CAN-SPAM Act - Is it working? You Decide.

As I delete spam from my Gmail spam folder, I notice the volumes increasing. A year ago, I would see about five to ten emails a day in that folder. This morning, I woke up to 56 items. The volume of spam has grown, no doubt.

The acronym CAN-SPAM comes from the Congressional legislation's name: Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003. The FTC has the responsibility of policing the Act. Of course, we all know what that means, the FTC will do little or nothing to enforce the legislation.

All I see in the world of spam is compliance by the major corporations. They do follow the rules and that puts a refreshing light on some things, such as taking the act seriously. But then, I see hundreds of thousands of emails from foreign and US based people who continue to pummel mail boxes across the world.

What are the rules? Following are the basic rules:

The bill permits e-mail marketers to send unsolicited commercial e-mail as long as it contains all of:

* an opt-out mechanism;
* a valid subject line and header (routing) information;
* the legitimate physical address of the mailer; and
* a label if the content is adult.

Billy Bob OEM Software complies with none of the above. You probably will not see an opt-out mechanism or a legitimate physical address. Though I did see an opt-out link at the bottom of an email from an Insurance Company getting their mailing list off of job boards like Monster, Dice, ComputerJobs and so on.

I hate those emails that say: We reviewed your resume and have the perfect opportunity for you, Mr. Edelsteen. I clicked the opt-out link and got a web page that did nothing. I also found no physical address.

Speaking of the job boards, I did find out another interesting factoid. If a recruiter obtains a job order, let's say from IBM, he or she sends out a search bot through the job boards, then turns around and emails everyone that has a fresh resume up. The recruiter or staffing firm doesn't keep a database any more. So, don't waste your time. (Or should I have written waist your time?)

If you use Monster for example, repost your resume everyday and you'll notice people sending you emails and calling. The older the resume, the less likely recruiters will attempt to reach you. You'll also notice an offer for $1000 or so to refer someone to the recruiter.

A little over a month ago, I started receiving emails and phone calls from what seemed like a couple of dozen firms. They all had the same job requirement: A technical writer for IBM in McKinney, Texas.

I speak a little Hindi and found out that many of the recruiters called from places like New Delhi. One had an email address from a firm in San Francisco and another from Boston. I bet you already know that an opt-out mechanism didn't exist.

(Off topic note:) I also find it humorous that the recruiters from New Delhi have names like Brandon and Chad. Then, my DSL support group also operates out of New Delhi and I've heard the phrase, "This is Susie, can I be helping you?" I be telling you, those girls names probably are not Susie, Claire, Melissa, Sally Ann or Jennifer. But then again, that's for you to decide.

Do you consider all this email off the job boards as spam? I do. Fortunately, I found a job quickly and pulled my resume. The spam from the recruiters stopped almost instantly. But or should I use another word? But, the spam from the recruiters had a fast replacement. Now, I'm getting spam from all the job boards on which I posted my resume and other job sites about whom I have never heard.

We need a new strategy for spam. We should replace the CAN-SPAM Act of 2003 and delegate the authority to Texas. We can call that the Death Penalty for Spammers Act of 2007. We could put former republican judges in charge. Two strikes and your out eh.

Of course, those folks who merely send confirmations of purchases made over the Internet would have an exemption. Also, if a company followed the rules stated above for the Federal Act could also have an exemption.

But Fuzzy OEM software guy blasting out second chance notices on auctions from eBay should fall under an extradition treaty with Texas which would allow the perpetrators a ticket to our facilities in Guantanamo Bay first for a tribunal hearing.

That's all I have to say about that, except, isn't this the 1st day of April? Run Forrest, Run.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

God I hate spammers. These

malibu bright's picture

God I hate spammers. These people need to get a real job!

Speaking of the job boards,

tokmik's picture

Speaking of the job boards, I did find out another interesting factoid. If a recruiter obtains a job order, let's say from IBM, he or she sends out a search bot through the job boards, then turns around and emails everyone that has a fresh resume up. The recruiter or staffing firm doesn't keep a database any more. So, don't waste your time.
Car Glass Repair

This tread

ag tile's picture

talking of devil..
I just have 2 words for whoever is responsible for this tread:
wipe-out the-spam.
thanks

Spam Emails Are The Work Of The Devil

Green Hotels's picture

Is phishing considered spam? Like a subset of spam or something else? Anyway. I've been noticing more and more sophisticated phishing attempts in my inbox lately. I am very "internet savvy" so I'm able to tell what they are but... I worry about folks who are not so aware of these things. For example I got one recently from the "Internal Revenue Service" that claimed they wanted to give me a refund. It really looked quite legit until you looked at the link and saw that it was taking you to a site with a .UA extension... UA being UKRANIAN. yeah... Somehow I doubt that the IRS is running their website off a Ukranian address. The thing is... a lot of less internety people just dont look at stuff like that.

