Fighting Spam Through Regulation and Economics

Bryan29 writes ""Next door to our offices was a spam operation... One day they weren't there anymore". Apparently in the past several months some black hat SEO companies (comment spammers) closed shop. Mr. Evron explores using a couple of case studies how spam was directly impacted by the UIGEA online Casinos law, disallowing payment processing, and how the subprime mortgage collapse made many former clients of spammers "move on". The article draws its conclusions from an economic standpoint "Perhaps the next step policy makers should take is to work to change this economy, possibly by legalizing and regulating ... More to the point, they can make the act of processing funds for this type of operation illegal.""

This one is better, but no cigar

[ravenspear]

Your post advocates a

() technical ( ) legislative (*) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(*) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(*) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(*) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(*) Asshats
(*) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(*) Extreme profitability of spam
(*) Joe jobs and/or identity theft
(*) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(*) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(*) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:

[cyphercell]

Found it [craphound.com] it's like a failed decision support system that still works because there is no viable solution.

Looks like the author is Cory Doctorow [google.com]

Re:

[Hal_Porter]

Cory Doctorow didn't write that - he heard about it from someone called Jef(sic) and popularised it with the Web 2.0 crowd.

I saw it ten years ago on Usenet.

http://www.boingboing.net/2004/02/25/universal-crackpot-s.html [boingboing.net]

This is a very funny checkbox-based form-letter for responding to crackpot spam solutions proposed in message-board posts:

Your post advocates a

( ) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Link (Thanks, Jef!)

Re:

[cyphercell]

Ok, so you're right, but you didn't have to call me a freak.

Re:This one is better, but no cigar

[spikedvodka]

(*) No one will be able to find the guy or collect the money
(*) Requires too much cooperation from spammers

Specifically, your plan fails to account for

(*) Lack of centrally controlling authority for email

The whole point of this plan is that those are wrong. If you can make it illegal for process transactions for things like online casinos, you can make it illegal for things like online pharmacies.

You're not controlling the e-mail, but you're controlling the money. if they can't accept "Visa/MC/AMEX/Discover/Diners/etc." they won't make as much money. paypal is the same way.

Yes, the "mark" could still send a check, but at that point you know exactly where the check went, and you get the copy (electronic) back.

I think this plan has half a chance of working... however, then I think we'll start seeing more phishing... and I really would hate to see more laws

Re:

[ravenspear]

I think we need another entry on the philosophical objections list.

Something like, draconian regulation of ecommerce is a bad solution.

Re:

[longacre]

But where do legislators and credit card companies draw the line between a shady online pharmacy and a legitimate one like Express Scripts? Even with new regulations to prevent use by criminals and terrorists, it is still pretty easy to get a merchant account. When a merchant signs up for a card processing service they simply ask you what you're using it for...and they believe you. There's not much to prevent you from using the same account on a legitimate site and one that advertises PLEASE YOUR GIRLFRIEND

Re:

[techno-vampire]

When a merchant signs up for a card processing service they simply ask you what you're using it for...and they believe you. There's not much to prevent you from using the same account on a legitimate site and one that advertises PLEASE YOUR GIRLFRIEND TONIGHT.

If I were writing these regulations, I'd do it in two parts. First, you wouldn't be allowed to get an account for a business selling certain things, such as V14grA. Second, if you use your account to process payments from such things, you lose you

Re:

[Hal_Porter]

That's not secure though - spammers could just start sacrificial businesses or use someone else's name like their family or friends.

The only solution when you catch them would be to kill them and everyone they ever met.

Re:

[techno-vampire]

The point you're missing is that not only do both businesses go away, they can't get a new account even if they open up another business. Get caught just once and you'll never be allowed to have an account again.

Re:

[Hal_Porter]

So someone exercises their First Amendment rights by sending emails you you don't like and they forfeit any possibility of taking credit card payments ever? Sound unconsitutional to me! Plus they could avoid it easily by just getting a merchant account overseas where your regulations don't apply.

Re:

[mvdwege]

Ah yes, the Frea Speach defense.

Here's a hint: all rights have limits, and these limits are when infringing on the rights of others. Your First Amendment rights do not give you the right to stand on my lawn in the middle of the night with a megaphone to advertise your goods; you are infringing on my property rights. I can have the police haul you off for that. How is that different from you pushing shit into my inbox which I have to pay for, directly in connection charges, or indirectly through higher ISP

Re:

[Hal_Porter]

Here's a hint: all rights have limits, and these limits are when infringing on the rights of others. Your First Amendment rights do not give you the right to stand on my lawn in the middle of the night with a megaphone to advertise your goods

BZZT! Wrong!

