Virginia Anti-Spam Law; FTC Forum on Spam 186
kiwimate writes "According to this press release, the state of Virginia has just passed a statute making 'the worst, most egregious and fraudulent kinds of spam' legally actionable. And yes, this includes header forging. The article reads like a big AOL PR piece in some places -- the VA governor led the signing at the AOL HQ in Dulles. The story also states this comes on the eve of the first-ever FTC forum on spam in Washington D.C." The FTC also made the insightful discovery that most spam is fraudulent in some fashion.
Going after header forgers? (Score:5, Interesting)
Re:Going after header forgers? (Score:2, Interesting)
Re:Going after header forgers? (Score:3, Informative)
Re:Going after header forgers? (Score:2)
Re:Going after header forgers? (Score:5, Insightful)
Re:Going after header forgers? (Score:2)
Yeah, it sucks because a business can send out fake or misleading ads, and then claim they didn't do it ("I swear, I don't know why someone would send out ads for me"), but if it were the other way around, any b
Re:Going after header forgers? (Score:2)
Re:Going after header forgers? (Score:2)
To get to the point, small websites, beginners... people trying to make money online, and utterly failing could also be responsible even now.
Re:Going after header forgers? (Score:4, Funny)
I don't know how you track them down personally but when you find out let me know and I can take care of the punishment part.
Re:Going after header forgers? (Score:2)
I don't know how you track them down personally but when you find out let me know and I can take care of the punishment part.
Spamcop [spamcop.net] can certainly help
At last, a fair use for slashdotting websites (Score:2, Interesting)
1. Write a small program that every user can run at home, on the seti model. Let's call it spammerSucker.
2. Identify an email as spam (this part is easy)
3. Find the website of the spammer (The email is generally full of http links)
4. Add the URL in the centralized DB of spammerSucker.
5. In minutes, millons of DSL/Cable users running spammerSucker are downloading every byte out of their server, initiat
Re:At last, a fair use for slashdotting websites (Score:2)
Re:At last, a fair use for slashdotting websites (Score:5, Insightful)
I've also gotten "newsletter spam" where there are dozens of websites with different owners, none of whom are related to the spammer, nor given permission to have their website advertised in such a manner. I got one for a bunch of casinos - none of whom were thrilled at the attention. Since my complaint was CC'd to all of them, they had a handy mailing list to band together and take the spammer to court for defamation of character in a class action suit...
Re:At last, a fair use for slashdotting websites (Score:2)
Re:At last, a fair use for slashdotting websites (Score:2)
Not really (Score:2)
If your browser can get to the URL, it obviously isn't hidden enough.
Yikes! (Score:2)
Re:At last, a fair use for slashdotting websites (Score:3, Informative)
5. In minutes, millons of DSL/Cable users running spammerSucker are downloading every byte out of their server, initiating millions of sockets per second.
Step 5 is probably easier than you would think. I worked briefly with a company that spammed intentially (don't flame until you read paragraph 2!). Their servers were located in Tunisa and China, and I've got more bandwidth than those servers did (I'm on DSL). I was told they had to move them off shore due to the anti-spam people. (You ARE making
Re:Going after header forgers? (Score:2)
Perhaps you don't. Perhaps you want for someone to run an open proxy honeypot and hope he catches the same spam and identifies the source ip.
Alternately, you could be the someone running the open proxy honeypot that someone else is waiting for. Maybe you are in Brazil running an open proxy honeypot and find out that a particular spammer is using Brazilian (and possibly other) open proxies to send out his spam. Looks
Sadlly of shore spam would not be stopped (Score:5, Insightful)
Re:Sadlly of shore spam would not be stopped (Score:1)
Most I've seen come from China!
Re:Sadlly of shore spam would not be stopped (Score:2, Flamebait)
About the same time I started blanket-blocking 12.0.0.0/8 and 24.0.0.0/8 as well as all the other netblocks belonging to residential broadband users.
