News

Microsoft Strikes at Alleged Spammers with Lawsuits

• By Scott Bekker
• 06/17/2003

The 15 cases name companies in Ohio, New Jersey, New York, Florida, Pennsylvania, Utah and California. Several other cases involve "John Doe" defendants in the United States and the United Kingdom. Thirteen cases are filed under Washington state's 1998 antispam statute. Two cases use the United Kingdom's Misuse of Computers Act.

Many of the cases are based on allegations that the named companies used deceptive or misleading subject lines to disguise e-mails containing porn, dating service solicitations or advertisements for other adult services. Some of the complaints are that the sender's address is spoofed, a violation of the strict Washington law and a way to evade some spam blacklist defense technologies.

The cases filed under the U.K. law, both of which name John Doe as the defendant, involve alleged attacks against Microsoft's servers with the intent of harvesting e-mail addresses. In one of the U.K. cases, the spammer tested more than 3 million computer-generated e-mail addresses against Microsoft servers to harvest any legitimate names for future spam distribution or resale. In the other case, which shows that spammers can have a sense of humor, a similar harvesting effort used spoofed sender addresses that ensured that reply messages would be rerouted to a London-based antispam organization.

Whether Microsoft's aggressive effort to encourage enforcement of antispam laws reduces spam or not, the announcement is sure to be the first of many. "We're going to continue to devote substantial resources to support robust civil and criminal enforcement," Tim Cranton, a senior attorney at Microsoft in charge of defining legal strategies in the spam lawsuits, said in a statement.

However, the company's efforts are sure to be more popular than the ubiquitous antipiracy enforcement efforts the company announces every few weeks. Microsoft's own economic interests are clearly involved in reducing spam volumes to its MSN and Hotmail servers. But in this case, the company's interests are more aligned with those of their enterprise customers who face similar problems on a lesser scale at their own e-mail gateways.

A fault line does emerge between the interests of Microsoft and enterprise customers, according to antispam activists who seek to stop unsolicited commercial mail in addition to the adult and get-rich-quick varieties that Microsoft prefers to identify as spam. Microsoft itself uses such protections as having a "pre-existing business relationship" with a customer to send out unsolicited commercial mail.

During the news conference on the lawsuits, Microsoft general counsel Brad Smith was asked about Microsoft's position on a broader definition of spam that includes unsolicited commercial mail. Smith defended the practice of sending unsolicited commercial mail.