Loading ...
Sorry, an error occurred while loading the content.

NYTimes.com Article: Spammers Can Run but They Can’t Hide

Expand Messages
  • ar109@netscape.net
    This article from NYTimes.com has been sent to you by ar109@netscape.net. An article about one of the groups that provide ISP s (Internet Service Providers)
    Message 1 of 1 , Nov 9, 2003
      This article from NYTimes.com
      has been sent to you by ar109@....

      An article about one of the groups that provide ISP's (Internet Service Providers) with the lists that they use to block spam - just think - maybe it is worse than what we get in our inboxes!
      Mary Arthur


      /-------------------- advertisement -----------------------\


      Fox Searchlight Pictures proudly presents IN AMERICA
      directed by Academy Award(R) Nominee Jim Sheridan (My Left
      Foot and In The Name of the Father). IN AMERICA stars Samantha
      Morton, Paddy Considine and Djimon Hounsou. For more info:


      Spammers Can Run but They Can’t Hide

      November 9, 2003

      TAGGS ISLAND, England

      AS Steve Linford walks his German shepherd, Zen, across the
      gangway from his houseboat into his prim little garden on
      this small island in the Thames, he hardly looks like a man
      in a battle over the future of cyberspace. He has a
      salt-and-pepper beard and a twinkle in his blue eyes, but
      the effect is more former hippie than Sean Connery.

      After Zen gives a good bark at the ducks, the two return to
      the boat, and Mr. Linford climbs a spiral staircase into a
      sunny home office with nine computer screens piled on a
      black desk. This is the unlikely command center for the
      Spamhaus Project, one of the leading groups that is trying
      to make the world safe from junk e-mail.

      As a cause, stopping spam may not be as urgent as, say,
      curing AIDS. Yet thousands of activists, of whom Mr.
      Linford may be the most visible, have mobilized to fight

      By some counts, spam is now as much as 80 percent of all
      e-mail. It is a drag on human endeavor, in the sense that
      people collectively spend billions of seconds each day
      opening, puzzling over, complaining about and deleting
      messages from charlatans and pornographers - and, yes,
      legitimate if unloved marketers.

      "E-mail is the most incredible communication vehicle
      invented, and it is on the verge of being made useless,''
      Mr. Linford said.

      On the floor of Mr. Linford's houseboat office, near the
      Hampton Court palace of Henry VIII, just south of London,
      is a cube-shaped Apple computer that is the nerve center of
      Spamhaus, controlling servers on five continents. In its
      database are dossiers on the 200 most prolific spammers and
      the addresses of the 8,000 computers they use to inundate
      people with ads. Spamhaus makes the list available to
      Internet service providers, which use the information to
      weed spam from the e-mail boxes of 160 million users.

      Those lists are compiled by Mr. Linford and 15 volunteers,
      many of whom work for Internet service providers. Some
      members of the group do detective work, tracking down the
      spammers from telltale clues they leave in their e-mail.
      Others assemble this evidence to try to persuade the
      service providers to kick spammers off their networks. One
      Spamhaus member, a Southern California woman who goes by
      the online name "Shiksaa,'' chats online with the spammers,
      pumping them for information and trying to pull them away
      from the dark side.

      "They are kind of like the X-men,'' said Matt Sergeant,
      director of anti-spam technology at MessageLabs, an e-mail
      security firm in Britain that works with Spamhaus. "Each
      one has their specialist powers.''

      Spamhaus plays up the comic-book theme a bit. The main
      screen of its internal computer network is emblazoned with
      Spider-Man's slogan: "With great power comes great

      Not everyone sees Mr. Linford as a hero. Most of the
      marketers that are his targets say they don't send spam;
      they call Mr. Linford a vigilante. And the Internet
      companies he pressures to stop doing business with spammers
      say he sometimes pushes too hard. He is known to have
      blocked the e-mail of Internet service executives he thinks
      aren't kicking off spammers fast enough - a method that
      often wins results, if not friends.

