Click the comments link on any
story to see comments or add your own.
Subscribe to this blog
 RSS feed
|
Home
25 Dec 2008
In September the long strange Jeremy Jaynes spam case
took its most recent twist when the Virginia Supreme Court
reversed its previous
decision and threw out the state's anti-spam law on First
Amendment grounds.
The state is currently preparing one final appeal to the U.S.
Supreme Court, and interested parties are preparing their briefs.
I recently reread the decision, and was struck that the court's analysis
depends on a severe misunderstanding of the way that e-mail works.
See more ...
Stable link is https://jl.ly/Email/polianon.html
21 Dec 2008
ICANN's authority to manage top level of the DNS comes from a two-year
Joint Project Agreement (JPA) signed with the US Department of Commerce in 1997,
since extended seven times, most recently until September 2009.
Since the DoC can unilaterally cancel the JPA which would put ICANN out
of the DNS business, when DoC speaks, ICANN listens.
See more ...
Stable link is https://jl.ly/ICANN/docnewtld.html
19 Dec 2008
Domain tasting, as everyone probably knows by now, is the disreputable
practice of registering lots of domains, seeing how much traffic they
get, and then using the five day Add Grace Period (AGP) to refund the 99.9%
of them that aren't worth paying for. A related abuse is front
running, registrars speculatively grabbing domains that people inquire
about to prevent them from using a different registrar.
Back in April, the ICANN GNSO (the subgroup that deals with
generic TLDs, i.e., all but the two-letter country codes)
voted to set a new policy
to get rid of domain tasting.
And now, eight short months later, it's finally
about
to become ICANN policy.
See more ...
Stable link is https://jl.ly/ICANN/lasttaste.html
07 Dec 2008
Coreg, short for co-registration, is a popular but problematic method for
building mailing lists.
When you sign up for mail from someone, if there's a box asking if you'd
like Valuable Offers from Our Treasured Marketing Partners, that's coreg.
They sell your address to the TMPs who do, well, something with it.
In some cases coreg is a sideline, but there are companies that do nothing
but coreg, with online sweepstakes and other cheap trinkets as come-ons
to get people to sign up.
Coreg has earned a dreadful reputation.
The classic example is "Nadine",
an elderly woman who mistyped her address on a sweepstakes site, instead
typing an address at an ISP in Texas which collected all of the mail she
got and tracked its passage from one mailer to another.
He stopped counting last year at upwards of 90,000 messages,
everything from political opinion surveys to horse porn.
So a friend asked, is it possible to do coreg that doesn't stink?
See more ...
Stable link is https://jl.ly/Email/coreg.html
Several proposals for Lightweight MTA Authentication Protocol (LMAP)
have been gathering attention of late.
They all define ways for a domain to specify that some particular IP
addresses are allowed to send mail for that domain, and others aren't.
LMAP has a variety of technical problems because there are surprisingly
many ways that mail can be sent from unexpected places.
Selective Sender, a simpler scheme that has been proposed before under
other names, is much simpler.
... read the mini-paper on-line
... mini-paper printable version
Stable link is https://jl.ly/Email/ss.html
The biggest buzz from the Paris ICANN meeting was that the board
accepted last fall's proposal for a streamlined process to add new TLDs.
A variety of
articles
in the mainstream press, many featuring inflammatory but poorly informed
quotes
(from people who probably
got a phone call saying "We go to press in five minutes, what do you think
about ICANN's plan to add a million new domains?") didn't help.
When can we expect the flood of TLDs?
Don't hold your breath.
See more ...
Stable link is https://jl.ly/ICANN/newtlds.html
I recently gave a talk about the way that domain registrations work.
To illustrate it I made a slide that illustrates the process.
Any questions?
Stable link is https://jl.ly/ICANN/simple.html
ICANN recently commissioned
a
report from a domain auction company to see whether it would be a good
idea to auction TLDs that have multiple applicants.
Remarkably, the domain auctioneers came to the conclusion that auctions
are a great idea, which they surely are for some people.
But are they a good idea for ICANN?
And if ICANN admits they can't evaluate competing
applications on their merits, how can they keep the process
from turning into another speculative land grab?
See more ...
