Earthweb
Images Events Jobs Premium Services Media Kit Network Map E-mail Offers Vendor Solutions Webcasts
 SUBJECTS:
 FEATURES:
IT Management Webcasts:
The Role of Security in IT Service Management

Preparing for an IT Audit

More Webcasts


Search EarthWeb Network

internet.commerce
Be a Commerce Partner
Disney World Tickets
KVM over IP
Laptop Batteries
GPS Devices
Online Education
Phone Cards
Shop Online
Computer Hardware
Corporate Awards
Computer Deals
Promotional Golf
Auto Insurance Quote
Desktop Computers
Hurricane Shutters

Linked Data Planet Conference & Expo

IT Management : Columns : Executive Tech: Harvest Time For Spammers

Install What You Need with Windows Server 2008
Windows Server 2008 is Microsoft's most full-featured server operating system yet, so it's ironic that one of its most exciting new features is an install option that cuts out most of the other features. Paul Rubens explores why a Server Core installation makes a great deal of sense in many instances. »

 
Identify Hardware and Software That Meet Microsoft Standards
The "Certified for Windows. Server 2008" logo identifies hardware and software solutions that meet Microsoft standards for compatibility and best practices with the Windows Server 2008 operating system. »

 
Windows Server Catalog: Certified Hardware Devices
Search the Windows Server 2008 catalog to find solutions to deploy with confidence. »

 
Windows Server Catalog: Certfied Servers
Search the Windows Server 2008 catalog to find servers you can deploy with confidence. »

 
Download the Windows Server 2008 Trial
With Windows Server 2008 you can develop, deliver, and manage rich user experiences and applications, provide a secure network infrastructure, and increase technological efficiency and value within your organization. »

Related Articles
Father of Spam Speaks Out on His Legacy
New Spiritual Spam Preys on the Faithful
Can Patch-Management Companies Survive?
Spammers Hide Trojan in Opt-Out Link
How Not to Unsubscribe
- ITSMWatch Newsletter -
Tech Focus: Security

Cybersecurity: Laws Only Go So Far

Mozilla Firefox vs. Internet Explorer: Which is Safer?

Is Your Blog Leaking Trade Secrets?

The Las Vegas Counterfeiting Story: Is Your Privacy Worth More Than a Poker Chip?

Stopping Spammers at The Point of Sale

Product Watch
IOGEAR KVM - Includes Audio/Peripheral Sharing
Coverity Prevent / Coverity Thread Analyzer - Analyze Source Code For Defects, Security Vulnerabilities
USSD Series - SDRAM-Based Solid State Drives to 256 GB
UltraSMS - Send SMS From Your PC
Sentinel Sensors - Wi-Fi Based Temperature Monitoring Especially For Cold Storage

more products >>

Datamation Definitions
data mining
ERP
extranet
grid computing
intranet
network appliance
outsourcing
storage
VPN
virus
FREE Tech Newsletters

Sun Eco Innovation: Good for Business, Good for the Environment. A complete solution to help you optimize and refresh your datacenter while properly recycling equipment and eliminating eWaste. More..

Harvest Time For Spammers
November 30, 2004
By Brian Livingston

Brian Livingston Ah, it's harvest time and the crops are in — but we can still hear the buzzing and whirring of the harvester robots that are sucking e-mail addresses off Web sites across the Internet.

Most Net users aren't aware that spammers use software programs called harvesters to gather the hundreds of millions of e-mail addresses they spam. These automated programs, known as bots, scour Web page after Web page at high speed, looking for anything containing an "at" sign (@) that might be an e-mail address.

Now a group of white hats is riding across the prairie to take a bite out of spam. They reckon they can make harvesters too risky for spammers to use. Allow me to explain.

Poisoning The Harvesters

The effort is called Project Honey Pot, a service of Unspam LLC, an anti-spam firm that consults with private companies and governmental agencies. The project is designed to identify — and then take legal action against — people who are using harvesting bots:

Here, Kitty, Kitty. The heart of Project Honey Pot is a campaign to place "spam trap" e-mail addresses on thousands of sites across the Internet. These special decoy addresses, which are unique from page to page, have been used for years by anti-spam services to collect spam and tag the senders as spammers. But Project Honey Pot plans to attack the spam industry before spam messages are actually sent out — when the victims' addresses are first harvested.

Identifying Spam Sent To Decoy Addresses. If any messages are received by a unique spam-trap address, the sender must be a spammer because the address was never used to sign up for legitimate e-mail lists. The date and time when the Web page containing the decoy address was read by the harvesting bot helps to identify the computer used by the spam originator.

Locating The Origin Of The Harvesters. Spammers routinely falsify the source of messages they send, but it's more difficult for them to remain completely anonymous when they're harvesting e-mail addresses. For one thing, the harvesting bot has to send the collected addresses back to somewhere. Even if the spammers take advantage of compromised home PCs, called zombies, there are often signs that point to the ultimate destination of the data the harvesting bots are sending home.

