Spam Wars

Marketers are finally catching on that there’s a lot more to the Internet than what meets the web. With the explosive growth of mailing lists and the latest reports showing that we now send 300 million electronic messages a day, email has proven to be the push technology standard that The Great Web Hype of 1996 could never live up to.

But as email has grown exponentially from the heyday of Dave Rhodes’s MAKE.MONEY.FAST to Sanford Wallace’s Cyber Promotions to the era of the unsolicited bulk emailer, Internet users are now carpet-bombed with volumes of electronic junk mail that would be economically unthinkable in the snail-mail world. Legitimate opt-in emailers continue to suffer at the hands of email abusers, raising the question of whether spammers will continue to erode the effectiveness of email much as they have with the demise of Usenet.

Fortunately, technologists and active anti-spam activists have joined forces to develop a formidable line of defense against unsolicited commercial email (or UCE). Although it may be a while before the state of the art in anti-spam technology reaches the masses, few technical advances on the Internet have impressed us more over the past couple of years.

The Boy Who Cried “Free Credit Line!!!”

A good example of the coming wave of anti-spam technologies is Catherine Hampton’s Spam Bouncer freeware. It requires a Unix shell account, but ISPs or individuals can use it in conjunction with popular POP-compliant email clients, such as Eudora and Outlook.

Spam Bouncer uses several filtering criteria to assess whether incoming email is spam:

  • Originates from an email address known to belong to a spammer (or a suspected throwaway email account)
  • Originates from an irresponsible ISP that permits spamming from its sites or through its mail relays
  • Was sent using a junk emailer program
  • Contains mail headers or body text strings that match Spam Bouncer’s profile of spam

Of course, there’s no rocket science in creating Outlook filters that sort out common credit card scams, medical quackery, and forged Hotmail addresses. But this is where common email-filtering methods end and Spam Bouncer starts to get interesting.

Online Neighborhood Watch

Anti-spam online communities, such as the Coalition Against Unsolicited Commercial Email (CAUCE) and the Forum for Responsible and Ethical Email (FREE), exhibit a fervor bordering on fanaticism. These active communities monitor and report on spammer activity across the Internet like neighborhood groups following released sex offenders – tracking spammers as they get kicked off multiple ISPs, forge the names of legitimate domains, and hide behind free email accounts.

The better anti-spam software packages leverage this information by incorporating it into their filters. Spam Bouncer issues filter updates at least once per month to catch both new and old spammers by their ever-changing email profiles. The resulting profiles read like an Internet’s “Most Wanted,” complete with mobsteresque names like “Dan ‘The Hitman’ Hufnal” and telltale signatures analogous to distinguishing scars and tattoos.

The following is an excerpt lifted from the comments in the Spam Bouncer filter source code:

Melle Brothers (formerly Connectup/NOIC/TSF/Fannin Industries)#

# Updated and domains verified 10/15/99

# Last reported spam: 5/07/99

# Other Relevant Info:

# (These are the losers who threatened to post several million AOL

# addresses to the Internet early in 1998 if AOL didn’t quit

# blocking their mail. They forge spam, mailbomb people, and

# sue ISPs who try to stop them – among the most abusive spammers

# out there now.)

This is followed by a detailed mail-filter profile consisting of 180 domains and a range of IP addresses. If incoming email matches against this profile, Spam Bouncer can be configured to either automatically delete the message or tag it as spam for automatic filing in a pre-designated folder. Spam Bouncer can also be configured to take additional automated courses of action:

  • Notify the sender that the email was intercepted and provide them with a password to resend the email and bypass spam filtering if the email was legitimate. (This is useful for false positives on borderline spam. True spammers never read replies.)
  • Send a simulated MAILER-DAEMON “bounce” to known spammers in hopes that they will think your email address is invalid and remove you from their spam lists. (This is one of our favorites, which we like to call “staging your own email death.”)
  • Complain to the “upstream providers” of known spammers, asking that they disconnect the Internet service of the spammers. (In the above example, the complaints are emailed to administrators at,, and

While community-based spam policing is a powerful tool, the time lag between filter updates opens a wide window for introducing new spam campaigns that do not fit existing profiles. Enter the most formidable weapon in the anti-spam arsenal to date: Internet-connected, real-time spammer databases such as the Mail Abuse Prevention System (or MAPS).

These databases contain dynamically updated Internet address lists of spammer sites, suspect mail relays that pass spam traffic, and pools of dial-up IP addresses almost never used for legitimate email. Anti-spam software can query these databases in real time over the Internet for comparison against incoming mail headers, providing the software with up-to-the-minute spammer profiles.

For example, Paul Vixie’s Realtime Blackhole List (RBL) lists IP addresses associated with domains that have spammed repeatedly and have failed to clean up their acts – despite the RBL team’s efforts and assistance. The RBL thus does for spam what Ronald Reagan’s “Star Wars” program purportedly would have done for a nuclear missile assault: New spam campaigns can be cut off at ISPs worldwide in mid-mailing.

Although the use of technologies like the RBL is purely voluntary, some free speech advocates take issue with them just as they do with email blocking in general. To help legitimize their efforts, the RBL team posts their guidelines and policies for placing and removing spammers in their database.

“I Want My Spam Bouncer”

With the growth of direct email marketing, it should only be a matter of time before consumers become aware of this kind of advanced mail-filtering technology and demand it in their email products.

Email distribution businesses, such as Exactis, are considering plans to offer Internet users centralized email account management services so that users can manage their opt-in mailing lists with a single, permanent email account. (Note: This is the very business model that Nick Usborne wrote about in the Feb. 14 ClickZ article “Billionaire in Waiting“). A logical extension of these services would include sophisticated spam-blocking filters.

Given the escalation of anti-spam community activism and technologies, what are the implications for legitimate opt-in emailers?

Related reading