Can-Spam Increased Spam

andy1307 writes "According to New York Times, spam has actually gone up [Free registration required. You gave real info, right?] since the CAN-SPAM act went into effect. There is a graphic in the article that illustrates this increase. Before the CAN-SPAM act was passed, spam was about 60% of all e-mail traffic. Now it's 80%. In a we-told-you-so quote, Steve Linford, the founder of the Spamhaus Project, says CAN-SPAM legalized spam by giving bulk advertisers permission to send junk e-mail as long as they followed certain rules. Slashdot covered this story last year. For companies that offer offshore "bulk advertising" servers, business is booming. A survey from Stanford University estimates the global cost of spam in terms of lost productivity to be at 50 billion $ and 17 billion $ in the US alone. CAN-SPAM does give prosecutors some leverage to go after the merchants - but it must be proved that they knew, or should have known, that their wares were being fed into the illegal spam chain. " The BBC has a related story talking about rates of spam, viruses, and scam mail.

Duh...

[GenP]

Seriously, who didn't see this coming? Who loves clueless legislators? Spammers do!

what's to attribute specifically to CAN-SPAM?

[jxyama]

could the increase be due to natural causes? that people are spamming more, regardless of CAN-SPAM?

what's the fraction of spam that's sent which is CAN-SPAM compliant? how has that increased? (no i didn't RTFA since i haven't registered. does the article answer this?)

Rules

[vertinox]

CAN-SPAM legalized spam by giving bulk advertisers permission to send junk e-mail as long as they followed certain rules

So um... If they are following a standard set of rules, then logic seems to tell me that someone isn't apply their server side rules to full effect. No?

Some solutions to spam

[mgv]

I've had this thought for a while, about what can be done about spam, and I have a couple of ideas for the /. community.

1) Legislate so that merhandise sold using spam cannot legally demand payment (eg via visa/mastercard). Puts alot of pain onto these companies, but also would make it quite unattractive to sell stuff this way if you knew that the money you got could be reclaimed if it was demonstrated that you used spam as an advertising medium

2) Employ teams of people to respond to SPAM (at a government level). SPAM works because they get a low return rate, but the people who do respond actually buy stuff. Thats what keeps it all going. If we made it so that a decent percentage of the replies were time wasters, the average company would suddenly have to employ lots of resources to deal with false responses. In effect, it would spam them. Suddenly its no longer as cheap to advertise this way.

Just a couple of thoughts, but I'd love to see what the /. community thinks of these, or if anyone else has any ideas on what to do about spam. (And I don't mean better filters by this).

Michael

Saw this on Usenet

[DSP_Geek]

I've been wondering this for a while, and the recent article on Slate - http://slate.msn.com/id/2101297 on the economic logic of executing worm writers - compels me to put pen to electron with the following Modest Proposal:

Allow me to set forth a number of propositions:
1) Spam is now 60% or more of all email in the world, and increasing monthly.
2) The lost productivity costs to industry of dealing with spam is estimated to be from $10 billion to $20 billion yearly.
3) There are about 100 to 200 spammers behind 90% of the world's spam.
4) Thus each spammer can be estimated to cost industry globally around $100 million dollars.
5) The EPA and DOT value a human life at between $3 million and $7 million dollars.
6) Many people in the United States are underinsured medically. Some of them need expensive medical care they cannot afford, and therefore die as a result. Call the affordability threshold $100,000 to $1,000,000. If major ISPs and corporations could be ironbound to honour their word, admittedly no small task, then one could posit a regime where:
a) The leading 1000 connectivity consumers place half their antispam spending in escrow
b) Guido the Fish and Two Finger Tony get hired to smoke the top 100 spam offenders, reducing the need for antispam spending worldwide, and freeing the cash for:
c) The escrowed funds then get used to save a large number of lives who would otherwise be lost due to pricy medical care.

At this point, one must ask: What is a spammer's life worth? The economics of the situation means more people get saved than spammers blown away, therefore the sum total is that a greater good is served by the above scheme as more people survive with a higher quality of life than the status quo ante.

Re:IPTables really helps.

[Anonymous Coward]

just block the $ sign, stops 99.99% of spam in my inbox and as we (thebuisness) don't deal with that currency it has yet to make a false positive
of course if you use that sign in your currency then its no good for you

Global Cost of Spam

[Standmic]

A survey from Stanford University estimates the global cost of spam in terms of lost productivity to be at 50 billion dollars.

How can this be? Spam is a pain in the ass when I have spend 1 minute a month checking/deleting the contents of my spam inbox, but I don't see how it costs that much money. Yes, I know time is money and even 1 minute of my time is probably worth something, but I just can't see it adding up to 50 billion. I can see companies purchasing spam blocking software, but again, not 50 billion worth. Could someone please explain where they get this figure from?

[tt]:Duh...

[tomhudson]

Who loves clueless legislators? Spammers do!

Of course. Who do you think is stupid enough to keep clicking on all those "3NL4RG3 Y0U4 P3N1S" ads? Can only BE a congresscritter.

These are the same people who put exemptions in the law to allow them to send unsolicited bulk email to you.

Me, I'm saving ALL my spam for the next election. (I also keep it so I can train my filters, but that's another story).

Any politician who wants my vote can have it easily:

1. Offer to bring back the public stocks in the village square, and lock any spammer in it.
2. Make him live on a diet of printed-out spam for a week - let him EAT his own words.
3. Make him pick up 1 piece of roadside litter for every piece of cyber-litter he's sent.
4. And revoke the driver's permit for anyone stupid enough to answer spam - if you're dumb enough to believe someone wants to give you $19 Million, you're obviously incompetent.

FTFA:

the global cost of spam in terms of lost productivity to be at 50 billion $ and 17 billion $ in the US alone.

The cost of lost productivity due to:

• Spam: $17 billion
• Windows bugs, etc: $50 bazillion
• Surfing slashdot: Priceless

Disclaimer: No spammers were harmed during the making of this post - DAMN!

Re:IPTables really helps.

[gammygator]

It also does wonders for opening your company up to discrimination lawsuits.

My company tried blocking China and Korea and we were almost immediately threatened with lawsuits (from our internal users) because we were discriminating against an entire country.

I hate to admit it, but the users probably were correct in their complaints.

Quite honestly, I hope they choke on all that spam. :-)

Re:IPTables really helps.

[urlgrey]

For smaller companies and individuals, blocking traffic from these netblocks is a tremendous help. I do it myself, in fact. Unfortunately, for those people and companies who do legimate business with Asia, this isn't really a viable solution.

And the quest continues.

Law of Unintended Consequences

[lildogie]

CAN SPAM is a good illustration about how hard it is to write a law to solve a technology problem.

Just keep that in mind when worrying about DMCA, etc.

Imagine a world where tools like PGP become more and more successful because the corporate/government oppressors are trying to get more control.

Technologists just want to be free.

Re:Some solutions to spam

[shic]

Further to your second point, this ties in nicely with an idea I had about unsolicited telephone calls. The bogus calls are very easy to recognise because the caller has no interest in exactly whom they are talking to... I usually wait for a pause, say "I'm not interested" and hang up - but this is a very dull approach.

I want to hand the call off to an automated time-waster - then set up league tables to show how long a call the automated system could provide. Heck - it could even become a competitive sport! A sophisticated system may 'listen' for keywords and then use them in its responses... but I think there would be great mileage in just asking the caller to repeat what they just said because "the line is bad and I'm a bit deaf..." by feigning memory problems or introducing bizarre non-sequiturs. I know it would be a lot of work - but I think the comedy value of the pay-back would make it all worth-while.

I said it once....

[netruner]

...and I'll say it again:

Spam isn't necessarily bad. It does have a use. If over-aggressive surveilance is something you fear, the camoflage that spam offers should be a comfort.

Think of all the spam you receive at work that slips past the filters- do you really think that corporate security has the time to manually filter everything else for the inappropriate emails your girlfriend keeps sending?

I'll leave it as an exercise for the reader to think about the implications that stegonography presents.

As Paul Vixie once said:

[Nethead]

This was on the NANOG list some time ago:

The internet has no government, no constitution, no laws, no
rights, no police, no courts. Don't talk about fairness or
innocence, and don't talk about what should be done. Instead,
talk about what is being done and what will be done by the
amorphous unreachable undefinable blob called "the internet
user base." -Paul Vixie

Re:Cause and Effect

[flyingsquid]

Just because spam has increased in the period since can-spam was passed doesn't mean that can-spam's responsible for it.

Any more than an increase in global temperature following the Can-Spam Act must mean that the law is causing global warming. Looking at the graph, spam rapidly increases after Can-Spam goes into effect, but it was rapidly increasing anyway. You can't pick out any effect of the law one way or the other.

A simple, straightforward, impractical solution.

[Captain DaFt]

Ban all commercial E-mail to consumers, period! Make it totally, completely illegal.
Imagine that, the only e-mail in your inbox would be from your boss, your friends and relatives.

Customers or potential customers could still E-mail businesses, but businesses would be restricted to snail-mail and telephone to contact customers, just like they did until the mid-eighties or so.
(Of course internal e-mail, between offices, branches, subsidiaries, and employees would still be permitted.)

But of course, no one wants to wait for a letter, or hang by the phone waiting to hear about the latest Hello Kitty (TM) waffle iron brush that they just have to have 'RIGHT NOW!'
And certainly too many companies out there can't wait two to three business days to get their hands on the customer's cash to permit such a ban, so... spam it is.

Re:And the spammers seemed like such nice people

[Breakfast Pants]

Who would have thought articles could have bias? An anti-spam law was passed. Spam numbers went up. These two statements don't just magically turn into "Spam numbers went up because of the anti-spam law that was passed." The article gives a little justification with the theory that spam was somewhat legitimized by this act but doesn't look into things like bandwidth being cheaper, the number of zombie boxes constantly rising, etc. etc. etc.