DMA to Control Spam by DMA Members

SiliconLawyer writes: "The Direct Marketing Association, the major U.S. tradegroup for companies using direct marketing techniques, will reportedly issue guidelines for how its members may and may not use e-mail as a marketing tool. Hopefully, this will influence other marketers toward more responsible use of e-mail. Details are on CNET here."

Ya right

This has to be a hoax. Next thing I know you'll be posting a story about how Microsoft is going to "specialize in computer security".

Har de har har.

DMA not really the problem...

Most of the spam you get isn't from the established businesses that would be members of the DMA. It's mostly from trailer trash. So this isn't really a big deal.

Re:DMA not really the problem...

I would like to think so, but they've been proven liars in the past.

Several years ago, when Canter & Segal (the "green card lawyers" who broke the ice for spammers) were abusing the internet, the DMA announced that they would be creating a "global opt out list". Supposedly, you'd add your address to the list, and no DMA member would ever spam you.

Except it didn't work. Many people at news.admin.net-abuse.email decided to test this list. They created virgin e-mail accounts and submitted the addresses to the DMA opt-out list. Within hours, the accounts were spammed. Since the addresses were never used anywhere other than the DMA list, it became obvious that either the DMA was spamming from that list, or they were making it available to spammers.

If they think I'm going to trust them this time around, they're crazy.

Fool me once, shame on you. Fool me twice, shame on me.

oh..kay

Maybe I'm in the distinct minority, but most of my SPAM doesn't come from any real reputable marketing firm. Email sent from a company that uses forged headers so I don't know who they are doesn't seem very likely to be an upstanding member of the Direct Marketing Association. It's like saying "Look, we've outlawed guns, now criminals won't shoot people"... but that's a whole other can of worms.

Re:Yeah Right

Their "do not call" lists might be scams, but the state government Do Not Call Registry does work. I'm on the NY one and if a telemarketer calls we simply inform them that we're on the registry and they'll be fined $2,000 if they ever call back. Sure there are loopholes (anyplace you've ever done business with can call you), but it's better than nothing. You'd be surprised how quickly some telemarketers react when they hear "...on the Do Not Call Registry..." :-)

DMA members aren't the real problem...

... low-life spammers that send stuff like "Make Money Fast", "enlarge your penis", "cable descrambler", "Here is my resumé. Yours truly, Bernie shifman", "25,000,000 e-mail addresses here", "Help me get this ridiculess amount of money off Nigeria", etcetera are.

DMA member Amazon.com said such rules are already in practice at the online retailer. Amazon spokeswoman Patty Smith said the company gives customers a myriad of choices related to receiving company communications.

"It sounds like we currently comply with all these rules already," she said.

Generally speaking, I bet most DMA members already have an acceptable spam policy - that, or a policy that needs only minor tweaking to make it policy-compliant.

Marketing People: Spam Works

I recently spent a few weeks trying to persuade my company's marketing bimbo that no, we could not send unsolicited emails to potential customers.

I used the simple expedient of repeating the reasons against spam over and over again until they began to sink in. I even threatened legal action... ie: I told them that people were starting to successfully prosecute spammers for big money.

Even than, I had to answer the question... "Why would this be illegal? I get this kind of thing all the time."

The sad thing was, until I finally convinced the executive VP to bring the hammer down on the project, I was forced to compose graphical HTML-ized spam emails. Thank god they never saw the light of day.

Re:Marketing People: Spam Works

> > The sad thing was, until I finally convinced the executive VP to bring the hammer down on the project, I was forced to compose graphical HTML-ized spam emails.
>
> I hope you were at least considering putting some obvious, easily-recognized string in, say, subject, so that most people's existing filters would trash the SPAM immediately. :)

You mean like <HTML>? ;-)

Actually, I think I know what happened to the bimbo in question. Or a clone of her, by the name of Laura "Boy, am I ever gonna have to eat some" Crow. She works at Earthpink. I got a pile of spam from her this morning.

I know it's from Laura, because her spam has her name in the comments as the document's creator, and I know Laura's somewhat bimbo-like because the spam had a bunch of IMG SRC tags pointing to "D:\11 12 01 Laura Crow\New Emails\CidcoEmail_FINALJAN_020121_files\t(1).gif"

Way to go, Laura Crow! Ur 733t HTML h4x0ring sk1llz r so 733t, u h0t b@b3!

A little Googling has revealed that I'm not the only one getting Laura's spam [google.com].

1) Spammers lie.
2) If you think a spammer's telling the truth, see Rule #1.
3) Spammers are stupid.

Rule #3 in action again.

But if you want a glimpse at the future the DMA proposes for "opt-out", look for the opt-out link in Laura's spam:

It's a Mailto: tag to "mailto:opt-out@earthlink.net?subject=Opt-out_Cidc o012202"

It doesn't opt you out of all Earthpink-generated spam. Only Laura's Cidco spam. When Earthpink wants to spam you again for another company, or even when Earthpink wants to send the next Cidco spam (hopefully coded by someone who knows how to make web bugs work, unlike our dear Laura) it'll be a different list, and a different Subject: in the opt-out request.

Doesn't that make you feel all pink and squishy inside?

Won't work!

First, they don't allow the removal of a domain.

