Foreword

Since the explosion of Internet users during the late 1990’s, the unending spam scourge has shown no sign of abating. Statistics from large anti-spam companies that monitor millions of e-mails per hour show that the rates are actually still going up, and depending who you listen to, they are now rising between 50 and 70 percent. The new federal anti-spam (CAN-SPAM) law has already been dubbed the ‘Can’t Fight Spam Act.’ And it’s no wonder; the Net was not built with e-mail security and verification in mind, and ways to bypass and trick the system are plentiful. I heard someone explain it like this: “In trying to get rid of spam, we’re playing a game of chess, and the bad guys have white.” It is a constant game of technological leapfrog, and once a new anti-spam technology has been developed, the spammers do their best to break it, attack it or get around it. Even the brand new Sender ID initiative discussed in this book has proved to be ineffective. In fact, the spammers are adopting it even before the market at large.

As you start reading, the author throws a curve, leading you to believe you are dealing with a simple teenage script kiddie. But you’ll soon discover that the author is a very intelligent, technically sophisticated and resourceful young man. The data in this book is revealing. It shows the various ways that spammers get their messages across, and goes into great technical detail on how they do it. Most surprisingly, there is an underground cooperation between hackers and spammers, who have a common, nefarious goal to steal the email databases of companies and exploit these lists. This is a detailed handbook on how to spam, and get around the many barriers that have been thrown up by the anti-spam community. You could say that this is a bad thing, as now everyone will be able to do it. But this is not the time or place to throw coals on the raging fire of the “disclosure discussion” of network vulnerabilities.

This book is a must for any system and/or network administrator who runs mail servers, or anyone who must ensure their organization is as safe as possible against the many dangers lurking behind their firewall. Spam is a many-headed dragon. In its most innocuous form it affects productivity negatively by being a distraction and a nuisance, but it can be used as a vector for many more destructive purposes like drive-by installs of trojans, key loggers, viruses, and spyware.

A good defense against spam starts with knowing the enemy. This book reveals how your enemy thinks, how he operates, how he gets paid, the advanced state of dedicated automation he utilizes and what holes in the Net are being exploited. Having a resource like this is equal to catching the decryption code book of the opposition. Have fun in keeping the bad guys out!

— Stu Sjouwerman
Founder of Sunbelt Software
Publisher of W2Knews