Revelations from a reformed spammer

By Christine Polewarczyk, Editor 30 Jun 2005 | SearchExchange.com

Digg This!     StumbleUpon     Del.icio.us

Continuing from part one of this two-part article, Spammer-X, reformed spammer and author of the book, Inside the Spam Cartel, answers more of your spam-related questions.

SearchExchange.com member: What do you think about Bill Gates declaring spam will end inside of one year?

Spammer-X: I say Bill is just angry about getting so much spam himself. I would like to see him stop all spam within a year. That's like saying Windows won't crash. Yeah right. I don't think spam will stop anytime soon.

SearchExchange.com member: Do you find the current laws regarding spam are getting better -- for example, the recent spammers who got convicted to nine years in jail? What future solutions do you see regarding antispam?

Spammer-X: Yes, jail time works well. It sends a clear message into the spam community and many people really think twice about sending spam. However, I think the jail times are too strict. Spammers can get jail sentences longer than a rapist; it does not seem just somehow.

SearchExchange.com member: Do you know the SPF (Sender Policy Framework) initiative? How are spammers dealing with it?

Spammer-X: Yes, I know it well. Spammers can easily get around it. It makes a spammer accountable to a hostname, or a hostname with an SPF record. Just register a hostname, set up an SPF and you're away laughing. Recent studies found that there is more spam with SPF records than there is legitimate mail.

SearchExchange.com member: What is your opinion of Microsoft's Outlook Junk E-Mail feature?

Spammer-X: Good. It uses simple, default-level checks in the headers to determine if the message is spam. I think that's a good step in the right direction.

SearchExchange.com member: What happens when I elect the "opt out" option offered in many spam messages? Is this a technique spammers use to validate e-mail addresses, and therefore propagate, rather than remove, my e-mail address?

Spammer-X: Yes, this is usually used as a method of validation.

SearchExchange.com member: Is there any way to check to see if you are part of a spam database?

Spammer-X: Sure, that's easy. Do you get spam? If yes, then you're in a spam database.

SearchExchange.com member: Are whitelists at mail sites being compromised or is it educated guesses?

Spammer-X: They are being compromised. I actively did this as a spammer.

SearchExchange.com member: When you mentioned complaining to the credit card company, how would you go about doing this?

Spammer-X: Make it as scary as possible. It's easier for the credit card merchant to just can the account of the spammer. Here's a rough example:

Dear X: One of your clients sent my company spam -- spam that is considered illegal under U.S. jurisdiction. Attached is a screen shot of the spam and list of the headers. His Web site, www.fake-pills.com, is using your company to bill credit cards. Legal action will be filed if this spam continues.

SearchExchange.com member: Did you ever deliver your spam with the well-known NET SEND vulnerability?

Spammer-X: Negative on the NET SEND. It requires the recipient to have both NetBIOS and RPC open for you to connect to. Because of all the DCOM worms going around, most people now run firewalls, which blocks any attempt to use NET SEND.

SearchExchange.com member: If a spammer/phisher installs a mailer on your server and you kill it later (after everyone blacklists you), do they generally attempt to reinstall it or just move on to an easier target?

Spammer-X: The mail server would have had to be someone special. When I was spamming, if the host was blacklisted, I would have given up. There's no point flogging a dead horse.

SearchExchange.com member: What kind of antispam technology does the spam-fighting software you are developing use? When will it be available?

Spammer-X: It's based on a new variant of a Bayesian filter, using bi-linear trend analysis. I hope to have the product ready by the end of the year.

Reference Center: Spam prevention and management resources

---

Tags: Spam and virus protection,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Spam and virus protection Nine Exchange Server risks you shouldn't overlook How to install Forefront Security for Exchange Server Block Web beacons and protect OWA users from spam Controlling spam in Exchange 2007 at the edge transport server level How file-level antivirus software can harm your Exchange Server Problems with email spoofing on SBS 2003 Exchange Insider e-zine Securing your Exchange Server 2007 journaling archives Troubleshooting Outlook Web Access issues on a 64-bit system Microsoft Exchange Server security dos and don'ts Spam and virus protection Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary backscatter spam  (SearchExchange.com) greylist  (SearchExchange.com) image spam  (SearchExchange.com) KnujOn  (SearchExchange.com) Sender ID  (SearchExchange.com) spam confidence level  (SearchExchange.com) spamblock  (SearchExchange.com) spim  (SearchExchange.com) tarpitting  (SearchExchange.com) Vouch by Reference (VBR)  (SearchExchange.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary