Francais | English | Espanõl

E-mail spam

From Wikipedia, the free encyclopedia

Jump to: navigation, search
View of a modern spam email, containing an advertising image.

E-mail spam is a subset of spam that involves sending nearly identical messages to a few or thousands (or millions) of recipients by E-mail. Perpetrators of such spam ("spammers") often harvest addresses of prospective recipients from Usenet postings or from web pages, obtain them from databases, or simply guess them by using common names and domains.

There is no universally accepted definition of spam, but most definitions are based on the e-mail being both unsolicited by the recipients and having bulk quantities of substantively the same e-mail being sent. In other words spam is usually defined as Unsolicited Bulk E-mail (UBE). This e-mail is usually also unwanted and sent by automated means. [1] [2] [3] [4] [5]

Contents

[edit] Overview

Image:Spam.png

As the recipient directly bears the cost of delivery, storage, and processing, one could regard spam as the electronic equivalent of "postage-due" junk mail. However, the Direct Marketing Association will point to the existence of "legitimate" e-mail marketing. Most commentators classify e-mail-based marketing campaigns where the recipient has "opted in" to receive the marketer's message as "legitimate".

Spammers frequently engage in deliberate fraud to send out their messages. Spammers often use false names, addresses, phone numbers, and other contact information to set up "disposable" accounts at various Internet service providers. They also often use falsified or stolen credit card numbers to pay for these accounts. This allows them to move quickly from one account to the next as the host ISPs discover and shut down each one.

Spammers frequently go to great lengths to conceal the origin of their messages. They do this by spoofing e-mail addresses (much easier than Internet protocol spoofing). The e-mail protocol (SMTP) has no authentication by default, so the spammer can pretend to relay a message apparently from any e-mail address. To prevent this, some ISPs and domains require the use of SMTP-AUTH, allowing positive identification of the specific account from which an e-mail originates.

Spammers cannot completely spoof e-mail delivery chains (the 'Received' header), since the receiving mailserver records the actual connection from the last mailserver's IP address. To counter this, some spammers forge additional delivery headers to make it appear as if the e-mail had previously traversed many legitimate servers.

Image:Spam automation example.gif

Spammers frequently seek out and make use of vulnerable third-party systems such as open mail relays and open proxy servers. The SMTP system, used to send e-mail across the Internet, forwards mail from one server to another; mail servers that ISPs run commonly require some form of authentication that the user is a customer of that ISP. Open relays, however, do not properly check who is using the mail server and pass all mail to the destination address, making it quite a bit harder to track down spammers.

Increasingly, spammers use networks of virus-infected PCs (zombies) to send their spam. Zombie networks are also known as Botnets. In June 2006, an estimated 80% of e-mail spam were sent by zombie PCs, an increase of 30% from the prior year. An estimated 55 billion e-mail spam were sent each day in June 2006, an increase of 20 billion per day from June 2005.

Spoofing can have serious consequences for legitimate e-mail users. Not only can their e-mail inboxes get clogged up with "undeliverable" e-mails in addition to volumes of spam, they can mistakenly be identified as a spammer. Not only may they receive irate e-mail from spam victims, but (if spam victims report the e-mail address owner to the ISP, for example) their ISP may terminate their service for spamming.

[edit] Statistics and estimates

[edit] The growth of e-mail spam

Spam is growing exponentially, with no signs of abating. The amount of spam users see in their mailboxes is just the tip of the iceberg, since spammers' lists often contain a large percentage of invalid addresses.

[edit] In absolute numbers

  • 1978 - An e-mail spam is sent to 600 addresses.[6]
  • 1994 - First large-scale spam sent to 6000 newsgroups, reaching millions of people. [7] [8]
  • 2005 - (June) 30 billion per day [9]
  • 2006 - (June) 55 billion per day [10]

[edit] As a percentage of the total volume of e-mail

MAAWG estimates that 80-85% of incoming mail is "abusive email", as of the last quarter of 2005. The sample size for the MAAWG's study was over 100 million mailboxes. (Details: [11] and [12].)

[edit] Highest amount of spam received

According to Steve Ballmer, Microsoft founder Bill Gates receives four million emails per year, most of it being spam.[13] (This was originally incorrectly reported as "per day".[14]) Ironically, most of them were mail purportedly providing help for losing debt and getting rich fast.

At the same time Jef Poskanzer, the owner of the domain name acme.com, was receiving over one million spam emails per day.[15]

[edit] Origin of spam

Origin or source of spam refers to the geographical location of the computer from which the spam is sent; it is not the country where the spammer resides, nor the country that hosts the spamvertised site. Due to the international nature of spam, often the spammer, the hijacked spam-sending computer, the spamvertised server, and the user target of the spam are all located in different countries.

According to Sophos, the major sources of spam in the second quarter of 2006 (April to June) were the United States, China, and South Korea. [16]. The Spamhaus Project ranks the top three as the United States, China, and Russia. [17], with South Korea placed at #6 behind Japan and Canada. Some of this variation may be explained by differences in how the "source" of spam is counted.

[edit] Spamvertised sites

Most spam contains a URL to a website. According to a Commtouch report in June 2004, "only five countries are hosting 99.68% of the global spammer websites", of which the foremost is China, hosting 73.58% of all web sites referenced within spam. [18]

[edit] Most common products advertised

The most common items advertised in spam messages are: Pornography site subscriptions, prescription drugs, purported sexual enhancement products, printer ink cartridges, counterfeit brand name goods, counterfeit software, mortgage offers, fake diplomas from nonexistent or non-accredited universities, and pump and dump penny stocks.

[edit] Legality

Sending spam violates the Acceptable Use Policy (AUP) of almost all Internet Service Providers, and can lead to the termination of the sender's account. Many jurisdictions, such as the United States of America, which regulates via the CAN-SPAM Act of 2003, regard spamming as a crime or as an actionable tort.

Article 13 of the European Union Directive on Privacy and Electronic Communications (2002/58/EC) provides that the EU member states shall take appropriate measures to ensure that unsolicited communications for the purposes of direct marketing are not allowed either without the consent of the subscribers concerned or in respect of subscribers who do not wish to receive these communications, the choice between these options to be determined by national legislation.

In Australia, the relevant legislation is the Spam Act 2003 which covers some types of e-mail and phone spam.

Accessing privately owned computer resources without the owner's permission counts as illegal under computer crime statutes in most nations. Deliberate spreading of computer viruses is also illegal in the United States and elsewhere.

Thus, some of spammers most common behaviors are criminal quite independently of the legal status of spamming per se. Even before the advent of laws specifically banning or regulating spamming, spammers have been successfully prosecuted under computer fraud and abuse laws for wrongfully using others' computers.

Despite the legislative effort to curb the flow of spam, it seems unlikely that the current, available legal remedies will have much of an impact. For example, the CAN-SPAM Act of 2003 is often criticized as having effectively legalized spam. This critique seems fair as the legislation appears aimed at getting spammers to honestly identify themselves rather than reducing the amount of spam that clogs our inboxes. The Opt-Out Provision requires that each spammer provide all recipients with the right to decline future e-mail from the same source. The problem is that the act of responding to spam serves to alert the spammer that they have successfully accessed an active e-mail account. This will inevitably lead to more spam. Due to the fact that spammers frequently distribute messages through third-party servers, they can disguise their origins and identity while benefitting from the responses to Opt-Out. Therefore, instead of preventing spam with the opt-out policy, it encourages spamming and gives the misimpression to other spammers that the activity is legal. The difficulties enforcing the legislation makes it clear that legislation alone will not reduce spamming.


[edit] Avoiding spam

Image:Email spam.png
Main article: Stopping e-mail abuse

Computer users can avoid e-mail spam in several ways:

  • End-users can use automated e-mail filtering on their own computers.
  • System administrators can use appropriate tools to trap e-mail spam at the mail server level, either by use of software or special appliances.
  • Spam can be reported to appropriate ISP so that the spamming can be stopped.
  • By giving out one's ISP e-mail address only to closely trusted acquaintances, friends, and relatives, and using web based e-mail services for everyone else.
  • By asking friends not to include one's e-mail address in the "To" or "cc" fields when sending several copies of an e-mail.
  • By creating a unique e-mail address for each person or site you wish to communicate with. This can be done using an online mail forwarding service, or with administrative access to your own e-mail server. If spam is received on one of these addresses, you immediately know who leaked or sold your address to spammers, and you can also cancel the affected e-mail address. However, even legitimate email addresses can sometimes get on spam lists, and it's possible for these different email addresses to end up on the same list, meaning that more spam may be sent.
  • End-users can take precautions to avoid needlessly publicising their e-mail addresses or protect them from e-mail harvesting by spam bots, such as by using e-mail forms that do not display the address in the webpage code, or by address munging.
  • Using anti-virus and anti-spyware programs with regularly updated definitions to avoid having their computers hijacked and used as spammer tools.
  • Users are also advised to configure their e-mail clients to disable rich content features such as HTML mail and automatic downloading of external images. External images can be used by spammers to identify valid e-mail addresses.
  • By periodically performing an internet search for one's own email address, and if necessary getting the appropriate website administrator to remove it.

Anti-spam programmers have released several tools—intended for both end users and for systems administrators—which automate the highlighting, removal or filtering of e-mail spam by scanning through incoming and outgoing e-mails in search of traits typical of spam. Modern anti-spam systems are usually very effective at protecting email users from spam.

Like other forms of theft, spam should be reported to the appropriate people so that it can be stopped. Services, such as SpamCop, make this easy to do. While this may not immediately decrease the amount of spam you receive significantly, it will reduce the amount of spam that everyone receives.

The best way to avoid spam is to avoid making one's e-mail address available to spammers, directly or indirectly.

Basic computer literacy should include an understanding of the basics of spamming and spam avoidance. One should never reply to a spam e-mail, or click an "opt-out" link (this simply confirms that an e-mail address is "live"). Users should not reveal their e-mail addresses on pornographic, warez and other shady sites.

If a web site requests registration in order to allow useful operations, such as posting in Internet forums, a user may give a temporary disposable address—set up and used only for such a purpose—periodically deleting such temporary e-mail accounts from their e-mail servers. (Users should notify such forums of the new replacement addresses if they wish to continue interaction for valid purposes.) For example, free services such as spamgourmet.com and spamhole.com allow a user to create a temporary e-mail address which forwards e-mail to you for a set period of time, and then becomes invalid.

[edit] Avoiding or Deterring the Sending of Spam

Anti-spam ISPs and technicians have published a number of resources to help systems and e-mail users avoid sending spam inadvertently or through misunderstanding the e-mail system — such as the MAPS Guidelines for Mailing List Management. These guidelines aim to help legitimate users of bulk e-mail who wish not only to comply with anti-spam laws, but also to avoid appearing to customers or Internet partners as spammers.

Broadly, such guidelines promote the idea that e-mail recipients must grant permission before others may send them bulk e-mail. In effect, senders must not send bulk e-mail to users who have not opted in to receive it. This contrasts with the view of e-mail promoted by many bulk e-mailers, who claim that senders should feel free to send to any user who has not opted out of receiving it.

Most spammers, however, do not even comply with an opt-out régime. Although U.S. and other laws require that commercial e-mailers cease sending to recipients who have opted out, many spam messages contain fraudulent opt-out instructions. In some cases, spammers have used the opt-out function as a way of confirming that someone actually read a spam message. In 2004 some spam messages turned out to contain malware for Microsoft Windows which victims triggered by clicking an opt-out link.

[edit] Cost-based methods

A number of persons have proposed "e-mail postage" systems, under which e-mail senders would be required to pay money, perform a resource-intensive computation, post a bond, or put something else of value at risk of forfeiture, for each message sent. Proponents include Bill Gates who has announced that Microsoft is working on a “ magic solution” to the spam problem that requires that so-called “unknown senders”, i.e. senders not on the Accepted List of the recipient, post “the electronic equivalent of a” stamp whose value would be lost to the sender only if the recipient disapproves of the email <ref>Jo Best (2004-01-26). Gates reveals his magic solution to spam. CNET.</ref>. Gates said that Microsoft favors other solutions in the short-term, but would rely on the contingent payment solution to solve the spam problem over the longer run. Microsoft, AOL as well as Yahoo! have recently introduced systems that allow commercial senders to avoid filters if they obtain a certificate or certification, which is lost to the sender if recipients complain.

The intent of such "sender-at-risk" solutions, which impose a significant cost to the sender only if the recipient rejects the message subsequent to receiving the email, is to deter spam by making it economically prohibitive to send unwanted email messages, while allowing legitimate emailers to send messages at little or no expense.

