The Web    Google
Do-Not-Spam List Great For Spammers

Do-Not-Spam List Great For Spammers
June 16, 2004

A national registry of consumer e-mail addresses would make things easier for spammers and could actually increase the total amount of spam, the Federal Trade Commission has concluded.

As part of the federal CAN-SPAM Act, which became law in January, the FTC was mandated to report on the feasibility of establishing a National Do Not E-Mail Registry, similar to the wildly successful Do-Not-Call registry. Today, the FTC published its report, which concluded the idea is a wash.

''We learned that when it comes down to it, consumers will be spammed if we do a registry and spammed if we do not,'' FTC Chairman Timothy Muris told reporters at a press conference today. ''Spammers would ignore the law,'' Muris said. ''Even worse, they'd use the registry as a source of valid -- and spammable -- addresses. It would be virtually impossible to stop them.''

According to the report, a national registry would fail to reduce the amount of spam consumers receive, might increase it, and could not be enforced effectively.

Instead, the FTC recommended that private industry, including ISPs, e-mail marketers, e-mail service providers and software companies, should work together to form a standard for e-mail authentication that would prevent spammers from hiding their tracks and evading Internet service providers' anti-spam filters and law enforcement.

To jump-start these efforts, the FTC will sponsor a Fall 2004 Authentication Summit.

''Without an effective system for authenticating the source of e-mail,'' Muris said, ''any registry will fail.''

In February 2004, the Commission issued a Request for Information from businesses with the technical sophistication to design and manage a National Do Not Email Registry of about 300 million to 450 million addresses.

They then culled the 13 responses into three models: a centralized database for individuals similar to the Do-Not-Call Registry; letting ISPs and domain name holders refuse spam to their entire domains; and the establishment of an FTC-approved forwarding service to which all commercial e-mails -- or even every e-mail -- would be sent. The forwarding service would deliver messages only to those e-mail addresses not on the registry

However, e-mail marketers would need to receive a copy of the registry so that they could remove the addresses from their own lists; spammers would simply e-mail to the list. In effect, the Do Not E-mail Registry would become the first extant list of good e-mail addresses. The report quotes the Association of National Advertisers as stating, ''[The] Registry would truly be the 'Fort Knox' list of e-mail addresses for a criminal spammer.''

Domain-level registration, the FTC concluded, ''would merely put the government's imprimatur on ISPs' existing anti-spam policies without reducing the scope of spam.''

This article was first published on To read the full article, click here.

  • Netsky-D Ranked as High Risk
  • Critical Flaws Flagged in Mozilla, Thunderbird
  • SQL Server Security Checklist
  • NIKSUN offers a security camera for your network
  • 5/19: Webloin Trojan Downloads DLL File
  • 2/18: Bropia-R Worm Displays Pornography
  • 4/25: Spybot-OBZ Worm Has DDoS Ability
  • Nine out of 10 U.S. Emails Now Spam
  • AntiOnline Spotlight: Trojan Force
  • 2/7: Traxg-C is a Mass-Mailing Worm
  • ChoicePoint Stops Selling Some of Your Info
  • Security Camera Industry Information