« You've Got Mortgage! | Main | Knowing Your Business »

January 12, 2005

Last night I saw a spam message come through that advertised some kind of identity theft protection service. I've read the message a few times, and I'm still not sure what they're offering, nor will I visit the Web site to find out more—but I digress.

The message starts out like a quasi-personal message ("My name is so-and-so"). After a paragraph of blah blah blah comes this admission (identifying data changed):

This is an unsolicited e-mail.You can also contact me at (P.O.Box xxx,City, State ZIP) This is the only e-mail that you will receive from me,unless you reply back for more information,or if you would like to speak to me reply back.

Here's a guy who, aside from failing to format his HTML message in a readable form, seems to know his stuff with respect to the CAN-SPAM law. The law, as we all know, sanctions his unsolicited email if he doesn't use deception and offers a way to opt-out of future mailings. Perhaps he feels that his one-time-only strategy substitutes for the law's requirement to offer an opt-out link.

In any case, on the face of it, in his message—while still spam by anyone's consent-based definition—the guy seems straight-up in declaring his methods.

Long-time spam fighters (and Spam Wars readers) know that the first two rules about spammers are:

1. Spammers lie.
2. If you think a spammer is telling the truth, see Rule #1.

Therefore, it should be no surprise that six hours later, the same spam message arrived. Everything was identical except that the sender used a different IP address within the same block of Texas DSL accounts. Perhaps he disconnected his modem between floods, and the service issued him a new IP address.

So now he's told me twice that I won't be hearing from him again. Maybe he really means it now. Oh, see Rule #2.