| About | Legal | Contact | Resources | Home | mainsleazespam.com |
Date: June 26, 2003
From: Ronald D. Edge
813 Rosewood Drive
Bloomington, IN 47404
To: Senator Richard Lugar
306 Hart Senate Office Building
Washington, DC 20510
Subj: Spam Email Legislation Issues: Free Speech or Trespass to Chattel
Sen. Lugar,
I have written to you on this issue in the past. I have attempted to explain that unsolicited bulk email, regardless of content, will not scale. Spam email is now receiving attention in Congress because the volume has reached a level that threatens to destroy the viability of email as a means of communication. This is not a freedom of speech issue, this is an issue of private property, trespass to chattel, and massive cost shifting from the spammer to the recipient and the recipients’ ISP (Internet Service Provider).
The Internet is not a public network. It is by its physical and legal nature a voluntary joining of independently owned and operated local networks. These networks choose to accept or refuse traffic at their discretion. This is true whether it is a large ISP, a large web hosting corporation, a small mom-and-pop ISP, or an individual like myself who runs their own network.
The Internet is also global, not just limited to the USA. Control of the passage of traffic is not dependent on a limited number of nodes governed under the same rules as govern telephony under the Telecommunications Act and amendments. It is not a switched network as is the telephone network. And it cannot be governed in the same fashion unless Congress intends to usurp the intrinsic property rights of computer owners in the United States, something I hope you will realize and hesitate, no, refuse to support.
I maintain my own network within my home, permanently connected to the Internet, to support my ongoing technical education for my primary job, and to support my database and computer consulting activities, for which I declared significant income last year on my tax return, including equipment depreciation and investment, in addition to my regular salaried position income. I run my own web server, capable of hosting multiple virtual domains at my discretion and need. I run my own email server. I am my own ISP in that sense, having been provided a permanent IP and connection by my hosting ISP, at a significant monthly cost for connectivity and phone lines of about $250.00 per month. I am not spending that money to provide either corporations or con artists a platform to shift the costs of their bulk email campaigns onto my property and time.
All of the pending legislation in Congress which purports to try and address the critical mass that spam email abuse has reached is all completely misguided and off the mark, because it does not simply ban and make illegal ALL unsolicited bulk email, as must eventually be the case, as it was with junk faxes; instead, all of the bills pending in fact will LEGITIMIZE unsolicited bulk email, through such mechanisms as saying that unsolicited bulk emails must include ‘ADV’ in the headers to allow recipients to filter against, an ‘unsubscribe’ mechanism, not have forged headers, and not abuse computers by relaying through them. None of this is acceptable. It all totally misses the point, and displays a profound lack of understanding of the root problem: unsolicited bulk email, regardless of content, is destroying the very medium it seeks to exploit. It is not a question of stopping porn, Viagra ads, Nigerian 419 scams, etc. It is not a question of content at all. It is a question of volume and scale and cost shifting.
After the mass introduction of the fax machine into offices, fax machines were being overwhelmed by unsolicited faxes, representing massive cost shifting to the owners of the faxes due to the wasted paper. Business faxes became almost useless because the owners could not find their legitimate expected faxes among the dreck being pumped through their machines. Thus were passed the amendments to the Telecommunications Act banning junk, unsolicited faxes. This same logic MUST apply to stopping junk email. It represents the same cost shifting. It represents the same threat of overwhelming the recipient, and rendering the medium useless.
Congress is looking now at bills that are ill-advised legislation that, rather than making spam illegal, actually legitimize it. The result will be such a flood of spam and email abuse that within less than a year, email will cease to function as a viable communications medium (it verges on that now, and the volume is increasing daily at astounding rates). Then Congress will have to admit its error and pass legislation that SHOULD be passed now, quite simply banning any and all unsolicited bulk email. The historical precedent of junk faxes is simple to understand. Congress needs to look at that, and ignore the money and distortions of fact being pushed by corporate lobbies and the Direct Marketing Association. Congress, if it is to pass legislation, should pass proper and effective legislation now, completely banning all unsolicited bulk email.
I have invested tens of thousands of dollars over the past decade in my personally owned computing infrastructure, which is permanently connected to the Internet from within my home. I am in essence now my own ISP, http://edgeinfotech.com. No one, be it a spammer hawking illegal drugs, pornography, mortgage rates, or pyramid marketing schemes; or be it Bill Gates, trying to make the world safe for spam by Microsoft and other major corporations: none have the right or should have the right to trespass on my property, i.e. my servers, without my PRIOR permission.
Bill Gates and the DMA are not interested in stopping spam. They simply believe, acting entirely out of self interest, that they can stop the current wave of spam by con artists and crooks, but make the Internet safe for their spam. The fact that they will be sending unsolicited bulk email in the same numbers, with the same disastrous consequences, seems to escape them completely. It is NOT THE CONTENT of the spam that is the problem. It is the sheer numbers that simply overwhelm the medium, shifting costs to the recipient ISPs and users, and filling inboxes with not just 100’s, but 1,000’s of junk emails daily, causing users to be unable to locate and manage their legitimate personal and business email.
If I were to be legally required to accept any and all unsolicited bulk email through my email server, the ensuing flood of billions of messages would crash it in about 30 seconds, and render it useless. If that is not trespass to chattel, I do not know what is.
And such a prediction of the deluge is not a figment of my imagination, nor is it an exaggeration.
Are you aware that AOL within the past three months has seen the amount of spam email they are successfully trapping and blocking in an attempt to defend their members rise first to the until recently unheard of benchmark of one billion, and within weeks currently hitting almost 2.5 BILLION rejected spam messages EVERY 24 HOURS. Hotmail is experiencing the same phenomenon. I maintain one hotmail account for posting to Internet forums, and it currently is drowning in spam to the point of uselessness. Every 4 -5 days sees it flooded with about 100 messages. Half are trapped as spam, half still make it into my inbox. Of all those, usually 2 – 5 are legitimate messages, almost lost in the flood. That account has just about outlived its usefulness as an ‘anonymous’ account for posting to public fora on the Internet for this reason.
I assure you that whatever laws Congress passes, I will continue to implement blocklisting on my resources and deny traffic from any and all parties that engage in this form of Internet abuse, for that is what it is. Such email will simply be bounced based on information in the header the nanosecond a request from the sending MTA is received and processed by the receiving sendmail MTA (mail transport) daemon running on my email server, based on the rules I have implemented referencing major blocklists maintained across the Internet by volunteers seeking to save email from imminent destruction, supplemented by my personal access lists.
Although the RFCs (Internet standards documents) mandate a message and a rejection bounce back to the sender, some in the email support community have begun to consider, due to the massive flood of spam, simply dropping the message altogether without even wasting cycles on a bounce with a message, since the majority of the spammers ignore these refusals anyway, and continue attempting to trespass on the servers rejecting their mail, again and again and again. In fact, most spammers do not design their spam runs to wait for the dialog with the recipient mail server to complete, as per RFC standards, i.e. they do not even look for a reply indicating acceptance or rejection during the dialog establishing communication. They just stream their abuse onto the Internet asynchronously, without waiting for the reply from the recipient MTA (mail transport agent), in order to save time. They do not care about bounces, they do not care about the negative impact they are having on the recipients’ resources.
Did you know that many of the hardcore spammers and some would-be legitimate mass email operations engage in ‘dictionary attacks’, what the would-be ‘legitimate’ email houses call ‘e-pending’. This means they generate millions of messages by either randomly generating addresses at the target domains, or by taking names from traditional customer mailing lists and trying to guess what the email address at a domain might be. Can you imagine the strain on the receiving email server, as it rejects perhaps millions of attempts to deliver email with invalid names, just so the spammers can possibly get through with a dozen hits to real names, in the hopes that a handful of recipients will respond? Every attempted delivery requires cycles and storage on the recipient server. There are documented cases of servers crashing under the load of spam targeting them. That is just one sample of the abuse going on right now in regard to spam email.
Once again, note that it is not a question of legitimate corporations spamming vs. fly by night con artists. It is an objective question of the volume, and the lack of consent and prior confirmed subscription to bulk email lists that is the issue.
Email is a powerful and effective tool for marketing and communication. I do email marketing myself on behalf of my employer. But we email ONLY to addresses that have subscribed, that is in the current lingo ‘opted-in’ ahead of time. Note also that ‘double opt-in’, a term you will see bandied about in discussions of mass email, was created by the spammers to try and make the idea of ‘opt-in’ subscriptions seem onerous. It is not. It is an absolute requirement if anyone running any email lists wants to avoid becoming a vehicle that can be used to abuse others. The term ‘double opt-in’ is an attempt to mislead as to the nature of the confirmation process, and describe it in a pejorative fashion.
When anyone subscribes to an email list, they should be sent an email to the address they are signing up, to which they wish future email to them from the list directed. The email list owner must send a request for confirmation, asking that the recipient verify it was indeed them that made the subscription request. The recipient must respond to that email by email or by going to a link provided on a web site, either of which should have some sort of unique token in embedded in the request for confirmation to insure against forgeries, thereby CONFIRMING that it was indeed them that requested to be signed up, i.e. to subscribe. Lists that do not do this simple confirmation, this simple ‘confirmed opt-in’ step, are wide open to abuse. Anyone can sign anyone else up as an act of abuse, and they do so all the time on web sites and email lists that do not implement confirmed subscriptions. One of the favorite harassment tactics on the Internet is signing up the address of someone you wish to harass to multiple unconfirmed pornography advertising lists, for instance.
In closing, I can only plead that you, as one of my representatives in the United States Congress and Senate, inform yourself on these issues, and insure that legislation, if passed, does not legitimize a form of abuse that threatens to destroy the medium. Instead, take the lead and provide needed relief to this drastic situation by voting only for legislation that mirrors the solution to the junk fax epidemic. Take action only by outlawing all unsolicited bulk email. Most of all, you must not support any legislation that denies the individual states the right to pass more restrictive and protective consumer legislation on this issue as they see fit. Nor should you support any legislation that denies in any fashion the right of ISPs to continue, as they have done to date, to specify in their contracts for terms of use and accepted user practices of their customers, that abuse such as spam email is absolutely forbidden, and that any customer engaged in said practice may be subject to immediate termination from service.
Most importantly, you must not support legislation that denies me the right to protect my property by blocklisting and refusing traffic from spam sources on the Internet. You would not deny me the right to refuse traffic from sources on the Internet attempting to hack into my machine; or infect it with worms, Trojans, viruses, and all the other sundry malicious acts that are rampant on the Internet. At least that is my working assumption. Spam email belongs in that category of abuse, and must be treated and rejected and brought under control just as those forms of abuse and trespass are managed.
Thank you for your time in considering my thoughts on what is one of the most pressing issues facing the future viability of the Internet as a medium of personal communication and commerce. It is a benchmark issue that will determine much about how we as a society will respond to the rampant abuse on the Internet in so many areas. I hope that you will seriously consider the points I have raised, and let them influence any decisions you may make in the future regarding bills on this issue that come before Congress.
Yours truly,
Ronald D. Edge