So I receive very little spam generally. In fact, most of my spam are from suppliers that don’t seem to be able to differentiate between “I want to receive your emails regarding quotes and invoices and stock availability on orders but I don’t want to know about your specials twice a day.”, so on the odd occasion that I receive real SPAM, I’m pissed. Very pissed.
Heads up: This is probably going to be more of a rant than anything else really.
Firstly, with SPAM I don’t mean the general viagra indiscriminant junk. I can’t recall when last I saw that junk cross my inbox. What I’m referring to is the specially targeted type junk where the spammer wants you to know exactly who he is. The type of spammer that generally doesn’t understand that what he does is imoral (Ok, morality is in the eye of the beholder), so lets work with the ISPA standards: http://www.ispa.org.za/spam/index.shtml.
It basically says that all unsolicited bulk email is spam, with two exceptions: 1. you requested it, and 2. it’s from someone you know and would expect (eg, my suppliers can probably get away with what they’re doing), in summary (from their site):
In essence, ISPA believes that consumers should only receive bulk mail that they have requested and/or consented to receive and/or which they would expect to receive as a result of an existing relationship.
I agree with this, and generally in both the exceptions I can request to be removed without fear of retaliation. Unfortunately the LAW does not agree with this statement (You can reference the ECT act: http://www.acts.co.za/electr_comm/index.htm – however, it seems the 2005 version no longer addresses the issue of spam), it only requires that a working unsubscribe be made available (nothing prevents the spammer from re-subscribing you at a later stage, as well as be able to inform you where your details came from (we did a crawl of the internet …). So the law in this instance is less than useful.
So what can be done about the situation if anything? Not much I’m afraid. I continuously insist (sometimes in rather colourful language) that I be provided with exact details of how I got described, as well as when, and if (usually more like when) I don’t get any response I blacklist both the IPs of the mail servers they use, as well as the domain (of course I state in the mail to these shits that I’m going to). I usually also notify the ISP owning the network block (sometimes threatening to blacklist their entire block if they don’t act) as well as the blokes that registered the domain. Does this help? No, but it makes me feel better.
What else can be done? The official procedure is to go file a charge at the local police station. Unfortunately, this about as useful as trying to punch a hole in a brick wall with your bare hands (afaik NO ONE has ever been prosecuted). Not to mention that a corporate can’t file the charge, it HAS TO BE THE END CONSUMER (which eliminates companies from filing charges as I understand it), ie, an individual.
No, at the moment I fear our best (most effective at least) action is to blacklist the bastards. Unfortunately that isn’t exactly legal either. Fortunately half the bullies does something wrong with respect to one of the myriad of email RFCs and I can block their mail based on that as a “measure to protect my clients from malicious email”. Yes, even an incorrectly placed comma in a header and I can filter it out as “potentially dangerous content”. Even something like making a callout for “postmaster@spammerdomain” (or abuse) that fails means the domain isn’t RFC compliant and I can block them on those grounds (don’t ask).
Fortunately (and unfortunately), blacklisting them at the size I am it’s but a drop in the ocean, so it’s not worth it for them to make an issue (The likes of SAIX and Internet Solutions probably won’t get away with this).
The real question is “how can we make them bleed?”, make them pay (monetary pay, ie, where it hurts them most) for wasting hours and hours of work time, causing mail admins headaches and generally being dumb shits.