Spam war escalates

IN MY APRIL 22 column, I wrote that Windows users can stop spam by suing spammers (see " Sue a spammer today ".) Some states, including California and Washington, impose fines of as much as $1,000 per spam message.

Free IT resource Hear how top CIOs turn change into a competitive advantage. Sponsored by HP Free IT resource Attend the SOA Executive Forum: Breaking SOA Bottlenecks SOAExecForum.com/may2007 Sponsored by InfoWorld

Since then, I've been printing readers' anti-spam tips. And I've been encouraged by two developments on the legal front.

First, the New York Attorney General's Office has filed suit against MonsterHut of Niagara Falls, N.Y. The suit says MonsterHut e-mailed 500 million advertisements since March 2001. The company claims all the names on its list of 60 million addresses had "opted in." (See http://www.oag.state.ny.us/press/2002/may/may28a_02.html .)

What's significant about this case is that the attorney general isn't claiming that the products advertised by e-mail were bogus. Instead, the state says MonsterHut lied about its opt-ins, and that this constitutes fraudulent advertising. You go get 'em, A.G.

The second hopeful sign is on the international front. I previously wrote that five countries in Europe had laws against unsolicited commercial e-mail. On May 30, the European Parliament voted to adopt such a ban for all 15 countries in the European Union. If this is ratified, and many expect it soon will be, the United States will be one of the few developed countries that hasn't extended its ban on junk faxes to can spam as well.

Until Congress wakes up, state laws offer us the best relief. I believe there is no true technical solution, because the open nature of the Internet allows spammers to jump to ever-changing servers.

Some efforts to block spam focus on the fact that spammers typically obscure their identities by sending their messages through open relays.

A few years ago, the default configuration of Internet mail software was to pass along, or relay, anything sent by anyone. The default has been changed recently. But as described by an article on Wired.com, many servers in China, Taiwan, and South Korea were set up years ago with the old defaults. (See http://www.wired.com/news/politics/0,1283,50856-2,00.html .) As a result, many anti-spam filters now block e-mail from many or all IP addresses in Asia.

The problem is that innocent users in any given address range are prevented from e-mailing through these filters. There are now more than 33 million legitimate e-mail users in mainland China. Blocking all Asian e-mails because their system admins long ago installed software using defaults defined by English-speaking developers smacks of racism.

Equally important, blocking IP ranges doesn't stop the source of spam: a few individuals, mostly American, who profit from theft of ISP services.

My own research director, Ben Livingston (no relation), has just filed on behalf of his ISP a suit for $53,000 against a Colorado spammer.

Windows users, you can file such suits, too.