Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Spam Your Rights Online

EU Rolls out Anti Spam Strategy 220

An anonymous reader was one of several who noted an article about the latest developments in the EUs War on Spam. The article is pretty realistic in pointing out that EU Legislation won't be very effective unless Asia and the US do something as well.
This discussion has been archived. No new comments can be posted.

EU Rolls out Anti Spam Strategy

Comments Filter:
  • by skidrowe ( 688747 ) <dave AT roweware DOT com> on Tuesday July 15, 2003 @09:30AM (#6442490)
    The Spam will be no more...it will cease to be!
  • by TopShelf ( 92521 ) * on Tuesday July 15, 2003 @09:31AM (#6442505) Homepage Journal
    The article is pretty realistic in pointing out that EU Legislation won't be very effective unless Asia and the US do something as well.

    I think that view is actually overly pessimistic. I'd agree that a relatively complete solution won't exist until the US and Asia also act, but it's not like a global solution is going to be decided upon and implemented in one swell foop. If something like this works well for the EU, it provides a viable option for others to follow. Frankly, I think users would be much better off under the "opt-in" method rather than "opt out" which is being considered here. It will all come down to lobbying, of course. In the opt-out corner are the advertising and marketing industries, while the ISP's basically represent opt-in. Users are left on the sidelines.
    • by Transient0 ( 175617 ) on Tuesday July 15, 2003 @09:39AM (#6442590) Homepage
      t only overly pessimistic, but utterly defeatist.

      If you are going to buy into the party line that there is no point in the EU fighting spam without North America and Asia follwing step-in-step, you must eventually decide that there is no point fighting spam at all. There will always be somewhere for spammers to run. Because when it comes down to it, even if North America, the EU and Asia all work together to pass anti-spam legislation, there is little chance of Antigua, Cyprus and Sealand [sealandgov.com] following suit.

      Really though, every little strike against spam makes real headway. If we can eventually drive all spammers to little off-shore havens, it will that much easier to block them. To be honest however, as a libertarian of sorts I can't help but think that filtering may actually be the better front on which to fight this war.
      • by fingal ( 49160 ) on Tuesday July 15, 2003 @09:55AM (#6442746) Homepage

        Ho hum. read the Acceptable Use Policy [havenco.com] for HavenCo before you start pointing fingers...

        "
        Unacceptable use of the network includes, but is not limited to... ...Bulk or regular unsolicited communications through email or other Internet protocol. (commonly called "spam") Hosting web content which is knowingly advertised by spam is also prohibited. Mailing lists must comply with the MAPS Mailing List Management Guidelines; they must be opt-in, provide confirmation protection against accidental or malicious subscription, terms of use of address use must be fully disclosed, and unsubscription methods must be provided."
      • by ives ( 23634 )
        even if North America, the EU and Asia all work together to pass anti-spam legislation, there is little chance of [...] Cyprus [...] following suit.

        On May 1 2004, Cyprus (at least the internationally recognized greek part) wil join the EU. So if the EU goes ahead with this anti-spam legislation, Cyprus will have no choice but to follow.
      • by Chep ( 25806 )
        Actually, Cyprus better follow EU suit, or inaugurate its first non-transposition penalties

        (not that N.T.P never happen to any member state)
      • This echos the opinions of some in Canadian industry: "There is little point seeking anti-spammer legislation and enforcement if spam-tolerant countries don't play along".
    • The problem as I see it is the same as with all the IP laws. A technological problem cannot be solved using legal methods, it must be solved technically.

      As with IP laws, spam laws will only encourage spammers to find a new way for sending spam. You need a technical solution (be it closing open relays or refactoring the SMTP protocol -my personal favorite solution-) to solve this problem. You can extrapolate the development of the spam problem with the development of P2P systems. Hundreds of times the *AA h
      • by jason0000042 ( 656126 ) on Tuesday July 15, 2003 @10:31AM (#6443071) Homepage
        A technological problem cannot be solved using legal methods, it must be solved technically.

        People flying through the windshield when they run their car into something is a technical problem. The auto industry developed safety technology on their own, thus solving the problem technically. But seatbelts didn't save many lives until they were legislated into all cars.

        People still die in auto accidents, and laws don't work completely (I'm so tired of 'click-it or ticket PSAs). But sometimes solving the technical problem isn't enough.

        I think this is a case where some laws need to be involved. You can't control people's behavior with software. You can't really do it with laws either, but that *is* their problem domain.

  • Hrmm (Score:5, Interesting)

    by acehole ( 174372 ) on Tuesday July 15, 2003 @09:32AM (#6442517) Homepage
    With all the laws, bans and implementations of anti-spam measures, I'm curious to know if there is any reduction in the amount of overall spam?

    Are we fighting a losing battle? or have the tides turned against the spammers?

