Glossary

Affiliate

A spammer who sends junk email on behalf of a sponsor, usually on a commission basis.

AIM (AOL Instant Messenger)

A free computer program published by AOL that allows users to communicate instantly through text messages to other AIM users.

Anti

Short for anti-spammer. A term used by spammers to refer to people who fight junk email.

AUP (acceptable use policy)

A collection of rules set by an Internet service provider that restrict how customers may use the service. For example, many AUPs expressly prohibit users from sending spam.

Blackhole list

A list used to filter spam or cut off traffic to spam sites. Typically, such lists contain a collection of Internet protocol (IP) addresses or domains used by spammers.

Blacklist

See Blackhole list.

Blog

An online journal of short web postings, usually posted in reverse chronological order (most recent item first).

Brute-force attack

In spamming, a computerized attempt to deliver an email ad that involves randomly constructing possible valid addresses. For example, a brute-force attack might begin by sending spam to [email protected] and then try [email protected], etc. (See also Dictionary attack.)

Bulker

Used by spammers to refer to people who send spam.

Bulletproof hosting

A web server that stays accessible for long periods of time and is relatively immune to complaints from anti-spammers.

Caller ID

A telephone feature that displays the name and/or number of the calling party when an incoming call is received.

CAN-SPAM (The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003)

The first U.S. law governing junk email, which went into effect January 1, 2004.

CAUCE (Coalition Against Unsolicited Commercial Email)

A volunteer organization created in 1997 to advocate for a legislative solution to the spam problem (http://www.cauce.org/).

Chickenboner

A label given to small-time spammers. Anti-spammers stereotype chickenboners as living in mobile homes with a personal computer on the kitchen table, surrounded by empty beer cans and empty buckets of fried chicken.

Convert (v.)

Used by spammers to describe the act of a spam recipient responding positively to an email ad. A “high-converting list” contains email addresses likely to generate sales.

De-duped

Used by spammers to refer to mailing lists that have had duplicate email addresses removed.

Denial-of-service attack

Also known as a DOS attack. An incident in which a malicious Internet user attempts to prevent other users from using online resources such as the Web or email. In a distributed denial-of-service (DDOS) attack, a group of Internet users flood another computer on the network with so much data that it may crash or be unable to handle real network traffic.

Dictionary attack

In spamming, a computerized attempt to deliver an email ad that involves constructing possible valid addresses using common words or names. For example, a dictionary attack might begin by sending spam to [email protected] and then [email protected], etc. (See also Brute-force attack.)

DNS (domain name server)

A system used to route Internet traffic by translating alphanumeric domain names into numeric Internet protocol addresses. (See also Domain and IP address.)

Domain

A name, such as oreilly.com, that identifies one or more IP addresses. Domain names are used to identify particular web pages as well as email servers.

Drop box

A temporary email account, usually at a free, Web-based email provider such as Hotmail, used by a spammer to receive mailing-list removal requests, orders, or other communications. Drop boxes are used by spammers to protect their permanent email accounts.

DS3

A very high-speed, dedicated phone connection used mainly by Internet service providers to connect to the Internet backbone. DS3 lines are capable of sending data at rates up to forty-three megabits per second. (Also known as a T3 line.)

DSL (digital subscriber line)

A fast phone line used to connect a home or office to the telephone company’s central switching station. Most residential DSL lines send data at rates around 128 kilobits per second, with download speeds of around one and a half megabits per second.

Extractor

A spam-related program designed to locate and compile email addresses from web pages, online discussion forums, and other Internet databases. (See also Harvesting.)

FBI (Federal Bureau of Investigation)

The United States law enforcement agency that is the principal investigative arm of the U.S. Department of Justice (http://www.fbi.gov/).

FDA (Food and Drug Administration)

The U.S. government agency established to regulate the release of new foods and health-related products (http://www.fda.gov/).

Flame war

An argument or fight that takes place in newsgroup articles or over email.

Forged

Used to describe a fraudulent email address or email headers.

Fresh

Used to describe proxies or email addresses that have been recently collected.

FTC (Federal Trade Commission)

The U.S. government agency charged with enforcing antitrust laws and prohibitions against false, deceptive, or unfair trade or advertising practices (http://www.ftc.gov/).

FTP (file transfer protocol)

A system for transferring files over the Internet from one computer to another.

GI (general Internet)

A mailing list composed of email addresses from a wide variety of ISPs.

