[TriLUG] NC spam laws?

Brandon L. Newport bnewport at appws.com
Mon May 5 14:05:15 EDT 2003 

It may be a good idea for the different Carolina MUGS to work together, to
create their own DB.  My partner and I have started working on our own DCC
server for which others could tie into.  It is basically a blacklist &
whitelist for users to send known spam too. And when email is tagged as spam
you could forward the email to have it tagged as NOT SPAM.  It is still in
its initial phase, we are discussing and testing right now but as we get it
into place we may open it up to all Carolina based MUG users.

-brandon


__________________________

Brandon L. Newport - CISSP
Senior Security Engineer
Certified:  CISSP, GCIA, CCSE, MCSE Windows NT 4.0, Sun Workgroup, CCNA
Affiliated:  HTCIA, CSI

Appalachian Web Solutions, LLC
http://www.appws.com
P.O. Box 4254
Mooresville, North Carolina 28117
Ph.  704.658.9990
Fx.  866.422.4006
Mo.  704.564.9246

bnewport at appws.com
MSN IM: Nkr1ptD
AOL IM: Nkr1ptD
ICQ:    108901040
__________________________

  

-----Original Message-----
From: trilug-admin at trilug.org [mailto:trilug-admin at trilug.org] On Behalf Of
Bradford Powell
Sent: Monday, May 05, 2003 1:58 PM
To: trilug at trilug.org
Subject: Re: [TriLUG] NC spam laws?



<IANAL>

Unless there is something more current, I believe the relevant bill to be
S288 from 1999
<http://www.ncga.state.nc.us/html1999/bills/AllVersions/Senate/s288vc.html>.
(Unfortunately that link wasn't working when I tried it, but the problem may
be temporary).

Section 1-539.2A of the General Statutes covers the recoverable damages.
Unfortunately it is only $10/email + the costs of the suit (up 
to $25,000/day). I think the law is probably more useful for people who host
sites rather than individuals.

</IANAL>

But bringing this subject up gives me a chance to talk about a honeypot idea
for spammers who harvest addresses from web pages (will only work for
someone who routes mail):

I saw somewhere online someone else's idea to create a script that makes
random email addresses to non-existant domains to cause excess work for
programs that send spam.

My idea is slightly different. Somewhere on your site, place a page or
portion of a page that would not ordinarily be visible to someone reading it
(perhaps text same color as background, with text something like:

	The following address: 3jkjsa at mindspring.com
	is not a real address, and you shouldn't send email to it.

Then, whenever you get email at that address, you have a strong indicator
that it is spam and you can seed your "certain to be spam" file or spam
blacklist or whatever.

Probably not a unique idea, but I have not seen mention of it elsewhere.

-- Bradford Powell




_______________________________________________
TriLUG mailing list
    http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ:
    http://www.trilug.org/faq/TriLUG-faq.html

More information about the TriLUG mailing list