    • Re:Hrmm (Score:5, Insightful)

      by lennart78 ( 515598 ) on Tuesday July 15, 2003 @09:41AM (#6442610)
      I think people are slowly beginning to realise that 'spam is evil'. Governments never have been the first ones to embrace 'new' ideas.

      Once the majority of the people realizes that the Internet is turning into one huge advertisment brothel, where you will be flooded with advertisments, autodialers, etc. etc. unless you follow a 2 week course on how to protect yourself, things will turn ugly for spammers.

      The /. crowd is ahead of this, and it is often hard to believe that people are /not/ seeing spam and popups and spyware as the threat we conceive it to be. Talk about it with your mother or your less 'educated' friends to see what they think of it and be surprised. We need to create awareness before we can create laws...
      • I don't think that we're ever going to reach a stage where a small enough percentage of society responds to spam to make it unprofitable. One only has to look at smoking, drunk driving, and a number of other societal problems to realize that there will always be a small percentage of the population that is just too stupid or self-centered or ignorant or whatever to follow the guidlines. I think a combination of strong (yet carefully crafted) legislation and technical improvements to the mail system is the o
    • Which laws? As far as I am aware there is only an EU privacy Directive available now, which has to be implemented by October (some countries won't make that date) As far as I know there are no laws in the US yet against spam, all of them are still proposals. (Correct me if I am wrong please) There is certainly no US wide law in effect today.

    • by swb ( 14022 ) on Tuesday July 15, 2003 @10:31AM (#6443082)
      We've decided that the enemy is the guy sending a mail message to my inbox, which is exactly the wrong enemy, and the hardest to catch for all the reasons EU officials think it won't work (overseas mailers, hijacked systems, etc).

      The enemy is the person operating an ongoing fraudulent enterprise which motivates the guy sending the mail to do that. This is also the EASIEST person to catch, since they have to get paid somehow and the money CAN be followed.

      If governments were willing to actually police the fraud, the market for spam-senders would shrink dramatically.

      What mystifies me is why they're not willing to do this. Is it some BS gung-ho pro-sales "caveat emptor" mentality? I find this hard to believe, since I don't think any of the products I've seen turn up in ~/mail/bogofiltered are even remotely legitimate -- quack potions, stock and money schemes, 419 scams, et al. We're not talking about laundry soap that really doesn't get my whites their whitest, we're talking about products that are prima faciae nonfunctional.

      I suppose I shouldn't be surprised about this, though, since at least the US government doesn't really care about fraud generally. How long have we been putting up with slamming and cramming? Has anyone gone to jail, or just "admitted no wrongdoing and paid a small fine"? Shit, even the number of culpable execs who deliberately and systematically lied and lined their own pockets on Wall Street who actually will end up in jail is probably countable on my two hands.

      Overall I think if the government actually was interested in prosecuting the fraudulent practices and business contained in spam, spam itself would have a serious dent in it.

      Instead, they do nothing, letting the spam problem get so far out of hand that the only thing left is to implement heavy regulation of email -- why do I seem to see John Ashcroft smirking in the corner during the otherwise laughable keystone-cops debates on spam?
      • by Ben Hutchings ( 4651 ) on Tuesday July 15, 2003 @11:34AM (#6443741) Homepage
        What mystifies me is why they're not willing to do this. Is it some BS gung-ho pro-sales "caveat emptor" mentality? I find this hard to believe, since I don't think any of the products I've seen turn up in ~/mail/bogofiltered are even remotely legitimate -- quack potions, stock and money schemes, 419 scams, et al. We're not talking about laundry soap that really doesn't get my whites their whitest, we're talking about products that are prima faciae nonfunctional.

        Marketers see this, and realise that if even obvious fraudsters can make money out of spam then legitimate businesses with legitimate pitches are likely to do even better, if only they can get the law to say that spam is OK.

      • "The enemy is the person operating an ongoing fraudulent enterprise which motivates the guy sending the mail to do that. This is also the EASIEST person to catch, since they have to get paid somehow and the money CAN be followed."

        I wholeheartedly agree that in the fight against spam, the guy hiring a spammer is our enemy as well. However what's to stop me from hiring a spammer to promote my competitor's business, thereby landing him in legal troubles?
        • I wholeheartedly agree that in the fight against spam, the guy hiring a spammer is our enemy as well. However what's to stop me from hiring a spammer to promote my competitor's business, thereby landing him in legal troubles?

          My guess this would be a public relations disaster for any company, and would probably result in massive trademark infringment civil suits and possibly criminal fraud prosecution as well.

  • by mao che minh ( 611166 ) * on Tuesday July 15, 2003 @09:32AM (#6442523) Journal
    If you want the US to do something about spam, then pony up the cash. Our government won't help you (or our own citizens) unless they get paid. I always wonder why the Europeans have a hard time grasping that simple fact. Microsoft is putting their money where their mouth is, and by doing so, are able to redefine spam and make it their own. $10 says that eventually (and probably soon) the US government will turn to Microsoft to "save us from spam". Why? Because Microsoft will pay them money, and also take on the expenses, both of which make our filthy politicians happy.

