Another Spammer Sent To Prison

from the will-others-get-the-message dept

He’s certainly not the first such case, but spammer Eddie Davidson has been sentenced to 21 months in prison for both tax evasion and falsifying email headers. Some other sentences have been even longer. However, it makes you wonder how much of an impact these sentences are having on the spam community. Are spammers getting more cautious and going underground now that jail sentences are being handed out? Has the whole spam effort shifted offshore where it’s harder to track them down? One thing that doesn’t seem to be happening is any noticeable reduction in spam.

Filed Under: ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Another Spammer Sent To Prison”

Subscribe: RSS Leave a comment
25 Comments
eleete says:

Jails

I agree the guy is scum, and spam is inconvenient, but when the US has a revolving door on pedophiles and rapists, perhaps this is a waste of taxpayer money, in the guise of an example. Maybe whats needed, is great service with better spam filters, let the most creative come through so you can reject them, and reserve that seat for a worthy occupant ? Well anyways, at least we’re leading by example here for the hundreds that have gotten off of these charges.

e

Nick says:

Spam filters aren't the solution

Unfortunately no matter how good spam filters get, the spammers will just keep getting around them. As long as the email system itself is vulnerable to spam, the problem can not be solved, period.

In my opinion, SMTP needs to be completely scrapped and replaced with a system that’s simply much less exploitable.

Unfortunately the down side to that is almost any system will be fought against by the “free speech” and privacy advocates. At what price do we tolerate spam…

From my perspective, as an ISP server administrator, there should be some kind of ubiquitous certificate system put in place such that servers can be configured to accept mail only from registered legitimate servers. Easier said than done, I am well aware.

Dan0 (profile) says:

Re: Spam filters aren't the solution

SMTP does have certificate services. unfortunately it is up to IT Admins and essentially the lowest cost solution to “fight” spam. we have to dumb down the services so that we get legitimate email because not all companies are funded enough to employ the right Admin for the job. Even if we specify the our email server to authenticate the email server before forwarding messages on, it is only a matter of time that the spam servers use this same authentication. It doesn’t take long for them to join in…

PaulT (profile) says:

Wrong target

While this is good news, this kind of prosecution will never stop spammers while there’s profit to be made. Spam will never be completely stopped unless people stop being dumb enough to buy from links in unsolicited mail. Sadly, that’s not going to happen anytime soon – human stupidity is something you can’t legislate against…

@Nick: I’d be one of those free speech people. I’d much rather have to deal with spam messages than have my ability to say what I want online removed. Every system that’s been proposed to replace SMTP has serious potential for abuse by the people who control it.

@John: I agree with you about Outlook, but the first idea is a no-go. This already happens at companies that use blacklists, and it tends to cause more problems than it solves – e.g. false positives causing large amounts of legitimate messages to be lost.

Fred says:

Right Target -- Just Need More Prosecutions

@PaulT:
We have not stopped robbery, burglary, or insider trading by prosecuting those things, but it does not mean that the prosecutions are wasted or that it has not significantly reduced the amount of spam.

Part of the problem is that we’re not targeting those who buy from spammers. Want to stop people from buying penis enlargement pills, Viagra, and porn advertised in spam? Publish their names when you prosecute a spammer and seize his records.

Spam is not a “free speech” issue in any way, shape, or form. My mail server is my private property and a spammer has no more right to enter it uninvited than he does to enter my home to make a sales pitch. I pay for the bandwidth. I pay for the storage. It’s no different than my fax machine or my telephone and we have laws against unsolicited advertising using either of those (assuming one signs up for the do-not-call list for the phone).

My company (meaning the one at which I am an employee, not an owner) uses several blacklists and it significantly reduces the amount of spam without causing “large amounts of legitimate messages to be lost.” It’s all a matter of choosing the appropriate blacklists for the business and user base.

PaulT (profile) says:

Re: Right Target -- Just Need More Prosecutions

I didn’t mean that spam itself was a free speech issue. My point was that every technical solution suggested thus far would either make normal email communication too costly or allow for high levels of censorship and thus a negative effect on free speech.

As for blacklists:

“It’s all a matter of choosing the appropriate blacklists for the business and user base.”

Yeah, that’s the problem. I’ve worked for hosting providers where servers, IP blocks and/or domains would get blocked by blacklists. Often, especially when the domain was hosted on a shared server, the block not the domain holder’s fault and it was a nightmare to get the domain removed. When the blacklist was used by a large mail provider like AOL or Yahoo, large chunks of a site’s users would be unable to receive mail.

So yes, there were large numbers of false positives. It’s true that a carefully chosen, well maintained blacklist can be a good thing, but most aren’t. I can only imagine how much worse it would be if these lists were made mandatory.

Anonymous Coward says:

Missing the point

I think most people are missing the point. The government/courts do not care if you receive spam in your inbox. What they are concerned about is the crippling of the Internet from all this crap going over it, and the “corporate identity theft” that comes from falsely using someone else’s domain name.

James says:

Doesn't matter

To me, it doesn’t matter if this stops or reduces spam or not… people like this guy should be shot, but that aside, at least he’s serving some jail time.

And I agree w/Nick, SMTP was designed to deliver a message not keep creatons like this guy from ruining email. I believe we need a new protocol that you have to APPLY to get into. If you violate the rules (such as sending a million bs emails about Viagra) then you are off the system. Period.

JeffR says:

I checked my logs..

The other day, I ran a couple of months worth of procmail logs thru and put the email into two categories: wanted and unwanted.

470 emails from the local Linux user group mailing list, 124 from a sports mailing list, 2 mailman approval mails from a mailing list I used to run, 1 humor mailing list (it’s been a slow couple of months) and 2248 emails that went into my main inbox. That’s a total of 2845 wanted emails.

Compare that with 2732 bounces that were backscatter from joe-jobs, and 124939 emails that my spamassassin setup identified as spam… 127671 unwanted emails.

Add it all up and of the 130516 emails I got in that period, I wanted 2845 and 127671 were garbage.. meaning that spamassassin labeled spam and identified backscatter accounted for unwanted 97.8% of the email that my mailsever accepted.

But it gets worse. In reality, my email server rejects about 5 times as much email as it accepts because most of it is sent to non-existant users… and of the 2248 emails that made it to my inbox, somewhere between half and two-thirds were spam that spamassassin didn’t catch.

Email has become worthless.

Joe says:

The sentances are not the deterrant

This is much like the issue of drunk driving. Their, the deterrent is not the punishment, most people don’t even know what consequences they would face other than ‘something bad’, it’s the certainty of being caught. When guys are out at the pub, they don’t say – i better not have another drink because the punishment is 2 years on the first offense. They say – the road check programs will be out and there’s a good chance I’ll be caught.

In the same manner, harsh sentences allow the appearance of being tough on spammers, but since the overall feeling is that of there being no chance of being caught, this will have no effect on spammers.

Really, an effective means of authenticating email origins is needed to have any effect on this issue.

John (profile) says:

Three points

First, to elaborate on what poster #21 said:
For punishments to be effective as a deterrent, they must be “swift and certain”. This means that if you break the law, you know you’ll get caught and punished immediately.

However, spammers know that they won’t get caught, either because their servers are in another country, or they use bot-nets with no central server, or they know the authorities don’t care/ have no authority.

Plus, *IF* the spammer gets caught, what’s the punishment? Two years in jail? A million dollar fine? That’s nothing compared to the tens-of-millions he probably earned with his spamming campaign. In two years, the spammer will get out of prison, set up shop in Russia or China and start all over.

Second point: while it may be a good thought to try to go after the websites mentioned in spam e-mails, how exactly do you go after the “canadian pharmacy” whose server is in China? By the time the US authorities even set up a case, the spammer has probably moved his servers to Korea or some other “untouchable” country.

And how do you handle spam that advertises a non-existent website?

Third, there will probably never be a “e-postage tax”.
A few years ago, AOL tries to charge companies to have their e-mail “whitelisted”: pay a fee and the e-mail is guaranteed to be delivered to users’ inboxes instead of the Bulk Mail folder. There was no blocking of e-mails and users could see them if they wanted, but a number of non-profit companies screamed about how they couldn’t afford this and how unfair this was.

What kind of a reaction will we see from these companies when AOL decides to put a tax on e-mail so it gets delivered?

You also have the problem of who collects the fine and who the fine is paid to. Should the receiving ISP get a cut since their servers are receiving the spam? Should the receiving person get a cut since they have to delete the e-mail?
You also have the same issue as before: if a company doesn’t pay, how do you block their e-mails?

I think going after the people buying stuff from spam e-mails is the better idea. Maybe the FBI should make a big deal out of threatening these people for buying illegal Viagra from the “canadian pharmacies”.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...