It's a start I suppose
However, why do I get the feeling that
(a) he'll only serve a fraction of that time; and
(b) he'll find a way to get around the probation restrictions?
The self-proclaimed "Spam King," Sanford Wallace, has been given a 30-month jail sentence, a fine of hundreds of thousands of dollars, and five years' probation. The 47 year old pled guilty back in August to sending more than a half-million spam messages through Facebook in violation of a court order that prevented him from …
What about penis pills? Refinancing? Russian brides? Canadian meds? DevOps?
They all go together as a bundle package. Usually.
If you get Number 3, you immediately need 2 and 1. Then, the moment 3 gets a green card she dumps you so you need 4. As far as 5 - that is scam providing the finance source for 1, 2, 3 and 4.
.. because that could lead to an assessment that he's not competent on his own and has to remain in care.
If he has pissed off someone with power (which is quite possible, given the volumes of spam he was responsible for), this could replace that short jail sentence with a much longer stay in a padded room on happy pills "for his own benefit". Without parole.
Ah, we can but hope.
"because that could lead to an assessment that he's not competent on his own and has to remain in care."
He's amply demonstarted that he's a recidivist offender. Some people I know who've dealt with him have described him as a pure sociopath with no real concept of consequences.
So with any luck, that assessment will happen.
E-mail spam is mostly a solved problem. The nice thing about TCP/IP is that the other end of the connection is known and you can maintain blacklists of spam-friendly networks. All that remains are compromised computers that rapidly come and go. Since mail is not quite real-time, an SMTP server can refuse to accept messages that are flagged by analysis. Newer mail servers don't have the messy bounce or greymail issues of post-processing.
Telephone spam is a different problem. A call receiver knows absolutely nothing about the caller. Gimmicks like Nomorobo were long ago defeated by using a random (or trusted) local phone number as the Caller ID. I don't hear stories of telcos getting huge fines for supporting illegal telemarketers so keeping Caller ID broken is all profit for them.
Well first of all, yes E-Mail Spam is a managable problem today, it's slowly going down.
Then knowing the end point of a TCP/IP connection is not of much use, if you find that it's the NAT router of some large ISP putting thousands of users behind a single NATed IP-Address.
Then there are 2 numbers which are transmitted with a modern telephone call. One is the "User provided" Number, which you are supposed to easily fake (e.g. if you use different providers for incoming and outgoing telephony) as well as the one your phone company sets for you. Unfortunately, you usually only see the user provided number, not the network asserted one.
> All that remains are compromised computers that rapidly come and go.
Not as short-term as you might think. There's persistent offenders and ISPs that fail to do anything. Also noting the great firewall of China stops precisely fck-all spam.
>> if you find that it's the NAT router of some large ISP
Again the ISPs failing to do anything because a regular (i.e. non-business line) user sending mail only needs port 25 to the ISP's relay and not outside that network and sending via an external server is already an old 'standard' on port 587 and authenticated (and not the ISPs problem).
And yet the vast majority of what I get (and I include failed attempts that 'spam stats ignore) is from non-business dynamic IPs and a large proportion of that is relay attempts and not actual spam to me, with frequent batches of 'auth login' attempts.
+/- disclaimer, anecdote != data :p
">> if you find that it's the NAT router of some large ISP"
"Again the ISPs failing to do anything because a regular (i.e. non-business line) user sending mail only needs port 25 to the ISP's relay and not outside that network and sending via an external server is already an old 'standard' on port 587 and authenticated (and not the ISPs problem)."
I have a problem with my hosting provider at the moment. A while ago, somebody used a SMTP server within their hosting environment to send spam. The issue was detected and dealt with.
However, BT have decided to block any email sent to a @btinternet.com address if it originates from a mails server at that hosting provider. Basically I'm now in the position that I've had to set up a Gmail account (looks slightly unprofessional) to allow me to email customers who use BT as their Internet/email provider.
I know that my hosting provider has been trying for months to get BT to lift this restriction, but nothing doing from BT.
