Index

• Main Glossary
• Expanded Topics
  • What is Spam?
  • Outscatter
• Links

Main Glossary

24/7

A system that is connected to the net 24 hours a day, 7 days a week. Most ISPs and webservers fall into this category.

AGIS

A backbone site in the US that was under massive fire in the late 1990s for their unwillingness to stop their customers from spamming.

AUP

Acceptable Use Policy, something all ISP's should have. See also TOS.

Autoresponder

A program that automatically send email in response to some action, for example receipt of an email. Typical examples are Out-of-Office and order acknowledgements. They are often sources of outscatter. More info at Outscatter

Backscatter

DNSs or Auto-responses sent back to a forged sender. More info at Outscatter

Barracuda

An anti-spam product notorious for sending outscatter.

Black Hat

A spam friendly ISP. See also Hat Color.

Bounce

Verb: To send a message back to the sender when it can't be delivered. Noun: A bounce message. See also Reject, DSN, and Outscatter. More info at Outscatter

C&S

Canter and Siegel, aka the "Green Card Spammers" who spammed the net repeatedly for several years.

CAN-SPAM

A US pro-spam law passed in 2003. It's official long name is Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003.It's often called the YOU-CAN-SPAM act. Primarily, it overruled state anti-spam laws (California had a good one that was about to take effect) and removed the rights of individuals to sue spammers. (You have to be an ISP or convince a district attorney to take action.)

CAUCE

The Coalition Against Unsolicited Commercial E-Mail. A volunteer organization that is trying to amend the United States junk fax law to apply to spam.

Challenge-Response (C/R)

A form of spam defense that sends an are-you-human message to the sender. If the sender responds correctly, the initial message is released. Since most spam uses forged return info, the Challenge typically spams an innocent victim. See also Outscatter.

CIDR

Classless Inter-Domain Routing; essentially a way for owners of Class B netblocks to partition them into smaller pieces and delegate them to customers.

Click-through

When a spammer spamvertises the URL of a free website, rather than setting up a redirector, they will instead just place links to their site.

DMA

Direct Marketing Association, a US pro-spam marketing trade group that does a lot of lobbying. They would actually like to put the crooks out of business so there would be more room in your inbox for their junk. There are similar organizations in other countries, some are not so clueless.

DNS

Domain Name System; how the Internet keeps track of which host name corresponds to which IP number (which is what the computers use internally).

DOS

Denial of Service. A type of attack against another system which cripples it. Examples include mail-bombing, ping flooding, and SYN flooding.

Dropbox

When a spammer creates an e-mail account on one system, then spams from another account, soliciting replies to the first e-mail account, or dropbox. Free e-mail providers such as Yahoo, Hotmail, and Gmail are commonly used as dropboxes.

DSN

Delivery Status Notification, a message sent from a MTA to the (alleged but frequently forged) sender telling them that the message couldn't be delivered. More info at Outscatter

e-pending

The process of taking a list of names and smail-mail addresses, typically a customer list, and finding their e-mail address by looking in a large database. The process and database is usually very buggy which results in lots of spam. Even if the address matching is correct, there is no permission so any email will be unsolicited.

ECP

Excessive Cross-Posting (USENET term), aka Velveeta.

EMP

Excessive Multi-Posting (USENET term), aka Spam or Usenet Spam.

ESP

Email Service Provider. They typically run mailing lists. Some of them are spammer fronts.

Gevalia (coffee)

A division of Kraft Foods notorious for hiring spammers. In 2005, they were sued by Hypertouch. Hypertouch fed a never-used email adddress to Gevalia's opt-out system. It started getting all sorts of spam. As of June 2009, Kraft headquarters was still listed at SBL20039.

Harvesting, E-mail harvesting

The act of using a program (commonly known as a "spider" or "robot") to search either the web or Usenet and gather e-mail addresses. When spammers do this, they usually aren't able to filter out some of the munged addresses that are used which results in lots of bounces when the spam is sent out.

Hashbuster

Extra text added to a message to try to confuse spam filters. Sometimes it's unrecognizable garbage. Sometimes it's a jumble of words that don't make sense. Sometimes it's quotes from real text, for example a paragraph from a book.

Hat Color

• White Hat: anti-spam
• Black Hat: pro-spam
• Pink Hat: pro-spam
• Grey Hat: neither strongly pro nor anti-spam
• Empty Hat: incompetent or clueless

Black Hat and White Hat refer to early western movies when the good guys all wore white hats and the bad guys all wore black hats.

Haven Spam

When spam is sent advertising a website run by an ISP which is a spam haven. See also Spam Haven

Injection Point

The first host or relay that accepts a message from a spammer.

ISP

Internet Service Provider. A company which sells Internet access to individuals or companies.

Joe Job

Harassing somebody be forging their info in the return address of a spam run. It was named after an early event when a spammer was kicked off joes.com. That was back before forged return info was common and many people thought the spam actually did come from joes.com. See also Revenge Spam

Jones, Bill

Candidate for Govenor of California in 2002 who hired a spammer who sent his junk through an open relay at a school in Korea.

LART

Luser Attitude Readjustment Tool -- A fictional UNIX command for which a FAQ can be found at http://www.winternet.com/~eric/sysadmin/lart.1m.html. Often used in conjunction with removing a spammer's account.

LAN

Local Area Network. An environment where a bunch of computers are hooked together so they can talk to each other, and the Internet if there is an Internet connection.

Listwash

The process of removing a complainer address from a dirty list rather than terminating the spamming customer. Black Hat ISPs often forward abuse reports to their spaming customers so they can listwash the complainer. See also Supression List.

Mainsleaze

A portmanteau of Mainstream and Sleazy referring to opt-out marketers or ESPs.

Mallet

Imaginary piece of hardware using for hitting Whack-a-Mole spammers. :-)

Millions-CD

Before high speed internet connections were common, spammers used to sell CDs full of email addresses that they had collected. These days, Millions-CD usually refers to a large list full of harvested addresses and other junk that look like email addresses rather than an actual CD.

MLM

Multi Level Marketing. A system where sales reps are really trying to recruit new salespeople instead of selling an actual product. Seen in a large number of spams. Read more about MLMs at http://www.falseprofits.com.

MMF

Make Money Fast, from the Subject of the typical spam, aka chain letters. The usual recipe is to send $5 to 6 people on the list, drop the top person, move everybody else up one position and add yourself to the last position. They are illegal in most civilized countries but they often claim to be legal. There is a good quote from the FTC

MDA

Mail Delivery Agent. Delivers incoming e-mail. Examples include /bin/mail and procmail.

MTA

Mail Transport Agent. Commonly used on a UNIX system, where an e-mail program merely passes an outgoing message to the MTA, which usually runs 24/7 and handles getting the message to the other site. Examples include sendmail, qmail, smail, etc.

MUA

Mail User Agent. What you use to read and submit e-mail. Examples include Elm and Pine for UNIX systems, Eudora and MS Outlook for Windows systems.

Munging

Changing one's e-mail address so that it is invalid, but a human can determine the proper address. For example: joe@example.com.NOSPAM. This technique is used to foil spammers who harvest addresses.

Munging also refers to redacting data in spam reports to prevent listwashing or revenge or revealing spamtraps.

Murk

A note at the bottom of spam claiming the spam isn't spam because it complies with S.1618. It was named for Senator Frank Murkowski of Alaska and S.1618 of 1998. It passed the Senate but not the House. They were common for a while but are rare in 2009.

NANAE, n.a.n.a.e.

news.admin.net-abuse.email; a USENET newsgroup which talks about e-mail spamming.

NUKE

Having a spammer's account terminated.

Open Relay

A mailserver that permits relaying by anyone. Such systems are often abused by spammers and must be configured to prevent open relaying.

Opt-in

Requesting to be on a mailing list, a concept which the anti-spam community supports.

Opt-out

Being added to a mailing list against your will, with the option of requesting to be removed. This is what spammers use for sending out their spams.

Outscatter

Mail such as DSNs or Auto-responses sent back to a forged sender. More info at Outscatter

PGP (Pretty Good Privacy)

A popular encryption program which allows for users to send encrypted e-mail that only the recipient can read as well as allow a user to post a message that is "digitally signed" by them so that others can verify that the user actually sent that message. More information can be found on the International PGP Page at PGP.

Nowadays, there is also Gnu Privacy Guard. It is an open source program that does everything that PGP does, but for free.

Phish

To ask users for their passwords by sending them a message claiming to be from their ISP telling them that they have to login and fix something. The URL provided is run by the phisher rather than the ISP. When they login, their password goes to the phisher. With a valid password, a spammer can send spam through the victim's account. The technique is also used to aquire financial info so the crook can steal the victim's money. An amazing number of seemingly sensible people fall for this sort of thing.

Pink

The color of spam, usually used as an adjective to indicate that something is spammy or spam friendly.

Pink Contract

A special contract with an ISP that allows spam even though the published AUP/TOS prohibits it.

Ponzi scheme

A type of pyramid scheme where money from new "investors" (read: marks) is used to pay off older ones who think they made money. Eventually, too many people demand their money at once and the pyramid falls apart, resulting in chaos.

POP

Post Office Protocol. A common protocol that is used for retrieving e-mail from a mailserver.

POP-before-SMTP

A scheme whereby a user must make a successful POP connection to a mailserver before being allowed to relay through it. This is very useful when a user wants to be able to send e-mail through their "home" ISP while they are connected to the net via another ISP.

Pump-n-dump

A technique used by scammers whereby they create a fictitious company, drive up the value of its stock through phony claims and press releases, then selling off their shares of the stock at tremendous gains, scamming all the other people who bought stock. Pump-n-dump schemes are now taking place via spams.

Pyramid scheme

The fundamental idea behind chain letters and MLM -- you know, send this to four of your friends and do not break the chain. A graphic model of this might look like a pyramid, where each new participator has to build their own "pyramid" of new participators in order for the scheme to work.

RBL

Realtime Blackhole List. A system maintained by Paul Vixie for blocking spam at the border router of your network. One nice thing about it is that once you "subscribe" to it, it is updated automatically so that you don't have to change something every time a new spammer starts up. More information can be found at http://mail-abuse.org/rbl/.

Redirector

There has been a wave of spammers using free web sites. Rather than put their real data on the free site, they just put a page that includes the real site or automatically refreshes from the real page. So when the free web account gets nuked their real page is still there.

Reject

To return an error message at connect time when a message can't be delivered rather than accepting it and sending a Bounce message to report the trouble. More info at Outscatter

Relay

Passing your e-mail to a mailserver to deliver it on your behalf. This is abused by spammers when they find a third party system willing to relay thousands or millions of spams.

Relay Rape

When a spammer uses an open relay to send their spam.

Remove list

An offer a spammer makes to put you on a special list so that you don't get any more spam from them. Signing up on a remove list is more than useless as spammers have been known to spam the addresses on them.

Revenge Spam

When a spammer forges a spam in another person's name with the intent of having that person deluged with hate mail or mailbombs, or losing their account with their ISP. See also Joe Job.

Reverse DNS

The reverse of a DNS lookup. That is, you enter an IP number, and you are told what name, if any, corresponds to it. If there is no name, you can always use whois or traceroute to determine who owns the system.

Sendmail

The most popular MTA for UNIX because it is very configurable. Until recently, there was no way for sendmail to prevent relaying which spammers usually take advantage of. More information on sendmail can be found at http://www.sendmail.org.