Stable link is https://jl.ly/ICANN/icannauction.html
Dell filed a suit in Florida in early October against a nest of domain
tasters in Miami, widely reported in the press last week.
The suit was just unsealed, after giving the court time to approve
a restraining order and serve it on the defendants.
The primary defendant is a Miami resident named Juan Vasquez, doing business
as several registrars called BelgiumDomains, CapitolDomains, and DomainDoorman,
as well as a whole bunch of tiny companies of unknown authenticity in the Bahamas,
various small Caribbean islands, Panama, Argentina, and even Indian Ocean
tax haven Mauritius.
See more ...
Stable link is https://jl.ly/ICANN/dellkite.html
On June 1st, ICANN publised a short
report
on what they plan to do about registry failure.
(It's not a failure plan, it's a plan to develop a plan.)
They invited me to comment on it, so here's what I said.
You can see
all the
comments on ICANN's web site; the only other substantial one is the
one from Chuck Gomes, although Ed Hasbrouck's questions about the secret
amendments to the .AERO registry are interesting, too.
Most of the report is pretty good. The first three sections give a good
overview of the software and data involved in running a registry. I
agree with the taxonomy of failure scenarios in section 5.
Section 4 tells us that voluntary transitions have consistently worked
well, so there is little reason to spend much time and effort worrying
about them or setting rules for them.
Sections 6 and 7 are less good. I realize that they're just guidelines
for future work, but they have some problematic implicit assumptions,
and do not, in my opinion, set out an adequate task list to prepare
for many likely failure scenarios.
See more ...
Stable link is https://jl.ly/ICANN/regfail.html
27 Nov 2008
In a widely reported court case, Facebook won an $800M default judgement
and injunction against a Montreal man named Adam Guerbuez, who has a long
and sordid history.
But it probably won't make any difference.
See more ...
Stable link is https://jl.ly/Email/facespam.html
22 Nov 2008
A proposed anti-spam technique called
Attention Bonds
has been getting a lot of press lately.
It's not a particularly new idea; Philip Raymond of Vanquish, Inc. has
a patent on the technique applied for in 2002
and issued earlier this year.
In its latest incarnation,
it's proposed by University of Michigan economists, starting with an
analysis that comes to the not very surprising conclusion that we'd all
be better off if something other than spam filters allowed more mail that
people want to be delivered.
Their propose a form of e-postage in which recipients can demand a
monetary ``bond'' from unknown senders, which the receipient can either
keep if the message is spammy, or return if the message turns out to be nice.
Attention bonds are an unfortunate idea, particularly in an international
forum. The first problem is that they make the all too common assumption
that the bad guys will play by the rules. As I note in my
e-postage whitepaper,
as soon as you make e-mail cost real money, you open up a wide
range of financial frauds and scams, ranging from fake payments from fake
banks to scams where the bad guys induce people to send them mail and
collect all the payments. Although it would be possible to create a set
of rules and tribunals to deal with the new problems, there's no reason to
assume that the result would be any less expensive and awful than the
situation now. There's also the closely related problem that we still
don't have any workable authentication scheme for e-mail so there's no
way to prevent bad guys from lying about who they are and forging mail
purporting to be from your friends.
Second, they don't seem to appreciate how expensive it would be to build
the necessary infrastructure, waving it away in one of their presentations
by noting that phone systems
bill to the second. The system that bills and settles payments among
phone companies is big, complex, and expensive, and there are a lot more
ISPs and networks than phone companies, even before you start to think
about how you'd remit payments to individual mail users.
Internationally, an attention bond system would kill e-mail from LDCs and
countries with non-convertible currencies. For you or me, a bond of a
couple of dollars is no big deal, but for someone at a cybercafe in Ghana
or Nepal, or a student in Iraq using facilities at school (I currently
correspond with one), two dollars would be a large chunk of a week's
disposable income, if they could buy the bond at all, which they probably
couldn't since they don't have a bank account.
Even if you wave your hands and give everyone a bank account, the system
is not set up for vast numbers of automated transactions. Paypal is the
most widely used online payment system.
It's a swell system, and their highly automated system is cheaper than manual credit
card charges. but each transaction requires logging in and working through a
series of screens, both to be sure the transaction is the one the user wants,
and for Paypal to minimize the risk of fraud. Paypal currently handles about
500,000 payments per day (according to their SEC filings). Even if only
one message in a hundred did a bond thing, when you consider how much e-mail
flows around the world every day, that's still something like a
thousand times more transactions than Paypal handles, and considerably
more than the entire credit card system handles. Scaling that up wouldn't
be either easy or cheap, and would require the investment of many billions
of dollars.
More hand-waving argues that there'd be multiple banks to spread the load
around, so you need only verify a message's bond with the bank that's
issuing its bond.
That's OK, but we have to assume that spam will all have fake bonds that
will need to be checked and rejected, which is nearly as expensive as a
successful verification, but doesn't lead to a transaction that helps
pay for the transaction system.
Futhermore, if you, the recipient, expect to be paid, you'll need to check
with your own bank to see if they trust the other bank to pay up, since it
won't take long for the First Deceased Military Officers' Bank of Lagos,
Nigeria to start issuing bonds that they will cheerfully verify but never
pay.
It's not impossible for your bank to provide you with an updated set of
other banks whose bonds they'll accept, but lacking a central registry
like Visa and Mastercard have, which would be a chokepoint, negotiating all
of the agreements between all of the banks all over the world would be
at the least painful, sort of a throwback to the way international banking
worked in the 1930s with letters of credit to correspondent banks overseas.
A friend of mine noted that any e-postage system needs good authentication
to make sure the money flows to and from the right people.
But with good authentication, there's more direct ways to deal with
spam, such as third party reputation systems.
Rather than spend billions of dollars to build a system that people will
hate becuase it'll be a non-stop source of fraud and scams, wouldn't it
make more sense to address the spam problem more directly?
Addendum: one of the U.Mich group, Thede Loder, was at the ITU WSIS spam
conference pitching attention bonds, and I had a chance to talk to him
at some length.
I hope he's now less underinformed about the realities of the world of
e-mail, but based on subsequent e-mail correspondence, I'm not sanguine.
Stable link is https://jl.ly/Email/attentionbond.html
19 Nov 2008
A few months ago we had a most interesting colloquy when I posted with some
amusement a piece of spam that Postini had sent me, suggesting that a
company that claims to be in the spam filtering business should consider
using its own product, and a former Postini employee expressed bafflement
and outrage that anyone should expect Postini to bear any responsibility
for mail sent through their servers.
Well, they're back!
See more ...
Stable link is https://jl.ly/Email/econospam.html
14 Nov 2008
After all the uncomplimentary things I've said about ICANN, in fairness
I should acknowledge that they do, finally, seem to have
terminated
famously sleazy registrar EstDomains, brushing off last ditch
attempts by its owner to claim that his conviction for fraud was under
appeal and that he wasn't an officer any more.
His conviction was nine months ago, and there's well documented evidence
of years of involvement in crime ranging from phishing to child porn,
but better late than never.
I remain interested to see what, if anything, ICANN plans to do about
registrar DynamicDolphin, whose owner also has been convicted of a
felony.
Followup Note: On 24 November, the 281,000 domains registered
by EstDomains become available to transfer to any other registrar who
wants them. But who'd want a portfolio of domains that are mostly
notable for being used for criminal purposes? What if no other
registrar wants them? Are they all just deleted? Go into limbo?
If they're in limbo, how could a registrant take them out of limbo?
Does ICANN have a plan? Stay tuned and in two weeks we'll find out.
Stable link is https://jl.ly/ICANN/estdead.html
08 Nov 2008
In the past year ICANN has been putting a lot more effort into
its compliance activities,
which is a good thing, since the previous level was, ah, exiguous.
That's the good news.
The bad news is that while they're paying more attention to misbehaving
registrants, the registrars, gatekeepers to the world of domains,
have serious issues that ICANN have yet to address.
See more ...
Stable link is https://jl.ly/ICANN/notreg.html
15 Oct 2008
A message
on Dave Farber's Interesting People list
complained that Comcast was blocking mail forwarded by Dyndns, a
popular provider of DNS and related services for small-scale users.
... Wholesale blocking of all mail intended for customers from a
particular intermediate distributor, merely because they route it
through an external service that adds value.
In reponse, I opined:
See more ...
Stable link is https://jl.ly/Email/fwdspam.html
12 Oct 2008
I've always been a fan of co-ops.