[edit] Confirmed opt-in

One difficulty occurs in implementing opt-in mailing lists: many means of gathering user e-mail addresses remain susceptible to forgery. For instance, if a company puts up a Web form to allow users to subscribe to a mailing list about its products, a malicious person can enter other people's e-mail addresses — to harass them, or to make the company appear to be spamming. (To most anti-spammers, if the company sends e-mail to these forgery victims, it is spamming, albeit inadvertently.)

To prevent this abuse, MAPS and other anti-spam organizations encourage that all mailing lists use confirmed opt-in (also known as verified opt-in and (by spammers themselves) as double opt-in). That is, whenever an address is presented for subscription to the list, the list software should send a confirmation message to that address. The confirmation message contains no advertising content, so it is not construed to be spam itself — and the address is not added to the list unless the recipient responds to the confirmation message. See also the Spamhaus Mailing Lists vs. Spam Lists page.

All modern mailing list management programs (such as GNU Mailman, Majordomo, and qmail's ezmlm) support confirmed opt-in by default.

[edit] How spammers operate

[edit] Gathering of addresses

In order to send spam, spammers need to obtain the e-mail addresses of the intended recipients. Toward this end, both spammers themselves and list merchants gather huge lists of potential e-mail addresses. Since spam is, by definition, unsolicited, this address harvesting is done without the consent (and sometimes against the expressed will) of the address owners. As a consequence, spammers' address lists are remarkably inaccurate. A single spam run may target tens of millions of possible addresses -- many of which are invalid, malformed, or undeliverable.

Spam differs from other forms of direct marketing in many ways, one of them being that it costs no more to send to a larger number of recipients than a smaller number. For this reason, there is little pressure upon spammers to limit the number of addresses targeted in a spam run, or to restrict it to persons likely to be interested. One consequence of this fact is that many people receive spam written in languages they cannot read — a good deal of spam sent to English-speaking recipients is in Chinese or Korean, for instance. Likewise, lists of addresses sold for use in spam frequently contain malformed addresses, duplicate addresses, and addresses of role accounts such as postmaster. [19]

Spammers may harvest e-mail addresses from a number of sources. A popular method uses e-mail addresses which their owners have published for other purposes. Usenet posts, especially those in archives such as Google Groups, frequently yield addresses. Simply searching the Web for pages with addresses — such as corporate staff directories — using spambots can yield thousands of addresses, most of them deliverable. Spammers have also subscribed to discussion mailing lists for the purpose of gathering the addresses of posters. The DNS and WHOIS systems require the publication of technical contact information for all Internet domains; spammers have illegally trawled these resources for email addresses. Many spammers utilize programs called web spiders to find email addresses on web pages. Usenet article message-IDs often look enough like email addresses that they are harvested as well.

Spammer viruses may include a function which scans the victimized computer's disk drives (and possibly its network interfaces) for email addresses. These scanners discover email addresses which have never been exposed on the Web or in Whois. A victimized computer located on a shared network segment may capture email addresses from traffic addressed to its network neighbors. The harvested addresses are then returned to the spammer through the bot-net created by the virus.

A recent, controversial tactic, called "e-pending", involves the appending of e-mail addresses to direct-marketing databases. Direct marketers normally obtain lists of prospects from sources such as magazine subscriptions and customer lists. By searching the Web and other resources for e-mail addresses corresponding to the names and street addresses in their records, direct marketers can send targeted spam e-mail. However, as with most spammer "targeting", this is imprecise; users have reported, for instance, receiving solicitations to mortgage their house at a specific street address — with the address being clearly a business address including mail stop and office number.

Spammers sometimes use various means to confirm addresses as deliverable. For instance, including a Web bug in a spam message written in HTML may cause the recipient's mail client to transmit the recipient's address, or any other unique key, to the spammer's Web site. [20]

Likewise, spammers sometimes operate Web pages which purport to remove submitted addresses from spam lists. In several cases, these have been found to subscribe the entered addresses to receive more spam. [21]

When you fill out a form it is often sold to a spammer using a web service or http post to transfer the data. This is immediate and will drop the email in various spammer databases. The revenue made from the spammer is shared with the source. For instance if you ran an online mortgage, or signed up for a loan the owner of this site is likely to make a deal with the spammer to sell the address. These are considered the best emails by spammers because they are fresh and the user just signed up for a site that does well with spam anyway.

[edit] Delivering spam messages

Internet users and system administrators have deployed a vast array of techniques to block, filter, or otherwise banish spam from users' mailboxes. Almost all Internet service providers forbid the use of their services to send spam or to operate spam-support services. Both commercial firms and volunteers run subscriber services dedicated to blocking or filtering spam, such as AppRiver, Brightmail, MailRoute, Postini, Panda, MX Logic and the various DNSBLs.

[edit] Using Webmail services

A common practice of spammers is to create accounts on free webmail services, such as Hotmail, to send spam or to receive e-mailed responses from potential customers. Because of the amount of mail sent by spammers, they require several e-mail accounts, and use web bots to automate the creation of these accounts.

In an effort to cut down on this abuse, many of these services have adopted a system called the captcha: users attempting to create a new account are presented with a graphic of a word, which uses a strange font, on a difficult to read background. Humans are able to read these graphics, and are required to enter the word to complete the application for a new account, while computers are unable to get accurate readings of the words using standard OCR techniques. Blind users of captchas typically get an audio sample.

Spammers have, however, found a means of circumventing this measure. Reportedly, they have set up sites offering free pornography: to get access to the site, a user displays a graphic from one of these webmail sites, and must enter the word. Once the bot has successfully created the account, the user gains access to the pornographic material.

[edit] Using other people's computers

Early on, spammers discovered that if they sent large quantities of spam directly from their ISP accounts, recipients would complain and ISPs would shut their accounts down. Thus, one of the basic techniques of sending spam has become to send it from someone else's computer and network connection. By doing this, spammers protect themselves in several ways: they hide their tracks, get others' systems to do most of the work of delivering messages, and direct the efforts of investigators towards the other systems rather than the spammers themselves. The increasing broadband usage gave rise to a great number of computers that are online as long as they are turned on, and whose owners do not always take steps to protect them from malware. A botnet consisting of several hundred compromised machines can effortlessly churn out millions of messages per day. This also complicates the tracing of spammers.

[edit] Open relays

In the 1990s, the most common way spammers did this was to use open mail relays. An open relay is an MTA, or mail server, which is configured to pass along messages sent to it from any location, to any recipient. In the original SMTP mail architecture, this was the default behavior: a user could send mail to practically any mail server, which would pass it along towards the intended recipient's mail server.

The standard was written in an era before spamming when there were few hosts on the internet, and those on the internet abided by a certain level of conduct. While this cooperative, open approach was useful in ensuring that mail was delivered, it was vulnerable to abuse by spammers—and abused it soon was. Spammers could forward batches of spam through open relays, leaving the job of delivering the messages up to the relays.

In response, mail system administrators concerned about spam began to demand that other mail operators configure MTAs to cease being open relays. The first DNSBLs, such as MAPS RBL and the now-defunct ORBS, aimed chiefly at allowing mail sites to refuse mail from known open relays.

[edit] Open proxies

Within a few years, open relays became rare and spammers resorted to other tactics, most prominently the use of open proxies. A proxy is a network service for making indirect connections to other network services. The client connects to the proxy and instructs it to connect to a server. The server perceives an incoming connection from the proxy, not the original client. Proxies have many purposes, including Web-page caching, protection of privacy, filtering of Web content, and selectively bypassing firewalls.

An open proxy is one which will create connections for any client to any server, without authentication. Like open relays, open proxies were once relatively common, as many administrators did not see a need to restrict access to them.

A spammer can direct an open proxy to connect to a mail server, and send spam through it. The mail server logs a connection from the proxy -- not the spammer's own computer. This provides an even greater degree of concealment for the spammer than an open relay, since most relays log the client address in the headers of messages they pass. Open proxies have also been used to conceal the sources of attacks against other services besides mail, such as Web sites or IRC servers.

Besides relays and proxies, spammers have used other insecure services to send spam. One example is the now-infamous FormMail.pl, a CGI script to allow Web-site users to send e-mail feedback from an HTML form. [22] Several versions of this program, and others like it, allowed the user to redirect e-mail to arbitrary addresses. Spam sent through open FormMail scripts is frequently marked by the program's characteristic opening line: "Below is the result of your feedback form."

