Think... the servers are down, the Blue Security infrastructure is gone. Obviously it's not going to work. If there's nowhere to send the reports, then there's no point in using the software.

Granted, yes, in a sense, one could look at it as a form of DoS, due to the possibility that one company could, in theory, send out multiple messages, and in doing so, each message being replied with one opt-out message. Do the math...

If one person receives on average 100 spam messages per hour, and each message is responded to with a single reply, that's a hundred opt-outs. Now, if one company had sent that very same amount, and you multiply that by the approximate 470 some odd thousand members that BS had or has, that's a crapload of mail.

To sum it up, would the equivalent of almost 47 million mails to a single spammer be declared a legal opt-out, or in itself a DoS attack?

Personally, I think that the methods that were used, reporting the spam to various agencies like the FBI, DHS, Interpol, FDA, etc. to opt out was indeed the proper way. I just think that the spammers were getting tired of being harrassed by "Big Brother" and losing their money, whether it be legitimate or illegal.

I just hope like hell that one day, spammers will realize that if we want spam, we know where to get it. If we don't, just leave us the hell alone.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11392/33862#33862