      Yet Mr. Linford, 46, has earned the respect of most
      Internet service providers - even those with whom he has
      had run-ins - as the best source of information about

      "Spamhaus is the only clearinghouse for information on the
      spammers themselves, and for that it is invaluable," said
      Laura Atkins, who runs Word to the Wise, an e-mail
      consulting firm in San Carlos, Calif. "Any time one of my
      clients has ended up on their list it is because someone
      received mail they didn't ask for."

      Mr. Linford has focused on making his list of spammers
      reliable enough for big companies to trust. He publishes
      his e-mail address and phone number and responds to
      complaints that listings are incorrect.

      That is in sharp contrast to other spam-blocking lists,
      which are often run anonymously and, at times, recklessly.
      Some block the mail of innocent Internet users to create
      pressure on the Internet provider to kick off spammers.

      For now, sending unsolicited e-mail isn't illegal in the
      United States, but it has just been prohibited by the
      European Union. Most Internet providers have policies that
      ban spam from their networks; some providers have sued
      spammers, contending that tactics used to avoid detection
      are illegal.

      Mr. Linford says he has intercepted chat-room conversations
      between spammers and crackers, the name for malicious
      hackers who write computer viruses and steal credit card
      numbers. The spammers have been seeking ways to send their
      messages to avoid the blocking systems created by Internet

      "In the last six months, the cracker world has joined the
      spammer world,'' Mr. Linford said.

      Aided by crackers, the spammers have secretly infected and
      taken control of thousands of computers around the world,
      most of them owned by home users with high-speed Internet

      These machines - called zombie drones - relay mail for
      spammers and serve as hosts for the Web sites where people
      are sent by spam, all without the computer owner's

      Since last June, zombie drones have also been subjecting
      Spamhaus to what is called a distributed denial-of-service
      attack, perhaps the most virulent weapon in a hacker's

      Tens of thousands of enemy machines have simultaneously
      deluged Spamhaus's computers with so much meaningless data
      that they can barely perform their intended missions.
      Similar attacks have put several smaller anti-spam
      organizations out of business.

      This month, the crackers took the attack to a new level:
      they released two computer viruses that have already spread
      to hundreds of thousands of machines. The purpose was to
      attack Spamhaus and two similar groups.

      "For the spammers to actually manufacture and release a
      worldwide virus specifically to attack you, you're probably
      making quite some impact on them," Mr. Linford said.

      HOW did Mr. Linford end up as an avenging angel of

      Discouraged by the economic stagnation of England in the
      1950's, Mr. Linford's parents moved to Rome, where his
      father ran a factory that made industrial platinum. Steve
      Linford dropped out of a college photography program,
      bought a motor home, parked it on beaches and played his
      guitar in coffee shops for money. He eventually met Ennio
      Morricone, the legendary Italian film composer. (Mr.
      Linford can be heard singing on the soundtrack for
      "Copkiller," a 1983 Italian film starring Harvey Keitel.)

      Mr. Linford later became a road manager for acts like Pink
      Floyd and Michael Jackson when they toured Italy. As he saw
      technology embrace music production, Mr. Linford became
      enamored with computers. In 1986, he drove the motor home
      back to London and started a company devoted to putting
      musical tours online. It flopped, but he did start a Web
      page design and hosting business, called Ultradesign
      Internet. It was there that he had his first run-ins with

      Mr. Linford's initial reaction to spam was similar to that
      of countless others. Outraged, he asked the senders to
      remove him - and his clients - from their lists. Getting no
      response, he turned to the Internet providers. After he
      failed to get results there, an activist was born.

      Mr. Linford found the central meeting place for the
      anti-spam activists - an Internet newsgroup that is called
      Nanae, for news.admin

      .net-abuse.email. Like many other news groups, Nanae
      (pronounced nah-NAY) is a boisterous place, where
      information about fighting spam is interposed with rather
      pointed insults of spammers and their allies.

      "Nanae is a very angry crowd," Mr. Linford said. "They
      shout a lot because they feel powerless."

      Mr. Linford, however, felt anything but powerless. In 1997,
      he created a series of sophisticated Web sites with tools
      to help spam fighters, databases of people selling software
      for use in sending spam, and assistance for people who
      wanted to write to an Internet service provider to complain
      about spam.

      Because he owned an Internet company, Mr. Linford
      encouraged activists to use far more moderate language,
      without the typical threats and demands. In 1998, he
      started what would become his main site: Spamhaus.org, a
      clearinghouse for information on the organizations behind
      most of the spam. Meanwhile, Paul Vixie, the pioneering
      Internet software developer in Redwood City, Calif., had
      formed the Mail Abuse Prevention Service, creator of the
      Realtime Blackhole List. That was the first list to block
      Internet addresses known as sources of spam. But that
      effort became bogged down, both by lawsuits and internal

      So Mr. Linford created his own list, the Spamhaus Block
      List, devoted to addresses used by spammers. He says it is
      used by Internet providers that serve 160 million e-mail

      That count is impossible to verify. In the United States,
      the list is not used by the biggest providers, like America
      Online and Microsoft's Hotmail. But it is used by the next
      tier of providers, including the Road Runner high-speed
      service, from Time Warner, and the NetZero and Juno
      services, from United Online. Smaller organizations that
      cannot afford commercial anti-spam services also depend on
      the list.

      Spamhaus takes no money for its services, and the computers
      it uses to host the service are donated. So far, Mr.
      Linford has paid all of the direct costs, about $25,000 a
      year, using money from Ultradesign, the company he still
      owns and runs.

      That will have to change, he acknowledged. He and some of
      his volunteers have outstanding legal bills from defending
      a lawsuit, now dismissed, brought by a group of Florida
      e-mail marketers. He has asked the British government for a
      grant, but has not received one. Whatever the source of
      funds, he says he hopes that access to his services will
      remain free.

      JUST as people talk about their ailments when they meet
      doctors, people can't wait to show Steve Linford their

      A visitor shows him one for "superviagra.'' Mr. Linford
      ignores the return address, which the spammer made up. But
      he looks closely at the address of the Web site being
      advertised. Fingers flying, he looks up the site in the
      "whois," the database that links domain names to Internet
      protocol numbers, the unique address of each computer on
      the Internet.

      Mr. Linford then looks up the number in Spamhaus's block

      Pay dirt. The site is operated by Chinanet Chongqing, one
      of the regional state-owned Chinese Internet providers.
      According to the block list, it is operated on behalf of
      Alan Ralsky, an e-mail marketer in Bloomfield Hills, Mich.,
      whom Spamhaus calls the world's No. 1 spammer.

      Mr. Linford looks at a second e-mail message, this one for
      mortgages. The same drill leads to an Internet site hosted
      from Brazil. But again, the block list already knows about

      "Ah, Ralsky again,'' Mr. Linford said.

      On its Register of Known Spam Operations, or Rokso,
      Spamhaus describes Mr. Ralsky as "one of the bigger spam
      houses on the Internet with a gang of fellow morally
      challenged types working with him." The files include state
      records of Ralsky's run-ins with the law, newspaper
      articles about him, and long lists of aliases and Web sites
      he supposedly has used.

      Mr. Ralsky, in a telephone interview last week, said of Mr.
      Linford: "He is so far off base on me he has no clue.'' Mr.
      Ralsky said he sold travel and other products but did not
      handle "super Viagra.''

      I don't see where he's coming from,'' Mr. Ralsky added.
      "All we are doing is selling products. I don't understand
      why I don't have the right to make a living.''

      Mr. Linford, of course, disputes this, saying that his
      investigators have traced the Internet domains used in
      these spam messages to companies controlled by Mr. Ralsky.

      At its peak last year, the Spamhaus Block List was
      catching as much as half of the spam at many of the
      providers that used it, according to Mr. Linford and
      Internet services. But its effectiveness has fallen sharply
      as spammers use zombie drones and other techniques to hide
      their tracks. Many Internet providers now say the list is
      catching less than 10 percent of the spam. But there are
      other block lists, focusing on identifying purloined
      computers, that are now much more effective in keeping spam
      out of inboxes.

      Eliminating these zombie drones has become a major headache
      for providers of high-speed Internet service. They must
      call users, explain that their computers have been secretly
      invaded and talk them through the extensive steps required
      to remove the problem.

      Even though Mr. Linford's block list is faltering, his
      database of spammers remains a potent force in the fight
      against spam. Many Internet service providers still check
      regularly with Rokso to vet potential customers before they
      open accounts. And they monitor the block list to see which
      spammers have appeared on their networks.

      Mr. Linford said some of the big American service
      providers, like Qwest and Sprint, now respond quickly to
      cut off spammers named by Spamhaus. Others take more
      persuading. For example, Spamhaus complained for months to
      Cogent Communications that Eddy Marin, one of the perennial
      top spammers in Rokso, was using its network. Cogent
      finally cut off Mr. Marin's account late last month. A
      spokesman for Mr. Marin said Cogent's action was not

      As for Cogent, Michael Hammons, the company's senior
      director for operations, said Spamhaus often pressed it to
      cut off customers based on what he saw as flimsy evidence.

      "I'm concerned that we should find customers guilty by
      association or alleged association," he said. "They may
      give us a warning to say you will have problems with this
      customer, but we can't do anything until we actually do
      have problems."

      Mr. Hammons added that Cogent found the information from
      Spamhaus to be more credible than that from any other
      anti-spam group.

      NOW, Spamhaus is trying to win over Internet providers
      around the world, especially in China, which has become the
      headquarters of choice for many spammers. Spamhaus has
      blocked the corporate e-mail of Chinanet-Shanghai, one of
      several state-owned Internet providers. In response, the
      company created a department to look for spammers.

      "We don't like to see that we are blacklisted," wrote Lin
      Chen, an administrator at Chinanet-Shanghai, in an e-mail
      interview. He called the blocking actions of anti-spam
      groups "functional and effective." Spamhaus, he wrote,
      promptly removed the block when the spammers were cut off.

      Despite efforts by Spamhaus and others, the volume of spam
      appears to be increasing. Spamhaus's campaign is futile,
      said Scott Richter, president of OptinRealBig, an e-mail
      marketing company in Westminster, Colo., which is on the
      Rokso list.

      "All they are doing is making the problem 10 times worse,''
      said Mr. Richter, who says he sends e-mail messages that
      are requested, not spam. "The spammers are learning to do
      stuff that can't be caught. If they get kicked off a
      Chinese I.S.P. they open the next day at a Korean one, who
      never had a way to get that sort of customer before.''

      Mr. Linford said he believed that spammers could be
      contained, if not eliminated. A tough new anti-spam law in
      Europe will help, he said. The proposed Can-Spam act in the
      United States, he said, is not tough enough, but he figures
      that when it fails to work, Congress will have to make a
      stronger law. But Mr. Linford gloomily predicts that
      spammers will simply move more of their operations to Asia
      and Latin America.

      As for Mr. Linford, he plans to move his home, business and
      Spamhaus to a 70-foot yacht that will travel, cove to cove,
      across the Adriatic.

      But spammers had better not relax. With superfast satellite
      connections, he plans to hunt them down from the high seas.



      Get Home Delivery of The New York Times Newspaper. Imagine
      reading The New York Times any time & anywhere you like!
      Leisurely catch up on events & expand your horizons. Enjoy
      now for 50% off Home Delivery! Click here:


      For information on advertising in e-mail newsletters
      or other creative advertising opportunities with The
      New York Times on the Web, please contact
      onlinesales@... or visit our online media
      kit at http://www.nytimes.com/adinfo

      For general information about NYTimes.com, write to

      Copyright 2003 The New York Times Company
    Your message has been successfully submitted and would be delivered to recipients shortly.