Suing The Spammers' Pants Off

Having positive identification of the people using the havesters is the key to suing these individuals and making harvesting too expensive for spammers, according to Matthew Prince, CEO of Unspam.

The relevant law in the U.S., the CAN-SPAM Act, which went into effect on Jan. 1, 2004, has been widely criticized for legalizing spam until the recipients ask for it to stop. But Prince points out a little-known fact: the act has severe penalties against harvesting the e-mail addresses in the first place.

The law allows fraudulent senders of unsolicited bulk e-mail to be penalized $25 per individual message. Courts can triple the amount of this fine if the victims' e-mail addresses were harvested.

Only e-mail service providers and the attorneys general of the 50 states are authorized to sue spammers under CAN-SPAM. But Prince, who is himself an attorney and an adjunct professor of law at John Marshall Law School in Chicago, says of Unspam, "We may qualify as an e-mail service provider." If that approach is rejected, Prince says Unspam is working with the Internet Law Group, which has brought successful lawsuits against spammers on behalf of America Online and other large Internet service providers.

Every Company With A Web Site Can Help

Suing people who use harvesters is a novel application of the CAN-SPAM Act, but one that flows clearly from the plain wording of the law. Now Project Honey Pot needs enough decoy addresses so it can clearly connect harvesting activity to any spam it receives.

That's where companies with Web sites can do a good deed. Project Honey Pot won't fool harvesting bots for long if all its decoy e-mail addresses end in "ProjectHoneyPot.org".

For this reason, the project is seeking Webmasters who are willing to donate one little no-cost resource to the cause.

Donating An MX Record Or Two

This free asset is known as an "MX record," short for mail exchange record. This is a short text entry defining which servers handle e-mail for a particular Web domain. The concept is easy to understand:

Your Primary MX Record. If you run the Web site www.example.com, your primary MX record will define how e-mail destined for Example.com is to be routed.

Subdomain MX Records. Your company might have different subdomains or "canonical" domains that don't start with "www." For instance, you might operate the subdomains marketing.example.com and content.example.com. You could set up a different MX record to route e-mail separately for each subdomain.

Making A Honey Pot MX Record. To donate an MX record to Project Honey Pot, you simply make up some subdomains that you'll never actually use. The project accepts only five subdomains at most from each company in order to spread decoy addresses across as many different sites as possible. So you might donate MX records for server01.example.com through server05.example.com.

These names don't correspond to any actual machines your company owns. They're merely shorthand for different MX records that can be pointed wherever you like. Project Honey Pot points the donated MX records to servers they control. This way, any harvesters that crawl these pages — and any spam that are sent to the harvested addresses — never touch your actual servers.

We Have A Few Million MX Records To Go

Prince is the first to admit that his group's project is in its infancy and hasn't yet received any mass media exposure. "We turned the servers on about two weeks ago," he says. The effort is so new that a specifications page lists its version as "0.1."

As a result, the home page of the project at this writing states that little more than 4,000 decoy addresses have been planted on the Internet, and only a few dozen harvesters have been identified. (Project Honey Pot shouldn't be confused with Honeynet.org, an unrelated group that's spent years monitoring evil hackers who scan the ports of vulnerable machines.)

Prince isn't naïve enough to think that his honey pots by themselves will eradicate spam. But he believes they give antispammers a powerful legal tool.

"What's neat about this arms race is that the adjustments we [the good guys] need to make are easier than they [the spammers] need to make," Prince explains. "If they have just one e-mail address that's been harvested from our network, it makes it easier for us to find them."

That's a fact that legitimate businesses need to seriously ponder. If your company is sending bulk e-mail to addresses that may have been harvested by someone in the past, you might be liable for those $25-per-message penalities. Any company that is advertised in a piece of spam can be sued, too, Prince notes.

I've given up hope that the U.S. Congress will pass stronger antispam laws than the existing CAN-SPAM Act. But it just may be possible that the legal penalties that are already on the books are enough for a gonzo legal team to make life hell for spammers.

For details on Project Honey Pot and how to donate MX records, see the organization's FAQ page.

Brian Livingston is the editor of WindowsSecrets.com and the co-author of Windows Vista Secrets and 10 other books. Send story ideas to him via his contact page. To subscribe free and receive Executive Tech via e-mail, visit our signup page.

Tools:
Add itmanagement.earthweb.com to your favorites
Add itmanagement.earthweb.com to your browser search box
IE 7 | Firefox 2.0 | Firefox 1.5.x
Receive news via our XML/RSS feed

Executive Tech Archives



JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Solutions
Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008
Avaya Article: How to Feed Data into the Avaya Event Processor
Microsoft Article: Install What You Need with Windows Server 2008
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: How Cool Is Your Data Center?
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
Red Gate Download: SQL Compare Pro 6
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Collaborating in the High-Performance Workplace
HP Demo: StorageWorks EVA4400
Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES