Glossary of Spam Terms
_______________________________________________________________________________
The Origin Of The Name "Spam"
The term "spam" comes from the Monty Python sketch where the name of the canned meat product is used so often that it crowds everything else out. In the 1970s, British comedy troupe Monty Python did a sketch involving Spam. The diner menu, as recited by a waitress (Terry Jones in drag), consisted of "egg and bacon; egg sausage and bacon; egg and Spam; egg bacon and Spam; egg bacon sausage and Spam; Spam bacon sausage and Spam; Spam egg Spam Spam bacon and Spam; Spam sausage Spam Spam bacon Spam tomato and Spam; Spam Spam Spam egg and Spam; Spam Spam Spam Spam Spam Spam baked beans Spam Spam Spam; etc." All the while, Spam-loving Vikings in the background sing its praises.
Begin Glossary:
Access logs
Access logs are files that are created by a web server whenever a page from a site is requested. Most follow a common format that lists the date and time of the request, who made the request, which page was requested, and the result of the request (usually "OK" or "File not found"). Some servers also add another very useful piece of information - the referring page: that is, which page the user "came from". A lot of ISPs will let their users look at the access logs. These logs are not only a useful tool for web site statistics and maintenance, but in tracking spambots as well.
Acceptable Use Policy (AUP)
An AUP is a policy statement, made by an ISP, or any company that has customers, in which the company sets out it's "rules" for use of the account. A good AUP will clearly state that not only is spamming not allowed, but will spell out the punishment for doing so.
Address harvester
A program that searches web pages and filters newsgroup postings looking for valid email addresses to be used for spam purposes.
Usually a robot that searches netnews, web pages or other sources for anything that looks like a valid email address. The addresses thus acquired are used for email spam, or sold to email spammers. See also munging.
Alias
In general terms, Alias means to refer to one entity by an alternative name. In Usenet terms, Alias means that a site has an alternative name for itself. News handling software keeps a list of aliases so that it may detect and ignore incoming news which it knows originated locally.
Aliasing can also be used to block news from unwanted sources. For instance, if you don't want to receive news from Earthlink, you would add earthlink to your news software's aliases file (even though Earthlink is not really an alias for your site). This would cause your news software to discard all news with "earthlink" in the Path: header line.
Pseudo Sites may also be aliased to allow news software to reject news or control messages with certain keywords in the Path: line. See cyberspam for more info.
Alphabetic Spam
(AKA Alpha Spam.) Spam which is transmitted to newsgroups in alphabetic order. Alphabetic spam generally indicates that the spammer plans to hit every newsgroup on the net and is completely unconcerned with whether or not the message is appropriate to the newsgroups spammed.
AUP
AUP stands for Acceptable Use Policy. ISP's should always have an acceptable use policy that says what a customer can and cannot do. These should always prohibit spamming. Better AUPs provide for penalties for repeat spammers.
Bandwidth Hugger
Nickname for spam-fighter.
Bayesian filtering
A statistical approach to determining whether an email is spam. Based on probability inference techniques pioneered by English mathematician Thomas Bayes.
BI
Abbreviation for Breidbart Index.
BI2
A more aggressive version of the Breidbart Index. BI2 is computed as (n + BI)/2, where n is the total number of groups hit. BI2 is experimental, and as of this writing is not used as a spam-cancelling criterion.
Bincancel
The term for a cancel issued to remove a binary file posted to a non-binaries newsgroup. The "bincancel" pseudo site is added to the Path: header to enable sites to selectively ignore bincancels. See also cyberspam.
Blackhole list
A publicised list, usually commercial, of IP addresses known to be sources of spam, which can be used to create a network blacklist to filter out mail originating from these addresses. (See also real-time blackhole list.)
Blacklist
A feature of anti-spam software that allows users to designate IP addresses, domain names and individual email addresses from which no mail will be accepted. (See also Domain Name System blackhole list.)
