Email Technical Services and Standards - CanadaEmails Home
Warning: The sending of unsolicited indecent email to this domain will result in legal action against you.

CanadaEmails.com Joins Coalition Against Unsolicited Commercial email- Canada

CanadaEmails stance on the SPAM WARS...

So what's the very latest on the industry's solution? 

Sender Policy Framework (SPF)

Sender Policy Framework (SPF) has the aim of fighting email address forgery and making it easier for systems to identify spams, worms, and viruses. SPF aims to ensure that the domain in the "From" line of an email header isn't forgery. 

Technically described, SPF is an SMTP (the mail 'sender' server) MTA (mail transfer agent) policy daemon. SPF relies on a DNS (Doman Name Service) Zone TXT entry to indicate which MX (mail) servers are allowed to handle mail for the zone and what zones if any it handles mail for. 

SPF queries domain name servers and asks them about the zone in mail is received from. If the DNS response is "that sender is not authorized for this zone" the mail is bounced. 

Someday soon everyone will be getting at least some false-positive SPF bounces until system administrators correctly configure their DNS servers to indicate their authorized mail sending servers (MXs). SMTP receivers verify the envelope sender address against this information, and can distinguish legitimate mail from spam before any message data is transmitted.

SPF can also help block the flood of needless 'bounce' (return to sender) messages created by email worms which put the addresses of innocent third parties in their Return-Path headers.

Many organizations are moving ahead with SPF. According to one tally, more than 120,000 domains currently have published SPF records. Leading anti-spam products, including SpamAssassin and Declude, have implemented SPF support. Most major mail transfer agents (MTAs), among them Postfix, Sendmail, and Qmail, also support SPF through plugins or patches. 

SPAM / UCE Law (Unsolicited Commercial Email) Around the World

While enforcement remains an issue, Europe seems to be on the right track with its E.Privacy "Opt-In" system  (commercial email can only be sent to those who request it) which commenced in October 2003. Another way of putting this: European SPAM is illegal. 

European mailers must get consent before sending commercial email, tracking personal data on Web sites or pinpointing callers' locations via satellite-linked mobile phones.

The U.S. government through design, inadvertency or a great disdain for the emailing public did not make SPAM illegal.

Some considerable industry expertise has been brought to bear on the problem in both Canada and in the U.S. but thus far ignored by the respective lawmakers. 

The U.S. has created a new regime under its CAN-SPAM Act of 2003 which sets out ways to legitimize SPAM. It does forbid the exploitation and hijacking of open relays and proxies for the purpose of sending SPAM but unlike Europe and several individual U.S. States (which State law is now superseded by the greater authority of the Federal Law), it allows all SPAM at least once or until the recipient uses the "OPT-Out" or "unsubscribe" option in the email, which the law says must be there under pain of possible "misdemeanour" charges. The U.S. law sets out less stringent rules than the October 2003 European legislation but on the enforcement side, does impose a criminalization of certain "theft"-like practises like stealing someone else's resources to send SPAM. In summary, where the U.S. law fails is that in general it allows SPAM. The European legislation disallows SPAM.

Since most of the worst SPAM in the world comes from U.S. SPAM gangs, the December 16, 2003 U.S. Government enactment of its Bill 877 is a serious blow to the world's legitimate IT community and those within who have valiantly fought to reduce the exploits of thugs.

In the latter part of the first quarter, through till mid 2004, we should see what if any effect new legislation will have on SPAM. If the forecasted storm of SPAM and viruses does come as some have predicted, the U.S. Internet user is in for some very hard times. For many ISP's around the world it will become necessary to apply huge filters against U.S. email to block U.S. SPAMMERS and in the process, block tons of legitimate U.S. email.

In 2004, the industry itself will need to supply a solution as it would seem that legislators have failed. The best approach so far seems to be methods which filter on the basis of "nobody gets in save those authenticated senders whom we trust explicitly". The core concept is solid. What remains to be decided is the method.

You have a stake in fixing the problem.

It would seem that part of the problem lies in the definition of what comprises SPAM. Perhaps wherever you may be, the next time you feel inclined to do something about SPAM, write your local government representative, whoever that may be, and tell them what's in your in-box that you don't want to be there.

