Well, What Have We Here?
By Ken Magill
Woah! Now wait just a minute! According to a just-released study by Cisco, traditional mass-email spam dropped in volume a whopping 86 percent in one year from 300 billion messages a day in June 2010 to 40 billion a day last month.
Wow. What the heck happened?
Wait a minute, I know! It must be that new anti-spam law they passed in Canada. Remember? C-28 was going to kick spammers’ asses!
How? Well, it requires permission so it was going to make email scammers who are breaking, oh, like 42 gazillion laws already finally toe the line. I get goose bumps just thinking about it. Watch: “C-28.” See? Look at my forearms. The hair on them is standing straight up. [shiver.]
What? What was that? C-28 doesn’t go into effect until September?
Oh. Well, that doesn’t explain the massive recent drop in spam now, does it?
Well, something must be responsible for the drop. Hey, I know! The U.S. Congress must have amended the stupid Can-Spam Act to be permission based, right? Yeah, that has to be it.
Remember when that idiotic law was passed? Anti-spammers predicted that companies that previously didn’t send unsolicited email would start and the floodgates would open.
Remember the formula? If someone got one message a month from just 1 percent of the 22.4 million businesses in America, the average inbox would get 7,359 commercial emails per day, anti-spammers claimed.
Man, that was one scary prospect. But wait. It never happened, did it? Phew! So what did happen?
What? What was that? The Can-Spam Act has been responsible for more jail time and multi-million-dollar judgments than every single other anti-spam law in the world? Really? Well, I’ll be.
Oh, and there’s this: According to an article by Robert McMillan on InfoWorld.com, “U.S.-based spammers have all but disappeared, scared off by prison sentences handed down to the likes of [Robert] Soloway under the 2004 Can Spam Act.”
There’s no way the Can-Spam Act I know could possibly have such an affect. Congress has to have changed it, right?
Well then, what was it? Why has spam dropped so much in the last year?
For the answer, let’s turn to an expert. In McMillan’s piece on the recent decline in spam, he quotes notorious ex-convict spammer Soloway as saying that even before he was arrested in 2004, spam was a losing proposition.
“His [Soloway’s] problem? Spam filters had become too good,” McMillan wrote. “In 1997 Soloway was making his $20,000 a day with just one Earthlink account and a single mail server. Ten years later, he had hundreds, perhaps thousands of accounts, computers and Internet domains which he used to play an increasingly complex game of cat-and-mouse with the anti-spam crusaders trying to shut him down. When he finally stopped, he was making just $20 per day. ‘That should tell you how effective the anti-spam community has become,’ he said.’”
Is he serious? Continuous technological improvements have led to a drop in spam? No way. No. Friggin’. Way.
No one could have predicted that. No one.
Wait a minute. Come to think of it, someone did predict spam filtering improvements were the best bet in battling spam. Now, who was it? The name escapes me.
Hmmmm. Tap, tap, tap.
The name is on the tip of my tongue. Who was it? Who … was it?
Hey! Wait a minute. I know who it was! It was me! And I made the prediction in 2005!
“[T]here is every reason to believe that technology will soon become even more effective at blocking spam,” I wrote. “As e-mail senders increasingly authenticate their messages, it theoretically will become easier for e-mailbox providers to identify senders that tend to be ‘spammy’ and treat mail from their servers accordingly.
“Imagine that: The private sector, driven by profits, developing more-effective anti-spam solutions than legislators ever could without killing the medium’s commercial viability.”
Okay, so maybe authentication isn’t the main reason spam filters have become so effective, but man, when I’m not blacked out on the floor soiling myself, I can be a pretty smart guy.
To be fair, criminal spammers have not gone away. They’ve simply shifted their tactics to more targeted attacks. Also, credit needs to be given here to the security and law-enforcement professionals involved in some serious botnet takedowns in the past year.
But the point is spam volumes have dropped more than 80 percent with an opt-out based Can Spam Act and no Canadian anti-spam law in effect.
The Can Spam Act is working just fine. New legislation in Canada will affect only law abiding companies—by definition, not the problem. The problem spammers are already breaking and will continue to break dozens of laws.
One of the hardest but most important debating lessons one can learn is the moment one knows he or she is wrong, the smartest thing to do is admit it immediately.
Admitting having taken a wrong position shows integrity while utterly disarming an opponent.
Many in the anti-spam camp have been saying for years that opt-in-based legislation is a must to combat spam.
They are wrong. They should admit it.
Hear that breathing noise? That’s me not holding my breath.