PGTS PGTS Pty. Ltd.   ACN: 007 008 568               Mobile Version Coming Soon

point Site Navigation







Valid HTML 4.01!






   Give Windows The Boot!
   And Say Goodbye To Viruses!

   Ubuntu

   If you own a netbook/laptop~
   Download Ubuntu Netbook!





Reducing Spam Rage.

By Gerry Patterson

The cyber variety of spam does not have the calorific content of the pork meat variety. So it shouldn't be bad for your health. Still, it does seem to put stress on some Internet e-mail users. Be careful that you don't surrender to Spam Rage. This could lead to apoplexy, which would be bad for your health.

The reason for the intense emotion is possibly because of the sense of personal space that users attach to their inbox. This leads to resentment towards intruders.

As well as inflaming passions in the hearts of e-mail users, spam is surrounded by many Internet myths. This article attempts to examine some of the most widely held myths about spam.


The Origins Of Spam.

Note: There are follow-ups to this essay (4).

The term spam is generally thought to have originated from the well known Monty Python Spam sketch. Like so many of their studies in absurdity, the original intent of the skit remains obscure. The legendary British comedy team may have been sniping at trans-Atlantic gastronomic habits and food technology. Most likely it was just another bit of Python insanity. In any case the adoption of the term has been almost universal, and despite trademark and patent laws and a possible rear-guard defence of the original meaning of the word (1), the alternative cyber definition may eventually supersede the original brand name for a luncheon-meat made from pork and spices. My advice for Hormel Foods, the owner of the trade name, is surrender now! Consider changing the name of your product.

The topic of spam, the cyber variety, has recently received a lot of attention in the mainstream media. And there are some common misconceptions which have been widely publicised, namely:

None of these assertions are true. And yet they are a mainstream staple. Of more concern is the fact that they appear to be common Net Folklore (which probably explains why the mainstream media continue to propagate them). I will examine each one of these misconceptions and refute them. However before I do I would like to define my terms.


Definitions

During this article I will use the following definitions:

Ok, you can tell that I have been a systems analyst, I divide everything up into numbered categories. However, there is a reason I wanted to get those definitions out of the way. It is because many Internet citizens confuse them. The first two categories are, in my opinion, legitimate forms of commerce. Or at least they are when the sender observes the normal conventions of netiquette. The people engaging in these activities are just trying to make a living. If they are professional, they will respond promptly and courteously to any replies and they will desist from transmitting when requested. In the past, I did not receive e-mail in the first category. However, since I started my own site, I do. Most often from people asking me if I have work for them. Since I run a site that deals with technical issues, this correspondence is often from out-of-work programmers or analysts (ominous sign).

In general, if category one correspondence is genuinely targeted, it will reflect the focus of your own site.

I don't get upset by category one correspondence (UCE), provided it is brief (less than 4K) and text only. It represents an opportunity to say hello, and thanks but no thanks, and perhaps you might like to avail your self of some of my services ... blah blah blah yada yada yada. (After all we're all trying to sell something). It only takes a few minutes. In any case UCE is the only way for one party to introduce themselves to another party apart from ringing them or writing them a traditional letter. Category one or UCE can become spam when the sender pesters the recipient and persists in sending despite protests from the recipient. However it is uncommon, for reasons I will elaborate on (below).

Category two e-mails can be an effective means of communication. I subscribe to quite a few of these. They can be informative, and most of them are worth at least a glance. If they are not, I opt out. If the owner of the list does not honour an opt-out request, steps can easily be taken (more about these later).

The MAPS (2) unofficial definition of spam, is much less generous to the sender. However my definition is made from the point of view of someone who administers his own domain. And I like to give the sender a bit of leeway. How else are the wheels of commerce going to keep turning? There is however a category of spam that tries to slot itself in between the gap between category one and category two. This takes the form of uninvited general e-mail. That is it has not been directed to you personally. This type of e-mail can be problematic. It only becomes offensive if they do not desist when requested.


Spam Myths

Having said that, let's get a detailed consideration of those spam misconceptions, as outlined above.


What Do I Do If I Don't Run My Own Domain?

Now having said all of that, I must admit that this has been written from the point of view of someone who runs his own domain. Or at the very least a knowledgeable user, who has access to a friendly and competent sysadmin in charge of the domain. I realise, however that many Internet users depend on ISPs to administer their domains. If this is the case it should be up to the ISP to maintain the blacklists for the domain.

As I said it seems to me that genuine spam is in decline. I found it very difficult to track down genuine spam. And even the spam that was genuine by my definition seemed to be test spam or actually advertising spamming services. In the mid-nineties it was the hostility towards spammers, that drove them to start using bogus headers to try and avoid detection. Now that the hostility has ramped up, some operators may be switching back to category one and category two e-mail. The users who are most vulnerable to impolite category one and two e-mail are those who access their mail box via large ISPs who do not adequately protect them.

Also, as far as I can tell, spam seems to be prevalent in the USA, where it seems some organisations still haven't got the message about spam.

Since I am the owner and administrator of my domain I can decide to blacklist a known address and within a few seconds carry out that decision. I will concede that a large ISP may need to proceed with caution. Upon receiving a complaint from a member, it would be advisable to investigate the complaint to see if it is genuine. In the USA, where people reach for the lawyers quicker than they reach for their guns, it might be prudent to issue a "notice to show cause", before blacklisting an offender who uses an officially registered company. Still, I can't see why the whole process can't be wrapped up in a week.

Before you start complaining too loudly to your ISP, verify that your ISP is indeed the administrator of your domain.

If your ISP is the administrator I think they should act on your complaint. And remember, if you send samples of the e-mail to a sysadmin, Make sure you include the headers. This is always difficult to explain to PC users. Whenever I ask for headers, I usually have to ask at least twice. Most MUAs have an option to view the headers. You may have to search the menu system to find it, and use cut and paste to include the headers with the mail. If you can't find it, try searching the web for instructions on cutting and pasting the headers from your MUA. For those unfortunate enough to be saddled with Microsoft Outlook, you can find it in the properties menu (right click with the mouse). Actually the best thing you can do for your PC (and your security) is change your MUA.

If your provider can't or wont help, you could email the sender's service provider, and inform them that one of their members is misusing an account. Some people recommend that you do this anyway. However this only works if the sender's provider is diligent.

Also there are filter programs that can be added to your MUA. And some MUAs include filters. However, this sometimes means that you are downloading all or part of the e-mail to your PC before you decide to trash it. As I said earlier, the place where the spam should be blocked is at the mailhub.

You could always consider finding yourself a new ISP.

Before ditching your provider, you might want to try the Mail Abuse Prevention System (MAPS) (2). MAPS have a definition of spam that favours the recipient more than my definition. And they do make a good case for using a definition that is tougher on the sender. Going through MAPS, it is possible to have persistent offenders "blackholed", which is like a more widespread version of blacklisting. Although in the case of a single known source, it would be like using an anti-aircraft battery to shoot a sparrow. Still MAPS might give your recalcitrant provider a kick in the bum. Generally speaking it should not have to go this far. Your provider should act on your complaint.

Notice that when I talk about blocking mail, this applies to impolite category one and category two email. This could be considered spam by the MAPS definition. If I receive an email that tells me I have been placed on mailing list, and I had never previously contacted the sender nor asked them to place me on a list, then my usual response is to add them to my blacklist.

The definition I have used for Genuine spam refers to email that uses bogus headers and possibly a short-lived entry in DNS which may only remain active for the duration of the spam session. This makes it very difficult to block if the spammer keeps changing the headers and the content. It also makes it practically impossible to use as a platform for commerce. In fact the only purpose of this type of spam seems to be to demonstrate how tricky and slippery the spammer's system is. It does not seem to have been thought through as a commercial enterprise.


Case Studies

As research for this article I had to go in search of spam. This proved very difficult to find. I asked friends for samples of spam, and I searched my laptop for some spam that I had received in my Ozemail inbox. I carefully read the MAPS procedure for "blackholing" spammers, and like a kid with a new toy went looking for a bad guy to blackhole. Based on the lists I had been given, I drew up a suspect list and e-mailed them, daring them to send me spam.

I got no replies from the suspect list. This may be because they were all genuine nice guys, in which case I apologise for my provocative messages. Or perhaps they feared that anyone who sends such cheeky messages might be armed and dangerous.


'EMail-IT' True Stealth System

One of the samples I was received from a friend was genuine spam. There were no headers, so I could not determine who had relayed the message. This was sent to xxxxx@mydomain.com.au (name withheld). Here is the text:

From: xxxxx
To: xxxxx@mydomain.com.au
Sent: Saturday, June 15, 2002 7:22 AM
Subject: 6/14/2002 5:22:51 PM


Dear xxxxx ," ,"
--------------------------------------------------------------------
    Targeted E-mailing List Services
--------------------------------------------------------------------
    Home of 'EMail-IT' True Stealth System
    Ph: 407-539-0615
    Our email campaigns are producing trackable results for less than half
    of what you would normally pay! Targeted Opt-In Emailings about 3.5
    cents each on average.