BOFH
Bastard Operator From Hell. Typically a system operator who aggressively enforces policies. See lart, clue-by-four, First known reference, BOFH Web Site.
'Bot
Short for robot. A program that posts to usenet news or takes other actions when called to do so. Examples include robocancellers, which seek out and cancel usenet posts that match certain criteria, robots which post periodic FAQ's to certain newsgroups, and those which detect unauthorized cancels and reposts cancelled articles.
Brand
Information, typically a spammer's URL, placed into an image which is then spammed to the internet. It is very difficult for spam-detecting software to detect and recognize a brand.
Breidbart Index
A measurement of the severity of spam, invented by Seth Breidbart. Used as
a math formula for sapm filters
Bullet-Proof
Spammer's term for a service provider guaranteed not to disconnect spammers. Term usually used when advertising spam services.
Cancel
A cancel is a netnews control message which instructs receiving sites to delete a specific article from their news spools. Cancels are typically used by an author who wishes to retract a previous post (typically because they just discovered an embarrassing spelling error or they just remembered that their mother reads the group.)
Cancels are also used to remove spam and other inappropriate posts, or for censorship (this latter use is usually considered to be net abuse).
Cartooney
Rhyming slang for Attorney. Refers to imaginary or clueless lawyers that spammers refer to when threatening lawsuits.
Chicken Boner
The idea is that spammers would love to give you the impression that they're high-powered corporate movers and shakers on the bleeding edge of internet commerce
Clewbie
Short for "clueless newbie". Many spammers are actually well-meaning but clueless newbies to the on-line world. General consensus is that clewbies should be given a second chance. Beware, however, of hardcore spammers pretending to be clewbies in order to forestall being TOSsed.
Click-Through
A web page which exists merely to redirect users to another site. Click-throughs are used so that a web site being spamvertised need not be mentioned in the actual advertisement. Spammers will typically create click-through pages on throw-away accounts and spamvertise the click-through page.
Clue-By-Four
To clue someone in. Derived from old Missouri saying that to get Mule's attention you have to hit them with a 2 × 4.
Common Gateway Interface (CGI)
Common gateway interfaces are what allows web pages to be truly interactive and dynamic. They allow programs to run on a machine, and usually produces some unique output back to the browser. This instills a great deal of intelligence to your web page, and is an important tool for fighting spambots. Not all users have access to cgi. Consider switching ISPs if you don't.
Complex dictionary checking
A feature of anti-spam software that screens text for rude words and isn't fooled by various spam tricks, such as the replacement of letters with lookalike numerals or characters such as "1nterest" or "r@te").
Crosspost
To cross-post is to send a single message to multiple newsgroups. This is preferable to sending single copies of a message to each newsgroup for three reasons: First, by only sending a single copy, you reduce network resource consumption. Second, most newsreaders allow users to view and discard a crossposted message with just one reading, even if they subsequently visit other newsgroups to which the message was posted. Third, a followup reponse to the original article will be seen in all the relavent newsgroups, instead of just the one.Articles should be crossposted to the newsgroups to which they are relevant and no more. Crossposting is not, in itself, considered net abuse unless done to excess (see ECP), or to many non-relavent newsgroups
CSS spam
Exploits Cascading Style Sheets (CSS), which are used to control the display of web pages, in order to conceal messages in spam. Spammers can also use CSS to recycle old HTML-based tricks which fool spam filters that do not understand CSS.
Cyberspam Convention
The practice of adding the pseudo site "cyberspam" to a cancel's Path: line when cancelling spam. This permits sites which wish to ignore spam cancels to do so.
Dead Chicken
"Sometimes posts to moderated groups take forever to get posted ... and so one might be motivated to "approve" one's own posts by adding the relevant header. This is sometimes known as waving a dead chicken over one's post. One might even refer to said dead chicken in one's X-Approved: header. "However, moderators tend to frown on this and cancel said posts, which they have every right to do.
Delivery Configuration Options
Individual Quarantine - spam and virus infected email for each of your users is sent to a quarantine that is web accessible by the end-user. The quarantine is hosted by the trusted third party. This option fits best if you wish to keep identified spam and virus infected email off your network to conserve your staff-time, network bandwidth and email server processor cycles while maximizing your user’s control over their email.
Central Quarantine (Administrative Quarantine)
Spam and virus infected email for all your users is sent to one quarantine, and is accessible by one or more administrators. The quarantine is hosted by the trusted third party. This option fits best if you wish to keep your users from accessing their quarantine.
Tag and pass Tag and pass systems writes the spam and virus indicator in the header of each message. The messages will be forwarded to your email server with the score in the header. Your email server or your user will need to write parsing rules to process tagged spam and virus infected emails. This option fits best if you wish to create a spam folder within your users’ email client.
Denial of Service (DoS) attack
Where a hacker sends attachments or other unusual or excessive traffic in an attempt to bring down email systems.
Dialup/dialin connection
Often referred to as simply a "dialup", a dialup connection is the main way that a spammer connects to the Internet, usually by using some unwitting ISP. It is called a dialup because the connection is made over the phone lines, and the spammer must dialup the ISP to make a connection.
Dictionary attack
A program that bombards a mail server with millions of alphabetically generated email addresses in the hope that some addresses will be guessed correctly. This technique is also used to crack passwords.
Directory Harvest Attack (DHA)
When a spammer bombards a domain with thousands of generated email addresses in an attempt to collect valid email addresses from an organisation.
DNSbl
DNS Blacklist. A list of IP addresses which are blacklisted. This list may be queried in real time via DNS (Domain Name Service) lookup. The most well-known example is the RBL.
Domain administration
Allows you to configure settings for all users from a central interface.
Domain Name System blackhole list (DNSBL)
Commercial lists of networks that either allow spammers to use their systems to send spam, or have not taken action to prevent spammers from abusing their systems.
DUL
Companion database to the RBL. The DUL is a list of known dial-up IP addresses. These sites are not necessarily spam sites, but the list is provided so that you may choose not to accept email directly from them. Email transmitted directly from a dial-up system -- as opposed through the dial-up system's own provider -- is very likely to be spam.
ECP
Excessive Cross-Posting. Crossposting an article to many newsgroups at once. Such articles are rarely relevant to so many newsgroups at once and are usually the hallmark of a clueless newbie or a spammer.
EDT
Eastern Daylight Savings Time. -0400 from GMT (Universal) time. This is useful to know, as some spam software gets this wrong in forged headers.
EMP
Excessive Multi-Posting. Posting an article to dozens of newsgroups or more, one newsgroup per post. Worse than ECP, because it consumes much more bandwidth and is a greater annoyance to readers. The FAQ states that EMP means, essentially, "too many separate copies of a substantively identical article".
EST
Eastern Standard Time. -0500 from GMT (Universal) time. This is useful to know, as some spam software gets this wrong in forged headers.
False negative
When anti-spam software fails to identify a spam message as spam.
False Positives
Messages incorrectly identified as spam.
Flame Bait
Stupid and/or offensive posts deliberately made to attract flames. Often done by posting questions on controversial issues to disparate newsgroups.
Flood
Large quantities of material posted to the net at once, typically in a binaries group. For example, someone might decide to post all of his nude pictures of Pamela Anderson, which could take days. Although floods can be annoying, they are not considered spam if each post contains unique and relavent material.
Some floods are done purposely to drown out discussion in a group. These classify as vertical spam.
Greylist
Senders who are not blacklisted (excluded) or whitelisted (accepted) can be placed on a greylist. Some anti-spam software can send greylisted addresses an automated response, challenging the sender to confirm their legitimacy.
Hacker
Someone who intentionally breaches computer security, usually to cause disruption or gain confidential information such as financial details. Originally the word "hacker" referred to any person who was into computer technology, but is now commonly used by the public and media to refer to those who have malicious intentions.
Hacker X
Hacker X is a mythical computer hacker who hacks into unsuspecting ISP's user's accounts, and spams the world using an innocent person's ISP account. This way, the abuse center can shine on spam victims simply by spewing out something like; "Our user wasn't spamming, he/she was the victim of a hacker, who used a trojan to access their account and this hacker spammed you, so it is not our user's fault." This way, they get to keep their pet spammer, and some spam victims will believe it.
Sometimes hackers really do break into systems to send spam (although this is more commonly done to launch attacks on yet another system. See zombie.)
Ham
All email that a recipient does not consider to be spam.
Harvesting
The process of scanning the internet to identify email addresses in order to create lists for spamming.
Hash Buster
"Hash busting" - Random content, often confiqured in a word-like pattern, in either the Subject line, the From line, or beneath the legitimate text. Used to evade spam-detecting software which looks for identical messages because each wave of posts appear unique and individual. Each new post has different hashed text.
Hat Color
Refers to the pro-spam or anti-spam stance of an organization. The term comes from old American cowboy movies in which you could recognize the good guys and the bad guys by their hat color. The "hat color" is usually one of the following:
White Hat
Good anti-spam policies
Black Hat
Pro-spam policies Grey Hat -- somewhere in between
Empty Hat
Incompetent or clueless
Haven Spam
Spam from a "safe haven" -- a site which permits spammers to maintain web sites. For example, a spammer might set up a web site at Yahoo and then spam ads for it from throw-away accounts on other providers. As long as Netcom provides safe haven for the spammer, the spam will continue.
HayWyre
A javascript tool used by spammers to encode their pages to make them less human-readable, and thus harder to track back to their source.
Headers
Headers are the block of information lines which appear at the top of a mail or news message. Headers identify the sender and recipient of a message, the route the message took from one site to another and so on. They are the part of an email that most people do not see. Headers contain not only the "Subject:" line, but a complete list of the path that the email took along various machines on the Internet to reach it's destination. Headers are used to determine the source of a post - learning to decipher them is a major part of becoming a spam hunter, because the spammer will usually try to forge, conceal, and mislead with the headers.
Heterogeneous
May be run on different desktop operating systems.
Hijacking
The act of relaying spam through a third-party system without permission. Spammers will often relay spam through third-party systems in order to hide the point of origin (effectively laundering the headers.) This is done to trick users into reading messages they would otherwise delete, to evade automated spam-filtering software, and to make it difficult to complain about spam. Hijacking can be harmful to the third-party system in several ways. First, it is theft of service. Second, it is a drain on resources -- a large flood of spam can crash a small server, creating a denial of service attack. Third, it can cause bounces and complaints to be directed to the innocent third party. Fourth, it damages the third party's good name when spam recipients think that the spam came from them.
Honeypot
In general, a system designed to look attractive to crackers and other undesirables. The crackers or whomever attack the honeypot while being carefully watched by the honeypot's admins. In spam terms: It's a mailserver set up to appear to be an open relay, but it really isn't. Ideally, a honeypot will relay the spammer relay tests, but it won't relay any actual spam that the spammers send, the actual spam just gets thrown away. In practice, it's iffy sorting out the relay tests from the actual spam.
Horizontal Spam
Spam which consists of a large number of messages sent to a large number of newsgroups. Horizontal spam typically represents someone trying to get a message across to the greatest number of people, regardless of whether or not the message is is relevant to those newsgroups or of interest to the people who receive it. See also spam and vertical spam.
IDP
Internet Death Penalty. A situation where all traffic from a site is blocked at the packet level, essentially shutting that site off from the rest of the internet.
Ignorebot
A program that handles email sent to an abuse@ address by sending a soothing reply, and deleting the original complaint.Some ignorebots send a message indicating that the spammer is not abusing the ISP's rules, or that the ISP has no rules against spam, or in some other way indicates that no action will be taken. These are known as "fuck-you-bots".
