Another Spammer Sent To Prison

from the will-others-get-the-message dept

Thu, May 1st 2008 8:44pm — Mike Masnick

He's certainly not the first such case, but spammer Eddie Davidson has been sentenced to 21 months in prison for both tax evasion and falsifying email headers. Some other sentences have been even longer. However, it makes you wonder how much of an impact these sentences are having on the spam community. Are spammers getting more cautious and going underground now that jail sentences are being handed out? Has the whole spam effort shifted offshore where it's harder to track them down? One thing that doesn't seem to be happening is any noticeable reduction in spam.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: prison, spammer

25 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 1 May 2008 @ 9:19pm

Start shooting them!
[ link to this | view in chronology ]
- Anonymous Coward, 1 May 2008 @ 9:50pm
  
  Re:
  Definately. Shoot them.
  [ link to this | view in chronology ]
Anonymous Coward, 1 May 2008 @ 9:26pm

Hang em, Hang em High
[ link to this | view in chronology ]
eleete, 1 May 2008 @ 9:33pm

Jails
I agree the guy is scum, and spam is inconvenient, but when the US has a revolving door on pedophiles and rapists, perhaps this is a waste of taxpayer money, in the guise of an example. Maybe whats needed, is great service with better spam filters, let the most creative come through so you can reject them, and reserve that seat for a worthy occupant ? Well anyways, at least we're leading by example here for the hundreds that have gotten off of these charges.

e
[ link to this | view in chronology ]
Nick, 1 May 2008 @ 9:48pm

Spam filters aren't the solution
Unfortunately no matter how good spam filters get, the spammers will just keep getting around them. As long as the email system itself is vulnerable to spam, the problem can not be solved, period.

In my opinion, SMTP needs to be completely scrapped and replaced with a system that's simply much less exploitable.

Unfortunately the down side to that is almost any system will be fought against by the "free speech" and privacy advocates. At what price do we tolerate spam...

From my perspective, as an ISP server administrator, there should be some kind of ubiquitous certificate system put in place such that servers can be configured to accept mail only from registered legitimate servers. Easier said than done, I am well aware.
[ link to this | view in chronology ]
- Dan0, 2 May 2008 @ 5:42am
  
  Re: Spam filters aren't the solution
  SMTP does have certificate services. unfortunately it is up to IT Admins and essentially the lowest cost solution to "fight" spam. we have to dumb down the services so that we get legitimate email because not all companies are funded enough to employ the right Admin for the job. Even if we specify the our email server to authenticate the email server before forwarding messages on, it is only a matter of time that the spam servers use this same authentication. It doesn't take long for them to join in...
  [ link to this | view in chronology ]
LBD, 1 May 2008 @ 10:02pm

Why not punish the companies?
Don't punish the spammers: Punish the companies they claim to represent.

Then let the companies police the problem themselves...
[ link to this | view in chronology ]
John, 1 May 2008 @ 11:21pm

Go by domain?
Perhaps it would be easier to simply charge more for an email domain and then filter out any domain that has been known to generate tons of spam?

Oh and getting rid of Outlook would help a lot too. A lot of bot net armies are using exploited outlook to send emails.
[ link to this | view in chronology ]
Anonymous Coward, 2 May 2008 @ 12:02am

All these tards getting worked up about some spam.

"Definately. Shoot them."

Let's see you get that worked up about the corporations raping the American people, and the government helping them do it.
[ link to this | view in chronology ]
PaulT (profile), 2 May 2008 @ 12:09am

Wrong target
While this is good news, this kind of prosecution will never stop spammers while there's profit to be made. Spam will never be completely stopped unless people stop being dumb enough to buy from links in unsolicited mail. Sadly, that's not going to happen anytime soon - human stupidity is something you can't legislate against...

@Nick: I'd be one of those free speech people. I'd much rather have to deal with spam messages than have my ability to say what I want online removed. Every system that's been proposed to replace SMTP has serious potential for abuse by the people who control it.

@John: I agree with you about Outlook, but the first idea is a no-go. This already happens at companies that use blacklists, and it tends to cause more problems than it solves - e.g. false positives causing large amounts of legitimate messages to be lost.
[ link to this | view in chronology ]
Evert Jönsson, 2 May 2008 @ 3:18am

Git'em
If you download music without paying or look at a had ass 16 year old who put her naked butt online, they know exactly where you are. But if its a buch of crooks who steal your identity or bank acccount; or send millions of spams (or malware) - they seem to be unable to find anybody.
[ link to this | view in chronology ]
Fred, 2 May 2008 @ 3:33am

Right Target -- Just Need More Prosecutions
@PaulT:
We have not stopped robbery, burglary, or insider trading by prosecuting those things, but it does not mean that the prosecutions are wasted or that it has not significantly reduced the amount of spam.

Part of the problem is that we're not targeting those who buy from spammers. Want to stop people from buying penis enlargement pills, Viagra, and porn advertised in spam? Publish their names when you prosecute a spammer and seize his records.

Spam is not a "free speech" issue in any way, shape, or form. My mail server is my private property and a spammer has no more right to enter it uninvited than he does to enter my home to make a sales pitch. I pay for the bandwidth. I pay for the storage. It's no different than my fax machine or my telephone and we have laws against unsolicited advertising using either of those (assuming one signs up for the do-not-call list for the phone).

My company (meaning the one at which I am an employee, not an owner) uses several blacklists and it significantly reduces the amount of spam without causing "large amounts of legitimate messages to be lost." It's all a matter of choosing the appropriate blacklists for the business and user base.
[ link to this | view in chronology ]
- PaulT (profile), 2 May 2008 @ 4:35am
  
  Re: Right Target -- Just Need More Prosecutions
  I didn't mean that spam itself was a free speech issue. My point was that every technical solution suggested thus far would either make normal email communication too costly or allow for high levels of censorship and thus a negative effect on free speech.
  
  As for blacklists:
  
  "It's all a matter of choosing the appropriate blacklists for the business and user base."
  
  Yeah, that's the problem. I've worked for hosting providers where servers, IP blocks and/or domains would get blocked by blacklists. Often, especially when the domain was hosted on a shared server, the block not the domain holder's fault and it was a nightmare to get the domain removed. When the blacklist was used by a large mail provider like AOL or Yahoo, large chunks of a site's users would be unable to receive mail.
  
  So yes, there were large numbers of false positives. It's true that a carefully chosen, well maintained blacklist can be a good thing, but most aren't. I can only imagine how much worse it would be if these lists were made mandatory.
  [ link to this | view in chronology ]
Anonymous Coward, 2 May 2008 @ 3:53am

Or, you could use Hexamail. Best spam filter ever.
[ link to this | view in chronology ]
Peet McKimmie (profile), 2 May 2008 @ 5:18am

Mmmmmm. Tasty.
1) Shoot SPAMmers.
2) Sell their carcasses to Hormel.
3) ...
4) Profit!
[ link to this | view in chronology ]
Anonymous Coward, 2 May 2008 @ 5:26am

Missing the point
I think most people are missing the point. The government/courts do not care if you receive spam in your inbox. What they are concerned about is the crippling of the Internet from all this crap going over it, and the "corporate identity theft" that comes from falsely using someone else's domain name.
[ link to this | view in chronology ]
James, 2 May 2008 @ 7:39am

Doesn't matter
To me, it doesn't matter if this stops or reduces spam or not... people like this guy should be shot, but that aside, at least he's serving some jail time.

And I agree w/Nick, SMTP was designed to deliver a message not keep creatons like this guy from ruining email. I believe we need a new protocol that you have to APPLY to get into. If you violate the rules (such as sending a million bs emails about Viagra) then you are off the system. Period.
[ link to this | view in chronology ]
JeffR, 2 May 2008 @ 8:41am

I checked my logs..
The other day, I ran a couple of months worth of procmail logs thru and put the email into two categories: wanted and unwanted.

470 emails from the local Linux user group mailing list, 124 from a sports mailing list, 2 mailman approval mails from a mailing list I used to run, 1 humor mailing list (it's been a slow couple of months) and 2248 emails that went into my main inbox. That's a total of 2845 wanted emails.

Compare that with 2732 bounces that were backscatter from joe-jobs, and 124939 emails that my spamassassin setup identified as spam... 127671 unwanted emails.

Add it all up and of the 130516 emails I got in that period, I wanted 2845 and 127671 were garbage.. meaning that spamassassin labeled spam and identified backscatter accounted for unwanted 97.8% of the email that my mailsever accepted.

But it gets worse. In reality, my email server rejects about 5 times as much email as it accepts because most of it is sent to non-existant users... and of the 2248 emails that made it to my inbox, somewhere between half and two-thirds were spam that spamassassin didn't catch.

Email has become worthless.
[ link to this | view in chronology ]
Anonymous Coward, 2 May 2008 @ 9:56am

"Let's see you get that worked up about the corporations raping the American people, and the government helping them do it."

Hell yeah, Shoot them also!

Corporations are the root of American Evil!
[ link to this | view in chronology ]
Anonymous Coward, 2 May 2008 @ 9:59am

Where will you be when the World Revolution comes?
[ link to this | view in chronology ]
Joe, 2 May 2008 @ 10:45am

The sentances are not the deterrant
This is much like the issue of drunk driving. Their, the deterrent is not the punishment, most people don't even know what consequences they would face other than 'something bad', it's the certainty of being caught. When guys are out at the pub, they don't say - i better not have another drink because the punishment is 2 years on the first offense. They say - the road check programs will be out and there's a good chance I'll be caught.

In the same manner, harsh sentences allow the appearance of being tough on spammers, but since the overall feeling is that of there being no chance of being caught, this will have no effect on spammers.

Really, an effective means of authenticating email origins is needed to have any effect on this issue.
[ link to this | view in chronology ]
Etch, 2 May 2008 @ 10:53am

I don't think its the spam
I'm pretty sure he got jailed just for tax evasion. You can go out and spam hundreds of thousands or people, and it will take a much longer effort to bring you to justice. But evade a tax payment, and they will come after you like you just defiled a 12 year old! (excuse the gruesome simile)
[ link to this | view in chronology ]
TX CHL Instructor (profile), 2 May 2008 @ 2:56pm

e-postage
A universal "e-postage" charge of one cent per 100 emails (preferably payable to the recipient) would stop spam dead instantly, without seriously impacting any legitimate emailer. All we need is a good system to handle micropayments securely.
[ link to this | view in chronology ]
John (profile), 2 May 2008 @ 3:48pm

Three points
First, to elaborate on what poster #21 said:
For punishments to be effective as a deterrent, they must be "swift and certain". This means that if you break the law, you know you'll get caught and punished immediately.

However, spammers know that they won't get caught, either because their servers are in another country, or they use bot-nets with no central server, or they know the authorities don't care/ have no authority.

Plus, *IF* the spammer gets caught, what's the punishment? Two years in jail? A million dollar fine? That's nothing compared to the tens-of-millions he probably earned with his spamming campaign. In two years, the spammer will get out of prison, set up shop in Russia or China and start all over.

Second point: while it may be a good thought to try to go after the websites mentioned in spam e-mails, how exactly do you go after the "canadian pharmacy" whose server is in China? By the time the US authorities even set up a case, the spammer has probably moved his servers to Korea or some other "untouchable" country.

And how do you handle spam that advertises a non-existent website?

Third, there will probably never be a "e-postage tax".
A few years ago, AOL tries to charge companies to have their e-mail "whitelisted": pay a fee and the e-mail is guaranteed to be delivered to users' inboxes instead of the Bulk Mail folder. There was no blocking of e-mails and users could see them if they wanted, but a number of non-profit companies screamed about how they couldn't afford this and how unfair this was.

What kind of a reaction will we see from these companies when AOL decides to put a tax on e-mail so it gets delivered?

You also have the problem of who collects the fine and who the fine is paid to. Should the receiving ISP get a cut since their servers are receiving the spam? Should the receiving person get a cut since they have to delete the e-mail?
You also have the same issue as before: if a company doesn't pay, how do you block their e-mails?

I think going after the people buying stuff from spam e-mails is the better idea. Maybe the FBI should make a big deal out of threatening these people for buying illegal Viagra from the "canadian pharmacies".
[ link to this | view in chronology ]
fred, 2 May 2008 @ 9:54pm

spammer in jail
i just hope the other inmates print out the spam on very thick rigid paper and insert it where it hurts everday of the sentence
[ link to this | view in chronology ]