Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

Review Part 2: Spam Kings

Review Part 2: Spam Kings

  • Comments 6

I'd like to continue on in my review of the book Spam Kings and make some more comments, particularly regarding the antispammers.

One thing that I really liked about the book is learning the history of some of the spam tools.  I was never a participant on NANAE (news.admin.net-abuse.email; a USENET newsgroup which discusses e-mail spamming), that was before my antispam time.  But I was intrigued by its history.  People would gather together and discuss spammers and tools for stopping them, and sometimes spammers would stop by and the flame wars would ensue.

NANAE was sort of a self-policing forum where the mature members would discuss techniques.  In one incident, some antispammers broke into a spammer's web site and shut it down or rendered it unusable.  In other words, they hacked in and broke it.  On NANAE, some of the senior members would reproach the actions and say that anti-spammers should not use such unethical actions.  They hold the moral high ground so they should not revert to illegal actions.  Such appeals to reason usually went unheeded by most of the rest of the community, and I think I agree with the rest of them.  I would personally never resort to such tactics, but in the world of spam, spammers are absolutely ruthless.  As Spammer X says, the recipient of his spam doesn't get a choice whether or not they want to receive it.  If spammers are going to behave unethically, then turnabout is fair play.

I liked the stories of how the anti-spammers got started.  They would receive spam in their email inboxes and would hunt down the spammer who sent it and harass them mercilessly.  Eventually, many of these people would join organizations dedicated to fighting spam.  All I can say to this is God bless Steve Linford, the guy who started Spamhaus.  That's a very good web site and belongs in any anti-spammers' toolkit (and I consider myself a part of that group).  Other blacklists like SPEWS I had only heard of.  Now I know its history and why there was a bit of a controversy surrounding it.

Some anti-spammers became so good at "harassing" spammers that eventually spammers created a Do-Not-Email list containing their email addresses.  The thinking went that considering the headache the antis would probably generate, that would outweigh the benefits.  So, spammers would send these lists around to each other and scrub their own lists from these people.  Personally, if my name were on that list, I would feel pretty good about making it.

All in all, Spam Kings was an enjoyable read.  When I got done, I wondered how accurate it was.  It's probable that most of the stories are more-or-less correct, but the book was published in 2004 and events in the book span 1997-2004.  So, some events that take place long in the past likely have some historical errors since nobody can remember details exactly.  It doesn't matter though, I got enough out of it to overlook any minor errors and I now have greater insight into the history of spam.

Leave a Comment
  • Please add 8 and 4 and type the answer here:
  • Post
  • PingBack from http://msdnrss.thecoderblogs.com/2007/11/26/review-part-2-spam-kings/

  • I made the mistake of revisiting NANAE the other day.  It hasn't changed much since I last visited (around y2k I guess).  If anything, some of the saner voices have left.

  • I've never visited NANAE, but I have gone on some discussion boards over the years.  Those can get rather nasty sometimes.

  • "and sometimes spammers would stop by and the flame wars would ensue."

    And sometimes pseudo-anti-spammers would flame genuine anti-spammers and minor flame wars would ensue.

    "eventually spammers created a Do-Not-Email list"

    But it didn't last long.  Intentionally large floods of spams against the same list could bring more benefits to the spammers than refraining could bring.

    '''It hasn't changed much since I last visited (around y2k I guess).  If anything, some of the saner voices have left.'''

    Yup.  It's usenet.  The pseudo-anti-spammers and their partners the real spammers have won the day.

  • USENET.   man, that stuff was insane.    i remember first intro to the internet circa 1996, and getting on USENET.   I made the stupid noob error of posting with my real email address in plaintext.

    don't do that.

    :-P

  • In 1984 it was customary to post with real e-mail addresses in plaintext.  We recognized why some people occasionally had to post some things anonymously (especially after Eastern European countries connected) but ordinarily it was considered unsociable to use the kind of handles that were common in ham radio.

    Spamming was illegal in those days.  It wasn't something we had to think about at the time.

    I think those addresses still get tons of spam every day even though most of those addresses haven't existed for the past 20 years.

Page 1 of 1 (6 items)