Smarthost

Verb: To relay mail through a MTA at another system. This is normal for ISP retail customers so the ISP can check for viruses and spam. It is also used to get around blocks. If your ISP has a bad reputation, you can get your mail delivered by renting a Smarthost on a clean ISP. Noun: The system that the mail gets relayed through.

Spamtrap

An email address that has never been used or exposed where a person could find it. Any mail received at a spamtrap can be assumed to be spam and fed to automatic blocking software. Spammers often invent them by mangling legitimate addresses. Addresses that have been inactive for several years are sometimes reactivated and used as spamtraps.

Spamvertise

To advertise by spamming.

Spam Haven

An ISP that allows spammers to maintain their website there as long as they do their spamvertising for it from somewhere else. See also Spamhaus.

Spamhaus

A site or ISP that doesn't terminate the e-mail or webhosting accounts of spammers. Often spammers will gravitate toward spamhauses as they don't have to worry about continually switching ISPs.

Spamford, Spammy

Sanford Wallace, the ex-spammer who used to run Cyberpromotions. See also the CyberPromo FAQ. Sanford has since gotten out of the spamming business, but was Sued by the Federal Trade Commission in 2004 for his involvement with "spyware".

Supression list

A list of complainers. When they get a new list, Mainslease spammers remove the complainers from it in order to help them fly under the radar. See also Listwash.

Throwaway Account

When a spammer creates an account on an ISP for the sole purpose of spamming, then proceeds to do so, knowing that it's only a matter of time, usually hours or days, until the account is canceled.

TOS

Terms of Service. See also AUP.

Troll

A user who shows up in mailing lists and Usenet newsgroups who has nothing better to do but stir up arguments and flamewars between them and the users of that group. Most trolls just want the attention and will go away if they are ignored.

UBE

Unsolicited Bulk Email, aka spam. More info at What is Spam?

UCE

Unsolicited Commercial Email, aka spam.

Whack-A-Mole

What spam is called when the spammer keeps jumping from ISP to ISP and is next to impossible to filter!

White Hat

Term for an anti-spammer or an ISP that is anti-spam. See also Hat Color.

Expanded Topics

What is Spam?

• UBE is still spam even if it complies with CAN-SPAM.

• Automated modifications of a message such as adding a "Dear Dave" at the top or adding hashbusters doesn't make it non-bulk.

• Claims by the sender that the mail is important or valuable have no relevance.

• The content doesn't matter. Consent not Content is the mantra. Porn and similar stuff that is highly objectionable to some people is not spam as long as the recipient signed up for it. (It may be against AUP/TOS, but that doesn't make it spam.)

• If you did sign up for a mailing list and change your mind, that doesn't turn the junk that you don't want any more into spam until you have unsubscribed. Yes, the anti-spam world discourages people from clicking spammer's unsubscribe links, but the other half of the deal is that you should unsubscribe from lists that you did sign up for. The latter idea seems to fall through the cracks.

• SPAM (all caps) is a trademark of Hormel.

Spammers generally fall into two categories: Crooks and Mainsleaze.

• The Crooks are what most people think of when somebody mentions spam. Most of their stuff is already illegal. They try to hide. If you wanted to sue them (or arrest them) you would have troubles locating them.

• The Mainsleazers want you (and legislators) to think they are legitimate businesses. They point to the Crooks and say "Why are you bugging me. Go after them." They can't hide or they look like the Crooks. Some of them actually process opt-out requests. Some maintain good supression lists to help them fly under the radar. But if you didn't ask for it, it's still spam.

• It's hard to tell the clean end of the Mainzleazers from non-spammers. Even well run mailing lists generate complaints. Users make typos and forget that they signed up. Confusion often happens when addresses are shared or reassigned. Some users use their this-is-spam button to unsubscribe.

Outscatter

Links

• The Net Abuse Jargon File.
• Ed Falk's glossary, which has links to more.