A Weblog About Topics and Issues Discussed in the Book Spam Kings by Brian McWilliams

� January 2005 | Main | March 2005 �

February 28, 2005

Vint Cerf on the Send-Safe shutdown

So, did MCI blink? Was the recent shutdown of the Send-Safe.com site the result of MCI amending its policy of providing safe harbor to known spammers?

I asked MCI senior VP Vint Cerf for an answer to that question. Cerf emailed me this (somewhat cryptic) statement:

While we generally do not comment about customer matters, it is fair to say that the company is always ready to examine its acceptable use policy and apply and adapt it in the interest of Internet users. Spam is just one of the many concerns we confront in our daily efforts to improve the quality of Internet services.

It is my understanding from talking to sources close to MCI that the big ISP put pressure on MTI Software, an MCI reseller that was hosting Send-Safe.com. Apparently MCI issued an ultimatum to MTI: cut off Send-Safe, or we'll cut you off.

(When I approached Send-Safe owner Ruslan Ibragimov today for more information on his future plans, he told me over ICQ to, er, buzz off.)

So, kudos to MCI for doing the right thing. Perhaps, behind the scenes, people there are applying similar pressure to get the 200-some other spam sites shut down.

Posted by Brian at 10:50 PM | Comments (2)

Spam Kings review at ZDNet UK

Author and journalist Wendy Grossman has an interesting review of Spam Kings today over at ZDNet UK.

I've followed Wendy's work for years, and especially enjoyed her 2003 article for Reason magazine, "The Spam Wars." (The article included one of the snappiest lines I've ever read on the subject of spam: "Junk e-mail is like seasickness: If you don't get it, you don't really understand how bad it is.")

Wendy's review of Spam Kings says readers will enjoy learning about who's behind the spam problem, as well as about the anti-spammers on Nanae and at Spamhaus.org who are trying to drive junk emailers out of business. But she seems disappointed that I offered no silver bullet for solving the spam problem:

Most of us don't care who's sending it -- we just want it to stop. And that's why, somehow, this book's early promise is never quite fulfilled. You learn a lot of fascinating stuff about the people involved, but there's still no way to use this knowledge to end spam. We know the US's CAN-Spam legislation hasn't done it (as The Spamhaus Project predicted), and we know there are real limitations to the blocking and filtering technologies that are the current state of the art. So now what?

I'm not sure what Wendy means when she says Spam Kings' "early promise." In the book's introduction, I state outright that Spam Kings is "descriptive, not prescriptive." There are already dozens of technical how-to guides about stopping spam. I set out to write something quite different: part business case-study, part cultural history. My goal was to tell a good story that puts the spam wars in context.

Ironically, Wendy's 2003 Reason article concluded that technical, economic, and legal solutions to the spam problem all have "major drawbacks." Her proposed alternative: something she called the "community solution." Wendy was a bit vague on the details, but what she proposed sounds an awful lot like what anti-spammers on Nanae and at Spamhaus are attempting to do.

Posted by Brian at 4:08 PM

February 25, 2005

Send-Safe goes back to Russia?

Send Safe logoThe notorious Send-Safe.com spamware site was off the air this morning. A check of the site's DNS records suggests it has moved off MCI and is now being hosted by Rostelcom in Russia.

What's more, Send-Safe is no longer receiving shopping cart services from SWREG in the UK.

I recently traded emails with Steve Lee, head of SWREG. Lee gave this explanation for why he hadn't booted Send-Safe, despite its apparent violation of SWREG's terms of service, which prohibits the sale of "software associated with spammers (for instance certain bulk e-mail software, anonymous proxies or lists, etc.)":

The problem we have is that it is good money and as spam seems to be less of an issue for *us* it becomes less important to me to pull such products. In other words I do not have the fervor of others who you are involved with and definitely less incentive. I do not think of spam as the root of all evil as much as an irritant that can be controlled.

Nonetheless, Lee said SWREG has closed the shop assigned to Send-Safe.

