[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Remailer Network Under Attack



It looks like a new round of attacks against the remailer network is
underway.  Once again, the provocation is "abuse".

Unknown persons have been using anonymous remailers and mail2news
gateways to "plant" e-mail addresses in various NGs for the
spam-bots to harvest and deluge with spam.  The original intention
appears to have been to "poison the well" for spammers by planting
addresses that they'd get in trouble for sending their junk mail to.
It appears that one or more copy-cats is now using the same
methodology to plant the addresses of people who they'd like to see
spammed.  (I'm using the term "plant" rather than "forge" since the
messages seem to contain sufficient disclaimers that the From:
addresses are not genuine.  Sufficient for a normal HUMAN reader,
but not an automated address harvester, that is.)

Within the last week or so, a chorus of complaints has arisen about
this practice, orchestrated by about a half dozen individuals who
meet an interesting criteria -- they all hold dual accounts on both
Netcom and a small ISP known as DataBasix.com.

The scenario is quite similar each time this has happened in the
past, such as with the cross-posted pro-smoking/anti-smoking threads
last year.  One of the complainers politely asks that the abusers be
identified and their abuse stop.  This is, of course, impossible
because the perpetrators are posting anonymously.  The second step,
which follows the first very closely, is a demand that the remailer
be shut down with threats being CCed to sysadmins and upstream
providers.

Given the variety of addresses being "spam baited", the only logical
target of this abuse is the remailers themselves.  Both sides of
certain heated controversies report being made the target of this
spam bait, each side accusing the other of being responsible.

The only question is whether the main group of complainers (the
Netcom/DataBasix group) are merely innocent bystanders or whether
they may have initiated the "abuse" as an excuse to shut down the
remailers in furtherance of some unknown agenda.  Either that, or
someone else is attacking the remailer net and it's just a
coincidence that a group fitting such a curious pattern (dual
accounts on the same two ISPs) should step in and demand the
dismantling of several elements of the remailer/m2n-gateway
infrastructure.

HYPOTHETICAL QUESTION: Would mentioning the "Reichstag Fire" invoke
Godwin's Law prematurely? <g>