The Web    Google
ISPs Band Together Against Spam

ISPs Band Together Against Spam
October 29, 2004

UPDATED: In a coordinated attack against spammers, some of the country's largest ISPs have filed new lawsuits against businesses and individuals that allegedly deluged users with unwanted and offensive e-mails.

The actions were brought by America Online, EarthLink (, ), Microsoft (, ) and Yahoo under the federal Can-Spam law.

It's the second round of lawsuits filed by the group, which founded an anti-spam alliance in April 2003 to address a common problem that clogs up their networks and irritates their subscribers.

Each ISP targeted different defendants. In Yahoo's case, it sued East Coast Exotics Entertainment Group Inc. and Epoth LLC for delivering sexually explicit bulk spam e-mail messages to Yahoo Mail users.

"We are holding spammers directly accountable for unlawfully disguising their identity and using this practice to deceive e- mail users," Mike Callahan, Yahoo's senior vice president and general counsel, said in a statement.

Meanwhile, Yahoo's alliance partners were filing their own lawsuits in courthouses around the country. America Online sued two "John Doe" defendants, one that targets a sender of SPIM, or unwanted instant messages. It's believed to be the first suit ever brought for misusing the IM system.

The second AOL complaint goes after an alleged spammer peddling prescription pharmaceuticals such as Vicodin online.

EarthLink filed several lawsuits against "Joe Doe" defendants trying to sell drugs and mortgages. And Microsoft's lawyers drafted three suits against defendants who allegedly spoofed the domains of all four ISPs to market a number of products in violation of the Can-Spam law which took effect Jan. 1.

Filing the John Doe suits gives the ISPs the right to start discovery and issue subpoenas to find their actual identities, according to Les Seagraves, assistant general counsel and chief privacy officer for EarthLink.

"We're just a couple subpoenas away to delivering the lawsuit to a real defendant somewhere," he said. Earthlink will subpoena domain registrars, Web hosting services and companies that enabled sending of the spam.

While the CAN-SPAM Act was widely criticized for not being strong enough, Seagraves said it's a help to ISPs. "CAN-SPAM gives us great tools to go after the worst parts of spam, forging headers and using deceptive practices," he said. The Anti-Spam Alliance's quick action under the new law has dispelled some of those criticisms, he asserted.

This is the second wave of lawsuits filed by Alliance members. The first round began in early March. Seagraves said the ISPs still are working through the discovery process in those suits.

In addition to lawsuits, the ISP rivals have collaborated on the technical side to slow the flow of spam. In June, the companies presented a host of best practices and technical recommendations to the entire ISP industry.

The suggestions focused on two areas: helping solve the e-mail forgery problems by using cryptographic-based and IP-based methods to eliminate e-mail spoofing; and best practices to prevent ISPs and customer from unwittingly becoming sources of spam.

In addition, the four major ISPs continue their own individual efforts to protect members. AOL for example said this week that it will anti-virus services to its members. Virus are often carried in spam e-mails that are disguised as legitimate messages.

In a twist of irony, Earthlink's public relations agency had great difficulty getting a press release on the current suits through corporate e-mail filters, a spokesperson said. But Seagraves denied that e-mail is becoming an inefficient way to communicate amid a sea of spam.

"It's definitely not broken," he said. "We're going on the offensive -- coming up with products, educating consumers and suing spammers -- that will make sure it's not broken."

Susan Kuchinskas contributed to this story

  • WiFi Security Concerns Easing
  • 4/20: Mytob-CC Worm Modifies Registry
  • FTC Publishes Web Site on Fraud Cases
  • Information Theft Reaches Estimated $59 Billion
  • 12/6: Atak-B a Mass-Mailing Worm
  • Making Outlook Less Insecure
  • Startup Unveils Web Server Assessment, Defense Toolkit
  • Gentoo 2005.0 All About Security
  • Cisco Warns of Voice Product Security Flaws
  • 2/17: Rbot-WB Worm Has Trojan Functions
  • How Long Must You Wait for an Anti-Virus Fix?
  • Cheap Security Camera