|
An interview with me ran in the Jan. 23, 1998 issue of CompuNotes
CompuNotes
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= [... intervening feature stories snipped ... ] 4=> Interview with Jim Youll, mailto:jyoull@hotmail.com
Never heard of Jim Youll? Maybe you should stop by his website at
http://www.agentzero.com/junkmail/index.html and take a look at what
happened to Jim when he posted a message against spam on Usenet. In our
interview with Joseph Melle, President of the NOIC
(http://www.compunotes.com/interviews/ntrvw108.htm), Mr. Melle claimed
that it was the anti-spammers who were the "true criminals". Read the
following interview, and you can tell me who you think is the "true
criminal" mailto:dr2web@sprynet.com CN: You've had some bad experiences with junk e-mail. What happened? JY: Soon after I used my real name and real e-mail address in a few public postings about junk e-mail, I was electronically "attacked" by some people who didn't like my position. Someone(s) forged my name and address on hundreds of thousands of e-mail messages sent all over the world. Our mail server was bombarded with thousands of bounces and hundreds of angry replies to the messages I'd never sent. The attacks continued periodically from May through August. The mail server is scaled for normal traffic of about 40 or 50 messages a day. During the attack it handled up to 6 messages PER SECOND for hours at a time. I was able to reconfigure it to deal with the load, and as most of the Internet came to understand that these were forgeries, the angry messages came to a halt. Many people all over the world also helped me deal with the attacks and locate the attacker. I guess the short answer is that I had the nerve to demand privacy, and found out the hard way that some people don't want anyone to have that right. CN: How did you get started on your fight against junk e-mail? JY: I never intended to get into a "fight" against anything. I'm just like everyone else who's really tired of receiving pornographic ads and get-rich-quick junk in his mailbox. As the administrator of a small, private e-mail system, things were getting so bad that I now faced DAILY complaints from our small user base, not to mention the extra load all that junk placed on the server, and a postmaster mailbox littered with improperly-addressed junk messages. I had to do something. The junk mail was (and still is) interfering with our ability to do business. My real job is NOT the administration of our in-house mail server. By design, when outsiders behave themselves, the server takes care of itself. But suddenly this flood of junk mail was forcing me to spend ridiculous amounts of time dealing with it. When I found a large group of others who were already hard at work on the problem, I knew I could learn a lot from them, and I knew I wanted to help fight for everyone's right to be left alone. CN: Junk e-mail commonly contains bogus reply addresses. How can you find out who really sent the message? JY: First, the idea of a bogus reply address goes against all the principles of the Internet. In addition to making it difficult to register a complaint with the sender of a message, these forged addresses have caused innocent systems to be blasted with huge loads of bounced messages. For example, if I created a junk mail message "From: getrichquick@compunotes.com", then sent that to thousands of addresses, many (or most) of the messages would be misaddressed and undeliverable. Systems all over the world which could not deliver those messages would "return them to sender"... not to me (since my name's not on there) but to the compunotes.com server... it would be overloaded. This is what my attackers did when they tried to bring my systems down... you end up with hundreds of messages per minute coming at your server from all over the world and there's no way to make them stop. If the junk mailer is trying to sell you something, he has to identify himself with at least an address and phone number... It's often easier to chase this information to find the sender. They still have to identify themselves with real locations and contact information if they want money. Junk mailers sometimes pretend they live in some sort of weird cyber reality, but they're a part of the real world just like everyone else. They're not that hard to identify. And now that Internet privacy proponents are working together to identify the worst junk mailers, it's easier than ever. CN: What is being done about junk e-mail? JY: Private individuals are doing the most - they're working with the junk mailers' ISPs, and complaining to everyone up and down the food chain. It's working. Service providers are beginning to filter incoming mail, to help reduce the flow of junk to their subscribers. And the providers are beginning to coordinate their efforts so that a master "filter" can be used by many ISPs at once. I think this year we will see the emergence of real-time, distributed filtering systems that will catch the first few appearances of a junk message and kill it Internet-wide. There's legislation pending. I hope that whatever is passed is well organized and very clear. Maybe that's too much to hope for from Congress... CN:Why don't we have the same protection against junk e-mail that we do against junk faxes and telemarketters? JY: We may have some protection - I don't think we've