THE PHONINESS OF 'EMAIL ABUSE' POLICIES

There is much written about the evils of junk email. Virtually every Internet provider, and every backbone provider, has a link on their web page regarding 'email abuse'. If you visit such a page, it will tell you how opposed they are to junk email, and how they act immediately on 'email abuse' complaints they receive. But is that what they really believe, and is that what they really do?

The reality is very different. Internet Frontier has had occasion to contact several other providers regarding email floods on our servers originating from these other providers. While we continue to vigorously object to third party email filtering, that is completely different from flooding another server, or using another server as an unauthorized relay.

Without exception, there has never been a response from, much less action taken, by any of the several providers that we have contacted regarding 'email abuse'. Clearly, they do not actually care about 'email abuse', even when the complaint is well documented and the flood is on-going at the time of the complaint. In most cases, all that is provided in the 'email abuse' policy is (ironically) an email address. Messages to such addresses generate nothing more than an automated 'thank you' response, if that.

Sometimes, if you persevere and dig deep, you may find a phone number that can be called to register an 'email abuse' complaint. If you call the number, you'll almost never get to a human being; usually, the only choice is to leave a message. In the rare case where you get to a human being, they will have no authority to actually do anything except record the complaint.

This experience has been encountered with Yahoo, Pacific Bell Internet, StarnetUSA, (popsite.net), Corecomm (voyager.net), @home, attcanada and most recently (7/21/01) with Earthlink/Mindspring . Their 'email abuse' policies read much alike and are very strident, but where the rubber meets the road, they are unresponsive to complaints.

'attcanada', for example, was unconcerned about complaints. Their support person whom we spoke to (5/2001) said their 'abuse' department was 'very small, and isn't staffed full-time; they respond to complaints when they have time to get around to it'. This from 'attcanada', not some small, local provider. The actual source of the problem in that case was Auracom, which gets its IP space for 'attcanada'. Auracom was completely indifferent, at least until they received a polite phone call from the Toronto Police Department.

At Earthlink/Mindspring, the second largest provider in the US, you must dig three pages into their web site to find a page with an email address and phone number that can be used to report email abuses. The phone number is pointless--you can only leave a message; there is no opportunity to actually speak to anyone. It doesn't matter that the attack or abuse problem is going on at the very moment you attempt to contact them, offering a great opportunity to catch the culprit in the act. They're just not really concerned about such problems. This from a provider that blocks its customers from using other email servers even with permission. Check in the dictionary under 'hypocrite'.

And the patriarch of all, AOL, provides a perfect example of the classic non-response to a complaint. You can see it by clicking here. :-(

In another case, the only one in which our complaint was in reference to a specific email message rather than flooding a server, it took the involvement of the local police department before we could get the provider's attention even though the message was clearly libelous and threatening.

Companies such as these really don't want to handle any 'email abuse' complaints. It consumes the time of some small number of their employees without generating any revenue.

The reader may be wondering, if these companies are unresponsive to complaints, why do they even bother to have an 'email abuse' policy. There are three reasons why they have such a policy.

First, it gives the appearance of concern, and lip service to the problem. It allows such companies to proclaim that they have such a policy without regard to actual enforcement thereof. This is much like homes that have a security service sign clearly visible, but in fact, there is no alarm system; the mere presence of the sign is enough to discourage some potential violators.

The second reason is political correctness. To not ostensibly display a strong statement against junk email is seen by some as akin to advocating the killing of whales or clear-cutting the rain forest. Think about Bill Maher's description of political correctness--"The elevation of sensitivity over truth".

The third reason is the most important. The third reason is FEAR. Certainly not fear of us, but FEAR that the irresponsible wrath of RBL and the other email vigilantes will be visited on them as well. FEAR that their own connections to other backbones will be blocked as a result. It's not good citizenship or altruism that motivates anti-junkmail policies--it's FEAR of being cut off!