At 9:12 PM -0500 3/6/03, JC Dill is rumored to have typed:
A "disposable domain" is TRACEABLE, so we can nail the spammer, and with the increase in anti-spam laws, the cost gets higher as time goes on.
You _are_ kidding, right? I mean, c'mon...how many spammer domains have you done a whois on that have _any_ legitimate in them? Or haven't you actually _looked_ at any whois records lately? The good-old-days of actually requiring legit contact information is LONG gone.
This is venturing off from the topic of this list (managing mailing lists) into the topic of fighting spam. I suggest further anti-spam discussion move to an appropriate forum like spam-l. However, I'd like to address the specific topic of spam and managing lists.
The biggest problem with fighting spam is that most spammers send from an address that can not be clearly identified as belonging to them, and then they can claim that the sender is doing a Joe Job and that the spamvertized site/company/service wasn't the bad person who sent the spam.
With the case of a spammer *confirming to a mailing list* and subsequently spamming, the possibility that the email address that sent the spam isn't the email address of the person who confirmed drops to almost zero (allowing for rare cases of email interception). You HAVE the spammer, it's the person who gets email at that mail address, who confirmed the subscription request to the list.
Because of the confirmation loop, the address isn't a bogus address, it is a REAL address that is hosted somewhere. If it's not a freemail account - if it's an email account with a supposedly "disposable domain name" - then behind it somewhere, someone is paying the bills (for the domain name, but more importantly for the *hosting* of the domain name). FOLLOW THE MONEY. You can sue the host, and force the host to either accept responsibility for sending the spam, or pass the buck and disclose who is behind the account.
This isn't a perfect system, but it's a workable one.
In the specific case of spam sent to mailing lists: If you want to be able to sue someone who intentionally subscribes to and then spams your list, add a clause to your mailing list welcome message (or better yet, to the confirmation request), which clearly states that if they send spam to your list, they are agreeing to pay you for the damages this costs to your list and to your reputation. Put a $ figure on it. Now you have the equivelant of a EULA, they have agreed to this "license" as part of subscribing to your list. So even if they aren't in a jurrisdiction that has anti-spam laws, they have AGREED to your terms when subscribing to your list, and you have a valid case for a lawsuit.
Is this failsafe? Will it always win if this happens and you track down the spammer and sue? No. But IMHO it's better than nothing.
jc
