The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Thursday, January 19, 2006

Tools in the fight against spam

I'm on the fence about whether I should mention some of these tools or not, as there are those who consider fighting abuse with abuse to be a bad thing. The other school of thought is that it's ok to defend yourself when you're attacked by spammers.

This post is a living post; I'll be adding to it as time goes on. Perhaps later I'll replace it with a link to a static page.
  • Sender Score — Call themselves "The world's most comprehensive database of email sender reputation". Use it to check out your own business and make sure you're staying out of the anti-spam blacklist.
  • Wpoison -- The oldest one I know of. This is a cgi script that generates bogus web pages on demand. Each page is filled with giberish, fake email addresses, and links to more wpoison pages. The idea is that email address harvesters will harvest the fake email addresses and poison the spammer's database. This is a very old script and may no longer be effective. It also has the potential to poison the databases of search engines, which is an undesirable side effect. The search engines are likely to drop your entire site from their crawl in response, which is probably something you don't want. Protect the search engines (and yourself) against this by installing a proper robots.txt file along with wpoison.
  • Spam Poison -- Seems to be a commercial reincarnation of wpoison. They provide you with a tagged url to place in your web site which redirects harvesters to their web site. Not clear how they make money (if any) from this. Also, the links have "spampoison.com" in the clear, so I would think that the harvesters will have learned to ignore those links by now.
  • Spam Gourmet -- One of my favorites. They provide email addresses with short lifespans to use anywhere you're required to give an email address to strangers. Their basic service is free and fairly easy to use. You sign up with them and get an email address in their domain. Then, whenever you need to enter an email address on a web page, you enter one in the form userid.N.cookie@spamgourmet.com. The cookie is anything you want to use for that web site, and N is the maximum number of emails you're willing to receive. The first N messages are forwarded to you. After that, it becomes a black hole, never to contact you again. You don't even need to visit the spamgourmet.com web site after the initial signup. The only tricky part is coming up with cookies you haven't used before.
  • Spam Decoy.net — Disposable email accounts (not yet reviewed).
  • SiteAdvisor -- Provides two services: First, they seed web forms all over the internet with tagged email addresses to see which ones get spammed. Second, they visit sites with potentially malicious software to see which ones download malware onto their computers. They then make this database available under the creative commons, and provide warnings while you surf. Visit their web page for a short animated demo. See my review above.
  • Spam Cube -- A hardware solution to spam. Similar to a firewall box, Spam Cube sits between your computer and your network, filtering out spam as it arrives. Presumably, its filters are regularly updated remotely by the vendor. Like a firewall box, Spam Cube is configurable via a webbish interface. See International Herald Tribune review.
  • SpamFighter — Collaborative anti-spam tool for Windoze. Click on a piece of spam that the filter missed, and the spam is removed from everybody's inboxes simultaneously. Not being a Windoze user myself, I haven't tried it out.
  • SpamSieve -- Bayesian filter software for Mac OS X. $25. 30-day trial available.
  • SpamPal -- Filter program for Windows. Runs between your mailbox and your mail program, tagging incoming mail as spam if the sender is found in a DNSBL database.
  • SpamAssassin -- Similar to SpamPal, but for Unix/Linux. A perl program launched from procmail which tags spam based on multiple criteria, including DNSBL listings.
  • Blue Frog -- Subscription service which maintained a do-not-spam list and complains to spammers on your behalf. Driven out of business by a denial-of-service attack in 2006.
  • TattleMail -- Subscription service which automatically analyzes your spam for you and sends complaints to the proper authorities. $1/month. See ClickPress review.
  • FormFlood -- A program written to fill web-based forms with gibberish. Nominally intended to load-test servers, it can also be used to poison a spammer's leads database. Here's how it works: A spammer (say a mortgage spammer) floods you with spam asking you to fill out a form to apply for a mortgage. (In reality, this information is simply sold to mortgage brokers, who will contact you later.) FormFlood lets you fill out the spammer's form thousands of times with reasonable-looking gibberish. This wastes the time of the mortgage broker who hired the spammer and makes the spammer's leads worthless. Soon, that spammer is out of business. Poison the databases of enough spammers, and the mortgage broker who hired them starts looking for more legitimate ways to run their business.
  • PhishFighting.com -- Similar to FormFlood; this site allows you to report the URL of a phishing site, which is then flooded with bogus information. The phisher is then unable to find the useful information in the flood of useless data.
  • Spam Vampire -- This is a program intended to suck down all of a spammer's bandwidth. In short, if enough people run it, it creates a distributed denial of serivce (DDOS) attack against the spammer's web site. It's written in javascript and runs right in your browser. You installing it by downloading the source code (which is an html file) onto your local disk. You configure it by editing the web page to point at a web page owned by the spammer that's annoying you, and by disabling caching in your browser. You run it by simply viewing the web page in your browser. If you like, you can even simply view the web page directly from the spam vampire web site, but then it attacks the spammers that Darren Brothers chooses instead of the ones you choose. The instructions seem to be directed at Windows users, but it probably runs under Mac and Unix/Linux as well. I haven't tried it myself
  • Refi Retaliator -- Another program intended to poison the leads database of a mortgage spammer.
  • Lad Vampire -- Coordinates DOS attacks against spammer web sites, similar to Spam Vampire.
  • Cloudmark -- Community-based anti-spam service.
Links to many spam-fighting tools and tutorials can be found at Spam Huntress' web page.

Labels:

3 Comments:

Anonymous Anonymous said...

This comment has been removed by a blog administrator.

10:57 PM  
Anonymous Anonymous said...

Nice list, I have another resource: http://www.spamdecoy.net - Disposable email accounts :)

4:55 AM  
Anonymous Anonymous said...

Blue Frog :-O Blue Frog (Blue Security) got DDoS'd off the net permanently nearly a year ago, because it was effective against many of the largest spammers.

Some nice anti-spam tools and discussion in this forum...

http://thecarpcstore.com/phpbb2/viewforum.php?f=1

4:49 PM  

Post a Comment

<< Home