully written so as to avoid being a way to create denial of service attacks.
LINX does not adjudicate complaints; our ISPs members do. You can complain to an ISP for tolerating spamvertised web sites just like you can complain to them for tolerating someone sending spam. If they follow Best Practice they will cut off the web site if, only if, and not before they satisfy themselves that the spam was sent by or with the consent of the web site owner.
Of course, it is possible that they could get it wrong; miscarriages of justice do occur in every area of life. This is not a reason not to have any rules at all. It is up to the ISP to take care when considering a complaint so as not to cut their customers off without good reason. Naturally, some will consider this an unnecessary delay - and even evidence that the ISP is not serious about cancelling the account. Well, it's not possible to please everybody all the time; you've just got to craft the best policy you can and run with it.
Malcolm Hutty
LINX Regulation Officer.
Re:And this is interesting how? (Score:3, Informative)
No, they don't. Most, like SpamCop [spamcop.net] list the origin of the spam. Not the spamvertized website, but the IP address of the sending mail server. The place where the spam is actually coming from, whether or not it's a joe-job.
One of the few blacklists that lists web addresses (well, their respective IP addys) is SPEWS [spews.org], which generally lists only after persistent spamming has been ignored by the hosting ISP. That's hardly "shoot first, ask questions later."
Stopping (Score:3, Informative)
Spammers will stop spamming when it stops being profitable. If every time they spam, they get sued and have to pay money to attorneys and plaintiffs, they will stop -- BECAUSE it destroys their business model.
Re:An alternative idea (Score:4, Informative)
No, most spammers profit by re-selling their spamming services. Spam is a remarkably low-hit, low-margin, and very unreliable advertising vehicle.
Where the real spammers make their money is in creating the *illusion* that you, too, can make your fortune by paying them to send out 1,000,000 emails. In a way, spammers are like the online equivalent of those huckster-like classified ads in the backs of tabloid papers. They aren't selling any product themselves... they are selling an advertising service to normal people operating under the pretenses that there is money to be made.
In fairness, I'm sure there are citable examples of spammers who made money selling product. I'm just willing to bet that those are the exception, not the rule.
Re:This is the way it should go (Score:2, Informative)
According to recent news articles [bbc.co.uk], Pfizer are playing an active role in trying to close down as many of these spammers as possible.
I suppose you might be one of the "25% of men [who] believed that Pfizer was responsible for sending the Viagra-themed spam."
Re:Help me keep a new spammer from being created! (Score:2, Informative)
Any suggestions on what I can do to put an early end to my friend's career as a spammer? I love the guy like a brother and don't want to see him rendered unemployable and hated by his family and friends, but I also don't want him to lose his job.
Do you know what ISP the company uses? Here's one idea: Call them up, say "I'm an anonymous friend of a friend of a friend
A really good place to ask this and get many other good (probably better) ideas is the SPAM-L mailing list:
http://www.claws-and-paws.com/spam-l/ [claws-and-paws.com]
Re:Help me keep a new spammer from being created! (Score:3, Informative)
It's not that difficult to fathom. Home mortgages, car rental agreements, car purchase agreements, EULAs, employee agreements... any of them could bury a legal jargon form of "opt-in". The majority of people don't read them and those who do usually don't have a positive option.
my retort being that if his boss wanted to pay him to star in gay porn, then would he still be expected to do so?
I understand exactly what you're saying but allow me to mediate. Gay porn is probably outside the job description. The legal rub is that, if his boss were conniving enough, there's really nothing that you can do to prove that his boss is using his position in the company, and access to personal records, to manipulate your friend into gay porn. In reality it would be nearly impossible to push things that far but, legally speaking, your friend has little recourse should his boss decide to sit back and smugly think,"I'm going to tank your career because you wouldn't spam for me."
and a really stupid idea all around
You're right.