SPAM

Alsbuddy's picture

They can pass all the bills they want, but it still hasnt made a difference. I still get one spam mail after another, every single day. There has to be a better way!
J.L. Graham
Core Creative Group
http://www.corecreativegroup.com

long way to go...

Gail J.'s picture

spam is like any movie's villain side kick...annoying yet unchargeable for any crime the villain does...

They Should Do Something Worthwhile

Legalize Marijuana's picture

All of this CAN SPAM stuff is a total waste of time. It's completely ineffective. I get more spam email than ever. There's more spam on message boards than ever. There's more spam on MySpace.

They should do something worthwhile with their time like legalizing marijuana. That's something I could get down with.

At the most spam can be

Blogger's picture

At the most spam can be reduced. I use an anti-spam software that covers 80%. Still the 20% exists.

Run Forrest, Run

Pozycjonowanie stron www's picture

Spam was, is and will be. We need a new approach.

spam will never go away.

seo tips's picture

Spam is here to stay because spammers it is easy money. Not to mention many of them or in fdifferent countries and the money is too easy for them. I delete my spam folder without looking at it but some still make it into the inbox. With those catchy subject lines, people are still opening them.

it's hard for me to believe.

Blog Directory's picture

I have a hard time believing that people really fall for those spam emails but I have to remember I've been online for a long time. 12 years now. some people are still just getting on.. you know they are more gullible.

Tougher sentence

hell angels's picture

Tougher sentences for spammers are needed.The problem is many of them surf the internet anonymously to remain safe and avoid prosecution from the authorities

Kid Safe Find

Kid Find's picture

We need a global approach.I'm often disgusted with the material that comes through to my children.Kids need to be able to find what they need without being subjected to dirty pictures, bad langauge and inappropriate material that is sometimes hidden in dirty spam.

Latin News

E Latina's picture

I know what you mean and when it's translating in espaniole or Spanish it is very hard for the latin american community to communicate it's news through mail.I have been searching for a good filter.We need to do something about this spam.

Spam Filters

The Puppy Knows's picture

I keep searching,searching,searching for a really intelligent spam filter but I still haven't found one.

Outlook or Mozilla Filters

Swarovski Havaianas's picture

We had struggled to keep up with spam however with Mozilla yuo can effectively reduce 90% of the reoccurring spam easily. If you havent tried it its worth the download. Similar to Outlook aswell.

Not Working

Wild Solos's picture

It's not working we need a new approach.

My mail is always getting

Florida Bungalow's picture

My mail is always getting clogged up.It wastes so much time.I miss excellent property investments because of my filters.

CAN-SPAM

Dan Fish's picture

The CAN-SPAM act is not a perfect law. It is a start and has given companies like AOL the legal teeth to go after spammers. The threat of imprisonment will not be enough to stop spammers since we can see parallels in other criminal arenas as well (organized crime for instance.)

What the laws help to do is deter some people from starting down that road, however there is a basic problem that laws do not overcome, people are always going to seek a quick buck and there will be people who do it regardless of the consequences. The more expensive you make the proposition the less likely someone will engage in that sort of behavior, but it will then boil down to risk analysis, how much of a risk do I run doing X in order to gain Y, a process with which I am sure many reading this column are familiar.

These spammers have lots and lots of money and can fend of legal trials for years and years, and unless someone going into the effort has even more money and can make the spammers use lawyers (which causes them to burn through some of that cash) jail time and criminal penalties under this law are much more helpful to have in place.

I do agree that the DMA approach is not sonsumer friendly and an opt in approach should be taken, however if the government creates a do-not-email list that list will simply be used by the same spammers to send more spam. They will simply start shifting all their efforts off-shore for more protection if not shifting themselves off-shore as well. This wil be the real problem in the future. Then we will have to deal strictly in the technological realm.

Overwhelming Spam

New York Hotels's picture

There are some email accounts I don't even check anymore because of all the spam we get. It's insane! You can't put your email address on your website without just getting added to countless spam email lists.

Forum Spam

An Internet Marketer's picture

I hate email spam with a passion... but I actually hate forum spammers even worse. I don't know if Can Spam has anything to do with that... but if it does then it definitely doesn't work. Forum spam is EVERYWHERE! I run quite a few forums and it's extremely frustrating how often I have to deal with spam...