Now, perhaps Yahoo Groups will stop hosting the Send-Safe users group discussion list. (Send-Safe recently banned me from the group.)

[Update: a US company called Plimus is now handling online ordering for Send-Safe.]

Posted by Brian at 10:44 AM

February 24, 2005

The hype over spim

Trillian logoA number of news reports, helped along by media-savvy prosecutors, are positioning the recent arrest of teenage spammer Tony Greco as a significant milestone in "spim," or instant message spam. Many of the articles suggest IM spam is about to flare out of control.

This pegs my hype-meter. As I explain in The Hype Over Spim, a new op-ed for BetaNews, IM spam has been around for roughly seven years, and all along "experts" have predicted spim is about to rage out of control.

It hasn't, and it probably never will. Here's why.

Posted by Brian at 9:12 AM

February 22, 2005

Microsoft sues Israeli spammer

Microsoft is suing Amir Gans, a self-proclaimed "email marketer" based in Israel, according to this article in the country's Haaretz newspaper.

The lawsuit comes less than two months after Gans was the subject of a detailed -- and some might say glowing -- profile in Haaretz.

I interviewed Gans by email earlier this week. (We had to use his backup email account, because Microsoft's servers were returning "550 Requested action not taken: mailbox unavailable" messages when I tried him on his Hotmail account.)

Gans told me that Microsoft recently sent him a letter threatening to sue him if he didn't agree to "publicly apologize and pay them 0.5 million NIS ($100,000)."

Gans said he told Microsoft it couldn't intimidate him. Hence the lawsuit filing today. Microsoft is seeking 2.5M NIS (about $575,000).

Gans accused the big company of unfair competition. He claims MSN Israel charges $1,900 to send messages to 50,000 Hotmail users, whereas he charges $850 to spam one million recipients.

"It is important to know that I'm not a bulk mailer of viagra, ialis, oem software etc.," said Gans in the email interview. "My company gives advertisement services to businesses in Israel that sell computers, insurance, banks services, cellular phones, etc. [These are] serious business that find email marketing a great and in-exensive methood for advertising."

Microsoft Internet Safety Enforcement Attorney Aaron Kornblum confirmed that the company had filed the lawsuit, but he had no other immediate comment.

Posted by Brian at 8:30 PM

How Paris got hacked?

Not really a spam story, but still email-related. You've probably heard about the repeated hackings of actress Paris Hilton's T-Mobile online account. In this article for O'Reilly Network, I report that her dog may indirectly be to blame.

Like many online service providers, T-Mobile requires users to answer a "secret question" if they forget their passwords. For Paris Hilton's account, the secret question was "What is your favorite pet's name?" By correctly providing the well-known answer, any internet user could change Hilton's password and freely access her account.

Thanks to the anonymous Internet user who tipped me off about this vulnerability, which has apparently persisted for almost a year, despite the high-profile and ongoing attacks on Hilton's account. (T-Mobile corrected the problem today.)

Posted by Brian at 6:40 PM | Comments (2)

February 20, 2005

Clever spammer tricks

Spam filters make junk e-mailers do desperate things. In order to sneak past filters, spammers have to write "advertisements" that are barely intelligible, let alone persuasive. And their desperation goes well beyond using camouflaged words like V14gr4.

So, what do savvy spammers today do? They provide special instructions so that recipients can decipher their encoded messages. Check out this spam that made it into my Inbox over the weekend:

Date: Sat, 19 Feb 2005 08:16:46 +0100
Message-id: <3CA10AB7.22723.8CEE549@localhost>
From: "Janice Odom"
To: bmcw@pc-radio.com
Subject: Get yourMeds now
X-Mailer: Sylpheed version 0.7.6 (GTK+ 1.2.10; i686-pc-linux-gnu)

read downwards ;)
C - V - V - V - X - S
O - I - I - A - A - O
D - C - A - L - N - M
E - O - G - I - A - A
I - D - R - U - X
N - I - A - M
E - N
N
Shipped to you directly from a US Pha'rmacy,
who is F'DA approved and licensed.