In New York, we shop at greenstar.coop
and my wife banks at alternatives.coop,
in the UK we shop at co-operative.coop.
So when the .COOP domain opened, I wondered if I could get my own clever
domain name, but found that chicken.coop was taken by a small producer
co-op in the southern U.S. Drat.
See more ...
Stable link is https://jl.ly/ICANN/chicken.html
10 Oct 2008
Podcaster Speaking of Justice talked to me about the Virginia
Supreme Court's reversal of
the Jeremy Jaynes conviction.
Much of it will be familiar if you've read my
previous
blog
entries, but some of it's not
so you can
listen to it here.
Stable link is https://jl.ly/Email/vainterview.html
27 Sep 2008
According to
news reports, the governor of Kentucky has filed a
suit in state court to seize 141 gambling domain names.
His claimed authority is a 1974 law against "gambling devices", on the theory
that a domain is a "device", and online gambling is taking money away from
in-state horse racing and the lottery.
The judge sensibly has said that he doesn't understand all the issues, and
has given all sides a week to submit briefs.
Two domains, highrollerslounge.com and luckypyramidcasino.com have been
reassigned to the state, probably by a registrar who didn't understand the
issues either.
I have to say that this is a phenomenally bogus case.
See more ...
Stable link is https://jl.ly/ICANN/kygamble.html
30 Jul 2008
An acquaintance asked whether there's been any progress in the oft-rumored
project to come up with a more secure replacement for SMTP. Answer: no
See more ...
Stable link is https://jl.ly/Email/stillsmtp.html
08 Jul 2008
A member of one of the mailing lists I read wrote in saying that one
of his client's
computers was on the CBL,
a well known an extremely reliable list of zombie-controlled
computers that send spam.
He assumed it was due to bounce blowback,
and was asking for copies of the messages that caused the listing.
Even though the computer
in question was a Windows box running Exchange that was also
a NAT gateway to a local network,
the Exchange logs didn't show anything, and
he didn't believe the problem was zombie,
He didn't get a lot of sympathy.
Late in the conversation, Steven Champeon of
hesketh.com, who
heads the Enemieslist anti-spam
project, sent
a fine summary explaining what you do when you show up on the CBL.
It's adapted here with his permission.
See more ...
Stable link is https://jl.ly/Email/champ.html
Lost amid the furor about ICANN's rule change that may (or may not) lead
to a flood of TLDs is the uncomfortable fact that almost without exception,
the new TLDs created since 2000 have been utter failures. Other than
perhaps .cat and .mobi, they've missed their estimates of the number
of registrations by orders of magnitude, and they haven't gotten mindshare
in the target community.
So what went wrong? Users stopped caring about TLDs.
See more ...
Stable link is https://jl.ly/ICANN/notld.html
03 Jun 2008
A guy I know went away on a trip for a month and a half.
When he got back, his inbox had 14,000 messages waiting for him,
real ones, since his mail system has pretty good spam
filtering.
How can anyone deal with that much mail?
More importantly, if there are tools to sort, filter, combine,
and so forth to get the mail under control, how can people who
aren't technoweenies like me manage the tools?
See more ...
Stable link is https://jl.ly/Email/fourteenk.html
29 May 2008
I've writen
several
blog
entries
about the continued downward swirling motion of Tralliance, the company
that runs the registry for .TRAVEL.
In this month's installment, as told in their
quarterly 10-Q SEC filing,
they flirt with bankruptcy but may well end up more stable than before.
One of the more eye-catching paragraphs says:
Based upon the Company's current financial condition, as discussed
above, and without the infusion of additional capital, management does
not believe that the Company will be able to fund its operations beyond
the end of May 2008.
See more ...
Stable link is https://jl.ly/ICANN/travelstillnotdead.html
19 May 2008
Many online businesses use affiliates to drum up business.
The affiliate finds a lead somewhere, passes it to the business, and gets
a commission if the lead turns into a sale.
Web based affiliates are relatively uncontroversial, but affiliates
who advertise by e-mail are a chronic problem due to their propensity
to send spam, both spam as normally defined and as defined
by CAN SPAM.
Is it possible to do legitimate e-mail affiliate marketing? Maybe.
See more ...
