LISTSERV mailing list manager LISTSERV 16.5

Help for IT-DISCUSS Archives


IT-DISCUSS Archives

IT-DISCUSS Archives


IT-DISCUSS@LIST.UVM.EDU


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Proportional Font

LISTSERV Archives

LISTSERV Archives

IT-DISCUSS Home

IT-DISCUSS Home

IT-DISCUSS  February 2005

IT-DISCUSS February 2005

Subject:

CANSPAM Allows Flood of Junk Email

From:

Thomas McLeod <[log in to unmask]>

Reply-To:

Technology Discussion at UVM <[log in to unmask]>

Date:

Tue, 1 Feb 2005 14:52:13 -0500

Content-Type:

text/plain

Parts/Attachments:

Parts/Attachments

text/plain (197 lines)

NY Times
February 1, 2005
Law Barring Junk E-Mail Allows a Flood Instead
By TOM ZELLER Jr.

A year after a sweeping federal antispam law went into effect, there is more
junk e-mail on the Internet than ever, and Levon Gillespie, according to
Microsoft, is one reason.

Lawyers for the company seemed well on the way to shutting down Mr. Gillespie
last September after he agreed to meet them at a Starbucks in Los Angeles near
the University of Southern California. There they served him a court summons and
a lawsuit accusing him, his Web site and 50 unnamed customers of violating state
and federal law - including the year-old federal Can Spam Act - by flooding
Microsoft's internal and customer e-mail networks with illegal spam, among other
charges.

But that was the last the company saw of the young entrepreneur.

Mr. Gillespie, who operated a service that gives bulk advertisers off-shore
shelter from the antispam crusade, did not show up last month for a court
hearing in King County, Wash. The judge issued a default judgment against him in
the amount of $1.4 million.

In a telephone interview yesterday from his home in Los Angeles, Mr. Gillespie,
21, said he was unaware of the judgment and that no one from Microsoft or the
court had yet followed up. But he insisted that he had done nothing wrong and
vowed that lawsuits would not stop him - nor any of the other players in the
lucrative spam chain.

"There's way too much money involved," Mr. Gillespie said, noting that his
service, which is currently down, provided him with a six-figure income at its
peak. "And if there's money to be made, people are going to go out and get it."

Since the Can Spam Act went into effect in January 2004, unsolicited junk e-mail
on the Internet has come to total perhaps 80 percent or more of all e-mail sent,
according to most measures. That is up from 50 percent to 60 percent of all
e-mail before the law went into effect.

To some antispam crusaders, the surge comes as no surprise. They had long argued
that the law would make the spam problem worse by effectively giving bulk
advertisers permission to send junk e-mail as long as they followed certain rules.

"Can Spam legalized spamming itself," said Steve Linford, the founder of the
Spamhaus Project, a London organization that is one of the leading groups intent
on eliminating junk e-mail. And in making spam legal, he said, the new rules
also invited flouting by those intent on being outlaws.

Not everyone agrees that the Can Spam law is to blame, and lawsuits invoking the
new legislation - along with other suits using state laws - have been mounted in
the name of combating the problem. Besides Microsoft, other large Internet
companies like AOL and Yahoo have used the federal law as the basis for suits.

Two prolific spam distributors, Jeremy D. Jaynes and Jessica DeGroot, were
convicted under a Virginia antispam law in November, and a $1 billion judgment
was issued in an Iowa federal court against three spam marketers in December.

The law's chief sponsor, Senator Conrad Burns, Republican of Montana, said that
it was too soon to judge the law's effectiveness, although he indicated in an
e-mail message that the Federal Trade Commission, which oversees its
enforcement, might simply need some nudging.

"As we progress into the next legislative session," Mr. Burns said, "I'll be
working to make sure the F.T.C. utilizes the tools now in place to enforce the
act and effectively stem the tide of this burden."

The F.T.C. has made some recent moves that include winning a court order in
January to shut down illegal advertising from six companies accused of profiting
from thousands of X-rated spam e-mail messages. But so far, the spam trade has
foiled most efforts to bring it under control.

A growing number of so-called bulletproof Web host services like Mr. Gillespie's
offer spam-friendly merchants access to stable offshore computer servers - most
of them in China - where they can park their Web sites, with the promise that
they will not be shut down because of spam complaints.

Some bulk e-mailers have also teamed with writers of viruses to steal lists of
working e-mail addresses and quietly hijack the personal computers of millions
of unwitting Internet users, creating the "zombie networks" that now serve,
according to some specialists, as the de facto circulatory system for spam.

"We've thrown everything but the kitchen sink at this problem," said Chris
Smith, the senior director of product marketing for Postini, a company that
filters e-mail for corporations. "And yet, all of these efforts have yet to make
a significant dent."

Mr. Smith was speaking in a conference call with reporters last week to discuss
Postini's 2005 e-mail security report, which echoed the bleak findings of recent
academic surveys and statistics from other vendors that filter and monitor
e-mail traffic.

A survey from Stanford University in December showed that a typical Internet
user now spends about 10 working days a year dealing with incoming spam.
Industry analysts estimate that the global cost of spam to businesses in 2005,
in terms of lost productivity and network maintenance, will be about $50 billion
($17 billion in the United States alone). And the Postini report concluded that
most legislative measures - in the United States, Europe and Australia - have
had little impact on the problem.

The American law requires solicitations to be identified as such in the subject
line and prohibits the use of fake return addresses, among other restrictions.
But the real soft spot in the American law, critics have argued, is that it puts
a burden on recipients to choose to be removed from an e-mailers list - an "opt
out" feature that bulk mailers are obligated by the law to provide. (The
European and Australian systems requires bulk mailers, in most cases, to receive
"opt in" authorization from recipients.)

While a law-abiding bulk mailer under the American law might remove a person
from its list, critics say, the scofflaw spammer simply takes an opt-out message
as verification that the e-mail address is current and has a live person behind it.

"Any spammer worth his salt is not going to follow Can Spam," said Scott Petry,
Postini's founder and senior vice president for products and engineering,
"because it would be filtered out immediately."

Defenders of the Can Spam Act say blaming any one law is far too simple.

"Most people say it's a miserable failure," said Anne Mitchell, who helped draft
the legislation and is the chief executive of the Institute for Spam and
Internet Public Policy, a research group in California. "But I see it as a
lawyer would see it. To think that law enforcement agencies can make spam stop
right away is silly. There's no such thing as an instant fix in the law."

She and others note that filtering software has become particularly adept at
catching the vast majority of spam before it ever gets to a user's in-box.
Legitimate e-mail messages do sometimes get caught in such nets - a drawback
that generates its own chorus of complaints. But some specialists have also
suggested that the overall success of identifying and weeding out junk e-mail
from in-boxes may actually help explain the current surge in spam.

"The more effective the filtering technology," Ms. Mitchell said, "the more spam
they have to send to get the same dollar rate of return."

Those rates of return can be staggeringly high (and the costs of entry into the
market relatively low).

A spammer can often expect to receive anywhere from a 25 percent to a 50 percent
commission on any sales of a product that result from a spam campaign, according
to a calculus developed by Richi Jennings, an Internet security analyst with
Ferris Research, a technology industry consulting firm.

Even if only 2,000 of 200 million recipients of a spam campaign - a single day's
response rate for some spammers - actually go to a merchant's Web site to
purchase a $50 bottle of an herbal supplement, a spammer working at a 25 percent
commission will take in $25,000. If a spammer makes use of anonymous
virus-enslaved computers to spread the campaign, expenses like bandwidth
payments to Internet service providers are low - as is the likelihood of
anyone's tracking down who pushed the "send" button.

The overlapping and truly global networks of spam-friendly merchants, e-mail
list resellers, virus-writers and bulk e-mailing services have made identifying
targets for prosecution a daunting process. Merchants whose links actually
appear in junk e-mail are often dozens of steps and numerous deals removed from
the spammers, Mr. Jennings said, and proving culpability "is just insanely
difficult."

The new federal law does give prosecutors some leverage to go after the
merchants - but it must be proved that they knew, or should have known, that
their wares were being fed into the illegal spam chain.

"We wait to see a real test case of that," Mr. Jennings said.

In the meantime, analysts predict, more viruses will commandeer more personal
computers as zombie spam transmitters - which besides free relays give spammers
a thicker cloak of anonymity. Mr. Jennings estimates that hijacked machines
handle 50 percent of the spam stream, and other analysts have put the percentage
higher.

Analysts also expect more use of virus bombs - called directory harvest attacks
- to wrest working e-mail addresses from Internet service providers. "It's the
silent killer of e-mail servers," Mr. Smith of Postini said.

And bulletproof services like Mr. Gillespie's and another, Buprhost.com, are
intent on continuing to offer spam-friendly merchants a haven from antispam
complaints, starting at $89 a month.

"If your Web site host receives complaints or discovers that your Web site has
been advertised in e-mail broadcasts, they may disconnect your account and shut
down your Web site," explains Buprhost.com, which promises no such disruptions.
"The reason we can do this is that we put your Web site in our overseas server
where the local law will protect your Web sites."

"It's very simple," Mr. Petry of Postini said of the junk e-mail scourge. "Spam
is technically very easy to send."

Which is why, according to Aaron Kornblum, Microsoft's Internet safety
enforcement lawyer, suits against spam enablers like Mr. Gillespie are an
important, if incremental, new front to pursue.

"Microsoft's efforts in filing these lawsuits is to stop spammers - and in this
case hosting services that cater to spammers - from plying their trade," said
Mr. Kornblum, who noted that Microsoft was working to enforce the $1.4 million
judgment against Mr. Gillespie.

"Our objective with sustained enforcement activity is to change the economics of
spamming, making it a cost-prohibitive business model rather than a profitable one."

Top of Message | Previous Page | Permalink

Advanced Options


Options

Log In

Log In

Get Password

Get Password


Search Archives

Search Archives


Subscribe or Unsubscribe

Subscribe or Unsubscribe


Archives

August 2021
July 2021
June 2021
May 2021
April 2021
March 2021
February 2021
January 2021
December 2020
November 2020
October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003, Week 1
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
September 2002
August 2002
July 2002
June 2002
May 2002
April 2002
March 2002
February 2002
January 2002
December 2001
November 2001
October 2001
September 2001
August 2001
July 2001
June 2001
May 2001
April 2001
March 2001
February 2001
January 2001
December 2000
November 2000
October 2000
September 2000
August 2000
July 2000
June 2000
May 2000
April 2000
March 2000
February 2000
January 2000
December 1999
November 1999
October 1999
September 1999
August 1999
July 1999
June 1999
May 1999
April 1999
March 1999
February 1999
January 1999
December 1998
November 1998
October 1998
September 1998
August 1998
July 1998
June 1998
May 1998
April 1998
March 1998
February 1998
January 1998
December 1997
November 1997
October 1997
August 1997
July 1997
May 1997
April 1997
March 1997
February 1997
January 1997
December 1996
November 1996
October 1996
September 1996
August 1996
July 1996
May 1996
December 1995
November 1995
September 1995
August 1995
March 1995

ATOM RSS1 RSS2



LIST.UVM.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager