Following is a part of the new ROOTSWEB REVIEW. I hope it will answer some of the questions about SPAM. Maggie ------------------------- ROOTSWEB REVIEW: Genealogical Data Cooperative Weekly News Vol. 1, No. 1, 17 June 1998 Copyright (c) 1998 RootsWeb Genealogical Data Cooperative Editors: Julia M. Case and Myra Vanderpool Gormley, CG SPAM OMELETTES by Tim Pierce <twp@rootsweb.com> RootsWeb Genealogical Data Cooperative System Obfuscator and Hack-of-All-Trades In terms of what we worry about day to day, spam is a more serious problem for us than security crackers. Computer capacity is not infinite. Even a fantastically powerful computer system can only process a certain amount of information in a day -- maybe a lot more than you or I would ever want on our desks, but finite nonetheless. When a spammer sends mail to one of our lists, that makes 50 copies that our list server has to distribute to the list subscribers -- or maybe 10 copies, or 1,000, depending on the list. Multiply that by 6,000 (which is approximately the number of lists we host on our mail servers, counting mail-mode and digest lists separately). Those numbers mean that a spammer who sends mail to every list on our systems -- which happens frequently -- is a big problem. Big enough that just sending enough spam to our machines is sufficient to crash them. So spam is actually a show-stopping problem for a big mailing list house like RootsWeb. We have had to contribute a significant chunk of staff and volunteer time to fighting the problem. About a month ago, we blocked almost 800 known spam domains from RootsWeb's list servers, to cut out some of the spam. More effectively, we installed some filters that look for certain spam-like patterns in each incoming message, and discard any message that matches (that is, bounce the message to the listowner). This has reduced the number of successful spam attacks on our systems considerably, which is a bonus both for our listowners and for our harried system administrators. By my estimates, subscribers to our lists see a lot less spam than users of other genealogical list servers. If folks receive spam that was sent to a RootsWeb list, they should forward it to abuse@rootsweb.com so I can figure out how to block any future attacks. I really need to know when spam makes it through our filters. When we get repeatedly hit by the same outfit, too, we can figure out where the spam is really coming from and try to put pressure on the Internet Service Provider. * * * 6/15/98 UPDATE: This was quite a day for the RootsWeb abuse team. famhis@doit.cc, origin@doit.cc, heraldry@doit.cc: This morning we were spammed by an outfit promoting surname histories. All of the posts came from a forged "doit.cc" domain, which I blocked as soon as I got word of what was happening. Because of serious Net lag this morning, however, that didn't happen until well after it had achieved its goal. CVBOX spam: Meanwhile, back at the ranch, this afternoon, a Portuguese spam outfit connected to rootsweb.com and spammed just about every list on our system. Three times each. Over about an hour, they pumped about 4,000 messages and 11MB into our list servers. Thankfully, they're using a well-known spamming software package that was readily caught by our filters. Even as I started to write this message, they started to do it all over again. So we had to take more drastic measures, dropping the Internet routes to their systems and blocking any mail from their (forged) domain name. That should prevent them from even being able to connect to our machines. All RootsWeb members, sponsors, donors, and patrons should congratulate yourselves for this. The funds that you've contributed to improve RootsWeb's systems were directly responsible for our being able to implement spam filters like these. If it weren't for your support, RootsWeb's list servers would be a smoking pile of slag right now. Thanks for helping to keep us running! !^NavFont02F0CDF0007NGHHSE13154 Maggie's World of Courthouse Dust & Genealogy Fever http://www.infinet.com/~dzimmerm/mindex.html *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* God Put Me On Earth to Accomplish a Certain Number of Things. Right Now I am so far behind, I will never die. --- Unknown *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*