Stable link is https://jl.ly/Email/affwash.html
09 May 2008
ASIS is a small ISP in northern California.
Azoogle is an online lead broker with a history of extremely poor
e-mail practices, although they have cleaned up their act enough in
recent years to
get off the Spamhaus blacklists.
ASIS sued Azoogle under CAN SPAM, Azoogle moved for summary judgement,
which was granted.
Although I can't tell whether Azoogle was responsible for the specific
spam in the suit, the reasoning the judge used to throw out the suit is
just plain wrong, and the suit should have been allowed to continue.
See more ...
Stable link is https://jl.ly/Email/asisazoogle.html
05 May 2008
I was interviewed this afternoon on the BBC World Service newshour
program, about the 30th anniversary of the first spam.
To listen in, visit
the
program's web site.
Click the "Listen again" link and,
although it was recorded and broadcast on Saturday the 3rd, it is
the Sunday 2000 GMT link.
The interview is with Lyse Doucette and starts about at about 13:45 into
the hour long program.
Stable link is https://jl.ly/Email/spam30.html
03 May 2008
In 2004 Jaynes became the country's first convicted spam felon under
the Virginia anti-spam law.
He's been appealing his conviction ever since, most recently
losing an appeal to the Virginia Supreme Court by a 4-3 decision
in February.
As I
discussed in more detail at the time
the key questions were a) whether the Virginia law had First Amendment
problems and b) whether Jaynes had standing to challenge it. The court
answered No to b), thereby avoiding the need to answer a), the dissent
answered Yes to both.
See more ...
Stable link is https://jl.ly/Email/jaynesrehear.html
30 Apr 2008
The governor of Colorado recently signed
a new anti-spam law
into effect.
Since CAN SPAM draws a tight line around what states can do, this law
is mostly interesting for the way that it pushes as firmly against that
line as it can.
See more ...
Stable link is https://jl.ly/Email/cololaw.html
20 Apr 2008
A lot of spam uses fake return addresses.
So back around 2000 it occurred to someone that if there were a
way to validate the
return addresses in mail, they could reject the stuff with bad
return addresses.
A straightforward way to do that is a callout, doing a partial
mail transaction to see if the putative sender's mail server accepts
mail to that address.
This approach was popular for a few years, but due to its combination
of ineffectiveness and abusiveness, it's now used only by small
mail systems whose managers don't know any better.
What's wrong with it?
See more ...
Stable link is https://jl.ly/Email/callout.html
The judge in E360 vs. Comcast filed
his order
yesterday, and to put it
mildly, he agreed with Comcast. It starts:
Plaintiff e360Insight, LLC is a marketer. It refers to itself as an
Internet marketing company. Some, perhaps even a majority of people in
this country, would call it a spammer.
and from E360's viewpoint, goes downhill from there.
See more ...
Stable link is https://jl.ly/Email/e3comcast4.html
19 Apr 2008
Domain tasting is the disreputable practice of registering lots of domains,
seeing how much traffic they get, and then using the five day Add Grace Period
to refund the 99.9% of them that aren't worth paying for.
A related abuse is front running, registrars speculatively grabbing
domains that people inquire about to prevent them from using a different
registrar.
See more ...
Stable link is https://jl.ly/ICANN/realnotaste.html
26 Mar 2008
In the past week, Comcast filed an answer, denying
all of E360's charges, and attached to it a motion to file a
most impressive
counterclaim.
The court granted the motion on Monday so the counterclaim has been filed.
At about the same time, E360 filed its response to Comcast's
previous motion to dismiss the suit
due to its utter lack of legal merit.
See more ...
Stable link is https://jl.ly/Email/e3comcast3.html
19 Mar 2008
I've now read Soloway's
plea agreement.
Despite some claims from his lawyers that it's some kind of
victory that he
only pleaded to three of the 40 charges, with the rest being
dismissed, it's clear from the agreement that he indeed did just about
everything that the government charged.
See more ...
Stable link is https://jl.ly/Email/solplead2.html
15 Mar 2008
Large scale spammer Robert Soloway, whose criminal trial was scheduled to
start in a week and a half, pled guilty to most of the charges against him.
See more ...
Stable link is https://jl.ly/Email/solplead.html
05 Mar 2008
Back in January, bulk mailer E360 filed
a suit against giant cable ISP Comcast.
This week Comcast responded with a withering response.
(Copies available
at spamsuite.com.)
Their memorandum of law wastes no time getting down to business:
Plaintiff is a spammer who refers to itself as a "internet marketing
company," and is in the business of sending email solicitations and
advertisements to millions of Internet users, including many of
Comcast's subscribers.
See more ...
Stable link is https://jl.ly/Email/e3comcast2.html
04 Mar 2008
Last week Sen. Snowe filed bill S.2661, the
Anti-Phishing Consumer Protection Act of 2008, or APCPA.
While its goals are laudable, I have my doubts about some
of the details.
See more ...
Stable link is https://jl.ly/Email/s2661.html
03 Mar 2008
Several people pointed out that although the suit
still hasn't appeared in PACER,
copies of the complaint are available online, including
this one at Lextext.
Having read it, I'm rather underwhelmed.
See more ...
Stable link is https://jl.ly/ICANN/front2.html
01 Mar 2008
Way back in 2004 the country's first criminal spam case,
Commonwealth of Virginia v. Jaynes, convicted
large scale spammer Jeremy Jaynes under the Virginia anti-spam law,
and sentenced him to nine years in jail.
I was the Commonwealth's technical expert and
wrote about my experience.
Since then he's been working his way through the appeals process,
losing at each stage.
Today the Virginia Supreme Court handed down its decision.
They upheld the conviction, but only by a single vote, 4-3.
See more ...
Stable link is https://jl.ly/Email/jaynesappeal.html
27 Feb 2008
In a recent
press release,
Los Angeles law firm Kabateck Brown Kellner says it's filed a class action
suit against Network Solutions and ICANN for front running.
(If you tuned in late, NetSol admits that if you query a domain name on
their web site, they will speculatively register it so that it's only
available through NetSol for five days, at their above market price.)
This is a very peculiar suit.
See more ...
Stable link is https://jl.ly/ICANN/frontrunsuit.html
16 Feb 2008
Recently, several of my friends
have
been
writing
about mailers who boast that they're compliant with CAN SPAM.
Here's our distilled advice in one handy word: don't.
See more ...
Stable link is https://jl.ly/Email/compliant.html
Last year I wrote two
blog
entries
on the dire state of Tralliance, owner of the .travel registry, which was
bailed out at the last minute by a large loan from the registry's
controlling shareholder, Michael Egan.
Since then they've taken some decisive steps on the road to irrelevance.
Originally, they had strict rules about who was allowed to register,
basically only members of a list of well known industry associations.
As of December 21, they have new rules that seem to limit registrants
to anyone who shows the faintest interest, with a preference to
bulk registrations.
(If you followed the history of .aero, the deja vú is intense.)
In September, they sold their search.travel search engine for about $300K
to a company controlled by Egan, stating they needed the cash to stay
in business.
Then,
according to an SEC filing,
Labigroup, another company controlled by Egan, has agreed to buy at
least 25,000 .travel domains, producing over $250,000 of simulated revenue
which looks an awful lot like taking money out of one pocket, waving it
around, and then putting it back in one's other pocket,
particularly since another
SEC filing two weeks ago reveals that current owner theglobe.com
is selling Tralliance to yet another LLC owned directly by Egan.
See more ...
Stable link is https://jl.ly/ICANN/traveldrain.html
06 Feb 2008
In
a
message posted to the ICANN GNSO list, Avri Doria forwarded along a most
interesting document from Neustar, who runs the .biz domain.
See more ...
Stable link is https://jl.ly/ICANN/biztaste.html
03 Feb 2008
Dell's anti-tasting suit that I wrote about
in
December
has been heating up, according to court documents filed in January.
There's been a lot of predictable legal skirmishing in which the defendant
registrars deny that they're also the registrants, claim that they're really
outside the US so they haven't been served, argue about some server disks
that the allegedly non-US defendant has at a data center in Florida, and
so forth, but what really jumps out are the arguments about how
much money this suit is (again allegedly) costing the defendants.
See more ...
Stable link is https://jl.ly/ICANN/tastebucks.html
29 Jan 2008
At last week's meeting, the ICANN board uncharacteristially did
something and voted to make their fee of 20 cents per domain-year
nonrefundable. They
expect this to stop both domain tasting and NSI's frontrunning, which it
certainly will. It's not
clear when this change will go into effect, but it might be within a month.