    Ahh, the American way.

    • Spam, like the environment, is a global issue, unless a worldwide consensus can be achieved there is little point individual nations taking action unilaterally. As seen by the Kyoto Agreement it only take one greedy country to fuck up the quality of life of all those living elsewhere.
    • by Malc ( 1751 ) on Tuesday July 15, 2003 @09:49AM (#6442697)
      When will Americans learn that leaving it to business will always be an inadequate solution? When will Americans learn that they pay for it either way: taxes or consumer costs (either directly for a company's products/services, or indirectly through other companies' products/servies that the price has trickled down to.) There are some things I would rather the government legislated on as they are *supposed* to be our representatives, whereas businesses only represent themselves or their shareholders.
      • Oh, we realize it. (Score:5, Insightful)

        by siskbc ( 598067 ) on Tuesday July 15, 2003 @10:06AM (#6442838) Homepage
        When will Americans learn that leaving it to business will always be an inadequate solution? When will Americans learn that they pay for it either way: taxes or consumer costs (either directly for a company's products/services, or indirectly through other companies' products/servies that the price has trickled down to.) There are some things I would rather the government legislated on as they are *supposed* to be our representatives, whereas businesses only represent themselves or their shareholders.

        Oh, we understand that. Doing something about it when you have an incredibly strong and politically active business sector is rather difficult, actually. And here, with 280M people, political campaigns are very expensive. Hence, congressmen have to sidle up to Big Business.

        You have to remember, because America is so huge, we're faced with some interesting problems that Europe doesn't typically consider. Also, since we fashioned our modern democracy first, perhaps we didn't do it best, allowing others to learn from our mistakes in some ways.

        However, none of that means that Americans don't realize how we're getting bent over in a lot of ways.

        • by Malc ( 1751 )
          A little off-topic, but...

          "Also, since we fashioned our modern democracy first, perhaps we didn't do it best, allowing others to learn from our mistakes in some ways."

          I would say a lot of the problems today aren't to do with being first at fashioning a modern democracy, but rather the revolutionary nature of that democracy. Things that are no longer particularly pertinent to the modern world have been set in stone and are no very hard to change. But then what do I know? I come from a country with no
          • I would say a lot of the problems today aren't to do with being first at fashioning a modern democracy, but rather the revolutionary nature of that democracy. Things that are no longer particularly pertinent to the modern world have been set in stone and are no very hard to change.

            What, you are implying our 2nd amendment might be slightly unsuited to modern society? How dare you! ;) That is a good point though, I certainly agree.

            But then what do I know? I come from a country with no single constitution

          • ... in which legislatores, politicians and judges have to fight hard to find the correct thing to do.
        • And here, with 280M people...
          ...because America is so huge, we're faced with some interesting problems that Europe doesn't typically consider.

          And you didn't consider, the European Union has about 367 million inhabitants.
          Since 1995, the 15-member Union has become the world's first economic power.

          :-)

          • And you didn't consider, the European Union has about 367 million inhabitants. Since 1995, the 15-member Union has become the world's first economic power.

            Actually, I did consider the EU, though it's not really a fully political entity. And no offense, but you've seen what a mess it's become, though it certainly has its advantages. And that's without any sort of elections that span the continent. Politics and economies don't always scale easily, eh? ;)

            • Actually, you're wrong there: every five years, there are EU [eu.int] wide elections for the European Parliament [eu.int]. Together with the Council [eu.int], which is nothing other than the combined elected governments from each member state with a more fancy name, they are the ones with the power to pass legislation. The EU does have its problems, but it's not nearly as undemocratic as a lot of people (including people in Europe, particularly in Scandinavia and the UK) believe.

              BTW, the previous poster was a little wrong on the p
        • 280m is not anywhere near the size of the European population. But I post without access to facts, as true ./ers always do!

          • 280m is not anywhere near the size of the European population. But I post without access to facts, as true ./ers always do!

            First, that's not as far off as you'd think. Particularly if we're defining "europe" as "EU members." Comes to 380M, which is about 1/3 bigger. Second, Europe's never had an election, and has yet to be integrated into anything resembling a whole. Using the same currency doesn't count. If that was all, every country that pegged its currency to the dollar would be American. Doesn't

            • Europe does have elections -- to the common parliament every five years, and indirectly to the EU council via local parliamentary elections.
              • Europe does have elections -- to the common parliament every five years, and indirectly to the EU council via local parliamentary elections.

