Skip to content


Kentucky sez ‘Opt-Out Still Doesn’t Work’

Spam: Some fantastic data in this paper from the Kentucky Long-Term Policy Research Center.

It’s a brief 2-pager detailing the effectiveness of the CAN-SPAM Act in reducing the spam load, using a set of test addresses. The methodology is pretty good.

One point in particular is very important: ‘opting out’ from spam Just Does Not Work. This graph tells the whole story:

After opting out from spams received, the amount of spam received at those ‘opted out’ test addresses actually rose. (This even after CAN-SPAM made such activity explicitly illegal.)

Some other data:

  • obfuscating addresses on web pages is still working; 7.7 times the spam is received if you don’t bother doing so.
  • e-mail harvesting also continues after CAN-SPAM made it illegal.

If anyone needed proof, this shows that spammers are quite happy to break the law; strong enforcement ‘teeth’ are needed for any anti-spam legislation. (UK, take note: the thoroughly useless system whereby spam complaints must be submitted on paper isn’t going to help!)

The Technical Details document also notes something interesting: one test address was set up to test ‘opting out’ of legitimate mass mail from some (unnamed) big websites, and continued to receive ads ‘sometimes months after opting-out’. For shame!

(thx to John Levine for forwarding the links.)

Spam: Michael Radwin on open HTTP redirectors, and in particular noting that Yahoo! have (finally) closed their main one down. One down, several hundred to go ;)

Good history of the exploitation techniques that spammers have been using, too.

Comments closed