IMHO
Short for In My Humble Opinion
Internet
The global network which was formed when all of the smaller networks -- Arpanet, Decnet, Bitnet, Usenet and so on -- merged together and adopted standardized addresssing schemes.
Internet 2
A new network originally formed for educational purposes. Internet 2 has the same purpose as the original Internet, but expands the volume of information that can be transferred across it. It is being developed primarily for educational purposes, and hopefully will be spam free.
Internet Service Provider (ISP)
An ISP is a company that provides a connection to the Internet. ISPs range from the huge (AOL, Comcast) to thousands of smaller, local ones. Good ISPs have an AUP to discourage abuse of their network and the Internet by spammers. Spammer hunting often results in a spammer losing their account with their ISP, forcing them to get another, or to see the light and stop spamming.
Issue Poster
Similar to a net.kook, an issue poster is someone who posts relentlessly on a single issue. Post "have a nice day" to a newsgroup inhabited by an issue poster, and the issue poster will respond "Oh sure, that's easy for you to say, but political prisoners never have a nice day."
Joe
The act of destroying a domain's good name via revenge spam or other attack. Named after Joes.com, a web-hosting service which was vicitimized in this way.
LART
Short for Luser Attitude Adjustment Tool, as in "The spammer was sharply LARTed right away and lost his account."
Listwashing
The process of removing email addresses from a mailing list at the request of the recipients - usually, addresses removed are those who have complained - rather than deleting a list in its entirety. This allows spammers to continue to spam with a minimum of complaints. Listwashing often requires the complicity of the spammer's service provider, who will forward email addresses of complainers on to the spammer.
Lock-In
Similar to a mousetrap; lock-in code disables your browser's Back button and prevents you from leaving the web site. Originally developed by porn sites, some mainstream sites also employ this trick.
Mail drop
An email address set up to receive email resulting from spam sent from a different ISP. The spammer will cancel the account from which the spam originated in an attempt to avoid detection. Used because the spammer knows that the account from which the spam was sent will be quickly cancelled.
Mainsleaze
A mainstream (i.e. well-known) company that takes the lamentable step of spamming. They tend to come around more often than not, especially when they discover that nobody trusts them with their email addresses any more.
MMF
MMF stands for Make Money Fast, the title of a popular pyramid scheme that has been floating around the internet like a virus.
Morph
A method that a spammer uses to avoid detection by anti-spam software which involves modifying an email header. The most common kind of morphing is to modify the From: line.
Mousetrap
Use of javascript which prevents a reader from leaving a web site. When the user tries to leave, a new window pops up back at the web site. Typically used by contract spammers who get paid per person who clicks on the advertiser's web site.
Mousetrapping
A technique that page-jackers use, so that users tricked into visiting an illegitimate site encounter only additional, unwanted pages when they click the Back button to try to escape.
Multi-Post
To multi-post is to send a single message over and over again to multiple newsgroups; as opposed to crossposting which is to send a message just once with multiple newsgroups specified in the headers.
Spammers will multi-post in order to force potential customers to see the same ad over and over again. This is the same logic that causes people to plaster hundreds of copies of an advertisement on a wall right next to each other.
Munging
A technique to protect email addresses from harvesting by changing them and rendering them invalid. Recipients of an email from a 'munged' address are told how to decode it, so that they can then reply to a valid address.
NDR spam
Uses a faked standard email non-delivery report (NDR) that a recipient will think is genuine, tricking them into opening an attachment that is spam. Spammers can send such an NDR directly or make a legitimate server send it for them, adding to its credibility.
Network check (also known as reverse DNS check)
When an anti-spam engine uses a Domain Name System database to check an email's IP address to ensure that it originated from a valid domain name or web address.
