The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Tuesday, January 31, 2006

Second Defendant Pleads Guilty in Prosecution of Major International spam Operation

U.S. Newswire reports that Kirk F. Rogers of Manhattan Beach, California has pled guilty to one count of spamming under the CAN-SPAM act. Rogers is accused of having developed and managed the computer system used by three other people.

Also indicted: Jennifer R. Clason of Tempe, Arizona; Jeffrey A. Kilbride of Venice, California, and James R. Schaffer of Paradise Valley, Arizona.

Previously pled guilty: Andrew Ellifson of Scottsdale, Arizona.

The U.S. Newswire report makes heavy emphasis on the fact that these spammers are charged with transmitting obscene emails. For my part, I wish the emphasis was more on the spam than on the content.

Update: Jennifer Clason has also pled guilty. See my March 8 post.

Monday, January 30, 2006

Reynolds' memo opposing the use of video conferencing

Reynolds has issued his memorandum opposing the use of telephone or video conferencing in my jurisdiction hearing. The real reason, of course, is to make this cost me as much as possible. The nominal reason is so that my demeanor can be seen in the court room. The most offensive part of this memo is the assertion that we want to do this electronically so that David Ritz won't have to travel to ND and risk arrest, and that his severe health problems have nothing to do with it.

Full text is here (pdf, 11 scanned pages)

Labels: , , ,

Sunday, January 29, 2006

Antispyware Company Sued Under Spyware Law

You know those pop-up ads you get all the time that warn you that your computer may be infected with spyware and you should go to a web site to have your computer scanned? Well the Washington state attorney general has sued one of the companies responsible.

PC World and several other news sources report that Microsoft and the Washington State attorney general are suing antispyware vendor Secure Computer. They're accused of violating Washington's 2005 Computer Spyware Act, the state's Commercial Electronic Mail and Consumer Protection Acts, and the federal CAN-SPAM act.

In particular, Secure Computer is accused of using false and deceptive marketing, corrupting users' hard drives, and advertising via email spam, pop-up ads, and deceptive links. They offered free software scans which inevitably detected spyware, even where there was none, and then sold you the product for $49.95.

The software itself did a terrible job, flagging legitimate files and cookies as spyware, and missing actual spyware. In addition, it erased the user's hosts file.

Naturally, Secure Computer claims innocence, insisting that the software had been written by someone else, and that their affiliates were to blame for the bad marketing practices.

For more details, see PC World Antispyware Company Sued Under Spyware Law, I.T. Vibe article New York firm sued for selling phoney anti-spyware software, c|net article Washington state sues over spyware, or search for Washington state Secure Computer

Friday, January 27, 2006

Other good news today

Spam Daily News reports that the FBI has arrested a phisher named Jeffrey Brett Goodin, and that Japanese police have arrested a spyware suspect named Atsushi Takewaka.

New technique: payload embedded in a Yahoo group invitation.

Here's one I've not seen before (or perhaps I'm just not very observant): I got an invitation from someone I never heard of before, to join a Yahoo group I had never of heard before. The "introductory message" that comes with such invitations had nothing to do with the group in question. Instead, it contained the spam payload.

If you try to visit the Yahoo group in question, or the geocities web site in the payload, you get redirected immediately to an online drug dealer.

Time to send out a few notifications.

Update: the very next day I received a response from Geocities (the site hosting the click-through). The site was investigated and pulled. Refreshing to talk to a responsive abuse desk like that.

The 'jenerix' Yahoo group seems to be gone as well. Well done, Yahoo. Of course, the original web site is still up. Should be interesting to see what it takes to bring it down.

Maryland citizens retain right to fight spam

The Baltimore Sun reports that on Thursday, an appellate judge had reversed an earlier ruling that Maryland's anti-spam law unconstitutional. In the ruling, judge Sally D. Adkins affirmed that Maryland courts do have jurisdiction over spammers who send false or misleading emails to MD residents.

This ruling, along with similar rulings in California and Washington, means that states do have the right to pass anti-spam laws, and that the CAN-SPAM act does not invalidate those laws. This is an important legal precedent.

The Maryland civil anti-spam law allows residents to sue for $500 for every misleading or fraudulent email they receive, and for ISPs to sue for $1000.

See Baltimore Sun article "Judge affirms spam suits" for more details.

Thursday, January 26, 2006

AOL wins $5M judgment against spammer

The AP is reporting that Christopher William Smith has been found guilty of runing an "online pharamacy" and hawking "generic Viagra" by spam. A federal judge has ordered him to pay AOL damages and legal fees totalling nearly $5.6 million in damages.

See the Seattle PI article for the complete story.

And according to Spam Daily News, Smith's lawyer, Daniel Adkins is facing charges of his own. He is charged with conspiracy to distribut controlled substances, wire fraud, and a number of other things.

Wednesday, January 25, 2006

Preparing for our motion allowing remote testimony

I'm being sued in North Dakota.

I don't live in North Dakota. I don't do business in North Dakota. I've never even set foot in North Dakota. I'm pretty sure rahul.net isn't located in North Dakota. So why, then, am I being sued in North Dakota? It's because Reynolds lives there, and he says my website is "targeted" at him, a North Dakota citizen.

Ok, so that's a bit of a stretch. Obviously, we're arguing that North Dakota has no say over what I write here in California. So who decides where jurisdiction really lies? You guessed it -- North Dakota does. So now we have to have a hearing in the court to decide where the trial will be. This means motions, counter-motions, and counter-counter motions. Affidavits, and briefs, and expert witnesses. It's a whole trial by itself, just to determine if I have to travel to North Dakota to be sued there. All of these things cost money, of course. (Which is just fine by Reynolds naturally; that's the whole point of a slapp suit.)

But get this: Normally in such circumstances, we'd do this by phone. In North Dakota, that's perfectly acceptable. You can even do a full-blown trial by phone. Welcome to the 21st century. But since the purpose of a slapp suit is to cost me money, Reynolds' lawyer, Harristhal, is insisting I appear in person for the hearing. That's right, I'm expected to travel 2000 miles to attend a hearing on whether or not I need to travel 2000 miles for a trial. Kind of defeats the purpose. Never mind that this could just as easily be done by phone. Never mind that the courthouse is set up for interactive video for just such an eventuality. Never mind that Harristhal himself often appears by video rather than in person. No, he insists that I have to travel to North Dakota.

So now we have another round of motions and counter-motions and counter-counter motions leading up to another hearing. Just to decide on how the hearing will be conducted to decide where the trial will be conducted.

Ok, let's get this preliminary pre-trial hearing underway.

Labels: , , ,

Pete Wellborn formally joins the lawsuit


Atlanta lawyer Pete Wellborn has formally joined the lawsuit with the filing of his petition to practice in North Dakota for the purpose of this suit. Wellborn is known in the industry as the "Spammer Hammer". This is the guy who took down Howard Carmack ($16M), Sam Khuri, Sanford Wallace ($2M), K.C. Smith ($25M), James McCalla ($11B), and successfully defended Spamhaus from a SLAPP lawsuit filed by Mark Felstein on behalf of a coalition of Florida spammers and Mark Mumma from a SLAPP suit filed by cruise.com.

I regret I won't be able to see Harristhal and Reynolds' faces when they learn this.

Labels: , , ,

Most spam still coming from the U.S.

C|Net reports that most spam still comes from the U.S., with China running a close second.

Nothing new to see here. Move along.

The good news, though, is that in other news, even though we're still #1, we've made significant progress. Read iTWire article Spam down in US and Australia, China spam explodes, or the original report from Sophos.com.

Tuesday, January 24, 2006

PCWorld looks back at 2005 and discusses the future of spam

Tom Spring has an article in today's PC World magazine discussing the next generation of spam, and looking back on 2005. Highlights: A virus that spread through AOL's AIM. Zombies used by spammers. Targeted phishing attacks.

See article PCWorld.com - Spam Slayer: Next-Generation Spam

Gag me


One of the purposes of this lawsuit is to censor as much information about Netzilla and Jerry Reynolds from the internet as possible. Over the years, Reynolds has left quite a digital paper trail of his activities, and now he finds that it's interfering with his livelihood. So by hook or by crook (or in this case by forgery or by court), he's doing his best to scrub the record.

It started, of course, with the demand letters that I remove my web site. At first, he demanded that I remove specific items from his case file. When that didn't work, he demanded that I remove it entirely. No luck there.

Reynolds filed his lawsuit against me on Feb 18, 2005. A few days later, forged cancel messages were transmitted from one of his servers, deleting every article about him from the usenet archives that could be found. Now, these articles had expired from the usenet news spools years ago, but the forged cancels also made their way to the Google Groups 2 servers, which for some reason honored them and removed the articles from the archives. Luckily, Google Canada and the U.K. were still running Google Groups 1, and those servers didn't honor cancels. We were able to retrieve the censored articles from those servers. (Later, Google received enough complaints about censorship via forged cancels that they reversed their policy and restored the deleted articles.)

Reynolds' next step was to convince the judge in the "computer crime" case against Ritz and myself that publishing public whois and dns data about his servers somehow made them vulnerable to hackers. He was able to get a court order forbidding Ritz or "anybody working in concert" with him (i.e. me) from publishing information about Reynolds' servers. Ritz was then forced to remove his web pages containing the evidence which would have been used by me to defend myself in my defamation case.

In April, 2005, there had been a discussion on usenet about a mysterious peering request from "spamkiller.net". The sysadmin starting the discussion wanted to know who spamkiller.net was, and if they could be trusted. I responded by noting that spamkiller.net was registered anonymously (highly unusual), and that no legitimate business would be hiding their identity like that. Ritz and some other spam-fighters went even further and discovered that spamkiller.net was in fact owned by Jerry Reynolds.

In August, armed with his court order, Reynolds went to Google and demanded that all archives of the spamkiller.net discussion be removed from Google Groups. You can read all about it at Chilling Effects.

In December, I was served with another court order, forcing me to remove all references to Reynolds' servers from my web pages. You can see the effects of this court order in the Netzilla case file, where I was forced to replace many references with "Removed by TRO".

Finally, we see that the court hearings on jurisdiction coming up in February and March (two lawsuits, two jurisdiction hearings -- in fact, two of everything), have been closed to the public at Reynolds' request. Come on, a jurisdiction hearing closed to the public? What is Reynolds hiding, and how did he convince two judges to let him hide it?

Labels: , , ,

About the lawsuits


I am involved in two lawsuits at the moment. The first is a defamation case brought by porn spammer Jerry Reynolds (suing me as "John Doe"). He objects to me identifying him as a porn spammer. The second lawsuit is a computer crime lawsuit against fellow spam-fighter David Ritz and myself, brought by Reynolds' company Sierra Corporate Designs. They accuse us of making "unauthorized access" to his servers and downloading confidential data.

The story:

I have been maintaining my spam-tracking web site since 1997, keeping case files on over 400 spammers and spamming isps. The spam quick reference tracks hundreds more.

In August 2004, I started getting letters from Jerry Reynolds' lawyer, Christopher Harristhal, insisting that I take down my web page. I updated the case file in question to reflect things that had changed over time, and removed information I couldn't verify, but otherwise left it alone. I received one more letter demanding that I remove the page entirely, which I duly ignored.

In late 2004, I was contacted out of the blue by a lawyer in North Dakota. She had a client who was being sued for defamation by one Jerry Reynolds, who my spam tracking site lists as having been the owner of Netzilla, the worst porn spammer on the internet from 1997-1999. Her client was being sued for — among other things — saying that Jerry Reynolds was a pornographer. Was it possible, she asked, that I could send her any documentation to back up the claims on my web site, since her client was using my web site as part of her defense.

I sent her what little I had, and heard no more, other than that the case had eventually been dismissed.

I now suspected I had a reason for Reynolds' sudden harassment of me — he wanted my website taken down so that the local victim of his legal bullying would not have access to the information on it.

In February of 2005, I received a phone call from a reporter in North Dakota asking me about the lawsuit which had been filed against me. I knew immediately without being told that this was Reynolds making good on his threats. I talked to the reporter for a while, and then set about looking for a lawyer. I also checked with the other anti-spammers for information that would help defend myself in court. David Ritz was especially helpful, providing old whois and dns lookups to prove that I was right and that Reynolds was obeying the first rule of spammers.

I added the new evidence provided by Ritz to the Netzilla case file, and sat back to wait to see if I would actually get served.

Of course, Reynolds, true to form, wasn't about to sit back and let someone help a victim of his bullying. He almost immediately filed a lawsuit against Ritz (naming me as a co-defendant.) He's suing Ritz for — and I'm not making this up — hacking into his servers by doing unauthorized whois, smtp, and dns lookups. I'm named as co-defendant for linking to the information provided by Ritz from my web site, thus "exposing" Reynolds' servers to more break-ins.

The judge in this case has been listening to Reynolds' version of events for nearly a year now, without allowing Ritz or myself to tell our sides of it. Frankly, even an hour spent with his own I.T. folks at the courthouse would have cleared up all of this nonsense. Seriously, if the Fargo court house was run by computer professionals instead of legal professionals, Reynolds would be sitting in a jail cell right now on contempt charges just for filing such a ridiculous lawsuit.

Now it's trivially obvious that neither lawsuit has a chance in hell of going anywhere, but that's not the point. The point is to a) cost Ritz and myself as much money as possible defending ourselves, and to b) censor as thoroughly as possible any information about him on the internet (see my other post "Gag me" for more on this.)

So here we are. Reynolds serves us with one insane motion after another. I've had my computers subpoenaed and their disks copied. Ritz has had his copied three times. He's also been deposed twice for a total of eleven hours, each time requiring him to drive for hours to the law offices. I've got about six inches of paperwork in my file cabinet so far — I suspect Ritz has far more.

In the latest round of filings, Harristhal is insisting that I travel to North Dakota to attend the jurisdiction hearing. Although it's permissible and commonplace to handle such things by phone or video conference, Harristhal insists that I attend in person, along with any expert witnesses I might bring. This, in turn, leads us to another round of motions and counter-motions just to determine if I need to travel to North Dakota for a hearing to determine if I need to travel to North Dakota for a lawsuit. Obviously there's no real reason for us to attend the jurisdiction hearing in person, but the point of this exercise is to rack up my expenses, not to win the case.

Labels: , , ,

Monday, January 23, 2006

Zombie master pleads guilty

According to Spam Daily News, Jeanson Ancheta has pled guilty to seizing control of hundreds of thousands of zombie computers. See article Zombie master pleads guilty and BBC article American owns up to hijacking PCs. Original indictment (scanned pdf, 52 pages) is available at Findlaw.

Feds asked to take action against adware maker

Ziff-Davis reports that The Center for Democracy and Technology (CDT) has filed complaints against 180Solutions for adware and other network abuses. See ZDNet article "Feds asked to take action against adware maker"

Friday, January 20, 2006

30 Minute Mortgage Inc. shut down by FTC

Mortgage spammer "30 Minute Mortgage Inc" was shut down by the ftc, according to Realty Times.

According to the complaint (pdf, 20 scanned pages), the FTC alleges various deceptive business practices too numerous to list here, but including lying about company specifics, lying about mortgage rates, violation of privacy laws, and lying about the browser security employed on their web forms.

For a good article on how the mortgage spam business operates, see PC World article "Tracking Spam to Its Source" (about.com mirror).

Thursday, January 19, 2006

Tools in the fight against spam

I'm on the fence about whether I should mention some of these tools or not, as there are those who consider fighting abuse with abuse to be a bad thing. The other school of thought is that it's ok to defend yourself when you're attacked by spammers.

This post is a living post; I'll be adding to it as time goes on. Perhaps later I'll replace it with a link to a static page.
  • Sender Score — Call themselves "The world's most comprehensive database of email sender reputation". Use it to check out your own business and make sure you're staying out of the anti-spam blacklist.
  • Wpoison -- The oldest one I know of. This is a cgi script that generates bogus web pages on demand. Each page is filled with giberish, fake email addresses, and links to more wpoison pages. The idea is that email address harvesters will harvest the fake email addresses and poison the spammer's database. This is a very old script and may no longer be effective. It also has the potential to poison the databases of search engines, which is an undesirable side effect. The search engines are likely to drop your entire site from their crawl in response, which is probably something you don't want. Protect the search engines (and yourself) against this by installing a proper robots.txt file along with wpoison.
  • Spam Poison -- Seems to be a commercial reincarnation of wpoison. They provide you with a tagged url to place in your web site which redirects harvesters to their web site. Not clear how they make money (if any) from this. Also, the links have "spampoison.com" in the clear, so I would think that the harvesters will have learned to ignore those links by now.
  • Spam Gourmet -- One of my favorites. They provide email addresses with short lifespans to use anywhere you're required to give an email address to strangers. Their basic service is free and fairly easy to use. You sign up with them and get an email address in their domain. Then, whenever you need to enter an email address on a web page, you enter one in the form userid.N.cookie@spamgourmet.com. The cookie is anything you want to use for that web site, and N is the maximum number of emails you're willing to receive. The first N messages are forwarded to you. After that, it becomes a black hole, never to contact you again. You don't even need to visit the spamgourmet.com web site after the initial signup. The only tricky part is coming up with cookies you haven't used before.
  • Spam Decoy.net — Disposable email accounts (not yet reviewed).
  • SiteAdvisor -- Provides two services: First, they seed web forms all over the internet with tagged email addresses to see which ones get spammed. Second, they visit sites with potentially malicious software to see which ones download malware onto their computers. They then make this database available under the creative commons, and provide warnings while you surf. Visit their web page for a short animated demo. See my review above.
  • Spam Cube -- A hardware solution to spam. Similar to a firewall box, Spam Cube sits between your computer and your network, filtering out spam as it arrives. Presumably, its filters are regularly updated remotely by the vendor. Like a firewall box, Spam Cube is configurable via a webbish interface. See International Herald Tribune review.
  • SpamFighter — Collaborative anti-spam tool for Windoze. Click on a piece of spam that the filter missed, and the spam is removed from everybody's inboxes simultaneously. Not being a Windoze user myself, I haven't tried it out.
  • SpamSieve -- Bayesian filter software for Mac OS X. $25. 30-day trial available.
  • SpamPal -- Filter program for Windows. Runs between your mailbox and your mail program, tagging incoming mail as spam if the sender is found in a DNSBL database.
  • SpamAssassin -- Similar to SpamPal, but for Unix/Linux. A perl program launched from procmail which tags spam based on multiple criteria, including DNSBL listings.
  • Blue Frog -- Subscription service which maintained a do-not-spam list and complains to spammers on your behalf. Driven out of business by a denial-of-service attack in 2006.
  • TattleMail -- Subscription service which automatically analyzes your spam for you and sends complaints to the proper authorities. $1/month. See ClickPress review.
  • FormFlood -- A program written to fill web-based forms with gibberish. Nominally intended to load-test servers, it can also be used to poison a spammer's leads database. Here's how it works: A spammer (say a mortgage spammer) floods you with spam asking you to fill out a form to apply for a mortgage. (In reality, this information is simply sold to mortgage brokers, who will contact you later.) FormFlood lets you fill out the spammer's form thousands of times with reasonable-looking gibberish. This wastes the time of the mortgage broker who hired the spammer and makes the spammer's leads worthless. Soon, that spammer is out of business. Poison the databases of enough spammers, and the mortgage broker who hired them starts looking for more legitimate ways to run their business.
  • PhishFighting.com -- Similar to FormFlood; this site allows you to report the URL of a phishing site, which is then flooded with bogus information. The phisher is then unable to find the useful information in the flood of useless data.
  • Spam Vampire -- This is a program intended to suck down all of a spammer's bandwidth. In short, if enough people run it, it creates a distributed denial of serivce (DDOS) attack against the spammer's web site. It's written in javascript and runs right in your browser. You installing it by downloading the source code (which is an html file) onto your local disk. You configure it by editing the web page to point at a web page owned by the spammer that's annoying you, and by disabling caching in your browser. You run it by simply viewing the web page in your browser. If you like, you can even simply view the web page directly from the spam vampire web site, but then it attacks the spammers that Darren Brothers chooses instead of the ones you choose. The instructions seem to be directed at Windows users, but it probably runs under Mac and Unix/Linux as well. I haven't tried it myself
  • Refi Retaliator -- Another program intended to poison the leads database of a mortgage spammer.
  • Lad Vampire -- Coordinates DOS attacks against spammer web sites, similar to Spam Vampire.
  • Cloudmark -- Community-based anti-spam service.
Links to many spam-fighting tools and tutorials can be found at Spam Huntress' web page.

