Spam Kings
Page 9
"No, I pay him to do it."
Junior interrupted again. "Take a left. Take a left on Maryland."
"Are we anywhere near your house?" John asked Catts.
Maryland Avenue was just two streets over from Richmond. "You don't want to come over here, I'm telling you right now," warned Catts.
"Why not?"
"Because the sheriff lives next door. My little girl is here. And I will go next door and get him," said Catts rapid fire.
"Oh, well, you might have to," said John, a note of bemusement in his voice. "Because Junior here wants to whup somebody's damn ass."
"He don't want to come in this house, unless he wants to go to jail," said Catts.
"Junior, you don't care about going to jail, do you?" asked John. "He's been wanting to whup somebody's damn ass, and you're the only one I could think of tonight."
"Oh yeah, go get 'em," said Junior.
"We'll be there in a minute," said John. "You better have more than him, because there's at least two of us comin'."
"Well...well, that's fine," said Catts.
"O.K., here's Richmond!" shouted Junior. "Go! Go fast!"
Bubba hung up the phone, so he couldn't hear the chuckling on the other end of the line. He had just been the victim of a spam fighter's version of the TV program Candid Camera. A few weeks later, a recording of the conversation appeared on the Internet, joining other crank calls made to junk emailers at a site called Spammers Speak.
When anti-spammers heard the recording, they cackled with delight. Shiksaa especially enjoyed Catts's attempt to redirect the good old boys' wrath at Jon Scott. She'd had several encounters with Scott, who sold mailing lists containing millions of email addresses. One morning the previous year he had sent her an ICQ message that stated, "Let's get naked." Shiksaa forwarded the note to the Internet service provider that hosted Scott's web site, and requested that the ISP advise Scott to stop harassing her. Then, in an open letter on Nanae, she responded to his advances.
"You are on some serious psychiatric drugs if you would even think I would have any interest in seeing you naked, much less being in the same room with you," Shiksaa wrote.
Scott, a 40-year-old resident of Chico, California, seemed hurt by her response. He posted this reply: "Many of the people in this newsgroup have anger control problems. They have so little power and control in their own lives that they try controlling others...Susan, you have my deepest love and sympathy. May God bring calmness to your angry soul."
But Scott's attempt to take the moral high ground was short-lived. A few weeks later, he sent out a batch of spam that included Shiksaa's username, along with that of anti-spammer Frederick, in the headers. The messages advertised a home-based business opportunity. Technically, it wasn't a Joe-job, since Scott had added after their usernames the network address@ddt.net, a service on which neither spam fighter had accounts. But Frederick was unable to ignore the veiled attack. He fired off a note to the Federal Trade Commission, requesting that it investigate what he considered Scott's attempt to defame him and Shiksaa.
But Shiksaa had much bigger fish to fry.
* * *
[6] This transcript of the conversation between Catts and the crank callers was created from an audio recording of the conversation obtained from Chickenboner.com.
Chapter 4.
Spamhaus Takes on Sue You Net
Steve Linford, the operator of the Spamhaus Project, a blacklist of spamware vendors and the ISPs who host them, asked Shiksaa in October 2000 to join an elite team of spam fighters in a new project he was launching. Her mission would be to help compile detailed dossiers on the Internet's biggest junk emailers. The research would be published at Spamhaus.org as part of a pioneering effort Linford had dubbed the Register of Known Spamming Operations, or Rokso. His plan was to turn Rokso into an Internet hall of shame that would put pressure on shadowy spam operations by exposing them to the light of day.
More importantly, Rokso would provide Internet service providers with a much-needed clearinghouse for screening new customers. The Rokso list would include searchable records on each of the spammers, including descriptions of their junk email operations and spam samples, as well as contact information including aliases, business addresses, phone numbers, and email addresses. To be included on the Rokso list, a spammer had to have been thrown off at least three Internet service providers. To get off the list, a junk emailer simply needed to refrain from sending spam for at least six months.
