What happened to a Wisconsin company a couple of years ago is a good lesson in what unsolicited email can cost
Someone in California is giving SparkNet a bad name. Through a Colombian mail server, the unidentified spammer is sending spam blasts using a SparkNet domain name. Legitimate SparkNet customers are feeling the effects.
“Right now my name is getting smeared,” says SparkNet Interactive CEO Christopher Knight. “He’s clogging up my mail servers with undeliverable mail and I have to pay for it.” SparkNet, in Green Bay, Wisconsin, handles 2 million e-mail messages every 24 hours as host of 500 websites and 1500 regional dial-up accounts.
Knight estimates every spam attempt through SparkNet costs him $300 to $500. “That’s just out-of-pocket expenses, not taking into account loss of referrals and loss of future business,” says Knight. “When we get spammed and a server goes down even for a minute, our customers know it.” Last year SparkNet spent approximately $7,000 on out-of-pocket spam costs. So far this year the estimate is at $3,000.
“Waiting until someone sends 50,000 messages through your ISP is too late. Spamming is a serious issue and it needs to be treated like it can be controlled,” says Marion Stevens, webmaster of Spam: Know the Facts.
Stevens suggests configuring mail servers to only process mail sent by a local user or intended for delivery to a local user. Although helpful, this configuration is still not enough to deter a would-be spammer. “Make sure your mail server’s headline records complete information in the header lines of any messages that pass through them. This won’t stop spam, but it will make it easier to trace it,” says Stevens.
Included in header line information should be the hostname the connecting computer provides in its HELO line, the IP address of that machine, and a reverse DNS lookup on that IP address. “The DNS lookup ensures that the connecting machine wasn’t using a fake hostname – a game spanners play,” says Stevens.
SparkNet keeps a twelve-hour log of e-mail activity. Keeping logs for any longer can have its problems, warns Knight. “Log files slow down the server. We only have 153 gigs and 83 gigs are log files. In no time I’d run out of space.”
Being proactive doesn’t mean you can be assured a spam-free existence, it just reduces your chances. If you are spammed, your Acceptable Use Policy may be your best weapon. “Its possible an ISP can get stuck with a spammer that they can’t terminate because they have no rules against it,” says Stevens.
Stevens suggests an AUP should state that an account can be terminated for spamming, using the account for a drop-box for spam-replies, or for advertising a Web-site on your ISP by sending spam from another ISP.
SparkNet updates their Acceptable Use Policy every month. The most recent update informs users there are no refunds of access charges if they are terminated because of spamming activity.
Knight hopes hitting spammers where it hurts will help — they charge spammers $400 per complaint of spamming activity. This year they have sent out four or five invoices totaling over $1000. “We have never collected, but hopefully we are making spammers aware of their wrong doing,” he says.
And don’t forget about educating your user base. “Pre-spam education is definitely better than frantic calls from people who’ve started getting spam and don’t know why its happening or what to do about it can be,” says Stevens. “If users understand why spam is a problem, they will view spammers as not just an annoyance, but as a real threat to the integrity of the network.”
As for SparkNet’s latest spammer – he (or she) is in for a new type of fight. “We aren’t going to say ‘stop hitting me anymore or I’ll remove and block you’,” says Knight. “We are hiring a private detective to track down the California spammer and will be issuing him a court order.”