FTC: Do-Not-Spam Registry is No-Go

FTC: New System to Verify Origins of E-Mail Must Emerge Before “Do Not Spam” List Can Be Implemented, FTC Tells Congress

The Federal Trade Commission today told Congress that, at the present time, a National Do Not Email Registry would fail to reduce the amount of spam consumers receive, might increase it, and could not be enforced effectively. In a report filed in response to a statutory mandate, the FTC also said that anti-spam efforts should focus on creating a robust e-mail authentication system that would prevent spammers from hiding their tracks and thereby evading Internet service providers’ anti-spam filters and law enforcement.

Full Report: The CAN-SPAM Act of 2003: National Do Not Email Registy: A Federal Trade Commission Report to Congress (June 2004)
MSNBC: Do Not Spam list won’t work, FTC says
With a recent uptick in the volume of spam, technical means will be needed to control the deluge, because normative and legal means alone are currently insufficient. If spammers can not be convinced to play by the rules, then the physics of the ecosystem need to be changed.
Both Microsoft and Yahoo are developing technical measures to stem the tide of spam. Wired News: Net Rivals Embrace to Fight Spam. Microsoft’s approach, known as Sender ID, would “require organizations to set up e-mail servers so that they automatically verify the domain from which e-mails were sent.” Yahoo’s DomainKeys system will verify that the “from” address in an e-mail is not faked by using cryptography.
Yahoo: DomainKeys: Proving and Protecting Email Sender Identity

DomainKeys is a technology proposal that can bring black and white back to this decision process by giving email providers a mechanism for verifying both the domain of each email sender and the integrity of the messages sent (i.e,. that they were not altered during transit). And, once the domain can be verified, it can be compared to the domain used by the sender in the From: field of the message to detect forgeries. If it’s a forgery, then it’s spam or fraud, and it can be dropped without impact to the user.

Yahoo hopes that the concept will become an Internet standard.
From Microsoft, Microsoft Is Committed to Help End the Spam Epidemic and a Q&A: Microsoft’s Anti-Spam Technology Roadmap.

Anti-Spam in the EU

BBC News: United front against spam urged

[EC’s Information Society directorate Philippe] Gerard said that this directive had now been transposed into national laws in many member nations, but that by itself, it was not going to stop spam.
“Legislation is just part of the answer,” he said.
The threat of legal action might deter some spammers from getting started and would help punish those that break the law, said the EU official, but there was much more that industry had to do to make its anti-spam work really effective.

10 Years of Spam

Spam’s Tenth Birthday

Ten years ago today, spam as we know it was born. On 5 March 1994, a message was posted to some Usenet newsgroups by a law firm called Canter and Siegel, advertising their services for the U.S. Green Card lottery. It sounds mild enough today, but at the time that move and its follow-ups provoked increasing outrage across the Net. Many were appalled that “netiquette” – the unspoken rules that hitherto had maintained order in cyberspace – had been breached, sensing perhaps that things would never be the same again.

And look what it’s grown up into: a societal problem that has effectively killed Usenet as a useful resource and is on its way towards knocking off e-mail. We’re so proud.


Pew internet & American Life Project: The CAN-SPAM Act has not helped most email users so far

The impact of the CAN-SPAM legislation is mixed, but not very encouraging so far. The vast majority of email users report no change in the volume of spam arriving in the in-boxes of either their personal or work-related accounts. A slightly larger percentage of email users report their volume of incoming spam has actually increased rather than decreased since January 1. At the same time, some email users say they are getting less spam both in their personal email accounts and in their work accounts.

Previously: CAN-SPAM Can’t Stop Spam

First suit under CAN-SPAM

Wired News: ISP Files First Can-Spam Lawsuit 

Hypertouch, based in Foster City, California, filed the suit on Thursday claiming the owner of BobVila.com and its marketing affiliate BlueStream Media violated provisions of the Can-Spam Act by sending out e-mail advertisements containing missing contact information. The suit claims that BlueStream Media forged the header information that can help e-mail recipients identify where a message originated

Hypertouch has the complaint