	  Targeted Opt-In Mailings
	  Tailored for your individual needs. Highly targeted E-mail
	  "Opt-In" and Postal Mail campaigns.
	  Included in every campaign at no extra cost:

	  Design of your broadcast message including Graphics,

	  Conversion to HTML and Hosting.

          Opt-In List Generation/Management: We can help you generate your own opt-in lists or manage your current lists for
          a fraction of what you would pay a broker. 100% List "OWNERSHIP" !

	  Web Site Design: Let us design your private marketing site.

	  News Letter Promotions: Promote your company through monthly newsletters.

	  RECEIVE THE GREATEST RETURN ON YOUR MARKETING DOLLAR

	  Targeted Messages Delivered
	  Base Price

	  500,000 Messages $1,750
	  1 Million Messages $3,399
	  2 Million Messages $4,499
	  3 Million Messages $7,799
	  5 Million Messages $12,299
	  10 Million Messages $16,899

          "Companies who outsource their e-mail marketing operations actually have a better conversion
          rate (6%) than companies that do not (1.4%)."
	  More info: 407-539-0615

   Fresh Email Addresses
	  The key to a good return on your email campaign is NEW addresses.
	  Our automated servers harvest new addresses around the clock. We offer lists as a direct purchase or as a monthly service.
	  250,000 e-mails $100.00
	  500,000 e-mails $125.00
	  1,000,000 e-mails $200.00
	  5,000,000 e-mails $400.00

	  407-539-0615

	  Monthly Service 150.00*
	  Includes: 4,000,000 e-mails/month
	  'E-Mail-IT' Cloaking Software Updates
	  FTP Access
	  URL Cloaking Software

	  *Three months required, lists and software download from our FTP server.

   Email-IT CSC Proxy Service
	  Send your e-mails directly through our servers.

	  Our in house 'Email-IT' True Stealth System is based on Unix know-how sending technology,
	  providing real anonymous instant delivery.
	  Forget problems with ISP 's your IP address will never be shown in our e-mail headers.
	  You send directly into OUR servers which then send your mail out to the world, FAST!
	  FAST! FAST! FAST!
	  Use your CABLE or DSL connection for mind blowing SPEEDS!

	  'Email-IT' Pricing is based on number of e-mails you can send
	  monthly. You only pay for what you send successfully!
	  Priced from $400
	  407-539-0615

    Safe Bulk Email Software
   	  Don't worry about losing your ISP again.
          Our NEW software system goes beyond open relays and desktop servers.
	  This is NEW and it is the ONLY software of it's kind.

	  'EMail-IT' Home & Office Kit Includes:
	  Stealth System Software
	  Bulk Mailer
	  List Manager
	  Email Extractor
	  Daisy Chain Connector
	  WWW URL Cloaking Device
	  1 User License and Key
	  2 Instructional Cd's
	  1 'EMail-IT' Owners Manual
	  1 Full hour walk through of your installation and set up!

	  Also includes: Complete How To Files & Telephone Support*

	  Price: $475
	  Fedex shipping included!

	  407-539-0615

	  Order now and we will start you off with 100,000 fresh email addresses.

	  *Telephone Support Free for first 30 days only.

To me the most significant fact about this spam is that it is advertising spam. This suggests that business may not be good for this spammer.


Government Grants E-Book 2002 edition

These started appearing in my ozemail account earlier this year. There have been four of them so far. Unfortunately I deleted them. I managed to recover two of them from my laptop hard disk. Other spam has been from "Abigail" and "Scott". I keep the ozemail account because I may need dial-in access from time to time. Ozemail were taken over by Worldcom in 1999. So Ozemail's future is a little clouded at present.

Judging from the timezone on the original message, the server that took this message lives in South Australia. It arrived on: Tue 14 May 2002 06:59 GMT.

The following is the text of Lisa's message (rendered by lynx):

______________________________________________________________________
                Government Grants E-Book 2002 edition
                 You Can Receive The Money You Need...
  Every day millions of dollars are given away to people, just like you!!
  Your Government spends billions of tax dollars on government grants.
  Do you know that private foundations, trust and corporations are
  required to give away a portion of theirs assets. It doesn't matter,
  where you live (USA ONLY), your employment status, or if you are broke, retired
  or living on a fixed income. There may be a grant for you!
______________________________________________________________________
  ANYONE can apply for a Grant from 18 years old and up!
  We will show you HOW & WHERE to get Grants. THIS BOOK IS NEWLY UPDATED WITH THE MOST CURRENT INFORMATION!!!
  Grants from $500.00 to $50,000.00 are possible!
  GRANTS don't have to be paid back, EVER!
  Grants can be ideal for people who are or were bankrupt or just have bad credit.
                       Please Visit Our Website
               And Place Your Order TODAY! CLICK HERE

   We apologize for any email you may have inadvertently received.
        Please CLICK HERE to be removed from future mailings.

This was genuine spam and judging by the headers of the two specimens I retrieved, it would be difficult to block. It appears that the spammer generates unique e-mail addresses, unique source IP addresses, and unique URLs for every spam batch. The URLs probably only stay alive for a short period of time. (They were all cold when I investigated them). I hardly use the Ozemail account. However it might be possible to discover which DNS is hosting the URLs and maybe use traceroute to discover the upstream supplier. This would have to be done immediately the spam was detected. In any case the toolkit that this spammer uses seems to be sophisticated.

However, I do see something odd about this e-mail. It appears to be complete bullshit. I am not familiar with the government grants in the USA. I know that it is a very wealthy country, but I find it difficult to believe that any tier of government in the USA is giving away grants of up to $50,000 to residents who are broke, unemployed and/or bankrupt and/or a bad credit risk. Somehow this e-mail does not ring true. So this raises the question. What is the purpose of this spam? Is it just sucker bait? Is there a malicious payload? Or is it a test of the spammer's systems.

I suspect the latter, although I don't know for sure. If this is true, it means that this spammer doesn't have many customers either.


Herman Blockage

I was at the system console when this one came in. Here are the notes that I took at the time:

Date: Tue, 11 Jun 2002 14:03:08 GMT
    Received an email from Herman Blockage (leafilterlist@yahoo.com).
    The message was sent to gerry in HTML, the subject was an inane
    message about clearing my gutters. It could be a prank?

Date: Tue, 11 Jun 2002 14:07:37 GMT
    Second message from Herman sent to sales. Out of curiosity I checked
    it with lynx (see below). It had a humorous opt out message: "Remove
    me you moron!". I was almost tempted to try it. After all, it was
    only an e-mail. Coming from yahoo with such a message, it has to be
    spam. I decided to ignore it. And wait for further developments

Date: Tue, 11 Jun 2002 14:18:22 GMT Third, and as it would turn out, the
    final message from Herman. This one sent to feedback. I was now
    certain that it was spam, probably excavated by one of the
    suspicious robots that had visited my site. (See Parsing
    Logfiles with Perl). These three e-mails are all displayed on my site.
    Nevertheless, I replied, asking him if he was human. This was only to
    verify if the address was real.

Date: Tue, 11 Jun 2002 14:50:33 GMT
    Message from MAILER-DAEMON@yahoo.com.
    It came as no surprise that the account was over quota. I added
    Herman to my blacklist. Not that I ever expect to hear from him
    again.

The following is the text of Herman's message (rendered by lynx):

    Leaffilter gutter guard makes it impossible for
    a single pine needle, or even a grain of sand,
    to enter your gutter!  It's impossible for a
    Leaffilter protected gutter to clog!

    Which means: No More Dirty Gutters!
    EVER!  No streaking, no clogs, no nothin'...
    Nothing but water ever gets in.

    After 3 years, and thousands of installations by
    more than 120 dealers nation-wide, Leaffilter has
    yet to allow a single gutter to clog.

    To see America's best gutter guard up close, click anywhere
    on the hidden image below:  (please allow for 20 second
    downloads, you'll be glad you did) J
    [image001.gif]
    ________________________________________
    This message is an unsolicited advertisement of Leaffilter. We
    apologize if it has caused an incovenience.  If you wish to be
    removed from the Leaffilter mailing list, click here:
    www.leafilterhutch@yahoo.com and type: "Remove me you moron!"
    then click "send", (or you can just type: "remove"). J

    You may also call 1-877-559-7411

This message also does not ring true. Ok, there might be a product called leaffilter in the US, and if I was a resident and I knew for certain that 1877 numbers are charged to the receiver, perhaps I would make a long telephone call to check it out. Still, if my suspicions are correct and it is bullshit, why was it sent? Perhaps it was a prank? Also if it only applies to US residents, why send it to someone in the .au domain? I looked at the source code with vi. It has been written by Microsoft Word and the URL which appears in the rendered text as: www.leafilterhutch@yahoo.com is indeed coded as: <a href="http://www.leafilterhutch@yahoo.com">. All of which suggest that it is indeed a test. It also leads me to conclude that Herman is not very knowledgeable about the Internet.


e-host.cjb.net

This one arrived from ratesnow4you@msn.com (a bogus address). It purports to be offering me a 2% mortgage

		     LOWest MORTGAGE RATES


 BAD CREDIT........NO CREDIT........NO INCOME........NO ASSETS


 Why pay the high rates and extra points that the banks charge?

       WE HAVE THE LOWEST RATES IN THE MORTGAGE INDUSTRY.


	      CLICK HERE FOR YOUR FREE RATE QUOTE!


		      We Honor ALL Removes
	   To be Removed from our mailing lists visit

			   CLICK HERE

The URL for the remove was http://e-host.cjb.net/remove. This URL no longer exists. The URL for the Mortgage quote is: http://12.99.255.153/mortgage/mailer3. This is a genuine URL. So on the face of it, this seems to advertising a genuine service. This claims to be specific for the US market. Why then has it been sent to the .au domain? In any case if I did live in the US, I would be very suspicious of anyone claiming that they could give me a loan at 2% interest with no security. My next question would have to be "Is that 2% per annum or 2% per day?".


Conclusion

The genuine spam I found was all from the USA and did not even seem to be from a bona fide advertiser, with the exception of the low mortgage, which seemed to be a scam of some sort.

There used to be a school boy jape, which consisted of a bogus phone call:

Caller: Do you live on the Railway track?
Callee: Uhmm, Yes ...?
Caller: Well you better get off, there's a train coming ... (sniggers and hangs up the phone)

These paltry offerings of spam seem to be on a par with this type of humour.

The Category 1 email that I have received since setting up my site, has been polite and the sender would not follow-up unless I reply.

The Category 2 email that I tested, honoured opt-out requests promptly.

These few samples of genuine spam seem to suggest that the spammers can't find clients.

All of these concur with my impression of the realignment of spending patterns that seems to have taken place in the last 8 months or so. There are now less stupid people with large amounts of money to throw away on worthless Internet marketing promotions. Now that the Internet ship has foundered and the sharks of recession are circling, we can be thankful that we have spammers on board. They can be in the first batch of unnecessary ballast that gets thrown overboard. Smart commercial operators already realise that only specifically targeted marketing campaigns can succeed. Furthermore if they do not have permission from the recipients, they are more likely to antagonise their audience than inform them.

The Internet users who are most at risk from spam are those who rely on large ISPs that do not maintain adequate access lists for their domains.

Hopefully, large ISPs will realise that it is in their best interests to look after their customers. Otherwise they will lose them.


BIBLIOGRAPHY:

  1. Believe it or not, spam (the food), has its' adherents. A link at www.cs.berkeley.edu/~ddgarcia/spam.html used to be one of them, but is now broken. Nevertheless, the new definition is the unofficial standard. Soon it will be official. This is not to say that it is always impossible to reclaim a word that has been hijacked. There is some evidence that the word hacker may be reclaimed by the original hacking community. This is a special case, since the word was hijacked by the mainstream media, and hackers were cyber-culture insiders. Any attempt to reclaim spam is a lost cause.
  2. My definition of spam is much more rigid than MAPS, whose definition of spam, leans heavily in favour of the recipient. In fact, I agree with their definition for the majority of Internet users who may be relying on large ISPs to maintain the access lists for their domain. However I think MAPS should go easy on any source of category two e-mail, that includes clear opt-out instructions, and that honours opt-out requests promptly.
  3. There has been a trend towards populism in Australian politics. In an attempt to be seen to be doing something rather than actually doing something, there have been numerous attempts at censorship of Internet content in Australia.
  4. Since I wrote this article, I have been forced to revise these assumptions. There is far more spam around then I suspected, and to date there does not seem to be signs of a significant decrease in the amount of spam. If anything it seems to be increasing. So perhaps I was premature in predicting its' imminent demise. There is a follow-up essay on this topic entitled Spam Sauce, in which I eat some sauce along with my words. In another follow-up article entitled Spam Turkey Bastards, I postulate an additional explanation for the intense dislike of spamming. Finally A Few More Inches, examines the roll of spam and scams with regard to Internet porn. It seems that some industries do derive a significant benefit from spam. Also rather than being driven out of business by the new economic ciurcumstances it seems there may be a trend for spammers to turn "professional". This may in part be due to increasing unemployment in the IT sector. The new breed of professional spammers seem to be mostly based in the USA, and they display energy and imagination in the way that they are able to utilise global resources for their enterprises. For this reason, I stand by the assertion that Legislation Will Not Work.