Forgot your password?
typodupeerror
Spam

Dutch Fine Spammers, AOL Reports Drop in Spam 277

Posted by michael
from the finger-in-the-dike dept.
teun writes "This morning the Dutch Telecom Authority, responsible for enforcing the anti-spam law in the Netherlands, announced their first two fines for Dutch spammers: 25,000 and 42,500 euros. These fines are based on the anti-spam law that became effective in May this year. Spamvrij.nl is very pleased with these results." gollum123 writes "According to AOL, its subscribers are getting less spam this year. There has been a reduction in both the number of daily email messages to AOL (from 2.1 to 1.6 billion) and in the number of customer complaints about spam." And finally, Saeed al-Sahaf writes "We hear so much about China being the source of spam. But a new study shows China and South Korea as distant second to the United States as the source of spam. Sophos, a leading anti-virus maker has released some findings, which claim that the good old US accounts for almost 42% of spam mails sent out this year, and they chalk it up to lack of security on most desktop computers."
This discussion has been archived. No new comments can be posted.

Dutch Fine Spammers, AOL Reports Drop in Spam

Comments Filter:
  • Less subscribers? (Score:4, Insightful)

    by AtariAmarok (451306) on Tuesday December 28, 2004 @02:57PM (#11201789)
    ""According to AOL, its subscribers are getting less spam this year. "

    Less subscribers = less spam! AOL has found a way to reduce it, for sure: reduce the number of customers through overpricing and degradation of services. This results in fewer inboxes: Viola! Less Spam!

    • It's funny, but it's also true. I'd imagine you're more likely to get spam on the AOL domain than on some piddling little domain, just by virture of the bots looking out for you.
    • Re:Less subscribers? (Score:4, Informative)

      by learn fast (824724) on Tuesday December 28, 2004 @03:08PM (#11201902)
      Viola?

      I think you mean Voila!, a French interjection. A viola is a stringed instrument slightly larger than a violin.

      Though Viola! Less Spam! does have a certain ring to it.
      • Maybe it was just a typo, the i and o keys are pretty close together on most keyboards.
      • I think some dutch expression would be more appropriate, but unfortunately my knowledge of the language doesn't span that much... :P
      • I always type, and especially SAY "viola" because it sounds funnier.

        Using the wrong word also enhances the realization that the transformation implied is a false one...

        "Bill Gates makes Windows security Microsoft's number one priority and VIOLA! no more need for anti-virus and anti-spyware software."
        • I always type, and especially SAY "viola" because it sounds funnier. Using the wrong word also enhances the realization that the transformation implied is a false one...

          Most people don't notice, those that do just think you're illiterate. You might think that people are laughing with you when you put underpants on your head at a party, but actually they're laughing at you.

          • Most people don't notice, those that do just think you're illiterate. You might think that people are laughing with you when you put underpants on your head at a party, but actually they're laughing at you.

            Quite the contrary. I make sure to explain a fair number of my little jokes to those around me. Once properly conditioned, my associates think that every dumb thing I say is intentional. They think I am a comedic genius rather than an illeterate moron.

            I've never been able to get a laugh with that un
            • my associates think that every dumb thing I say is intentional. They think I am a comedic genius rather than an illeterate moron.

              What a card.

    • Wrong. (Score:4, Interesting)

      by Skynet (37427) on Tuesday December 28, 2004 @03:14PM (#11201954) Homepage
      AOL keeps accounts around long after you leave the service, in the hopes you will one day come back and reactivate. I had an email address there I deleted years ago, only to reactivate it and find I had mail waiting (mostly spam!).
    • I thought it was because they blacklisted 90%+ of the internet.

      I remember when AOL first stopped rejecting e-mails from my server. I jumped through a bunch of hoops contacting them and trying to get off the blacklist, but in the end they said I would have to contact my ISP because they have me listed as consumer IP. Great. Fortunately, I nor my family really e-mail anyone on AOL any more, so it isn't a problem. I've made my family and the one other user that use my server aware of why they can't e-mail AOL
  • This is definately good news. Thanks OPTA, finally a useful thing out of you. Now let's hope they get Patrick de Bruin as well.

    Internetayatollah's forever :)
  • by lpangelrob2 (721920) on Tuesday December 28, 2004 @03:01PM (#11201823) Journal
    from the finger-in-the-dike dept.

    Surely you jest.

