Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Spam The Internet

UK ISPs to Shut Down Spamvertised Websites 299

JebuZ writes "The Register is currently reporting that UK ISPs are targeting ecommerce websites run by spammers in a new 'get tough' policy on junk mail. ISPs belonging to the London Internet Exchange (LINX) have voted through a code of practice which gives them the mandate to shut down websites promoted through spam, even if junk mail messages are sent through a third-party or over a different network. The move is intended to remove the financial incentive to send spam." There's also a BBC story.
This discussion has been archived. No new comments can be posted.

UK ISPs to Shut Down Spamvertised Websites

Comments Filter:
  • How long... (Score:5, Insightful)

    by FatRatBastard ( 7583 ) on Thursday August 19, 2004 @11:06AM (#10013536) Homepage
    ... until people start spamming using their competition's address to facilitate them getting thrown off their host?
    • Re:How long... (Score:2, Insightful)

      by letxa2000 ( 215841 )
      My thoughts exactly. This seems like a good idea as long as the ISPs take a serious look at the accusation to make sure the site was really spamvertised and not just the target of some malicious competitor or a customer with a grudge, etc.

      • by The Ultimate Fartkno ( 756456 ) on Thursday August 19, 2004 @11:32AM (#10013860)

        "No! I swear I've been framed! I would *never* send out spam for my site. I'm totally legit! We here at xhegfr.24873xx.pills4u.com are a 100% above-board business!"

      • Re:How long... (Score:2, Insightful)

        by Anonymous Coward
        ...seems like a good idea ...

        Next they'll block P2P. Still a good idea?

        Then they'll block people running their own mail servers (helps spam again).
        Then they'll block people running any server (like the old cable modem guys). after all, you could serve obscene copyrighted pr0n from a web server.

        Do we really want ISPs running around blocking whatever they don't like and scanning/filtering on content (need to easily bust P2P guys). I think this is just a first stop to locking down more of the intern

    • Re:How long... (Score:3, Interesting)

      by ackthpt ( 218170 ) *
      .. until people start spamming using their competition's address to facilitate them getting thrown off their host?

      Or

      Address of 0wn3d computer

      Offshore server

      Doesn't do any good for those which run scripts on open or 0wn3d servers and forward email, i.e. phishing

      • RTFA:

        ...the mandate to shut down websites promoted through spam, even if junk mail messages are sent through a third-party or over a different network

        In other words, no matter how the spam for getcheapviagra.co.uk is distributed, getcheapviagra.co.uk is going to be denied hosting by LINX members. Ergo, they can't sell anything.

        Obviously they can host their site offshore, hence the additional comment in TFA that "...the success of this new initiative depends on LINX pressuring ISPs overseas into

    • Re:How long... (Score:5, Insightful)

      by Dark Lord Seth ( 584963 ) on Thursday August 19, 2004 @11:13AM (#10013627) Journal

      I'd assume that they'd check things out first. Besides, spamvertised websites are rather easy to recognize: I think 95% of all *.biz and *.info sites are spamvertised sites. There's also this whole thing about using fake names, no contact information, companies based in countries where the law isn't taken very seriously or where the law allows spamming, etc.

    • by dave420 ( 699308 ) on Thursday August 19, 2004 @11:13AM (#10013629)
      It's going to be investigated, not just automatically booted off their host by a postfix script who grepped the URL from an email... :)
    • Re:How long... (Score:5, Insightful)

      by osgeek ( 239988 ) on Thursday August 19, 2004 @11:13AM (#10013634) Homepage Journal
      Not long. Not long at all.

      Worse yet, spammers will put random innocent web sites in spam just to poison the process.

      They'll do it. It's an obvious way to get ISPs to stop blocking web sites.
      • Re:How long... (Score:2, Insightful)

        That would also work to get non-spamming businesses to warm up to spam. Think about it; who'd turn down free advertising?

        (Until, of course, they start getting hate mail, both electronic and postal.)
      • by SmallFurryCreature ( 593017 ) on Thursday August 19, 2004 @11:34AM (#10013884) Journal
        Spam is already becoming unreadable with the leet spelling and insertion of random words and phrases. Now they are going to link to random sites as well? So the customer, already not very bright, will now have to first do a enigma style decoding to get the sales messages and then do a guess as to wich link to click?

