I came across this article from Info world entitled: Researchers: Take anti-spam fight to the Web and I've finally stopped laughing.
Someone has gotten a clue about how to win this war without taking the entire internet down with it.
I have to ask, are anti-spam researchers all clueless? I hate to start off with such a inflammatory comment, but really. Remember Blue Frog? How pathetic was that! I was fine with the fact that their 'solution' ended up DDoSing their site, but when the hackers scooped the domain because this company was negligent with their abilities they affected hundreds if not thousands of innocent users who thought their product was some solution. Well they were very VERY wrong.
Today, someone has discovered that 'if we seek to take down the web sites rather than the mail servers we could actually make a dent in spam'. WOW....it's taken how many years for 'researchers' to figure this out? Unbelievable. In law enforcement this has always been the approach is to determine where the money is going and stop it at the end. Not to say this has been terribly effective since multi-jurisdictional rules, laws, etc. have hampered most efforts it has been 'very' effective when not hampered by such things.
If we can decide to start getting registrars to pull domains that are hosting and/or harboring such web sites, then very quickly we affect their operations. My thoughts on this have been working to stop spammers using this methodology for nearly 7 years and it works well when it stays within a countries boundaries. Unfortunately, most others seek to deal with the spam itself, by trying to catch the spammer, rather than the web sites behind the money. This isn't rocket science, someone is using the spam to sell products/services. When that spam links to the web site your now on the money. The spammer and the email is useless now, it's probably a forged email with bogus details, but the LINKS are what have to be good. Sure they can relay, proxy, encrypt, obfuscate, etc. but it still results in a visit to a web site, and using some means a payment for products/services. Once this happens we can follow the money very exactly to the destination, and nail the recipient directly. Regardless of how legit this company is (I frankly couldn't care if it was Halliburton!) You shut down their domain. Now they have to deal with the spam whether or not they directly participated or not. They "are accountable for all funds ", according to most trade law, so these funds paid via spam can be held for criminal investigation. I'm sure even Halliburton would work diligently and positively to correct this and ensure that they are meeting regulatory requirements. I mean if Visa and Mastercard can refuse to honor payments to companies like allofmp3 because of their 'questionable' practises, whats stopping them from doing the EXACT same thing on spam-directed sales? Getting a clue, in my mind.
Ideally, what needs to be done is a international trade law (UN you paying attention here!?!?) that says any domain shown (not proven) to be profiting from spam activity will be shut down pending investigation, if proven then the domain will be permanently blacklisted for a period of 2 years. This will quickly eliminate evil domains from running rampant, allow the registrars to make more money (since the spammers will likely re-domain somewhere else). If the host or registrar is party to this, then they should be help criminally liable and charged under international law.
Unfortunately with the UN all gaga over CO2 emissions, I can't see this coming to light for another 5 years, but maybe since the anti-spam researchers have learned what nearly every forensic investigator has discovered years ago, perhaps we can see some light heading our way.
Now if we can do something about those stock emails...I have a great idea!
Comments (0)
James Friesen Net
http://jamesfriesen.net/article.php/20070809102122575