  • This is good. But... (Score:5, Interesting)

    by pummer (637413) <spam.pumm@org> on Tuesday December 28, 2004 @03:02PM (#11201835) Homepage Journal
    Are spam crimes really being enforced correctly? Some [theregister.co.uk] would say no. Shouldn't government be focused on combating spam itself by catching each and every spammer, rather than making an example out of a few? It's the same as the RIAA and music; no one worries about getting caught because the odds are so low.

    Until we have a centrally-implemented system that tracks every spammer by IP and reports them to ISPs, we won't be making any real progress.
    • And we're going to pay for that how? And what multinational corporation/government/multigovernment alliance is going to enforce it? A better solution would be to rework the Internet so that it's more costly/difficult to send anonymous, bulk email. A technological soluction, not a governmental/corporate one.
    • Until we have a centrally-implemented system that tracks every spammer by IP and reports them to ISPs, we won't be making any real progress.

      Do you believe tracking every spammer wouldn't imply tracking just about everybody and everything?

      Thanks, I preffer to read my daily spam instead turning the web into '84. It's impossible to catch every spammer, but dragging some of them into court at least lowers the motivation of sending spam in general. If those numbers from AOL are right, then I think it's reasona

    • Yes, but from what I remember these spammers were not so much charged with spam as they were charged with fraud. Frauding hundreds of people out of millions of dollar is going to get you a long time in the pokey.
    • by RealAlaskan (576404) on Tuesday December 28, 2004 @03:33PM (#11202116) Homepage Journal
      Are spam crimes really being enforced correctly?

      Would it matter if they were?

      The real problem is the companies which are willing to pay spammers to spam. When advertising your product via spam is illegal, spam will be a thing of the past. Yes, there would be joe-jobs, but our legal system is quite capable of dealing with that sort of thing. They manage to deal with that problem for all of our other criminal laws, to give you an example.

      Outlawing advertising via spam would mean that the company which wants your money, and has to be accessible to take orders, would face fines and jail time for officers if they spammed. Soon, only the outright frauds would be willing to take that kind of risk, and even the idiots would eventually stop sending money to spammers who never actually sent penis enlargement pills.

      • It's already possible to sue a company for spamming, but you have to prove that it really came from the company itself (which is usually close to impossible).

        If you lift this necessity someone could send spam in the name of a competitor in order to put it out of business. I don't think anybody would really want that to happen.

        • In most countries the legal system does not work that way.
          • Actually it works like this in most countries on the globe. It wouldn't make sense to assume that a company is guilty of sending spam if somebody recieved something advertising their services because you can't really prove that the guy having a rooted box somewhere in Europe, using a bunch of Back Orifice infected boxes in Korea (I didn't belive that it was still alive before I ran some random portscans myself) really sent the spam from those Korean zombies on behalf of given company. Assuming that the targ
      • "Yes, there would be joe-jobs, but our legal system is quite capable of dealing with that sort of thing."

        One of the items that the Dutch spammer who received the biggest fine was fined for, was a joe-job.

    • No offense, but you've got to be kidding.

      You do realize that a large percentage of spam comes from compromised systems, whether it be someones personal home computer hooked up to their DSL/Cable connection or a formmail CGI script sitting on a web site somewhere, right?

      A centrally-implemented system that tracks every spammer by IP would do nothing but track everyone BUT the spammer.

      As an example, my formmail honeypot gets hundreds of attempted attacks every week. If it was actually sending the spam, a c
      • but I really don't want any government organization that involved in anything related to the net

        You are going to be worried. The net has outgrown its infancy and it is being monitored and policed by the government just like the real world.
        (of course much of that is caused by abuse of the freedom)

  • Sounds good... (Score:3, Insightful)

    by Sheetrock (152993) on Tuesday December 28, 2004 @03:04PM (#11201852) Homepage Journal
    Does anybody know what 25,000 and 42,500 euros works out to in real cash? They can face millions of dollars and jail time here in the U.S., and I seem to recall a fax spammer getting a $5 million fine not too far back.

    As long as they can rake in more cash than they pay out, fines are useless.

    • Multiply by 1.36 to get USD.

      While SPAM is really anoying there seems to be lack of proportion between the fines or penalties compared to other crimes. SecurityFocus has a column on that:

      http://www.securityfocus.com/columnists/287

      • Yeah, but it's a rather unbalanced opinion piece. Sure, the guy's got a point that spammers are committing nothing more than an annoyance, but it's not necessarily the act of spamming that's being prosecuted for up to $1 billion total spread among four separate entities, it's the fraud and other associated charges that were part of the spamming scheme. These guys ain't saintly, that's for certain. They defraud credit card companies, ISPs, and their own customers to make a buck. To me, that's punishable
    • Does anybody know what 25,000 and 42,500 euros works out to in real cash?

      I think that the Europeans feel that their salary is real enough, even if it's paid in Euro.....

    • At the rate the Dollar is falling, it will soon be about $100,000 and $200,000 respectively. Once the Dollar has fallen another 50% or so, those oursourced jobs to India will come back...
    • Does anybody know what 25,000 and 42,500 euros works out to in real cash?

      It works out to 25,000 and 42,500 euros. The euro is a real currency, unlike the funny-money US dollar.
    • And by "real cash" you mean... American Dollar? Euros are 'cash' just as the US greeback is 'cash'. But I am in a bored/good mood, so here you go.

      According to CNN Money and Yahoo Finance:

      25,000 Euro == 34,054.75 USD
      42,500 Euro == 57,893.07 USD
    • These were small companies, not mega-corporations that can pay a 5-million dollar fine and continue.
      Also, this is a fine, not a tax. They will of course have a big problem when they continue and get caught again.
    • As long as they can rake in more cash than they pay out, fines are useless.

      I'm sure this is a problem, but it may also depend on the case and the specifics of how it was prosecuted. There doesn't seem to be enough information here to be sure.

      Many countries' legal systems are designed so that money made from illegal activities is... well... illegal. The spammers might have been required to pay back any money that was made from spamming in addition to the fines, or it might have been included in

  • LOL LMAO ROTFL.

    If it weren't for Spamassassin I'd give up on email.

  • I bet non-US sources are probably still the biggest source if you count operations that are knowingly in the business of sending spam, and the majority of the US sources are from zombie armies of owned home computers.
    • My personal suspicion is that the people spending the money have *always* been distributed between the US and the rest of the world in roughly the same way. It's just a game of what's the best way to get your spam in people's mailboxes. It started out that the best way was open STMP relays, then it changed the chinese rackspace, now it's a constantly shifting collection of zombie machines because the chinese rackspace is too blackholable and the open relays have been closed.

      It's just hard to track things
  • OBVIOUS. (Score:5, Informative)

    by sethadam1 (530629) * <.adam. .at. .firsttube.com.> on Tuesday December 28, 2004 @03:14PM (#11201950) Homepage
    AOL reports a drop in spam because they falsely classify REAL messages as spam! Most network admins I know have had to deal with AOL at one time or another. They are pretty strict for a large ISP: they require valid rDNS records, last I checked, for one, and many times have my parents (stubborn AOL'ers) found legitimate mail in their spam folder).

    In my company, one blocked false positive is considered a mortal sin. Report less spam doesn't mean you are great at blocking it, it might mean you're just too damn aggressive at fighting it.
    • Re:OBVIOUS. (Score:5, Insightful)

      by fimbulvetr (598306) on Tuesday December 28, 2004 @03:38PM (#11202159)
      Personally, I don't see any harm in AOL forcing you to adhere to standards.
      In fact, I love it. Most internet problems stem from people not adhereing to standards, such as using ip adresses as MX records, not using a fqdn on an ehlo, or not listening to (550|450).

      Despite AOL sucking donkey balls, they have contributed to making the internet a better place in some ways.
      • I can't disagree completely, but in fairness, their userbase doesn't know they are pushing this, and most ISPs (including Hotmail, Yahoo, Gmail, etc) don't have such strict requirements. That doesn't make it wrong, it just makes me wonder if it's worth some consortium suggesting that the standards are implemented by, say, 2006-01-01. Then, every makes it well known that on that day, you're officially in the dark if you don't have valid records.

        In other words, starting on an agreed day, if I dig -x the or
        • Re:OBVIOUS. (Score:3, Interesting)

          by silas_moeckel (234313)
          Funny AOL did this a long time ago. If you dont have a valid PTR record in DNS they wont take mail from you they did that a long tim ago. RFC does not say you need it but it says you should. All people are free to choose what they are willing to accept. I hate AOL personaly and profetionaly (wait till you get somebody forwarding mail to an AOL account and marking it as SPAM AOL blacklists the last server in line)
    • adding false-positives to their spam box would increase spam, not decrease it. And no, I don't think they check and say "oh, we were wrong 36.54% of the time, so we must have 36.54% less incoming spam!"