        The harder spam becomes to send the better it is. There is no instant cure, stop watching Oprah you american. The real world requires you to work had on multiple fronts to solve a problem. This is just one tiny drop on the hot plate. But together with all the other little drops it is making a difference.

        • Now they are going to link to random sites as well?

          Obviously, you haven't been examining spam messages. Putting dozens of random, unclickable links in spam has been going on for more than half a year. It's used to break up words, as in:

          Buy Vi<a href=bob.com></a>agra by <a href=reallinkhere.biz>clicking here</a>!

          With nothing between the anchor and its close for "bob.com", there's nothing to click on, so a user doesn't go to the "wrong" website... but a spam checker has to weed thro

          • Well not entirely true, I do get a few of the nigerian types on my address for the apache mailing list but they are pretty straightforward.

            Only spam I see is what people show in stories like these.

            So I was wrong. Lets just hope then that since these ISP's will be kicking paying customers from their networks that they will make certain that they got the right person. I can see it being a problem for "shady" but non-spamming companies that have spamming rivals, think porn sites. But non-spamming porn compan

    • Re:How long... (Score:5, Informative)

      by McDutchie ( 151611 ) on Thursday August 19, 2004 @11:18AM (#10013693) Homepage
      ... until people start spamming using their competition's address to facilitate them getting thrown off their host?

      They have been doing that for years. It's called a joe job [everything2.com], after the first victim of such a scam. These are generally quite easy to detect, though, so they do not generally lead to the victim's website being shut off. The main damage is in the annoyance and the bounces and responses received by the victim, which constitute something akin to a DDoS attack.

      In any case, the existence of joe jobs is no reason to penalize actual spammers and stop them from profiting from their spam runs. The only way to do that is shutting off their websites.

      • Correction (Score:3, Insightful)

        by McDutchie ( 151611 )
        Woops... I wrote:
        In any case, the existence of joe jobs is no reason to penalize actual spammers [...]

        This should have been: the existence of joe jobs is no reason not to penalize actual spammers.

      • Re:How long... (Score:4, Informative)

        by harlows_monkeys ( 106428 ) on Thursday August 19, 2004 @11:36AM (#10013917) Homepage
        They have been doing that for years. It's called a joe job, after the first victim of such a scam

        Not quite. Assume sites X and Y, spammer S that is hired by X (or may be X), user J, and another spammer, T. J is not connected with X, Y, S, or T. A joe job is when S sends mail advertising X, setting the from address to J.

        What the original poster is talking about is the case where Y hires T to send spam advertising X. If T sets the return address to J, then that will also be a joe job, but that is not relevant here.

        • Re:How long... (Score:3, Interesting)

          by McDutchie ( 151611 )
          What the original poster is talking about is the case where Y hires T to send spam advertising X.

          I know, but that too has come to be known as a joe job (at least in the news.admin.net-abuse.email newsgroup), since it's done with the same objective: to get X shut down or to harrass them away from the net. It's generally equally ineffective.

          • Re:How long... (Score:4, Insightful)

            by Dashing Leech ( 688077 ) on Thursday August 19, 2004 @12:27PM (#10014604)
            I'm not clear on how the difference can be detected. If spammer S sends out spam advertising site X, how is anybody going to know if X had hired S (legitimate spam) or competitor Y hired S (a joe job). Basically, you have to know who hired the person doing the spam. Will this come down to an interrogation of spammer S, review of their financial and phone records to find some connection to X or Y? Even that is fairly easy to trick by having S get X to phone them for some reason, and/or have some legitimate financial transaction between them. Perhaps there's something I'm missing that can show Y is really behind the spam.
      • Re:How long... (Score:5, Interesting)

        by robertjw ( 728654 ) on Thursday August 19, 2004 @11:46AM (#10014044) Homepage
        They have been doing that for years

        Actually, this is different. They are going to shut of sites that are advertised in the spam, so all a spammer has to do is send out a 'free' promotion for a valid website. The addresses used in the spam mail are irrelevant, what they are looking for is site addresses included in the body of the spam.