As you may have read elsewhere at CanadaEmails.com, it is our belief that the current protocols for email transport and post office protocols are barely relevant to the current-day security challenges of internet communications. We have extensive articles on this site explaining how the email system works if you would like to understand it better.

Security is the main issue of concern, apart from which the system works brilliantly. It is actually quite a simple system, but concomitantly it is extremely vulnerable for being simple.

Malicious marketers continuously overtake prevention measures and fake their identity to sneak into your email box with any kind of trash they want to send you regardless of your wishes. That's the problem.

The content of these emails is often

1. an unfair or deceptive practice perpetrated for financial gain,
2. outright fraud,
3. pyramid schemes,
4. Ponzi fraud schemes,
5. chain letter scams,
6. pornographic material,
7. vulgar,
8. viruses,
9. Trojan horse scripts intended to either steal your identity, bandwidth, credit cards, or destroy your computer, or
10. aimed at exploiting your children.

Some SPAM is generated by spammers acting on behalf of legitimate businesses using less then legitimate means trying to sell their wares. Does the Better Business Bureau have a more profound role in this than it apparently believes it has? If you too wonder about this, ask them about the Better Business Bureau policy for their members who SPAM the public.

Typical Conduct of Unlawful Emailers (Spammers).

Electronic mail criminals are described in some legislation as those persons who:

(1) falsify or forge electronic mail transmission information or other source, destination, routing, or subject heading information in any manner in connection with the transmission of unsolicited bulk commercial electronic mail through, or into, the computer network of an electronic mail service provider or its subscribers;

(2) transmit an electronic mail message to a recipient who requests not to receive unsolicited bulk commercial electronic mail;

(3) collect electronic mail addresses by snooping through public and private spaces for the purpose of transmitting unsolicited bulk commercial electronic;

(4) incurs costs to the recipient for the storage of such mail, or for the time spent accessing, reviewing, and discarding such mail; and

(5) impose significant monetary costs on internet service providers, businesses, and educational and nonprofits institutions that carry and receive the global public's email.

Proof of the problem and some heretofore solutions, from our perspective.

In response to user needs, on our CanadaEmails website we make available a number of unique resources enabling clients to do secure email communications by blending our own technology with more traditional email transmission resources to focus on the concept of exchanging messages between authenticated users. We have attacked the problem of safe and trouble-free email communications from every angle we and our user-clients can think of.

1. More than 76% of all traffic on port 25 to our subnet (the email SMTP "internet mail channel") is caused by spammers and is wasted bandwidth. This is an expensive problem.
2. Less than 8% of our client's mail is SPAM. We are trying to get that down to Zero. 
3. There is no certain method for eliminating all SPAM.
4. We offer a web tool for blocking email addresses right at the server level so your email client software and virus scanners have less work to do. Our anti-SPAM policy is published on this site. 
5. We prosecute and seek damages from persons who misuse our resources.
6. We publish lists of offending spammers. (Not that it does much good, but consistent of our policy of being transparent to our stakeholders, it does send out a signal that SPAM is unwelcome; we are watchful and determined to prevent SPAM; and we are willing to take punitive action against offenders, even to the point of prosecution.) To be fair, we have created an interactive process whereby a "blocked mailer" can appeal their listing and interactively make a case and prove they will mend their ways!
7. The worst offenders purport to be Yahoo.com users. Some of the most vile stuff we see uses real or spoofed Yahoo.com and AOL.com email addresses. In other words the big players in the email world are the biggest problems because they do not take adequate steps to prevent the problem either because their technology is failing or their policies do not provide for a suitable effort. We humbly suggest that both, failing technology and lack of stringent policy enforcement are the root problems. We all have a stake in the solution.
8. We spend thousands of dollars for bandwidth, manpower, coding and software for doing identification and filtration of illicit traffic. People have no idea how costly this truly has become. We could cut the cost-per-user in half if we could eliminate this problem under a same condition scenario. Does that give you an idea of what spammers cost you personally At least $2.00 per month plus whatever time you spend removing junk and building SPAM filters; plus whatever you spend on extra software; plus whatever inconvenience is caused you by "junking" legitimate email that got nixed by stringent "junk-mail" rules.
9. CanadaEmails is an early adopter of the SPF (Sender Policy Framework) and implemented SPF for SMTP and DNS in Spring 2004.
10. We operate an "OpenPGP / PKI KeyServer" resource to facilitate the foregoing.
11. You can conclude that just the mere existence not to mention your extensive use of these resources listed above, points to the fact that there is certainly a high level of concern and desire for a remedy among the internet-using public and business users.
12. And you know that people want privacy for their electronic communications. And people don't want to be spammed.
13. Many are fed up with the loss of valid emails which got "junked" by aggressive filtering or "SPAM rules", not that it happens often, but once is too much. (SPF may lend a hand in achieving this goal of preventing false bounces.)