      What is wrong with requiring valid anythings and adhereing to standards? We flame Microsoft for NOT following standards, then flame AOL for following them to precisely? Where is the logic?
      • I read "spam" as mail still getting to the inbox, in other words, slipping through the filters that direct mail to their "spam" box.
  • Zombies (Score:5, Insightful)

    by confusion (14388) on Tuesday December 28, 2004 @03:24PM (#11202033) Homepage
    If you match up the extremely determined spammers, millions of really incompentent cable modem/dsl users and the roughly 234987234745 ways to get malware onto a computer, it is no wonder that the US is #1.

    What's more surpsing is that ISP's have not done more to stop being the source of spam (ala blocking port 25 outbound).

    Jerry
    http://www.syslog.org/ [syslog.org]

    • Re:Zombies (Score:2, Insightful)

      by stratjakt (596332)
      What's more surpsing is that ISP's have not done more to stop being the source of spam (ala blocking port 25 outbound).

      No, it's not surprising at all. If my ISP started blocking destination ports arbitrarily I'd drop them in a heartbeat.

    • Why would an ISP bother to do this? Can you think of no legitimate uses of sending email via another mail server other than the local one?

      Suppose I have an account at a university that allows me to send mail from my mail client on my desktop through their mail server after I authenticate (ie: username/pass, certificate, etc). They don't particularly care about encrypting the connection, so their mail server listens on port 25 for relays of authorized email. If your ISP (since you're living off campus, or .
    • A complete port 25 block is a pain. Whenever I use dialup (Sympatico), I'm forced to VPN somewhere or find a SMTP on an alternate port. What I would like to see is the ability to maintain a list of SMTP servers I want to use, allowing those past the ISP's firewall.

      I doubt it will happen though... I've been receiving Sober from 213.202.49.152 for almost a week now. Whois lists the ISP as quicknet.ch, and they have yet to do anything to stop it.
  • by Mr. Cancelled (572486) on Tuesday December 28, 2004 @03:34PM (#11202128)
    I find this quote particularly interesting:

    "...which claim that the good old US accounts for almost 42% of spam mails sent out this year, and they chalk it up to lack of security on most desktop computers."

    So is this saying that there's a larger percentage of users in the USA than elsewhere, thus we are responsible for more unprotected PC's, just based on having more users?

    Or is it saying that American users tend to be ignorant on security, and PC-education, as opposed to the rest of the world?
  • First, good going, if it's true.

    Any reduction in spam is good.

    Second, if you want to cut delivery of spam down by 90% to 98% get all ISP's to implement greylisting and spamassassin and block port 25 (but provide an easy way for users to request port 25 be opened if they want to run an email server).

    Third, track down the dolts that buy from spam messages and permenately take them off the Internet. If the spammers can not make money from these dolts they will have to go get a real job. (to track the d
  • by fdiskne1 (219834) on Tuesday December 28, 2004 @04:01PM (#11202416)
    My boss asked me to put together a graph of the amount of spam we've blocked over the past 18 months. I've seen a pretty steady (other than the occasional trough or spike) increase in spam the whole time. The number increases week by week and I don't see an end in site, unless you consider the point when my mail gateway gets overwhelmed by the amount. For 1200 email users, we're sitting at just over 150,000 blocked spams per week.
  • I block mail from most of China and South Korea, the mail blocked by these rules accounts for about 80-90% of all spam blocked by the server.

    Before I started blocking I saved all spam, and looking into the headers I have found that while the mail was received from a host in China or South Korea, the true origin was a host in US, typically an IP in the range 24.0.0.0/8 which is reserved for cable users.

    • The origin of the spam message as in which computer send it is somewhat trivial in the fight against spam.
      I find it far more interesting that virtually all spam is about doing some sort of transaction with a US based shop.

      Stopping spam would be easier if (local) authorities would go after the guys making the money selling bogus viagra and watches.
      This is what happened in the Dutch example.

      In other words, instead of tracking and prosecuting the one whose computer send the message we should be going after

The biggest mistake you can make is to believe that you are working for someone else.

Working...