WordType Designs
Driven To Distractions©
The Sound of One Hand Clapping©

A rchive Date
[ 30-05-2000 ]
Category
[ Information Technologies ]
sub-Categoy
[ Computers ]
      [Death to Spam
      A Guide to Dealing with Unwanted E-Mail

      Death to Spam is an objective overview of unsolicited e-mail and the techniques available to defend your IN box. Learn about tracing mail, message filters, legal issues and more.

      I suppose I should preface this by offering my condolences to the Hormel food company, which makes the canned meat product SPAM. I'm sure they're wondering how they happened to be chosen as the icon of so much of the bad will on the net. This is not to say that I'd actually eat the stuff -- its resemblance to cat food is a bit too close for my taste. None the less, you have my sympathy, guys...

      This page is a quick overview of the problem of unwanted, unsolicited e-mail, a growing threat to the usefulness of the Internet. In most cases this will appear as unwanted commercial e-mail -- junk e-mail advertising. In a few cases, users of the net are unfortunate enough to receive unsolicited religious, racial or sexual messages, a somewhat more serious matter.

      Please note that I'm not a lawyer and none of the information at this page should be interpreted as legal counsel. You are responsible for ascertaining the legality of the issues discussed herein for the jurisdiction in which you live. By reading this page, you accept any consequences which arise out of your use of the advice you find herein. The real lawyers made me say that.

      Death to Spam will help you better understand the sources of these messages, and what you can do to prevent further abuses of your e-mail. Wax dolls wearing tiny Gucci loafers and boxes of pins are available for a modest fee.

      To begin with, your e-mail is just that -- yours. In most cases, it's a resource that you must pay for as part of the cost of connecting to the Internet. Reading and responding to your e-mail also represents an investment of your time, and as such has a value attached to it.

      If someone sends you junk mail through your e-mail account, they're wasting your time and money. If you consider it abusive when a Jehovah's Witness wakes you up at nine o'clock on a Saturday morning to sell you a magazine, a telephone solicitor interrupts your dinner to interest you in investment opportunities in Guatemala or your daily snail-mail is buried in flyers for supermarkets you'll never shop at and health clubs you'll never sweat in, you have just as much right to feel abused when you receive e-mail you didn't request, never gave anyone permission to send you and don't want.

      Receiving one or two such messages a day is annoying. Receiving dozens of them is a genuine drain on your time and resources, and one you should not put up with. Unlike traditional junk snail-mail, it's not even good for use as kindling. As with all such problems, however, this one will only go away if we all do something about it.

      Despite the relatively unpoliced nature of the Internet, there are steps you can take to reduce the amount of unsolicited e-mail you receive. They're by no means completely effective -- however, if you undertake them, you'll probably keep your junk e-mail down to a reasonable level of hugeness. If you don't, you'll eventually get swamped by it.

      Your best defense against unwanted e-mail is an understanding of the people who send it, and of the nature of the parties who run the servers which make up the Internet.

      Commercial Spams
      messages, their perpetrators have all just signed up with an Internet access provider, and were given complimentary copies of one of the many "How to Make Lots of Money on the Internet" books. Some of them are genuinely inconsiderate of the rights of other users of the net -- the bulk of them, however, are merely confused, deluded and ignorant.

      They seem to feel that junk e-mail is no more objectionable than junk snail-mail, and that the recipients of it will just delete it if they don't want it. Keep in mind that these are people who read "How to Make Lots of Money on the Internet" and actually believed it.

      Stopping commercial junk e-mail often entails showing its senders the error of their ways, that is, convincing them that rather than locating new customers on the net, they're succeeding in enraging and alienating vast numbers of users, who will subsequently want nothing to do with them. Even polyester androids who drool visibly every time they pass a corner office won't persist in an activity which is clearly driving away their would-be clients.

      When you receive unsolicited commercial e-mail, reply to it with a message which states unequivocally that you're not amused. Don't use profanity or speculate on the sexual preferences of the sender's parents, however tempting it may be to do so. You want to sound like a serious potential customer who has just been put off by the business practices of the party in question.

      Here's the message we use:

      Our private e-mail facilities are not your advertising medium. People who use them as such abuse our resources and waste our time, which are extremely valuable. We have entered your e-mail address and company name in our corporate blacklist database. We will not do business with you now, nor will we consider other requests from you in the future. Remove this e-mail address from your junk mail list immediately and do not contact us again in the future.

      It's always sent unsigned, and with no signature tag.

      You might find that this message bounces off the destination server because the recipient's mail box is full. Typically, your message will have been preceded by several hundred others just like it. Wait for a day or two and send it again.

      Some of the more experienced junk e-mail generators use a dummy return address to bounce replies like this one -- their real address will be somewhere within the body of the message. This assumes that if you have no interest in buying mail order mutual funds or subscribing to a newsletter about aerobic bread making, you won't read the whole message and find the real e-mail address. If your original reply bounces because its recipient doesn't exist, check out the source message for the real address.

      If you receive spam e-mail which references a web page, you can find the real address of the owner of the server which hosts the web page, and direct your comments to him or her. The Network Solutions registry can be searched to locate the owner of a domain. The Network Solutions search engine is at http://www.networksolutions.com/ -- enter the domain you want to have it search for in the Get a Web Address field near the top of its page. To have it successfully search for a domain, you must provide it with the domain name only. For example, if you find a web page at http://www.megaspam.com, the bit that the search engine wants to know about is just megaspam.com. The search engine should respond by telling you that the domain you want is not available. You might have to select the link that ends in "-DOM" to find the record information for the domain in question.

      In many cases, this procedure will work to locate the owners of e-mail addresses too -- the domain is the bit that appears after the @ sign in an e-mail address. Specifically, it's the last two sections of an e-mail address. If you receive spam from polyester.android@junk.mail.megaspam.com, the domain is megaspam.com.

      This can be a very effective tool in reducing the volume of spam you receive. While the party that spams you might choose to ignore your replies, the owner of the domain from which it originated or the administrative or billing contacts who sponsored the domain will be much less likely to do so. Most domain owners don't want their domains used for sending spam, and those with an initially more tolerant attitude about spam will often change their minds when they're confronted by numerous messages urging them to do so. It often takes no more than a few tens of thousands of outraged e-mail messages to achieve this.

      It's easy to make yours one of them. To use this feature, bookmark the foregoing link. When you receive spam, go to the Network Solutions page, enter the domain the spam came from, hit Enter and CC your message to the e-mail addresses listed by the Network Solutions response.

      If the Network Solutions search engine doesn't find a listing for what appears to be a valid domain, you have probably received spam with a bogus source. Some spam generators don't exactly want to be held accountable for their work. Colour me shocked.

      You can usually defeat the attempts of spam generators to hide in the endless forest of the Internet by finding out where their mail comes from. While this might not get you a valid e-mail address to contact the spam generators in question directly, it will put you in touch with their upstream providers, the companies which sell them Internet access. In many respects this is more useful still. Most upstream providers will not appreciate getting buckets of e-mail about the poor behavior of their customers.

      Note that your computer must be on line to the 'net to use the following.

      If you have Windows 95 or Windows 98, there's a very useful gadget included with your operating system software called TraceRoute. Given a domain name or an IP address, it will walk the 'net from your server to the server you've specified, showing you all the "hops" along the way. The last hop will be the domain or IP address of the source of the spam you received. The next to last hop will be the domain of the upstream provider of the owner of the domain you specified.
      As an aside, an IP address is the four groups of numbers which actually define where a server is on the Internet. The IP address for this server, for example, is 207.6.203.4. Many spam generators seek to provide the recipients of their messages with a web page address that does not disclose the domain to which reply e-mail can be sent by using their IP addresses. For example, the main Alchemy Mindworks web page can be addressed as http://207.6.203.4 rather thanhttp://www.mindworkshop.com -- but you can't send e-mail to 207.6.203.4. If you don't know how to work around this, it might look like the spam generators have successfully disguised themselves.

      The TraceRoute function included with Windows is a DOS command -- you must get to a DOS prompt to use it. Type TRACERT followed by the domain name or IP address you'd like to find and hit Enter.

      If you don't have a Windows system -- or if you're of the opinion that the DOS prompt is a tool of unclean spirits -- you can use TraceRoute on line at http://blackice.hilotek.com/traceroute.php3. This TraceRoute works the same way the command included with Windows does -- enter the domain name or IP address into the field provided and hit Enter. It will actually trace from the ixa.net server to the domain you've entered, but this doesn't really matter, as it's the other end of the trace you'll be interested in. Thanks to Debbie Early for spotting the on-line TraceRoute.

      Here's an example of TraceRoute at work. In this example I've had TraceRoute look for the path to yahoo.com, decidedly not a spam generator.

      C:>TRACERT yahoo.com
      Tracing route to yahoo.com [204.71.177.35]
      over a maximum of 30 hops:
      1 151 ms 161 ms 162 ms iah14.barrie.connex.net [209.212.39.193]
      2 164 ms 159 ms 163 ms bcicor1-100bt-e1.barrie.connex.net [205.189.200.35]
      3 270 ms 327 ms 234 ms spc-tor-7-Serial3-1.Sprint-Canada.Net [207.107.244.213]
      4 261 ms 260 ms * core-spc-tor-2-POS2-0-0.sprint-canada.net [204.50.128.13]
      5 * 180 ms 179 ms sl-gw21-pen-1-1-0-T3.sprintlink.net [144.228.178.5]
      6 177 ms 189 ms 195 ms sl-bb10-pen-5-2.sprintlink.net [144.232.5.133]
      7 231 ms 245 ms 233 ms sl-bb22-stk-6-0.sprintlink.net [144.232.8.178]
      8 230 ms 232 ms 259 ms sl-bb21-stk-9-0.sprintlink.net [144.232.4.105]
      9 258 ms 234 ms 244 ms sl-bb21-stk-0-3.sprintlink.net [144.232.4.82]
      10 291 ms 287 ms 320 ms isi-border2-hssi4-0-0-T3.sprintlink.net [144.228.147.10]
      11 325 ms 294 ms 326 ms fe4-0.cr1.SNV.globalcenter.net [206.251.7.42]
      12 288 ms 266 ms 307 ms pos0-0.wr1.SNV.globalcenter.net [206.251.0.106]
      13 305 ms 305 ms 262 ms pos1-0-OC12.wr1.NUQ.globalcenter.net [206.251.0.73]
      14 310 ms 320 ms 306 ms pos5-0.cr1.NUQ.globalcenter.net [206.251.0.121]
      15 310 ms 295 ms 311 ms yahoo.com [204.71.177.35]
      Trace complete.

      If I wished to get in touch with the upstream provider for yahoo.com, I could send e-mail to root@globalcenter.net. Unlike return addresses, the route a message takes over the Internet cannot be faked by a spam generator. They can run... and slither, crawl, ooze and burrow... but they cannot hide.

      One of the most convincing bits of evidence that the originators of most junk e-mail know little about the Internet is the frequency of their messages containing toll-free numbers to call for more information about whatever they're hawking. Note that in addition to 1-800 numbers, 888 and 877 numbers are also toll free, a recent innovation of the phone company as the supply of 800 numbers began to diminish. An 800, 888 or 877 number is just like a regular number, except that the owner of the number pays for all calls to it, rather than the originators of the calls. Every time you call an 800, 888 or 877 number, the owner of the number gets billed.

      This is an opportunity to demonstrate in concrete, bottom-line terms that junk e-mail is wasting your valuable resources. Call the toll-free numbers in these messages. Call them after hours so you can leave voice-mail messages for the people who sent you the unwanted e-mail. Again, be polite and businesslike. Tell them that you didn't appreciate having your e-mail resources abused. Ramble on for as long as possible. Read a poem. Put the telephone down in front of your stereo and leave it there for a while. Let your kids play with it for a few minutes. Explain why the air to fuel mixture of the carburetor used in a 1958 Edsel is so critical, and how your brother in law can adjust one with a can opener. Recite the value of PI to eleven hundred decimal places. Make it a very expensive call.

      I should point out that in some jurisdictions, it's illegal to make multiple calls to an 800 number. It's also arguably a point of questionable ethics to behave no better than spam generators. One really verbose call will probably do it -- there will no doubt be many other callers waiting their turn.

      In many cases, the toll-free numbers merely connect to canned messages, which hang up when they're done. In this case, pressing zero on a touch-tone phone will typically interrupt the message and get you to a voice mail recorder.