        This is already going on. Last month I got a notification from our ISP at work of a possible spam violation (a very annoying, threatening notification) on our site. It appears that a spammer included our domain name in one of his messages and our ISP was alerted. I explained the we did NOT send out the message, was NOT selling viagra and did NOT want the traffic generated from the spam message, so we still have a website and that was the end of it.

        What happens if a spammer, rather than just including my address, crafts a marketing message promoting my site. Might be a little harder to convince my ISP that I didn't initiate the spam.
      • I think you're not understanding. You send an email actually advertising the other site. It lists the current deals at site X (easily found from their web site) and directs people to their site. Then site X gets shut down by their ISP for spamming, hopefully driving more people to you're operational site. Since there is no way to tell where the spam truly originated from (especially if a 3rd party is used to send it) this will be an easy way to take down up and coming companies.
    • I've noticed that many of the people who bitch the most about spam are also the first one to produce simplistic and pedantic retorts to steps people make to do something about it. "But somebody might not get their email for a day."

      Spam Whiners: Shit or get off the pot.

      Either somebody does *something*, however imperfect or flawed, or they do nothing. The whining and the complaining and the doing of nothing adds up to exactly nothing but noise.

      I want actions taken, and I want them taken *now*. Collatera
      • "Collateral damage is just fine--Until I'm the one being damaged."
      • by FatRatBastard ( 7583 ) on Thursday August 19, 2004 @11:32AM (#10013854) Homepage
        Either somebody does *something*, however imperfect or flawed, or they do nothing. The whining and the complaining and the doing of nothing adds up to exactly nothing but noise.

        It wasn't a whine nor a complaint. And it can have very serious reprocussions. How happy would you be if your legitimate, non-spamming online business was blacklisted because someone else forged fake spam?

        I want actions taken, and I want them taken *now*. Collateral damage? Unavoidable -- any solution strong enough to work is going to cause collateral damage.

        Wonderful attitude. "Fuck the innocent as long as I'm happy (and it doesn't happen to me)"

        This system could be useful, but considering there was no detailed mention of how they're going to deal with this potential problem its a valid question.
      • How about requireing any business email to be signed by the company signature (which I think should be done anyways)? This would certainly eliminate joe jobs, and if the signatures are registered/checked somewhere, it would help agains spammers.
      • Wait till you start your new and shiny ecommerce company, get the website up, customers coming and money flowing. Then watch it got struck down because some competitor spammed on your behalf.

        And then come back and we'll talk about Collaterial Damage.
      • Collateral damage? Unavoidable -- any solution strong enough to work is going to cause collateral damage...

        No, collateral damage is not unavoidable, nor is it necessary for a solution to SPAM.

        The problem with SPAM isn't technical, but social; people like the simplicity of email more than they hate the nuisance of SPAM. There already exist several proposed, effective solutions to the SPAM problem; many of which could be implemented without *any* collateral damage, as they add on to existing systems.

    • Since the problem with spam is it's low barrier to entry (any s'kiddie sans morals can be a spammer), what good will it do to kill off one competitor? As soon as you nail one two or three more will pop up. Meanwhile you've just set in motion as nasty little email war that's bad for every spammer.
    • Re:How long... (Score:2, Insightful)

      ... until people start spamming using their competition's address to facilitate them getting thrown off their host?

      It will NOT happen.

      Remember two things. 1. The only incentive for spammers and spamvertised businesses to spam people is money. 2. Almost all spamvertised businesses resort to spamming because they don't have any significant market share and don't have resources for conventional marketing.

      So, if spamvertised businesses start spamvertising their competitors, it may (or may not) hurt c

    • That would work if 99.999% of mail admins didn't realize that From: and Reply-To: email headers are easily forged, so the Return Path: and Received: are what you should use to determine the origin.
    • . until people start spamming using their competition's address to facilitate them getting thrown off their host?

      Their competitor selling Viagra? I think an ISP will not pull an established client selling a normal product because of a forged spam. If it's a company that opened the site two days before with a postbox number address, they will probably pull the plug. The company impersonated might make an issue of it and pursue the spammer for fraud or worse, which is all to the greater good.