You're the CEO of rr.com? attbi.com? cogentco? telus.net? pacbell.net? swbell.net? ameritech.net? Until you start blocking port 25 by default - only enabling it when someone calls your support line and says "Yeah, I wanna run an MTA", I don't want to hear anything from any of '
Re:Sadlly of shore spam would not be stopped (Score:2, Insightful)
I find the idea that the providers are supposed to be in a controlling role offensive. I am the customer, I am paying for the service, I should be resonably free to do what I want with the connection. The attitude you present will lead us down the road of everything being blocked or filtered except for what our provider approves for us.
I agree that something needs to be done about spam, and that the providers
Re:Sadlly of shore spam would not be stopped (Score:3)
That's why we pay for DSL.
Arbitrarily blocking the ports leads to bad things.
Wouldn't it be better to have ISPs scan for open relays, and port filter SMTP for IP addresses failing the test?
Sure, there will be wrinkles for the DHCP crowd (e.g., Cable Modems), but most of them forbid the running of servers in their User Agreements. Oh, it would be good if they enforced those consistently, too. Those old MediaOne agreements that ban "the running of servers
Re:Sadlly of shore spam would not be stopped (Score:2)
First, there are ISPs whose mail servers do NOT "do their job properly"
A perfect example of this is one reason I no longer use RoadRunner for my ISP
Sic Semper Tyrannis (Score:4, Funny)
Re:Sic Semper Tyrannis (Score:1)
Either it's all illegal or the law is wrong (Score:3, Insightful)
If the state representatives don't have the balls to outlaw all spam outright, perhaps the residents of Virginia could grow some balls and vote these jokers out of office.
Re:Either it's all illegal or the law is wrong (Score:1)
Re:Either it's all illegal or the law is wrong (Score:3, Interesting)
It's the bullshit that these scumbags pull that bothers me. Header forging is fraud. Making invalid claims is fraud. Sending spam and making it look like legitimate mail is fraud. Spammers should be prosecuted under existing anti-fraud laws.
(And by the way, at least the VA representatives have the balls to address the pro
Re:Either it's all illegal or the law is wrong (Score:5, Informative)
To qualify for the felony provisions the sender must:
consciously (with intent) alter either e-mail header or other routing information (a technical characteristics common to most unsolicited bulk mail, but not present in normal e-mail messages); and
attempt to send either 10,000 messages within a 24/hr period or 100,000 in a 30-day period OR the sender must generate $1,000 in revenue from a specific transmission, or $50,000 from total transmissions.
Its a clear definition. Alter the headers and send over 10,000 emails in day and its illegal.
Re:Either it's all illegal or the law is wrong (Score:1)
I can see it now: The companies that sell spam mailing software will offer upgrades that send 9,999 messages and then stop working for 24 hours.
Re:Either it's all illegal or the law is wrong (Score:3, Informative)
And even that only generated about $20 000 USD per month per porn site.
Re:Either it's all illegal or the law is wrong (Score:2)
And even that only generated about $20 000 USD per month per porn site.
Aha! But I thought Ralsky claimed he never sent porn spam?
*Gasp*! Are you trying to imply that.... spammers lie ? I'm shocked... shocked, I tell you!
Re:Either it's all illegal or the law is wrong (Score:2)
Ralsky was the single largest reason I quit working for 2KServices.
Re:Either it's all illegal or the law is wrong (Score:2)
Re:Either it's all illegal or the law is wrong (Score:2)
But, I agree to the extent that a lot of creative loopholes will be explored.
Re:Either it's all illegal or the law is wrong (Score:2)
I don't see it that way at all, this law will the major league spammers on serious notice, don't spam.think of it this way Spam-king gets busted.
Re:Either it's all illegal or the law is wrong (Score:2)
But will Tyron allow his name to be used in the next batch of tallywacker-enlarger spam?
Re:Either it's all illegal or the law is wrong (Score:5, Insightful)
You cannot have both sides of this argument. Any restriction the government places on things like this can be interpreted by some people as too broad. Either you take your government in small doses and shy away from government regulation, or you allow the government to regulate. You cannot be wishy-washy and take whichever side of the argument you feel like supporting that day.
