Tracking the source

Part of solving the spam problem is penetrating the spam's probably disguised point of origination, so more permanent remedies than filtering can be taken. The question of vulnerable servers that unknowingly pass on spam and disguise its origins is pertinent here.

Part of solving the spam problem is penetrating the spam’s probably disguised point of origination, so more permanent remedies than filtering can be taken. The question of vulnerable servers that unknowingly pass on spam and disguise its origins is pertinent here.

Several organisations attempt to finger such indirect culprits and indulge in “behaviour modification” such as putting the alleged offender who issues, transmits or allows their facilities to be used for spam on a circulated list so all emails from them can be banned. This has, in the past, landed the would-be behaviour-modifier in legal trouble.

Legitimate accusations of passing on spam, it appears, can degenerate into a personal grudge match.

The classic tactic of relaying spam through an unsecured SMTP server is “still a major problem”, says anti-spam activist Alan Brown, “but spammers are more and more turning to improperly locked down proxy servers, or [proxy servers that are] not locked down at all to spam through”.

Often they’ll combine the techniques, he says, so delivery is through an open relay, but the injection point is an open proxy. This makes it nearly impossible to trace the spammer, he says.

Xtra took Brown’s Orbs “behaviour modification” organisation to court for what the ISP alleged was over-zealous blocking, and Orbs has now ceased operation. But other similar listing organisations have sprung up. The offended-against naturally complain about “self-appointed internet cops”, but this is the wrong perspective, Brown argues.

“There are no ‘self-appointed net cops’ — outfits like SPEWS and Spamhaus are ‘appointed’ by people who install those filters on their own machines,” he says.

The power of the lists comes from the number of people using them and if the lists are seen to be not working properly, they won’t get used, he notes.

Brown criticises the conventional definition of spam as “unsolicited commercial email”, noting that irritating unsolicited messages are not confined to commerce. “‘The end of the world is nigh’ or ‘vote for Joe Bloggs’ are just as much spam as ‘buy my widgets’.”

Join the newsletter!

Error: Please check your email address.

Tags spam

More about Xtra

Show Comments

Market Place

[]