When spammers invade your mailbox...
With apologies and regards to Rob Rosenberger, whom I'm paraphrasing. Each MP3 file linked here is roughly one minute long or less, and the largest is 474 KB.
When spammers strike, or complain about you, or when anti-spammers rant, remember these truths:
- DNS based anti-spam projects can only respond after the fact.
The majority of projects based on maintaining a list of 'spam friendly,' 'spam neutral' or 'insecure' networks and systems are based on listing spam sources after the fact. Spammers, keen on avoiding these projects, will send their spam and quickly move on to an unlisted network.
A listing that occurs a week later or even minutes later is still too late, because the spam that prompted the listing was successfully sent. In addition, a project that tries to list new networks from 'known' spammers before the fact run the risk of defamation action in most American and Canadian jurisdictions.
- Users of DNS based anti-spam projects block wanted e-mail.
This is usually a desired effect to encourage those who are listed to correct the reason why they're listed, but in the meantime you will lose otherwise wanted e-mail.
You have to decide if losing wanted e-mail is worth blocking unwanted e-mail.
- E-mail filter software doesn't solve your real problem.
Filters that look at 'spam traits,' repetition of certain messages suggesting a spam run, etc, still have to receive the spam to examine it. This means the mail provider still has to pay for the network bandwidth, disk space and processor time to handle the message, negating any benefit to stopping the spam. And just like DNS based projects; most filters can only catch new spam after the fact.
Spammers, aware that such software exists, resort to tricks to avoid tripping repetition filters, or hide their message within HTML filled with comments to break up common spam keywords. Example: "MAKE MON<!---comment123--->EY FAST." Much like anti-virus software's filters, anti-spam filters are defeated by trivial changes to the spam.
- The spammer has probably already left the provider they sent the spam from.
Most Internet providers, and all backbone providers, have an acceptable use policy forbidding e-mail abuse. Spammers know this, so they send their spam knowing they will lose their account in mere moments.
Remember this when you send your complaints to the spammer's Internet provider. They didn't mean to send you the spam. Certainly you should still complain, because they can often hold the spammer accountable even if they've moved on to another provider.
- Junk e-mail is not free speech. (Neither is e-mail in and of itself free speech, but I digress...)
Like any other confidence men, spammers will try to convince you not to complain about their spam, citing legislation moving its way through government (often in a country other than yours, or the spammers') or legislation that doesn't exist.
Internet access is a privilege. While the telecommunications lines the Internet depends on may be protected by 'common carrier' status in most countries, the information carried by those lines is not protected. The earliest example that comes to mind is CompuServe vs Cyber Promotions in 1997. Neither Americans nor Canadians have a fundamental right to Internet access, and a country that proclaims that right can only enforce it within their boundaries. It won't affect the rest of the planet.
- A 'Blacklist' of spammers is not free speech either.
While anti-spam projects that keep lists of spammers and encourage others to refuse e-mail based on them have enjoyed reasonable success, they've also endured civil challenges, and not always successfully.
While the most famous of these cases revolve around MAPS LLC, we don't need to look further than Verio vs Ron Guilmette in 2002 for an example, or BC Tel vs Dorkslayers in 1998. I believe Paul Vixie put it best in a post to the news.admin.net-abuse.email newsgroup: "[...] by all means, let a thousand lists bloom, [...] And make sure whoever runs them likes lawsuits."
- If you didn't ask for it and don't want it, it's spam.
The same confidence tactics that try to convince you that spam is free speech would even tell you that it isn't even spam because you asked for it. Ask yourself if you really asked for that piece of e-mail.
Granted, that's a very simplified definition of spam. After all, you might've not asked for e-mail from your long lost cousin or your overseas client, but chances are you wanted to receive it.
Finally, if a spammer responds personally and begins to argue that you could've considered their apology to be spam, tell them: 'Yes.' But remind them it's up to you, the recipient, to decide.
- Receiving e-mail costs you money, even on flat rate accounts.
How much do you pay for your flat rate Internet account? How much of that paid time do you spend on non-e-mail activity and how much of it do you spend on e-mail? Now how much of that paid e-mail time do you spend on spam, that you could've spent on non-e-mail activity?
Junk e-mail still costs you money, even on pre-paid, flat rate Internet accounts.
- Receiving e-mail costs you money, even at work on company accounts.
How much company time do you spend on non-e-mail Internet activity and how much do you spend on e-mail? How much of that company time you spent on e-mail do you spend on spam, that you could've spent getting your work done?
Not only does junk e-mail cost you money at work, it costs your company money too. In more ways than one.
- Receiving e-mail costs you money, even on Hotmail®.
You pay for your Internet access at home, you pay for your Internet access at work, and someone else pays for your Internet access on that someone else's account. I hope you return the favor once in a while. How much of that paid time do you spend on Hotmail, or on some other third party e-mail system? How much of that paid time you spent on Hotmail et al do you spend on spam that you could've spent doing something else?
Not only does junk e-mail cost you money on someone else's account, it costs that someone else money and the third party mail provider money too. Again, I hope you return the favor once in a while.
- Don't 'unsubscribe' from something you didn't subscribe to.
This is an old spammer trick from over seven years ago. 'To be removed, click here,' or, 'to unsubscribe, write email@example.com.' The spammer will use your 'remove' request to verify that your e-mail address is live and can accept more spam.
Instead, find an alternate address to write, or write the Internet provider that hosts the 'list.' Respected mailing list managers will accept unsubscribe requests received from any source, including a telephone call if necessary.
- It's OK to 'just hit DELETE' if you can't do anything else.
The hard core anti-spammers won't like this, but spam works because spammers get business from it. If the spammer doesn't get any business from you, they've wasted their own time and money, as well as yours. And they've probably been disconnected by now.
If you aren't able to complain about spam, or aren't willing to, or otherwise don't want to waste any more time than the spam's wasted for you, then don't open it, erase it and get on with your day. This is especially true if it's a 'rich text' or HTML e-mail with some kind of embedded graphic hosted on the spammer's site, and your merely opening it would let the spammer know your address is a live one.
Even though complaining to the right places about the spam is better than doing nothing, doing nothing is better than complaining to the wrong places, or getting suckered into having your e-mail address verified as 'live.' We have spamcop and adcomplain for this reason.