[krono]

Blocking of messages/emails and blanket email server/domain/extension blacklisting is the same as a postal service not delivering mail to or from a particular entity/street/town.

Doing so silently and without a valid and case-specific reason should not be legally allowed.

Edit: Added "street/town" to analogy, and "case-specific" before reason

[maxwell]

The FCC classified SMS/MMS as unregulated, filterable "information services" rather than regulated "telecommunications services".

https://www.fiercewireless.com/wireless/sms-mms-deemed-infor...

[krono]

They should really update the "Mission and strategy" chapter on their Wikipedia page [1]. In particular the part about "Protecting Consumers & Public Safety" seems horribly outdated!

I will have to look up how this works in the EU and here in The Netherlands. Something to do for the weekend.

[1] https://en.wikipedia.org/wiki/Federal_Communications_Commiss...

[wikidani]

I really would like to see what was the legal reason behind that, I know the US has issues with gov't agencies using their opinions as law but I thought mail was constitutionally protected?

[maxwell]

The FCC just makes decisions, we're talking regulations here, not laws. They justified it with "preventing spam" and enabling competition with unregulated OTT apps.

I'm glad that Twilio fought for Title II governance: https://ecfsapi.fcc.gov/file/60001324418.pdf

Where was everyone else?

As far as the sanctity of the U.S. Mail, it only applies to sealed envelopes/packages, and Congress can ban items from the mail (e.g. lottery pamphlets, spurious tokens, gasoline, etc.)

https://supreme.justia.com/cases/federal/us/96/727/

[wikidani]

Doesn't congress make a law saying breaking x regulation carries y penalty and at the same time gives the agency power to decide what constitutes breaking x? I know for a fact that BATFE does this rather frequently. Also, thanks for the clarification about the secrecy of US mail. I apreciate it

[duskwuff]

You'd be getting an unbelievable amount of SMS spam if carriers weren't allowed to block messages. There's a lot of bad actors out there.

[aquark]

We've run into this issue with replies to texts that the user sent first.

Telecom spam filtering seems to be a ridiculously primitive and wide net. I can't imagine a valid use case for dropping a text sent to a number when that number just sent you a text a few seconds before.

I don't understand why SMS spam has such a big issue with false positives compared to email spam when emails are practically free to send but SMS is much more costly.

(Yes, I know there are a lot of false positives on email too ... but we run into false positive SMS spam issues a lot even though it feels like it should be a much simpler problem to solve).

[Veen]

Perhaps their blocking systems are stateless, i.e they don't bother doing a lookup of communication histories because it's expensive when you're dealing with millions of texts an hour. They just run each one through a bunch of rules and drop matches.

[skrtskrt]

Seconded, having worked in this space I can assure everyone that there are multiple orders of magnitude more (attempted) spam SMS than legitimate SMS.

[silisili]

I believe that, completely. But keyword silently blocking is an objectively bad approach. Tell the sender it failed if you're so keen to do so. Or tag it with a big POTENTIAL SPAM at the beginning of the message and send it. Or literally any of the dozens of smarter ways of content filtering than (if .xyz in y).

[Zuider]

> Tell the sender it failed...

But if the sender is a bad actor, they can just keep testing until they succeed, which will make fraud worse.

[account42]

Apparently sometimes the sender is not a bad actor.

[Zuider]

Bad actors are why we can't have nice things. Think of how simple, clean and efficient computing would be if we didn't have to keep criminals and idiots at bay.

[honkdaddy]

Very interesting. I definitely get phishing SMS messages from time to time, but I didn't realize these were some of the very few which actually made it through. Any idea how these bad actors are able to send out these massive batches of spam SMS? My naiive guess would be bulk purchasing disposable SIMs but I imagine it's more sophisticated?

[skrtskrt]

It's whack-a-mole where game is skewed wildly towards the moles.

Basically there are tons of VOIP companies, with varying levels of give-a-shit and spam detection capabilities.

Generally they are incentivized to let people self-serve on their platform - spin up quickly and start running traffic, or blasting spam, whatever. Especially if you're a small company, you're probably more likely to look the other way for a bit if someone is spending money on your platform, until regulators call, and you can be like "ok we looked into it and shut them down". Also you don't want to be overly aggressive, because what if a great customer comes onto your platform, loves the ease of setup, and starts running legitimate traffic, then you shut them down because they were triggered by whatever crappy spam heuristics your small company came up with, and the customer is gone to another platform where they don't have to deal with that.

Then the company/group running the traffic moves onto other VOIP providers until they get a bad enough name or push the envelope so much that no one will take them.

Then they just create a new "company" that no one recognizes the name of, and start again.

Honestly I think an open sourcing of spam detection heuristics and algorithms would be a massive help, but companies that are good at this obviously see it as a competitive advantage, just like the email space - for example if Twilio is great at keeping spam off their platform (no idea if they are, but they would have the most resources to do so), then all numbers registered with Twilio are less likely to get flagged/blocked downstream - all Twilio customers benefit. Twilio can say "any number you buy with us will be considered clean by downstream parties, no need to worry about getting flagged/blocked, then having to change the numbers you use for your business to communicate with customers, which could be saved in their phone already, etc."

The patterns spam takes vary wildly, often being specific to telecom laws and practices in specific jurisdictions, so it really is a tough problem. If an algorithm flags spam, you often want to then reach out to the customer and try to understand if there's a legitimate reason for the traffic patterns, etc. So there's a layer of customer relations beyond the algorithms that's also tough to scale.

[GoblinSlayer]

A simple solution: forward suspicious messages to a configured email address and let it be handled there.

[dvtrn]

Lately one doesn’t even need a SIM card, instead SMS via VoIP or a SIP trunk and bulk-purchased phone numbers

[account42]

> multiple orders of magnitude more (attempted) spam SMS

Are those actually spam messages or messages "detected" as spam.

[reginold]

I just saw this in another thread but: "label, not remove" is a better philosophy. I want to receive every message addressed to me.

Enable me to be the judge and get out of the way.

[noduerme]

There's already an opt-out legal framework in place for marketing calls. Mass sending SMS spam to opt-outs is illegal. Prosecute the crime. It makes zero sense to try to guess from content.

[seph-reed]

So put it in a spam folder.

If I had a spam texts folder that showed me everything I was being blocked from, I'd both appreciate it and not feel this massive breach of trust that things being sent to me are being completely ignored by a third party system.

The system that does this is absolutely primed for censorship, and we have no way to know it's not being used.

[duskwuff]

> So put it in a spam folder.

1) Neither the SMS protocol nor any phone I've ever seen has any mechanism to file messages in "folders".

2) Processing SMS messages and delivering them to subscribers has a cost. Doing so for high-volume junk messages would place a significant burden on carriers.

3) Most carriers used to charge subscribers for receiving SMS messages. Some still do! Charging subscribers to receive spam SMS messages would be, quite rightly, called out as inappropriate.

[tsimionescu]

I would add 4) feature phones and SIM cards have extremely low SMS storage capacities, around 100 or so max.

[sellyme]

> 1) Neither the SMS protocol nor any phone I've ever seen has any mechanism to file messages in "folders".

My phone (ROG Phone 3 w/ Android 11) automatically flags spammy texts into a "Spam & Blocked" folder, I assumed this was a stock Android feature - is it not?

[gsich]

1 and 2: true (to a degree, phones sort messages by sender which is a folder), but if a SMS already reached the provider they have the data. No need to send spam to the client. Instead display the SMS on some webinterface the customer can access. Or email it.

[seph-reed]

Then put it behind a config setting.

Or let me view it through some other means.

I'm not opposed to spam filtration as a user default, but doing so silently without any indication of what is being filtered or ability to verify it is working is not acceptable for such a vital messaging system.

[throwaway09223]

No, I'd just be filtering it client-side -- which is the only way it should work in the first place.

Providers should be legally prohibited from intercepting and dropping messages.

[dietr1ch]

I wonder if that's why he mentions "without a valid reason".

[ceejayoz]

"We get a lot of spam from those" would fall well within a vaguely defined "valid reason", I'd think.

(Most of my SMS spam comes from .info domains.)

[Spare_account]

>Most of my SMS spam comes from .info domains

Do you mean that the SMS messages contain links to .info domains?

[kafkaIncarnate]

I've personally noticed a lot of phone text spam being FROM email addresses recently. I think they are just abusing some feature in MMS, though, not SMS. It's weird seeing a list of phone numbers (usually SMS two-factor), some contacts' names that I have entered in, then a ton of random email addresses on my texting app (standard Android Messages app).

[ceejayoz]

Yes.

[thayne]

It's actually worse than that. It isn't blocked because of the sender or recipient, but because of the content. That would be like the postal service reading your mail and deciding that because of an address in the text of a letter, it shouldn't be delivered.

