Spam Solutions

eCourses - Certifications - Resources - Career Center - News - Online Directory - eMarketing Events - Article of the Week

eMA's Position on Spam.PDF

FTC CHANGES CAN SPAM ACT – RELEASE HERE / FULL DOCUMENT HERE

Read the full CAN-SPAM Act of 2003.PDF

Read the full CAN-SPAM ACT of 2003 (text version)

Take the CAN SPAM Quiz

The CAN-SPAM Act of 2003 - Overview:

The legislation provides criminal penalties for violations. The Act requires unsolicited commercial email to be labeled, and include opt out instructions and the senders actual street address. The law prohibits the use of deceptive subject lines and the use of false headers in messages. The FTC is allowed to establish a "do-not-email registry similar to the "do-not-call" registry. The FTC is not required by the bill to set up such a system, but it is given authority to do so.

All state laws on Spam are pre-empted, although provisions that address falsity and deception would remain.

The CAN-SPAM Act was approved by the Senate in late November 2003, and by the House on December 8th. It's been signed by President Bush and went into effect January 1, 2004.

White Paper on Spam.PDF

FTC Consumer Guide to Stopping Spam.PDF

Types of Spam Marketing.PDF

SPAM SOLUTIONS

Spam Defined:

Spam has three features:

1. It is unsolicited 2. It is commercial 3. It is email

Otherwise, it is not spam.

Commercial eMail types:

1. Solicited commercial email that we do want 2. Solicited commercial email that we don't want 3. Unsolicited commercial email (spam)

We think that we have to specifically and directly ask for commercial email to be sent to us for it to be legally considered "solicited" and that everything else is spam. Half the states in the Union have no restrictions on unsolicited commercial email and those that do, have established that email is "solicited" if there is a preexisting business or personal relationship between the initiator of the commercial email and the recipient.

Reclassifying what is currently "solicited" or "opt in" or "preexisting business relationship" as "spam" however, will not solve our problem. It might make us feel better but it won't fix anything. A certain amount of what we often regard as "spam" might be unwanted, but it's not spam. Unwanted commercial email is a problem, but it's not the same problem that spam is.

Roughly 50 percent of all e-mail traffic in the United States is spam, up from 8 percent in late 2001 and nearly doubling in the past six months, according to Brightmail Inc., a major vendor of anti-spam software.

About 40 percent of U.S. Postal Service mail is business marketing.

This onslaught of spam-trash, can, and is affecting response rates for legitimate marketers. Nevertheless, there are ways you can counter this problem:

1. Don't purchase anything from spammers (the fact that they have to send out millions of email is an indication of how desperate they are for sales), it is possible you won't get what you order from them anyway, or have other problems.

2. Use one of the solutions we recommend below. However if you are using a content based filter, be sure to remain conservative in your approach to banned words. Many legitimate emails are erroneously blocked when over aggressive content filters are used. You don't want to throw out the baby with the bathwater.

3. Follow these basic rules for handling email:

a. don't respond to emails asking for any of the following:

• Your password and email address combination
• Credit Card Numbers
• Bank account numbers
• Social security numbers
• First and Last Names
• Address
• Mother's maiden name etc.

Entering this information on encrypted and secure server (look for the little locked padlock in the lower right hand of your screen to determine if it is secure) is reasonably safe.

b. Never open attachment unless you are very sure of the sender (and even in those cases the sender may be forwarding a virus unwittingly). Attachments should be handled with extreme caution. Most computer virus are spread via email attachments or live links.

4. Relax. It's only email. Don't respond to spammers with your opinion. Don't validate your email by opting out. Just use one of the solutions below, or if your spam problem is a minor one, just use your delete key. You will just waste your time by trying to get off of all lists.

5. If you are an eMarketer don't ever buy a list that is delivered to you. It will be a spam list regardless of what the list owner represents. Legitimate email list brokers always send your email for you and control the email addresses on their lists. They never transfer them to buyer. Once they did that the buyer could resell the list to anyone.

6. If you are an eMarketer don't send out unsolicited email. Don't use harvesters or other spamming software to acquire names. Put a newsletter or mailing list sign up on your site and get your recipients permission to send email to them. Sending spam makes you and your company look desperate, and irresponsible. That is not an image that you want for you or your company.

7. As a marketer don't underestimate the problem. Ok, so you can handle 50 or 100 or even 200 spam emails a day. But what would happen if you were receiving 1000 or 10,000 or a million a day? It would effectively shut down the channel. That is why the eMarketing Association is working with anti-spam solution developers to improve and refine the technological methods of dealing with spam. We believe that what technology has created it can also control. By using one of the solutions below you are taking an important step in maintaining the integrity of your email.

---

FTC Chairman Calls Spam "One of the Most Daunting Consumer Protection Problems FTC Has Ever Faced"

Addressing business executives and government officials at the Aspen Summit in Aspen, Colorado, Federal Trade Commission Chairman Timothy J. Muris today explained how competition, consumer protection, and the FTC fit into the American economy. Specifically, Muris focused on the challenges posed by spam and the roles of the government, marketers, and Internet Service Providers (ISPs) in combating this "daunting" consumer protection problem.

Muris stressed that, like competition policy, consumer protection policy plays a vital role in supporting markets. According to Muris, the Commission's consumer protection program has had numerous successes, yet currently faces its most significant test in addressing spam. Muris explained that legislation alone would do little or nothing to halt the growing flood of spam. Because the Internet allows spammers anonymity, and because spammers can send thousands of e-mails per day at essentially no cost, he stated that few would have the incentive to stop sending unsolicited e-mails in spite of new laws.

"No one should expect any new law to make a substantial difference by itself," Muris said. He outlined three important elements that he believes must be incorporated in order to create effective legislation. First, the legislation must address how to locate and prosecute spammers. "Our experience, and that of the few states that have tried to punish spammers, is that it can take months of investigation, and sometimes a dozen or more subpoenas, simply to locate a spammer," Muris said, indicating that technology could most effectively address this issue.

Second, Muris stated that legislation must adequately address spammers' punishments. Muris explained that, as with any consumer protection action, the FTC can freeze spammers' assets and seek consumer redress. In most cases, however, spammers have limited assets. "Our authority thus already entitles us to more money than many of the spammers have," Muris said. "Authority to get civil penalties will not make a dramatic difference." He also noted that when defendants have no assets, or when civil penalties do not provide enough incentive to stop spammers from violating the law, consumers will be protected only if criminal action is taken. Muris stressed that criminal authority must be clarified.

According to Muris, some proposed legislation could actually make it more difficult to prosecute problematic spam. He cited one bill that would make suing a spammer more complicated than the current process under the FTC Act, and other proposed bills that would require federal prosecutors to prove that a spammer falsified his identity in 10,000 different e-mails to bring a felony charge. "As the Department of Justice has noted in testimony, such proof simply will often be impracticable," Muris said.

Muris addressed the idea of creating a "Do Not Spam" registry modeled after the FTC's recently launched National Do Not Call Registry. If such a list were established, Muris said, "My advice to consumers would be: don't waste the time and effort to sign up." He explained that "we are sure the National Do Not Call Registry will reduce calls significantly." By contrast, a "Do Not Spam" registry would be ineffective because spammers can constantly create new e-mail addresses and identities, and because it costs virtually nothing for a spammer to clog consumers' inboxes. "Instead, recipients and Internet Service Providers bear most of the costs." Muris said.

Muris said that "eventually, the spam problem will be reduced, if at all, through technological innovations," including improved ISP spam filters and the integration of anti-spam technology into the e-mail services ISPs provide for consumers. Until these capabilities become available, Muris said, "the ISPs need to empower consumers by providing the means to deal with spam more easily." On the whole, Muris concluded that "legislation cannot do much to solve the spam problem, because it can only make a limited contribution to the crucial problems of anonymity and cost shifting."

Muris stressed that the FTC would continue to investigate and prosecute deceptive spam, as well as the deceptive and unfair use of e-mail technology. The FTC's work to combat spam includes cooperation with federal, state, and local law enforcement agencies in the Spam Task Force, consumer and business education and outreach, and continued collaboration with government, ISPs, marketers, and technologists, following the widely-attended FTC Spam Forum.

Muris called the e-commerce initiative "an example of the Commission using its institutional strengths to support competitive markets and the common law as they adapt to technological change." He explained that while the Internet has increased the availability of goods and services to consumers, some state laws inhibit competition by requiring online vendors to maintain a physical office in their state or by prohibiting completely online sales or shipments of certain products, including wine, contact lenses, and caskets. Muris stressed that the FTC is working vigilantly to keep costs low and prevent any suppression of Internet commerce.

---

The eMarketing Association has tested and recommends the following solution for the rising onslaught of unwanted email:

SPAM KILLER BY MCAFFEE

SpamKiller is THE Leading Anti-Spam Product for Consumers and Small Businesses.

Get the email you want and nothing else. McAfee SpamKiller quickly and easily helps you stop spam from polluting your inbox with advanced rule-based and list based filtering. Now works with MSN/Hotmail.

http://www.mcafee.com/myapps/msk/default.asp

There are four types of SPAM

1. Pure-garbage spam (illegal schemes, invalid senders)
2. Chain letters, and hoaxes
3. Honest people trying to make a living ("junk mail")
4. Occupational spam from colleagues

Most Spam solutions will deal somewhat effectively with all four types. Here are the methods that most Spam solutions use:

1. content-based filters - This is the most common method of dealing with Spam. A software program uses an algorithm to determine if incoming mail is spam. The formula for making that determination varies by product but all of them use keywords in the analysis. email that contains words such as Viagra, sale, winner etc., may be blocked or quarantined.

Example: http://www.mcafee.com/myapps/msk/default.asp

2. White List - These programs work on the approved address method. They scan your sent items folders, and your address book to determine who you have sent mail to and assume that those addressee are approved or "white", then they check incoming mail against that list.

Example: http://qurb.com/

3. Challenge response - This is a variation on the white list method. email from senders not on approved list receive a "challenge email" this ensures that automated email does not get through, nor does any email from senders not on your white list.

Example: http://about.mailblocks.com/

4. Disposable email addresses - Disposable email address services help you avoid spam by using aliases instead of your real address.

Example: http://www.emailias.com/

Defining actions
A good spam-control product should define actions to be taken, depending on which rules were tripped, such as:

1. Nonaccept
2. Return to sender
3. Forward a copy to the sender and ask for verification
4. Quarantine
5. Report egregious messages to a central reporting point

Spam Laws: www.spamlaws.PDF

The Top 10 trickiest spammer subject lines: (from http://www.out-law.com/ )

• RE: Information you asked for
• hey
• Check this out!
• Is this your email?
• Please resend the email
• RE: Your order
• Past due account
• Please verify your information
• Version update
• RE: 4th of July

If you would like your SPAM solution listed here contact Nicole Reed for more information on eMA testing and standards.

Submit your nightmare spam story to us and if selected we will publish it on these pages. Please use plain text for your message and no attachments. You can include a live link to your website if you wish.

Submit to: edwards@emarketingassociation.com