A Timeline Of Spam And Antispam

Haak writes "American Scientist has a fine article by Brian Hayes summing up the history of spam and proposed measures to deal with it." A shorter article along the same lines is running at The Economist.

Interesting Perspective

[ankleteeth]

The article sums it up well, but is this something that is going to ever stop? SPAM to me seems like another one of those things in life like drug dealing for instance. Whatever tactice we take to stop or outlaw it, people are always going to find a way around it. The stronger we make our SPAM filters, the more normal desired mail that is going to get blocked. DOn't get me wrong, I hate Spammers, but I dont see how any of these solutions are going to work. Thats my opinion at least, but as the article says, I suppose suing spammers might have a good effect.

For you Viewing Pleasure

[Michael's+a+Jerk!]

We Present the world's first Make Money Fast Spam

Well....

[Gefiltefish]

I'm gonna need all that money from Nigeria to afford the necessary penis enlargement and credit rating accentuation!

Examined from the inside, the world of spam has created its own perverse little self-sustaining ecosystem.

Re:Unique? Sorry, but....

[Tralfamadorian]

Uhm, why do you say that? According to Merriam Webster spam is: unsolicited usually commercial E-mail sent to a large number of addresses.

Why can those messages not be 'personalized' and still fit that definition?

Ever notice that spam now-a-days has random strings of characters placed throughout it? That's to make it unique to prevent spam filters from looking the checksum of the message up in a database and marking it as spam.

We owe a lot to anti-spam fighters

[bigberk]

Anti-spam activists go to a lot of trouble to help locate and identify people and groups responsible for flooding the net with spam (or who provide spamware to misinformed laypeople). These same good-doers are often sought out by spammers, sued by groups of them, have their privacy invaded (release of home phone, address) in effort to scare them into shutting up.

I am not kidding here. Take a look at some of the projects that scare the hell out of professional spammers:

spamhaus keeps an exhaustive list of major spam operations.

SPEWS lists areas of the Internet that have frequently be used for spamming, including detailed evidence files and histories of ISPs that turn a blind eye to spam.

Spamware vendor list has a listing of sites that sell spamming software -- without which we would have little or no spam.

And Now...

[Michael's+a+Jerk!]

According to This Site, The earliest spam was sent by DEC in 1978.

Einar Stefferud, a longtime net hand, reports that DEC announced a new DEC-20 machine in 1978 by sending an invite to all ARPANET addresses on the west coast, using the ARPANET directory, inviting people to receptions in California. They were chastised for breaking the ARPANET appropriate use policy, and a notice was sent out reminding others of the rule.

Interestingly, a young Richard Stallman argued that spammers had every right to send spam.

Spammers are trying harder

[waynemcdougall]

I would have thought that spammers wouldn't expend much effort at trying to get around sophisticated anti-spam techniques. After all, if you go to the trouble to block spam, you're probably not going to respond.

But of course some of the spammers get paid based on how many 'eyes' (or HTTP requests) are generated, so if they can just get through to an Outlook Express preview pane, it's worthwhile....until 'marketers' wise up.

By virtue of having my own domain name, outside of the United States, I now receive 1200+ spams a day (and noticeably increasing). People who advocate 'just hitting the delete key' make me fume. That's a lot of delete key. And a lot of time. I've now reached the point where false positives on spam detection by automated software are less likely than me hitting delete one too many times. Thanks to DNSBL I can reduce spam from 1200+ a day to 10 a day, and Paul Graham's Bayesian filtering reduces that down to 2 or 3 a week.

I'd like to share some recent observations I've made - I haven't seen this referenced elsewhere but maybe I don't know where to look (so feel free to point me where this is mentioned elsewhere).

First a minor observation that spam increases markedly on the weekends - because peop,e aren't around to close down open relays or spamming accounts?

Secondly, spammers have started adding non-spammy words (eg capacitor) and constrcuted nonsense words (capacitorsggg) inside their messages. I can only see this as a direct response to Paul Graham's approach. I don't see it as working - the rest of the message is just TOO spammy - but it sugegst to me that spammers see such an apprroach as a threat. I've seen these words sprinkled at the start of plain text emssages and after the /body> /html> of HTML messages.

Thirdly, what I've recently noticed is that a spammer will connect to my mail server, say HELO, do a MAIL FROM: and then QUIT. Then they connect to my system again and use a HELO command that is my OWN IP address. They also include a fake Received header that makes it look as though the message originated from my own machine. Nice try you scummy spammers. SpamCop is smart enough to see through that ploy. I wonder how other system's will respond.

Fourthly, I've noticed that often when I complain to SpamCop I become the victim of a JoeJob. Currently I'm getting all the delivery failures coming back to random alphanumeric usernames at my domain. Sigh. Time to strip off my domain when I lodge SpamCop submissions eh?