Want some history?

I was doing some research today for an article I’m working on. The research led me to a San Francisco Law Review article from 2001 written by David E. Sorkin. Technical and Legal Approaches to Unsolicited Electronic Mail (.pdf link). The text itself is a little outdated, although not as much as I expected. There’s quite a good discussion of various ways to control spam, most of which are still true and even relevant.

From a historical perspective, the footnotes are the real meat of the document. Professor Sorkin discusses many different cases that together establish the rights of ISPs to filter mail, some of which I wasn’t aware of. He also includes links to then-current news articles about filtering and spam. He also mentions different websites and articles written by colleagues and friends from ‘back in the day’ discussing spam on a more theoretical level.
CNET articles on spam and filtering was heavily referenced by Professor Sorkin. One describes the first Yahoo spam folder. Some things never change, such as Yahoo representatives refusing to discuss how their system works. There were other articles discussing Hotmail deploying the MAPS RBL (now a part of Trend Micro) and then adding additional filters into the mix a few weeks later.
We were all a little naive back then. We thought the volumes of email and spam were out of control. One article investigated the effectiveness of filters at Yahoo and Hotmail, and quoted a user who said the filters were working well.

“It’s really awesome because I get maybe 20 emails a day, and [it’s] mostly junk mail,” said longtime Yahoo Mail user Daniel Nikaiyn. “It’s saved me a lot of time splitting up junk mail and my email. Now I don’t have to sift through them.”

I think I got 20 emails yesterday just trying to register at one new site and do the password reset dance with another.
In addition to the news articles, I saw a bunch of documents and websites I’d nearly forgotten about. There were a group of people, and I include myself among them, that spent a lot of time trying to figure out how to fix spam. When it was 20 emails in my inbox it did seem somewhat silly. Yes, I can delete them. But the bigger issue was the lack of external economic constraints on the amount of mail senders could send. Sure, that day was 20 emails, but there was nothing stopping it being 100 in 6 months and 500 6 months after that.
In fact when I gave up the email address I was using in the late 90s there were days it was receiving hundreds of spams a month, and that was behind commercial grade filters run by my ISP which caught most botnet and snowshoeing spam. And that was just last year, when the overall volume of spam traffic had dropped from over 95% of email traffic down to under 85%.
The whole document is long, but Professor Sorkin did get one thing right.

Coordination of technical and legal mechanisms seems to be the most promising approach to the spam problem. The first step must be to agree upon the ultimate objective: it is quite easy to declare “get rid of spam,” but the definition of spam is sufficiently controversial that this first step may be the most difficult. Technical and legal measures can then be used in a complementary fashion—for example, technical measures can be designed so that one must break the law (or subject oneself to liability) in order to circumvent them, while those who evade or ignore legal controls could be subjected to blackholing and other technical responses.
Yet it is probably unrealistic to expect that the consensus required for such coordination can be achieved. More likely, the technical arms race between spammers and anti-spammers will escalate, and more and more innocent bystanders will be caught in the crossfire. States and countries will continue enacting an increasingly diverse set of spam-related statutes, and traditional legal theories will be stretched and distorted even further in efforts to address spam and other forms of “network abuse.” The news is not all bad; there have been advances in collaborative filtering by companies such as Brightmail, and some recent legislation seems to incorporate at least a rough comprehension of the underlying technology. Nonetheless, a coordinated solution to the problem of spam remains elusive at best. (footnotes removed)

Spam affects endusers less now than it did in in 2002 when the article was written. I don’t think Professor Sorkin envisioned a multi-billion dollar industry spam filter industry, but that is a major reason our inboxes are still useable. I don’t think the laws have necessarily caught up. In fact, my research this afternoon was started as I was thinking about how CAN SPAM is antiquated and doesn’t provide sufficient tools to effectively address spam as it is now. Despite how far we’ve come and how much has changed, spam is still here and will likely be here for the foreseeable future.

Related Posts

Affiliate marketing overview

Most retailers have realized that sending unsolicited email is bad for their overall deliverability. Still, the idea they can send mail to people who never heard of them is seductive.
Enter affiliate email. That magical place where companies hire an agency, or a contractor, or some other third party to send email advertising their new product. Their mail and company reputation is protected because they aren’t sending the messages. Even better, affiliates assure their customers that the mail is opt-in. I’m sure some of them even believe it.
The reality is a little different from what affiliates and their customers want to believe.

Read More

Don't like opt-outs? Target your program better.

I get a LOT of spam here. Most of it is marked and trivial to get rid of. Some of it is what I would call semi-legitimate. It’s a real product, but I never asked to receive any information from this company and am not actually part of their demographic. For one time things I just hit delete and move on. Life is too short to complain or opt out of every spam I get. (Tried that, got more mail)
But sometimes if the same sender keeps bothering me, I will send back an email asking them to cease contact. I recently had an occasion where someone sent an initial email trying to sell me bulk SMS, online video and other services. I ignored it because we’re not in the market for any of these services. A week later I get a followup asking why I hadn’t provided feedback to them and if there was a better person to talk to at the company. I looked for a way to opt-out of this message stream, but there wasn’t one. I send a reply telling them we were not interested in speaking to them and to please cease all communication. (“You didn’t receive feedback because I have no interest in talking to you. Please cease all future contact.” Admittedly that was terse, but it was polite.)
My request to cease communication was not well received, nor was it honored. Mind you, they first contacted me trying to sell me services that are totally off what we offer. When I asked them not to contact me, they turned it around that we’d lost business.

Read More

Outreach or spam?

This showed up in my mailbox earlier today:
Pluckyou
The tweet in question
pluckyou2
From Crunchbase: “Pluck is an email prospecting tool that gives you the email addresses of the people tweeting about subjects related to your business.”
Prospecting: another name for spamming. Look, I know that you want to sell you’re newest, greatest product to the world. But just because I tweet something with a # that you think is relevant to your product doesn’t mean that I want to get your spam. I also know it’s hard to get attention and find prospects; I’m a small business owner, too and I need to market my own services. But spamming isn’t a good idea. Ever.
There’s been a significant increase in this kind of spam “to help your business” lately. It’s a rare day I don’t get something from some company I’ve never heard of trying to sell me their newest product. It might be something if they tried a contact or two and then went away. But they’ll send mail for weeks or months without getting an answer. Look, silence IS an answer and it means you need to go away and leave your prospects alone.
Unfortunately, there are services out there that sell a product that let you “automatically follow up” with your prospects. Pluck up there uses one of them, as that’s who’s handling all the links in the message. In fact, if you go to the bare domain (qcml.io) they talk a good anti-spam game. “Die, spammers, die.” I reported the message to them. I’m not expecting them to actually do anything, and I’m not expecting a response.
It’s just spam under another name. There’s no pretense that it’s anything else. Even if it’s sent in a way that makes it look like a real person typed the message, like QuickMail offers. “All emails will come straight out of your personal inbox as though you typed them yourself.” As if you typed them yourself.
The worst part is there’s no real way to stop the mail. I can’t unsubscribe. The companies selling the software don’t provide any guidance to their customers about what the law requires. Take the message from Pluck that started the post. It violates CAN SPAM in multiple ways. Moreover, the address they used is not publicly associated with my twitter handle, which means they’re doing some harvesting somewhere. That means treble penalties under CAN SPAM.
I could reply and ask them to stop mailing me. I’ve done that a couple times with a message that says, “Please don’t email me any more.” I’ve got to tell you, some people get really mad when you ask them not to email you. Some just say yes, but others are really offended that you asked them to stop and get abusive. It’s gotten to the point where I don’t ask any more because of that one person who decides to harass, threaten and scream at me. Sure, it’s maybe 1 in 5, but I don’t have the time or energy to figure out who is going to be receptive and who isn’t. I don’t have time for that. No one has time for that.
I’m expecting that filters are going to catch up eventually and these types of mail will be easier to filter out. Until then, though, small business owners like myself are stuck in a place where we have to deal with spam distracting us from our business. At least I get blog content out of it.
 
 
 

Read More