Spam with forged headers is bad. I dont pretend to think that this will elimnate the mass amount of email i recieve, but I can only hope.
-Dan
Re:Either it's all illegal or the law is wrong (Score:3, Insightful)
A legitimate business should stop bothering you if you tell them to.
A legitimate business with legitimate advertising should be oneou have done business with that you haved opted into.
Spam is none of these things.
Re:Either it's all illegal or the law is wrong (Score:2, Insightful)
Re:Either it's all illegal or the law is wrong (Score:2)
Nonsense. It is well-settled law that time-place-and-manner restrictions on speech are acceptable when they are directed to some compelling interest (in this case, protecting the private property rights of the spam targets) and when they leave alternate avenues open to the speaker's message (in thi
Re:Either it's all illegal or the law is wrong (Score:2)
Suitable Remedy (Score:2, Funny)
Re:Suitable Remedy (Score:2)
And in further news... (Score:3, Interesting)
Re:And in further news... (Score:2, Interesting)
It's due to the anonymous nature of electronic communication that these types are able to sell anything. Regulatory agencies would come down, BLAMMO, on a telemarketer phoning you and screaming por
Re:And in further news... (Score:2)
You're talking about the tone of the advertising, not its fraudulent content. As for the fraud, regulatory agencies might get into the act after 5-10 years of abuse, by which time thousands
Re:And in further news... (Score:2)
Is their sample size really valid? (Score:5, Funny)
OK, so were they planning to sample more than 3 typical e-mail accounts worth of daily spam?
Re:Is their sample size really valid? (Score:2)
The question of whether they are valid is a different issue. If it's a random survey of all their messages, then that's what they are measuring, But that is probably not representative of all the spam. For example, maybe only a certain class of users (read: geeks) forwards the spam to the FTC. Or maybe people only forward the most egregious examples of spam. Or maybe the FTC sample is from one day's use, and they g
Re:Is their sample size really valid? (Score:2)
Re:Is their sample size really valid? (Score:2)
Re:Is their sample size really valid? (Score:2)
I'd say the chances are somewhere between 37.19% and 39.74%; except when taking into account the standard deviation of...
Oh boy (Score:4, Insightful)
Write to the Spam King (Score:3, Informative)
If you think this will help – you’re right. (Score:5, Insightful)
Re:If you think this will help – you’re right. (Score:2)
I live in Virginia! (Score:5, Interesting)
I wonder though- is there a place that we could report spam to the virginia prosecutors? Perhaps our state attorney general could setup a spam email and state residents could forward their spam there for the prosecutors to go after
how to stop AOL cds (Score:3, Funny)
2. Either send the original package, or the package in a sandwich bag back by writing "Unsolicited, return to sender!" on it and placing it back in the mailbox.
I haven't recieved a CD in several months, down from once a week or so.
AOL cds are sent 4th class (Score:2)
AOL isn't informed that it was thrown away.
This isn't new (Score:5, Informative)
AOL, Verizon, and other large ISPs based in VA have been suing under this law for years (though they almost always go to federal court, pursuant to U.S.C. 85 1332). I have burninated a few spammers in small claims court under this law as well (I was actually in court today suing etracks.com). The law allows the recipient to seek civil relief for the lesser of $10/message or $25,000/day. For ISPs, it's the greater of the two.
Re:This isn't new (Score:1)
If the 1997 bill didn't stop them, I don't see what this new one will do, unless AOL decides to sue Verizon. Hah...I'd fly out to sit in the audience for that trial...
Re:This isn't new (Score:3, Insightful)
Meaning Verizon itself or a customer using Verizon services for the initial internet connectivity? Very big difference. Claiming the provider responsible for the actions of specific users is a very sharp double edge sword that has far more reaching effects then spam.
They don't act on complaints, and willing let scumbags and thieves operate on their network.
