FTC Goes After Spammers 166
klaun writes: "Yahoo has an article about the FTC launching a crackdown on deceptive unsolicited email.
Basically they are after scammers offering easy money quick, not the average 'get porn here' type of spam. There is more info at the in a press release at the FTC's website." TheGreatGraySkwid amplifies, saying that this story "tells of an FTC crackdown on Spammers, that had resulted in charges (settled) against 7 chain-letter ring spammers, and several pending cases. I know I could use some Spam relief..." The settlement, unfortunately, isn't exactly stern stuff: the seven spammers "agreed to refrain from participating in deceptive schemes in the future, or lying about the legality or potential earnings from any such schemes."
We need technical measures, not laws, for spam (Score:5, Interesting)
However, I don't believe in making laws against spam. They'll always be outdated and interfere with legimate uses of email, since it can be very hard to define exactly what is spam. (Someone taking my address from a newsgroup posting and trying to sell me printer toner is spamming, but how about an email from a company I bought something from a year ago?)
Adam Back [cypherspace.org] has an interesting proposal called Hash Cash [cypherspace.org]. The idea is that if you want to send me an email, you have to burn some CPU cycles to compute a partial hash collision. I choose how many bits are required. Friends and family can send me email for free. I'll charge a few bits for the store I shooped at last week, and even more for people I don't know. If you're in ORBS or MAPS, perhaps I'll charge even more.
The FTC sucks at dealing with fax spam (Score:4, Interesting)
Maybe they will actually fund and staff the elctronic incident center, but I doubt it. If they won't deal with spammers in the U.S. what is the chance that they will contact overseas abusers?
My two cents.
my understanding from the FTC press release (Score:3, Interesting)
My understanding is that they are going after the chain mail and pyramid schemes, not trying to shut down all the porn email (oooooh, hot girls waiting just for ME!!! WOW!!!) So it won't do anything about the deluge of unwanted email pouring into your inbox, just keep people that are dumb enough to answer the ads from hurting themselves. Like putting nerf corners on the world of email for them
I would rather see some kind of legislation that holds spammers accountable if their "remove' methods do not work. I think a "do not call" type of list would be better than nothing. Filters don't always work, no matter how well you configure them. Maybe a new version of the SMTP protocol that would require a secure connection or authentication by you to be able to send you an email
--insert comment to the effect of "what has slashdot come to posting this type of story
--insert comment to the effect of "if you weren't such a loser you wouldn't get spam"
--insert comment to the effect of "jane you ignorant slut that's not what it says at all"
--insert comment to the effect of "this is all the fault of M$ and their monopolistic practices"
Re:We need technical measures, not laws, for spam (Score:5, Interesting)
Cypherspace.org seems to be
The problems I see with such a system:
1. Requires two-way communication between sender and recipient to establish a one-directional message transfer. Potentially could waste more bandwidth than blindly sending out spam does today.
2. Requires end-users to set up "scorefiles" to dictate how much they trust every sender in the world. At best, provides users with no more functionality than existing score-based mail filters/readers.
3. Ties senders' ability to get their message out to the CPU power of their machine. Owners of dual-10GHz Pentathlon systems should not have a louder voice than the hobbyist running sendmail on an old 286.
4. Spammers HAVE CPU cycles to burn--like most of us, their machines rarely run anywhere near 100% load. They will learn to send out their garbage in a slow,steady stream rather than in huge batches so that their machines can handle it--simultaneously making bulk-mailing harder to identify.
Re:Just got this spam today.... (Score:5, Interesting)
mail from:<targets@address.com>
200 ok
rcpt to:<nosuchmailbox@microsoft.com>
200 ok
data
Subject: pr0n served fresh daily
.
250 ok
Re:I'll believe it... (Score:3, Interesting)
Configuration is simple and straight forward and it integrates nicely with any email system. Personally I'm using exim to pipe all received email through spamc/spamd and then the mail is received by exim after the spam check. There is only one check for spam per email entering my system.
Spamassassin only flags the email as spam, but it's up to the MUA to actually delete it.
This is log output from exim+SA: 2002-02-12 17:21:35 From: Subject: *****SPAM***** save money for dank X-Spam-Status: Yes, hits=14.1 required=5.0 tests=NO_REAL_NAME, FROM_ENDS_IN_NUMS, INVALID_DATE_NO_TZ, REPLY_REMOVE_SUBJECT, EXCUSE_3,REMOVE_SUBJ, TO_BE_REMOVED_REPLY, SUPERLONG_LINE, FREQ_SPAM_PHRASE, FORGED_YAHOO_RCVD version=2.01 Sender: owner-freebsd-questions@freebsd.org
I'll soon move all my email users' to email filtered by spamassassin. This is just too damn simple.