Posted on 01/10/2005 10:05:01 AM PST by ShadowAce
Although some ISPs and legislators are crediting the year-old CAN-SPAM Act and better technology for recent gains in the war on spam, many in the industry say the advances are forcing spammers to employ new tactics, which are destabilizing the Internet's crucial DNS.
One troublesome technique finding favor with spammers involves sending mass mailings in the middle of the night from a domain that has not yet been registered. After the mailings go out, the spammer registers the domain early the next morning.
By doing this, spammers hope to avoid stiff CAN-SPAM fines through minimal exposure and visibility with a given domain. The ruse, they hope, makes them more difficult to find and prosecute.
The scheme, however, has unintended consequences of its own. During the interval between mailing and registration, the SMTP servers on the recipients' networks attempt Domain Name System look-ups on the nonexistent domain, causing delays and timeouts on the DNS servers and backups in SMTP message queues.
"Anti-spam systems have become heavily dependent on DNS for looking at all kinds of blacklists, looking at headers, all of that," said Paul Judge, a well-known anti-spam expert and chief technology officer at CipherTrust Inc., a mail security vendor based in Atlanta. "I've seen systems that have to do as many as 30 DNS calls on each message. Even in large enterprises, it's becoming very common to see a large spam load cripple the DNS infrastructure."
The DNS handles address look-ups for all Web sites on the Internet, translating natural language names into IP addresses. But its first use was as a look-up service for mail records, and it continues to be used for the billions of e-mail messages traversing the Internet daily.
The CAN-SPAM Act, which went into effect at the beginning of last year, was designed to reduce spam by making it illegal to send messages with spoofed addresses. One spammer already has been sentenced to jail for violating the law, and America Online Inc. said recently that the threat of prosecution, along with better filtering, has helped reduce spam complaints by 75 percent.
In reality, experts say, spammers shut down DNS access to domains that they control after as few as 12 hours to prevent ISPs or law enforcement officials from tracking them down. This tactic also wreaks havoc with the DNS as mail servers trying to return undeliverable messages will continue to perform DNS queries on the defunct domain.
"We've had to reset our architecture to make nine DNS look-ups, which is an insane amount. And we've bought a bunch of workstations and small servers to use as redundant DNS servers because of the load," said Bill Franklin, president of Zero Spam Network Corp., an anti-spam hosting provider based in Coral Gables, Fla. "The DNS system is a good warning indicator."
More troubling than the DNS problems is that there is little ISPs and enterprises can do, other than buying more capacity and setting up redundant DNS servers.
"We have to figure out how to taper DNS services gracefully rather than having catastrophic failures," said Paul Mockapetris, the author of the first DNS implementation and chief scientist at Nominum Inc., based in Redwood City, Calif. "Mail look-up was the first application put on top of DNS after I designed it, and I was so excited to see that. And now, 20 years later, people are trying to figure out how to stop doing mail look-up on DNS. It's bizarre."
You are correct, however, it costs virtually nothing to spam, and if you can just just a couple of suckers out of a few hundred messages sent you can make your money back, and then some. That's not even speaking of the money they get from selling the data they collect by installing the spyware on people's machines.
Sets a bad precedent and opens the door for taxation of the internet. Otherwise it's a great idea.
If you want less of it tax it. If you want more of it subsidize it.
I don't think there are any risks at all. The Can-Spam act hasn't reduced spam. Any spammer worth his/her salt can use an off-shore server.
And what happens in the case of new domains that have been legitimately registered, or old domains that have expired out of your local DNS cache? Your DNS box then has to go outside the LAN to do a lookup itself, and you're right back to square one.
Every spammer isn't worth the crap their filled with.
I'm sure there are some people that get excited when Arumbi Omigiggio, the ex-minister for domestic compliance in Nigeria notifies them they will soon have access to millions of dollars. With all that new money they buy breast implants, pop some Viagra and get their pee-pee to grow using special herbs.
Mail servers will need to be able to check against this situation and increase their local negative cache timeout for said domain. These domains should then be distributed to multiple DNS blacklists and only proper petitioning and authorization can lift the ban.
You forgot Arumbi Omigiggio also has gone through all of the trouble and approved your mortgage of up to 400K without any of your information. He has been waiting for a call back from you for 3 days and is getting worried...
My 80 year old mother got some spam that she had won $500 at an online casino. ~sigh. She went there like a bat out of hell, gave 'em all kinds of info and now her emails are full of spam.
And anyone who buys anything advertised through spam.
If no one made any money via spam, there would be no spam!
The entire table? You want to do daily zone transfers? And that alleviates the load on higher-level servers how, exactly?
I worry about my dad with things like this. I set him up with his first computer and DSL last year. I check with him every week or two to be sure he did not get fooled by some phishing scam.
I'm not so worried about him getting on a spam list - I fear him getting tricked into giving out is SS# or bank account number.
Absolutely correct. There are people out there who want to get rich quick, lose weight fast, and have a bigger ... oh, never mind
There is that cream you are supposed to rub on and your .... is supposed to get bigger. Wouldn't your hand get bigger too?
No, just your fingers.
Ha ha, true. What cracks me up about getting those spam ads is that I don't even have the organ in question.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.