      Under United States telecommunications law, it's technically illegal to send someone unsolicited advertising over any common carrier telephone, or telephone data device, such as a FAX machine. A computer connected to a modem and a printer can serve as a FAX machine, and can be regarded as a FAX machine if you stretch the point. As such, if you're in the United States, you might want to add this to your message:

      Your message is in violation of the Federal Telephone Consumer Protection Act of 1991, and Collateral Code of Federal Regulations (47 CFR 64.1200). The TCPA allows a private right of action against the sender of unsolicited advertising. The recipient can sue for $500, or actual damages (whichever is greater).

      There's more information about this statute at http://www.law.cornell.edu/uscode/47/227.html.

      Many spam generators will claim that their activities are protected under the first amendment of the United States constitution -- assuming you can track 'em down and get them to claim anything at all. It might well be argued that few if any of them have actually read the United States constitution. While this is probably another matter that would require a lot of lawyers and no small amount of court time to resolve absolutely, you can make up your own mind. Here's what the first amendment actually says:

      Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the government for a redress of grievances.

      As spam exists very much in a legal vacuum at the moment, it could be said that as august as this declaration is, it does not bear upon the issue of unsolicited e-mail. In any case, your attempting to prevent other parties from spamming you does not constitute congress making a law, and as such is not addressed in the first amendment.

      Write the Postmaster
      The Internet is a network of networks. It's comprised of thousands of servers all over the world. Every e-mail account is hosted by one of these servers. Most large companies have dedicated servers of their own, but these companies also typically have system administrators to enforce reasonable behavior on the net -- you're unlikely to have your e-mail spammed by General Motors or IBM. For the most part, commercial junk e-mail originates with the servers of commercial Internet providers.

      Commercial Internet providers typically have enough of a sense of Internet propriety not to condone this sort of thing if they know about it. As such, the second step in preventing the abuse of your e-mail resources is to complain to the owner of the server from which the offending mail originated. This is usually easy to do, because Internet providers typically set up accounts on their servers called root and postmaster. Of late, many of the larger Internet providers have also created accounts called abuse to receive mail specifically dealing with abuses of the net by their users.

      If you receive junk e-mail from someone called stockbroker@polyester.com, you can send a message to the system administrator for the server in question at postmaster@polyester.com. It's not a bad idea to duplicate the message to root@polyester.com, webmaster@polyester.com and abuse@polyester.com. In the case of most of the larger Internet providers, and of the large on-line services that provide Internet access, such as CompuServe and America On Line, you'll receive a canned reply immediately and a personal reply a few days later if the system administrator of the server has any questions.

      Once again, it's important to be polite and businesslike when contacting the system administrator of a server. Chances are they don't know about the abuse being conducted over their server. Here's the message we use in this case:

      stockbroker@polyester.com

      The above user has been sending unwanted and unsolicited e-mail to this address. We would like to request that you instruct this person to delete our e-mail address from his or her junk-mail list immediately, and to never contact us again for any reason.

      Our private e-mail facilities are not an advertising medium. People who use them as such abuse our resources and waste our time.

      Append the original unsolicited message to your message to the system administrator, including all its headers.

      Keep in mind that most e-mail readers supress part of the block of headers which accompanies each message. These headers, while of little interest if you just want to read your mail, will identify the real author of spam e-mail even if said author is not sufficiently proud of his or her work to use a genuine return address. Always reveal these headers when you're dealing with spam, and especially if you're contacting the owner of the server from which it originated. The function for revealing the complete header block of a message varies among e-mail reader packages -- if you're using the Eudora software, it's handled by an otherwise mysterious button at the left side of the tool bar labelled "BLAH BLAH BLAH."

      You'll probably encounter spam from parties who provide dummy return addresses which point to the domains of well-known ISPs and on-line services, such as America On Line, CompuServe, AT&T and so on. You might want to include this addition to your reply message in these cases:

      A note to America On-Line, CompuServe, AT&T and other ISPs who frequently find themselves referenced in bogus return addresses: Parties who claim to be sending mail from your domains when they are in fact not doing so are committing fraud. Spam e-mail typically references telephone numbers, physical addresses or web pages which are not bogus. If someone has used your domain for a bogus return address, please don't tell us about it. We urge you to find the party responsible and prosecute them.

      If someone sends you e-mail with a CompuServe address as its return, for example, they are tacitly implying that they are doing so having complied with the rules imposed by CompuServe upon its users. CompuServe does not actually permit its members to send spam from its domain, of course, although someone using a CompuServe bogus address to could be said to be tacitly implying that they do. A lot of lawyers would no doubt have to get involved in this question were such an issue to go to court. Fortunately, they'd be CompuServe's lawyers, not yours.

      Spammed by the Pros
      Sadly, there are companies whose business is generating spam. They collect e-mail address lists and generate spam for "clients" who pay them to send the mail and take the heat. Complaining to these characters rarely works -- we encountered a spam generation company of late which maintained that they had the right to spam, and that not spamming would have constituted censorship of their clients. Perhaps they wanted to be lawyers but they couldn't afford a Beamer.

      One such company, by the way, is called Cyber Promotions Inc. It's unlikely that you won't find yourself spammed by them at some time. You might be comforted in knowing that several successful legal injunctions have apparently been obtained to prevent Cyber Promotions from spamming members of some of the larger on-line services, such as Prodigy and AOL.

      Clearly the courts don't agree that Cyber Promotions has a right to spam.

      You can actually shut these spam generators down fairly readily, as least as they pertain to your e-mail address. Most high-end mail packages, such as the redoubtable Eurdora Pro, have message filtering systems. You can create filters which will automatically reply to messages from specific addresses, or from specific domains. As such, if you create a filter which replies to any message from the domain @polyester.com, for example, you'll never see another message from anyone mailing from this domain.

      In creating the automatic reply for a message filter, once again, be polite and businesslike. You might want to mention that no human being ever actually saw the spam in question -- that it was handled entirely by a mail filter -- and that the company generating spam on behalf of its sender is largely a waste of whatever money they're charging for this reason.

      When Only a Threat Will Do
      The foregoing remedies to junk e-mail work -- most of the time. Entrepreneurial suits who think the Internet is just a huge wall upon which they can staple posters can usually be dissuaded of their misconception. Most system administrators hate spam e-mail more than you do. Now and again, however, you'll encounter someone who needs a bit more convincing. A mild threat will help.

      Here's the threat:
      If this waste of our resources does not cease immediately, please be advised that we will activate the Revenge(tm) program for this user. Revenge will automatically sign this user up for almost 300 mailing lists to provide a graphic illustration of what it's like to receive unwanted junk e-mail.

      Several such programs actually exist, and even if you have no access to one and wouldn't use it even if you did, it's a very nasty threat. Some of these automatic mailing lists can take months to get dislodged from. I certainly wouldn't consider actually turning one loose -- I can't help feeling that doing so would lower its user to the ethical sub-stratum occupied by the authors of spam. I don't feel that deluding someone who abuses my e-mail into believing that I'll do so constitutes a serious lapse in ethics, however.

      I should note that we have received one reply to this message from a spam generator. They were of the opinion that this threat constituted some manner of criminal action against their client, that is, that this message threatened to mail-bomb their server. The spam that prompted this message began "Dear Adult Webmaster" and contained fourteen spelling mistakes.

      While another matter for the real lawyers to sort out, keep in mind -- should you receive a similar reply to it -- that it does not threaten to mail-bomb anyone. It threatens to cause an indeterminate number of list servers to send a lot of unsolicited e-mail to the author of the offending spam. Inasmuch as the author of the spam has clearly indicated that he or she feels that unsolicited e-mail does not constitute abuse, they can hardly object to your use of it to communicate your feelings on the matter.

      You might also be comforted in considering that while people who can't spell "lawyer" can hire one, they rarely do so.

      How the Hell Did They Find Me?
      It's worth knowing how the perpetrators of junk e-mail come up with the e-mail addresses to send their messages to. There are several sources of mailing lists, but most of them originate as the return e-mail addresses attached to usenet postings in newsgroups. Having said this, I should note that we've actually received several spam e-mail messages trying to sell us mailing lists of e-mail addresses to send junk e-mail to.

      If you post to usenet, chances are you'll receive junk e-mail sooner or later. Avoiding usenet entirely is one solution, albeit a fairly radical one. You might try not providing an e-mail address for your newsreader -- this has the catch of not allowing people who wish to respond to your posts to get back to you personally. At least, this might be a catch. It might be a feature, too.

      There are mailing lists about generated by software that automatically roams the web looking for e-mail addresses embedded in web page. This won't be a concern unless you have your own web page.

      The software that gathers e-mail addresses from web pages is referred to as a "harvester". If you know a bit about harvesters, you can undertake to defend your web page against their privations. Specifically, you can poison them.

      Unlike their namesake, web page harvesters don't have a windburned old guy wearing a John Deere baseball cap to guide them. They simply spider from page to page, blindly collecting any e-mail addresses they find and visiting all the links they encounter. Good programmers are hard to find, and they can make a lot of money if they really know their stuff. Specifically, they can make a lot more than generating spam is likely to pay them. The e-mail harvesters seem to have been written by less than gifted software development teams, and as such are usually easily fooled.

      The WPoison software is a product of E-Scrub Technologies of Roseville, California. It's freeware as of this writing. Ideally, WPoison should run as a CGI program on your web server, but E-Scrub also provides a link to the software running on their own server, should you be unable to run CGI programs on your own.

      At least as far as an e-mail harvester knows, a link to the WPoison program looks like a conventional web page link. If it's the very first link in your page, it's the first thing most harvesters will look at. When they link to it, it will generate a page with a number of randomly generated -- and wholly bogus -- e-mail addresses. The page will also contain some meaningless text to make it look like a real web page, and several additional links for the harvester to follow. All the links will point back to WPoison, such that when the harvester follows them, it will get another page of bogus addresses and links.

      This process is similar to calling the IRS or Revenue Canada to find out what happened to your tax refund.

      Depending on the architecture of the harvester in question, a link to WPoison can be sufficient to protect the genuine e-mail addresses at your page from inclusion in spam lists. Because the web of links created by WPoison is infinitely deep, a harvester that links to it may never extricate itself from the WPoison web.

      At the very least, it will help fill the spam list being generated with an enormous volume of monkey dandruff.

      You can download the WPoison source code at http://e-scrub.com/wpoison/. You'll need to be able to compile this on your server. If this is a bit beyond you, you'll also find instructions at this page for using WPoison on E-Scrub's server.

      It's probably worth keeping in mind that whenever you disclose your e-mail address over the the web, you're accepting a fairly substantial risk of having it added to someone's spam list. I've encountered several on-line businesses which have explicitly stated that they keep the e-mail addresses they collect confidential, and sold them none the less.

      Most of the web pages which want your e-mail address won't actually do anything immediately useful with it. If you're not certain about the integrity of the owner of a page that asks for your e-mail address, you might want to consider accidentally mis-typing it.

      A better approach still is to avail yourself of one of the many free e-mail providers, such as Hotmail, Yahoo, Netscape and so on. These services will allow you to create a no-cost e-mail account for yourself. Use your free e-mail address for situations wherein you're required to provide an e-mail address to a web page. Your free e-mail account will probably get spammed back to the stone age -- when the spam gets too thick, you can abandon the account and create a new one.

      There Ought to be a Law
      With the growing controversy and general level of shouting surrounding spam, you might well ask whether there are any laws available to deal with the unauthorized use of your e-mail resources. For practical purposes, none exist at the moment in Canada or the United States. There were originally four proposed bills before the United States senate or congress which sought to address the issue of spam. Here's a quick overview of them, with links to the text of the bills themselves. There's a much more detailed discussion of these bills at the CAUCE page, an excellent anti-spam resource.
      • Bill H.R. 1748, "The Netizens Protection Act of 1997", or the "Smith Bill". This bill seeks to make it possible for the recipients of spam to sue the parties responsible for sending it, to a maximum of $1500 per message. While it means that the recipients of spam must take legal action on their own behalf against the parties responsible for sending them unsolicited e-mail, at $1500 a pop the bounty on spam generators is fairly attractive.
      • The Torricelli Bill, S.875 effectively legalizes spam and requires that parties not wishing to receive it provide their addresses to a filter. In effect, it seeks to legitimize spam by providing a somewhat impractical but technically workable way to prevent extreme abuse. Of course, to completely eliminate spam, you'd have to track down every list your e-mail address might have found its way onto, a largely impossible task. This is a bit like pinning a note your kid that reads "please don't sell me any crack."
      • The Murkowski Bill, S.771 legalizes spam and makes ISPs responsible for filtering it. It requires that spam be addressed in such a way as to make it identifiable as unsolicited advertising. ISPs who fail to comply with the filtering requirements would face severe fines. This is somewhat like the Torricelli bill, except that if you fail to pin a note your kid that reads "please don't sell me any crack" and someone succeeds in getting your kid hooked on drugs, they'll send you to jail rather than the dealer.
      • The Tauzin Bill, H.R. 2368 is arguably the funkiest of the lot. It legalizes spam and creates an advisory panel to establish guidelines for the responsible use of commercial spam. Adherence to the guidelines would be voluntary. To continue the analogy, I think of this one as buying a group of crack dealers lunch and asking them to tell all their friends to leave your kid alone.

      As of this writing, all of these bills have failed to be passed into law, and all are effectively dead.

      One of the most frequently mentioned ostensible lawsx pertaining to spam is bill s.1618. You'll probably find references to it in spam, such as:

      This is an "Unsolicited Commercial Email", not "Spam".
      This message is sent in compliance with the new e-mail bill:
      SECTION 301. Per Section 301, Paragraph (a)(2)(C) of S. 1618

      This message complies with the United States Federal requirements that allow the sending of commercial email.

      This notification is, of course, wholly bogus. Bill s.1618 did pass the United States senate, but it died in conference and never became law. Notifications like this one are clearly intended to add legitimacy to spam, and to frighten its recipients into believing that its authors had a right to send it. You can safely ignore them.

      There is one new piece of spam-related legislation pending in the United States senate as of this writing:
      • Bill S.759, drafted by senators Murkowski and Torricelli, requires that unsolicited e-mail include valid contact information, prohibits forged headers and requires that spam generators remove addresses from their lists when they're requested to do so. Domain owners would be permitted to block unsolicited e-mail, but they would be required to maintain lists of their users who don't want to have their unsolicited e-mail blocked, and to make said lists available to spam generators. Domain owners would be required to make arrangements at their expense to allow their users to opt out of the domain owners spam blocking. Domain owners would be required to register the status of their domains with regard to blocking unsolicited e-mail with the Federal Trade Commission. To continue the earlier analogy, this one's like giving drug dealers permission to get your kid hooked on crack, as long as they agree to leave their name and address with the drugs and to promise not to get your kid hooked on crack again if you ask them nicely. It permits and largely legitimizes spam, while placing the burden of avoiding it on the shoulders of its recipients.

      Many users of the Internet are dismayed at the prospect of the net's inherent freedoms being diminished by the passing of legislation to regulate it. I certainly am. It's important to keep in mind, however, that laws are what society usually does when it's confronted by a small group of its members which does not share its values. Laws which seek to restrict the ability of spam generators to abuse your e-mail resources, if they come to pass, will be enacted for the same reasons that laws which seek to restrict thieves from access to your house at two in the morning were created.

      Here's an important legal pontification. All legislation is, by its nature, somewhat restrictive. It embodies a tradeoff -- we give up some freedom to behave any way we like in exchange for protection from others who, in behaving any way they like, would stomp on our prerogatives. It's arguably preferable to give up the right to enter anyone's home whenever you choose in exchange for the security of knowing that your home will not be invaded at regular intervals. In the case of spam legislation, if it's enacted correctly, it's arguably preferable to give up the right to mass-mail unwilling recipients -- something you'd probably never actually want to do in any case -- in exchange for protection from less principled users of the Internet flooding your mail box with advertising.

      This abstract precept does not, of course, address the very real concern that legislation which seeks to protect users of the net from spam might be poorly drafted, and do more harm than good. The place where the rubber meets the road is a good deal less predictable than the spot where it meets the floor of a wind tunnel.

      Religious, Racial and Sexual E-mail
      There are far darker sorts of unsolicited junk e-mail. We receive a fair bit of mail from religious extremists. I regard most of this as being another sort of commercial solicitation, and usually deal with it the same way as I would advertisements for condos and adult videos. God appears to have become just another commodity to some of her creations.

      Virtually all of the religious junk e-mail I've encountered has been from christians -- clearly from a very tiny, weird minority thereof. If you're into scripture, you might be able to think up something in the old testament to send back to these characters illustrating the evil of their ways. Mention that the number of the beast has an @ sign in it -- this always gets 'em a bit steamed.

      Clearly, telling the authors of religious tracts that appear in your e-mail that you don't want to do business with them isn't of much use -- however true it might be. Outraging them is somewhat more effective. If you're not fortunate enough to actually be pagan, pretend to be one for a few minutes. The goddess will understand.

      Racial and sexual junk e-mail is a rather more serious matter, because some of the people who send it are genuinely messed up. Toying with these characters -- or in fact even replying to them -- is a really bad idea. In many cases it's hard to know where they're located.

      If you receive e-mail of this sort, get in touch with the postmaster of the server from which it originated. Most ISPs are very helpful about this sort of thing -- the last thing they want is to have the police at their door brandishing a warrant to arrest anything with a microprocessor in it.

      Sexual or racial harassment by e-mail is no less a crime than similar harassment by telephone. If it looks serious or it persists, call the law. In the United States, the FBI has been taking these sorts of cyber-crimes really seriously, and they have the resources to trace through the net and find the originators of these messages.

      A Final Pontification
      Legislation grows best in a vacuum. If the problem of e-mail abuse gets to be large enough, various levels of government will feel the need to step in and try to legislate a stop to it. Not only will such legislation almost certainly be about as effective as spit in a wildfire, but it will unquestionably restrict the usefulness of the Internet for those of us who want to use it correctly.
      Government is always to be avoided.

      We, the users of the Internet, can do a lot to prevent unwanted e-mail from becoming a real problem. Use the techniques discussed on this page when you open your mail and find advertisements instead of correspondence. If junk e-mail offends you, you can at the very least enjoy the satisfaction of helping to mess up the day of its authors far more than they've messed up yours.

      Getting even is the best form of revenge. I think it was actually Archie Bunker who said that, but it's a pleasing sentiment none the less.

      As a final suggestion, when all else fails, use this:

      After repeated requests to remove our e-mail address from your junk e-mail list, we are still receiving unsolicited advertisements from your company. Please be advised that I have this day posted a live female tarantula spider to your company in an unmarked brown package. This spider was pregnant at the time of mailing, and may have produced offspring by the time it reaches you. Female tarantulas are exceedingly unstable in this condition. I recommend that your employees wear thick leather gloves when opening mail until the package arrives. Have a nice week.

      There are probably a few users of the net who bought one of those "How to Make Lots of Money on the Internet" books and are wondering exactly how to go about making all that money in light of what's appeared on this page. The answer is before you -- commercial resources on the Internet belong on the World Wide Web. If you create a page which has enough content to make it worth browsing, people will come and look at, and they'll read your ads. They won't even threaten you with live tarantulas.

      --Steven William Rimmer
      alchemy@mindworkshop.com (Spam this address at your peril.)

      Legal stuff: Our e-mail address is provided solely for communication with users of software and other products of Alchemy Mindworks Inc, and for questions specific to our on-line services, such as this web page. Do not send unsolicited advertising, chain letters, automatic messages or other spam to this address. Abuse of our e-mail resources may result in legal action or a leather-winged demon of the night dining on your pancreas.
      See Death to Spam for more about e-mail abuse and our policies thereon.


      Return to the Alchemy Mindworks home page. ]
      Cross-Indexed:

      New document Icon


Some pages may require Adobe Acrobat Reader


Copyright and Fair Use Information: The contents of this web site is protected by international copyright laws and may not be reproduced in any form or manner whatsoever, if for the purpose of resale or solicitation of a donation. The essays included here, may be reproduced only if: 1)They are not altered in any way; 2) reproductions must be accompanied by this copyright page ; and 3) it is given freely and without charge.
Fair use: The fair use of copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified in above sections, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright. In determining whether the use made of a work in any particular case is fair use the factors to be considered include : (1) the purpose and character of the use, including whether the use is of a commercial nature or is for nonprofit educational purposes; (2) the nature of the copyrighted work; (3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole, and; (4) the effect of the use upon the potential market value of the copyrighted work.
Home | About Narrative? |Contact
Copyright © 2025. All Rights Reserved
HAG122125 (1998 -2026)