Internet and e-mail policy and practice
including Notes on Internet E-mail


2008
Months
Dec

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed


Home

25 Dec 2008

Anonymous speech doesn't require forgery Email
In September the long strange Jeremy Jaynes spam case took its most recent twist when the Virginia Supreme Court
reversed its previous decision and threw out the state's anti-spam law on First Amendment grounds. The state is currently preparing one final appeal to the U.S. Supreme Court, and interested parties are preparing their briefs. I recently reread the decision, and was struck that the court's analysis depends on a severe misunderstanding of the way that e-mail works.

See more ...


  posted at: 17:53 :: permanent link to this entry :: 1 comments
Stable link is https://jl.ly/Email/polianon.html

21 Dec 2008

US Dep't of Commerce doesn't like ICANN's new domain plan ICANN
ICANN's authority to manage top level of the DNS comes from a two-year Joint Project Agreement (JPA) signed with the US Department of Commerce in 1997, since extended seven times, most recently until September 2009. Since the DoC can unilaterally cancel the JPA which would put ICANN out of the DNS business, when DoC speaks, ICANN listens.

See more ...


  posted at: 19:13 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/docnewtld.html

19 Dec 2008

ICANN sets the schedule to kill domain tasting ICANN

Domain tasting, as everyone probably knows by now, is the disreputable practice of registering lots of domains, seeing how much traffic they get, and then using the five day Add Grace Period (AGP) to refund the 99.9% of them that aren't worth paying for. A related abuse is front running, registrars speculatively grabbing domains that people inquire about to prevent them from using a different registrar.

Back in April, the ICANN GNSO (the subgroup that deals with generic TLDs, i.e., all but the two-letter country codes) voted to set a new policy to get rid of domain tasting. And now, eight short months later, it's finally about to become ICANN policy.

See more ...


  posted at: 04:51 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/lasttaste.html

07 Dec 2008

How To Do Coreg That Doesn't Stink Email

Coreg, short for co-registration, is a popular but problematic method for building mailing lists. When you sign up for mail from someone, if there's a box asking if you'd like Valuable Offers from Our Treasured Marketing Partners, that's coreg. They sell your address to the TMPs who do, well, something with it. In some cases coreg is a sideline, but there are companies that do nothing but coreg, with online sweepstakes and other cheap trinkets as come-ons to get people to sign up.

Coreg has earned a dreadful reputation. The classic example is "Nadine", an elderly woman who mistyped her address on a sweepstakes site, instead typing an address at an ISP in Texas which collected all of the mail she got and tracked its passage from one mailer to another. He stopped counting last year at upwards of 90,000 messages, everything from political opinion surveys to horse porn.

So a friend asked, is it possible to do coreg that doesn't stink?

See more ...


  posted at: 18:36 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/coreg.html

Selective Sender Email

Several proposals for Lightweight MTA Authentication Protocol (LMAP) have been gathering attention of late. They all define ways for a domain to specify that some particular IP addresses are allowed to send mail for that domain, and others aren't.

LMAP has a variety of technical problems because there are surprisingly many ways that mail can be sent from unexpected places.

Selective Sender, a simpler scheme that has been proposed before under other names, is much simpler.

... read the mini-paper on-line
... mini-paper printable version


  posted at: 10:14 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/ss.html

ICANN to add new top level domains, World to come to an end ICANN
The biggest buzz from the Paris ICANN meeting was that the board accepted last fall's proposal for a streamlined process to add new TLDs. A variety of articles in the mainstream press, many featuring inflammatory but poorly informed quotes (from people who probably got a phone call saying "We go to press in five minutes, what do you think about ICANN's plan to add a million new domains?") didn't help. When can we expect the flood of TLDs? Don't hold your breath.

See more ...


  posted at: 10:14 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/ICANN/newtlds.html

Domain Registration, a Simple Introduction ICANN

I recently gave a talk about the way that domain registrations work. To illustrate it I made a slide that illustrates the process.

