Spam Kings Blog: Safe from the spam flood?

About the Book

The mounting onslaught of email pitches for porn, pills, and penis enlargement has some techno-pundits declaring that spam is on the verge of destroying the Internet. In Spam Kings, author and investigative journalist Brian McWilliams delivers a compelling account of the cat-and-mouse game played by spam entrepreneurs (including the notorious Davis Wolfgang Hawke, "Dr. Fatburn," and Scott Richter) in search of easy fortunes and the cyber-vigilantes who are trying to stop them.

� Aussie spam king raided | Main | Free Jeremy Jaynes! �

April 7, 2005

Safe from the spam flood?

Send-Safe screenshot Remember the dire warnings earlier this year that a new feature in the Send-Safe spamware program might cause a flood of new spam?

Well, turns out that Send-Safe's ProxyLock feature is seriously broken. As I detail in this new article for O'Reilly Network, CipherTrust researcher Dmitri Alperovitch has disassembled the latest version of Send-Safe, and he concludes that the dreaded ProxyLock feature contains a fatal design flaw that renders it essentially harmless.

In short, Send-Safe doesn't have a smart way to find the SMTP server affiliated with a proxy. As a result, it presents no big threat to existing blacklist systems.

While Dmitri was looking under the hood of Send-Safe, I spent the better part of an afternoon trying to get the ProxyLock feature to work. I'm happy to report that every test message went out via the Send-Safe-supplied proxies, and not via the mail server of the proxies' affiliated ISP. Even better, every one of the proxies was listed on the CBL.

Posted by brian at April 7, 2005 8:23 PM

Sun	Mon	Tue	Wed	Thu	Fri	Sat
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

About the Book

April 7, 2005

Safe from the spam flood?

Contact

Archives

Recent Entries

Related Blogs