Labels:

Wednesday, January 18, 2006

About this blog

I've been blogging about spam since 1997 (before the invention of the word 'blog', actually, so I didn't call it that then.) There was no blogging software of course, so each entry required that I hand-edit the html of my web page and then use ftp to push it up to the server at http://www.rahul.net/falk. The rahul.net web site was started in 1997 thanks to Rahul Dhesi who generously donated the web space to the fight against spam. Among the several things I use the web site for is posting news articles about spam. Finally, in 2006, I enter the 21st century with actual blogger software (In the famous words by Homer Simpson "Oh, they have the internet on computers now!"). With a little luck, this will help me keep the blog more up to date than when I had to do it all by hand.

I've been chronicling spam since the summer of 1996. There were spammers before then, and small rogue service providers, but 1996 saw the rise of the first large rogue service provider: Earthlink. In the summer of 1996, Usenet began to be flooded with the vilest pornography spam. Explicit ads for rape pornography were everywhere, including in alt.sexual.abuse.recovery where you can imagine how unwelcome it was. Earthlink steadfastly refused to respond to complaints or do anything about the abusers. In fact, they went so far as to insist that the problem was very minor and that they hadn't received many complaints. To put the lie to their statements, I wrote an automated program which scanned alt.sexual.abuse.recovery for pornography spam from Earthlink. I then sent a daily report to Earthlink and posted it publicly as well. Earthlink could no longer deny the problem.

As time went on, I began to monitor more and more service providers and scanned more newsgroups. Every day I would send reports to the spamming ISPs and post a daily summary in public. By the time I ceased operations in 2001, I was monitoring over 400 ISPs and spammers.

I took great satisfaction every time a service provider responded and said that they'd discontinued service to a spammer. My .signature file had a '*' for every spammer kicked off the internet, a 'W' for every spammer's web site taken down, a '!' for every rogue site disconnected, and other symbols for other accomplishments.

But the sad fact is that we anti-spammers met with failure more often than success. The fact is that most ISPs don't care about spam. Given a choice between catering to a paying customer (the spammer), and a non-paying complainer, most businesses will give priority to the paying customer. To the bean counters, the abuse desk represents money rolling out with no reward. As spamming can be big business, a lot of money can ride on keeping the spammer happy. At least two major service providers -- AT&T and PSI -- have been known to write so-called "pink contracts" expressly exempting the spammer from the usual terms of service for a financial consideration (it's widely suspected that this is widespread and common). In most cases, the people who write the contracts and make the decisions are so far removed from the abuse desks that the abuse desks are powerless to do anything about the problem. And finally, I think that most large service providers secretly hope in their greedy little hearts that spam will become accepted enough in the mainstream that they can start spamming themselves.

Fighting spam is hard, miserable work. It can take weeks or months of work to get a spammer kicked off the internet, and they're usually back on-line at another service provider within days, pitting us against them in a never-ending game of whack-a-mole. Service providers are indifferent at best, and hostile at worst -- Uunet has been known to bring legal and other pressure to bear against anti-spammers. In 1997, Earthlink realized I was posting my reports from a company to whom they were a major customer. Tense and unpleasant meetings with my boss, human resources, and a couple of lawyers ensued. One bit of fallout was that I was shut down until I could find a service provider willing to host my web site.

The spammers themselves are naturally unhappy to see what they perceive as a bunch of bandwidth-hugging do-gooders interfering with their livelihood. If you're an anti-spammer, you can count on being sued from time to time. I've been thus threatened countless times, actually served twice, and am currently involved in a protracted lawsuit (topic for another post.) My co-defendant, David Ritz, has been sued four times. Spamming can be big business and some spammers have the resources to go after their victims with a vengeance. Anti-spammers are usually left on our own. The lawsuits never have any merit, but that's not the point -- the point is to hurt us enough with legal costs that we're forced to capitulate and drop out of the fight.

So I find myself today being sued over a web site I had barely even maintained in the last four years. If I'm going to be dragged back into the fight against spam, then so be it. The rahul.net web site had dropped from several posts per month to a few posts per year. Now it's time to roll up my sleeves, put the clothespin back on my nose, and wade in again.

I'm back.

About my logo


One of the issues that has come up in my lawsuit (more on this later), is whether or not my spam tracking website specifically "targeted" North Dakota. As an illustrative piece of evidence, I printed the entire contents of my web site. The grand total was slightly over 1300 pages. I then took this and had it nicely bound. Here are the results:


The idea is to show this to the judge and say "Look Judge, 1300 pages here, and only 11 of them are about a North Dakota spammer." Not what you'd really call "targeted".

By the way, this is the abridged version. If I had printed out the computer-generated reports, it would have come to about 13,500 pages (10 volumes).

Labels:

Comparing Spam Filters: Gmail, Yahoo! Mail, and SpamCop

Interesting article by Jeremy Zawodny today, about a comparison between Yahoo Mail, GMail, and SpamCop. Bottom line: GMail and Spamcop are both pretty good, with very few false positives, while Yahoo has about 5% false positives.

The blog links to a report by Danny Sullivan of Search Engine Watch

Tuesday, January 17, 2006

Spam filtering via modified Bloom filter

I attended a good talk today, by Kang Li of the University of Georgia. He's experimenting with new spam filtering technology based on a modified Bloom filter. The goal is very high performance and he seems to have achieved it.

Bloom filtering was invented in the '70s by Burton Bloom. It's an extremely fast method for determining if an element is in a set. False positives are possible but false negatives are not. The odds of a false positive can be made very low if the hash bitmap is sufficiently large.

While Bloom filtering will only tell you if an element is a member of a set, Kang Li's variant allows you to attach a coarse quantitative value to the set elements. In this case, the quantity is "spaminess".

The bottom line is that Kang's variant allows extremely fast lookups of tokens for the purpose of measuring spaminess. the algorithm is a couple orders of magnitude faster than most of the Bayesian filter techniques currently in use. If the hash bitmap is large enough, the accuracy is also comparable.

Disadvantages: limited incremental training. Once the filter is made, tokens can be added to it, but the spaminess of existing tokens can't be changed.

Unfortunately, Kang's research is not yet on line. I'll try to update this post as new information becomes available.

Friday, January 13, 2006

Drug spammer given 2 years

The Spam Daily News reports that drug spammer Daniel J. Lin is facing 2 years in prison for spamming fraudulent drugs ads. See "Viagra spammer faces two years in jail". See also Business Week Online article "Suspect in federal spam case pleads guilty"

Update (23 Jan): Spam Kings reports on the connection between Daniel Lin and Alan Ralsky.

Labels: ,

Monday, January 09, 2006

University of Texas v LonghornSingles.com

The U.S. Supreme court has sided with the University of Texas against spammers. White Buffalo Ventures, which runs LonghornSingles.com had sued to force the university to accept their spam, arguing that since their spam complied with the CAN-SPAM act, that the University had no right to block it. The courts have ruled that the CAN-SPAM act does not pre-empt the university's policy.

This is a very important ruling, since one of the purposes of the CAN-SPAM act was to weaken state laws against spam. This ruling at least affirms the right of spam victims to protect themselves.

For more information, see Yahoo news article Court Lets Univ. Of Texas Block Spam.

Wednesday, January 04, 2006

Iowa ISP wins $11 billion judgement

Iowa ISP wins $11 billion judgement against a Florida spammer. See Quad-City Times article Clinton Internet provider wins $11B suit against spammer.

Sunday, January 01, 2006

Older News

Older News