As spam from proxies and other "spammable" resources grew, DNSBL operators started listing their IP addresses, as well as open relays.

Today, spammers use infected Windows PCs to deliver spam. Many still rely on Web-hosting services on spam-friendly ISPs to make money.
[edit] Spammer viruses

In 2003, spam investigators saw a radical change in the way spammers sent spam. Rather than searching the global network for exploitable services such as open relays and proxies, spammers began creating "services" of their own. By commissioning computer viruses designed to deploy proxies and other spam-sending tools, spammers could harness hundreds of thousands of end-user computers.

Most of the major Windows e-mail viruses of 2003, including the Sobig and Mimail virus families, functioned as spammer viruses: viruses designed expressly to make infected computers available as spamming tools. [23] [24]

Besides sending spam, spammer viruses serve spammers in other ways. Beginning in July 2003, spammers started using some of these same viruses to perpetrate distributed denial-of-service (DDoS) attacks upon DNSBLs and other anti-spam resources. [25] Although this was by no means the first time that illegal attacks have been used against anti-spam sites, it was perhaps the first wave of effective attacks.

In August of that year, engineering company Osirusoft ceased providing DNSBL mirrors of the SPEWS and other blocklists, after several days of unceasing attack from virus-infected hosts. [26] The very next month, DNSBL operator Monkeys.com succumbed to the attacks as well. [27] Other DNSBL operators, such as Spamhaus, have deployed global mirroring and other anti-DDoS methods to resist these attacks.

[edit] Obfuscating message content

Many spam-filtering techniques work by searching for patterns in the headers or bodies of messages. For instance, a user may decide that all e-mail she receives with the word "Viagra" in the subject line is spam, and instruct her mail program to automatically delete all such messages. To defeat such filters, the spammer may intentionally misspell commonly-filtered words, use Leetspeak or insert other characters, as in the following examples:

  • V1agra
  • Via'gra
  • V I A G R A
  • Vaigra
  • \ /iagra
  • Vi@graa

The principle of this method is to leave the word readable to humans (whose pattern-recognition skills make them adept at picking out the true meaning of misspelled words), but not recognizable to a literally-minded computer program. This is effective up to a point. Eventually, filter patterns become generic enough to recognize the word "Viagra" no matter how misspelled -- or else they target the obfuscation methods themselves, such as insertion of punctuation into unusual places in a word.

(Note: Using most common variations, it is possible to spell "Viagra" in over 1,300,000,000,000,000,000,000 ways.[28])

HTML-based e-mail gives the spammer more tools to obfuscate text. Inserting HTML comments between letters can foil some filters, as can including text made invisible by setting the font color to white on a white background, or shrinking the font size to the smallest fine print.

Another common ploy involves presenting the text as an image, which is either sent along or loaded from a remote server. This can be foiled by not permitting an e-mail-program to load images.

As Bayesian filtering has become popular as a spam-filtering technique, spammers have started using methods to weaken it. To a rough approximation, Bayesian filters rely on word probabilities. If a message contains many words which are only used in spam, and few which are never used in spam, it is likely to be spam. To weaken Bayesian filters, some spammers, alongside the sales pitch, now include lines of irrelevant, random words, in a technique known as Bayesian poisoning. A variant on this tactic may be borrowed from the Usenet abuser known as "Hipcrime" -- to include passages from books taken from Project Gutenberg, or nonsense sentences generated with "dissociated press" algorithms. Randomly generated phrases can create spamoetry (spam poetry) or spam art.

Another method used to masquerade spam as legitimate messages is the use of autogenerated sender names in the From: field, ranging from realistic ones such as "Jackie F. Bird" to (either by mistake or intentionally) bizarre attention-grabbing names such as "Sloppiest U. Epiglottis" or "Attentively E. Behavioral". Return addresses are also routinely auto-generated.

[edit] Spam-support services

A number of other online activities and business practices are considered by anti-spam activists to be connected to spamming. These are sometimes termed spam-support services: business services, other than the actual sending of spam itself, which permit the spammer to continue operating. Spam-support services can include processing orders for goods advertised in spam, hosting Web sites or DNS records referenced in spam messages, or a number of specific services as follows:

Some Internet hosting firms advertise bulk-friendly or bulletproof hosting. This means that, unlike most ISPs, they will not terminate a customer for spamming. [29] These hosting firms operate as clients of larger ISPs, and many have eventually been taken offline by these larger ISPs as a result of complaints regarding spam activity. Thus, while a firm may advertise bulletproof hosting, it is ultimately unable to deliver without the connivance of its upstream ISP. However, some spammers have managed to get what is called a pink contract (see below) — a contract with the ISP that allows them to spam without being disconnected.

A few companies produce spamware, or software designed for spammers. Spamware varies widely, but may include the ability to import thousands of addresses, to generate random addresses, to insert fraudulent headers into messages, to use dozens or hundreds of mail servers simultaneously, and to make use of open relays. The sale of spamware is illegal in eight U.S. states. [30] [31] [32]

So-called millions CDs are commonly advertised in spam. These are CD-ROMs purportedly containing lists of e-mail addresses, for use in sending spam to these addresses. Such lists are also sold directly online, frequently with the false claim that the owners of the listed addresses have requested (or "opted in") to be included. Such lists often contain invalid addresses. [33]

A number of DNSBLs, including the MAPS RBL, Spamhaus SBL, and SPEWS, target the providers of spam-support services as well as spammers.

[edit] Related vocabulary

Unsolicited bulk e-mail (UBE)
A synonym for e-mail spam.
Unsolicited commercial e-mail (UCE)
Spam promoting a commercial service or product. This is the most common type of spam, but it excludes spam which are hoaxes (e.g. virus warnings), political advocacy, and chain letters sent by a person to many other people. The term UCE may be most common in the USA [34].
Pink contract
A service contract offered by an ISP which offers bulk e-mail service to spamming clients, in violation of that ISP's publicly posted acceptable use policy.
Spamvertise
(verb) To promote a website, a product, or a cause through spamming. (Portmanteau of spam + advertise.)

[edit] In the news

On November 4, 2004, Jeremy Jaynes, rated the 8th most prolific spammer in the world according to Spamhaus, was convicted of three felony charges of using servers in Virginia to send thousands of fraudulent e-mails. The court recommended a sentence of nine years' imprisonment, which was imposed in April 2005 although the start of the sentence is deferred pending appeals. Jaynes claimed to have an income of $750,000 a month from his spamming activities.

On December 31, 2004, British authorities arrested Christopher Pierson in Lincolnshire, UK and charged him with malicious communication and causing a public nuisance. On January 3, 2005, he pleaded guilty to sending hoax e-mails to relatives of people missing following the Asian tsunami disaster.

On July 25, 2005, Russian spammer Vardan Kushnir was found dead in his Moscow apartment, having suffered numerous blunt-force blows to the head.

On June 28, 2006, IronPort released a study which found 80% of spam emails originating from zombie computers. The report also found 55 billion daily spam emails in June 2006, a large increase from 35 billion daily spam emails in June 2005. The study used SenderData which represents 25% of global email traffic and data from over 100,000 ISP's, universities, and corporations.

On 2006-08-15 AOL announced the intention of digging up the garden of the parents of spammer Davis Wolfgang Hawke in search of buried gold and platinum. AOL had been awarded a US$ 12.8 million judgment in May of 2005 against Hawke, who had gone into hiding. The permission for the search was granted by a judge after AOL proved that the spammer had bought large amounts of gold and platinum.[35]

[edit] See also

[edit] References

[edit] External links

This article is part of the Spamming series.
E-mail spam DNSBL | Spamhaus | Stopping e-mail abuse | Spambot
Address munging | E-mail authentication | Directory Harvest Attack
Spamdexing
Google bomb | Keyword stuffing | Cloaking | Link farm | Web ring
Referer spam | Blog spam | Spam blogs | Sping | Scraper site
Telemarketing Autodialer | Mobile phone spam | VoIP spam
Scams Phishing | Advance fee fraud | Lottery scam | Make money fast | Pump and dump
Misc. Messaging spam | Newsgroup spam | Flyposting
History of spamming
ca:Correu brossa

de:Unsolicited Bulk Email ru:Спам he:דואר זבל sl:spam fi:Roskaposti tr:Yığın ileti wa:Bôraedje d' emilreye zh:垃圾邮件

Retrieved from "http://en.wikivisual.com/index.php/E-mail_spam"
Personal tools