Any questions?


  posted at: 10:13 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/ICANN/simple.html

ICANN Paints Themselves into a Corner ICANN
ICANN recently commissioned
a report from a domain auction company to see whether it would be a good idea to auction TLDs that have multiple applicants. Remarkably, the domain auctioneers came to the conclusion that auctions are a great idea, which they surely are for some people. But are they a good idea for ICANN? And if ICANN admits they can't evaluate competing applications on their merits, how can they keep the process from turning into another speculative land grab?

See more ...


  posted at: 10:13 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/ICANN/icannauction.html

Dell's Anti-Tasting Suit ICANN
Dell filed a suit in Florida in early October against a nest of domain tasters in Miami, widely reported in the press last week. The suit was just unsealed, after giving the court time to approve a restraining order and serve it on the defendants. The primary defendant is a Miami resident named Juan Vasquez, doing business as several registrars called BelgiumDomains, CapitolDomains, and DomainDoorman, as well as a whole bunch of tiny companies of unknown authenticity in the Bahamas, various small Caribbean islands, Panama, Argentina, and even Indian Ocean tax haven Mauritius.

See more ...


  posted at: 10:12 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/dellkite.html

Comments on ICANN's registry failure plans ICANN

On June 1st, ICANN publised a short report on what they plan to do about registry failure. (It's not a failure plan, it's a plan to develop a plan.) They invited me to comment on it, so here's what I said. You can see all the comments on ICANN's web site; the only other substantial one is the one from Chuck Gomes, although Ed Hasbrouck's questions about the secret amendments to the .AERO registry are interesting, too.


Most of the report is pretty good. The first three sections give a good overview of the software and data involved in running a registry. I agree with the taxonomy of failure scenarios in section 5.

Section 4 tells us that voluntary transitions have consistently worked well, so there is little reason to spend much time and effort worrying about them or setting rules for them.

Sections 6 and 7 are less good. I realize that they're just guidelines for future work, but they have some problematic implicit assumptions, and do not, in my opinion, set out an adequate task list to prepare for many likely failure scenarios.

See more ...


  posted at: 10:06 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/regfail.html

27 Nov 2008

Facebook wins $800M against spammer. So what? Email
In a widely reported court case, Facebook won an $800M default judgement and injunction against a Montreal man named Adam Guerbuez, who has a long and sordid history. But it probably won't make any difference.

See more ...


  posted at: 10:52 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/facespam.html

22 Nov 2008

Attention Bonds Email

A proposed anti-spam technique called Attention Bonds has been getting a lot of press lately. It's not a particularly new idea; Philip Raymond of Vanquish, Inc. has a patent on the technique applied for in 2002 and issued earlier this year.

In its latest incarnation, it's proposed by University of Michigan economists, starting with an analysis that comes to the not very surprising conclusion that we'd all be better off if something other than spam filters allowed more mail that people want to be delivered. Their propose a form of e-postage in which recipients can demand a monetary ``bond'' from unknown senders, which the receipient can either keep if the message is spammy, or return if the message turns out to be nice.

Attention bonds are an unfortunate idea, particularly in an international forum. The first problem is that they make the all too common assumption that the bad guys will play by the rules. As I note in my e-postage whitepaper, as soon as you make e-mail cost real money, you open up a wide range of financial frauds and scams, ranging from fake payments from fake banks to scams where the bad guys induce people to send them mail and collect all the payments. Although it would be possible to create a set of rules and tribunals to deal with the new problems, there's no reason to assume that the result would be any less expensive and awful than the situation now. There's also the closely related problem that we still don't have any workable authentication scheme for e-mail so there's no way to prevent bad guys from lying about who they are and forging mail purporting to be from your friends.

Second, they don't seem to appreciate how expensive it would be to build the necessary infrastructure, waving it away in one of their presentations by noting that phone systems bill to the second. The system that bills and settles payments among phone companies is big, complex, and expensive, and there are a lot more ISPs and networks than phone companies, even before you start to think about how you'd remit payments to individual mail users.

Internationally, an attention bond system would kill e-mail from LDCs and countries with non-convertible currencies. For you or me, a bond of a couple of dollars is no big deal, but for someone at a cybercafe in Ghana or Nepal, or a student in Iraq using facilities at school (I currently correspond with one), two dollars would be a large chunk of a week's disposable income, if they could buy the bond at all, which they probably couldn't since they don't have a bank account.

Even if you wave your hands and give everyone a bank account, the system is not set up for vast numbers of automated transactions. Paypal is the most widely used online payment system. It's a swell system, and their highly automated system is cheaper than manual credit card charges. but each transaction requires logging in and working through a series of screens, both to be sure the transaction is the one the user wants, and for Paypal to minimize the risk of fraud. Paypal currently handles about 500,000 payments per day (according to their SEC filings). Even if only one message in a hundred did a bond thing, when you consider how much e-mail flows around the world every day, that's still something like a thousand times more transactions than Paypal handles, and considerably more than the entire credit card system handles. Scaling that up wouldn't be either easy or cheap, and would require the investment of many billions of dollars. More hand-waving argues that there'd be multiple banks to spread the load around, so you need only verify a message's bond with the bank that's issuing its bond. That's OK, but we have to assume that spam will all have fake bonds that will need to be checked and rejected, which is nearly as expensive as a successful verification, but doesn't lead to a transaction that helps pay for the transaction system. Futhermore, if you, the recipient, expect to be paid, you'll need to check with your own bank to see if they trust the other bank to pay up, since it won't take long for the First Deceased Military Officers' Bank of Lagos, Nigeria to start issuing bonds that they will cheerfully verify but never pay. It's not impossible for your bank to provide you with an updated set of other banks whose bonds they'll accept, but lacking a central registry like Visa and Mastercard have, which would be a chokepoint, negotiating all of the agreements between all of the banks all over the world would be at the least painful, sort of a throwback to the way international banking worked in the 1930s with letters of credit to correspondent banks overseas.

A friend of mine noted that any e-postage system needs good authentication to make sure the money flows to and from the right people. But with good authentication, there's more direct ways to deal with spam, such as third party reputation systems. Rather than spend billions of dollars to build a system that people will hate becuase it'll be a non-stop source of fraud and scams, wouldn't it make more sense to address the spam problem more directly?

Addendum: one of the U.Mich group, Thede Loder, was at the ITU WSIS spam conference pitching attention bonds, and I had a chance to talk to him at some length. I hope he's now less underinformed about the realities of the world of e-mail, but based on subsequent e-mail correspondence, I'm not sanguine.


  posted at: 07:18 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/attentionbond.html

19 Nov 2008

More spam from Postini Email
A few months ago we had a most interesting colloquy when I posted with some amusement a piece of spam that Postini had sent me, suggesting that a company that claims to be in the spam filtering business should consider using its own product, and a former Postini employee expressed bafflement and outrage that anyone should expect Postini to bear any responsibility for mail sent through their servers. Well, they're back!

See more ...


  posted at: 04:52 :: permanent link to this entry :: 1 comments
Stable link is https://jl.ly/Email/econospam.html

14 Nov 2008

ICANN finally turfs EstDomains ICANN

After all the uncomplimentary things I've said about ICANN, in fairness I should acknowledge that they do, finally, seem to have terminated famously sleazy registrar EstDomains, brushing off last ditch attempts by its owner to claim that his conviction for fraud was under appeal and that he wasn't an officer any more. His conviction was nine months ago, and there's well documented evidence of years of involvement in crime ranging from phishing to child porn, but better late than never.

I remain interested to see what, if anything, ICANN plans to do about registrar DynamicDolphin, whose owner also has been convicted of a felony.

Followup Note: On 24 November, the 281,000 domains registered by EstDomains become available to transfer to any other registrar who wants them. But who'd want a portfolio of domains that are mostly notable for being used for criminal purposes? What if no other registrar wants them? Are they all just deleted? Go into limbo? If they're in limbo, how could a registrant take them out of limbo? Does ICANN have a plan? Stay tuned and in two weeks we'll find out.


  posted at: 14:10 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/ICANN/estdead.html

08 Nov 2008

Registrar hide and seek ICANN
In the past year ICANN has been putting a lot more effort into
its compliance activities, which is a good thing, since the previous level was, ah, exiguous. That's the good news. The bad news is that while they're paying more attention to misbehaving registrants, the registrars, gatekeepers to the world of domains, have serious issues that ICANN have yet to address.

See more ...


  posted at: 19:54 :: permanent link to this entry :: 1 comments
Stable link is https://jl.ly/ICANN/notreg.html

15 Oct 2008

Users don't like forwarded spam Email

A message on Dave Farber's Interesting People list complained that Comcast was blocking mail forwarded by Dyndns, a popular provider of DNS and related services for small-scale users.

... Wholesale blocking of all mail intended for customers from a particular intermediate distributor, merely because they route it through an external service that adds value.
In reponse, I opined:

See more ...


  posted at: 05:09 :: permanent link to this entry :: 6 comments
Stable link is https://jl.ly/Email/fwdspam.html

12 Oct 2008

Cluck, cluck ICANN
I've always been a fan of co-ops. In New York, we shop at
greenstar.coop and my wife banks at alternatives.coop, in the UK we shop at co-operative.coop. So when the .COOP domain opened, I wondered if I could get my own clever domain name, but found that chicken.coop was taken by a small producer co-op in the southern U.S. Drat.

See more ...


  posted at: 17:43 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/chicken.html

10 Oct 2008

Interview on the Jaynes Reversal Email

Podcaster Speaking of Justice talked to me about the Virginia Supreme Court's reversal of the Jeremy Jaynes conviction.

Much of it will be familiar if you've read my previous blog entries, but some of it's not so you can listen to it here.


  posted at: 08:25 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/vainterview.html

27 Sep 2008

Kentucky governor: All your gambling sites are belong to us ICANN

According to news reports, the governor of Kentucky has filed a suit in state court to seize 141 gambling domain names. His claimed authority is a 1974 law against "gambling devices", on the theory that a domain is a "device", and online gambling is taking money away from in-state horse racing and the lottery. The judge sensibly has said that he doesn't understand all the issues, and has given all sides a week to submit briefs. Two domains, highrollerslounge.com and luckypyramidcasino.com have been reassigned to the state, probably by a registrar who didn't understand the issues either.

I have to say that this is a phenomenally bogus case.

See more ...


  posted at: 16:58 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/kygamble.html

30 Jul 2008

Why we'll never replace SMTP Email
An acquaintance asked whether there's been any progress in the oft-rumored project to come up with a more secure replacement for SMTP. Answer: no

See more ...


  posted at: 05:54 :: permanent link to this entry :: 5 comments
Stable link is https://jl.ly/Email/stillsmtp.html

08 Jul 2008

Yes, you really have a zombie on your network Email

A member of one of the mailing lists I read wrote in saying that one of his client's computers was on the CBL, a well known an extremely reliable list of zombie-controlled computers that send spam. He assumed it was due to bounce blowback, and was asking for copies of the messages that caused the listing. Even though the computer in question was a Windows box running Exchange that was also a NAT gateway to a local network, the Exchange logs didn't show anything, and he didn't believe the problem was zombie, He didn't get a lot of sympathy.

Late in the conversation, Steven Champeon of hesketh.com, who heads the Enemieslist anti-spam project, sent a fine summary explaining what you do when you show up on the CBL. It's adapted here with his permission.

See more ...


  posted at: 23:29 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/champ.html

Why new TLDs don't matter ICANN
Lost amid the furor about ICANN's rule change that may (or may not) lead to a flood of TLDs is the uncomfortable fact that almost without exception, the new TLDs created since 2000 have been utter failures. Other than perhaps .cat and .mobi, they've missed their estimates of the number of registrations by orders of magnitude, and they haven't gotten mindshare in the target community. So what went wrong? Users stopped caring about TLDs.

See more ...


  posted at: 00:50 :: permanent link to this entry :: 1 comments
Stable link is https://jl.ly/ICANN/notld.html

03 Jun 2008

Fourteen thousand messages Email
A guy I know went away on a trip for a month and a half. When he got back, his inbox had 14,000 messages waiting for him, real ones, since his mail system has pretty good spam filtering. How can anyone deal with that much mail? More importantly, if there are tools to sort, filter, combine, and so forth to get the mail under control, how can people who aren't technoweenies like me manage the tools?

See more ...


  posted at: 13:33 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/Email/fourteenk.html

29 May 2008

Dot travel still isn't dead yet ICANN

I've writen several blog entries about the continued downward swirling motion of Tralliance, the company that runs the registry for .TRAVEL. In this month's installment, as told in their quarterly 10-Q SEC filing, they flirt with bankruptcy but may well end up more stable than before. One of the more eye-catching paragraphs says:

Based upon the Company's current financial condition, as discussed above, and without the infusion of additional capital, management does not believe that the Company will be able to fund its operations beyond the end of May 2008.

See more ...


  posted at: 23:31 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/travelstillnotdead.html

19 May 2008

CAN SPAM and Affiliate Mailer Opt-Out Email
Many online businesses use affiliates to drum up business. The affiliate finds a lead somewhere, passes it to the business, and gets a commission if the lead turns into a sale. Web based affiliates are relatively uncontroversial, but affiliates who advertise by e-mail are a chronic problem due to their propensity to send spam, both spam as normally defined and as defined by CAN SPAM. Is it possible to do legitimate e-mail affiliate marketing? Maybe.

See more ...


  posted at: 12:14 :: permanent link to this entry :: 3 comments
Stable link is https://jl.ly/Email/affwash.html

09 May 2008

Dismaying ruling in ASIS vs. Azoogle Email
ASIS is a small ISP in northern California. Azoogle is an online lead broker with a history of extremely poor e-mail practices, although they have cleaned up their act enough in recent years to get off the Spamhaus blacklists. ASIS sued Azoogle under CAN SPAM, Azoogle moved for summary judgement, which was granted. Although I can't tell whether Azoogle was responsible for the specific spam in the suit, the reasoning the judge used to throw out the suit is just plain wrong, and the suit should have been allowed to continue.

See more ...


  posted at: 10:11 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/Email/asisazoogle.html

05 May 2008

Happy Birthday Spam on the BBC World Service Email

I was interviewed this afternoon on the BBC World Service newshour program, about the 30th anniversary of the first spam.

To listen in, visit the program's web site. Click the "Listen again" link and, although it was recorded and broadcast on Saturday the 3rd, it is the Sunday 2000 GMT link.

The interview is with Lyse Doucette and starts about at about 13:45 into the hour long program.


  posted at: 14:59 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/Email/spam30.html

03 May 2008

Jeremy Jaynes gets one more chance Email
In 2004 Jaynes became the country's first convicted spam felon under the Virginia anti-spam law. He's been appealing his conviction ever since, most recently losing an appeal to the Virginia Supreme Court by a 4-3 decision in February. As I
discussed in more detail at the time the key questions were a) whether the Virginia law had First Amendment problems and b) whether Jaynes had standing to challenge it. The court answered No to b), thereby avoiding the need to answer a), the dissent answered Yes to both.

See more ...


  posted at: 23:49 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/jaynesrehear.html

30 Apr 2008

Colorado has a new spam law Email
The governor of Colorado recently signed
a new anti-spam law into effect. Since CAN SPAM draws a tight line around what states can do, this law is mostly interesting for the way that it pushes as firmly against that line as it can.

See more ...


  posted at: 09:59 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/cololaw.html

20 Apr 2008

Sender Address Verification -- still a bad idea Email

A lot of spam uses fake return addresses. So back around 2000 it occurred to someone that if there were a way to validate the return addresses in mail, they could reject the stuff with bad return addresses.

A straightforward way to do that is a callout, doing a partial mail transaction to see if the putative sender's mail server accepts mail to that address. This approach was popular for a few years, but due to its combination of ineffectiveness and abusiveness, it's now used only by small mail systems whose managers don't know any better.

What's wrong with it?

See more ...


  posted at: 22:11 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/callout.html

Comcast 1, E360 0 Email

The judge in E360 vs. Comcast filed his order yesterday, and to put it mildly, he agreed with Comcast. It starts:

Plaintiff e360Insight, LLC is a marketer. It refers to itself as an Internet marketing company. Some, perhaps even a majority of people in this country, would call it a spammer.
and from E360's viewpoint, goes downhill from there.

See more ...


  posted at: 22:10 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/e3comcast4.html

19 Apr 2008

ICANN GNSO Votes to Kill Domain Tasting ICANN
Domain tasting is the disreputable practice of registering lots of domains, seeing how much traffic they get, and then using the five day Add Grace Period to refund the 99.9% of them that aren't worth paying for. A related abuse is front running, registrars speculatively grabbing domains that people inquire about to prevent them from using a different registrar.

See more ...


  posted at: 14:47 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/realnotaste.html

26 Mar 2008

A third, more interesting round in E360 vs. Comcast Email
In the past week, Comcast filed an answer, denying all of E360's charges, and attached to it a motion to file a most impressive
counterclaim. The court granted the motion on Monday so the counterclaim has been filed. At about the same time, E360 filed its response to Comcast's previous motion to dismiss the suit due to its utter lack of legal merit.

See more ...


  posted at: 10:23 :: permanent link to this entry :: 1 comments
Stable link is https://jl.ly/Email/e3comcast3.html

19 Mar 2008

More on the Soloway case Email
I've now read Soloway's
plea agreement. Despite some claims from his lawyers that it's some kind of victory that he only pleaded to three of the 40 charges, with the rest being dismissed, it's clear from the agreement that he indeed did just about everything that the government charged.

See more ...


  posted at: 23:39 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/solplead2.html

15 Mar 2008

Robert Soloway pleads guilty Email
Large scale spammer Robert Soloway, whose criminal trial was scheduled to start in a week and a half, pled guilty to most of the charges against him.

See more ...


  posted at: 23:28 :: permanent link to this entry :: 3 comments
Stable link is https://jl.ly/Email/solplead.html

05 Mar 2008

Comcast fires back at E360 Email

Back in January, bulk mailer E360 filed a suit against giant cable ISP Comcast. This week Comcast responded with a withering response. (Copies available at spamsuite.com.) Their memorandum of law wastes no time getting down to business:

Plaintiff is a spammer who refers to itself as a "internet marketing company," and is in the business of sending email solicitations and advertisements to millions of Internet users, including many of Comcast's subscribers.

See more ...


  posted at: 23:38 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/e3comcast2.html

04 Mar 2008

The Anti-Phishing Consumer Protection Act of 2008 Email
Last week Sen. Snowe filed bill S.2661, the Anti-Phishing Consumer Protection Act of 2008, or APCPA. While its goals are laudable, I have my doubts about some of the details.

See more ...


  posted at: 00:02 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/Email/s2661.html

03 Mar 2008

More on the Front Running Class Action Suit ICANN
Several people pointed out that although the suit still hasn't appeared in PACER, copies of the complaint are available online, including
this one at Lextext. Having read it, I'm rather underwhelmed.