T E R M S O F U S E The following applies to this domain and all virtual domains hosted by CanadaEmails.com. Customers are heartily welcomed to take advantage of all web and mail resources, obtain all reasonable benefit, and full private enjoyment of all resources offered them by CanadaEmails.com for as long as that use is within "acceptable use policies" and compliant with this site's legal notice. Customers are encouraged to report problems freely. Customers will use their entitled resources and privileges with respect and courtesy to all Internet users. Customers are encouraged to report and block UCE (SPAM) on their mailbox at the server level by using the forms presented on this web site. ( Users may block any email address from their mailbox, at the server level, no matter what their private reason. No justification is required. ) The majority of our users are courteous, law-abiding, cognitive of the rights of others and their common-law responsibilites. Such users are not contemplated in the context of the following terms. -*- UNSOLICITED COMMERCIAL E-MAIL -*- - - Remedy Has No Restriction - - The minimum remedy allowed CanadaEmails.com against local spammers shall be forfeiture of all client rights and fees-paid plus the minimum cost of $65.00 per abuse-desk complaint. - - Abuse Complaints - - The fact of a users complaint shall, in the event, be deemed acceptable proof that the CanadaEmails.com client did not request the subject Commercial Email message nor assign consent to its sender. - - Abuse Defined - - 1) All users are prohibited from misusing CanadaEmail resources. Spamming is prohibited. Sending unsolicited mass or commercial email for any purpose via CanadaEmails.com is expressly forbidden. 2) Permitting third parties to issue commercial emails on any client's account is forbidden. (If your account has been 'hijacked', please report this information to security at CanadaEmails.com or use the support link at this site.) 3) Using CanadaEmails.com resources as drop-boxes to receive replies from unsolicited emails (SPAM) or for any improper, unsavoury or unlawful purpose is expressly forbidden and shall be treated as criminal trespass and abuse. -*- UNACCEPTABLE USE -*- All users are prohibited from misusing CanadaEmail resources. Spamming is prohibited. Sending unsolicited mass or commercial email for any purpose via CanadaEMails.com is expressly forbidden. Permitting third parties to issue commercial emails on any client's account is forbidden. Using CanadaEmails.com resources as drop-boxes to receive replies from unsolicited emails (SPAM) or for any improper, unsavoury or unlawful purpose is expressly forbidden. -*- OTHER UNACCEPTABLE USE -*- Illegality in any form, including but not limited to activities such as unauthorized distribution or copying of copyrighted software, violation of export restrictions, harassment, fraud, trafficking in obscene material, drug dealing, and other illegal activities including communication for the purpose of any of the above. -*- OTHER UNACCEPTABLE USE -*- Tortious conduct, including but not limited to posting of defamatory, scandalous, or private information about a person without their consent, intentionally inflicting emotional distress, or violating trademarks, copyrights, or other intellectual property rights. -*- DISPUTE RESOLUTION -*- Any single validated complaint shall be sufficient cause for punitive and remedial action. CanadaEmails.com and it's Host server administrators for www.CanadaEmails.com reserves the right to determine what constitutes net abuse and what if any punitive and remedial action shall be sought and applied to offenders. Assuredly, forfeiture of all rights and fees-paid shall comprise the minimum remedy allowed CanadaEmails.com. -*- SECURITY -*- Use of secured computer and network facilities requires prior authorization. Unauthorized access is prohibited. Usage may be subject to security testing and monitoring. Abuse is subject to criminal, civil, and extra-legal prosecution. CanadaEmails.com / MPRM Group / Mouse House Creative Technologies Div.