News.admin.net-abuse.email (NANAE)
The news.admin.net-abuse.* newsgroup hierarchy is used to report net-abuse, of which spam is undoubtably the largest one. Spam hunters often post to the newsgroup news.admin.net-abuse.email.
Newsgroup
An electronic forum where readers post articles and follow-up messages on specified topics. Often targetted by spammers seeking to harvest email addresses.
Nigerian 419 Scam
So-called because it violates section 419 of the Nigerian criminal code. This scam usually, not not always, originates in Nigeria. In the 419 scam, you receive a letter from an official in Nigeria or other african country, and are told that someone needs to move a great deal of money out of the country and that you've been selected to help them do it. In return for your help, you'll be given a cut of the action. All you need to do is pay some sort of "Advance Fee" or "Transfer Tax" or give them your bank account information so they can wire the money to you.
Nuke
Nuke refers to an ISP cancelling a user's account. A nuke is a victory - score one for the good guys.
Obfuscation
Spammers' attempts to hide data to prevent its detection. Also, when email recipients use HTML or Javascript to obscure mail to links and email addresses so that addresses remain readable and clickable, but cannot be harvested.
Open relay
An SMTP email server that allows the third-party relay of email messages. The relay feature is a part of all SMTP-based servers and it has legitimate uses, but spammers have learned how to locate unprotected servers and hijack them to send spam.
Opt-in
The process of agreeing to receive email from a business source - it refers to email advertising lists which users must deliberately sign-on to. Double opt-in refers to a double-check procedure in which a decision to be included on a mailing list is confirmed. Opt-in is considered the only legitimate way to market via email.
Opt-out
Opt-out refers to email advertising lists in which recipients are signed up without their knowledge or permission, but may request to be removed from the list.
Page-jacking
This involves stealing the contents of a website by copying some of its pages, placing them on a site that appears to be legitimate, and having the contents indexed by major search engines, so that unsuspecting users can be tricked into linking to the illegitimate site. (See also mousetrapping.)
Payload
That part of a spam which the spammer is really advertising. For example you have a spam and that spam has a "from" address of "spammer@example.com". If the spam asks you to hit "reply" for more info then in this case the address "spammer@example.com" is the payload, so you want to make sure to complain to "abuse@example.com"
Phishing
(Pronounced 'fishing'.) This involves creating a replica of a legitimate web page to hook users and trick them into submitting personal or financial information or passwords.
Phreaking
This involves illegally breaking into the telephone network to make free long-distance phone calls or to tap phone lines. This term is also used to include the act of breaching the security of any network.
POP
Point Of Presense. A network router that allows a user in one place to connect to their ISP in another. Many POPs have very poor logging capabilities, making it difficult to track down the exact individual responsible for spam. Some ISPs rent access to POPs to other ISPs. This can make the equation even more complex.
PPP
Point to Point Protocol.A method that allows a small computer to connect to the internet over an ordinary serial line and modem.
Pseudo Site
A pseudo site is a keyword entered into the Path: line of a cancel as if it were the name of a site. Sites which wish to ignore specific kinds of cancellations may then alias that pseudo site out and thus ignore the cancels. Sample pseudo sites are bincancel, mmfcancel, spewcancel, retromod, cyberspam, and nocemed.
Other pseudo sites may include the name of the canceller or keywords such as SitenameUdp.
Pump-n-Dump
The practice of promoting a cheap stock ("pumping" it) in order to inflate its price. At which point, the persons pumping the stock dump their own shares at a profit.
Ratware
Software that spammers use to automate spam campaigns, coordinate spam services, and generate, send and track spam messages.
Real-time blackhole list (RBL)
This differs from a blackhole list in that it actively boycotts TCP/IP addresses known to send spam or host spammers. Enabling such a list results in all mail from those addresses being refused, including valid email. This can, however, result in innocent users complaining to their ISPs and those ISPs enacting ber anti-spam measures in order to get the RBL ban lifted.