Second, who trusts the removal links?

Third, what prevents me from grabbing the removal database and using as a verified sucker database?

What would work is that DMA provides an email service that allows a member to submit a list and email to send to them, then they will test the address and if it is ok, then send it.

Spam control

Two ideas for handling spammers, inspired by User Friendly:
1. Next time you get a "501 compliant spam" that starts off with something like "This is not unsolicited bulk e-mail. Buy me.", flood their server with messages stating "This is not a denial of service attack."

2. The following poem seems to work well:
I got your mail and wrote you back
just so that you'd have no doubt
that if you spam me ever again
your router shall cease to route

Preview of the guidelines...

I can just see those guidelines now:

• When indiscriminately sending unsolicited email, please be sure to spoof the mail headers so the mail can't be traced back to you.
• When mail-bombing the hotmail.com domain, please refrain from sending mail to billgates@hotmail.com or your software liscences may suddenly expire.
• Please pre-pend the subject lines of all unsolicited email with the ADV: prefix...(uncontrolable laughter ensues)
• When providing a fake "remove" link in an email, be sure that the address doesn't implicate your company or the DMA. remove262@yahoo.com usually works best.
• When marketing to a technically-inclined demographic, refrain from inserting the phrase "ALL YOUR PRIVACY ARE BELONG TO US" in the email. It's not only distatsteful, it's downright cliche [wired.com].

It is funny...

When I read this, I feel exactly the same as when Microsoft said they were going to focus more on security...

What do you think that means?

Bad News.

All that this will do is demonstrate to Congress that we don't need government regulation; that the private sector will take care of itself...

... the trouble is, in this case, the private solution will be pitifull; it is, after all, being proposed by a group which claims that their right to call me during dinner time to sell me a time share vacation EVERY NIGHT FOR ABOUT A MONTH is protected by the first ammendment...

Spam can be amusing...

I mean, my wife gets e-mails telling her to enlarge her penis and I get e-mail telling me to enlarge my breasts....

Why was this story posted?

What's the point? A rough guess that 99% of /. readers believe this will do nothing to stop spam. I'm sure reading the article, most of you already knew what the responses would be. So why was the story submitted in the first place?

Who is SiliconLawyer anyway? Well, well, well, wouldn't you know, he's selling something on his website.

They don't really care about the spam problem

The DMA will also require members that buy access to mailing lists--in which consumers have agreed to receive sales pitches from third parties--to check those names against an e-mail preference roster on its Web site. Addresses on this roster belong to consumers who have chosen not to receive any commercial e-mail.

So one of the ingenious ways they have of preventing spam is by posting a list of addresses on their website... anyone else see a problem with that? It is obvious to me that they don't really care about the spam problem, they just want to look like they are self-regulating so that congress doesn't interfere with their marketing plans.

Here's a good way to block lots of SPAM

Add the following to your sendmail.mc file:

FEATURE(dnsbl,`bl.spamcop.net')dnl
then run
m4 /etc/mail/sendmail.mc > /etc/sendmail.cf

Works for me...doesn't block it all, but it seems to help a great deal.

Not the trouble makers

The problem with this is that the majority of the spam mailers do not belong to the DMA. They don't need to follow the rules under this organization. The ones that do belong to this typically (I didn't say always) have an easy opt out policy. Secondly, the corporate spammers have an entity that could be potentially held liable for spam whereas the individual spammers can move and hide easily.

Hell, I LOVE Amazon.com "spam"

They only send me stuff I would want to see, I get it no more than maybe 1-2 times a week, and it often includes a $5 off coupon or something.

Most of my bad spam is for absolute random crap or porn, with the same old line on the bottom informing me that the reason I'm being informed about all these Internet Cum Sluts is because I specificly requested to be spamed on their site or one of their partner's sites.

Plus, the latest thing is dating the message 3-4 days back, so you have to scroll back on your inbox to read/erase the spam. It stops the instant deletes by hiding it.

So what

A DMA representative said the organization plans to announce the new rules governing commercial e-mail next week. The trade group, one of the largest in the United States with 5,000 members, includes such retailers as Amazon.com, Land's End and Eddie Bauer.

So what? Now Amazon and others will be able to send us email and claim they are within the guidelines set forth by the DMA. These guidelines are nothing more than a mechanism to allow them to legitimize their spamming operations.

Here's an idea

How about not making it illegal to spam but make them buy a "license" to spam, and renew it every year... something like $100/yr even would weed out alot of the real clowns, but it wouldn't be so prohibitive as violating their rights.

OK, it's just an spur of the moment thought, so take it easy on me.

This is not enough anyway...

The only acceptable method for adding anyone to a mailing list is the double opt-in:

1. Until I ask to be added -- don't contact me.
2. When I ask -- presume it was not me and e-mail me a confirmation request.
3. Only, when such a request comes back affirmative can you add me.

DMA, which wants to spam you [mail-abuse.org], does not need to invent its own guidelines. They are already there [mail-abuse.org] -- by people, who know more about the Internet and e-mail, than, perhaps, the entire DMA put together...

RFC3098 - How to Advertise Responsibly

This might be of interest:
RFC-3098 How to Advertise Responsibly Using E-Mail and Newsgroup [rfc-editor.org]