See more ...


  posted at: 19:41 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/front2.html

01 Mar 2008

Virginia Supreme Court Narrowly Upholds Jaynes' Conviction Email
Way back in 2004 the country's first criminal spam case, Commonwealth of Virginia v. Jaynes, convicted large scale spammer Jeremy Jaynes under the Virginia anti-spam law, and sentenced him to nine years in jail. I was the Commonwealth's technical expert and
wrote about my experience. Since then he's been working his way through the appeals process, losing at each stage. Today the Virginia Supreme Court handed down its decision. They upheld the conviction, but only by a single vote, 4-3.

See more ...


  posted at: 01:08 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/jaynesappeal.html

27 Feb 2008

The Front Running Class Action Suit ICANN
In a recent
press release, Los Angeles law firm Kabateck Brown Kellner says it's filed a class action suit against Network Solutions and ICANN for front running. (If you tuned in late, NetSol admits that if you query a domain name on their web site, they will speculatively register it so that it's only available through NetSol for five days, at their above market price.) This is a very peculiar suit.

See more ...


  posted at: 23:43 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/frontrunsuit.html

16 Feb 2008

We're CAN SPAM compliant! Whoopee. Email
Recently, several of my friends
have been writing about mailers who boast that they're compliant with CAN SPAM. Here's our distilled advice in one handy word: don't.

See more ...


  posted at: 14:12 :: permanent link to this entry :: 1 comments
Stable link is https://jl.ly/Email/compliant.html

Dot travel continues to head down the tubes ICANN

Last year I wrote two blog entries on the dire state of Tralliance, owner of the .travel registry, which was bailed out at the last minute by a large loan from the registry's controlling shareholder, Michael Egan. Since then they've taken some decisive steps on the road to irrelevance.

Originally, they had strict rules about who was allowed to register, basically only members of a list of well known industry associations. As of December 21, they have new rules that seem to limit registrants to anyone who shows the faintest interest, with a preference to bulk registrations. (If you followed the history of .aero, the deja vú is intense.) In September, they sold their search.travel search engine for about $300K to a company controlled by Egan, stating they needed the cash to stay in business. Then, according to an SEC filing, Labigroup, another company controlled by Egan, has agreed to buy at least 25,000 .travel domains, producing over $250,000 of simulated revenue which looks an awful lot like taking money out of one pocket, waving it around, and then putting it back in one's other pocket, particularly since another SEC filing two weeks ago reveals that current owner theglobe.com is selling Tralliance to yet another LLC owned directly by Egan.

See more ...


  posted at: 00:09 :: permanent link to this entry :: 1 comments
Stable link is https://jl.ly/ICANN/traveldrain.html

06 Feb 2008

Neustar and Afilias jump on the No Tasting bandwagon ICANN
In
a message posted to the ICANN GNSO list, Avri Doria forwarded along a most interesting document from Neustar, who runs the .biz domain.

See more ...


  posted at: 09:30 :: permanent link to this entry :: 1 comments
Stable link is https://jl.ly/ICANN/biztaste.html

03 Feb 2008

There's a lot of money in domain tasting ICANN
Dell's anti-tasting suit that I wrote about
in December has been heating up, according to court documents filed in January. There's been a lot of predictable legal skirmishing in which the defendant registrars deny that they're also the registrants, claim that they're really outside the US so they haven't been served, argue about some server disks that the allegedly non-US defendant has at a data center in Florida, and so forth, but what really jumps out are the arguments about how much money this suit is (again allegedly) costing the defendants.

See more ...


  posted at: 21:35 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/ICANN/tastebucks.html

29 Jan 2008

Domain tasting to go away for real this time. ICANN

At last week's meeting, the ICANN board uncharacteristially did something and voted to make their fee of 20 cents per domain-year nonrefundable. They expect this to stop both domain tasting and NSI's frontrunning, which it certainly will. It's not clear when this change will go into effect, but it might be within a month.

It's items 5 and 6 in the draft minutes on ICANN's web site. (The ICANN staff uncharacteristically published the minutes soon after the meeting, another refreshing change.)

