Resources

Submitted by dmuth on Sat, 2006-01-07 20:30. SPAM-L FAQ

This section contains a short glossary and a list of helpful URLs.

Glossary

24/7

A system that is connected to the net 24 hours a day, 7 days a week. Most ISPs and webservers fall into this category.

A backbone site in the US that was under massive fire for their unwillingness to stop their customers from spamming. AGIS FAQ.

AUP

Acceptable Use Policy, something all ISP's should have.

C&S

Canter and Siegel, aka the "Green Card Spammers" who spammed the net repeatedly several years.

CAUCE

The Coalition Against Unsolicited Commercial E-Mail. A volunteer organization that is trying to amend the United States junk fax law to apply to spam.

CIDR

Classless Inter-Domain Routing; essentially a way for owners of Class B netblocks to partition them into smaller pieces and delegate them to customers.

Click-through

When a spammer spamvertises the URL of a free website, rather than setting up a redirector, they will instead just place links to their site.

DNS

Domain Name System; how the Internet keeps track of which host name corresponds to which IP number (which is what the computers use internally).

DOS

Denial of Service. A type of attack against another system which cripples it. Examples include mail-bombing, ping flooding, and SYN flooding. http://www.student.tdb.uu.se/~t95hhu/c-war.html.

Dropbox

When a spammer creates an e-mail account on one system, then spams from another account, soliciting replies to the first e-mail account, or "dropbox". Free e-mail providers such as Yahoo and Hotmail are commonly used as dropboxes.

ECP

Excessive Cross-Posting (USENET term), aka Velveeta.

EMP

Excessive Multi-Posting (USENET term), aka Spam or Usenet Spam.

Harvesting, E-mail harvesting

The act of using a program (commonly known as a "spider" or "robot") to search either the web or Usenet and gather e-mail addresses. When spammers do this, they usually aren't able to filter out some of the munged addresses that are used which results in lots of bounces when the spam is sent out.

Haven Spam

When spam is sent advertising a website run by an ISP which is a spam haven. See also: Spam Haven

Injection Point

A host that is relayed through.

ISP

Internet Service Provider. A company which sells Internet access to individuals or companies.

LART

Luser Attitude Readjustment Tool -- A fictional UNIX command for which a FAQ can be found at http://www.falseprofits.com.

MMF

Make Money Fast, aka chain letters. Illegal in most civilized countries

MDA

Mail Delivery Agent. Delivers incoming e-mail. Examples include /bin/mail and procmail.

MTA

Mail Transport Agent. Commonly used on a UNIX system, where an e-mail program merely passes an outgoing message to the MTA, which usually runs 24/7 and handles getting the message to the other site. Examples include sendmail, qmail, smail, etc.

MUA

Mail User Agent. What you use to read and submit e-mail. Examples include Elm and Pine for UNIX systems, Eudora and MS Outlook for Windows 95 systems.

Munging

Changing one's e-mail address so that it is invalid, but a human can determine the proper address. For example: dmuth@ot.com_NOSPAM. This technique is used to foil spammers who harvest addresses.

NUKE

Having a spammer's account terminated.

Open Relay

A mailserver that permits relaying by anyone. Such systems are often abused by spammers and must be configured to prevent open relaying.

Opt-in

Requesting to be on a mailing list, a concept which the anti-spam community supports

Opt-out

Being added to a mailing list against your will, with the option of requesting to be removed. This is what spammers use for sending out their spams.

PGP (Pretty Good Privacy)

A popular encryption program which allows for users to send encrypted e-mail that only the recipient can read as well as allow a user to post a message that is "digitally signed" by them so that others can verify that the user actually sent that message. More information can be found on the International PGP Page at

Nowadays, there is also Gnu Privacy Guard. It is an open source program that does everything that PGP does, but for free.

Ponzi scheme

A type of pyramid scheme where money from new "investors" (read: marks) is used to pay off older ones who think they made money. Eventually, too many people demand their money at once and the pyramid falls apart, resulting in chaos.

POP

Post Office Protocol. A common protocol that is used for retrieving e-mail from a mailserver.

POP-before-SMTP

A scheme whereby a user must make a sucessful POP connection to a mailserver before being allowed to relay through it. This is very useful when a user wants to be able to send e-mail through their "home" ISP while they are connected to the net via another ISP.

Pump-n-dump

A technique used by scammers whereby they create a ficticious company, drive up the value of its stock through phony claims and press releases, then selling off their shares of the stock at tremendous gains, scamming all the other people who bought stock. Pump-n-dump schemes are now taking place via spams.

Pyramid scheme

The fundamental idea behind chain letters and MLM -- you know, send this to four of your friends and do not break the chain. A graphic model of this might look like a pyramid, where each new participator has to build their own "pyramid" of new participators in order for the scheme to work.

RBL

Realtime Blackhole List. A system maintained by Paul Vixie for blocking spam at the border router of your network. One nice thing about it is that once you "subscribe" to it, it is updated automatically so that you don't have to change something every time a new spammer starts up. More information can be found at http://mail-abuse.org/rbl/.

Redirector

There has been a wave of spammers using free web sites. Rather than put their real data on the free site, they just put a page that includes the real site or automatically refreshes from the real page. So when the free web account gets nuked their real page is still there.

Relay

Passing your e-mail to a mailserver to deliver it on your behalf. This is abused by spammers when they find a third party system to relay thousands or millions of spams through.

Relay Rape

When a spammer uses an open relay to send their spam.

Remove list

An offer a spammer makes to put you on a special list so that you don't get any more spam from them. Signing up on a remove list is more than useless as spammers have been known to spam the addresses on them.

Revenge Spam

When a spammer forges a spam in another person's name with the intent of having that person deluged with hate mail or mailbombs, or losing their acccount with their ISP.

Reverse DNS

The reverse of a DNS lookup. That is, you enter an IP number, and you are told what name, if any, corresponds to it. If there is no name, you can always use whois or traceroute to determine who owns the system.

Sendmail

The most popular MTA for UNIX because it is very configurable. Until recently, there was no way for sendmail to prevent relaying which spammers usually take advantage of. More information on sendmail can be found at http://www.sendmail.org.

Spam Haven

An ISP that allows spammers to maintain their website there as long as they do their spamvertising for it from somewhere else. See Also: Spamhaus

Spamhaus

A site or ISP that doesn't terminate the e-mail or webhosting accounts of spammers. Often spammers will gravitate towards spamhauses as they don't have to worry about continually switching ISPs.

Spammy

Sanford Wallace, the ex-spammer who used to run Cyberpromotions. See also the CyberPromo FAQ. Sanford has since gotten out of the spamming business, but was Sued by the Federal Trade Commission in 2004 for his involvement with "spyware".

Throwaway Account

When a spammer creates an account on an ISP for the sole purpose of spamming, then proceeds to do so, knowing that it's only a matter of time, usually hours or days, until the account is cancelled.

Troll

A user who shows up in mailing lists and Usenet newsgroups who has nothing better to do but stir up arguments and flamewars between them and the users of that group. Most trolls just want the attention and will go away if they are ignored. SEE ALSO: Kook, Net.Scum, and Freedom Knights.

I used to have a link to netscum.org here, but that domain eventually expired and was bought by someone else. Please do not bother him. :-)

UBE

Unsolicited Bulk Email, aka spam.

UCE

Unsolicited Commercial Email, aka spam.

Whack-A-Mole

What spam is called when the spammer keeps jumping from ISP to ISP and is next to impossible to filter!

White Hat

Term for an anti-spammer or an ISP that is anti-spam.

More spam related terms can be found in The Net Abuse Jargon File.

Web Sites

This section lists various anti-spam web sites. Please e-mail me if you would like me to add a URL.

Information

General informational sites about spam.

Fight Spam on The Internet!: One of the oldest anti-spam sites on the net. It is the home of the Spam Boycott, and contains lots of resources aimed towards newbies that explain what spam is and why it's bad.
Spamlinks.net: An anti-spam resource site which has links upon links. It's like Yahoo for anti-spammers.
Stopping Spam: Home of the first book on spam from O'Reilly.
http://dlis.gseis.ucla.edu/people/pagre/spam.html: "How to Complain About Spam". An excellent article that talks about various methods to complain about spam. I highly recommend reading this if you are serious about fighting spam.
http://www.yahoo.com/Reference/Postal_Information/: Yahoo's section on Postal information. Useful for trying to tracking down contact information for a particular postoffice box that the spammer may be using.
Fighting E-Mail Spammers: A paper written on how to track down the source of forged e-mails, including how to read sendmail logs to determine the source of the spam.
The Spamtools Mailing List: Another mailing list for discussion of filtering techniques. Send e-mail to majordomo@abuse.net with the text "subscribe spamtools" to join the list.
http://www.cybernothing.org/cno/docs/rfc1855.html: RFC 1855, an official documement on proper netiquette which touches on the issue of net.abuse. However, it does go into sufficient detail for one to see that spammers are clearly violating it. This gives us more ammunition to use against spammers!
http://spam.abuse.net/goodsites/: A list of responsible anti-spam sites which also contains e-mail addresses of the abuse departments for those sites as well as links to their (anti-spam) AUPs. (Disclaimer: I also maintain that page :-)
http://ddi.digital.net/~gandalf/spamfaq.html: The alt.spam FAQ
http://www.faqs.org/faqs/net-abuse-faq/part1/: The Net Abuse FAQ
http://www.faqs.org/faqs/net-abuse-faq/email-abuse/: The E-Mail Abuse FAQ
http://www.spamfo.co.uk/: Spam news, reviews, and FAQs. And hey, they use Mambo too!
Rick's Spam Digest: Guides on how to detect, trace, and avoid unsolicited bulk e-mail.
The Spam Plan: A simple plan for a spam free life.
http://www.claws-and-paws.com/spam-l/: This lowly FAQ. :)

Legal

Sites which contain information on laws and lawsuits relating to spam.

http://www.jmls.edu/cyber/cases/spam.html: A webpage that keeps track of spamming related court cases and lawsuits. An excellent source for those who are interested in the legal aspects of spamming.
http://www.jmls.edu/cyber/statutes/email/index.html: A companion to the previous page, this one keeps track of various spam related statutes both on the state and federal level.
http://www.usps.gov/websites/depart/inspect/chainlet.htm: Text from the United States Postal Service (USPS) concerning chain letters and their illegality.

Media

News coverage of spam. This list is by NO means inclusive. :-)

Yahoo! Full Coverage:Spam Wars: The news section on Yahoo that relates to spam.
http://www.spamnews.com: Home of the SPAM News mailing list (daily news and commentary about SPAM) and a collection of anti-SPAM resources.

Organizations

Anti-Spam organizations.

CAUCE: The Coalition Against Unsolicited E-Mail. CAUCE is a political advocacy group which is trying to fight spam on the legal front, as well as keep poorly written bills which would legitimize spam from passing.

Tools

Anti-spam utilities and other technical things.

Despammed.com: A spam filtering service.
Emailias: Another service which allows you to create "disposable" e-mail addresses.
Mailshield: MailShield is a software plugin for your existing mail server which can reject spam, prevent unauthorized mail relaying and halt email bombs. It comes in UNIX and Windows NT flavors.
The Realtime Blackhole List: This is a setup that systems "subscribe" to in order to receive a list of IP addresses and netblocks of sites that either spam or have open relaying being abused by spammers which are blocked automatically.
SpamEx: An e-mail service which allows you to create "disposable" e-mail addresses on their system. That way, if you give out such an address to a site that later spams you, you can delete that address and stop the flow of spam from them.
Sam Spade: Sam Spade. A web based tool which helps novices gather info on spamming domains by performing nslookups, traceroutes, and whois queries on domains and netblocks.
Sustainable Softworks: Macintosh TCP/IP tools.
World Domain Search Registry: A complete list of all top-level domains, with links to the registrar for each domain.