All pack'ages are sh'ipped with UPS and
come with a tra'cking num'ber at no cha'rge:

Copy to browser without any spaces;
usamed123. com/rx/?47

What's especially fascinating are those last two lines. The spammer expects that some recipients will be co-conspirators in this little beat-the-filters game, and will happily cut & paste & edit that URL into their browser. (Sadly, based on what we know about furtive shopping, that expectation is probably justified.)

What's next? Spam with instructions on how to print it out and read it in a mirror?

Posted by Brian at 9:34 PM | Comments (2)

February 18, 2005

Teen busted for spam extortion attempt

DOJ emblemA teenager from Buffalo, New York is facing serious prison time for spamming, according to the U.S. Attorney's Office in Los Angeles.

Anthony "Tony" Greco, 18, who runs a set of porn sites called TGcashin, allegedly exploited security flaws at MySpace.com to spam its members.

According to a Secret Service affidavit, in October 2004 Greco created some sort of automated system for signing up for over 27,000 free MySpace accounts, which he then used to send spam advertising sites including adultactioncam.com.

To make matters worse, Greco later allegedly tried to get MySpace to pay him not to tell other spammers at Spamfiles.biz about his little trick. According to the affidavit, Greco sent MySpace's owners a message saying, "Me giving out my source will just open a Pandora’s box of Spam on your server, which based on your downtime, it’s obvious you don’t need that."

Greco was arrested Wednesday at the LA airport -- on his way to a meeting with MySpace that was actually a sting set up by the Secret Service.

Greco is hardly a major player in the spam business. But this case is still significant. I think it shows the risks spammers take when they try to exploit security flaws to support their spam operations.

Greco faces a maximum possible penalty of 18 years in federal prison if convicted on all three counts: violating the CAN-SPAM Act, threatening to cause damage to MySpace.com's computers with the intent to extort, and causing damage to a protected computer.

Posted by Brian at 1:24 PM | Comments (2)

February 17, 2005

Can screen keyboards foil fraudsters?

ckns-sm.gifCitibank UK has come up with a unique, if potentially flawed, method for beating spyware, key-loggers and other malicious software designed to steal passwords.

As I report in this story at BetaNews, customers who log in at Citibank.co.uk are now required to enter their passwords using an on-screen keyboard.

The idea is to prevent malware from being able to "see" what users type on their physical keyboards. It seems clever at first glance, but the technique isn't actually very secure. (It also comes up way short in the usability department according to this item at BoingBoing.net. )

There's a link to a working demo of the Citibank UK screen keyboard (you don't need to be a customer to try it out) in the article,

Posted by Brian at 10:04 AM | Comments (1)

February 16, 2005

Protest brewing against Internet pioneer

Vint Cerf[Update: a draft of the protest letter is online here.]

Upset over MCI's refusal to kick a notorious spamware firm off its network, some anti-spammers are getting ready to lodge an ethics complaint against MCI senior vice president Vint Cerf.

Some participants on the Spam-L discussion list plan to file a complaint with the Association for Computing Machinery about Cerf's unwillingness to boot Send-Safe.com from the MCI network.

The furor comes the same day that the ACM named Cerf a co-recipient of the Turing Award, the so-called Nobel Prize of computing, for his work developing the TCP/IP protocol.

In a recent posting to the Spam-L list, Spamhaus founder Steve Linford said he communicated directly with Cerf about terminating Send-Safe. According to Linford, Cerf replied that MCI does not consider spamware a violation of its terms of service. Linford pointed out on the list that Send-Safe has previously been kicked off of four "bulletproof" hosting firms in China prior to landing at MCI.

In response, one ACM member wrote on Spam-L that Cerf was violating the ACM's code of ethics.

"By publicly defending MCI's hosting of send-safe and other spammers, Vin Cerf is violating sections 1.1, 1.2, 1.3, 1.5, 1.7, 2.3, 3.1, 3.3, and probably a couple of others," wrote the Spam-L participant.

Another Spam-L regular described the situation this way: "Cerf and Kahn built this wonderful TCP/IP protocol suite, and all I
have to show for it are the Viagra spams mailed from mci.com!"

Look for anti-spammers to publish an open letter to the ACM, MCI, and Cerf in the near future.

Posted by Brian at 7:47 PM | Comments (1)

February 14, 2005

The Verizon-MCI deal from a spam perspective

When rumors recently swirled that mega-ISP MCI was about to be acquired by Qwest, anti-spammers smiled. Denver-based Qwest has a pretty good record fighting spam, so the hope was Qwest would help MCI kick its spam habit. (MCI is ranked #1 on the Spamhaus list of the Top 10 havens for spam.)

But now word is out that Verizon has topped Qwest's offer for MCI and will end up the successful suitor.

This news drew some groans from the ranks of anti-spammers. Verizon is #8 on the Spamhaus list and currently hosts spam kings including Atriks, Aztech Internet, and Thomas Cowles.

In any case, as Reuters reports, "the deal marks a final chapter for MCI, which was formed as Microwave Communications Inc. in the 1960s as a scrappy competitor to AT&T -- then known as Ma Bell."

Posted by Brian at 4:14 PM

February 12, 2005

Why Viagra spam isn't going away

Make no mistake. The recent legal attack from Pfizer and Microsoft on "international spam rings" isn't really about fighting junk email. It's about brand and patent protection for Pfizer. It says so right in the press release.

Pfizer is primarily targeting two entities: CanadianPharmacy, (formerly?) doing business at http://www.cndpharmacy.com, and E-Pharmacy Direct, (formerly?) doing business at http://www.myepharmacydirect.com.

Neither of the online pharmacies are listed in the Spamhaus Register of Known Spam Operations. So I doubt they are truly a major source of "Viagra" spam. Nor are there more than a handful of spam reports in the "Sightings" newsgroup (news.admin.net-abuse.sightings) for the two sites.

The press release makes clear that Pfizer's concern is that these sites are selling illegal generic versions of Viagra. Would Pfizer be so aggressive if the companies were spamming the real thing (i.e., if Pfizer was getting a cut of their sales)?

Microsoft also added CAN-SPAM lawsuits against EzyDrugStore.com, DiscountRX.com and Virtual RX.com. They're not listed on ROKSO either.

So, how is this a big salvo in the war on Viagra spam?

Posted by Brian at 8:44 PM

February 11, 2005

Censoring Spam Kings

The January issue of macCompanion has a detailed review of Spam Kings (PDF here; HTML here).

The reviewer was very generous with praise for the book ("This book is going to become the basis of a movie. I just feel it! Or maybe it will fill a few CSI episodes"), but had one big complaint: "The book could have used some censorship what with all the cussing and swearing used on occasion."

I confess this is the first time anyone has mentioned this matter. I apologize if my efforts to accurately record quotes from spammers and anti-spammers have offended any readers.

Proof that you can't make everybody happy: I've also been getting some flack for putting a hashed version of the word penis (@*#?%) on the book's cover.

Posted by Brian at 4:27 PM

February 9, 2005

Infamous spammers know where money is

Syndicated tech columnist Mitch Stone just published a nice review of Spam Kings in the Ventura County Star (registration required). Stone writes:

The interplay between the spammer and anti-spammer subcultures documented by McWilliams often reads like a John LeCarre novel. He documents a fascinating contest replete with spies, counterspies, threats, theft, turncoats and personal betrayals. Inevitably, some of these conflicts break out into bitter lawsuits, instigated mainly by vindictive and ethically challenged spammers.

The review also compares spammers to bank-robber Willie Sutton: "They know where the money is too -- it's in our pockets, credit cards and bank accounts. And without question they know how to get their grubby mitts on the loot, and it doesn't involve hauling around a tommy gun."

Posted by Brian at 12:20 PM

February 8, 2005

Profits by proxy

All this talk about proxy lock and the impending spam crisis has apparently stirred up interest among spammers. Overheard on the Send-Safe.com discussion list Tuesday, the company's tech support manager provides advice on how to use the proxy lock feature successfully:


1) Turn off "Add random to FROM"
2) Use some very common names in the left part of the FROMs, like
john@..., johnb@, johnc@, bobby@..., etc. These names should exist in most domains in
order ProxyLock could successfully log on to the proxy's MX server.
But never use admin, root, postmaster, and so on.

Speaking of Send-Safe, doesn't it seem a little odd that Steve Lee, a member of the Shareware Hall of Fame, should be getting paid a commission for selling spamware?

Lee's firm, Atlantic Coast PLC, a public UK company, provides shopping-cart services for the Send-Safe site. See for yourself. (Click the "order" link. In Send-Safe jargon, "credits" equals the number of spams you send using Send-Safe's proxies.)

Looks like MCI isn't the only company getting a cut from the spam trade.

Posted by Brian at 9:09 AM

February 7, 2005

Swimming in phish domains

h_cg.gifMy spam filter caught a message today that I assumed was a phishing scam. It said I was eligible for a $5 credit on my Citibank account if I signed up to receive electronic statements of my account activity.

Here's why I assumed it was a phish. The email headers listed the domain citibankcards.com, whereas the HTML message body wanted me to click a link that said universalcard.com. But the link actually went to a site called citicards.com. (Phishing scammers love to register look-alike domains and trick people into visiting them to cough up their account info.)

I looked up the registration for citicards.com, and it turned out to be legit and belong to Citigroup. But according to the nifty reverse IP feature at whois.sc, there were 73 other websites at that same IP address, including Citgocelebrity.com Citi-commerce.com Citi-fxlink.com Citi.com Citi.net Citibank-ebilling.com, etc.

Meanwhile, a look-up on citibankcards.com showed it was also legit. There were some 53 domains at the same IP address, including Citibankchina.com Citibanktoolbar.com Citibanktoolbar.net Citibusinesscreditcards.com Citicard.com Citicashcard.com Citicheck.com Citicommerce.net Citicorp.com Citicorpselect.com Citigroupinfo.com Citigroupkids.com Citigrouponthenet.com, etc.

Finally, I checked out Universalcard.com. Thirty seven domains at the same IP address, including Citgoplus.com Citi-exchange.com Citiaccess.com Citibankebilling.com Citibankloan.com Citibanknigeria.com Citibankprivatebank.com Citibankworldlink.com, etc.

I realize banks and other trademark holders need to register lots of domains to protect against phishing attacks and cybersquatters. But how are consumers supposed to keep track of which domains are legit? Wouldn't it make more sense for companies like Citigroup just to use one domain for their communications with customers?

Posted by Brian at 1:27 PM | Comments (2)

February 5, 2005

AOL settles with spam king

brads-hummer.jpgAmerica Online has reached a settlement agreement in its first lawsuit under CAN-SPAM.

On January 25, a federal court in Virginia approved the settlement between AOL and Brad Bournival who, along with partner Davis Hawke, was sued by AOL in March 2004.

Terms of Bournival's deal are confidential. But it's safe to say that he is permanently enjoined from spamming AOL, and that he has paid the company some undisclosed amount of money in damages. Oh, and Brad says he is no longer driving that yellow Hummer H2 with the plates that read "Cashola." (Wonder if we'll see the vehicle raffled off by AOL in the future?)

Bournival, 20, claims the recently reported drop in spam hitting AOL is due in large part to him and Hawke being out of the business. For a period of time between 2003-2004, "we were the best" at getting spam into AOL, boasts Bournival.

So how does a former spam king get on with his life? Brad says he's going to use his chess smarts to become a professional poker player. Unfortunately, he still has to wait a few months until he turns 21 and can legally play at casinos online and off ...

Posted by Brian at 10:00 PM

February 4, 2005

Complaint Dropped Against DDoS Mafia

111-case.gif As I report in this story for O'ReillyNet, a federal court in Los Angeles has dismissed a criminal complaint against a group of men referred to as the DDoS Mafia.