Even burning a cross on your lawn is speech that is constitutionally protected from prior restraint.

http://www.firstamendmentcenter.org/faclibrary/casesummary.aspx?case=RAV_v_St_Paul [firstamendmentcenter.org]

And sending commercial emails is too.
http://www.wm.edu/law/publications/jol/articles/geissler.shtml [wm.edu]
anti-spam laws act to block all speech in a manner similar to those cases, i.e. by imposing a limitation on the sending of emails over private networks, this article treats the proposed federal anti-spam statute as a p

Re:

[techno-vampire]

And sending commercial emails is too.

In the opinion of the author of that article. I'd bet that if I spent some time with Google, I'd find at least one article that directly contradicts the one you cited.

Re:

[mvdwege]

Why don't you stick to the example I gave you? Ah right, because that would destroy your nice little theory, primarily because I was not talking about prior restraint.

In other words, you're probably a spammer. Fuck off and die. Slowly and painfully preferably.

Mart

Re:

[techno-vampire]

So someone exercises their First Amendment rights by sending emails you you don't like and they forfeit any possibility of taking credit card payments ever?

Don't be more stupid than you have to be. It's not sending the spam that gets their account nuked, it's using their merchant account to process payments resulting from spam. If they want to spam the world with religious or political messages, but not ask for money, that wouldn't get their account revoked. Asking for money and using that account to

Re:

[cayenne8]

"The whole point of this plan is that those are wrong. If you can make it illegal for process transactions for things like online casinos, you can make it illegal for things like online pharmacies."

I dunno. Given that the WTO finding against the US with regard to online gambling...the US 'may' have to change its laws or get massively fined, etc. I'd think if the US had to take action on that finding, the law regarding online gambling transactions/payments would have to be repealed? I actually hope so....b

Re:This one is better, but no cigar

[TheRaven64]

That's a very separate issue. The WTO is involved because the US gambling laws discriminate against casinos not based in the USA. This wouldn't be an issue for anti-spam laws (they're about preventing spam, not just about preventing spam from non-US companies). The reason that they are involved in practice, rather than just theory, is that the US laws are having a real financial effect on organisations outside the USA, which is exactly what you would want to happen to spammers.

Re:

[malraid]

"R" as in relocation or as in russification? Yes it'll be a good idea to move all the spammers over to Siberia. It'll stop spam at least until they get fiber over there...

Gadi Evron = Hot Air

[arivanov]

If I see a post from him on BUGTRAQ I skip it straight away. Out of all security gadfly individuals he is the most overinflated one. If humans were baloons with egos inside his would have promptly reached escape velocity due to the amount of hot air in it.

Just read his posts on BUGTRAQ. Any of them over the last 3 years.

Re:Gadi Evron = Hot Air

[arivanov]

Just read the article.

Gadi at his best.

First of all, the casino SPAM has not decreased. It has changed target markets. I got 10+ mails over the last month that managed to get past my antispam filters with gambling spams and scams. This is compared to under 3 for the preceding year. Mortgages - that disappeared at least one year before the credit crunch started. And so on.

The reason SPAM is decreasing is that the return on investment for spammers steadily decreases. People are responding to it less and less. As a result the vast botnets built for spamming are now geared towards phishing, identity theft (botnet ops are actually scanning computers for useable documents) and from time to time a bit of SPAM for the purposes of botnet expansion.

Re:

[jacks0n]

The UIGEA didn't make it impossible for Americans to gamble online by any stretch of the imagination.

It is just a little harder, and we have to do business with sketchy third parties.

Yeah, the spammers and scammers hate that. Please, don't throw me in that briar patch, sir.

The UIGIA eliminates spam and scams the way Prohibition destroyed the Mafia.

Re:

[Blakey Rat]

If humans were baloons with egos inside his would have promptly reached escape velocity due to the amount of hot air in it.

Congratulations on that.

Interventionism isnt completely "useless"

[sethstorm]

Sometimes a good mix of regulation with the market does help instead of just cutting away at it.

Re:

[hedwards]

Exactly, the only way that spam is reasonably going to stop is if there is no longer enough money in it to justify the risk and effort.

The proper solution to it is almost certainly going to include a mix of the following elements. I just wish I could suggest a reasonable mix and a way of putting it all together.

Filtering so that fewer eyes see the spam, larger fines/longer sentences when caught, SPF/domain keys and similar to make identification of spam somewhat easier, shun servers that are known to be ope

Re:

[antic]

"getting people to stop clicking on things indiscriminately"

Would a public education campaign be worth trying? TV ads explaining to people that spam is an on-going problem partly because some people keep rewarding the spammers with sales.

Re:

[ajs318]

Would a public education campaign be worth trying? TV ads explaining to people that spam is an on-going problem partly because some people keep rewarding the spammers with sales.

NO NO NO NO NO

You have fallen into the trap of believing that the spam game is about getting ordinary punters to buy counterfeit watches, handbags, penis enlargement pills and pirated, obsolete software.

The spam game really about persuading people that they can get rich quick, by spamming customers.

The product which is being

Re:

[antic]

Can appreciate your point. So what's the solution to that?

I'm finding it more and more common for regular and remotely reputable businesses to buy lists and send out an announcement - none of them seem to even realise that what they're doing isn't a good thing.

I think there are even marketing laws in Australia that allow you to scrape public email addresses in a number of cases.

Re:

[Meshach]

Everybody says this but no one wants it.

There's too much spam. It needs to be regulated
Fine, email now costs a penny per message.recipient
Forget it, email needs to be free
Goto 1

Re:

[Cid Highwind]

You're missing the more important objection to pay-per-email: "Who the hell are you and why should we trust your organization to collect pennies from every email user in the world. What are you spending all those pennies on, anyway?"

Or to put it in the form of the oft-quoted spam solution checklist:
(X) Unpopularity of weird new taxes
(X) Lack of centrally controlling authority for email
(X) Why should we have to trust you and your servers?

Re:

[Antique Geekmeister]

Well, yes, but it has to be a good mix. We saw bad mixes for years with junk mail (which remains awful) and junk fax (which finally got stomped in the US by the junk fax law).

The junk fax law could be extended to cover spam: some US congressmen have tried, repeatedly, to do so, but been blocked by lobbyists like the Direct Marketing Association (which has both legitimate and spammer on-line members who fear such legislation). And the junk fax law has stood up well to challenges on free speech issues. But it

Re:

[Mycroft_VIII]

FWIW the junk fax law seems to be getting ignored more and more these days, where I work there's usually two or three on the machine every morning.

Mycroft

Re:

[Antique Geekmeister]

I believe you: I suspect it's due to the decreasing costs of junk fax sent over Internet portals, coupled with people not bothering to prosecute. But I remember when it got *REALLY* bad, and was eating reams of paper and printing supplies if you were a small business.

Does it constitute even 1% of your legitimate faxes?

Whack-a-mole

[ColdWetDog]

It is possible our next step in fighting spam should be to research and list these underground economies taking advantage of people by the use of spam, and fight the underline[sp] cause, the clients who traffic and sell the illegal goods, playing the economic game.

This oughta work well. His premise seems to be to remove the economic incentives for spammers to make money, you either trash the economy and / or make everything illegal. That's a bit hyperbolic but not a whole bunch. I, for one, haven't se

Spammers hunting for new products

[billstewart]

Some of the spammers are tightly linked to their customer base, so they go away when the customers do - such as mortgage brokers running spam themselves or hiring it out. But many of the spammers are in the spamming business, so if they lose customers they'll go find others. It takes some time to find customers and convince them that *you're* the best one to send their ads, so some go out of business, but what I have seen has been a resurgence in the V1ag7a spam and fake Rolexes, which I guess are what sp

Cleanup Wall Street

[Herkum01]

What about these unregulated Hedge Funds Too many people insist that they be given a free ride because they cater to intellect investors. The subprime mortgage basically proved that more than a few of these businesses are little better than pyramid schemes( example: bundling of crappy mortgages and selling them as AAA bonds).

When they address something that actually cost the US a couple of TRILLION dollars, then lets worry about Spammers.

Re:

[sethstorm]

Start with the jittery oil speculators first and knock it down $30-40+. Then you can start dealing with things that aren't marked up in housing due to oil.

Re:

[Ash Vince]

Start with the jittery oil speculators first and knock it down $30-40+.

It's not quite that simple I'm afraid. True a large part of the price of Oil is probably due to the speculation on its price you mention.

However there is also the inconvenient fact that we are not discovering new fields as fast as we are depleting mature fields beyond the point it becomes cost efficient to extract. We are also becoming a lot more adept at extracting oil from very mature fields but it still doesn't change the fact that Oil is a finite resource and it will eventually run out.

Then there is Ch

Re:

[ajs318]

Before this happens, some country in Continental Europe will have developed artificial oil; and when this happens, Britain will be unceremoniously dumped from the EU quicker than you can say "Keep the Pound". India and China also most probably will have independent artificial oil projects on the go, since they won't want to depend on the USA kicking off wars to keep the price down.

Re:

[Ash Vince]

Before this happens, some country in Continental Europe will have developed artificial oil; and when this happens, Britain will be unceremoniously dumped from the EU quicker than you can say "Keep the Pound".

Not if we develop it first.

Re:

[sethstorm]

It's not quite that simple I'm afraid. True a large part of the price of Oil is probably due to the speculation on its price you mention.

Well, giving them 3 years to work with Middle East jitters doesn't help when they were proven wrong in Iran. I'd not mind knowing how much oil wouldn't go up if there was accurate information about the reserves and intelligence.

However there is also the inconvenient fact that we are not discovering new fields as fast as we are depleting mature fields beyond the point it becomes cost efficient to extract. We are also becoming a lot more adept at extracting oil from very mature fields but it still doesn't change the fact that Oil is a finite resource and it will eventually run out.

Then there is China. The Chinese demand for oil is growing at a staggering rate, both from the peoples desire to drive their own car to work and the countries industrial growth. India is also crying our for more oil due to their economic growth. The fact is the world needs more and more oil as these countries develop but it has less and less.

That should have been accounted for when we started selling out our nation to that part of the world.

The oil that is left is becoming more concentrated in fewer and fewer countries in the middle east. It will not be long (50-100 years, I believe) before the only oil left in the world is under Saudi Arabia and Iraq. Unsurprisingly these countries are demanding top dollar for their oil. As less and less countries have oil to sell the remaining ones that do are going to charge more and more.

Then we're probably going to go to war once again should there be any problems with that country that threaten access to oil. It would also nicely deal with the issues with the Far

Re:

[cayenne8]

"The subprime mortgage basically proved that more than a few of these businesses are little better than pyramid schemes..."

I think the subprime mortgage shows that a ton of people out there are idiots and should have read the contracts they were signing, and known they weren't going to be able to afford their homes over the long run. What about personal responsibility?

Don't get me wrong, I feel bad for people getting foreclosed on, but THEY are the ones that signed on the dotten line, if they didn't rea

Re:

[LrdDimwit]

And what about predatory lending? Consider how they make bonsai trees. If the tree grows in a way the grower doesn't like, he trims it. Eventually the tree looks exactly how the grower wanted it to look. The tree grew under its own power the entire time, its own 'will' (if plants have such a thing). It was in full control of its own growth, and yet it danced to the grower's tune. Who's responsible for that? The tree, or the gardener?

If I am a dishonest lender, I offer these loans. I hawk them loud

Re:

[ajs318]

Simple solution to that: You make it so that transfer of a debt to a different creditor requires the prior written consent of the debtor. Now the bank that lent you the money can't just sell your promise to repay it without your say-so.

Big hole in simple solution: A lot of Very Big Business depends on that not being the case.

Re:

[Antique Geekmeister]

A lot of them also got lied to. Their dealers misled them on what they could hope to afford or what the resale value of their houses might be, or what the costs of maintaining a house are. Losing a job, a medical emergency, or a new child can destroy a family's ability to afford an excess mortgage, in ways the mortgage can and scummy mortgage agents do deliberately obscure.

There's been a lot of fraud exposed on the news about this lately. It's a nasty business, much like selling used cars.

Re:

[letxa2000]

A lot of them also got lied to. Their dealers misled them on what they could hope to afford or what the resale value of their houses might be, or what the costs of maintaining a house are.