It's items 5 and 6 in
the draft minutes on ICANN's web site.
(The ICANN staff uncharacteristically published the minutes soon after
the meeting, another refreshing change.)
I wonder if Google will now undo their new rule about no ads on domains
less than five days old.
Stable link is https://jl.ly/ICANN/notaste.html
23 Jan 2008
E360 Insight is a small bulk emailing house near Chicago run by David Linhardt
with a chronic spam problem.
He gained fame last year due to a meretricious suit against Spamhaus involving
strange twists and turns, mostly due to Spamhaus getting some dreadful
legal advice. My September
blog entry described the current status of this case.
Last Tuesday he filed a remarkable suit against giant cable ISP
Comcast.
I have just read a
PDF copy of the
complaint (courtesy of spamsuite.com) and each page is more amazing
than the last.
See more ...
Stable link is https://jl.ly/Email/e3comcast.html
13 Jan 2008
Well, I read the indictment
(available here
from Spamhaus.)
It's a long litany of criminal behavior, primarily pump and dump stock
fraud of a long list of penny stocks from the US and China.
Ralsky is described as the "chief executive officer and overall leader"
of the scheme, and it goes on to list fifteen others, including
"mailer 2", an unindicted co-conspirator in Seattle who is presumably
Robert Soloway.
The thing that strikes me about this indictment is that although it includes
a lot of CAN SPAM charges, everything Ralsky and Co. did was already illegal
under conventional fraud and computer tampering laws.
Lying about who you are to tout worthless stock is already illegal,
hijacking other people's computers is illegal, and collecting the
money for fraudulent actions is illegal, too.
Sure, they're throwing the book at them for CAN SPAM violations about
fraudulent mail headers and domain registrations, but by my reading,
they'd have just as strong a case without CAN SPAM, and the conventional
charges will be a lot easier to explain to a judge and a jury.
So it's a relief that Ralsky, who spent the better part of a decade
as the country's highest profile spammer, is finally headed back to jail.
(He's been there before, for insurance fraud.)
But it's yet another reminder that the US needs effective anti-spam laws,
and CAN SPAM isn't one.
Stable link is https://jl.ly/Email/ralsky2.html
In August 2005, the full U.S. Court of Appeals for the 1st Circuit issued its
long awaited decision in the U.S. v. Councilman case.
This case has an extremely peculiar set of facts and a peculiar history to
match, and although I agree with the court's decision, I'm not too encouraged
by the history of the case.
Everyone apparently agreed to the facts of the case, but see the update
at the end of this article:
Brad Councilman was an executive at a company called Interloc which ran
an online service for used bookstores,
which among other things provided the stores with e-mail accounts.
(Interloc is long gone, merged into the larger
Alibris.)
In 1998 Councilman allegedly decided to do a little surrepetitious
market research
by adjusting the procmail script that delivered the stores' e-mail to
make copies of mail from Amazon.com in a mailbox that Councilman and
other Interloc employees read, and they did indeed copy and read thousands
of messages.
Councilman was in the unusual position of being both an ISP for these
stores and their competitor.
In 2001, Councilman was indicted for violating the Wiretap Act, by
intercepting electronic communications, namely the e-mail from Amazon.
Councilman's lawyers came up with a clever defense arguing that what he
did wasn't against the law.
See more ...
Stable link is https://jl.ly/Email/councilman.html
04 Jan 2008
Alan Ralsky, widely believed to be one of the world's most prolific spammers, was indicted by the
US Federal government along with ten other people according to a
press release
the government sent out yesterday.
I'll write more on this in a few days after I get back from Japan and have a chance to look at
case documents.
Stable link is https://jl.ly/Email/ralsky1.html
|
Topics
My other sites
Who is this guy?
Airline ticket info
Taughannock Networks
Other blogs
CAUCE Online Clairvoyance Platforms Sanctioned for GDPR Violations 76 days ago
A keen grasp of the obvious Italian Apple Cake 881 days ago
Related sites
Coalition Against Unsolicited Commercial E-mail
Network Abuse Clearinghouse
My
Mastodon feed
|