Relaying
The act of passing an internet message (such as email or netnews) from machine to machine. In the days when the primary transport mechanism for usenet was UUCP, relaying was the normal way for a message to reach its destination. Netnews is still distributed this way.
In the modern packet-switched internet, email is normally sent directly from origin to destination.
Retromoderation
The practice of retroactively moderating a newsgroup by cancelling inappropriate articles. This is generally considered censorship and net-abuse unless the group's charter explicitly permits it or the retromoderator otherwise has a consensus that it is permissible.
Revenge Spam
Spam which has had some poor innocent person's identification planted in the headers or message body. The intent is to make life miserable for the victim.
Robocanceller
(Aka Cancel 'Bot.) A program which automatically detects and cancels spam or other unwanted articles. Robocancellers are very dangerous and should only be attempted by trained professionals.
Robot, spider, webcrawler
A robot, also known as a spider, crawler, or webcrawler, is a program that traverses the World Wide Web, and gathers information. Robots were originally used to gather information for search engines. Indeed, most robots are still of this variety, However, a new brand of "evil robots" has arrived on the scene - known as pambots. Spambots have taken the traditional, harmless ideas of robots and warped into something else.
robots.txt
Robots.txt is a file that is intended to be read by robots as they enter a site, and tells it "how to behave." It is beneficial for the robot, and for the site, for a robot to follow the rules given in the robots.txt file. Spambots in particular do not always use the robots.txt file, which can be used as an advantage in defending a site.
Rogue
A site which refuses to enforce anti-spam rules on its users to the extent that it is no longer of any use reasoning with them. Rogue sites are dealt with by a Usenet Death Penalty.
Signal to noise ratio
Signal to noise ratio refers to how much relevant content (signal) something has as opposed to non-relevant content (noise).
SLIP
Serial Line Internet Protocol. A method that allows a small computer to connect to the internet over an ordinary serial line and modem.
Social engineering
Conning email recipients into opening messages, revealing passwords or providing other confidential information by appealing to their curiosity, gullibility or computing naivety.
Socks
An open Socks proxy is a security hole used by spammers to hide their originating IP address. Spam can made to appear to come from the Socks proxy instead of the actual origin.
Sock Puppet
Sock Puppets are multiple screen names all controlled by one individual, they talk to each other even though they are one person. This gives the impression of discussion between different people, while one person controls the debate.
Spam
The term became connected with computers in 1985 when somebody harassed one of the original Pern MUSHes by echoing: SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM on all their terminals every few seconds until they booted him.
Spambone
An internet backbone dedicated to, or tolerant of spam. For most of 1997, Agis was considered a spambone.
Spambot
A spambot is a robot that specializes in gathering email addresses for a spammer to use. It basically follows links and saves any email addresses it finds as it goes along. A spambot usually gathers emails from the web or from usenet, but may also gather it from other sources.
Spamfighter, white-hat
The good guys, i.e. those who are actively doing something about the spam problem, by spam hunting, legislative efforts, spreading good information, etc.
Spamhandling
Using spam to solicit donations without offering a product. Pun on "panhandling".
Spamhaus
Spamhaus is yet another play upon the word "spam": it is used to refer to a site (company) that is not just spam friendly, but actively produces spam. Usually the label is only applied to sites that not only know they are producing spam, but are not doing anything about it. The plural of spamhaus is spamhäuser.
Spammer
One who spams. Usually some desperate yet misguided individual who has bought some spamware(probably from a spam) and is under the completely wrong impression that money can be made from spamming (although some do, but they don't call themselves spammers).
Spammer hunting, spam hunter
A favorite sport among many people is spammer hunting. It begins when you receive a piece of spam in the mail. Instead of deleting it, spam hunters track down who sent it, and take action, usually resulting in a loss of account for the spammer. Some have even won lawsuits against spammers.
Spam trap
An option on an online form that is pre-selected by default, so that unwary users opt-in to receive spam. It can also be used to refer to a software filter that blocks email addresses known to send spam.
Spamware
Spamware is any kind of basically spammer software. Spambots are a type of spamware, as is the software the spammer uses to send the mail. Often these are integrated into one package.
Spew
Large quantities of garbage sent to the net by a malfunctioning news program or robot. A typical cause of spew can be a netnews-to-BBS gateway which strips out or reassigns message id's before forwarding articles to the BBS.
Spewcancel
A cancel issued to stop spew. Spew cancels should have the pseudo site "spewcancel" added to the Path: header line.
Spoofing
When spammers forge an email address to hide the origin of a spam message. Email scammers and virus writers also use this trick. Scammers spoof address lines to fool people into thinking an email has arrived from a legitimate source, such as an online bank. Similarly, virus writers have passed off viruses as security patches by spoofing their origin as being, for example, from Microsoft technical support.
Sporgery
Combination of Spam or Spew and Forgery. Massive floods of forged articles, typically intended to disrupt a newsgroup.
Spyware
Software containing a trojan horse which monitors your system or your net browsing activity and sends the results to the author of the spyware. Once used only by crackers, spyware is now used by mainstream companies to collect marketing information.
Tarpitting
The use of traffic monitoring to identify remote IP addresses sending a suspiciously large volume of email. Access to the mail system from suspected spam addresses can then be slowed or temporarily suspended.
Teergrube (or tarpit)
Teergrube is German for "tar pit". In internet terms, a teergrube is a system that acts as a tar pit for spammers -- causing their internet connection to become stuck or to slow down dramatically.
Throw-Away Account
A cheap account acquired for the purpose of spamming, with the knowledge that the account will be quickly cancelled, but not in time to stop the spam. Free internet services such as Deja-news, or internet services with free trial periods such as AOL, are favorites of spammers, as it costs nothing to acquire and then lose the account.
TOS
Terms Of Service. The act of cancelling a user's account for violating the terms of service. Also: "TOSs" or "TOSsed".
Troll
The act of dragging flame bait through the murky waters of usenet to see who bites.
UCE
Unsolicited Commercial Email.
UDP
Usenet Death Penalty. A situation where a site is considered to be rogue and beyond reasoning with. At this point, all traffic from or passing through the offending site is blocked.
Vertical Spam
Spam which consists of a large number of messages sent to a single newsgroup. ertical spam may represent a clueless newbie who has screwed up a posting command, or a malicious spammer who is trying to drown out a newsgroup. See also spam and horizontal spam.
Viral Marketing
Quasi-spam marketing style. Web pages or other online advertisements exhort you to "tell a friend" by entering their email address into a form and clicking "send".
Web bug
A small graphic inserted in an email or web page that alerts a spammer when a message is read or previewed.
Whack-A-Mole
Whack-a-mole is an action where a spammer, having gotten nailed on one account by an ISP, goes and immediately gets another account from which to spam. The name refers to the arcade game where you hit little moles that keep popping up out of holes as you bash them with a large, soft mallet.
Whitelist
A list of external email addresses, IP addresses and domains trusted by the entire organisation or individual users. All mail from these addresses is delivered, bypassing the spam filters.
Wpoison
A CGI script which produces an unlimited number of dummy web pages with seemingly different URLs, each of which contains a large number of randomly generated email addresses. The purpose of wpoison is partly to act as a teergrube for search engines looking for email addresses, and primarily as a source of bogus email addresses to poison the spammer's lists.
Zombie
A computer which has been hacked into and is being used by the hackers to launch an attack or spam at other computers -- usually without the knowledge of the computer's owner. Usually, the zombie's owner is unaware of what is happening. Zombies were used in the February, 2000 attack that brought down several popular web sites. See news article FBI looks at NZ student in DoS attack investigation
An insecure web server or computer that is hijacked is usually used in an DoS attack or to send spam.