Prosecutors told me the move was strictly procedural, and they could re-file a complaint at a later date.

The DDoS Mafia, led by Paul Ashley, the owner of CIT-FooNet, was blamed for attacks on several spam blacklist sites in 2003. FooNet also hosted carderplanet.net, a notorious phishing site. The government's complaint dealt only with a October 2003 DDoS-for-hire scheme involving Saad "Jay" Echouafni, who is now on the FBI's most-wanted fugitives list.

From talking to people close to the situation, I am under the impression that Ashley and some of his henchmen are cooperating with law enforcement as part of a pending plea agreement. But as I report in the article, that apparently hasn't stopped some phishing from going on right under Ashley's nose.

Posted by Brian at 2:39 PM

MCI criticized for spamware

Sue You Net image

[Update: Spamhaus has issued a detailed statement about MCI and other ISPs who knowingly host spammers.]

The dreaded proxy lock problem has hit the mainstream media. MSNBC had a story Thursday, and the Washington Post published a write-up Friday.

Interesting comment in the Post story from MCI, which is listed as the most spam-friendly ISP in the world, according to Spamhaus. Steve Linford of Spamhaus complained that MCI-UUNet is hosting Send-Safe.com, the site of one of the companies selling spamware that has added the proxy lock feature. From the Post:


Timothy Vogel, who heads MCI's legal team for technology issues, said that UUNet does not host the site but instead leases the Internet address to a company that in turn hosts Send-Safe's Web site.

More important, he said, MCI does not want to censor Internet content. If MCI had evidence that the Send-Safe company was spamming, that would violate MCI policy.
But merely advertising its product is a form of speech that should not be censored, Vogel said.

Amazing backbone from this big Internet backbone provider!

The company that leased the IP space from UUNet appears to be Microsys Technologies, a spamware developer with addresses in Florida and Ohio. Other sites hosted at that same IP address as send-safe.com include amazing-bulk-email.com, Emailbroadcaster.com, Emailemailemail.com -- you get the idea.

Spam Kings readers know that Linford has been battling against UUNet since 1998, when the company threatened to sue him for criticizing its lax response to spammers on its network. (The graphic above was created by an unknown artist during that period.) A copy of the first page of UUNet's 1998 threat letter to Linford is here.

Posted by Brian at 9:04 AM

February 2, 2005

Proxy lock: email crisis ahead?

Spamhaus leader Steve Linford has identified a scary new development in spamware, according to this story.

The concept, referred to by some as "proxy lock," is a bit complex. But if you're a spam fighter, it's worth trying to understand, since experts think it may bring major email problems in the near future.

Background: The majority of spam currently comes from "zombied" Windows PCs. The computers are infected with software that allows spammers to send out email directly to recipients, without having to go through the outbound mail server of the victim's ISP. This creates a problem for spam blacklists, because there are millions of infected PCs, and it's nearly impossible to blacklist them all.

The "new" development that worries Linford and others will actually make blacklisting much easier. But the repercussions will be potentially terrible.

The latest versions of some spamware programs (such as Send-Safe v 2.20b build 662) as well as updates of spam Trojan horses (such as SoBig) are designed to send spam out through the mailserver associated with an infected PC or proxy. So when a Comcast subscriber's PC gets turned into a zombie, for example, the spam will go out via one of Comcast's mail servers, not via a server built into the zombie software, as in the past.

As a result, if other Internet users want to block incoming spam from the infected PC, they will need to blacklist Comcast's mailserver. Doing so obviously creates huge problems for legitmate mail emanating from that server.

If this problem materializes as some think it might, big filtering providers like Brightmail and Postini are going to have to make some tough choices in the weeks ahead.

Send-Safe calls this new feature the "use proxy domain's MX option." But it's actually been around for a while. A piece of spamware called Super Server Pro from Lightspeed Marketing has been known to offer a similar "proxy lock" capability for over a year. (Ironically, Davis Hawke was selling cracked versions of Super Server Pro a while back.)