  • by toygeek ( 473120 ) on Thursday August 19, 2004 @11:08AM (#10013558) Journal
    The Web Hosting company I work for has been doing this for years. You spam, you lose. Simple. From our AUP [amhosting.com]:
    # UBE ("spam"): sending unsolicited bulk e-mail, using UBE, even if not sent from American Internet, to advertise (spamvertise) your site, providing any service to spammers such as mailboxes or Web sites.

    Is this just now catching on? Shocking.

    • by toygeek ( 473120 ) on Thursday August 19, 2004 @11:13AM (#10013636) Journal
      To those of you saying how bad this is because you could basically DoS your competitor by spamvertising their site, here is a basic explanation of how it should work.

      Complaints start rolling in. If its not caught soon, dsbl lists will start blocking the ISP. Is the spam legit? Lets contact the owner of the site. Not legit? Prove it. Usually, it IS legit. We investigate thoroughly and determine the source of said spam, and if its truly not legit spam, done by someone else (this *has* happened with us) then we notify spamcop or whatever list needed that an investigation has been done and its taken care of.

      So, with due diligence when it comes to enforcing policies such as this, and not a "shoot first ask questions later" attitude toward shutting off sites, then it becomes a reasonable policy.
      • Lets see. Legitamate spam is illegitamate. Right?
      • They are closing of their own paying customers. You can bet they are going to check, this is not the bubble anymore when ISP's ruled.
      • Not legit? Prove it

        Ahh, the old guilty until proven innocent.

        You do know that it's usually logically impossible to prove a negative?

        Ie; Prove to me you have not used google.com today. Logs and caches dont mean anything, anyone could delete google references in them. Just because google's logs dont show your IP doesn't mean you didnt use a proxy or anonymizer, etc..
      • Lets contact the owner of the site. Not legit? Prove it

        Suppose the spam comes from a network of trojaned Windows machines. Just how am I suppose to prove that I didn't hire some Polish or Russian cracker gang to use their trojan spamming network on my behalf?

      • The problem I see is how do you prove you didn't send the spam? Proving you didn't do something that is basically untraceable is very difficult. Unless you can actually track the spam to a competitor there is no way to prove you didn't send it. Even if it came from a 3rd party, there is no way to see who paid that 3rd party (or who is controlling the 3rd party in the case of zombies). Even if they didn't send it, they still lose valuable resources trying to prove they didn't send it, and still may have
    • From the article: "Many UK ISPs already close 'spamvertised' websites under their terms of service", the same way you have apparently been doing it, so no they aren't 'just catching on'.

      Also from the article: "The new BCP (Best Current Practice) will raise the baseline, making the worldwide acceptable minimum standard tougher. We will be working to spread this standard beyond the UK and asking for support from the UK government at WSIS"

      This is the interesting bit - I seems like a step in the right dire
    • ...is people acting like it's a bad thing.

      Anti-spammers have always maintained that ISPs should kill the websites of known spammers. That's what a number of the blacklists out there are about -- they list ISPs that don't kick off websites that have been advertised through spamming, even if the spam was sent from a different ISP.

      This is a good thing. Spammers should lose their Internet access, period. They should also lose their lives, but ISPs aren't really in the position to do that kind of thing.

      So
      • They should also lose their lives

        Rapists, molestorers and murderers are examples of people who need putting out of their misery.

        Lets keep things in perspective, spam is an electronic message, if it bothers you that much, setup a whitelist.

        By your reckoning, should I have my fingers chopped off for pinging you?
  • by Anonymous Coward on Thursday August 19, 2004 @11:08AM (#10013560)
    1. Start up competitor to /.

    2. Send out spam promoting /.

    3. See /. shut down.

    4. Profit!!!!
  • by datastalker ( 775227 ) on Thursday August 19, 2004 @11:09AM (#10013571) Homepage
    ...as they're likely to have the same kind of site hosted in multiple places to avoid this problem. :( At best, it will drive up the costs of maintaining said sites, but those costs aren't that high to begin with.

