AWH Weblog » SPAMming the SPAMmers

SPAMming the SPAMmers

Matt Salloum Well, I have never eaten SPAM, but I have deleted a bunch of it. A few years ago, you may have been excited when you have received a new email. Now, you just wish you recognize the sender. SPAM email has become more prevalent in recent years and is one of the biggest pains to deal with. Unless you like adds for Viagra or “Get rich quick” emails. In this article, I will discuss exactly the types of SPAM, why they are out there and some things you can do to minimize it.

What is SPAM and how many kinds are there?

First, why is it called “SPAM?” It seems that this term came up from a Monty Python SPAM sketch; the sketch was set in a café where every item included SPAM meat. The chorus of patrons were singing the words “SPAM, SPAM, SPAM…lovely SPAM, wonderful SPAM,” thus “SPAMming” the dialogue. SPAM meat was also one of the few products not rationed during World War II, making it commonly available. Looks like the name took off from there.

Before we can tackle SPAM, we must first know the proper definition. Some of the definitions vary, but my favorite comes from Wikipedia, “Spamming is the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.” This pretty much sums it up; SPAM is a mass email about something you probably have no interest in, or an attempt to infect your computer with a virus, spyware, adware, etc.

How many kinds are out there? There are many different kinds, trying to do the same thing, annoy you. The most common and widespread is e-mail spam; here is a list of some others you might be familiar with:

Instant messaging
Usenet newsgroup
Web search engine
Spam in blogs
Mobile phone messaging
Internet forum
Junk fax transmissions
Image
Blank

As you can tell, SPAM is all over. Most of these are for recreational purposes and it is a shame that SPAM is ruining user’s experiences. You can read more about each of these here: http://en.wikipedia.org/wiki/Spam_(electronic)

How does it work?

You have probably been the victim of many SPAM mass emails; have you ever wondered what is going on? By examining how these emails get out; it is not hard to do, which is why there are so many. There is a simple “SPAM to do list” explained on spambloggers.com; this explains what one would do if they wanted to become a SPAMmer.

Procure initial capital.
Acquire a list of e-mails to which you will send out your messages.
Get at least one client that is willing to pay you in order for you to distribute their message.
- Figure out a way by which you will be paid by your client.
- Figure out how you will track the payment conditions.
- Setup the system by which you will be paid by your client, following the payment tracking conditions.
Create a system which you can use to distribute the message to the e-mail list.
Press Go

It is as simple as getting some money together and thinking up a product, or fake product to sell. Once you have that you can get a list of email addresses to send to. Just remember, if one per son will buy it, then many more will. If they pay using Paypal or another Internet pay portal, the money will come in without much work on your end.

I guess the next question anyone might have is, “Is SPAM illegal?” Well, for the most part no, but states have varying rules. SPAMmers are sending messages from outside the United States, which makes it much harder than creating a law. Sending someone a SPAM email is not illegal; forging another company’s software is illegal. This will be discussed in the next section.

People that got busted and stats on SPAM

SPAM has been around for some time now, there must have a few people that have been caught. Well, there are actually many, but I will explain two cases.
Ryan Pitylak - a 24 year old out of Texas, is known for one of the biggest spammers of all time. At his peak he was sending out 25 million messages a day and made between 3 to 4 million throughout his career. His emails offered mortgages and debt counseling, but in the end he paid a fine of 1 million and costly legal bills. He now clams to be an “anti-spam activist.”

Jeremy Jaynes - Spammer that Virginia and AOL put in jail. He made over $24 million on fake Federal Express refund kits. He was sending over hundreds of thousands of e-mails a day, with 10-17,000 replying each month. His kits went for $39.95 and was earning up $750,000 a month. He was sentenced to jail for nine years.

Here are some stats that you may think are crazy:

The first SPAM on record was in 1978 that was sent to 600 addresses. The first big scale SPAM sent was in 1994 that was sent to 6000 newsgroups. As of February 2007, 90 billion SPAM emails are sent per day. Jef Poskanzer, owner of the domain name acme.com, was getting over 1 million spam emails a day. It is estimated that 80-85% of all incoming mail is some form of SPAM. It was stated in 2006 that the SPAMming industry has cost the US over $10 billion in money, lost man hours and fixes to limit SPAM.

Interesting Cases
The first known SPAM attack was in 1978, read about it here: http://www.templetons.com/brad/spamreact.html

Star Trek vs. Star Wars - Star Wars fans invade a Star Trek chat room http://www.myshelegoldberg.com/writings/essays/spam.htm

With all that said, what can I do to decrease SPAM?

There are many things that can be done to decrease the amount of SPAM that you receive. The easiest way would be to customize whatever SPAM protection you are using on your mail server. A common product is called SpamAssassin; this product lets you create rules to keep you up to date with the newest attacks. You can give emails a scoring rating, ones that score too high will not be allowed through. This, combined with Outlook settings, will greatly diminish the emails you receive. Outlook will let you place all Junk emails into a Junk Folder, so only the emails you want will be in your Inbox. These programs do vary and it depends what kind of mail server you are running on. There are also other programs that you can run from your desktop that will scan incoming messages.

Another way to more efficiently limit the SPAM that you get is through a hardware appliance. The most popular one is called the Barracuda SPAM firewall. The setup is pretty straightforward; point your MX record to the appliance and setup the domain on the server. This appliance sits in front of your email server and will decide, based on its’ software, if the message it legit or not. If it thinks it is fine, it will let it pass through to the mail server; if not, it will block or tag the message for further review. There is a nice web control panel that will let you view all the messages received. If it blocks a message that it shouldn’t, you can manually deliver it through the web control panel. The only downfall is price, these units start around $1500.

SPAM is a growing issue and will continue to get worse. You can keep up with the times, or surrender to hundreds of unwanted emails a day. The major email providers seem to be getting a grasp on SPAM (gmail, hotmail and msn); but if you want your own domain, there is a bit to consider. You could go software or hardware protection and try to customize that to your liking. There are different ways to go, look around and see what works best.