Spam

Spam / Most Commented

Helping Banks Fight Phishing and Account Fraud, Whether They Like It or Not

On Wednesday, Project Honey Pot filed an unusual lawsuit against "John Does stealing money from US businesses through unauthorized electronic transfers made possible by computer viruses transmitted in spam." Their attorney is Jon Praed of the Internet Law Group, who is one of the most experienced anti-spam lawyers around, with whom I have worked in the past. more

Top 10 Spam Stories of 2008

Well, it's a yearly tradition in the western hemisphere that at the end of the year, we compose a top 10 list of the 10 most . Since it is now 2009, I thought that I would create my own list of the top 10 spam stories of 2008. Now, not all of these will be universally applicable to everyone, they are the top 10 stories as seen by me. more

Trust in Email Begins with Authentication

As most CAUCE supporters already know, forging 'From:' or other commonly seen email headers is trivially easy. It's one of the most frustrating oversights in the creation of Internet email technology -- though of course that's only obvious in hindsight; it was just fine for the pre-Internet networks of the late 1970s and early-mid 1980s. Since then, things have changed -- and the most interesting recent technological advancements in email have been in the realm of sender authentication, which encompasses ways to verify that the apparent sender of a message actually is the entity which sent it. more

Microsoft’s Offer to Buy Yahoo: An Anti-Spam Point of View

Last Friday, Microsoft made an unsolicited offer to buy Yahoo for $31 per share, representing over a 50% premium from Yahoo's then-share price. As an employee working for Microsoft in Exchange Hosted Services (i.e. spam filtering), I'd like to comment on this buyout offer. Leaving aside the question of whether or not this is a good deal for shareholders and what Microsoft's true motivations are for buying Yahoo (namely, to become the number 2 player in the search market), I'd like to look at it from an anti-spam point of view. more

Current Difficulties With Displaying Internationalized Top-Level Domains

Earlier this week, we inserted eleven new top-level domains in the DNS root zone. These represent the term "test" translated into ten languages, in ten different scripts (Chinese is represented in two different scripts, and Arabic script is used by two different languages). This blog post is not about that. (If you're interested about it, read our report on the delegations.) What I would like to talk about is some of the difficulties we face today in expressing scripts in a consistent way over the Internet... more

CAN-SPAM Defendant Awarded $111k in Fees/Costs: Gordon v. Virtumundo

I believe this ruling represents the first time that a CAN-SPAM plaintiff has been ordered to pay attorneys' fees and costs to a defendant. As a result, it's a leading example that courts can and do grow tired of bogus anti-marketing lawsuits, and perhaps it will serve as an expensive warning to CAN-SPAM plaintiffs to ensure the merits of their lawsuit. Gordon is an uber anti-spam plaintiff, leading countless CAN-SPAM lawsuits. As the court describes, Gordon runs a "spam business"--basically, a for-profit plaintiff litigation shop to go after spammers (the court also calls it a "litigation factory")... more

Hotmail Running Its Own SMTP Variation

Companies sensible to effective delivery of email to all free email services may have noticed problems with deliveries to Hotmail addresses. Despite the SMTP dialog ending with a successful "250" return code, recipients don't see the message. In their Guidelines, MSN require thorough compliance with IETF standards. However, it seems they have their own interpretation about provisions for Delivery Status Notifications, a.k.a. bounces, that servers must send after they have accepted responsibility for delivering the message... more

How Bad is Goodmail?

Goodmail Systems made a big splash last week when AOL and Yahoo announced that they will be giving preferential treatment to mail that uses Goodmail's CertifiedEmail service, claiming (implausibly) that this has something to do with stopping spam... Since Goodmail charges senders for each message, some people see this as the end of e-mail as we know it. I have my concerns about Goodmail, but a lot of the concerns are either overblown or based on bad reporting... more

Objections to .XXX, Attention in High Places

Dot XXX is in for some interesting times, I fear. First the ICANN GAC chair Sharil Tarmizi is suggesting that more time be given for government and public policy feedback on .XXX. Objections certainly have started to come in from rather high places, such as from the US Department of Commerce. Personally speaking I'm inclined to be in favor of .XXX because it at least gives people in the adult entertainment industry their own online space and a stronger voice (gTLD)... more

How a Security Specialist Fell Victim to Attack

Our systems are protected by state of the art security systems. Our SPAM filter is a hardware device that is nearly 100% effective. It also helps in protecting against Spyware and other malicious code. Our Firewall is similar to those you would find in large corporations. Our Anti-Virus system has served us well and we've not had problems with virus for years. ...Two weeks ago, I received approximately twenty e-mails requesting the review and approval of Defending The Net articles published on other sites. I thoroughly review the e-mails to make sure they seem legitimate... more

Study Finds Spammers Use P2P Harvesting to Spam Millions

A recent study conducted by Blue Security reports how Internet users can unknowingly expose their contacts' emails addresses to Spammers while sharing files, music, games and DVDs over Peer-to-Peer (P2P) networks. The study has uncovered hundreds of incidents where files containing email addresses were made accessible in P2P networks. more

Whois Privacy vs. Anonymity

The Internet is often a lawless place. Everyone knows that there are many tricks and traps lurking on the Internet, just waiting to prey on unsuspecting and innocent users. Some of these traps will trash your computer while others will turn your PC into a zombie that will broadcast messages at the virus writer's command. ...The list of annoyances and downright criminal activities seem endless. ...To make the Internet a safer place both legislators and law enforcement are now focusing on the Internet. In the crossfire that's taking place there are many ideas that are being offered up. Some of them are good and some are not. One bad decision that was recently forced upon the Internet community (without hearings -- more on this later) was to eliminate private domain name registrations for .US domain names. ...It's important to understand the difference between privacy and anonymity. more

AOL Fires Across the Bow of Spam-Friendly ISPs

The North American Network Operators Group (NANOG) conference, a gathering of Internet Service Provider (ISP) engineers and vendors convenes three times a year for mostly technical conversation along with social networking. The recent NANOG conference in Reston Virginia saw some unusually direct talk about Spam and the ISPs that tolerate it from America Online's Postmaster, Charles Stiles. more

New TLD Public Comments: Jumping-to-Conclusions?

Having been involved in the whole TLD issue since its inception, back in the ancient history of the mid-1990's, one would think that nothing would surprise me anymore. As it turns out, however, watching the comments on ICANN's public comment list with respect to the new sTLD proposals, I find that I'm taken-back by some of the kinds of comments I'm seeing. more

Using Whois to Enforce Law?

Before starting I'd like to remind you that there are two distinct Whois systems -- the one for IP address delegations and one for DNS registrations. I believe that the former is a useful system in which there are clear utility values that outweigh the privacy costs, and in which the person whose privacy is exposed has made a knowing choice. I do not believe that these arguments apply to the latter, the DNS, form of Whois. more