Another Spammer Sent To Prison
from the will-others-get-the-message dept
He’s certainly not the first such case, but spammer Eddie Davidson has been sentenced to 21 months in prison for both tax evasion and falsifying email headers. Some other sentences have been even longer. However, it makes you wonder how much of an impact these sentences are having on the spam community. Are spammers getting more cautious and going underground now that jail sentences are being handed out? Has the whole spam effort shifted offshore where it’s harder to track them down? One thing that doesn’t seem to be happening is any noticeable reduction in spam.
Comments on “Another Spammer Sent To Prison”
Start shooting them!
Re: Re:
Definately. Shoot them.
Hang em, Hang em High
Jails
I agree the guy is scum, and spam is inconvenient, but when the US has a revolving door on pedophiles and rapists, perhaps this is a waste of taxpayer money, in the guise of an example. Maybe whats needed, is great service with better spam filters, let the most creative come through so you can reject them, and reserve that seat for a worthy occupant ? Well anyways, at least we’re leading by example here for the hundreds that have gotten off of these charges.
e
Spam filters aren't the solution
Unfortunately no matter how good spam filters get, the spammers will just keep getting around them. As long as the email system itself is vulnerable to spam, the problem can not be solved, period.
In my opinion, SMTP needs to be completely scrapped and replaced with a system that’s simply much less exploitable.
Unfortunately the down side to that is almost any system will be fought against by the “free speech” and privacy advocates. At what price do we tolerate spam…
From my perspective, as an ISP server administrator, there should be some kind of ubiquitous certificate system put in place such that servers can be configured to accept mail only from registered legitimate servers. Easier said than done, I am well aware.
Re: Spam filters aren't the solution
SMTP does have certificate services. unfortunately it is up to IT Admins and essentially the lowest cost solution to “fight” spam. we have to dumb down the services so that we get legitimate email because not all companies are funded enough to employ the right Admin for the job. Even if we specify the our email server to authenticate the email server before forwarding messages on, it is only a matter of time that the spam servers use this same authentication. It doesn’t take long for them to join in…
Why not punish the companies?
Don’t punish the spammers: Punish the companies they claim to represent.
Then let the companies police the problem themselves…
Go by domain?
Perhaps it would be easier to simply charge more for an email domain and then filter out any domain that has been known to generate tons of spam?
Oh and getting rid of Outlook would help a lot too. A lot of bot net armies are using exploited outlook to send emails.
All these tards getting worked up about some spam.
“Definately. Shoot them.”
Let’s see you get that worked up about the corporations raping the American people, and the government helping them do it.
Wrong target
While this is good news, this kind of prosecution will never stop spammers while there’s profit to be made. Spam will never be completely stopped unless people stop being dumb enough to buy from links in unsolicited mail. Sadly, that’s not going to happen anytime soon – human stupidity is something you can’t legislate against…
@Nick: I’d be one of those free speech people. I’d much rather have to deal with spam messages than have my ability to say what I want online removed. Every system that’s been proposed to replace SMTP has serious potential for abuse by the people who control it.
@John: I agree with you about Outlook, but the first idea is a no-go. This already happens at companies that use blacklists, and it tends to cause more problems than it solves – e.g. false positives causing large amounts of legitimate messages to be lost.
Git'em
If you download music without paying or look at a had ass 16 year old who put her naked butt online, they know exactly where you are. But if its a buch of crooks who steal your identity or bank acccount; or send millions of spams (or malware) – they seem to be unable to find anybody.
Right Target -- Just Need More Prosecutions
@PaulT:
We have not stopped robbery, burglary, or insider trading by prosecuting those things, but it does not mean that the prosecutions are wasted or that it has not significantly reduced the amount of spam.
Part of the problem is that we’re not targeting those who buy from spammers. Want to stop people from buying penis enlargement pills, Viagra, and porn advertised in spam? Publish their names when you prosecute a spammer and seize his records.
Spam is not a “free speech” issue in any way, shape, or form. My mail server is my private property and a spammer has no more right to enter it uninvited than he does to enter my home to make a sales pitch. I pay for the bandwidth. I pay for the storage. It’s no different than my fax machine or my telephone and we have laws against unsolicited advertising using either of those (assuming one signs up for the do-not-call list for the phone).
My company (meaning the one at which I am an employee, not an owner) uses several blacklists and it significantly reduces the amount of spam without causing “large amounts of legitimate messages to be lost.” It’s all a matter of choosing the appropriate blacklists for the business and user base.
Re: Right Target -- Just Need More Prosecutions
I didn’t mean that spam itself was a free speech issue. My point was that every technical solution suggested thus far would either make normal email communication too costly or allow for high levels of censorship and thus a negative effect on free speech.
As for blacklists:
“It’s all a matter of choosing the appropriate blacklists for the business and user base.”
Yeah, that’s the problem. I’ve worked for hosting providers where servers, IP blocks and/or domains would get blocked by blacklists. Often, especially when the domain was hosted on a shared server, the block not the domain holder’s fault and it was a nightmare to get the domain removed. When the blacklist was used by a large mail provider like AOL or Yahoo, large chunks of a site’s users would be unable to receive mail.
