Andy,
Yes, there are many different laws that spammers break, most of which
are not covered under CAN-SPAM. CAN-SPAM does though preempt many
state anti-spam laws, or at least parts of them. The courts are
working out what is and is not preempted. For better or worse, some of
these state convictions might be overturned based on jurisdiction as
things progress through the appeal's system. Having spammers held to
50 different standards for conduct without a good method of identifying
who is where is a bit unfair, kind of like expecting an ecommerce site
to collect taxes according to every county tax rate in the country. It
all depends on who they are going after of course. The groups that are
dictionary attacking servers all over the place with as many as 3
million random addresses per day are clearly going beyond simple
spamming, and other things like fraud and false advertising also extend
beyond CAN-SPAM, though have been specified in parts of state anti-spam
laws. CAN-SPAM's state law preemption reads as follows:
"This Act supersedes any statute, regulation, or rule of a
State or political
subdivision of a State that expressly regulates the use of electronic
mail to send
commercial messages, except to the extent that any such statute,
regulation, or
rule prohibits falsity or deception in any portion of a commercial
electronic mail
message or information attached thereto."
The North Carolina residents that were prosecuted under Virginia's spam
laws recently were primarily flagged for fraud. They were advertising
scams promoting $75/hour FedEx refund processor software, and received
about $400,000 in orders for it. To quote one Web source, "VA
authorities were able to assert long-arm jurisdiction over them
since they derived economic benefit and caused tortious harm to
Virginia residents as well as Virginia equipment." (of course I can't
vouch for the accuracy of that statement)
I personally would like to see clear as day laws governing spam so that
authorities wouldn't be apprehensive to go after these people, or
turned off by the never-ending appeal process as the vaguest parts of
the laws are tested. Maybe they aren't prosecuting these people for
other reasons such as a lack of focus on the problem. Neither Bill
Clinton nor George Bush had an appreciation for E-mail. I think that
Bill Clinton was only known to have sent a single E-mail while in
office. I doubt that most of those in Congress read their own E-mail,
and they aren't likely exposed to the people blocking the spam for them
(why else would they have legalized half of it with a preemptive law?).
I don't believe marketing a legitimate product or service from one's
own servers would constitute a violation of either law. The trouble
with doing it that way is that anything that is static and comes with
significant volume is generally widely blacklisted within the first
week of activity, often the first 24 hours. It makes being a static
spammer kind of tough. I've noted more and more that static spammers
are moving their hosting to other countries and service providers that
don't sub-delegate IP space, and don't require or oversee the reverse
DNS information. Some even set themselves up as fake hosting
operations and then jump around their IP space with spam blocks
pretending to not be directly associated with the activity. None of
this seems to constitute breaking the law, though I'm sure that almost
all of them are in other ways (like not honoring opt-outs, subject
tagging themselves, etc.).
Matt
Andy Schmidt wrote:
The motivation for cleaning was not
black-listing, it was AOLs aggressive pursuit of Spammers supported by
VA state law that is one of the (if not "the") toughest with regards to
computer abuse (including SPAM). Since many Spammers DO operate out of
the U.S. and/or market goods that are delivered from the U.S., it
doesn't matter much if they were trying to hide behind a China server.
Abusing a computer system in VA is subject to VA
law - even if the other party sits in another state. Has nothing to do
with Interstate commerce.
Heck, I have to file sales tax returns in many
states that I've never set foot in - just as long as THEIR state law
finds some way to define "nexus".
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414
x20 (Business)
Fax: +1 201 934-9206
http://www.HM-Software.com/
Anyone can spam legally under CAN-SPAM, however almost no one follows
the exact letter of the law (for instance adding "ADV" to subject
lines). I'm not sure where federal and state law intersect on this
one, but it would seem to be primarily a federal issue since it
generally involves interstate commerce.
My own personal experience is that the clearly illegal stuff
(forging/zombie spam) that CAN-SPAM definitely targets has grown
immensely in the last year, and their tactics have become effectively
DDOS attacks on mail servers (violating yet other laws). Spamhaus has
pictures of some of these guy's houses even (tape recordings of threats
too), yet all we hear about are these occasional civil lawsuits, and a
smattering of criminal actions while they keep going with impunity.
The RIAA has been more effective at stopping file sharing than the
government has been in stopping spam, and that's not saying much. In
fact the most remarkable thing that the government has done is cave
into industry and draft a law called CAN-SPAM that legalizes half of
it, and supersedes many state laws that went further.
I don't doubt that you were told this however. Spamming AOL without
some form of obfuscation is pretty much going to be useless because
they will get blacklisted rather quickly otherwise.
Matt
Andy Schmidt wrote:
Well, I CAN tell you that I have personal
contacts with Spammers (who keep wanting me to take their business) -
and from casual conversations about the "industry" I know
that several DO clean any AOL mailboxes from their lists before doing
campaigns out of fear of litigation based on VA law.
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201
934-3414 x20 (Business)
Fax: +1 201 934-9206
http://www.HM-Software.com/
This sounds like an urban legend to me. Keep in mind that there was
some news release a few weeks ago that indicated AOL was seeing
dramatically less spam traffic. I think it is likely that AOL has
succeeded in blocking more spam, and the article was rehashed by
someone that didn't understand the topic and assumed that this meant a
drop in spam. This used to happen all the time, even in industry mags,
back when the Internet was becoming a big deal. Same thing with spam
now. I'm sure that they mess up articles about medicine, astronomy,
etc., and we just don't know enough to see through the mistakes.
Matt
Dan Geiser wrote:
I don't get this article at all. How is this any different then sending
e-mails with using domains that you have no intention of ever using? Why
would you want to register the domain name and then associated yourself with
a domain used in a spam mailing? And from a technical standpoint why would
a distributed DNS system be overloaded by trying to lookup bogus domain
names?
----- Original Message -----
From: "Kami Razvan" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, January 11, 2005 2:50 PM
Subject: [Declude.JunkMail] Interesting tactic..
<http://www.eweek.com/article2/0,1759,1749328,00.asp>
http://www.eweek.com/article2/0,1759,1749328,00.asp\
"One troublesome technique finding favor with spammers involves sending
mass
mailings in the middle of the night from a domain that has not yet been
registered. After the mailings go out, the spammer registers the domain
early the next morning."
Hmmmm
Kami
-------------------------------------------------------------------
E-mail scanned for viruses by Nexus (http://www.ntgrp.com/mailscan)
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
--
=====================================================
MailPure custom filters for Declude JunkMail Pro.
http://www.mailpure.com/software/
=====================================================
--
=====================================================
MailPure custom filters for Declude JunkMail Pro.
http://www.mailpure.com/software/
=====================================================
--
=====================================================
MailPure custom filters for Declude JunkMail Pro.
http://www.mailpure.com/software/
=====================================================
|
