Spam Arrest

[stumpy]

Thalenoi,

 

They say Spam Arrest will work with the 'paid' version of Yahoo but it doesn't. It creates a loop sadly between Spam Arrest checking your inbox and then forwarding the emails to you and then finding them in the Yahoo inbox again. You can only use it if you have it send the authenticated emails elsewhere. Hopefully they will fix this in the future.

 

Escape rabbit, I think spammers will find it hard to automate the authentication process as it requires a human to read the word (different every time) on the screen.

 

Cheers,

 

SD.

[Guest]

I've decided against Spam Arrest after learning about their privacy policy (see below article). They had the audacity to actually spam everyone who simply sent an email to a person with a spam arrest account! They also say they continue to spam people who sign up for their service (which isn't even free) and reserve the right to sell customer email addresses to others. I'll wait for someone with a better policy than that.

 

 

ED FOSTER'S GRIPELOG, The Reader Advocate Column, by Ed Foster

Thursday, May 15, 2003

 

 

Just Say No to "White List" Services

 

 

Perhaps the worst thing about the spam plague is the desperate

protection measures it's driving people to adopt. And perhaps the

worst of those protection measures is the growing number of "white

list" or "challenge/response" anti-spam services that block messages

from unlisted sources.

 

This first came to my attention earlier this year when readers started

complaining about a white list outfit called Spam Arrest. "I recently

sent an e-mail to a person I'd just met, and received an email from

Spam Arrest saying that because I was someone new, my e-mail was on

hold until I clicked a link to prove I was a human and not some kind

of spammer," wrote one reader. "Fair enough. About 30 seconds later my

e-mail was delivered ...So it's now about a month later and 'Spam

Arrest' is spamming me. They don't fake headers and the subject

includes 'ADV', but that doesn't change that is, without any doubt,

unsolicited commercial e-mail."

 

So Spam Arrest had decided it was within its rights to send out an

e-mail promoting its service to the email addresses of all of its

customers' approved correspondents. And, under its privacy policy

(http://spamarrest.com/privacy.jsp), there was no question it did,

since it states explicitly that it applies to both customers who paid

for the Spam Arrest service and "senders" who e-mailed those

customers. The senders did not quite see it that way, though, and the

resulting hue and cry quickly forced Spam Arrest to issue an apology.

It was inappropriate thing for the company to do, Spam Arrest

acknowledged somewhat reluctantly, and it wouldn't happen again.

 

But if Spam Arrest had at least learned not to be so blatant, some

readers continued to be concerned about the company's privacy policy.

After close study, one reader noted several disturbing things. "First

off, they basically lay claim to all e-mail addresses on their

customers' white lists, even those that the customers put on without

knowledge of the 'sender,' " the reader wrote. "How can they do that

when the sender may not even be aware that he or she is on the list?

But their policy says they can use that address for

marketing/promotional purposes, including advertisements."

 

The same reader also questioned another part of the privacy policy

that states: "Sender's information may also be sold or otherwise

provided to Spam monitoring or compliance agencies or

organizations..." What was that about, the reader wondered. Could a

bulk e-mail outfit be considered a spam-monitoring organization? Was

there an implicit threat that those who didn't sign on with Spam

Arrest might be reported as spammers?

 

A Spam Arrest spokesperson told me that, while the company will indeed

refrain from sending out any more spam, they still retain the right to

market to the senders. "The bottom line is that we are an anti-spam

company but we are not an anti-marketing company," she said.

 

As for the bit about selling senders' information, I was referred to

the company's outside counsel who had devised the privacy policy.

"Spam Arrest has never sold information and has no intent to do so,"

he said. The clause was written to allow Spam Arrest discretion to

work with a government organization or industry association that might

evolve in the future to have a legitimate spam-policing role.

 

OK, it's a lawyer's job to anticipate every eventuality and give the

client as much latitude as possible in its legal boilerplatese. So

maybe that ominous language was not motivated by malevolent schemes.

And maybe Spam Arrest will indeed refrain from any further spamming of

its customers' e-mail correspondents.

 

But why should we have to worry about these things at all? Remember,

we're not talking about Spam Arrest's customers -- we're talking about

people who just wanted to send a legitimate e-mail to one of those

customers. Or, worse yet, a person who was unknowingly on the white

list by that customer and never even had the chance to decline.

 

Think about it. If you sign up with one of these services -- and

there's a whole bunch of them out there now -- you aren't just

trusting the company for yourself. You are putting your e-mail

correspondents in the position of having to choose whether to trust

the service as well or not sending you a message you might want to

receive. Is that something you want to do to your friends and

business associates?

 

There are many aggressive anti-spam approaches (including, if you

must, implementing white lists on your own server without a third

party) that can be just as effective as what these companies can give

you. I don't know if Internet e-mail can ultimately be saved from the

spam curse, but I do know these white list and challenge/response

services are not the way to do it. Just say no.

[loner w/a boner]

Damn! I'm upset. I eagerly opened this post, hoping to find a link to a news story telling of a massive FBI/Interpol raid arresting spammers. I guess I'll have to keep waiting for that one.

 

Later,

 

[think_too_mut]

>can send a bounce to make it look like the email failed but they aren't checking, most of the time they are using fake details and return paths.

 

As most of us would know, the spammers use software that guesses email addresses. Of course, they have no track record of "sent mail".

 

Another thing are those sex sites that offer 1 hour free preview, just to get one's email address and send "a free password".

 

I believe no technology would solve this problem. It has to be an old-times law on paper.

 

Microsoft and Yahoo said that spam mail is about 50% of all the traffic they handle with hotmail, msn and yahoo.

 

I can only imagine what troubles one of my customers is having with 80 thousands emails per second that they handle, second in, second out.