                Those are not elections by the people, those are elections by their representatives. Indirectly doesn't count. THere is no election, unless I missed something big, where the 380M-odd people of Europe participate in the same election. Doesn't happen. And since my original point was that American national elections are on such a scale that no one but the very rich *

  • by Webtommy88 ( 515386 ) on Tuesday July 15, 2003 @09:34AM (#6442534)
    The United States is considering a handful of bills that take an ''opt-out'' approach

    I don't get it. Why are the states taking such a reactive approach to this instead of a proactive approach?

    Both are useless without the enforcement of the legislatures, but "opt-in" is alot more hassel-free.
    • I don't get it. Why are the states taking such a reactive approach

      Because the USA is based on government of the corporate, for the corporate, by the corporate [opensecrets.org]. Big business interests want to get rid of all spam except for their own, so that their "legitimate" advertising messages will be unimpeded by all the other junk. Hence, they strive to craft laws that will hurt Alan-Ralsky-types but not DMA members.

      Requiring true opt-in will never pass the US Congress.

  • too late (Score:5, Interesting)

    by u-238 ( 515248 ) on Tuesday July 15, 2003 @09:34AM (#6442536) Homepage
    Sigh..

    before this thing is even PROPOSED, spammers have already implimented a method to deter this

    http://www.symantec.com/spamwatch/

    they've spread trojan viruses to moron AOL users who's PCs act as proxies thru which spammers safely and anonymously continue their work
    • Re:too late (Score:4, Interesting)

      by leerpm ( 570963 ) on Tuesday July 15, 2003 @10:08AM (#6442850)
      Legislation is not going to take out all of the spammers. In fact most of them will remain. But by forcing them offshore, to use proxies, and seek alternative methods we are making it harder and more expensive for them to do business. Spam is not going to be taken out in one swoop. It will take legislation, enforcement and probably changes in the protocol.

      But every little bit helps. When they are forced to use proxies, all sorts of problems start to come up. None of them are insurmountable for the spammers but they do create obstacles. Their bandwidth is limited by the trojan proxy's connection, and they open themselves up to criminal charges for hacking. They run the risk of hitting the wrong computer, perhaps a machine administered by a particuraly ruthless and short-tempered sys admin.

      An interesting experiement might be to see how difficult it is to set up a honeypot to catch the spammers using proxies.
    • And then when the catch who does this... it's time for the ol' Federal Pound-me-in-the-ass prison.

      Why... because as of yet spamming in many areas is not illegal. Breaking into servers and abusing poorly secured SMTP hosts is, but it can be hard to trace (especially if an admin isn't smart enough to secure against open relays in the first place).

      Now, take a trojan that is infecting possibly thousands of different machines to allow spammers access. The spammers still have to control and abuse this system
    • Re:too late (Score:2, Interesting)

      by gav1n ( 594975 )
      They've also been infecting students' machines on university networks, which have high bandwith. Also, some students have been agreeing to relay spam through their machines in 'spam-for-pay' schemes. Both of these occured at my [umbc.edu] school, causing SMTP servers to be banned on the residential network [umbc.edu]. This is forcing our Tech department to implement brash solutions such as an outright ban on SMTP until they get the resources for a more elegant solution. We are amidst a state-wide budget cut.
  • by robslimo ( 587196 ) on Tuesday July 15, 2003 @09:36AM (#6442559) Homepage Journal
    I see the US doing something... after a bunch of wrangling with lobbiests and various red-tape cutting, but Asia? By Asia, do you mean, China, India, Japan, S. Korea, Taiwan and more? Gee, that's a large group of governments who'd likely have their own agendas and possibly reasons for not wanting to do anything official regarding spam.

    Good luck waiting, but don't hold your breath. I think it will take an international entity like the UN to get anything done in a global scope and I don't have any great confidence in that either.

  • Money (Score:4, Interesting)

    by cspenn ( 689387 ) <financialaidpodcast@gma i l . com> on Tuesday July 15, 2003 @09:37AM (#6442573) Homepage Journal
    It's all about money. Until legislators and the rest of the folks who run systems that understand this, spam will not stop. Spam is a cost effective, if obnoxious, solution for advertising. Even if spam is illegal, unless the entire planet decides to take unified action, spam will not stop - it'll just relocate to places without extradition treaties. You'll end up having to blackhole entire countries to staunch it.

    How many people and how many euros is the EU willing to pony up to enforce these laws? Probably about the same amount that the United States ponies up for speed limit enforcement. 55 MPH is the law, not the reality...

    Chris
    www.studint.com
    • Re:Money (Score:5, Insightful)

      by schon ( 31600 ) on Tuesday July 15, 2003 @10:07AM (#6442841)
      Spam is a cost effective, if obnoxious, solution for advertising

      And burglary is a cost effective, if obnoxious, alternative to working.

      Even though theft is illegal, it won't stop people from doing it. Does this mean that we should simply throw all of the theft laws?

      Spam is not "cost effective", it's theft - and no legitimate business would engage in the process of stealing from people it wants to sell things to.

      We need to start somewhere, and this is as good a place as any.
    • >You'll end up having to blackhole entire countries to staunch it. This is not as bad as it seems at first. Those countries blacklisted will be forced to take action themselves. It is no different than the controls we have in place for immigration, and importing and exporting. If you come from a country where there is no problem, you normally have no problem. However, if your passport comes from a country that is not on the best of terms with the host country, perhaps say North Korea or Libya (I am prob
    • Spam is a cost effective, if obnoxious, solution for advertising.

      I'd agree with your post except for the fact that spammers forge their addresses, hijack open relays, bounce their reply-to addresses, etc (seems silly that if I really wanted their product, I have no way to get in touch with them...). If these guys used real addresses on their OWN servers, then they might be able to legitimately call it 'marketing' or 'advertising'

      I don't think marketing via email would be quite as offensive if these g

  • from where? (Score:2, Funny)

    by geekmetal ( 682313 )
    But questions remain about the law's enforcement and reach -- spammers are evasive, to say the least, and most of Europe's junk e-mail comes from elsewhere.

    Where, where, where does this elusive, slippery spam come from? Some mysterious nation with a communist government or an evil dictator? Bomb them. $100 reward to the first person to come up with the leading offender.

  • Sorry, but.... (Score:5, Insightful)

    by Stinky Glen20 ( 689507 ) on Tuesday July 15, 2003 @09:38AM (#6442583)
    Sadly, this is utter, utter shite.

    While it is possible to forge headers, use open relays, trogan poor @Home users PCs, etc, etc then SPAM will not be defeated by legislation.

    Tighten the protocols, then we have a fighting chance.
    • Wrong! (Score:5, Interesting)

      by www.sorehands.com ( 142825 ) on Tuesday July 15, 2003 @09:54AM (#6442738) Homepage
      If spam is illegal, and someone uses "affiliates" that spam to promote their pills, the seller is still responsible for their agents.

      Even if the person is using a ralksy to send spam from servers in China, the person hiring the ralksy is still liable.

      At some point, if the product originates or the money goes through the country that's laws have been violates, you may be able to get it.

      • But it is not always clear in spam emails, just who the selling company is. And you cannot always just go after the company who produces the products being sold. There is a company that has been sending out spam recently offering to sell various copies of Norton Anti-Virus. Symantec has tried to track down the vendor, but has not succeeded as far as I know.

        By tightening the protocols, we eliminate a need to even bother doing detective work to find out who is actually behind the company selling the products
        • Re:Wrong! (Score:3, Informative)

          I am not talking about going after the producer of the product. I am talking about going after the seller. If the seller is not the spammer, they are engaging the spammer to do the spamming.

          Actually, Symantec has tracked down the person as selling the illegal copies of their stuff, Dr. Fatburn aka George Alan Moore [barbieslapp.com] and filed a lawsuit against him. AOL has also filed a lawsuit against him for using their servers.

          I was about to file a lawsuit against him for spamming me, but figured that after AOL and Syman

  • by dlosey ( 688472 ) on Tuesday July 15, 2003 @09:39AM (#6442589)
    While reading about Iraqis being trained in Linux, I saw that the United Nations supports Linux and its worldwide expansion. It got me thinking (always a bad thing for a /. reader), why can't we have an international group of policy makers for the computing world? They could be created by the UN and eventually form a separate organization which regulates such things as email, domain names, and spam. Sort of like ICANN, but more law enforcement based.

    Maybe its just a pipe dream, but a nice thought anyways.
    • One already exists ... or haven't you seen the black helicopters?
    • I think that qualifies as the Bad Idea(tm) of the day...

      Congrats..
    • by mccalli ( 323026 ) on Tuesday July 15, 2003 @10:08AM (#6442853) Homepage
      why can't we have an international group of policy makers for the computing world?

      Because then the schoolchildren of 2103 would have to learn about The Great Vi/Emacs War of 2012, where a group of rogue nations steadfastly clung to their VIM. With Switzerland, of course, using pico and generally keeping well out of things.

      Cheers,
      Ian

      • The children of 2103 would learn about the great GNU/BSD license war, which finally ended with the creation of the GNB (GNB's not BSD) license. A license which lead to the creation of the GNU/BSD network OS, a system that so enamoured its creators that they uploaded themselves into it, making it self aware, and in control of the worlds deadliest weapons. With the amount of intelligence in the system, it would not be long before they created a world which resembled the heyday of the tech, dating from the lat
    • Personally, I think the IEEE has filled this role and done very well up to now. Why the need to get the politicians and diplomats from the UN involved?
    • why can't we have an international group of policy makers for the computing world?

      Sounds great, but why stop at the computing world? With the "global economy" and market it would seem logical to have a global government/law enforcement, but I don't see this happening any time soon. Multinational corps like being able to pick and choose which country to use for labor and legal reasons. Also, there is national pride within each nation, and the US has pretty much declared themselves policeman of the world
  • by mofochickamo ( 658514 ) on Tuesday July 15, 2003 @09:40AM (#6442602) Homepage Journal
    Analysts estimate that the approximately 10 billion spam messages sent via e-mail each day cost European businesses $2.5 billion per year.

    Where do analysts come up with numbers like this? I identify an e-mail as spam in about 1.5 seconds (but my Outlook SpamBayes filter does it even faster). If an employee is going to get that distracted by a spam (or 50 of them a day) then they will probably also get easily distracted with other things, like Slashdot ;).

    • by gorbachev ( 512743 ) on Tuesday July 15, 2003 @10:02AM (#6442803) Homepage
      The article quotes a xs4all.nl spokesperson who says xs4all.nl has 14 of its 250 employees dedicated to handling issues relating to spam.

      Let's say they get paid at about $15K / year. That's $200K on a single ISP in a single country.

      Add the cost of site licenses on spam filtering software used in Europe. Add a fraction of the cost of all IT support people in every business that's connected to the Internet in Europe. Extra hardware costs to store all that junk, etc. etc.

      It adds up.

      AOL users alone, put together, pay several million USD every month, because of spam (AOL raised their fees by $2 / month sometime last year because of spam related costs).

      Proletariat of the world, unite to kil spammers. Remember to shoot knees first, so that they can't run away while you slowly torture them to death


    • Numbers? Here's some from the company I work for (A top 100 Design and Consulting Engineering firm on the East Coast). I do the spam filtering for them corporate wide, so I know the numbers are true.

      For July (first 2 weeks, 1st - 14th, including the holiday):
      # Employees: 490
      # Spam blocked: 43,126
      # Spam/person/day: ~6.28

      Now, let's use your premiss that it takes 1.5 seconds to identify and delete spam. Let's also note that our company's net profits from last year was 51 million dollars and the gross ass
  • The article... (Score:3, Insightful)

    by deman1985 ( 684265 ) <dedwards@kappast ... com minus author> on Tuesday July 15, 2003 @09:40AM (#6442604) Homepage
    The article fails to mention what the penalties are for companies that violate their new anti-spam laws. Are they simple little fines like are trying to be pushed here or do they have harsher punishments? Simply labelling SPAM as illegal won't do a whole lot unless violators have something serious to fear.
  • ...elsewhere [slashdot.org]

  • by Captain_Loser ( 601474 ) on Tuesday July 15, 2003 @09:46AM (#6442658)
    My job is maintaining a Web/E-mail server, and I know just what a pain it is to deal with spam. But, if the government starts to regulate "spam" how are they going to decide what is spam and what isn't? MY favorite phrase is "run your life so the government won't have to, you won't like it if they take over" that makes sense. Don't get me wrong, I despise spam, and want to get rid of it as much as the next person, but how is this going to be controlled? I think we should proceed with EXTREME caution in situations like this or things will just get worse.
    • how are they going to decide what is spam and what isn't?

      The EU definition pretty much matches with the one at SpamHaus [spamhaus.org]: if an email is unsolicited and bulk, then it's spam. Make sure your mass mailings are confirmed opt-in and you're all set.

  • by Kjella ( 173770 ) on Tuesday July 15, 2003 @09:49AM (#6442691) Homepage
    EU thinks "no point, we need the US and Asia"
    US thinks "no point, we need the EU and Asia"
    Asia thinks "no point, we need the EU and US"

    Laws have to start somewhere, and I'm sure there's a reason why all my spam is carpetbombed US crap. I'm pretty sure it's the local laws that are the cause that I have only recieved *one* spam mail in my local language, from a national company, ever. And I sent them a reply stating that next time I would file charges, and I've never heard from them again.

    We need a new mail protocol, with proper digital signing and verification of authorithy (does 231.143.211.35 have permission to send mail using the domain name "hotmail.com"?) as well as integrated feedback possibilities both to mail servers, and if possible, to those administratively responsible for a given netblock (e.g. ISP) as well. If spam was more tracable, it would be a lot easier to shut down and blacklist.

    Kjella
  • by cyberon22 ( 456844 ) * on Tuesday July 15, 2003 @09:49AM (#6442694)
    The vast majority of spam hitting *my* inbox starts coming in at around 9am California time, and then peters out early evening on the East Coast.

    What's this about an international problem again?
    • And the vast majority of the Spam I receive is in Chinese. About 100/day. Don't know how I made the Chinese spammer's lists so deeply, but I did. By the way, the only language I speak is bad English. Just cause you don't have the problem, doesn't mean that others don't.
  • by aggieben ( 620937 ) <aggieben.gmail@com> on Tuesday July 15, 2003 @09:51AM (#6442708) Homepage Journal
    I don't think legislation is necessary anyway. I'm leary of laws that tell me how and to whom I can send messages. Anyway, if large ISP's would just block ip the sources of the spam (btamail.cn comes to mind) they could do a lot to alleviate the problem. I would rather live with minimal amounts of spam limited by filters than be forced to have laws that forbid it.

    Procmail is your friend.
    • I agree. Do we really want more laws telling us what we can and can't do? Before we know it we won't be able to freely send email to whomever we want. I don't know how we're going to solve the problem of spam, but we should be careful about the laws that are made to stop it. No one wants these laws to be used against individuals to stop freedom of speech.
  • Section 3, Chapter II:

    Article 1: All unsolicted electronic communications (UCE) intended for commercial purposes, including but not exclusively for the sale of electronic products, personal services, errection-producing drugs, digital images of a pronographic nature, and percentage offers of the fortunes of deceased African dictators, shall follow the code of conduct established in Article 2.

    Article 2: all business email sent to and from correspondents in the member states of the EU shall be provided in all four (4) of the following languages: English, French, German, and Italian, plus any two (2) of the following languages: Finnish, Swedish, Irish, Spanish, Portuguese. The Dutch language may only be used as an encryption device for confidential communications.

    Article 3 - Sanctions. The minimum sanction for any natural entity sending emails in an illegal combination of languages shall be no less than twenty years of service in the customer service department of the European Union. ....

    I don't see the problem, so long as all EU countries implement this convention fully. That, and castrating spammers should take care of things.
    • "Article 2: all business email sent to and from correspondents in the member states of the EU shall be provided in all four (4) of the following languages: English, French, German, and Italian"

      That goes further than the EU bureaucracy. I was under the impression that there were only three official languages for government plus the language of the current EU presidency, and that German was also often added to official events out of respect for the largest member state. Wasn't there a fuss recently when F
      • > Perhaps somebody can elaborate or correct me...

        Ah, but the EU Convention on UCE is (a) a draft convention, and (b) the choice of Italian represents the current holder of the presidency. Note that article 5 specifically allows unlimited volumes of UCE from any business owned by Berlusconi, and that includes the Cosa Nostra and associated franchises in the rest of Europe.
    • Informative? I can't wait to metamoderate this one... did you read the comment at all? I mean I know slashdotters don't read the articles, but if you don't read the comments either, what's the point? :)

      Kjella
    • Article 4: any electronic communication containing more than 10% irony or thinly disguised humour shall be moderated as "informative".

      What the heck is up with Slashdot, can't I even flame the good old EU without being praised as a savant?

      It was a joke, guys. No-one would actually use Italian as one of the four main languages. And yes, Dutch is easy to decipher, vooral voor ons nederlanstalige. Nom de dieu, quelle band de connards. C'etait une blague, mes amis. T'was een grapje. Probleme eza te. Mal
    • The minimum sanction for any natural entity sending emails in an illegal combination of languages shall be no less than twenty years of service in the customer service department of the European Union

      Anyone who marked this Informative (instead of either Funny or Troll) should be sentenced to no less than 20 whacks with a LARTing mallet.

      • Unfortunately for LARTing fans, the use of physical violence against natural entities (even Italians) is strictly controlled by the EU Convention on Applied Interentity Violence, section 3, chapter III, articles 5 to 10. LARTing mallets are permitted but only from July 1 to July 14 (so you missed the season), and only if you hold a grade 3 license in applied LARTing.

        Further (I know, this is a long post, but these conventions are very detailed), the number 20 is not a valid EU number. This may surprise so
    • Whomever moderated this post "informative" clearly didn't read the post. I particularly liked this section:

      The Dutch language may only be used as an encryption device for confidential communications.
    • Article 3 - Sanctions. The minimum sanction for any natural entity sending emails in an illegal combination of languages shall be no less than twenty years of service in the customer service department of the European Union. ....

      Modded as "Informative," huh? Moderators see "Article 1-3" and their eyes glaze over. Funny, though.

  • by chia_monkey ( 593501 ) on Tuesday July 15, 2003 @09:54AM (#6442743) Journal
    I'm going to have to agree with the EU's stance that there should be similar objectives put in place by the US and Asia. I think there should be more countries involved also, but these were the two that were mentioned. In a similar stance, think about having just Iowa and Kansas (random states chosen) with strict anti-spam measures. Fine...spammers will move to VA and PA. Same will happen all over the world.

    We DO need a worldwide organization to help curtail this. Isn't this the global economy nowadays? Let's treat it like one.