I really have a hard time blaming anyone but the borrower. Dealers/lenders are there to give you the credit that you are asking for. They aren't financial counselors. They aren't your parents that can or should tell you all the "hidden costs" of owning a home. They are there to evaluate your application and if you me

Re:

[arobadog]

So, now the lender is supposed to be able to read the future for every one they lend money to? ("Losing a job, a medical emergency, or a new child can destroy a family's ability to afford an excess mortgage, in ways the mortgage can and scummy mortgage agents do deliberately obscure")

You gents sure do put a lot of burden on the business. I am surprised I didn't hear an argument along the line of "...since this were subprime loans, the people request them were subprime humans. The business was taking advanta

Less regulation

[Anonymous Coward]

I seems every time we make new regulations to make something illegal, we make something legal. For example, by passing laws against pornography to "protect the children (TM)", we told pornographers exactly what they had to do to avoid breaking the law. Now, with no legal uncertainties, pornographers flourish. Better, they now had a definite set of laws to challenge which, if overturned, made their operations more open and profitable - which, by the way, is exactly what they did. The CAN-SPAM act had the

the only way to defeat spam

[wakim1618]

is through a national health care plan that would provide free penis enlargement, viagra and breast implants to all Americans

Re:the only way to defeat spam

[techno-vampire]

Oh, good! I'm sure my girlfriend would love to have a huge penis. I know I'd love to have a rack of 36D's myself! As for the viagra, well, after that surgery, we can both use it. Profit!

I already said this...

[damn_registrars]

Previous [slashdot.org] slashdot [slashdot.org] discussions [slashdot.org] have discussed some of the ways that most people try to fight spam. I already said [slashdot.org] that we need an economic solution to what is an economic problem [slashdot.org].

Unfortunately, the suggestion from this article misses the boat. Trying to price the spammers out of operation doesn't get the job done, because there's hardly a shortage of money to keep them running. We need to price the middle men out of operation.

In particular, when the spammers register new domains (which they do by the hundreds or more at a time), they give kickbacks to their favorite registrars, who in turn will turn the other way regarding the illegal operations.

If instead ICANN had some cajones, they could take the bad registrars out, clean up the registration mess that currently exists, and they could make it economically unfeasible for the spammers to continue their game as currently played. A good start would be to enforce an exponentially increasing fee structure for domains - I know of very few people who have a legitimate need for more than about 4 domains. Furthermore, if the bad registrars were to actually lose their accreditation after willingly doing business with these criminals (easy to prove), that would also help.

But as someone else already pointed out, you cannot just simply tax spam out of existence. You need real, working, economic solutions. And if ICANN was worth their own weight in bat guano, they could make it happen.

Most of the registrars are now "bad"

[Animats]

If instead ICANN had some cajones, they could take the bad registrars out...

The problme is that most of the registrars, by actual count, are now "bad". See the list of ICANN-approved registrars [icann.org]. There are several hundred, few of which have any real existence. Most are just fronts for some domaining operation. Some are obvious about it: "DropExtra.com, Inc.", "DropFall.com, Inc.", "DropHub.com. Inc", "DropJump.com, Inc.", etc., all of which are fronts for a "wholesale domain registrar". Then there's "Enom1, Inc."., "Enom2, Inc." ... "enom469, Inc.". Most of the "registrars" are now dummies like that.Those are ICANN's constituency.

Re:

[Antique Geekmeister]

And ICANN is very carefully designed not to have cojones, and the fraudsters know it.

Re:

[thanatos_x]

And I happen to think you're completely right. When dealing with relatively large numbers (compared to the time taken to track down and individually target) of activity (usually illegal) by a mobile enemy, you need a blanket approach. Ideally one that targets the individuals precisely. It'd be like stopping an infestation of insects one at a time, vs fogging the whole house, vs learning to keep food away.

Targeting economic and social factors are the only way that certain wars will be won. On drugs, on terro

Re:I already said this...

[www.sorehands.com]

If instead ICANN had some cajones, they could take the bad registrars out, clean up the registration mess that currently exists, and they could make it economically unfeasible for the spammers to continue their game as currently played. A good start would be to enforce an exponentially increasing fee structure for domains - I know of very few people who have a legitimate need for more than about 4 domains. Furthermore, if the bad registrars were to actually lose their accreditation after willingly doing business with these criminals (easy to prove), that would also help.

AMEN to the first part!

ICANN needs to get rid of the AGP (grace periods) for domain name registration which allows domain tasting. This allows people to register a domain name for up to 5 days and then get a refund on the fees.

I have had this discussion with ICANN staff. The liaison claims that since there is no partial penalties for registrars that violate their agreements that the only punishment available is to terminate the registration status. Bull! They can always terminate the ability to register new domain names to get the registrar to behave. Then the domain name registrars that don't bother terminating domain names with false whois information.

Re:

[SL Baur]

Egad, how did something this stupid get bumped to +5, oh wait this is slashdot.

But as someone else already pointed out, you cannot just simply tax spam out of existence. You need real, working, economic solutions.

As I and others have pointed out many, many times you won't fix the problem until you fix the economics of email which places all of the costs on the receiver. Advertising that places most or all of the cost on the recipient is just too much of a carrot.

Regulation will just mean catching innocent bystanders in collateral damage. Economics is the right solution, but pricing of domain names has little to do with the real problem

Re:

[qzulla]

Until costs are solely placed on the sender, email spam will be a problem. The only solution that will work in the long run will be where the sender pays the recipient to receive email.

So this means I can make money by replying fewer times to my friends? They send me five and I reply once and I make money off of them?

Sweet!

qz

Regulation will never work...

[Broken Toys]

...as long as the Internet is involved.

ISP spoofing, proxies, etc make it impossible to determine the licensed spammers from the unlicensed.

No, I didn't RTFA. Why waste my time on a concept so obviously flawed.

Re:

[Z00L00K]

It can work - if you track the money involved.

Most spam messages does contain advertisement for something and there is usually a site involved in the end. By tracking down the purchase channel where the money flows it's possible to do a further analysis and possibly prosecute for tax evasion, unlicensed selling of prescribed pharmacy or something else. There is always something that can be prosecuted or at least investigated in a way that requires a temporary close of business.

There are of course some s

Re:

[Broken Toys]

I agree you that IF one can enforce regulations on the companies that hire spammers the situation might improve. However, IMHO, unless such regulations are vigorously enforced, the potential profits are always going to outweigh the possible penalties. Reputable companies don't use spammers to advertise. The situation is that disreputable companies are using spammers and there is no accountability.

Also a few years in a US prison might actually be an incentive to the 419 crowd. Imagine, three square meals

Re:

[ajs318]

The problem is that the viagra / watches / whatever aren't where the big money is being made. The big money is made on the sale of "spamming kits". There's always someone greedy and desperate enough to fall for a get-rich-quick scheme.

Spam is an example of "Age of Plenty" economics, and no attempt to apply "Age of Scarcity" economic theories will ever be successful in changing it.

post spammer's location

[arbitraryaardvark]

TFA begins saying the spammers worked next door. So poster knows the former physical location of the spammers. They should post it. That could lead to clues about who the spammers are/were.
I find that most spammers are reasonable people when you discuss it personally with them, or call their mother and ask her to ask them to stop. It's when they hide behind internet anonymity that they do ungood things like spam. [Internet anonymity overall is a good thing, but it has costs including spam.]

Re:

[Sique]

But it could be that he knew they were spammers when he just saw them removing the company logo from the building and later on asking the neighbours why they closed shop.

I didn't also know that one of my neighbours was a three time child murderer until a camera team came to interview my wife about them.

Spammer's location is Netanya, Israel

[hadaso]

As TFA mentions, the said spammer was located in the nearby office is Netanya, Israel.

Finding real botnet based spammers in Netanya is not that difficult. Netanya Academic College has hired in the past the services of botnet-based spam to advertise its services. In 25 January 2007 a spam message advertising them was received by me. The source was a consumer dsl connection in Verizon's network in Santa Monica, California (http://www.dnsstuff.com/tools/ipall.ch?ip=71.109.181.242) and it was positively identif

Re:

[arbitraryaardvark]

mod parent up

No need for that

[ls671]

This guy [slashdot.org]has found a miraculous way to fight spam with a mono-strategy approach. It is so good that the guy has sent many posts to /. offering anybody to bet about it with him. Hence his product must be real and what he says must be true, hence no need for regulations, just buy his product, according to him, his mono-strategy approach is the best way, no need for regulations ;-))

*sigh~*

[Elledan]

Would it be too obvious to point out that what enables abuse of services including spam and such in the first place are botnets?

Kill the botnets and you kill spam. A technological solution to a mostly technological problem. Oh, and you'd stop DDoS attacks at the same time, along with other nasty stuff. Sometimes it pays to go for the root of the issue.

Re:

[ShinmaWa]

Would it be too obvious to point out that what enables abuse of services including spam and such in the first place are botnets? Kill the botnets and you kill spam.

Great idea. How do you propose we do that?

Re:

[Antique Geekmeister]

Give the ISP's legal leverage to act against them, and make the ISP's responsible for botnets so they have a reason to do so. This will cause some ISP's to limit free access to port 25 on home networks: we can get over that.

Re:

[ShinmaWa]

This will cause some ISP's to limit free access to port 25 on home networks: we can get over that.

Tomorrow's Slashdot headline: "Comcast filtering email! We need net neutrality now!"

Re:

[killbill!]

You can't kill botnets... ... but you can find a more profitable use of other people's bandwidth. It's simple economics.

Re:

[Anonymous Coward]

Kill the botnets and you kill spam. A technological solution to a mostly technological problem. Oh, and you'd stop DDoS attacks at the same time

We had spam and DDoS attacks long before botnets. Killing botnets will stop the way muich of the spam is sent today but cannot stop spam

The root of this problem is people. People who buy the drugs from websites linked in spam, people who open the attachments that lead to their computers being used for spamming, and people who care more about making money by providing business to spammers. This is a people problem, not a technological one at all.

Government shouldn't be in technology

[webmaster404]

Every time government in some form is involved in non-government related technology things go wrong. Think of the DMCA and other laws, if we try to pass laws to "fight spam" all that will do is further restrict our freedoms by perhaps forcing e-mail carriers to do logs of IP address and your real name and such. Yes, spam is a problem, however, when we get out of the "Oooohh A link click it" phase of the internet and finally after 10 years or so after teaching people that, they finally don't go randomly clicking links and double clicking on binaries to run them, spam will cease to be profitable. People don't pay money for advertising only to get .0000001 percent of people to actually buy it. Government (expectantly in the age of the *IAA controlling congress) doesn't need to mess in technology or else it will be horribly messed up, education is the answer (or Thunderbird and SpamAssasin)

Well, DUH!

[www.sorehands.com]

It is obvious. If companies don't/can't make money from spammers, they won't pay spammers.

That is what I have been doing. I don't file lawsuits against the people pressing the send button, but the people who are advertised and making money as a result of the spam. A sex dating site I sued years ago, took a strong anti-spam policy after I sued them.

Spammers spam to make money. If people don't pay them to send the spam, they won't do. If a company will not make money from spam, they won't pay the spammer. The same thing happened with junk fax.

Re:

[tokul]

It is obvious. If companies don't/can't make money from spammers, they won't pay spammers.

It removes only one type of spam. Online payment restrictions can block legal online businesses.

Instead of viagra spam you will get more 419 and other scams.

regulated economy

[mattwarden]

Yes, that's what we need... more regulation of the economy... to fight something as significant as spam. I'm sure there won't be any side effects to this regulation.

What about the REST of the impact of this legislation? Where's the discussion of that?

This is like nuking China and then applauding ourselves for accidentally curtailing hacking.

The Nature Of The Problem...

[DynaSoar]

... dictates the nature of the solution.

Spam is not simply a technological problem, so a technological solution will be insufficient.

Spam is in large part a social problem. It requires social solutions. If that requires legislation, so be it. Personally I enjoy tracking down spammers, and publicizing their real name and location, including a map showing where they are. To my knowledge nobody ever made use of these and tracked down a spammer, but it really fucked with their heads to be outed so thoroughly and so publicly. I had one call me and rant at me, including threats of legal action as well as threats of bodily harm. But I had a few call and apologize, claiming they weren't aware it bothered people so much. One of these, in fact, became an anti-spammer.

Are you saying

[iminplaya]

...many former clients of spammers "move on".

That spamming is reduced when they have fewer clients?! Who'da thunk? Betcha nobody expected that.

[Citation needed]

[(Score.5, Interestin]

A law was passed in the United States which addressed online gambling operations ("Unlawful Internet Gambling Enforcement Act" - UIGEA). As a result, the public gaming industry ceased accepting online wagers.

What actually happened is that they had to change the way they accepted online wagers. There's some gambling site (and I'm willing to admit this is a citation needed too, since I've forgotten the URL) that posts graphs of gambling transactions going back for a few years, including the coming into eff