Rokso wasn't the first effort to focus public attention on the Internet's egregious bulk emailers. In 1995, Alex Boldt, a mathematics graduate student at the University of California in Santa Barbara, launched the Blacklist of Internet Advertisers. Boldt compiled a small who's-who list of chronic Usenet and email spammers, including their contact information. But Boldt stopped regularly updating his list around 1997, and nothing permanent had arisen in its place—until Rokso.
While the Rokso list would eventually swell to over two hundred, the inaugural edition included just twenty-five spammers. Among them was Jason Vale, who had stopped sending Laetrile spams after the court order and instead had been blanketing the Internet with ads for products such as Willow Flower, an herbal treatment for urination problems and other symptoms of prostate disease. The first version of Rokso also had an entry for 29-year-old Ronnie Scelson, a junior high school dropout who led a group of spammers based in the New Orleans suburb of Slidell.
Linford coordinated the Rokso effort from his houseboat, moored off an island in England's Thames River. Forty-two at the time, with a trimmed grey beard and a full head of grey hair, Linford had a hip worldliness that differentiated him from the more nerdy spam fighters. Born in England, Linford had been raised in Italy, where his father operated a factory in Rome that produced industrial platinum. Linford studied photography in college, but he dropped out to pursue a career as a rock musician. His singing and songwriting attracted the attention of GM, an Italian record label, which signed him to a five-year contract. The Italian composer Ennio Morricone even used him as a vocalist on the soundtrack for the 1982 Roberto Faenza thriller Copkiller, featuring Harvey Keitel. But a few years later Linford had a falling out with GM over the direction of his music, and he decided to stop performing until the contract expired. In the meantime, he worked as concert manager for much bigger artists, producing shows for the likes of Pink Floyd and Michael Jackson when they toured in Italy. He became an early user of Apple computers and was intrigued by how technology could revolutionize music production.
Linford decided in 1986 to move back to England, where he started a Macintosh software-development firm with his brother Julian, a talented programmer. Together they created UltraFind, a personal search engine utility capable of locating information in any Macintosh file. It sold briskly for nearly a decade, until Apple built a search tool called Sherlock into its operating software. As a result, Julian decided to return to Italy and take a job with the European Space Agency. Linford remained behind, morphing UltraDesign into an Internet design and hosting business.
It wasn't long before lots of junk email, much of it originating from Sanford Wallace's Cyber Promotions business, began arriving at Linford's various email accounts. He set up a special filter in Eudora, his mail program, to automate the task of forwarding incoming junk emails to the spammer's ISP, with a carbon copy to the Federal Trade Commission. Linford felt at the time that irresponsible ISPs were as much to blame for the emerging junk email problem as the spammers themselves. At one point, he added a signature line to the bottom of his Usenet postings that stated, "Spam would not exist if not for the greed of a few carriers. This site sends all spam back to spam carriers."
Although he stopped short of making it a personal crusade, Linford believed that if others joined in this task, ISPs could no longer ignore the spammers using their networks. In a 1998 posting to Nanae, he wrote, "Beneath Nanae is an iceberg so big it has the force to terminate spam simply by stuffing a terabyte of complai
nts up every ISP that gives you connectivity."
Linford was an early proponent of the idea of blacklisting Internet service providers and domains used by spammers. Although he was no fan of America Online, in early 1997 Linford found himself defending AOL's PreferredMail service against criticism from an anticensorhip activist. The AOL feature, a precursor to the service's current Mail Controls system, enabled users to turn on a filter that blocked all emails from a list of domains determined by AOL to be sources of spam.
"Although filtering them won't stop all spam, it will reduce it by ninety-five percent," Linford argued in a newsgroup for subscribers of Demon, a big ISP in the United Kingdom. "More importantly," he said, "the ISPs that stand up to Cyberpromo and Cybergen now ensure that the Net in a year's time is not just a load of spam with the occasional mail item."
In 1998, Linford continued to be a gadfly to what he considered spam-friendly ISPs. But his criticism of UUNET Technologies, one of the largest service providers on the Internet, almost cost him dearly. At the time, spam fighters on Nanae were keeping a running tally of the number of spam complaints unresolved by Virginia-based UUNET. As reports of abused dial-up accounts and open relays approached one million in March 1998, Linford and others grew frustrated with the firm's sluggish enforcement of its network abuse policies. To call attention to the situation, Linford created a banner graphic atop Spam Combat, a popular page at the UltraDesign site where he offered a variety of free, anti-spam tools. The image consisted of the UUNET globe-and-lightning-bolt logo, with the word SPAM inserted in the middle. Beneath the logo were the words, "We're behind 50% of the spam in your mailbox." Clicking on the banner would take visitors to the UUNET home page.
In the middle of March 1998, the fax machine in Linford's houseboat buzzed to life and slowly spat out a two-page letter from Taylor Joynson Garrett, UUNET's London-based legal counsel. According to the letter, UUNET was "extremely angry" at the blatant infringement of its rights and reputation, which the company considered libelous. The ISP's lawyers ordered Linford to immediately remove the banner or amend it so that it made no reference to UUNET. They also demanded that he turn over the offending graphic to them within forty-eight hours. If Linford failed to comply by the deadlines, UUNET would sue him in High Court.
Linford wasn't sure whether his little logo parody violated any laws, but he was quite confident of the facts behind his claim. So he decided to meet UUNET halfway. He removed the banner and replaced it with the words, "Yeah, ok, it's gone. But tell UUNET to stop spamming and start enforcing an AUP [acceptable-use policy]."
Linford figured that would send UUNET's lawyers on their way, but six days later Garrett faxed him another letter. Linford's site still infringed on UUNET's rights, said Garrett, who gave Linford until noon the next day to remove any mention of UUNET, "whether expressly or implied," from his site or risk further action from UUNET.
Linford thought the new demand was outrageous. He hadn't spoken of UUNET's threats on Nanae until this point, but he decided it was time other anti-spammers knew about the attempts to silence him. He posted a letter to the newsgroup with a link to a web page he had created that included scans of the UUNET threat letters. Soon, mirrors of Linford's "Sue You Net" page sprang up at other sites, and spam fighters began discussing a protest rally outside UUNET's headquarters. Linford was on the verge of making plane reservations to Virginia when cooler heads prevailed at UUNET, and the company pulled back its lawyers. Even better, UUNET shook up its network-abuse department, launched an initiative to close its mail relays, and finally began acting on its spam-related trouble tickets.
The banner incident was a big victory for Linford. Even though UUNET hadn't a legal leg to stand on, it did have significant legal funds, and Linford knew he might have gone bankrupt trying to defend himself. As he saw it, UUNET had decided that suing people who protested against its spam was a fast track to a public relations fiasco. Linford's innocuous little graphic had forced the Internet's biggest ISP to change course.
Following up on his success against UUNET, Linford moved his spam-fighting resources page to its own site, Spamhaus.org. For the first couple of years, it remained a relatively obscure resource known only to anti-spammers and their opponents. But soon it would become the tip of the spear in the fight against spam.
Shiksaa was thrilled by Linford's October 2000 invitation to join Spamhaus. After nearly eighteen months of haphazard spam fighting, much of it against chickenboners, she was eager to focus her energies in a more structured way against the biggest sources of spam. Perhaps it was just his British reserve, but Linford had always seemed to Shiksaa a voice of reason among the frequently strident participants on Nanae. Since he didn't charge for access to the Spamhaus information, Linford couldn't pay her or the handful of other volunteers for their efforts. But he did provide Shiksaa with a new, spam-filtered email address that she proudly used in her Nanae postings: shiksaa@spamhaus.org.
Shiksaa and the Pink Contracts
One morning in late October 2000, Shiksaa's phone rang, and the twangy New Orleans voice of Rokso-denizen Ronnie Scelson was on the other end of the line. Shiksaa had exchanged instant messages with him several times in the past. Scelson had dropped out of school after eighth grade, and it showed in his messages, which were full of misspellings and tortured syntax. But Scelson had the gift of gab and a rare trait among junk emailers: a tendency to tell the truth about his spamming tactics. So despite her revulsion for his line of work, Shiksaa found herself enjoying their online and telephone conversations.
"How would you like to see a pink contract?" Scelson asked her cheerfully that morning.
Taking its name from the color of the Hormel luncheon meat (and thus from spam), a pink contract was a tacit deal by ISPs to allow spammers to use their networks as long as too many complaints weren't generated. Scelson had previously boasted that big ISPs, despite their public posturing about opposing spam, were perfectly happy to provide services to him and other high-volume bulk emailers. Indeed, the previous June a spam fighter had reported on Nanae that a supervisor at AT&T admitted that the big company did business with spammers. But spam opponents had no hard evidence to prove the existence of such deals.
That was about to change with Scelson's offer to Shiksaa. He said he had a copy of a pink contract signed in February between AT&T and Nevada Hosting, a Delaware company run by one of Scelson's partners in spam. The contract would show, he promised, that AT&T was aware that Nevada Hosting would be providing web sites to spammers and that AT&T had agreed to look the other way.
Shiksaa was wary of Scelson's generosity and suspected there were strings attached. The previous April he had tried to blackmail anti-spammers into leaving him alone. If antis didn't back off, he threatened, he would give away his custom-made mailing program to other spammers for free. He claimed the program was able to squeeze messages past filters at AOL and pump spam out onto the Internet at the rate of eight million messages per hour.
"I would much rather find a way to work together than have this software all over the Web. Due to its power I've never sold it or given it away, but if the antis play unfair then so will I," Scelson had threatened.
When Shiksaa asked Scelson why he was willing to leak the AT&T pink contract to her, he told her the big ISP had "screwed over" Nevada Hosting—and, indirectly, him—by canceling the deal early and yet requiring that Nevada Hosting pay the remaining balance. Scelson's revenge would be to expose AT&T's secret collusion with spammers, and he could think of no one better than her to do it.
After Shiksaa agreed to examine the contract and share it with other Spamhaus volunteers, Scelson faxed it over. The one-page document had a title across the top that read, "Agreement Concerning the Operation of Bulk Hosted Web Sites" and was signed by a general manager at AT&T. Under the arrangement the two parties mutually agreed that Nevada Hosting would not send any spam through AT&T's gateways and that doing so would result in termination of services. But the contact specifically
stated that AT&T knew Nevada Hosting would be operating web sites "spammed from other gateways" and that it would not terminate Nevada Hosting for hosting such sites.
Finally, anti-spammers had the smoking gun they needed. Shiksaa placed the contract in her scanner and made a digitized file of the document. Then she attached it to an email message to Linford. The next day, October 31, Linford put the contract up at the Rokso section of Spamhaus.org and sent email to AT&T's abuse department notifying the company that he was making the information public.
"This fax proves that AT&T knowingly does business with spammers," he stated, and requested that his message be forwarded to AT&T management. Linford also posted a copy of his letter on Nanae.
Within twenty-four hours, word of the pink contract was making front-page headlines at CNET.com and other technical news sites across the Web. In the articles, an AT&T spokesman tried to explain away the legal agreement as an aberration, stating that it was inconsistent with corporate policy and the work of a rogue salesperson. In a message on Nanae, a company official assured spam opponents that AT&T was making efforts to ensure that such deals never occurred again in the future. But the pink contract proved an embarrassment for AT&T as it propelled Spamhaus into the limelight for the first time. (While most of the news accounts quoted Linford, there was no mention of Shiksaa or Scelson, or how Spamhaus came into possession of the contract.)
Just as the furor over AT&T began to die down, the story gained new legs. An anti-spammer provided Shiksaa with a copy of a contract between top-tier backbone provider PSINet and a Scelson-run spam service called CajunNet. To Shiksaa and her cohort, this second contract was even more revealing of the profit-driven, backroom deals between ISPs and spammers.
Virginia-based PSINet, struggling financially at the time, had agreed to sell CajunNet a high-speed DS3 line, capable of data speeds over forty times greater than a cable modem or DSL line. The contract said CajunNet would use the line to send commercial emails "in mass quantity," with the exception of ads for pornography. In addition, PSINet would not be required to handle any complaints of spams originating from CajunNet's leased line; instead, the big ISP would forward all complaints to CajunNet. In recognition of the deal's high risk, CajunNet agreed to pay PSINet a nonrefundable deposit of $27,000.