Feeds

CAN-SPAM means we can spam

'No effect' on junk mail

  • alert
  • submit to reddit

Securing Web Applications Made Simple and Scalable

A miniscule proportion of unsolicited commercial email complies with US Federal anti-spam laws introduced this month, according to a survey published yesterday.

Email security firm MX Logic found that of a random sample of over 1,000 unsolicited commercial emails received during the first week this year only THREE of the messages complied with the CAN-SPAM Act. The CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing) Act went into effect on January 1.

"Calling this a high rate of non-compliance would be a gross understatement," said Scott Chasin, MX Logic’s chief technology officer. "It is no surprise that rogue spammers would fail to comply, but the non-compliant messages we saw appeared to be from all types of companies.

“There appears to be an unstated, unofficial grace period for companies to comply, but if this high level of illegal spam continues, I think it will be interesting to see how enforcement of the new legislation will unfold."

MX Logic notes that companies have had little time to digest the new law, signed onto the statute book by President Bush on December 16, let alone bring their marketing practices in line with the new legislation. That's a more forgiving line than other critics such as anti-spam group Spamhaus which argues that the US laws will make the spam problem even worse.

The CAN-SPAM Act set up an opt-out regime for the regulation of commercial email. The Act contains the following provisions:

  • Permissions for certain forms of unsolicited commercial email as long as it is clearly marked as an advertisement and allows consumers to unsubscribe from future unsolicited commercial email from the sender.
  • Prohibition of sending commercial email containing sexually oriented material unless labelled as such.
  • The Outlawing of the use of false email headers or the use of a mail server or open relay to deceive recipients about the origin of a commercial email message.
  • Allows the FTC, state attorneys general and Internet providers (but not the public) to sue companies who violate the law.
  • Provision for the establishment by the FTC of a "Do-Not-SPAM" registry.

    More than fifty per cent of Internet email is spam creating problems of lost productivity, communication bandwidth consumption, increased storage costs, IT resource drain and increased corporate liability.

    Legislation needs to be supplemented with robust technology, industry cooperation and consumer education if the spam tsunami is to be stopped, the MX says. ®

    Related Stories

    Spammers not deterred by Can Spam Act
    US anti-spam laws 'will legalise spam'
    UK anti-spam law goes live
    UK Govt fouls up anti-spam plans, say experts
    Microsoft aims to 'shift the tide' in war on spam
    The economics of spam

The smart choice: opportunity from uncertainty

More from The Register

next story
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.