[unisog] massive uptick in targeted spam this weekend and week

Michael Sofka sofkam at rpi.edu
Thu Oct 17 13:40:33 GMT 2002

> Steve VanDevender wrote:
> > Steve VanDevender writes:
> >  > The nice thing, though, is that all the
> >  > stuff is showing up with sender addresses in the optingnow.com domain,
> >  > making it quite easy to block.
> >
> > Except as of last night they seem to have started using the domain
> > optprofessionals.com too.  Whois information seems to indicate this is
> > exactly the same outfit as optingnow.com.
> >
> > Exploiting open proxies to send spam full of forged headers is _really_
> > professional, isn't it?

I am not a lawyer, but I do  believe a case can be made that
using proxies, other open relays, etc. in this way is a violation
of the Computer Fraud and Abuse Act (CFAA).  That is, the spammer
has exceeded their authorized access on the machine, and the various
clean-up efforts consitute a "loss".

To wit, in EF Cultural v. Explorica (see June 2002 ;login, page 11)
a company was found in violation of CFAA for using a ``scaper''
program to read information off of a web site.  The reasoning, viewing
this public information by a human is ok, but automating the task
exceeded the granted authority and put a burden on the system, and
the administrators who has to determine if any damage had been done.

I think what we need is for a few of the victims to pursue criminal
charges against such spammers.  Once the word is out that this can
land you in a eyebrow-high pile of trouble, those spammers who
prize their liberty slightly higher then their cash flow will
back off.

This is also why I think anti-spam laws will have little effect.  It
is already illegal.  What is needed is enforcement.


More information about the unisog mailing list