[unisog] massive uptick in targeted spam this weekend and week

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Thu Oct 17 17:01:32 GMT 2002


On Thu, 17 Oct 2002 09:40:33 EDT, Michael Sofka <sofkam at rpi.edu>  said:

> <2cents>
> I am not a lawyer, but I do  believe a case can be made that
> using proxies, other open relays, etc. in this way is a violation
> of the Computer Fraud and Abuse Act (CFAA).  That is, the spammer
> has exceeded their authorized access on the machine, and the various
> clean-up efforts consitute a "loss".

IANAL either - but this argument would probably be countered by a defense
lawyer who took a variant on the "Welcome to VMS" argument.  The site running
the open relay and then complaining is similar to a gas station that has
an air pump that doesn't require a quarter first, is *lacking* a "free air
for customers only" sign, and then complaining that nobody is paying for
the use of the air pump.

The "scraper" program is different than a proxy - you can argue that the web
pages were intended for human consumption and "scraping" is overkill.  Access
to the web pages was provided so the person reading the page in a browser could
benefit from the information on each page as it was presented - there is a
reasonable expectation that having a program go through 2,000 pages just to
harvest any e-mail addresses that were listed *incidental to the main purpose
of the page* is abusing the intent of the page.

But a relay or proxy is there for *one reason* - to allow another software
program to send its data through it.  Each connection to send spam through is
using the proxy or relay *for its intended purpose*.

-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20021017/a0b2c310/attachment-0006.bin


More information about the unisog mailing list