Your perception of what they do behind the scenes may not be exactly what is going on. If that is the comm
Re:This isn't new (Score:2)
I don't get much spam, so when I do I try to nip it in the bud. I received a pr0n site spam a while back. I took a look at the html source and scribbled down the domains. I found about four domains registered by the same fellow, plus two companies. I send a nice letter informing the spammer (both reply-to and the admin contct his domains) that if I didn't receive a reply from his reply-to address that I would
AOL HQ (Score:2, Funny)
Isn't that one of the seven signs, or something?
Or
Just for Ralsky (Score:3, Interesting)
I think Ralsky would get that many bounces in an hour, if he did not forge headers, and hijack mail servers.
Penalty is only $10.00 per email or $25K, whichever is less.
Not enough financial damage to spammers, but it is a start. If the statutory damages were higher, it might have a legitimate claim to being the toughest in the country.
Wind under Thy Wings
Amber
Re:Just for Ralsky (Score:2)
any evidence in the criminal trail would also be available for use. if there is enough for a criminal conviction, a civil suit should be a cake-walk.
Re:Just for Ralsky (Score:2, Informative)
2 500 emails at $10.00 is $25 000 dollars. AOL claims [computerworld.com] to block up to one billion spam messages per day.
Ralsky claims to be able to send 650 000 messages per hour [freep.com] on each of his 190 email servers.
If AOL sues Ralsky, the maximum they can get from him, per day, is $25 000. Meanwhile, he can throw 2 964 000 000 emails per day at AOL, if he so chooses.
Statutory damages should be $500.00 per email. ISPs could claim $500 multiplied by the number o
Re:Just for Ralsky (Score:2)
Quote:
Incorrect grasshopper ... statutory damages are damages that can be awarded WITHOUT proof of ANY actual damage. As such, they represent a FLOOR for damage awards NOT a cap. Under this law, a party can sue for statutory damages of $10.00/message up to a ma
fraudulant?!?!?! (Score:5, Funny)
Bye Bye Spammers.... (Score:2)
I can see a federal anti-spam law on the rise, and for spammers it will not be pretty....
(-1 Redundant.)
Whoring to Capitalists is The Problem (Score:2, Insightful)
Hm, thats what I want, my Legislators delivering law directly from the BoardRoom. The same people who send you "buy this penis pump" emails will, next month, be sitting next to this Virginian Politician at a $5000-a-plate fundraiser... and the viscious cycle begins again.
Most Spam is Fraudulent? (Score:3, Funny)
FTC recruits rocket scientists (Score:3, Insightful)
Duuuh. That's because nobody selling something legitimate wants the negative side effects of spam- mainly, the disgust it causes. Hell hath no fury like a consumer who's just been spammed for a product; they'll probably, even out of spite, go for your competition, if they just so happen to be in the market for your item. Remember those stupid little remote control cars? They learned the hard way that spam didn't work; retailers reported a backlash from the spam, people coming up to them and chewing out -the store employees- for the spam other resellers were sending.
Don't encourage them (Score:3, Interesting)
Re:FTC recruits rocket scientists (Score:2)
Speaking of disgust that spam causes, you should respond to my comment here [slashdot.org] in the other article about spam. I normally wouldn't hunt somebody down over it, but you gave me a chewing I didn't deserve.
bad law! (Score:2)
I'm contacting the DA (Score:2)
-Miko
Wow, shocks this Virginian (Score:4, Interesting)
I forgot that AOL has a huge datacenter up North from here. Hmm.....
Re:Wow, shocks this Virginian (Score:2, Interesting)
She wrote back, basically saying the bill was bad for business.
Maybe I should send campaign contributions to AOL, since they seem to get the job done.
Tasty! (Score:2, Funny)
"And after a while, you can work on points for style.
Like the club tie, and the firm handshake,
A certain look in the eye and an easy smile." Rodger Waters
Virginia and the Law (Score:5, Interesting)
If any spammers are reading this, let me tell you about the Virginia correctional system. If you are lucky you will go to the big house. If they put you on the farm you are fucked. Most penal farms in Va grow their own food and cut their own fire wood, etc. You will come out tan and fit, my friend. I taught literacy in Wise County at the facility there. No slack for misdemeanors and light felonies. They also operate road gangs (no chains. Work is time off from your sentence with good behavior) with the Boss standing over you with a 12-gauge full of rocksalt if you decide to make like Cool Hand Luke. Also, the Virginia State Police are ruthlessly efficient and will get you. This was the best state to implement anti-spam legislation if we want spammers to hurt.
PS. It is "The Commonwealth of Virginia" not the "State of Virginia." I didn't get my hands whacked with a ruler by Mrs. Underwood to have y'all malign my beloved home with the lowly name of "state."
Re:Virginia and the Law (Score:2)
Don't forget, it is the South, so you better believe there will be a huge guy in your cell named "Bubba" who wants to make you "squeal like a pig".
Re:Virginia and the Law (Score:2)
False. No points, and they can't even compel you to relinquish it. And it has never been fully tested in court, either.
Re:Virginia and the Law (Score:2)
Re:Virginia and the Law (Score:2)
Wow, does that mean it still belongs to us [parliament.uk]?
Nope, but kick out Bush's lapdog Blair and we might give it back in kind. I'll throw in Tennessee (just had a tune-up and a new tires installed) and South Dakota (slightly used) for the hell of it.
Re:Just to clarify the state police bit (Score:2)
"send", not "send or cause to send". (Score:3, Informative)
The FTC has recently gone even further. They take the position that a beneficiary of the spam is responsible for it unless they took steps to stop it. This covers spamming by "affiliates".
The FTC's position is consistent with decades of false advertising law. The FTC has often prosecuted companies that let their "dealers" lie for them. The FTC has the authority to crack down on spam, and it looks like they're starting to do so.
"find a technical solution" (Score:2)
Where do I turn myself in? (Score:3, Insightful)
Have you ever seen such hogwash?! What, pray are, "a technical characteristics"?! Since when are headers and routing information common to "unsolicited bulk mail", but not "normal e-mail messages"?!Ok, so where do I trun myself in? I've certainly generated $1,000 from a specific transmission (we in the spammer game call it an "invoice") and I (just like tens of thousands of other evil spammers like me) forge headers and alter routing information. For example, I have mailing list managers that alter headers and routing information and then take that single modified message and send it to DOZENS of users! I also send mail from my laptop at home and claim to be me at work and visa versa!
Before tonight I didn't know I was a spammer, but if Virginia says I'm a spammer, I must be one! Is there a reward for turning my evil spammer ass in?
I'd add a smily, but this is just creepy!
Re:Where do I turn myself in? (Score:2)
Have you ever actually read e-mail headers? I'm not sure if you're trolling or just plain ignorant of what e-mail headers are. Open your Ou
Re:Where do I turn myself in? (Score:2)
That's called forgery, and it's a perfectly legitimate form of forgery use by most popular mailers these days.
Re:Where do I turn myself in? (Score:3, Funny)
Worse, I'm interpreting what I think is the *intent* here, but technically the fabrication (e.g. creation) of any headerer information (you know, header information, that thing "normal" mail doesn't have...) would seem to meet the criteria, so any message I've ever sent that generated $10
Re:FTC & FDA (Score:2)
Re:FTC & FDA (Score:1)
Re:FTC & FDA (Score:3, Interesting)
Unfortunately you're probably closer to the truth than they would have us believe. While the manufacturers, at least a chunk of them, could claim these do no harm (unless taken in absurd quantities, which nobody really knows how much as they aren't regulated or adequately tested), it's hard to disprove whether or not they do no good.
Re:FTC & FDA (Score:2)
The real question though is how much of my money did they spend figuring that one out?
Permission and trespass (Score:3, Interesting)
One reader complained [aardvark.co.nz] that this was "hacking" and that it was an unjustifiable action.
In response to that complaint I asked my readers [aardvark.co.nz] (part-way down the page) whether there was any difference between a spammer trespassing on someone's mailbox with their crap and someone trespassing on the spammer's mailbox to expose their mis-deeds.
Gathering by the responses [aardvark.co.nz] it appears that the