It's Just this Little Chromium Switch Here

Link: Dean for Texas (spam sample).

This is a case study in spam: how to handle a bad incident so that it doesn't damage your organization. Over the weekend, an overzealous volunteer with the Dean for Texas campaign spammed a batch of unsolicited email to publicize a Dallas rally.

The response was immediate and negative--much of it from within the campaign itself. The Dean campaign is known for its sophisticated use of the Internet. The tech-savvy volunteers in the Texas campaign let those responsible know that a bad mistake was made.

Within 24 hours the campaign acknowledged the error, issued an apology, and vowed to send email only to the people on their own lists.

This incident could have been a disaster. The Dean campaign has been reaching out to tech-savvy individuals, precisely the people most offended by an action such as this. I believe the campaign deserves a lot of credit for the way it handled what was an admitted mistake. I think the key things are: they listened to what people were saying, admitted a mistake, issued a public apology and took corrective action.

Errors, unfortunately, will happen. I think there is a lesson here on how to act when they do.

Link: Fooling Bayes (Joho the Blog)

David Weinburger is surprised a spam message got through his Bayesian filter and into his mailbox. I'm not.

New anti-spam methods can be very effective early on. But, like an evil deranged mutant virus, spammers adapt and attack. For instance, now that Spamassassin has become so popular, spammers have adapted to it. Spammers will test messages prior to sending, and tweak them to get by the filters.

This is easy to do with rule-based filtering such as Spamassassin. The rules are fixed. You simply push a message through, see what things cause negative points and adjust accordingly.

This is tougher for Bayesian filters, which are adaptive. The filter actually trains to your spam (and non-spam--sometimes called ham) stream. Unfortunately, I fear even this system can be gamed. Spammers can train their own Bayesian filters and use them to develop a vocabulary that avoids spam classification.

That's why I think people who believe filtering is a silver bullet solution are being naive. Doesn't mean you shouldn't use filtering technologies--I certainly do. Just means you shouldn't think they will vanquish the spam problem.

Remember, spam has nothing to do with content. It's about permission and delivery. Content filtering may exploit some weak heuristics that may identify spam, but ultimately cannot be depended upon as the solution.

Last week, registration was opened for the national "Do Not Call" list. The list has been flooded with requests, with nearly three-quarters of a million phone numbers registered in the first day. This outpouring highlights two facts. First, Americans are fed up with intrusive telemarketing. Second, the spam solution being touted by the junk mail lobby and big Internet providers (like Microsoft and AOL) is a crock.

For years, Americans have been growing steadily angrier about telemarketing. Congress has been grappling with the problem for over a decade. Back in 1991, the Telecommunications Privacy Act of 1991 (TCPA) was introduced to solve the telemarketing problem. It gives you the right to opt-out from telephone solicitations. If a telemarketer contacts you, you can say the magic words, "Add me to your Do Not Call list." Telemarketers are required to maintain such a list, add you on request, and not call you again once listed.

Clearly, opt-out is a failure. If it worked, then TCPA would have solved the telemarketing problem and the national Do Not Call list would be unnecessary. The problem is that you can get added to a telemarketer's private Do Not Call list, but there are three more ready to take their place. Opt-out simply doesn't work for a problem of this scale.

Yet, this is exactly the solution that the big Internet providers are pushing. AOL and Microsoft want to make spam legal, but mandate a right to opt-out. This approach has been proven a failure for telemarketing. It won't work for junk email either. You'll be sending hundreds of Do Not Email requests every day. Every time one spammer drops your email address, a dozen more will pick it up. Opt-out will be a total debacle.

What's worse, right now junk email lives in that grey zone between right and wrong. Most people think it's wrong even if it isn't against the law. So, most email services prohibit spamming from their network. If opt-out becomes the law, then spam becomes legitimized and it moves out of the grey zone. Internet service provider will be hard pressed to keep spammers off their network. If you think the problem is bad now, just wait until Congress legalizes spam.

Do we really need to repeat the failures of the last decade? Opt-out was an unmitigated failure for telemarketing. It won't work any better for junk email. It will be a disaster if Congress legalizes spam and mandates opt-out.

Link: "Spammer" Protests Innocence.

Houston....errr, London...we have a problem. You know all those lawsuits Microsoft has been filing against spammers? Well, it looks like Microsoft may have snared an innocent in its trap.

Simon Grainger has been targeted by Microsoft, but he says he's no spammer. Steve Linford of the Spamhaus Project is quoted in the article saying they saw spam from the domain back last year, but it ceased before Simon acquired it.

Earlier today, Microsoft released a statement on the matter:

We understand that Mr Simon Grainger, against whom proceedings were brought by Microsoft last week is protesting his innocence, claiming that he is the victim of mistaken identify or third-party interference with his systems. Whilst at this stage we have not received a formal indication of a substantive defence on behalf of Mr. Grainger, we wish to impress that the proceedings last week were instituted against a background of misuse of a domain name registered in Mr. Grainger's name. In the event that there is persuasive evidence supporting Mr. Grainger's assertions, we would be very happy to consider it and team up with Mr. Grainger to discover the true identity of the perpetrators of the misuse complained of which may have left as its victims, Microsoft and its customers as well as Mr. Grainger. Until then, it would not be appropriate for us to comment about a legal matter which is the subject of court proceedings. Though we can't comment further on the individual court case, Microsoft is committed to addressing the spam problem on behalf of all consumers.

This really roasts my nuts. The complete lack of compassion for what may be a horrendous error is mind-boggling. Sure, the matter needs to be clarified before they drop charges, but couldn't the arrogant bastards at least have shown a little concern?

Gawwd ... I hate frickin' lawyers. (Well...most of them...)