    Furthermore, this does nothing to the spammers whose hosters are in collusion with them, and who are profiting themselves.
    • by dave420 ( 699308 ) on Thursday August 19, 2004 @11:15AM (#10013658)
      It will do something to those spammers - the ISPs can (and will) block the IP addresses. We're not talking about a citizen's action group here, but a collaboration of every major ISP in Britain.
    • by misleb ( 129952 ) on Thursday August 19, 2004 @11:53AM (#10014116)
      You know, it doesn't really matter. It is the Right Thing To Do(tm) regardless of how effective it actually is on the problem as a whole. In the end, I don't really care how many other people are in in collusion with spammers. I can say with pride that the ISP I work for is tough on spam. And I can say with pride that the ISP I use for home Internet is tough of SPAM. And that is about as much as I can really expect. The idea is to get others to do the right thing and I commend these UK ISPs. Good for them.

      -matthew
  • by mopslik ( 688435 )

    I suppose it all depends on how much investigation ISPs are required and/or willing to do.

    gives them the mandate to shut down websites promoted through spam

    So in theory:

    1. Pay spammer $N to include competitor's website in massive deluge of email
    2. ???
    3. Profit!
  • by nomad63 ( 686331 ) on Thursday August 19, 2004 @11:11AM (#10013602)
    Fighting with spammers is not going to work ever, as long as they can make even a single penny of profit from their sleazy operations. If their income source is forced to dry, their flow of spam will follow the trend.

    IMHO, the companies, who sell their products through the spamvertized channels should be put into the same tight squeeze. I want to see Pfizer sweat for those Viagra ads I receive day in and day out in hundreds.
    • Discouraging, boycotting, or flat-out disallowing companies from hocking their products through spam would be great. This would probably cover a minority of spam-financed revenues, however. It seems that the real money comes from spam campaigns that are already illegal. They're from shady or non-existent companies. They're selling counterfeit products that sometimes even have recklessly dangerous ingredients added. And, of course, there are also the get-rich-quick scams. Going after Viagra makes no sense
  • by julesh ( 229690 ) on Thursday August 19, 2004 @11:11AM (#10013604)
    My company had one of its accounts suspended briefly last year when one of our clueless clients hired a US company to send e-mails for them to "1 million opt-in UK addresses".

    BTW: how gullible can you get? A single opt-in list with about 5% of the Internet-connected population on it? Wow.
  • I can see it now...

    You have a competitor in UK? Eating through your market share?

    We can take care of that! We, at SPAM, inc, will simply do a wave of aggressive spamming "touting" the virtues of your competitor, and arrange for a few hundred copies of that mailing to reach the sysadmin of the hosting ISP. Say "Goodbye!" to your competitor's web site!

    And, for a small extra, we'll even include some advance fee fraud or otherwise illegal contents to the spam. Watch in glee as your competitors are harrased by the authorities to boot!

    Hmmm. Sounds like a really, really good idea now doesn't it?

    -- MG

    • Give them some credit - I'm sure they actually thought about it. Sheesh. They're a bunch of ISPs. Not just one pokey little one with no clue, but many large ISPs. The police are pissed off with spammers just as much as anyone else, so investigating the spammer and the sites involved will be high on everyone's list.
    • This is indeed possible which is why it's important that whoever is in charge of actually shutting down the sites conducts proper due diligence (i.e. makes a case that any reasonable person could follow). That being said, I think this is also good because it's at least a start--if we want to get rid of spam (not that I'm saying that's possible) the ISPs and companies will have to work together which is what this is starting to do--companies may find that they can work with Linx to follow best practices or
    • Bah! Sounds like a pretty rare scenerio to me. Certainly too rare for a spammer to actually advertise this as a "service." For one thing, sites being advertised via spam are generally pretty small time. I doubt they have any sense of a particular competitor taking a significant portion of their market share. Do you really think one penis enlargment pill pusher gives a shit about another penis enlargment pill pusher? Do you think one porn site really has it in for another porn site? There are just so many of
  • In theory it sounds nice. However, there are several problems here. First, the offending web site may be hosted by an ISP that doesn't give a damn. It may be overseas. It may be in Russia, or North Korea for that matter. If it is in a non-british jurisdiction all they can do is block access to it. There is no way to take it down. The link may be a referral. As others have already noted, the linked address may be that of someone the spammer doesn't like, resulting in the shutdown or blocking of an innocent web site. With so many potential problems, I doubt whether this initiative has a chance of succeeding.
    • In theory it sounds nice. However, there are several problems here. First, the offending web site may be hosted by an ISP that doesn't give a damn. It may be overseas. It may be in Russia, or North Korea for that matter. If it is in a non-british jurisdiction all they can do is block access to it. There is no way to take it down. The link may be a referral.