Golden Mallet

An award given to elite anti-spammers to recognize “outstanding lifetime achievement in the spamfighting arts.”

Harvesting

The act of compiling email addresses from web pages, online discussion forums, and other Internet databases, usually with the use of a special computer program. (See also Extractor.)

Headers

The part of an email message that includes the path the message took en route to its destination: a sort of electronic passport.

Home page

A web site. The term is also used to refer to the front page of a site.

Honey pot

An email server or proxy set up to attract spammers seeking open relays or proxies. Anti-spammers create honey pots to track the activities of spammers.

Host

A service that provides online systems for storing information, images, video, or any content accessible via the Web. Web hosts are companies that provide space on a server they own for use by their clients.

HTML (Hypertext Markup Language)

The computer language used to create documents on the World Wide Web.

ICC (Internet Chess Club)

One of the first online chess clubs, at chessclub.com.

ICQ (“I seek you”)

A free instant-messaging program, such as AIM, that allows users to chat and send/receive files with other ICQ users.

IRC (Internet relay chat)

A chat system that enables people connected anywhere on the Internet to join in live, group discussions.

ISP (Internet service provider)

A company that provides access to the Internet.

IP (Internet Protocol) address

A unique number that is assigned to every computer connected to the Internet.

Joe-job

Spam designed to tarnish the reputation of an innocent third party. First used to describe such an attack on Joe Doll, webmaster of joes.com.

LART (Loser Attitude Readjustment Tool)

An email notifying an ISP that one of its customers is spamming. Also referred to as a mallet, since it is metaphorically used to clobber delinquent ISPs into action against spammers.

Leads

Sales prospects generated by spam. Leads are often sold by spammers to mortgage companies and other marketers.

List washing

Removing the addresses of complainers from spam mailing lists.

LLC (Limited Liability Corporation)

A U.S. business entity that is a hybrid of a partnership and a corporation. The owners of an LLC are somewhat shielded from personal liability.

Lumber Cartel

A fictitious group formed by anti-spammers in 1997 in response to assertions by some bulk emailers that wood-products companies were funding anti-spammers in an effort to preserve paper-based direct-mail promotions.

Mailer

A synonym for the term spammer, preferred by people who send spam. Also used to describe software designed to send junk email.

Mail bomb

A denial-of-service attack using a large volume of email, designed to overwhelm the victim’s email program or server.

Mainsleaze

A mainstream, well-known company that resorts to spamming.

MAPS (Mail Abuse Prevention System)

An anti-spam service founded in 1997. MAPS operates the Realtime Blackhole List (RBL), one of the original spam blacklists (http://www.mail-abuse.com/).

Merchant account

An account established with a payment processor for the settlement of credit card transactions. Any spammer who wants to take credit card orders must establish a merchant account.

Munge

To modify a published email address so that address harvesters won’t get a usable address, but humans can still figure it out.

Nanab (news.admin.net-abuse.blocklisting)

A relatively new Usenet newsgroup devoted to discussing spam blackhole lists such as Spews.

Nanae (news.admin.net-abuse.email)

A Usenet newsgroup devoted to the discussion of email abuse or spam.

Nanas (news.admin.net-abuse.sightings)

A Usenet newsgroup to which participants post copies of email or newsgroup spam they have received.

Newsgroup

An Internet discussion forum, such as news.admin.net-abuse.email or rec.pets.cats. All together, the thousands of newsgroups form a global bulletin board where people talk about every topic imaginable.

Nuke

To cancel an ISP user’s account for spamming or for other policy violations.

Opt-in spam

Involves sending email ads to people who have requested to receive them.

Opt-out spam

Involves sending spam to recipients and giving them the option of being removed from future mailings.

Pink contract

A tacit deal between an ISP and a spammer under which the spammer is allowed to use the ISP’s network to send spam or host a spamvertised site. Takes its name from the color of the Hormel luncheon meat.

Port 25

The computer port commonly used by Internet servers to send email.

Proxy server

A computer network service that allows users to make indirect connections to other network services. Proxies have been widely abused by spammers to cloak their identities.

RBL (Realtime Blackhole List)

One of the original spam blacklists, developed by the Mail Abuse Prevention System (MAPS) to filter spam and control access to spamvertised web sites (http://www.mail-abuse.com/services/mds_rbl.html).

Relay

An email server that allows an outside user to relay email messages to other Internet mail servers. Spammers often abuse open relays to obscure the source of their messages.