> I know that my hosting provider has been trying for months to get BT to lift this restriction, but nothing doing from BT.
That's really crap on the part of BT there - of course if your hosting company has been trying to get this done but via email I think can see why there might not be much success there...
Perhaps horribly obvious (or not)- have you tried a direct approach, i.e. a letter from your company to BT (and/or their mail hosts, plus or minus needing a German translator)? People these days can often be surprised into acting when confronted with an actual papery letter which is harder to ignore than an email.
And I keep thinking a deliberate obstruction to legitimate communication is iffy in any case, particularly when it can be demonstrated that continued obstruction is unreasonable?
+/- disclaimer, barrack-room lawyers...
E-mail spam is mostly a solved problem
Really? I admire your optimism, but as long as there are bugs there will be proxies, and SPF and even DKIM are of no use whatsoever in that situation as the email is simply sent on behalf of the users that have been breached. In addition, blacklisting (like virus checking) tends to lag behind zero days, that's why they're called zero days in the first place..
Uh, no. Blacklists, tcp connection control, and many other now-mostly-antiquated anti-spam tactics are unable to stop all of it, and likely never will. This is based on managing billions of incoming messages over many yearsof different vendors, products and controls. The only assured outcome in this realm is the ever increasing expenditures to vendors that never stop all of it, and the dumbfooks who respond to the offers and keep it profitable for the spammers.
"Wallace, from Las Vegas but sentenced in San Jose, will also undergo a mental health evaluation"
I am seeing this more and more. The old Soviet Union thought you were crazy if you didn't like living this. It has been used for years as way to have child predators locked up long after there sentence is over. The public hasn't complained, "think of the Children", so now they are going to use it for other things.
Of course people like AC above think it is a great idea.
The guy has been proudly spamming since the 90s despite multiple convictions. He's obsessed with it. It would undoubtedly be a better use of taxpayer dollars to figure out why he's doing it and try to find a lasting solution (i.e. what is driving him to continue this destructive behavior) rather than spending endless time and money on chasing these prosecutions. I used to think he was an asshole, now he just seems sad. Unlike the AC, I'm not advocating locking him up and throwing away the key; I genuinely think he could use some help.
It would undoubtedly be a better use of taxpayer dollars to figure out why he's doing it
1 - it makes money, a LOT of money
2 - penalties don't come close to what he makes with it
3 - he doesn't get to pay consequential costs
4 - his customers never get challenged, let alone convicted so the market continues to exist
5 - waterboarding is only done to foreigners
Anything else I can help you with?
"4 - his customers never get challenged, let alone convicted so the market continues to exist"
Most spam law holds the hirer jointly and severally liable with the spammer. No sane (legitimate) outfit would hire Sanford and that's why most of what he's been pushing is flat out illegal fly-by-night stuff since the year dot.
"I am seeing this more and more. The old Soviet Union thought you were crazy if you didn't like living this. It has been used for years as way to have child predators locked up long after there sentence is over."
The boy does need mental help. Despite being banned from spamming, despite having to know that the authorities were keeping an eye on him, he:
1 created at least two fake IDs specifically to spam
2 he built a trap site specifically to reap email addresses
3 he deluged 27 million spams onto 550,000 addresses.
He certainly seems to have a problem. And he has to be stopped by outside forces, as he will not stop of his own accord.
It has been used for years as way to have child predators locked up long after there sentence is over.
Nice spin but it's far more likely said offenders were at risk to either harming themselves or others, hence being institutionalised.
" It has been used for years as way to have child predators locked up long after there sentence is over."
Western countries usually prefer to use "preventative detention" for such cases. It has the same effect without running the risk that some doctor might declare them safe enough to send into the bright wide world.
Right, well then he shouldn't have done something highly illegal, and then after getting caught and serving time; doing that highly illegal thing again. I actually think he should be banned for life from touching a computer at all at this point. I mean being caught once showed he was corrupt, getting caught again proved he is dumb.
Biting the hand that feeds IT © 1998–2020