I was reading Mickey Chandler’s Spamtacular today, and one of the comments to the post by a gentleman by the name of Tom Caldwell, self-proclaimed former spammer, caught my attention. I have edited out the self-promotional bits of the comment, but he says:

The more important question here is what have any anti-spam product or technology leaders done to lower spam levels or drive spammers away. […] Being a former spammer and having driven spam levels down with our IP and URL reputation products (cut off the sending/money spammers need to survive), I see no support in the industry for this because high spam levels are justifying the sale of additional appliances, hosted SaaS services,

This makes no sense. ISPs are laying people off right and left. The premise of allowing spam to flow just to justify the purchase of expensive new toys is nonsense. It takes money to buy additional appliances to handle the overhead of unwanted email. ISPs don’t *have* that money. Mickey’s original post was all about the reasons why email is sometimes delayed. One of those reasons is the lack of sufficient resources to handle the flow. Why are those resources lacking? NO MONEY. There’s a major economic crisis going on, or hasn’t he noticed?

…and of course the back-end loss management to handle missed malicious messages and time spent sorting through pending authorization quarantines.

I have no idea what this means. Does anyone else know? Perhaps something to do with leveraging market synergies?

Technology is supposed to make our life easier and more secure, so why are all the approaches doing nothing to ‘spammers’?

I’m uncertain where the idea came from that “all the approaches involve doing nothing to spammers”, but then again I’m also uncertain what that assertion actually means. Several spammers have been sued, fined, and jailed. It hasn’t really done much to slow the spam industry down, that I’ve noticed. One notable “high volume email deployer” who likens his services to something like “a garbage truck, only in reverse” has been successfully sued to the tune of millions, a number of times, and he’s still in business.

The real spam gangs are exactly that – major criminal enterprises, often international, which requires multinational LEO cooperation, which is very hard to organize…and the very specialized know-how and tech required to track these gangs isn’t cheap.

It takes a non-trivial amount of money to build a legal case, it takes money to prosecute such a case. The various governments (who don’t have any money either!) don’t really care about bloodless crimes that have no individual victims – they’re more interested in actual crimes, like identity and information theft and terrorism – so the spam problem is pretty much up to the ISPs, and most ISPs dont *have* that kind of money. There’s a major economic crisis going on, or hasn’t he noticed?

By combining 100 percent guaranteed organization shut downs with non-probability blocking, e-forensics, and law enforcement spammers can be taken down. […] but why hasn’t a deterrent or source fix of the problem approach been spread, rather than the self-justified fighting of the growing problems symptoms?

I have been trying to puzzle out what “non-probability blocking” means, but I cannot imagine. I’m also not sure what the “source fix” of the problem might be, since every ISP I know is doing their level best to reduce the influx of unwanted mail. The big ISPs have their own homegrown systems that are constantly being tested, expanded, and refined. They use reputation systems, content blocking, spam signatures, customer feedback, and quite a few other methods. The smaller ISPs use reputable third-party reputation and anti-spam systems, which are also constantly being updated, expanded and refined. Why? Because it costs a lot of money to transport the volume of unwanted mail, and it costs ISPs in terms of losing users who get fed up with the amount of spam delivered to them…which translates into lost dollars. These are both significant issues because the ISPs have no extra money, and there’s a major….say it with me now, Dear Reader: “economic crisis going on, or hasn’t he noticed?”

It appears to me that anti-spam and e-mail is almost a racket. I challenge responses to refute what I’ve proven since it has and can be performed, to dozens or hundreds of spam gangs. We have statistics, testimony, and e-forensic evidence to prove so.

Yup. So do we. What we haven’t collectively got is the actual resources. My own personal magic wand ran out of fairy dust several years ago. If someone out there would like to donate the gazllion dollars that would be required to implement the solution suggested above, please let the Barrys know. We’d be delighted to have it.

In summary: it’s clearly a racket! That explains why I spend about 10-12 hours a day doing absolutely nothing about the spam problem, and that would also explain why all of the anti-spam programming teams spend their whole working lives playing foosball in the breakroom…..right?

Oy, vey.