I wonder if Google will now undo their new rule about no ads on domains less than five days old.


  posted at: 12:29 :: permanent link to this entry :: 2 comments
Stable link is https://jl.ly/ICANN/notaste.html

23 Jan 2008

Comcast sued, sort of, by E360 Email

E360 Insight is a small bulk emailing house near Chicago run by David Linhardt with a chronic spam problem. He gained fame last year due to a meretricious suit against Spamhaus involving strange twists and turns, mostly due to Spamhaus getting some dreadful legal advice. My September blog entry described the current status of this case.

Last Tuesday he filed a remarkable suit against giant cable ISP Comcast. I have just read a PDF copy of the complaint (courtesy of spamsuite.com) and each page is more amazing than the last.

See more ...


  posted at: 13:11 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/e3comcast.html

13 Jan 2008

Ralsky Indicted, CAN SPAM is still useless Email

Well, I read the indictment (available here from Spamhaus.) It's a long litany of criminal behavior, primarily pump and dump stock fraud of a long list of penny stocks from the US and China. Ralsky is described as the "chief executive officer and overall leader" of the scheme, and it goes on to list fifteen others, including "mailer 2", an unindicted co-conspirator in Seattle who is presumably Robert Soloway.

The thing that strikes me about this indictment is that although it includes a lot of CAN SPAM charges, everything Ralsky and Co. did was already illegal under conventional fraud and computer tampering laws. Lying about who you are to tout worthless stock is already illegal, hijacking other people's computers is illegal, and collecting the money for fraudulent actions is illegal, too. Sure, they're throwing the book at them for CAN SPAM violations about fraudulent mail headers and domain registrations, but by my reading, they'd have just as strong a case without CAN SPAM, and the conventional charges will be a lot easier to explain to a judge and a jury.

So it's a relief that Ralsky, who spent the better part of a decade as the country's highest profile spammer, is finally headed back to jail. (He's been there before, for insurance fraud.) But it's yet another reminder that the US needs effective anti-spam laws, and CAN SPAM isn't one.


  posted at: 02:40 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/ralsky2.html

Snooping on e-mail is still against the law, just barely Email

In August 2005, the full U.S. Court of Appeals for the 1st Circuit issued its long awaited decision in the U.S. v. Councilman case. This case has an extremely peculiar set of facts and a peculiar history to match, and although I agree with the court's decision, I'm not too encouraged by the history of the case.

Everyone apparently agreed to the facts of the case, but see the update at the end of this article: Brad Councilman was an executive at a company called Interloc which ran an online service for used bookstores, which among other things provided the stores with e-mail accounts. (Interloc is long gone, merged into the larger Alibris.) In 1998 Councilman allegedly decided to do a little surrepetitious market research by adjusting the procmail script that delivered the stores' e-mail to make copies of mail from Amazon.com in a mailbox that Councilman and other Interloc employees read, and they did indeed copy and read thousands of messages. Councilman was in the unusual position of being both an ISP for these stores and their competitor. In 2001, Councilman was indicted for violating the Wiretap Act, by intercepting electronic communications, namely the e-mail from Amazon. Councilman's lawyers came up with a clever defense arguing that what he did wasn't against the law.

See more ...


  posted at: 02:20 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/councilman.html

04 Jan 2008

Mega-spammer Alan Ralsky indicted Email

Alan Ralsky, widely believed to be one of the world's most prolific spammers, was indicted by the US Federal government along with ten other people according to a press release the government sent out yesterday.

I'll write more on this in a few days after I get back from Japan and have a chance to look at case documents.


  posted at: 07:21 :: permanent link to this entry :: 0 comments
Stable link is https://jl.ly/Email/ralsky1.html

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
Spam trends update for Sep-Nov 2023
55 days ago

A keen grasp of the obvious
Italian Apple Cake
553 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse

My Mastodon feed



© 2005-2020 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.