had a good test case yet (If there has been one, I'm sure a few hundred of your readers will tell me). The generators of this junk have tried to persuade people that there's something unique or "new" about the Internet that makes Internet messages different from every other kind of communication. Any reasonable person can see that's simply not true. The junk fax and telemarketing rules weren't written to address technological problems. They aren't there to regulate HOW how the bits or voice or whatever get from sender to recipient. Those laws exist because Congress recognized that people do absolutely have a right to be _left alone_. That is, if I tell you to shut up and go away, you'd damn well better shut up and go away. Don't fax me. Don't call me. Don't bug me. Period. If you don't go away, I have recourse. It's just a matter of time before the laws are explicitly extended to cover electronic mail and whatever comes after. An unwanted intrusion is exactly that no matter how it arrives. CN: Will junk e-mail legislation do any good? Won't the offenders just move "off-shore"? If the legislation is handled well, it will help. Apparently we need an explicit statement of our right to privacy and our right to have our electronic mailboxes left alone. The offenders can move off-shore or to Mars or wherever they want. But if they're doing business in the United States, or using US-based servers or backbones, then our laws will apply and I would expect to have recourse against them. Nothing's perfect. This would be a good start. Isn't it odd that these people claim to be selling things / seeking customers? When is the last time you gave money to a person who berated you, harassed you and annoyed you? Legitimate businesses that have tried junk e-mail have quickly learned that it's not an honest business model. Those which remain in the game are really the get-rich-quicks, pornographers, scams, and the truly clueless. I believe there's a generous number of harassers in there as well. Why else would posters to an anti-junkmail newsgroup be targeted to receive such a large amount of junk? CN: What can the average person do to combat junk e-mail? JY: Write a letter (on paper) to your congressional representatives... TODAY, urging their immediate involvement in the issue. When you receive junk and there's an identifiable sender (Telephone number or address) call and complain. E-mail replies usually don't work (due to the junk mailers' forgeries of sender info) so don't bother. But when you have a telephone number, call to complain. If there's a fax number, write up your complaint and fax it. Better yet, do both. If enough people did this, the junk mailers' ability to "send thousands of messages - free" would begin to become expensive. And if it becomes expensive, they'll stop bothering those people who fight back. I've sometimes been harassed by the people I've called when complaining. Remember to block your caller ID when calling ("*67" is the code in many areas). If you call an 800-number, your number can't be blocked and the recipient may see it either "live" or on a printout later. As for self defense, I've begun advising people to get a separate e-mail address to use when posting to newsgroups, since it looks like newsgroups are a major source of e-mail addresses. I'm against this in principle, but right now things are pretty bad. Get an address at hotmail.com that you only use when posting to newsgroups. If the hotmail account becomes too littered with junk, kill it and make a new one. Reserve your personal e-mail address (that you never post in a newsgroup) for your legitimate correspondents only. Also, ask your service provider to begin filtering for some of the more common junk (certain domains and types of messages are guaranteed to be garbage and can be tossed before you see them). I'm also thinking about building a self-defense toolkit that will be useful to people who want to take a more active role in compelling junk mailers to leave them alone. I'll let you know how it goes. CN: What do you think of AGIS's decision to drop CyberPromotions? Is there hope? JY: The attacks against me came when I called for a shareholder action against a business partner of AGIS - Alltel Corp., so I was quite pleased to see AGIS implement an acceptable use policy and then (after a delay some of us thought was too long) actually enforce it. Successful businesses are customer- and community-focused, and don't go out of their way to antagonize people. AGIS will be successful if it continues this proactive and Internet-positive stance. In all the months of tolerating junk from Cyber Promotions, we did not receive even ONE message that anyone here wanted. I called Cyber Promotions many times and was told they couldn't stop the interminable messages coming into our server. I was glad to see the junk halted at the source. I'm sure thousands of other Internet users, service providers and site managers were also relieved.
- - - - - CompuNotes is: Available weekly via e-mail and on-line. We
cover the PC computing world with comprehensive reviews, news, hot web
sites, great columns and interviews. We also give away one software
package a week to a lucky winner for just reading our fine publication!
Never dull, sometimes tardy, we are here to bring you the computing
world the way it is! Please tell every on-line friend about us!
|