So yes, there were large numbers of false positives. It’s true that a carefully chosen, well maintained blacklist can be a good thing, but most aren’t. I can only imagine how much worse it would be if these lists were made mandatory.
Or, you could use Hexamail. Best spam filter ever.
Mmmmmm. Tasty.
1) Shoot SPAMmers.
2) Sell their carcasses to Hormel.
3) …
4) Profit!
Missing the point
I think most people are missing the point. The government/courts do not care if you receive spam in your inbox. What they are concerned about is the crippling of the Internet from all this crap going over it, and the “corporate identity theft” that comes from falsely using someone else’s domain name.
Doesn't matter
To me, it doesn’t matter if this stops or reduces spam or not… people like this guy should be shot, but that aside, at least he’s serving some jail time.
And I agree w/Nick, SMTP was designed to deliver a message not keep creatons like this guy from ruining email. I believe we need a new protocol that you have to APPLY to get into. If you violate the rules (such as sending a million bs emails about Viagra) then you are off the system. Period.
I checked my logs..
The other day, I ran a couple of months worth of procmail logs thru and put the email into two categories: wanted and unwanted.
470 emails from the local Linux user group mailing list, 124 from a sports mailing list, 2 mailman approval mails from a mailing list I used to run, 1 humor mailing list (it’s been a slow couple of months) and 2248 emails that went into my main inbox. That’s a total of 2845 wanted emails.
Compare that with 2732 bounces that were backscatter from joe-jobs, and 124939 emails that my spamassassin setup identified as spam… 127671 unwanted emails.
Add it all up and of the 130516 emails I got in that period, I wanted 2845 and 127671 were garbage.. meaning that spamassassin labeled spam and identified backscatter accounted for unwanted 97.8% of the email that my mailsever accepted.
But it gets worse. In reality, my email server rejects about 5 times as much email as it accepts because most of it is sent to non-existant users… and of the 2248 emails that made it to my inbox, somewhere between half and two-thirds were spam that spamassassin didn’t catch.
Email has become worthless.
“Let’s see you get that worked up about the corporations raping the American people, and the government helping them do it.”
Hell yeah, Shoot them also!
Corporations are the root of American Evil!
Where will you be when the World Revolution comes?
The sentances are not the deterrant
This is much like the issue of drunk driving. Their, the deterrent is not the punishment, most people don’t even know what consequences they would face other than ‘something bad’, it’s the certainty of being caught. When guys are out at the pub, they don’t say – i better not have another drink because the punishment is 2 years on the first offense. They say – the road check programs will be out and there’s a good chance I’ll be caught.
In the same manner, harsh sentences allow the appearance of being tough on spammers, but since the overall feeling is that of there being no chance of being caught, this will have no effect on spammers.
Really, an effective means of authenticating email origins is needed to have any effect on this issue.
I don't think its the spam
I’m pretty sure he got jailed just for tax evasion. You can go out and spam hundreds of thousands or people, and it will take a much longer effort to bring you to justice. But evade a tax payment, and they will come after you like you just defiled a 12 year old! (excuse the gruesome simile)
e-postage
A universal “e-postage” charge of one cent per 100 emails (preferably payable to the recipient) would stop spam dead instantly, without seriously impacting any legitimate emailer. All we need is a good system to handle micropayments securely.
Three points
First, to elaborate on what poster #21 said:
For punishments to be effective as a deterrent, they must be “swift and certain”. This means that if you break the law, you know you’ll get caught and punished immediately.
However, spammers know that they won’t get caught, either because their servers are in another country, or they use bot-nets with no central server, or they know the authorities don’t care/ have no authority.
Plus, *IF* the spammer gets caught, what’s the punishment? Two years in jail? A million dollar fine? That’s nothing compared to the tens-of-millions he probably earned with his spamming campaign. In two years, the spammer will get out of prison, set up shop in Russia or China and start all over.
Second point: while it may be a good thought to try to go after the websites mentioned in spam e-mails, how exactly do you go after the “canadian pharmacy” whose server is in China? By the time the US authorities even set up a case, the spammer has probably moved his servers to Korea or some other “untouchable” country.
And how do you handle spam that advertises a non-existent website?
Third, there will probably never be a “e-postage tax”.
A few years ago, AOL tries to charge companies to have their e-mail “whitelisted”: pay a fee and the e-mail is guaranteed to be delivered to users’ inboxes instead of the Bulk Mail folder. There was no blocking of e-mails and users could see them if they wanted, but a number of non-profit companies screamed about how they couldn’t afford this and how unfair this was.
What kind of a reaction will we see from these companies when AOL decides to put a tax on e-mail so it gets delivered?
You also have the problem of who collects the fine and who the fine is paid to. Should the receiving ISP get a cut since their servers are receiving the spam? Should the receiving person get a cut since they have to delete the e-mail?
You also have the same issue as before: if a company doesn’t pay, how do you block their e-mails?
I think going after the people buying stuff from spam e-mails is the better idea. Maybe the FBI should make a big deal out of threatening these people for buying illegal Viagra from the “canadian pharmacies”.
spammer in jail
i just hope the other inmates print out the spam on very thick rigid paper and insert it where it hurts everday of the sentence