[weeblewobble]

Amusing analogy. The postal service's unwillingness or inability to do just that has severely damaged their utility. If the USPS had a junk-filtering option I'd sign up tonight. Perversely, the postal system seems to embrace junk mail (e.g. if you sign up for address forwarding the USPS sends you a fat envelope full of junk mail as a "confirmation")

[thayne]

I wouldn't. I mean sure, it would be nice not to get so much junk mail. But I personally don't think it is worth the risk of important mail like bills, tax info, new credit cards, etc. as accidentally getting flagged as spam. It also increases how much you have to trust the postal service.

[bogidon]

I like to chime in with this one when possible (due to a deep resentment for credit card offer spam). In case you didn’t know, you can opt out of the credit industry’s vast marketing machinery.

It’s a bit obtuse, as you’d expect from the bureaus, but I am thankful for this bit of regulation: https://www.consumer.ftc.gov/articles/prescreened-credit-and...

[tomc1985]

The USPS will likely not do anything to disrupt one of its largest sources of revenue

[mdavis6890]

The problem is that just receiving the message is in-and-of itself bad for the end user. It's not the volume you think (assuming the other poster is accurate about relative volumes) - it's far, far more. Imagine getting 1000 SMS/day that all have a "spam" warning attached, or worse, no warning at all. You'd just stop getting any value from SMS at all, and ignore it.

I mean, going back to the postal service - even the weekly pile of "here, throw this away for me." dead trees we receive (in the US) is mildly irritating. Imagine THAT x 1000!

I'm grateful for the silent block in this case. I mean, my social security number is being canceled, I'm about to be arrested by the IRS, the FBI found a suspicious package with my personal information in it and my car warranty (didn't know I had one) is up for renewal. And that's just this morning. What more can I stand? One of these days I'll press 1 out of desperation...

Also I hate govt/big-corp censorship as much as the next person, but none of this seems remotely political or ideological. And consider the alternative.

[rsync]

"I'm grateful for the silent block in this case."

That's not the issue - the issue is not alerting the sender that the message has failed.

It's not a big deal if the receiver never receives the message - we can find a different way of reaching out or fix the content problem or whatever. But we never find out. As far as the sender is concerned, the message succeeded.

This is a problem and the very bad spam heuristics employed by even the most competent actors (gmail, for instance) mean that anyone can be impacted by this.

[dcow]

Without any indication? How about

   WE THINK THIS MESSAGE IS SPAM
   _tap to read anyway_

[dspillett]

You missed the mentions of scale in the post you replied to (and elsewhere in the thread). Imaging needing to hit that or delete tens of times, maybe hundreds, maybe more, for every non-spam message you receive. You'd soon get sick of it. You'd soon accidentally delete, or otherwise miss, an important message in amongst the plethora of junk.

[xenocyon]

As a consumer, I can see both sides of this. On the one hand, I like energetic spam blocking without fear of legal liability, even if there are occasionally a few false positives. On the other, I do not want ISPs/telecoms to be the arbiters of traffic (net neutrality).

The net-neutral solution is for ISPs/telecoms to not spam-block, but rather have spam-blocking be an optional, additional, layer that the consumer can choose at will, or not have at all. But the problem with that solution is that it requires the consumer to do extra work to obtain spam protection, and the consumer would not be protected by default. It also means extra work by all parties delivering spam messages. Unless spam ceases or things otherwise change, I think the clunky solution we currently have is fine for the most part.

[dane-pgp]

> the consumer would not be protected by default.

Then make it set to "on" by default, and if more than 50% of customers switch it off then change the default.

I also think that this should be a requirement for social media. You should be able to opt out of separate filters for "spam", "misinformation", "breast-feeding", and whatever other reasons a social network has for banning legally protected speech.

[SllX]

In effect, sure, but in implementation these aren’t comparable. Postal services usually come with monopolies and mandates that ISPs, telecoms and email servers usually don’t.

USPS has a monopoly on first-class mail in the US and a Congressional mandate to deliver to every address.

[account42]

> telecoms and email servers usually don’t

Telecoms get a (local) monopoly on parts of the radio spectrum.

[SllX]

And they exist in competition with other telecoms who have different parts of the spectrum, wired service providers and Satellite service providers.

USPS has no direct competition for first-class mail and they have a monopoly over your mailbox (if you’re in the US).

[deepstack]

Yikes, sounds like censorship for whole TLD.