Posted by Interceptor: Jan. 07 2002, 1:56 pm
This article will be continuously updated with news about laws, products and methods to combat spam, so come back often.
--------------------------------------------------------------------------------
Spam uses large amounts of bandwidth, costs billions of dollars in revenue, violates privacy and results in lost productivity. Spam violates service provider user agreements and is illegal in many countries.
There is something you can do about spam.
An excellent site that offers legal resources, utilities, and information about spam is:
The SpamCon Foundation
http://www.spamcon.orgHere are some extra tips from By Jack Karp:
Several state laws regulating spam have recently been struck down by courts as violating the dormant commerce clause of the US Constitution, which prohibits states from placing undue burden on interstate commerce. Meanwhile, no federal law has yet been enacted regulating commercial email. So how can you protect yourself from spam until congress does enact legislation? Here are some ideas.
Maintain a spam email account. Web-based email accounts are free and easy to set up. Get one that is intended specifically for spam. Don't use it for personal and work communications, but give it out when signing up for mailing lists, posting to newsgroups, or shopping online.
Don't give out your real email address. If you don't have a spam email account, leave the space for your email address blank when filling out online registration forms. If the site requires you to enter an email address, you can fill in a phony one. Make an address up, or if you want to be especially sly, supply the email address of your favorite spamming company.
Don't reply. Never reply to spam. Replies are how spammers verify that an email address is active. If you reply to a spam email, you are practically asking to receive more spam.
Don't even open spam. Some spam messages are programmed to contain Web bugs, which notify message senders when email they sent has been opened. Spammers use these Web bugs to tell that your email address is valid and active. They can do this even if you don't reply to the email; opening one is enough. If you know an email message is spam, delete it without opening it.
The wiretap works with the use of something called a Web bug, or pixel tag. A Web bug is essentially an invisible image -- an image that is zero by zero pixels -- that is used to track viewers. When an email coded to include such an image is opened, the email contacts the server where that image is located.
Email spies can add to this Web bug a simple bit of JavaScript that will also read the text of the email and send that text as a file to the same server. That text can then be retrieved and read.
Email users vulnerable to the loophole are those with email programs that make use of HTML and JavaScript, including Outlook, Outlook Express, and Netscape 6. Users can disable JavaScript in order to limit their vulnerability. However, once a message is forwarded to someone who still has JavaScript enabled, the message and all its attached comments again becomes vulnerable.
The bug does not affect those using Eudora, America Online, or Web-based email such as Hotmail.
The exploit can be used for many purposes, according to Keating, including spying on personal email and corporate espionage.
"One of the things it may also have been used for is by spammers to collect email addresses," he said.
A spammer can send out an email to a large group of email addresses, and using this bug, track which of the messages are actually read, weeding out inactive email addresses from his or her database.
Screen for spam. You can program your email client to filter out certain messages, including those that don't have your correct email address, have subject lines in all caps, have a lot of dollar signs or exclamation points, or have words like "unsubscribe," "X-priority," "adv," "bulk email," "authenticated sender," or "make money fast" in the subject lines. You can also note the domains from which you receive a lot of mass email and block messages from those domains.
Get a spam filter. Many ISPs now come with a spam filter that can be added to your existing email client. EarthLink offers one called Spaminator, and Hotmail provides one called InBox Protector. You can also purchase Novasoft's SpamKiller
http://www.spamkiller.com/ for $30, or download one for free from Spam Bouncer
http://www.spambouncer.org/ .
For more general anti-spam resources, visit suespammers.org, emailabuse.org, SpamCop, the Coalition Against Unsolicited Commercial Email, and Scam Busters.
Mung. Address munging, also known as spam blocking or spoofing, refers to altering your email address when posting to newsgroups and bulletin boards so that spam bots will either not recognize your email or send spam to an illegitimate email rather than to yours. For example, you can change cybercrime@techtv.com to cybercrimeATtechtvDOTcom, or to cybercrime@zechzv.com (replace t with z), or even see_my_sig@for.my.real.address.
http://members.aol.com/emailfaq/mungfaq.htmlTo read US and International laws concerning spam, visit these sites:
http://www.spamlaws.com/ http://www.jmls.edu/cyber/index/spam.htmlhttp://www.junkemail.org/Other resources:
http://www.cauce.org/http://www.emailabuse.org/http://spamcop.net/ This link offers a regularly updated, cross-referenced database listing hard line spammers names, aliases, zip codes, parts of street addresses, towns, domains, IP addresses, netblocks, hosts, etc.
http://www.spamhaus.org/rokso/index.lassoHere is a site that offers spammer tracking tools:
http://combat.uxn.com/MailWasher is an excellent tool to fight spam. Freeware at
MailWasher.net --------------------------------------------------------------------------------
Posted by Interceptor: April 28 2002, 11:41 pm
--------------------------------------------------------------------------------
While spamming has not yet become a federal offense in the United States, it is possible to sue spammers for the time, resources and lost productivity involved when receiving or dealing with spam. Spam costs businesses and providers an estimated 8 billion dollars a years. Two states that have chosen to deal with spam harshly are Washington and California, which have strict laws regulating spam. Washington law allows people to collect $500 to $1000 for each email received that uses a false address or a third party's domain name (such as Hotmail.com) without authorisation, as most spam does. Laws pertaining to spam in the US can be found here:
http://www.spamlaws.com/state/