[linux-elitists] polluting spammers databases

Andy Bastien lists@yuggoth.net
Mon May 21 15:23:30 PDT 2001


I've come up with a scheme lately (and I'm sure I'm not the first) to
make spammers' databases less usable by polluting their databases.
Many spammers include links to web pages in their emails.  These web
pages often contain forms which users can go to to submit their name,
address, phone number, etc. (and sometimes a disconserting amount of
financial information).  The reasons that the spammers give are that
this information allows users to receive more information or be
entered in contests, or some such thing.  The real reason, obviously,
is so that this person can be sent more spam.  The forms are fed to
databases that spammers use when they do their dirty deeds, and the
databases are sometimes also sold to other spammers.

It's a fairly simple matter to put together a perl script that will
submit bogus information to the forms' submit URL, and with a little
effort it's possible to submit random information that is difficult to
separate from valid entries.  With a decent internet connection, it's
possible to submit thousands of entries in a short time.

One person doing this is annoying to the spammers, but little more
than that.  If the spammers control their server they can easily block
that person's IP address.  But, if a hundred or a thousand people
start doing this to dozens of these sites, it seems to me that this
could start causing some real headaches for the spammers.

Three questions bother me about using flooding as a form of protest or
a reaction to spamming.  The first is will this cause enough problems
to the spammers to cause them to change their tactics significantly
(will they just stop including valid email addresses and links to
websites)?  Secondly, without telling these spammers why they're being
flooded, will they even realize what's going on, and won't
communicating with them directly leave you open to retaliation (I'm
sure we've all heard of the anti-spammer activists who've had
threatening messages on their answering machines, just to name one
potential)?  And the final question: is it ethical to stoop to this
level of behavior in fighting spam?







More information about the linux-elitists mailing list