I agree (forum spam)

Baby Forum's picture

Forum spam has been killing our baby forum ... then we finally got it fixed (a better anti spam mod) when suddenly our forum started being hacked into - and spammers would put all of their spam links on the very top of the forum and actually break the forum in the process! Argh. Running a forum is a difficult thing because of spammers... Email spam sucks too but it's at least easier to ignore?

Spam

PS3 Advisor's picture

It wastes so much of my time.Besides that I often miss important emails because of my filters.It's not getting better!I think we need a united global approach

Spam e-mails...

factory's picture

Spam e-mails should be, should not be outlawed - Or: can, can not be outlawed, are examples of persuasive speech topic variants.

As much spam as ever.

Weird Biz's picture

Personally I get as much spam as ever. My Yahoo email accounts don't do much at all about it... but Gmail does a good job.

GMail controls spam better...

Goa's picture

Its the same case with my emails too... Gmail has made a better attempt to cater the issue of spam than other services. I just directly delete the spam folder without looking at the subject.

Regarding getting rid of spam; there is only one way i feel, spammers should not be encouraged by various firms and webmasters (since the ill effects are well known to all). Its a easy way out these days for marketing products at cheap rates. SPAM should be curbed!

Gmail Putting My Real Emails In Spam Folder

Weird Guy's picture

I've been having this problem lately: GMail Putting My Real Emails In Spam Folder... Overall I love GMail because they filter out so much more spam than Yahoo (for example) BUT I've missed some really important emails because they were mistakenly put in the spam folder... so now I have to check the spam folder too... that really sucks. And yeah when I do check the spam folder - there are just... TONS of new spam emails so I don't think Can Spam has done much of anything.

It's not working

Ringtones's picture

I would have to say it's not working. I still get plenty of email spam on a daily basis. In fact, my day starts with clearing out my inbox. I've become very efficient at hitting the delete button.

My spam's increasing

Artifexus.net's picture

The spam I get just keeps increasing. It's getting ridiculous. I'm also getting a lot of pdf spam, which seems to be a new trend. A lot of this spam is getting past my filter too. Grrr.

You need to have two emails,

Boquete Panama's picture

You need to have two emails, send out email from example one and have the return email address something else. then check the one 1 time per week and the other is usually pretty safe.

Easy Solution

asp.net's picture

The US government can't control people in other countries, so it's definitely not the answer to the problem. At some point you need to give in and signup for a real spam filtering service like MXLogic or OnlyMyEmail. For $5/month you can solve your problem.

opt-out link

Car Guy's picture

I have used the opt-out link several times and have yet to successfully stop spam from those sites. In fact some of them seemed to have increased after going through their opt-out process. I've since become a master in creating outlook message rules and I can weed out all spam except those sneaky ones that use only images.

Opt out

Camp Latieze's picture

Unfortunately, using the opt out usually only tell them that they have a valid email address to send more spam to.

And as for having a valid email address, they just use someones address from their list to put in the From.

Until legislature forces the IP that are used to send the spam to use the email address that it was sent out with, there will be no way to track back to the real spammer.

Opt out

Camp Latieze's picture

Unfortunately, using the opt out usually only tell them that they have a valid email address to send more spam to.

And as for having a valid email address, they just use someones address from their list to put in the From.

Until legislature forces the IP that are used to send the spam to use the email address that it was sent out with, there will be no way to track back to the real spammer.

Death Penalty for Spammers Act of 2007

Romance Book Download's picture

Now that might actually work :)

Spam

Dwayne's picture

Ridding us of spam requires effort, money and cooperation. There seems to be very little interest in expending any of this.

Even if there was an effort to really do something about this (by the countries that can afford it), people would just use spamming services from countries that are not enforcing the regulations. No enforcement, no penalties, no end to the spam.

Really, what are you going to do to a low income country to convince them to put any effort forth to stop spam from originating in their country. They don't have the money to put into it, and they don't have the desire to cut off the money that the spamming brings into the country.

gmail can't stop spam

cel's picture

and I do not know that can stop spam

can-spam

Justin Cook's picture

Personally, I don't think CAN-SPAM will ever stop spammers, it's up to good anti-spam solutions to do that. However, it will ensure that good mailers that abide by the rules get delivered

Yes, you're right.

forum's picture

Yes, you're right.

You all right

Qioto's picture

You allways right. Write more articles because i likes read your information.

Resources are too cheap

Tobias Schwarz's picture

As long as resources are that cheap the spam problem will not be solved. You all can see that not only mailspam increased during the last years. Phone-flats become more and more popular all over the world and fax-, phone- and sms-spam is also increasing. Charges for services are not always bad... but somehow mails are free and charges for other services decrease quickly...

stop spam by sting operations

masiar's picture

You cannot stop spam - if people reply to it, someone will keep sending it.

What is needed is to make *replying* to a spam a misdemeanor, with small fine - like $20. You clicked, your ISP charges your fine to your next bill.

And then, spam police will run sting operations. People will be afraid to respond to anything what looks like a spam, because it might be from spam police and if you respond, you pay fine. Spammers are out of business. :-)

Not legal in the USA, but I like the idea

Anonymous's picture

The problem is that you'd need to wiretap and analyze the traffic. You can wiretap, fine; my government does it all the time (the Bush Administration merely got caught, that's all). But if you do so, you have to have a search warrant for wiretapping in order for the evidence to be valid in a USA court. Otherwise, it's not admissible.

But I like the idea. :-)

stop spam by sting operations

Anonymous's picture

The FTC already fines and puts people in jail. The penalties run in the tens of thousands of dollars per email.

One part of a solution: have your own mail server

Anonymous's picture

Here's how I solved my personal spam problem. I stood up a GNU/Linux mail server and put OpenBSD's SPAMD in front of it. SPAMD tarpits--and rejects--the spammers very effectively, and my spam went down from 150 per day to--maybe--10 per week. Enough people start doing that, it will cost the spammers money (they get paid based on high volume). Right now, it doesn't cost them anything out of their personal wallets to spam people, and that includes these recruiting firms. That's why they spam--nothing to lose, everything to gain.

http://www.openbsd.org/spamd

ISP's should be using it, too, including the likes of Yahoo! Mail, HotMail, Google's GMail, etc.

Finally, all ISP's should do two other things:

1.) Block TCP 25, both directions, on all of their dynamically-assigned IP address blocks...except to that ISP's own SMTP gateway.

2.) Actually start disconnecting the lines of folks whose machines are sending out spam.

Number 1 is something that Cox already does now in at least parts of the USA. Number 2 should also be done. Will that cause some collateral damage? Sure! That's the point. A whole lot of spam comes from infected American "bots" owned by so-called innocent people who don't bother to either run a decent OS (read: *NOT* MS Windows), or don't bother to keep their machines properly protected if they do. Maybe they'll be more motivated to keep up on their security updates and anti-malware programs if ISP's started doing this. Aww, can't get the updates since your box is rooted? Take that computer to the repair store, then, 'cause you ain't getting back on *our* network with that infected box! Every ISP agreement I've ever seen gives that ISP the ability to terminate the connection "for any reason," so during their next meeting on the golf course together, they could easily make this happen.

admin@cmosnetworks.com

spamd works extremely well, and now greylists by default

Peter N. M. Hansteen's picture

spamd works. the blacklisting with one byte per second replies is fun to watch, but it works even better with greylisting (which is enabled by default starting with OpenBSD 4.1) and greytrapping.

what you and I see only indirectly via our logs is that effective countermeasures like spamd is apparently having the effect that the spammers are already trying harder. our traplist data seem to indicate that the general trend is that the number of spam sending hosts is increasing. all this while spamd rids us of 95% or more of the chatter, with the rest fed to our by now lightly loaded spamassassin and clamav systems.

In addition to the tutorial at the homepage url, I can recommend Bob Beck's NYCBSDCon 2006 presentation http://www.ualberta.ca/~beck/nycbug06/spamd (and of course see other refs at http://www.openbsd.org/events.html).

Just wrote an article on this very subject

Terrell Prude' Jr.'s picture

Part 1 is now available on NewsForge.com. Part 2 to come very soon.


http://www.linux.com/article.pl?sid=07/03/28/1522252

Please use the info here (if useful), or whatever other tool you wish, and help to fight spam at its source. Happy reading!

Part II of said article

Terrell Prude' Jr.'s picture

And here's Part II, where we discuss how to actually do it.

http://applications.linux.com/applications/07/03/28/1631206.shtml?tid=115

What's needed is an ISP

Neal's picture

What's needed is an ISP alliance, where ISPs band together to track down the sources of spam, then firewall those sources out of their systems.

We shouldn't have to deal with thousands of junk emails from known spammers; those spammers should be firewalled out of all ISPs' networks. Systems with IRC servers that are known to support spammers' botnets, for example, should be firewalled out of ISPs' networks.

We should not be relying on governments to stop spam. Governments will not, and cannot, do so. We have to do it ourselves, just as we could handle those hundreds of credit card offers we get: put everything in the postage-paid reply envelope and send it back to the originator. When the cost of that postage (2-3 times the cost of first-class postage) eats up a significant portion of their profits, the credit card offers will stop. Similarly, spammers will stop when they find they can no longer send email (or connect to any systems on the internet, for that matter).

What's needed is an ISP

Anonymous's picture

Not a bad idea. I personally think vigilantly action would work too.

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix