Juha Saarinen

Juha Saarinen is a tech blogger for nzherald.co.nz.

Vigilantes wage war on spam

By JUHA SAARINEN

Shane Atkinson, the prolific penis pill spammer outed by the Herald last Friday, wasn't discovered thanks to an official agency in New Zealand or elsewhere in the world.

Instead, because we do not have any laws outlawing spam, it was the efforts of the "antis" - anti-spammers - that made it possible to track Atkinson and, ultimately, force him to stop spamming.

One of this vigilante breed is Peter Bennett, a 43-year-old director of a small IT company in Ngatea, who was hot on the trail of Atkinson as the Herald story broke.

But he has had other success. When large quantities of spam hit his inbox in November, Bennett decided to trace the cause. Using his technical skills and network experience, he found the path led to Brendan Battles, a US spammer.

Battles had put Bennett's email address on a CD-Rom for spammers. Called the "Master Disc 2000" it contains millions of email addresses.

Bennett baited Battles by sending "nasty messages" to domains associated with the spammer. Eventually, Battles replied to Bennett from his home email account and his identity and whereabouts were revealed to the anti-spam community.

"All hell broke loose for Battles," who got much the same treatment as Atkinson - his personal contact details posted all over the internet, leading to many phone calls and much emailed abuse.

Bennett had been on Atkinson's trail for a year, but was not able to put a name to the spam until the Herald article came out.

Like many others in the fight against spam, Bennett keeps a notarised archive of spam received and details to help him track down spammers.

He also lobbies the Internet Corporation for Assigned Names and Numbers to enforce its rules that domain registrations contain correct information. At present, spammers are able to forge domain name registrations as registrars do not check on these.

But Bennett doesn't see himself as an "anti-spammer" - just someone who has "always defended his inbox" and will "use all methods at my disposal that I can get away with".

And he does not believe in fighting abuse with abuse.

He believes that "there must be laws or more appropriately self-regulation to sort this out, and that prison sentences [for spammers] are the right thing here".

But compared to the "man in the wilderness", Bennett is a moderate. This US systems administrator decided to get even after his domain was forged into a massive spam run not once but three times.

"Man in the wilderness" tracked down Rodona Garst, who was responsible for causing thousands of undeliverable emails to be delivered to his mail server.

He hacked into Garst's computer, downloaded the information it contained and posted it on the web. That included Garst's contact details, email and Instant Messaging aliases - and nude pictures of her stored on the computer.

The website has been mirrored all over the world and Garst cannot remove it from the internet. It is constantly updated because Garst and associates are still spamming.

Other anti-spammers prefer to organise their resistance in the open. Spamhaus, run by Briton Steve Linford, is a volunteer anti-spam organisation that provides a database of spammers who have been cut off by internet providers at least three times.

Its Registry of Known Spam Operations lists professional spammers who it says are responsible for 90 per cent of spam received in North America and Europe.

It also provides the free Spamhaus Blocking List (SBL), which lists spam sources by internet protocol (IP) address, allowing those who run mail servers to refuse connections from those machines.

The Spam Early Warning System (Spews) takes a hardline approach - looking at where the spam comes from, and listing entire networks.

The listings block mail from internet provider customers who "live" on the same network as spammers. The idea is to force providers to boot spammers off their networks.

Spews is terribly unpopular with internet providers and those caught in the crossfire. But it is effective, as evidenced by the daily posts on the news.net-admin.abuse.email newsgroup by humbled network administrators requesting their networks be delisted because the spammers have been kicked off.

Spammers have tried to sue Spews, but no one knows who is behind it. The domain name information for its website, spews.org, lists an address in Russia, which has not been verified.

Spamhaus

Spam Early Warning System

Internet Corporation for Assigned Names and Numbers

© Copyright 2014, APN New Zealand Limited

Assembled by: (static) on production apcf04 at 28 Dec 2014 15:08:59 Processing Time: 598ms