Rokso (Register of Known Spamming Operations)

A database launched by Spamhaus.org in 2000 to track the largest spammers on the Internet (http://www.spamhaus.org/rokso/).

SBL (Spamhaus Block List)

A spam blacklist created by Spamhaus.org in 2001, based in part on data from Rokso (http://www.spamhaus.org/sbl/).

Screen name

An America Online subscriber’s username. Also used to refer to any alias used by an Internet user.

Seed

An email account created by a spammer and added to mailing lists to test whether a run of junk emails is successfully delivered and is not blocked by an ISP’s filters.

Sender ID

A technical specification designed to address the problem of email forgery and domain spoofing. Sender ID is backed by Microsoft and other high-tech companies and is currently being considered for implementation as an Internet standard.

SMS (short message service)

A feature available on many mobile phones that allows text messages of up to 160 characters to be sent and received via the cell phone provider’s message center to a subscriber’s mobile phone, or from the Internet, using an SMS gateway web site.

Sock puppet

A secondary screen name secretly used by an individual during online discussions to support his position in an argument. Spammers are often accused of creating sock puppets to defend their actions on newsgroups such as Nanae.

Spamhaus

One of the leading anti-spam web sites launched in 1999 by Steve Linford. The term is also generically used to describe an ISP or other company responsible for spam (http://www.spamhaus.org/).

Spam trap

An email address set up by a spam fighter to capture unsolicited email ads for the purpose of tracking spammers.

Spamware

A software program designed to send junk email.

Spamvertise

To advertise something via spam.

Spews (Spam Prevention Early Warning System)

A mysterious spam blacklist launched in 2001 by a team of anonymous individuals (http://www.spews.org/).

SPF (sender policy framework)

A technical specification designed to combat email forgery. SPF is designed to make spammers send mail from their real domains instead of hijacking the accounts of innocent users. The technology forms part of the basis of a proposed Internet standard called Sender ID.

Sponsor

A spammer who hires affiliates to send email ads on a commission basis.

Spoof

To alter the “From” line of an email message so that it appears to come from someone other than the actual sender.

T1

A digital telephone line capable of carrying data at one and a half megabits per second in both directions.

TOS (terms of service)

The rules governing use of an Internet service.

Trojaned

Refers to a computer that has been compromised by attackers and can be used, without the owner’s authorization, to send spam or perform other actions.

Troll

Someone who creates newsgroup postings designed to spark a flame war or otherwise create controversy.

UCE

Unsolicited commercial email, or spam.

Unix

A computer operating system originally developed at Bell Labs in the 1970s. Today, a variant of Unix called Linux is preferred by many computer aficionados over Microsoft’s Windows operating system. Unix-based software runs on the majority of Internet servers.

URL (uniform resource locator)

The address of documents and other resources on the World Wide Web. http://www.oreilly.com is one example of a URL.

USCF (United States Chess Federation)

The official sanctioning body for over-the-board chess tournament play in the U.S., with over 90,000 members (http://www.uschess.org/).

Usenet

A worldwide bulletin board system that can be accessed through the Internet or through many online services. The Usenet contains thousands of forums, called newsgroups, which cover every imaginable interest group.

Username

The name subscribers use to sign on to the Internet. The username is also the name that appears to the left of the ampersand (@) in an email address.

Valid “From”

A return address on a spam message that represents an actual email account controlled by the spammer.

Verified

Refers to a list of email addresses or proxies that has been checked to ensure that its contents are valid.

WHOIS

An Internet service that enables users to query the ownership records of domains (http://www.whois.org/).

Whitelist

A list of email or IP addresses from which an individual or service wishes to receive email.

XBL (Exploits Block List)

An anti-spam blacklist launched by Spamhaus.org in 2003 to combat the increasing use by spammers of Trojaned computers and proxies (http://www.spamhaus.org/xbl/).

Zombie

A compromised computer controlled by a malicious attacker for the purpose of performing a denial-of-service attack on other systems.

For more online definitions of spam-related terminology, refer to “The Spam Glossary,” by Ed Falk (http://www.rahul.net/falk/glossaryzombieglossaryXBL (Exploits Block List)glossaryverifiedglossary.html), and “The Net Abuse Jargon File,” by Andrew Nellis (http://www.ncf.carleton.ca/ip/freenet/subs/complaints/spam/jargon.txt).