San Diego We all get them and we all hate them: unwanted e-mails advertising cut-rate life insurance, low-interest mortgages, get-rich-quick schemes, debt-consolidation services, ink-jet cartridges, and cell-phone accessories. One might live with these annoyances, if they weren't accompanied by e-mail bearing live links to websites featuring images of naked Russian teenagers and worse.
"Spam," such e-mail has been dubbed. And when we get it, our first reaction is to blame our Internet-service provider for selling our addresses to the people sending it. Jeff Dickey, tech-support manager for American Digital Network, an Internet service provider in Kearny Mesa, handles these complaints every day. "So far this morning," he said on a recent Monday, "I've received 250 complaints about spam. I have customers who get 500 to 600 pieces of junk a week. People always blame us for selling our e-mail lists. We've never sold an e-mail list in our lives."
Then why, a chorus of e-mailers asks, are our inboxes full of this stuff? "It's probably because your e-mail address is out there," Dickey answered. "Maybe you're on a joke-of-the-day list, and whoever runs the list sells your name to everybody."
Say a friend forwards an article to you and 15 of his friends, and you forward it on to all of your friends. In each of those transmissions, your e-mail address is printed in the "header," the coding at the top that you usually ignore. By the time your friend's friends stop forwarding the article, hundreds, maybe thousands of people will have seen it. One of them may have been a "spammer." And now the spammer has your e-mail address. "People write programs that go through and remove all the addresses," Dickey explains, "and they've got 48 new addresses they can send to.
"Also," Dickey continues, "easy user names get a lot of spam, names like John. The spammer will try 'John' in every domain."
Your user name is whatever comes before the @ symbol in an e-mail address. The domain name is what comes after. So in [email protected], John is the user name, doe is the domain name. "There are people," Dickey explains, "who run programs which go through each domain, [email protected], [email protected], [email protected] There are programs that go through every feasible combination of eight characters. I see the ones coming in that are trying the aaa, aab, aac because my machine looks for that type of pattern, and it will just block them. But it's not easy to block all of them, because a lot of the ISPs don't do that, especially smaller ISPs who can't afford to have people do what I do here."
What he's talking about is combating spam. "I'll spend four hours working on spam on Monday," he says. "But Mondays are my biggest days because I'll have spam from all weekend. Tuesday through Friday, I'll do maybe one to two hours a day."
Spamming originated when businesses and private citizens began owning fax machines in the mid-'80s. "You'd get the junk mail by fax," Dickey recalls. " 'Win a free vacation cruise!' People would just spend all day looking for fax numbers and then spamming them with faxes. I first started noticing spam on the computer in 1995. That's when it started showing up in earnest. There was a law passed against fax-machine spam because it wastes the recipients' fax paper and toner. The law that was passed stipulated a $25-per-instance fine if somebody complains about it. There are no Internet spam laws."
In the absence of a law, Dickey and others like him, who guard the electronic-mail gateways of the world, have to come up with their own ways of fighting spam. Their method is blocking; that is, disallowing mail from individuals or whole domains that are known to be sources or channels of unsolicited e-mail. "The first thing I do," Dickey explains, "is check out the headers of any mail that comes in." He brings up an e-mail ad for septic-tank retrofitting and begins to read the header, which tells where the mail came from and where it's going. "I start at the bottom and work my way up to the head. Here's my server...and here we see that this one came from a Japanese toy company. So obviously, somebody compromised their server and sent mail through it. So their server is available for anybody on the Internet to use to send mail."
That's called an anonymous relay, or open relay. "It's not the toy company itself that's sending spam," Dickey explains. "Their server was set up wrong. It allows spammers to send mail through it. See, individual computers don't deliver mail. They send it to an outbound mail server, and that server delivers the mail. It searches and finds the toy company in Japan."
This searching is done with computer programs that automatically send messages to mail servers around the world. "They ask each one to send back a piece of mail," Dickey explains. "Whatever one they get back, they know that one allows anonymous relays, and then they use that to send spam."
As long as the spammer doesn't flood the Japanese toy company's server with so much mail that their system buckles and their employees can't send mail, the toy company may never know that they are being used as a conduit for electronic junk mail. That is, until Dickey or a colleague receives a spam mail through their server and tells them about it. After he's sent that message, he blocks mail from the toy company's server to his customers. "I have over 3000 blocked addresses," Dickey says. "Those are addresses that I won't accept mail from because either they're known to accept spam or are an anonymous relay, like the Japanese toy company. Sometimes they call me and say, 'Hey, you're blocking me.' I tell them, 'You were an open relay.' I keep a record of everything I block so I can go back and say, 'Yeah, I blocked you because in 1999, December 7, I received 27 complaints regarding spam from your address.' Sometimes they say, 'Well, I fixed that problem.' Then I'll test it again, and if it doesn't allow anonymous relay, I'll open it up again."