Anti-Spam Law Ineffective

Can Spam...Can't.

On January 1, U.S. politicians took a crack at ending the scourge of spam when the Can Spam act went into full effect. Overnight the spam problem changed dramatically: It got worse.

According to the index, which ranks spam the way the S&P500 ranks stocks, the average for December, the month before Can Spam took hold, was 10,000. Towards the end of January, it had climbed to nearly 13,000. The index ranks the general level of spam—the higher the level, the more spam is being delivered.

Just as spam experts feared, illegitimate spam, including the online pharmacies and pleas for banking help from Nigeria—the very mail the act was supposed to eliminate—never missed a beat.

The new law is a bit like speed limits: No one except the truly conservative seems to care. Out of 1,000 spam messages sampled by security vendor MX Logic shortly after the act went into effect, only three followed the new guidelines.

And overall volumes have surged, according to some. "Most hardcore spammers are simply ignoring (the law), while some have moved offshore," says Jim Gildea, an executive with anti-spam vendor Intellireach. China, South Korea and Brazil follow the U.S. as top spamming nations, so it’s likely U.S. operations will move to those countries to sidestep the new law.

A law is only as good as its enforcement, and here the Federal Trade Commission, which is largely responsible for upholding Can Spam, is clearly outgunned. Spammers are too numerous, too anonymous, too technical and too dispersed for the FTC to make much of a dent.

Worse, the federal law supercedes states laws that had far sharper teeth, such as California’s proposed law that would require an opt-in before the spam is sent, and allow citizens to sue spammers privately, such as in small claims court. Can Spam allows users to opt-out after spam is sent, in essence legalizing at least the first spam message.

The good news? Some of the larger legitimate bulk e-mailers are complying. I recently received messages from United Airlines,, and several e-mail newsletters, all of which included opt-out options. Unfortunately, these were all messages I actually asked to receive.

So if the law can’t help, what can you do? Go back to basics:

 Report spam to the originating ISP, the FTC ( | “File a Complaint”), Congress and to organizations that maintain blacklists.

 Teach users how to use the controls built into mail clients, and to never respond to illegal spam.

 Opt out of spam you don’t want that you know comes from legitimate sources.

 Comply with Can Spam within your own marketing organization by using clear subject lines, legitimate source addresses and a working opt-out mechanism.

The bottom line: Don’t slacken your spam defenses, but increase them. The spam flourishing under Can Spam is the worst kind—illegal, offensive and so far, impervious to federal statute.

About the Author

Doug Barney is editor in chief of Redmond magazine and the VP, editorial director of Redmond Media Group.


  • Microsoft Adds Modular Datacenter to Azure Space Efforts

    Microsoft this week introduced the Microsoft Azure Modular Datacenter as part of its overall Azure Space effort.

  • Microsoft and Partners Continue To Block Trickbot To Protect Elections

    Microsoft on Tuesday provided an update about its efforts, along with partners, to take down the Trickbot criminal network, which uses servers and devices to spread ransomware.

  • Microsoft Releases Windows 10 and Windows Server Versions 20H2

    Microsoft on Tuesday announced the "semiannual channel" release of Windows 10 version 20H2, otherwise known as the "October 2020 Update," and it also released Windows Server version 20H2.

  • How To Debug a PowerShell Script

    Here are three pointers for finding and fixing any bugs in your PowerShell script, no matter how long it is.

comments powered by Disqus