O'Reilly logo

Spam Kings by Brian S McWilliams

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The Education of an Anti-Spammer

Susan Gunn's first personal computer seemed preloaded with an endless supply of junk email. Almost from the moment she first signed on to America Online, even before she had given her newly minted email address to friends and relatives, Gunn began receiving electronic messages from total strangers who wanted to sell her all manner of products she didn't want, including pornography, body-part enlargement, and software that would enable her to enter the exciting and rewarding business of junk email.

Who are these people and how did they get my address? wondered Gunn, a resident of Stanton, California, a small, palm-tree-studded city built on land originally intended as a sewage farm for neighboring Anaheim. Gunn had bought the PC ostensibly to computerize some of her work as the property manager of a condominium complex owned by her father. But for Gunn, divorced and in her mid-forties, the computer was also a link from her sometimes too-quiet home office in the gated community to the brave new world known as the Internet.

It was late 1998. AOL had recently acquired its rivals Netscape and CompuServe and boasted around 15 million members. The dot-com bubble was still inflating rapidly, as new users such as Gunn swarmed online and began making purchases. But e-commerce wasn't only being conducted by high-profile dot-coms such as eBay, Amazon, and Yahoo!. Entrepreneurs of all types were trying to cash in on the information superhighway, including, apparently, the anonymous folks who had somehow gotten her email address, which they felt entitled them to barge through her virtual front door whenever they wanted.

At first Gunn blamed AOL for the messages. She assumed the online service had sold her name as soon as she signed up. But when she phoned the company to complain, a customer support representative assured her that was not the case. The rep said to forward any unwanted messages to a special email address, and AOL would investigate. For a few weeks, Gunn dutifully obliged, but the junk email kept on coming. In some cases the incoming spam stated that if she wanted to be removed from the sender's list, she needed to visit a special web page and type in her email address. But that had no effect. And whenever she hit the "reply" button and told the spammers to knock it off, her replies went unanswered or were returned as undeliverable. Either the return address on the original message didn't exist, or the mailbox on the other end was crammed to capacity.

Gunn's previous computer experience had consisted of plugging numbers into spreadsheets during a stint in an accounting firm. So she had no way of knowing that her mysterious spam problem was likely a consequence of having wandered into AOL's online chat rooms while they were being harvested by spammers. Using special "spambot" programs, junk emailers were able to pluck thousands of AOL addresses out of the service's chat rooms in minutes. Similar harvesting programs were designed to automatically scour web pages and online bulletin boards looking for telltale "@" symbols and add the addresses to a database.

Then again, Gunn might have been the target of a dictionary attack, a technique used by junk emailers to guess their way into Internet users' in-boxes. Most spam mailing programs could blast out millions of messages to automatically generated addresses. By compiling various combinations of common names and numbers, followed by the domain of a big Internet service provider, such as "@aol.com," spam software could generate a small percentage of actual working addresses.

Little did Gunn know that by replying to junk emails that arrived in her in-box, she was actually making the problem worse by confirming to the senders that they had found a live body, thus becoming what is known to junk emailers as a "verified" email address. Because she had responded, it was likely that her address had been added to mailing lists marketed to other spammers. She even received a junk email advertising a CD-ROM claiming to contain 91 million verified email addresses (almost one third the population of the United States). Spammers, it seemed, had no use for target marketing.

Gunn wondered if there was some official agency charged with dealing with spam complaints, such as a Better Business Bureau for spammers. She asked about it in an AOL chat room where PC users could get real-time help for their computer problems from more sophisticated users. No one there had heard of such an agency, although someone provided her with an email address at the Federal Trade Commission to which she could forward copies of spam.

"Frankly, I just delete the stuff. It's not worth the trouble to report it," he told her.

But Gunn wasn't able to ignore her junk email problem. The type who went ballistic over people who litter, she would chase down and give a tongue lashing to anyone who tossed a crumpled up McDonalds bag on her property. To her, spamming was the same kind of anti-social, selfish act. In their efforts to reach a handful of interested customers, bulk emailers were blithely leaving their trash all over her part of the Internet. But the cowards, with their fake return addresses, left Gunn no way to run them down and share a few choice words.

One self-proclaimed computer expert on AOL suggested that Gunn get advice from an Internet bulletin board frequented by Internet system administrators and other sophisticated computer users united in their hatred of spam. The group was known as Nanae (pronounced NAH-nay), short for "news admin net-abuse email," and was one of the thousands of topics available from a free Internet discussion service called Usenet. Using a program called a newsreader, which was also built into the AOL software, Usenet participants around the world were able to read and contribute to online discussion newsgroups dedicated to everything from raising ferrets to practicing Far Eastern religions.

"But watch your step. There can be some real kooks in Nanae," he warned, noting that angry spammers sometimes dropped in on the newsgroup too.

By early 1999, the ratio of junk to legitimate email had made Gunn's AOL mailbox practically unusable. Fed up, she decided to pay Nanae a visit and seek advice. At the start, she treaded cautiously, reading but not joining the discussion. (One of the first messages she read warned that Nanae denizens did not suffer fools easily: "Wear your flame-proof underwear...never go Nanae-ing without 'em!") Unlike some hobby-related Usenet newsgroups she had frequented in the past, Nanae was very busy, often receiving hundreds of new postings every day. Some of the participants used their real names, but many posted under aliases such as "Dark Jedi," "Sapient Fridge," "Morely Dotes," and "Tsu Do Nimh." Most of the Nanae folk seemed to be men, although there were apparently a handful of women who frequented it as well. Few seemed to be fellow AOL users and instead posted their messages from obscure Internet service providers (ISPs) she had never heard of.

It wasn't clear to Gunn what exactly these people did for a living. From the technical jargon they slung around, she assumed most were either computer programmers or longtime Internet users. A few seemed to be fighting spam in an official capacity as system administrators: an anonymous user who went by the online alias Afterburner, for example, ended all of his postings with a signature line, or sig, that stated he handled spam complaints for Erols, a mid-sized ISP in the Washington, D.C. area. Later, she learned that Afterburner was one of the chosen few Nanae regulars who had received a Golden Mallet Award, a tongue-in-cheek honor given to longtime spam fighters for meritorious conduct. A special site known as the Pantheon listed the names of recipients and featured an illustration of a large gilded hammer smashing down on a map of the world.

Nanae had no official charter as far as Gunn could tell. The closest thing she could find to a mission statement was a message posted by Afterburner that summed up Nanae's purpose as "a cathartic release mechanism and a clearinghouse of info." Most of the postings contained businesslike reports of spam sightings or matter-of-fact complaints about ISPs that were slow to deal with spammers using their networks. But some messages were playful, such as one she spotted with the subject line "Confirmed Kill," which gleefully reported on an ISP that had responded to complaints by cutting off service to a junk emailer.

While Gunn easily picked up the Internet lingo used in AOL's chat rooms and instant messaging programs—overused shorthand such as LOL for "laughing out loud" or BRB for "be right back"—she was unprepared for the jargon in Nanae. The private slang of participants apparently wasn't developed for speed typing so much as to solidify spam fighters as a clique, or at least to add humor or spice to their postings. Several messages discussed the proper way to use a LART—code for "loser attitude readjustment tool," which she learned was another name for an email notifying ISPs of customers who were spamming. A LART was also referred to as a "mallet," since it was sometimes used to clobber delinquent ISPs into action against spammers. (Hence the Golden Mallet awarded to top anti-spammers.)

The newsgroup was also full of talk about UCE (unsolicited commercial email) and of spammers who were violating the TOS (terms of service) or AUP (acceptable use policy) of an Internet service provider. (Almost all ISPs specifically forbade their customers from sending spam.) Other postings discussed the various ways to munge one's email address in Usenet postings—such as by adding the phrase "nospam" next to the "@" sign—to thwart harvesting efforts by spammers.

Especially puzzling were messages whose subject lines were prefixed with the letters C&C. One poked fun at Alaska Senator Frank Murkowski, whom the message referred to as a "Congress critter." In 1998 Murkowski had proposed legislation governing bulk email, and many Nanae participants were vehemently opposed to the bill, fearing that it might actually legitimize some forms of spam. Weeks later Gunn learned that C&C was Nanae shorthand for "coffee and cats" and was a warning to others that a humorous message followed that might produce sudden laughter and thus the spilling of coffee and upsetting of cats near the reader.

After following Nanae discussions over the course of a few days, Gunn stumbled onto a web site that contained answers to common questions about junk email. The spam FAQ (frequently asked questions), as Internet gurus called it, provided a gold mine of information on how to analyze spam messages to determine the true Internet address of the computer that sent them. There were also tips on how to track down the owners of web site addresses or domains by using a service known as whois, which provided phone numbers and other contact information for the individual who registered the domain. Gunn also read up on how to file a complaint with an Internet service provider when one of its customers was sending spam.

But perhaps the most important anti-spam weapon she discovered was a specialized Internet search engine called Deja News. Gunn had been using AOL's search service, as well as a site called Google, to find material published on web pages. But Deja News was different; it gave users the ability to search a complete archive dating back to the 1980s of nearly every newsgroup in existence, including old Nanae discussions. For spam trackers, the newsgroup search engine enabled them to sift through old spam sightings and determine, for example, whether a spammer was a repeat offender, or whether an ISP had been warned in the past about chronic spammers. (Deja News was acquired by Google in 2001 and renamed Google Groups.)

But, as Gunn soon discovered, junk email opponents didn't confine themselves to filing complaints with ISPs. Some also resorted to more militant tactics.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required