Spam

Cornelis Robat, editor THOCP

• timeline of spam
• what is spam
• what can we do against it

see also: spyware and phishing

1937

The original term Spam was coined in 1937 by the Hormel corporation as a name for its potted meat product: a blend of spiced ham.

From there, the transition from meat product to internet term has a stop with Monty Python's Flying Circus.

In 1970, that BBC comedy show aired a sketch that featured a cafe that had a menu that featured items like "egg, bacon, and spam;" "egg, bacon, sausage, and spam;" " spam, bacon, sausage, and spam;" "spam, egg, spam, spam, bacon, and spam;" and finally "lobster thermidor aux crevettes with a mornay sauce garnished with truffle pate, brandy, and a fried egg on top and spam." To make matters sillier, the cafe was filled with Vikings who periodically break out into song praising Spam: "Spam, spam, spam, spam ... lovely spam, wonderful spam ..."

Computer people adopted the term from the Python sketch to mean overrunning a fixed-sized buffer with too much data, in other words the data was like the Spam in the sketch, something excessive and undesirable.

With the commercialization of the Internet, the term Spam expanded to include the unwanted commercial messages and that became the primary meaning.

There are two common alternative explanations that are certainly false.

• The first is that it refers to a quality of the meat product such that when you throw it at a wall, most of it bounces off, but a little sticks--much like commercial spam, most of which is deleted but some is answered. While this is no more silly than the Monty Python explanation, it does not jibe with the original computer sense of overloading a buffer.
• The second false explanation is that the computer spam is an acronym of some sort. Various phrases are suggested as the source, such as "stupid pointless annoying mail." All are obviously created after the fact.(1)

1978

The first commercial spam sent intentionally was that of a DEC representative to every Arpanet address on the west coast, or at least an attempt at that.
The sender is identified as Gary Thuerk, an aggressive DEC marketer who thought Arpanet users would find it cool that DEC had integrated Arpanet protocol support directly into the new DEC-20 and TOPS-20 OS.(11)

Here is an extract of that message:

The complete header and content can be found at: templetons.com (pages are saved for reference)(11)

1982

February, Earliest known email chain letter (quickly stamped out)(12)

1989

Some other form of Spam probably began around 1989 or 1990 in MUD's (multi-user interactive environments) this is to refer to flooding the MUD, its chat or its database with stuff.(10)

1991

February, mass message: Craig Shergold wants cards(12)

1993

March 31 - Usenet administrator Richard Depew inadvertently posted the same message 200 times to a discussion group. this one was coined spam by Joel Furr, a Mudder(10). Adopting a term previously used in online text games, outraged Usenet users branded the excessive message posting "spam". (2)

First Giant Spam

The first major USENET spam came on January 18 of 1994. Every single newsgroup found it it a religious screed declaring: Global Alert for All: Jesus is Coming Soon.

This one caused a ton of debate and controversy. The Andrews University sysadmin (Clarence Thomas) who sent it generated a flurry of complaints against his institution and some press, though reportedly he never got more than a mild punishment at the time. He did however eventually leave the University, but was also known to have done some more minor religious spams at later dates.(10)

1994

March 4 - Many companies are starting to use the net as a cheap way to advertise. Other companies are using the net to keep in touch with their clients and give support via the internet. Every year the Internet doubles in usage and users. Not all countries do have access to the net.
The Net approaches more or less the Super Information Highway as was meant by Vice President Al Gore and his advisors.

A well publicized case of net pollution, later this use of the internet will be called SPAM, is the case "Canter and Siegel", a law firm in the USA which used the net to advertise practically to all users of all active BBS's of the net. In their advertisement they tried to obtain customers for the application of a Green Card" (a permit for foreigners to stay in the USA). The reaction varied from flames to uncalled subscriptions on tens of magazines, meters of blank faxes and a program of a Norwegian programmer who developed the mechanism of Cancelbot. Cancelbot is a program which erases all e-mail of this firm on any computer before it can reach the user.

CancelMoose: An individual who wages a war against spam ming(12) Anonymous individual who fires off the cancelbot. The CancelMoose (usually written as 'CancelMoose [TM]' on the Net) monitors newsgroups such as alt.current-events.net-abuse and news.admin.net-abuse for complaints about spamming (advertising), usually defined as messages posted to more than 25 newsgroups of widely varying content. The CancelMoose's identity is kept secret for reasons of personal safety.

December, The "good times" email virus hoax.(12)

1995

June,"spamware" (spamming software)(12)

August, List of 2 million email addresses offered for sale(12)

October, abuse@ addresses(12)

November,"remove list" (the first (?) of many that were intended to be universal)(12)

1996

March, Spamblocks (e.g. REMOVE.TO.REPLY) added to addressees to foil spammers(12)

1997

March,"open relay", servers that can be used to send millions of mail anonymously, mostly the admin's of these servers are not aware of this misuse.(12)

1998

April, ISOC (Internet Society) meeting on spam. Organizations like ISOC are beginning to realize how serious a problem spam is becoming.

2000

Nigerian scam spam started around this year. People received an e-mail containing text that promised you to make a quick million just by borrowing your checking account for transferring funds. Even the Nigerian government, annoyed as they were with this very negative publicity, started to check on the originators, opening a special e-mail address, created pages on their embassy sites, and tried to capture them.
In some cases people were even invited to Nigeria by the scammer's gang and got ransacked of every penney they had. Often these criminals left their victims half naked on the street after they had finished their scam. If they were lucky. One of the worst cases registered so far in scamming. Even Time magazine mentioned this Nigerian connection.

November, Taiwan (.tw) becomes the spam capital of the world.(12)

2002

The European Union outlaws spam. But the legeslation is easy to evade so that this ruling has almost no effect.

2003

At least 2 billion spam messages are sent each day.

After a long and fruitless fight against the use of the word SPAM other than for their meat product Hormel came out with a declaration on July 14 and throws the towel in the ring. Therewith finalizing the Don Quixote like fight.(14)

Below follows an extract on their defense as it is displayed on their site:

And of course Hormel is right. Their product is not, can not possibly be the same, as what we refer to as spam that is spread over the internet like a pestilence. "Spam is threatening the very existence of the internet as we know it today..." write some columnists. Future will show if they are right.

2004

Definitely 35% of all e-mail consists of Spam

January

The CAN-SPAM Act goes into effect on Jan. 1. While the law does not prohibit unsolicited commercial email, it does require that unsolicited commercial email senders: - Ensure that the “FROM” line clearly reflects the sender’s identity - Include subject line text consistent with message content - Include the advertiser’s valid postal address - Contain a working opt-out mechanism as a way for the consumer to decline to receive further commercial email from the sender (16)

March

Hypertouch, a California-based ISP, files the first civil lawsuit under CAN-SPAM against the owner of BobVila.com.

On March 20, America Online, EarthLink, Microsoft and Yahoo! all file the first ISP lawsuits under the CAN-SPAM legislation.

Internet Engineering Task Force (IETF) creates a working group to examine Mail Transfer Agent (MTA) authentication, including examination of proposals for the domain name system (DNS) publication of data that allow validation of Internet Protocol (IP) address or envelope originator header data for SMTP MTAs. (16)

March 28, A new form of spam gains momentum: Add Spam, or instant-messenger spam, is appearing on computer screens with increasing frequency. And the problem may get worse as e-mail marketers look for new ways to reach consumers as most governments start to prepare anti-spam laws.(5)

This form of pollution manifests itself primarily for users of MSN. According to Radicati, a marketing research company, the number of spam messages rise from 400 million to 1,2 billion. The same source states that this is because of the increase of use in IM (instant messaging - a from of chatting)(6)

In the first quarter of this year Spam is finally declared illegal by some governments and laws come into effect. Some are forbidding Spam completely (China) others let commercial interest prevail above the poisoning of the internet (USA, Holland) and any variation in between. Anti Spam movements are not happy to say the least. But the day that Spam was declared illegal in the USA the amount of spam dropped dramatically. For a few days.

April

Michigan conducts the first criminal prosecution under the CAN-SPAM Act, issuing arrest warrants for four men charged with sending out hundreds of thousands of fraudulent, unsolicited commercial email messages advertising a weight-loss product. (16)

As if the flow of spam isn't problematic enough, here comes another wave. Spammers Get Ready For April Fool's Day Barracuda Networks, a maker of spam fire walls, says E-mail users should prepare for a spike in spam activity leading up to April Fool's Day. Spammers are expected to use subject lines such as "great joke," "free jokes," "prank," or "April fools" to entice users into opening attachments that carry viruses or objectionable content, potentially putting company networks at risk. Spammers increasingly have used holidays such as Christmas or Valentine's Day to take advantage of consumers looking to get good deals on holiday-related purchases. But in the absence of a commercial hook for April Fool's Day, they're likely to use the appeal of jokes to deliver malicious content. Barracuda warns that bogus April Fool's messages may come in large-enough quantities to flood company networks that don't have up-to-date spam and virus filters.(4)

Just another wave of panic caused by the commercial guys that was uncalled for. The wave did not materialize.

May

Federal Trade Commission (FTC) issues a ruling requiring all unsolicited email with sexually oriented content to bear the label “SEXUALLY-EXPLICIT:” in the subject line.

June

Only one in six emails complies with the FTC “SEXUALLY-EXPLICIT” label. (16)

FTC issues “National Do Not Email Registry: A Report to Congress” on the feasibility of creating a Do Not Email registry. Among the report’s conclusions are that a registry would be nearly impossible to implement today and could create a target for spammers. The report calls for a summit on email authentication. (16)

In June the UN organization International Telecommunications Union (ITU) let us believe that Spam can be controlled within 2 years IF governments and other authorities and software companies cooperate in legislation en anti spam software to tame the spamming. Millions op people will shy away from the internet when this does not happen so the ITU states. ITU has estimated the costs worldwide of spam on 25 billion dollar per year. But it is estimated that the actual costs of cleaning spam: rebooting computers and peripherals, productivity loss etcetera, is costing the community four times as much. But, the ITU states, it will only succeed when all concerned work together.

(editors comment: In that case two years is very optimistic I have not seen any government make a decision so fast. Let alone that software companies and governments will start working together where there has been such an alienation between the two sections the past decades. Now, if it comes, it does from the (international) Open Source community. Since they are generally so fed up with spam there must be a group effort underway)

June - That something can be done against excessive spam is proven by Australia. A stringent law is now effective. Banning all mail for pornography, adds for erection pills etc. that are taking care for over 75% of all email world wide. Companies that send spam are fined for 1.1 million Australian Dollars (670,000 EUR /820,000 USD) each day they continue to do so. And in Australia this is taking effect, almost all spam has disappeared. Unwanted e-mail is costing companies billions a year now.

July

MX Logic reports that CAN-SPAM compliance reaches a low of 0.54 percent, while 84 percent of all email traffic through the MX Logic Threat Center is spam. (16)

August

As part of Operation Web Snare, the U.S. Attorney’s office in Los Angeles announces it filed charges against Nicholas Tombros for sending unsolicited email advertising pornographic Web sites from his laptop computer while driving through Venice, Calif., and using unsecured wireless access points to disseminate spam. (16)

September

Nicholas Tombros, the “wireless spammer,” becomes the first person convicted under the CAN-SPAM Act.

October

October - Judge Orders Spam King To disable spyware programs
A federal judge has ordered Stanford Wallace, known as the Spam King, to disable so-called spyware programs that infiltrate people's computers, track their Internet use and flood them with pop-up advertising. United States District Judge Joseph DiClerico issued a temporary restraining order Thursday against Stanford Wallace and his companies, SmartBot.net Inc. of Richboro, Pa., and Seismic Entertainment Productions Inc. of Rochester. SmartBot's principal place of business is Barrington. Prosecutors sought the injunction on behalf of the Federal Trade Commission, which targeted Wallace in its first anti-spyware action. (16)

November

Jeremy Jaynes, considered one of the top 10 spammers in the world, is sentenced to nine years in prison under Virginia’s anti-spam law for sending millions of spam messages to America Online customers. (16)

December

A Maryland (USA) judge overturns the state’s anti-spam law (2002 Commercial Electronic Mail Act), ruling that it interferes with interstate commerce.

In the largest judgment against a spammer to date, a federal judge in Iowa orders three companies to pay an ISP $1 billion in damages.

The US one year old CAN-SPAM laws intended to curb Spam have had very little impact; thus stated by an anti Spam software company MX Logic. This company estimates that 77% of all e-mail is Spam while CAN-SPAM compliance hits an all-time high of 7 percent.
Feedback by users of America Online show that 2003's favorite subject Oprah Winfrey, teens and Viagra, were overtaken this year by ID theft scams, mortgage deals and substitutes for a withdrawn anti arthritis painkiller called Vioxx.(15)

(editors comment for 2004: Other countries try to stem the glut of Spam as well, though it looks like when reading the above that only the USA tries to stop Spamming but that is not true. But their (other countries) fruitless and endless discussions are to no avail to the public. The political bickering and lobbying of spam companies are the two most important factors that keep effective legislation away. And that might be exactly the objective of all powers concerned. Pitiful enough is that when there is finally a law, the law contains weak language, sloppy formulations, and no effective counter measures or sanctions to keep the spammers at bay. On the contrary. And as long as there is no international law superceding the local laws and thus enabling supra national police powers to get at the culprits, nothing can be expected of our beloved politicians. I feel the United Nations should do something about it, but that again is a body like all other's and (personal)political interests always are put above the interests of our readers as it seems.)

2005

1 Jan - Governor Arnold Schwarzenegger legislated a new law against spyware effective per 1 Jan 2005. Though the USA Congress debated on four law proposals California is them one step ahead.

The Consumer Protection Against Spyware Act forbids installation of software that (partly) takes over control of your computer. Companies (and web sites) exploiting such software are now ordered to publish the fact if their software installs spyware. Citizens that are affected with spyware on their computer can now claim a 1000 US Dollar damage from the company that installed the spyware. Though receiving the money will be difficult however the companies are known the owners or people behind it stay in the murk. And the wording of this act is such that it will be hard to prosecute the perpetrator.

Spam is changing its features once again. From complete and often well designed html pages via your mail or pop-ups spammers are now changing their messages to short email texts (again) in order to evade spam detecting software. Or at least they hope to have spread the message millions of times before a spam filter can be adapted.

on spyware

12 May - Judge Tom Reilly in Massachusetts, USA has ordered several sites to go off-line. The sites were connected to a gang of spammers. Seven suspects and 2 companies are charged with spamming, main suspect is Leo Kuvayev, and 2K Services en Ecash Pay. The spammers were rounded up with help from Microsoft by creating some hundred thousand Hotmail accounts. Within 3 weeks 45.000 spam mails were received that were allegedly originating from the spam gang.

data source for this graph: www.spamhaus.org/rokso/index.lasso

August, Spam still rules the waves. Here is an illustration from Sophos, an antispam software manufacturer, reporting on the first half of 2005.

August, a new trend in cloaking spam surfaces.

Do you remember those funny programs that generated random text as were it prose? Most of it was gibberish, some output had something. Well, spammers seem to have rediscovered this text generation tools to cloak their spam. Though most are nonsensical some are even readable and others even read like a spy message!

Here are some readings, enjoy:

"Got engine safe planet, language large. Always young, early. Done common final has time. Answer list break once warm whether. By, fish river, half, farm. String, made strange rail. Way nation has mouth five she was. Hour able, ready. If children, one moon. Season grass, shine shape, young arm, just. Dog in, divide sound quiet little off. Select, see decide there. Able grass, group set seem fruit. Break so, was, try head."

"Went real, flow. Both carry control book, to, certain floor. Map sound just die train once. Box now dance. Class start part short, from, wash. Stone moment, colony, mark problem ride, let. Born at our suit other. Though answer wall. Took oil engine room. Felt, friend time was. Letter, bright figure. Need gun point life, gave century too. Stop jump sleep village where card. Wire country money here fire locate. Joy twenty man, play save, subtract example."

"Oh, did you buy the hotel; you promised a million … sure. Get out! I wish I knew. Please make it quick; fast and furious; please … fast and furious. Please help me get out; I'm getting my wind back, thank God! Please, please; Oh, please. You will have to, please … tell him, 'You got no case.' You get ahead with the dot and dash system. Didn't I speak that time last night. Whose number is that in your pocketbook, Phil? 13780. Who was it? Oh! … Please, please … Reserve decision, police, police; Henny and Frankie … Oh, Oh, dog Biscuit, and when he is happy he doesn't get snappy … Please, please do this! Henny, Henny, Frankie! You didn't meet him; you didn't even meet me; the glove will fit what I say … Oh, kayiyi, kayiyi! Sure, who cares? When are you through! How do you know this? Well, then … Oh, Cocoa; no … thinks he is a grandpa again and he is jumping around. No, Hoboe and Poboe I think I mean the same thing….

"Police, Mamma! Helen, mother, please take me out. Come on, Rosie. O.K. Hymes would not do it; not him. I will settle … the indictment. Come on, Max, open the soap duckets. Frankie, please come here. Open that door, Dumpey's door. It is so much, Abe, that … with the brewery. come on. Hey, Jimmie! The Chimney Sweeps. Talk to the Sword. Shut up, you got a big mouth! please come help me up, Henny. Max come over here … French Canadian bean soup … I want to pay, let them leave me alone."

And they are just trying to sell pills, drugs and loans or other items!

2006

Though the European Union outlawed spam 2002, most EU-countries do little to fight this nuisance says Reding. „I will review the subject next year to see if additional legislation is needed against Spam". According to internet security advisors spam has increased since last year from 54 to 85 percent from all email. In 2001 it was just 7 percent. While most internetters just see spam as a nuisance, Brussels thinks Spam originates increasingly from criminals. The latter's install unsolicited software on your computer to extort personal or secret information.

The EU asks internet companies to install more filters against Spam. At the same time Brussels officials engage in tougher discussions with countries where this Spam seem tot originate from.

Most spam (21 percent) originates form the USA, research from IT- security firm Sophos points out, (July - Sept.) China is second best with 13 percent, followed by France and South Korea with over 6%.

end of timeline

What is Spam

Simply put: spam is commercial e-mail, at least it started that way.

on definition of spam.

Spam is in several ways not harmless. The least it does is taking away bandwidth from the internet users. By 2004 over 30% of all internet traffic is consumed up by spam.

Also consider that each e-mail cost in average the equivalent energy of 50 grams of coal, a lot of energy is wasted here. (quote from anonymous source) In this light it is un-understandable that there is done almost nothing against it.

And it gets worse and worse. Polluting one's mailbox and sometimes snow under messages you do want to receive. In volume spam can take up from 1 or 5 messages a day to almost 99% of you mail box. That of course is depending on how visible you are on the internet.

The original purpose of spam is selling or promoting an article. In the past several years Viagra, penis enlargers, libido enhancers, are the most popular items. Another list can be made of mortgage offerings, lending, offers to alleviate your loans or credit card burden. And lately spam offers nothing in particular but to visit some specific site mostly with content as the above.

It gets harder and harder to recognize spam because most messages appear to be quite normal with ordinary sender names and subjects. Even spam filters think the mail with a nonsensical (re: idiotic) contents are regular e-mail. But installing spam filters forces you to choose between speed over convenience. The tighter your screening is the more risk you have to filter out legitimate mail or slow down your email processing. The latter is the case with virus filtering. How most filters work can be abundantly found on the Internet.

When a spam filter does its job you receive the following message:

And SpamCop reports:

One other example appearing a normal looking e-mail, but one that got through, except from the subject (should give you a hint) and once you read this fine example of nonsensical contents you know for sure...

But you should not open spam mail just delete it as fast as possible.

As subjects in spam come down to a few, here is the mortgage example:

but this one got caught. Messing up the message with false HTML tag's apparently does not help anymore.

Below is the illustration how the HTML looks like (links have not been removed) even for the human eye difficult to read ;-)

This message directs you to another site where you are asked to fill out a form:

To trace the owner we just go to the nearest WHOIS provider:

How spammers work

Many spammers can buy a database from companies with millions of valid email addresses and use them to advertise. These email addressees are composed of addresses used on newsgroups and chat rooms. Many companies have special software that can extract these addresses and put them into a database to sell. Many companies also search the web, looking for web addresses with the symbol @ at the end. From these, they can find valid email addresses. Many of these types of companies work outside countries with legislation against spamming in order to avoid lawsuits. According to Marshall Brain quoting "Detroit Free Press: Spam king lives large off others' e-mail troubles".(8)

In "How Stuff Works", a typical spamming company often works like this:

The computers in Ralsky's basement control 190 e-mail servers -- 110 located in Southfield, 50 in Dallas and 30 more in Canada, China, Russia and India. Each computer, he said, is capable of sending out 650,000 messages every hour -- more than a billion a day -- routed through overseas Internet companies Ralsky said are eager to sell him bandwidth.(9)

Many spammers can make up to $700 per hour by simply using lists of email addresses and applying them to their advertisement. As spam celebrates it's 25th year of operation, we must remember that spam takes up about 40% of all email messages sent on the web. How can we prevent this even further? (8)

What can we do against spammers?

There are several pragmatic measures you can take, either from a server point of view or a user's point of view.

User side

• Use your commonsense, think before you open a message;
• Exercise vigilance with messages that may appear to be harmless, read the subject before opening;
• Delete messages received from E-mail addresses you do not recognize or which looks unfamiliar;
• Do not leave you e-mail address on forums, newsgroups or message boxes
• Use temporary mail addresses if you need to have a valid one to get some kind of service;
• Never ever leave your e-mail in chat sessions;
• Never ever react on "unsubscribe here", if you do you're done. It means you tell the spammer to have hit a valid address and please send me more!
• If you can make a picture that contains your e-mail and put that on your web site, email address scanners do not recognize this (yet);
• Install an anti-spam package on your system - as compared to anti-virus software

Server side:

• Install subject and body-text filters on servers or workstations;
• Verify that E-mails were sent from a valid domain via either spam checkers or domain checkers on your mail server;
• Block IP addresses of known spammers;
• Make sure spam and virus filters are updated with the latest definitions;

Legal side

• Because of failing legislation or different rules in different regions spam can not be stopped or brought back to a minimal nuisance;
• When there is no legislation that makes spamming illegal we will be continuously bombarded with spam taking away precious bandwidth;
• Actively prosecuting the spammer where there is no opt-out or opt-in mechanism is needed. Depending on the region where you reside it is either of the two mechanisms that should be present not making a difference if you're a business or not;

Politicians apparently do not want to impose legislation that bears effect. In terms of enforcing anti spam legislation or just forbidding spam. And if there are laws, some say the spammer may still spam businesses, ISP'S may not even refuse spam, even if it is technically possible to filter most of it out. Except in the Netherlands where an ISP won a case in the Supreme Court against a spam company. But in general we have a problem.

Footnotes & References