      You're being retarded.

      Of course you can get spam that links to a web site hosted in Russia or North Korea. This isn't about them. This is about gett
      • Dear Phroggy Please refrain from using words like "retarded" in the near future unless you are specifically looking to start a flame war. I was looking for a discussion, not waiting for someone I don't know to start being rude. Thank you. That said, the first thing that will happen when this gets through is that sites in the UK will be blocked only to be replaced by sites overseas that cannot be taken down (which is what i was saying in the first place). The spamming business is an international one.
    • You are missing the main point. They are not asking the Hosting ISP to shut down. They are having the British ISP's block that IP address. SO it does not matter WHAT jurisdiction it is in, they don't care about taking it down.

      Their is only ONE probem, which has been mentioned before, the Joe-Job, where your competitor spams pretendign to be you.

      And it has a solution: legal action. When someone spams pretending to be you, that is fraud. If a company is committing fraud to hurt your business, that is a

    • If it is in a non-british jurisdiction all they can do is block access to it.

      So, before the spamming, they got a few dozen hits a day in their server logs from Britain. After the spamming, they get a brief spike, followed, soon, by zero hits from Britain ever after. Now, how much would you pay the spammer to send out another round of spam? Blocking will work just fine.

      We can imagine this being misused by evil competitors, but the British ISPs aren't idiots, and with minimal care on their part, this

  • by Qinopio ( 602437 ) on Thursday August 19, 2004 @11:16AM (#10013668) Homepage
    Dear friend, The only operating system proven by science to enlarge your penis and make you wealthy is Linux, powered by SCO Technology. visit SCO.com to learn more! refrigerator penguin lovely tang information fr4556631
  • *applause* (Score:5, Interesting)

    by thephotoman ( 791574 ) on Thursday August 19, 2004 @11:16AM (#10013671) Journal
    Could we do that in the United States, too?

    But what about repeat offenders? Those that open up a new website and advertize by spam on that site, too? Setting up a webpage isn't too hard these days, and one could always send one's servers offshore. This needs to be an international policy.
  • Not just shut down. (Score:5, Interesting)

    by www.sorehands.com ( 142825 ) on Thursday August 19, 2004 @11:16AM (#10013677) Homepage
    Not just shut down the site, but set up a page saying they were shut down and have the real data on the spammer, and some of the original page.

    That allows the people who have been spammed to identify and track the spammer.

  • Good thinking (Score:3, Interesting)

    by RPI Geek ( 640282 ) on Thursday August 19, 2004 @11:18AM (#10013701) Journal
    Other than the obvious abuse possibilities, this is a good way to remove the incentive to spam people. Until I started getting too much junk mail to keep up with, I would go to the website that was advertised (stripping out the personal identifier junk-text string) and e-mail the webmaster saying that I would never buy their product because of their advertising techniques and that I would actively warn people away from them. I doubt that they took me seriously, but it was nice to rant anyways, and yes I did follow through in my threat for many of those advertisers.

    Also, if the spammers are getting a [very low percentage] click-through number, I wonder how many of those are people who have never gotten spam before. The number of people on the internet is growing so quickly, I'd imagine that many of the click-throughs are actually people who have never seen a "bulk unsolicited e-mail" before.
  • by coshx ( 687751 ) on Thursday August 19, 2004 @11:19AM (#10013704)
    DEAR SIR,

    i want assure you this no spam i found you email by search web i son very important buznes man who in some politcal truble now rite and need you help get money out bank
    in case you no believe you go see please his site SCO [sco.com]

    PLEASE TO HEAR YOU RESPONSE.

    N!GTXBALU GNTEMBI


    darn filter won't let me submit in all caps :(
  • by Numen ( 244707 ) on Thursday August 19, 2004 @11:19AM (#10013706)
    Please note the article is refering to a code of practice not a law. There will without doubt be different ways in which ISPs might and will implement it. If a competitor is spamming "on your behalf" then you're going to get a warning from your ISP saying that they're considering yanking your plug... you'll then get to address that and show circumstance.

    Then if the chaps framing you are in the UK there's legal action you might take against them.

    This is a good thing. It's not a draconian law, it's a business consortium agreeing that they they to focus on an issue and deciding common policy on how to address it.

    Code of practice, not law.
    • Right, and what happens when someone who really does want to purchase a year's supply of "Colon Blow 5000" sues them because the ISPs implementing the block are preventing them from accessing the site? Unless it's backed by a law saying that the spam is illegal (thereby making the block legal) I don't see this as holding up in court. Obviously people *do* buy these stupid products, so this is ripe for a lawsuit from the spammers.
      • Right, and what happens when someone who really does want to purchase a year's supply of "Colon Blow 5000" sues them because the ISPs implementing the block are preventing them from accessing the site?

        What happens is that the judge throws the suit out of court on the grounds that some idiot's desire to purchase "Colon Blow 5000" is irrelevant to the issue (which is that ColonBlow5000.com is in breach of contract). Ideally, the process involves a pee-pee whacking from the baliff.

  • by tao_of_biology ( 666898 ) <tao,of,biology&gmail,com> on Thursday August 19, 2004 @11:25AM (#10013770)
    SPAM has become a total cancer on the internet. It's growing and sucking resources away from legitimate activities... it's discouraging use of email and costing ISPs and corporations way too much money.

    This tumor is so rooted in the Internet, that there is no way to cut it all out without removing some healthy tissue. There is probably no perfect solution to this problem, but it HAS to be addressed.

    I truly can't see people resorting to trying to advertise competitor's web sites via SPAM to get them shut down. They'd open themselves up to way too much liability if that actually happened.

    IMHO: This solution does a pretty decent job of targetting the tumor without removing much healthy tissue. Again, no solution will perfectly home in on just spammers... innocents will always get caught up in the effort to remove this problem. The trick is to just come up with items and balance it's positive effects against its negative effects.

  • by EboMike ( 236714 ) on Thursday August 19, 2004 @11:41AM (#10013980)
    When I submit my daily dose of spam to Spamcop [spamcop.net], I can see that 90% of all websites referred to by spam mails are hosted in China and Brazil, and I don't think either country will do a similar move anytime soon.

    It is already common practice for spammers to use bullet-proof hosts (which is even mentioned in TFA).

    So I don't think this move will change anything as far as spam goes, but the potential for abuse (see some of the previous comments) will increase, given that most sites hosted by UK ISPS are legitimate.
  • So you shut down a spammer's porn site. They move it to a new host (outside the UK), and continue to spam. If they can kill or gain control of the domain name along with shutting down the site, perhaps this could work.

    I hope it does.

    I hope they punish more than just email spam, too. Usenet, IRC, and instant messengers need help, too.

  • What happens when spammers do a "fake" spam run to try to get a (non-spamming) competitor's website removed?
  • by malx ( 7723 ) on Thursday August 19, 2004 @11:45AM (#10014042)

    The LINX [linx.net] Best Current Practice on Unsolicited Bulk E-mail ("the spam BCP [linx.net]") is carefully written so as to avoid being a way to create denial of service attacks.

    LINX does not adjudicate complaints; our ISPs members do. You can complain to an ISP for tolerating spamvertised web sites just like you can complain to them for tolerating someone sending spam. If they follow Best Practice they will cut off the web site if, only if, and not before they satisfy themselves that the spam was sent by or with the consent of the web site owner.

    Of course, it is possible that they could get it wrong; miscarriages of justice do occur in every area of life. This is not a reason not to have any rules at all. It is up to the ISP to take care when considering a complaint so as not to cut their customers off without good reason. Naturally, some will consider this an unnecessary delay - and even evidence that the ISP is not serious about cancelling the account. Well, it's not possible to please everybody all the time; you've just got to craft the best policy you can and run with it.

    Malcolm Hutty
    LINX Regulation Officer.

  • by Kainaw ( 676073 ) on Thursday August 19, 2004 @12:00PM (#10014245) Homepage Journal
    I have mentioned this before at Slashdot and I'm always ridiculed for it. However, I greatly reduced my spam intake from well over 2,000 spams a day to well under 100 by simply blocking any email that contains a link to a server that I've put in my "that is a spam-advertised IP address" file. It isn't difficult to do. In fact, I make what I've written freely available on my website.

    Every time I mention this, someone says, "Oh my God! You're going to block some good little Mom&Pop store because they share a server with a spammer!" If that is what you are thinking, you didn't read my previous paragraph. I block any email WITH A LINK TO A SERVER that is in my block list. I DO NOT block any email originating from a server in the block list.

    As this article explains, the incentive is to remove the profit margin from spam. I think my method works better than kicking them off the server if my method was used by a majority of the Internet users. The reason is that my method hopes the spammers keep the same IP addresses. If you kick them off the server, they change IP addresses and I have to block the new one.
    • Yes, I'm doing the same with very good success.

      One property of this system is really attractive: Spamvertizing a webpage damages the IP number of this webpage, so that the owner of that IP number will probably seek damages against the spammer.

  • by account_deleted ( 4530225 ) on Thursday August 19, 2004 @12:28PM (#10014629)
    Comment removed based on user account deletion
  • A friend of mine (a real friend; not a thin abstraction of "me") works for a company who designed and hosts another company's website. That company procured a list of "millions of guaranteed opt-in email addresses!" and contacted my friend's boss to send them all a newsletter.

    Now, my friend's boss is putting a lot of pressure on him to send these emails. My friend asked me for help but I flatly refused regardless of price. He really doesn't want to do it, but his boss is leaning on him, and his wife's opinion is that since he's getting paid for it, he should just do the work (my retort being that if his boss wanted to pay him to star in gay porn, then would he still be expected to do so?).

    I've explained at great length that this is immoral, probably illegal, and a really stupid idea all around. He agrees, but his boss really wants that check from the client and I don't know the boss well enough to confront him directly.

    Any suggestions on what I can do to put an early end to my friend's career as a spammer? I love the guy like a brother and don't want to see him rendered unemployable and hated by his family and friends, but I also don't want him to lose his job.

    My best idea so far is to get him to convince his boss to start with a very small batch of spam (say, 1000 addresses) and to have my friend report back after a few minutes that the batch has been sent (but without actually doing it). Then, about five minutes later, call the client and scream, curse, and scream some more at them for filling my inbox with their crap. Get about 10 other people to do the same thing, perhaps even in person at the company (a restaurant), until the client keels over dead in their panic to call of the "advertising campaign". Note that my friend is the only technical person at his company, so the odds of anyone other than him being able to determine whether those 1000 test emails were actually sent is roughly zero, and if there were any question, I'm probably the person that his boss would call to seek confirmation ("Yep, looks like he sent 'em at 11:30. What? The client went out of business at 11:45? What a coincidence!").

    To repeat: "my friend" is not me, so don't bother lecturing me on the evils of spamming. I just want to help him stay an honest man.

    • a list of "millions of guaranteed opt-in email addresses!"

      It's not that difficult to fathom. Home mortgages, car rental agreements, car purchase agreements, EULAs, employee agreements... any of them could bury a legal jargon form of "opt-in". The majority of people don't read them and those who do usually don't have a positive option.

      my retort being that if his boss wanted to pay him to star in gay porn, then would he still be expected to do so?

      I understand exactly what you're saying but allow me to
  • by dtfinch ( 661405 ) * on Thursday August 19, 2004 @03:06PM (#10016417) Journal
    Just send spam on their behalf.

"To take a significant step forward, you must make a series of finite improvements." -- Donald J. Atwood, General Motors

Working...