Send Netwide knuckle sandwiches and teach spammers manners

Is the spam hitting the fan on your e-mail system? Here are 10 tips to keep unwanted
messages off your agency's desktops.


As you may know, spam is the Internet term for unsolicited bulk e-mailings. It's not to
be confused with Spam, Hormel's mysterious but popular canned meat product.


Spamming is becoming an epidemic because of new products like Lightning Bolt, from
Eunuchs Etc. of Albuquerque, N.M. Lightning Bolt is an e-mail generator and a scanner that
sifts through text taken from the Internet. It finds any
e-mail references, then auto-compiles new mail lists from them. This makes a whole new
market for list vendors that can furnish thousands of fresh addresses to other vendors.


Government sites have a separate but related problem: vindictive spammers with an ax to
grind. They may decide to mail-bomb you, figuring you won't know how to stop them from
harassing your employees.


There's a way to fight back.


1. Write a polite message to the system administrator where the mail originated. If the
address says spammer@xyz.com, try sending mail to postmaster@xyz.com. One
problem is that the system administrator may be the spammer.


2. Check the InterNIC domain name registration database. Telnet to internic.net
and type in whois xyz.com. This is a prime tool, because it's also supposed to
reveal the address and phone number for the system administrator of that domain.


Network Solutions Inc. of Herndon, Va., operates InterNIC under contract with the
National Science Foundation and is supposed to maintain an accurate database. File a
complaint asking InterNIC to get all the required information about a rogue site or to
revoke its domain name.


3. Telnet directly to the Simple Mail Transfer Protocol port of the spammer's address.
Often this can be done by entering the address as xyz.com smtp at your telnet
prompt.


4. Visit UseNet news and read news.admin.net-abuse.misc. This group carries many
worthless messages, including "make-money-fast" spams. But a few messages expose
newly discovered spams that include information on origin and details on how to filter the
messages or forward them back to the sender. Spam-fighting experts monitor this list and
might volunteer to help you deal with a hard-core spammer.


5. Check the Blacklist of Internet Advertisers at http://www/cco.caltech.edu/cbrown/BL.
This site contains information on known offenders and how to thwart them.


6. Visit http://www.ca-probate.com/faxlaw.htm
for a legal interpretation of how laws against broadcast faxes apply to e-mail. This could
be valuable if you must take legal steps to stop a spammer.


7. Visit the Get that Spammer page at http://kryten.eng.monash.edu.au/gspam.html.
Enter an IP address and choose from a list of tools to do various traces. Use the
Traceroute tool to get a list of sites handling mail messages from the spammer's site. The
next-to-last entry on your Traceroute list should be the spammer's main service provider.
Send your complaints there.


8. Use an Internet search engine that indexes World Wide Web pages and news messages to
search for references to the spammer's IP address. Start at http://www.hotbot.com or http://www.excite.com
to search for address clues.


9. Check out the University of Maryland's list of information filtering resources at http://www.ee.umd.edu/melab/filter.


10. Read the Net Abuse frequently asked questions list athttp://www.cybernothing.org/faqs/net-abuse-faq.html.
It talks more about UseNet news than mail, but pay attention to sections that discuss
canceling troublesome messages and organized antispam efforts.


The Internet Engineering Task Force's working group on responsible Net use is educating
Internet users about the proper way to treat other people's e-mailboxes. Gary Malkin, the
co-chairman, told me the group uses "social engineering. We're trying to tell people
who really don't know any better what's right and wrong."


That's no help against people who know they're doing wrong yet do it anyway. But at
least someone is out there working to uphold etiquette on the wild, wild Internet.


Shawn P. McCarthy is a computer journalist, webmaster and Internet programmer for GCN's
parent, Cahners Publishing Co.  E-mail him at smccarthy@cahners.com.

 


inside gcn

  • IoT analytics platform

    Modern data analytics for public safety IoT

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above