The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Thursday, March 20, 2008

Comcast strikes back against E360

Some quick background: alleged spammer E360 has sued internet provider Comcast because of Comcast's refusal to deliver E360 spam to Comcast customers. See my March 4 entry for more information and Comcast's response.

This week, the other shoe dropped as Comcast has filed a countersuit against E360, David Linhardt, and many of its related companies (Maverick Direct Marketing, Bargain Depot, Northshore Hosting, etc.) for spamming, computer fraud, abuse of process and other violations. The full text of the lawsuit can be found at Spamsuite, and it's a doozy.

Some of the highlights:
  • Comcast states in no uncertain terms that E360 et al are spammers.
  • E360 fabricates opt-in records (¶29).
  • In 2006, Linhardt called Comcast and "fraudulently represented to a Comcast employee that all of the intended recipients of e360's email messages have opted-in to receive such messages" (¶34).
  • In 2007, Linhardt sent a letter claiming the same thing (Exhibit A).
  • Comcast offered to help them with their email practices but E360 refused, asserting that they would learn how to circumvent Comcast's filtering system through discovery (¶35)
  • After obtaining a court order preventing Spamhaus from listing them as spammers, E360 began marketing their "IP Protection Services" in which they would arrange for third-parties to be included in the court order for a fee (¶41-45, Exhibit B) [I've written about this elsewhere].
  • Virtumundo, a spammer, has purchased E360's IP Protection Services (¶46-48, Exhibit C)
  • E360 keeps filing, dropping, and re-filing lawsuits against spam-fighters. (¶49-50)
  • E360 filed its lawsuit against Comcast knowing it was without merit (¶76)
  • E360 filed the lawsuit in order to use the discovery process to learn how to circumvent Comcast's filtering system. (¶77)
Comcast asks that E360 be enjoined from sending spam, that E360 pay damages, that E360 return their illegal profits, and that E360 pay Comcast's legal costs.

What I find most interesting is Comcast's assertion in paragraph 76 that E360 filed this lawsuit in order to use the discovery process to learn how to circumvent Comcast's spam filters.

Ever since this lawsuit was filed by E360, I've been wondering what their motivation was, since they must have known they could never win. It seems that we now have at least part of the answer.

Labels: ,

Friday, March 14, 2008

Soloway pleads guilty

Spammer Robert Soloway, who was arrested in May of last year has pled guilty in U.S. District Court in Seattle. He's pled guilty to fraud, CAN-SPAM violations, and failure to file an income tax return. The feds dropped the charge of aggravated identity theft in a plea bargain. He faces up to 26 years total on the three charges. He will also have to forfeit roughly $10,000 in property and sit through a polygraph test on the issue of his other assets.



Sunday, March 09, 2008

Wikileaks calls for boycott of domain registrar eNom

In the aftermath of the shutdown of by a court order issued at the request of Swiss Bank Julius Baer, Wikileaks has called for the boycott of registrar eNom.

eNom is best known as the domain registrar that complied with the federal government's order to shut down a Spanish travel agency because it did business with Cuba — the agency was not under U.S. jurisdiction and so was hardly violating U.S. law, but their domain was registered in the United States, and that was good enough for the feds.

Although eNom's culpability in that incident is doubtful, since they were probably under orders from the federal government, their involvement in the shutdown of was not so innocent.

In a nutshell, bank Julius Baer was able to get a court order shutting down, but not, which was a mirror site not mentioned in the TRO. However, learning of the court order against, eNom apparently took it upon themselves to shutdown as well — without a court order of any kind.

Wikileaks made repeated requests — and then demands — to eNom asking them to identify who, if anybody, had told them to lock the registration, and what claims had been made. When eNom failed to answer, Wikileaks issued their call to boycott. Wikileaks accuses eNom, and their parent company Domain Media, Inc. , of a pattern of censorship and other unethical practices that goes beyond the shutdowns of and the Spanish travel agency.

Related link: CNET: Survey: Are domain registrars free-speech friendly?

Off-topic: I would be remiss if I didn't mention the apparent misogyny in the Wikileaks press release. The call for boycott gives the names and photographs of four people they seem to find particularly culpable, three men and one woman. With the men, Wikileaks used their full names and described their offenses against Wikileaks and the internet community as a whole. For the woman, they referred to her by first name only, and described only the way she met her husband. I found this strange, and a little disturbing.

Thursday, March 06, 2008

ComplaintRemover in the news again

In June of last year, I wrote about Bill Stanley's "ComplaintRemover" service which was slapped down by an Arizona judge. The idea behind the service was that if you were a business owner and you wanted negative customer feedback removed from the internet, you'd contract with ComplaintRemover who would then cajole, bully, or threaten the offending website into removing the unwanted comment. Their services even extended to making death threats.

Well, today's Consumerist has an article that shows that ComplaintRemover is still in business. They have an amusing chat transcript in which "Kelly" from ComplaintRemover assures a potential client that they can arrange to have LOLCats removed from the internet.

Tuesday, March 04, 2008

Comcast answer to E360

Spamsuite has published Comcast's response in the E360 vs Comcast lawsuit (in which E360 is suing Comcast for blocking E360's spam.) The document is a long, slow read, since the Comcast lawyers are being very careful to dot all their t's and cross all their i's. Either that, or they're being paid by the word. For the fun part, skip ahead to their Memorandum of law, below.

Allow me to summarize: most E360 allegations are facts about E360, for which Comcast says they don't have any first-hand information to form a belief and therefore deny.

E360 makes many allegations of harm they've suffered because of the spam blocking, and Comcast says they don't have any first-hand information to form a belief and therefore deny.

E360 quotes the law in several places, and Comcast admits that E360 is quoting the law. Except where E360 gets it wrong, in which case Comcast denies.

E360 claims they don't spam, and that they follow the rules. Comcast responds that because they get hundreds of thousands of emails to its subscribers, some of which are forged, and therefore they don't have any first-hand information to form a belief and therefore deny.

E360 claims that Comcast is deliberately and maliciously attacking them. Comcast denies this.

Paragraph 60 is interesting. E360 alleges that Comcast writes pink contracts. Comcast denies this.

Things get interesting in the "Affirmative Defenses" section of Comcast's response (starting at paragraph 63).

Naturally, Comcast starts right out with the section of the Communications Decency Act that immunizes isps that use technical means (e.g. filtering) to protect their subscribers from spam. They go on to state that CAN-SPAM and various state laws also immunize them.

They then point out that E360 has unclean hands based on their violations of CAN-SPAM, the Computer Fraud and Abuse act, and the Illinois Electronic Mail Act.

Next on the docket is Comcast's Memorandum in Support of their motion. This is where the fun begins. This is the document where Comcast calls a spammer a spammer.

The memorandum starts out Plaintiff is a spammer who refers to itself as a “internet marketing company,” and takes off from there.

Of special interest is Comcast's reminder to the court that even if spam doesn't actually violate the CAN-SPAM act, it's still spam and isps still have the right to block it.

Labels: ,

Don't register or host your domain in the U.S. if it's controversial

In the news lately have been a number of incidents where U.S. courts, or the U.S. government itself has ordered domain registrars to shut down free speech.

First was the E360 vs Spamhaus case, in which accused spammer E360 Insight sued anti-spam organization Spamhaus for labeling them as spammers and won by default when Spamhaus insisted that U.S. courts did not have jurisdiction over them in England and didn't appear. Unfortunately, U.S. courts did have jurisdiction over Spamhaus' domain registrar, who was nearly ordered to shut Spamhaus down (a court order was under consideration). Fortunately, Spamhaus was able to move their registration overseas before any shutdown order could be issued.

Not so lucky was WikiLeaks, a whistle-blowing web site which blew the whistle against Swiss Bank Julius Baer, publishing documents that supposedly provided evidence of asset hiding, money laundering and tax evasion. Julius Baer sued in retaliation and was able to convince U.S. judge Judge Jeffrey White to order Wikileaks' domain registrar to shut them down a few weeks ago. Although Wikileaks was foolish enough to have a registrar in U.S. jurisdiction, they were at least wise enough to have their servers in Sweden and to have mirrors in other countries, and so the organization was able to stay on the air. Shortly after, the judge reversed his decision.

Probably better known is the Pakistani censorship of YouTube. Late last month, the Pakistani government decided that some of the material hosted on YouTube was too offensive to be allowed inside the country, and ordered Pakistan Telecom to block YouTube at the border. Unfortunately, the method used by Pakistan Telecom was to advertise false domain routing for IP addresses owned by YouTube. This would have worked fine if not for the fact that the false routing information leaked out of Pakistan and shut down routing world-wide, knocking YouTube off the air for a couple hours.

But far worse than any of these is the outright censorship of a Spanish travel agency by the United States Government.

The travel agency in question — run by an Englishman named Steve Marshall who lives in Spain — specializes in trips to Cuba. Even though though the web site is not run by a U.S. citizen, is not based in the U.S., and is targeted at European travelers and not Americans, Marshall made one fatal mistake: he registered his domains in the United States.

That was enough for the U.S. government. In October, the U.S. Treasury Department ordered Marshall's domain registrar, eNom, to not only pull the plug on Marshall's domains, but to lock them down to prevent him from transferring them to a registrar outside of the United States.

The full story can be found in the New York Times article A Wave of the Watch List, and Speech Disappears. The article is well worth reading, and details abuses of the watch list the government uses to punish people who do business with Cuba.

Update: Add Network Solutions to the list of registrars not to do business with if you have a controversial web site. In April 2008, they shut down a web site which promoted a controversial anti-islam film. It didn't even take a court order to do it. See E Commerce Times article Domain Name Registrars: The Weakest Link in Online Free Speech