    I would like to see however, someone being proactive. Yay EU! Pity Asia may wait and see. Pity the US may wait and see. If we all act at once, it may send the signal we're serious about this and not just testing the waters and not truly committed to ridding ourselves of this global economy drain.
  • by Draghkhar ( 677959 ) on Tuesday July 15, 2003 @10:02AM (#6442799) Homepage
    Unfortunately this discussion's overly simplistic. What kind of opt-out legislation is the US considering? There's 2 main kinds I can think of. The first is to opt out with each provider. That approach seems disastrous -- spammers just change their name or address, and what a miracle, they can spam you again. The second type is to opt out through a national registry, similar to the "do-not-call" registry that's been/being implemented in several states (including Massachusetts). If enough e-mail users opt out of spam (and why wouldn't they?) it could cripple the commercial viability of spam (at least in the US).

    A final point: maybe the European approach is more effective, maybe not, but I don't see why legislative uniformity is necessary.... As long as all countries are effective in decreasing the incentive/legality for spammers to exist, does it matter? Silly example -- let's say large country A fined each piece of spam at $1 million, and large country B implemented the death penalty for spamming -- I think spam would decrease a lot pretty quickly. Anyway, if several competing approaches are tried on a large scale, and one is far and away a success, others will follow suit. Please don't posit US government conspiracies to protect spammers -- all the Nasdaq-100 companies hate spam (e.g., Yahoo, Microsoft, Apple). So do 99.9% of their online constituents. Those are the parties US legislators will (at least try to) protect.

    • There're a lot of problems with the Universal Remove List (term coined by spamming scum) aka "do-not-call" approach.

      Most of them do not allow sitewide opt-out or wildcards.

      Most of them only allow number of Email addresses per user (I have an infinite number of potential Email addresses, and at least 25 active ones I use regularly).

      A listing in DMA's list expires after a year or two. What sort of bullshit is that?

      There is no way in hell there's going to be a "do-not-spam" list that will work, ever.

      Stil
    • $1 million fine? Death penalty? This would be fun if there were someone I really didn't like - It would be easy to make it look like he was spamming. Death by virus!

      --jeff++
  • France surrenders.
  • by crovira ( 10242 ) on Tuesday July 15, 2003 @10:07AM (#6442842) Homepage
    the companies who want to sell you the damn Viagra and fine their butts off, its all useless.

    The only way to stem the flood is to target those who think they benefit from it.

    If the VENDOR who uses Spam has to cough up a massive fine, they will put the spammers out of business. It has nothing to do with who sent you the friggin' email but who's trying to get youto spend money. Once it COSTS THEM far more than their RateOfReturn, the Spammers will suck wind.
  • by mgeneral ( 512297 ) on Tuesday July 15, 2003 @10:08AM (#6442848)
    It's going to require more than just new laws and legislation. To fix the spam problem, you need to fix the SMTP protocol. At one time it may have seemed ok to allow anonymous, unverified mail services, but today, it is unpractical. A lot can be done to diminish spam if we can improve the SMTP protocol. Source address verification and usable certificate services wouldn't take that long to implement and would drastically reduce the quantities of SPAM.
  • by Baki ( 72515 ) on Tuesday July 15, 2003 @11:28AM (#6443678)
    you just block all mail coming from Asia.

    90% of spam I received came from Asia (korea, china etc) until I added the following to my postfix access config file:

    202 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    203 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    210 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    211 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    218 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    219 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    220 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    221 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    61 554 All sites from Asia-Pacific NIC blocked due to excessive SPAM
    • by Kjella ( 173770 )
      ...you have no business relatiionships there, no friends there, no people you know moved there. It works on your very own little personal server, but it doesn't deal with the spam problem for an ISP, a corporation, or anything else of magnitude.

      Maintaining personal blacklists is pretty easy, but how much time would it take millions and millions of people to all do that? It'd be as bad as the problem it is trying to solve.

      Kjella
      • If Asian countries don't implement laws to effectively fight spam, this might be a way to force them. If people and businesses can no longer send us e-mail because personal servers, but also ISP's simply blacklist an entire country, I think it might have some effect.

        Using relays based in other countries won't be possible either, since relays are also blacklisted.
  • by Anonymous Coward
    I have been running a spam honeypot for about 2 weeks now as an open relay. And as far as I can tell all the source ip addresses are from APIC countries.

    Just for kicks I did the following:
    grep queued /var/log/maillog* > count.tmp; \cat -n count.tmp

    414686 /var/log/maillog.1:Jul 11 23:37:30 pot sendmail[16117]: h6C3bRV16117: to=, delay=00:00:02, mailer=esmtp, pri=30535, stat=queued

    The above email is from a spammer checking the relay.....I have to manipulate the queue daily to make sure they get the res
  • Opt in in the us (Score:2, Insightful)

    by matfud ( 464184 )
    I can't see how opt in would work in the US. As
    soon as you opt in to one company their "business
    partners" would start sending you "solicited
    emails" too.

    Would you not also need some form of personal data
    protection legislation?

    matfud

The unfacts, did we have them, are too imprecisely few to warrant our certitude.

Working...