This difference today is that suddenly millions of zombies connected to broadband ISPs of all shapes and sizes may suddenly begin pumping out spam through their ISP's mail servers.

AOL's anti-spam chief Carl Hutzler tells me that AOL actually has dealt with this "new" problem since September 2003 and has come up with counter measures, including rate-limiting, SMTP authentication, etc. But many other ISPs have never seen the problem before, and that could be a big problem.

"We could barely stay operational" during a frenzy of proxy-lock spamming, said Hutzler. "A smaller ISP will fold up," he added.

Posted by Brian at 8:43 PM | Comments (2)

Special offer for bulkers

The response to my previous offer has been astounding. Call me crazy, but I'm going to up the ante! Spam Kings title page

I will personally ship a FREE, SIGNED copy of Spam Kings (hardcover, $22.95 list) to the first FIVE (5) registered SpecialHam.com users (antis excluded!) who email me their mailing address!!! (Post-office boxes are fine.) If you're not already registered at SpecialHam, you must be listed on the Spamhaus Rokso list.

I'm not kidding
. This is a genuine offer. And no, I'm not doing this to gather intel for anti-spammers, law enforcement, private lawsuits, etc. (I'll treat your info as confidential.)

I just think that "bulkers" should have an opportunity to learn about the careers of some of their colleagues. I also believe that any self-respecting spammer should know the history of Spamhaus and the genesis of Spews, as well as the mindset of anti-spammers like Shiksaa and Steve Linford.

So, what are you waiting for? My book has your name on it!

Posted by Brian at 12:57 PM

Get the original Spambook!

As previously noted, the SpecialHam.com spammer site has been running a banner ad for Spam Cartel, a book published by Syngress. (Updated 442 kb screen grab of the site here.) Syngress claims it didn't pay the $1,000 for the sponsorship. So I have to assume the anonymous author did, or maybe it was one of his cronies.

But, if you ask me, $49.95 (list) is a bit steep for a soft-cover book about how to be a spammer. (Perhaps it's a clever ploy by Syngress to ruin the economics of spamming?)

That's why I'm making this INCREDIBLE, limited-time offer. Right now, you can download a copy of The Spambook, for FREE! That's right. This amazing compendium of spamming know-how ordinarily sells for $29.99. But the Spambook is YOURS TO KEEP! No strings attached!

The Spambook was written by none other than Davis W. Hawke, the central figure of Spam Kings. (The document says the author is "Anonymous," but the source to the page lists "jkincaid" as the author. That's one of Hawke's aliases.)

Last revised in July 2002, the Spambook is a bit outdated. But it's still FULL OF GEMS, and it's virtually free of typos and misspellings!

Posted by Brian at 9:12 AM

February 1, 2005

Big surge in spam from AOL

AOL logoAs you probably heard, about a month ago, AOL reported a sharp decrease in both the amount of spam hitting its filters and the number of spam complaints from its members. That's the good news.

But in recent days, there have been complaints of a big surge in spam apparently emanating from dial-up AOL accounts. This is a big surprise, since AOL has blocks in place to prevent users from sending spam out onto the Internet -- and those "port 25" blocks have effectively eliminated outbound spam.

Turns out that spammers discovered a chink in AOL's armor. Carl Hutzler, the big ISP's chief spam fighter, this week confirmed spam "leakage" from AOL's network space.

Turns out AOL wasn't blocking inbound port 25 connections to some of its networks, and, using some technical sleight-of-hand, spammers were able to blast out spam with AOL addresses. A fix is on the way, according to Hutzler.

Posted by Brian at 10:27 AM

Weblog authors are solely responsible for the content and accuracy of their weblogs, including opinions they e xpress,
and O’Reilly Media, Inc., disclaims any and all liability for that content, its accuracy, and opinions it may contain.

All trademarks and registered trademarks appearing on spamkings.oreilly.com are the property of their respectiv e owners.

O'Reilly Home | Privacy Policy

© 2004 O'Reilly Media, Inc.
For assistance with this site, email: