Another Spammer Sent To Prison
from the will-others-get-the-message dept
He's certainly not the first such case, but spammer Eddie Davidson has been sentenced to 21 months in prison for both tax evasion and falsifying email headers. Some other sentences have been even longer. However, it makes you wonder how much of an impact these sentences are having on the spam community. Are spammers getting more cautious and going underground now that jail sentences are being handed out? Has the whole spam effort shifted offshore where it's harder to track them down? One thing that doesn't seem to be happening is any noticeable reduction in spam.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Jails
e
[ link to this | view in chronology ]
Spam filters aren't the solution
In my opinion, SMTP needs to be completely scrapped and replaced with a system that's simply much less exploitable.
Unfortunately the down side to that is almost any system will be fought against by the "free speech" and privacy advocates. At what price do we tolerate spam...
From my perspective, as an ISP server administrator, there should be some kind of ubiquitous certificate system put in place such that servers can be configured to accept mail only from registered legitimate servers. Easier said than done, I am well aware.
[ link to this | view in chronology ]
Re: Spam filters aren't the solution
[ link to this | view in chronology ]
Why not punish the companies?
Then let the companies police the problem themselves...
[ link to this | view in chronology ]
Go by domain?
Oh and getting rid of Outlook would help a lot too. A lot of bot net armies are using exploited outlook to send emails.
[ link to this | view in chronology ]
"Definately. Shoot them."
Let's see you get that worked up about the corporations raping the American people, and the government helping them do it.
[ link to this | view in chronology ]
Wrong target
@Nick: I'd be one of those free speech people. I'd much rather have to deal with spam messages than have my ability to say what I want online removed. Every system that's been proposed to replace SMTP has serious potential for abuse by the people who control it.
@John: I agree with you about Outlook, but the first idea is a no-go. This already happens at companies that use blacklists, and it tends to cause more problems than it solves - e.g. false positives causing large amounts of legitimate messages to be lost.
[ link to this | view in chronology ]
Git'em
[ link to this | view in chronology ]
Right Target -- Just Need More Prosecutions
We have not stopped robbery, burglary, or insider trading by prosecuting those things, but it does not mean that the prosecutions are wasted or that it has not significantly reduced the amount of spam.
Part of the problem is that we're not targeting those who buy from spammers. Want to stop people from buying penis enlargement pills, Viagra, and porn advertised in spam? Publish their names when you prosecute a spammer and seize his records.
Spam is not a "free speech" issue in any way, shape, or form. My mail server is my private property and a spammer has no more right to enter it uninvited than he does to enter my home to make a sales pitch. I pay for the bandwidth. I pay for the storage. It's no different than my fax machine or my telephone and we have laws against unsolicited advertising using either of those (assuming one signs up for the do-not-call list for the phone).
My company (meaning the one at which I am an employee, not an owner) uses several blacklists and it significantly reduces the amount of spam without causing "large amounts of legitimate messages to be lost." It's all a matter of choosing the appropriate blacklists for the business and user base.
[ link to this | view in chronology ]
Re: Right Target -- Just Need More Prosecutions
As for blacklists:
"It's all a matter of choosing the appropriate blacklists for the business and user base."
Yeah, that's the problem. I've worked for hosting providers where servers, IP blocks and/or domains would get blocked by blacklists. Often, especially when the domain was hosted on a shared server, the block not the domain holder's fault and it was a nightmare to get the domain removed. When the blacklist was used by a large mail provider like AOL or Yahoo, large chunks of a site's users would be unable to receive mail.
So yes, there were large numbers of false positives. It's true that a carefully chosen, well maintained blacklist can be a good thing, but most aren't. I can only imagine how much worse it would be if these lists were made mandatory.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Mmmmmm. Tasty.
2) Sell their carcasses to Hormel.
3) ...
4) Profit!
[ link to this | view in chronology ]
Missing the point
[ link to this | view in chronology ]
Doesn't matter
And I agree w/Nick, SMTP was designed to deliver a message not keep creatons like this guy from ruining email. I believe we need a new protocol that you have to APPLY to get into. If you violate the rules (such as sending a million bs emails about Viagra) then you are off the system. Period.
[ link to this | view in chronology ]
I checked my logs..
470 emails from the local Linux user group mailing list, 124 from a sports mailing list, 2 mailman approval mails from a mailing list I used to run, 1 humor mailing list (it's been a slow couple of months) and 2248 emails that went into my main inbox. That's a total of 2845 wanted emails.
Compare that with 2732 bounces that were backscatter from joe-jobs, and 124939 emails that my spamassassin setup identified as spam... 127671 unwanted emails.
Add it all up and of the 130516 emails I got in that period, I wanted 2845 and 127671 were garbage.. meaning that spamassassin labeled spam and identified backscatter accounted for unwanted 97.8% of the email that my mailsever accepted.
But it gets worse. In reality, my email server rejects about 5 times as much email as it accepts because most of it is sent to non-existant users... and of the 2248 emails that made it to my inbox, somewhere between half and two-thirds were spam that spamassassin didn't catch.
Email has become worthless.
[ link to this | view in chronology ]
Hell yeah, Shoot them also!
Corporations are the root of American Evil!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
The sentances are not the deterrant
In the same manner, harsh sentences allow the appearance of being tough on spammers, but since the overall feeling is that of there being no chance of being caught, this will have no effect on spammers.
Really, an effective means of authenticating email origins is needed to have any effect on this issue.
[ link to this | view in chronology ]
I don't think its the spam
[ link to this | view in chronology ]
e-postage
[ link to this | view in chronology ]
Three points
For punishments to be effective as a deterrent, they must be "swift and certain". This means that if you break the law, you know you'll get caught and punished immediately.
However, spammers know that they won't get caught, either because their servers are in another country, or they use bot-nets with no central server, or they know the authorities don't care/ have no authority.
Plus, *IF* the spammer gets caught, what's the punishment? Two years in jail? A million dollar fine? That's nothing compared to the tens-of-millions he probably earned with his spamming campaign. In two years, the spammer will get out of prison, set up shop in Russia or China and start all over.
Second point: while it may be a good thought to try to go after the websites mentioned in spam e-mails, how exactly do you go after the "canadian pharmacy" whose server is in China? By the time the US authorities even set up a case, the spammer has probably moved his servers to Korea or some other "untouchable" country.
And how do you handle spam that advertises a non-existent website?
Third, there will probably never be a "e-postage tax".
A few years ago, AOL tries to charge companies to have their e-mail "whitelisted": pay a fee and the e-mail is guaranteed to be delivered to users' inboxes instead of the Bulk Mail folder. There was no blocking of e-mails and users could see them if they wanted, but a number of non-profit companies screamed about how they couldn't afford this and how unfair this was.
What kind of a reaction will we see from these companies when AOL decides to put a tax on e-mail so it gets delivered?
You also have the problem of who collects the fine and who the fine is paid to. Should the receiving ISP get a cut since their servers are receiving the spam? Should the receiving person get a cut since they have to delete the e-mail?
You also have the same issue as before: if a company doesn't pay, how do you block their e-mails?
I think going after the people buying stuff from spam e-mails is the better idea. Maybe the FBI should make a big deal out of threatening these people for buying illegal Viagra from the "canadian pharmacies".
[ link to this | view in chronology ]
spammer in jail
[ link to this | view in chronology ]