Osirusoft

☆ Save On Wikipedia ↗

The Spam Prevention Early Warning System (SPEWS) was an anonymous, volunteer-operated service that maintained a list of IP address ranges belonging to internet service providers (ISPs) that hosted spammers, were considered spam-friendly, or hosted websites advertised in spam. Internet sites could query the list and use it as an additional source of information when deciding whether to block or filter incoming email.[1][2]

Unlike blocklists that targeted only individual offending addresses, SPEWS deliberately listed wide blocks of address space around a spam source. This caused "collateral" blocking of unrelated customers and was intended to pressure ISPs into removing spammers from their networks.[1][3] The combination of that tactic, the anonymity of its operators, and the absence of any way to appeal a listing made the service both influential and contentious. A Florida attorney who sued its operators called them "vigilantes of the Internet".[1][4]

For a time, the list was distributed through Joe Jared's Osirusoft service. In August 2003, after months of distributed denial-of-service (DDoS) attacks, Jared closed Osirusoft, although mirror sites kept SPEWS available.[5][6] The SPEWS database was last updated on 24 August 2006, after which the resource dnsbl.com listed its status as dead.[7] It was succeeded by the service called the Anonymous Postmaster Early Warning System (APEWS) in January 2007.[8]

Operation

SPEWS distributed its data as a DNS-based blocklist, so a mail server could check a sending address with an ordinary Domain Name System query during an incoming SMTP connection.[1] A listing typically began with the addresses directly tied to a spam operation and could be widened to a larger surrounding block of address space, with the wider range meant for use in scoring filters rather than outright rejection.

Because the maintainers stayed anonymous, listed parties had no one to contact and no formal way to appeal, an arrangement the operators said protected them from harassment and litigation.[1][4] As SPEWS could list address space pre-emptively and expand entries to whole netblocks, mail from customers with no link to spam was sometimes blocked, and users of the list were generally advised to combine it with other checks rather than treat it as definitive.[1]

Reception and disputes

Criticism

Supporters credited SPEWS with pushing negligent providers to act against spammers, while critics argued that pre-emptive listing of large netblocks punished innocent users.[1][9] The Electronic Frontier Foundation was among those wary of blocklists in general, citing concerns about inaccuracy, while still condemning attacks aimed at shutting them down.[6]

In June 2002, SPEWS listed the Australian direct-marketing business T3 Direct, run by Wayne Mansfield, together with its ISP, which then suspended the company's access. Mansfield sued Perth anti-spam campaigner Joey McNicol, alleging that McNicol had reported the company's address to SPEWS, but the case was dismissed in October 2002 after Mansfield could not show that McNicol had contacted the list.[10]

In April 2003, EMarketersAmerica.org, a Florida non-profit corporation represented by attorney Mark Felstein, sued several anti-spam organisations, among them SPEWS, The Spamhaus Project and SpamCop, along with nine associated individuals, alleging restraint of trade and interference with their members' contracts.[3][4] Anti-spam activists widely viewed the suit as a SLAPP and as an attempt to identify the anonymous operators of SPEWS.[3] The plaintiff later moved to drop the action, and in October 2003 U.S. District Judge Donald M. Middlebrooks dismissed it with prejudice, although the defendants still had to cover their own legal costs.[3][11]

Telewest listing

In May 2005, SPEWS listed a large amount of address space belonging to the British cable operator Telewest, affecting around 900,000 of its Blueyonder broadband customers after many of their computers were hijacked to send spam.[12][13] Telewest said it was contacting affected customers to help clean infected PCs and was preparing a security-software package and further network protections, while maintaining that customer email was not in practice being blocked.[12][13]

Denial-of-service attacks and shutdown

From the summer of 2003, several anti-spam blocklists, including SpamCop, Spamhaus and SPEWS, were intermittently knocked offline by DDoS attacks launched in part from networks of compromised "zombie" computers.[2][5] Joe Jared, who hosted SPEWS data at Osirusoft, said he was hit with floods of up to around a gigabyte of data per second and closed the service in late August 2003.[5][14] As Osirusoft was shut down, it briefly returned a match for every queried address, which caused mail servers that relied on it to reject all incoming email until administrators reconfigured them.[15] The same wave of attacks forced the closure of other lists, including Ron Guilmette's Monkeys.com.[6][16] SPEWS itself remained reachable through mirror sites and continued to be updated for several more years.[5]

Successor

The SPEWS database has not been updated since August 24, 2006. A successor service calling itself the Anonymous Postmaster Early Warning System (APEWS) appeared shortly after in January 2007, using similar listing criteria and a closely matching website maintained by anonymous operators.[7][8]

See also

References

  1. Brunker, Mike (29 October 2003). "In the trenches of the 'spam wars'". NBC News. Retrieved 23 June 2026.
  2. "Virus Targets Anti-Spam Warriors". CBS News. 4 December 2003. Retrieved 23 June 2026.
  3. Brian, Morrissey (8 April 2003). "Anti-Spammer Claims Court Victory". Clickz. Retrieved 23 June 2026.
  4. Krim, Jonathan (26 April 2003). "Blacklisted E-Mailers Sue Anti-Spam Groups". The Washington Post. Retrieved 23 June 2026.
  5. Brunker, Mike (2 September 2003). "Spam-blocking lists under siege". NBC News. Retrieved 23 June 2026.
  6. Weiss, Todd (26 September 2003). "Antispam 'blacklist' providers hit by online attacks". Computerworld. Retrieved 23 June 2026.
  7. "SPEWS Current Status". dnsbl.com. January 2007. Retrieved 23 June 2026.
  8. "APEWS announcement of SPEWS replacement". Newsgroup: news.admin.net-abuse.blocklisting. January 2007. Retrieved 23 June 2026.
  9. Yager, Tom (28 August 2003). "So long, Joe, and thanks for all the SPEWS". InfoWorld. Retrieved 23 June 2026.
  10. "Mansfield plans appeal on spam case". The Sydney Morning Herald. 20 October 2002. Retrieved 23 June 2026.
  11. Leyden, John (21 October 2003). "Spam fighters defeat nuisance junk mail lawsuit". The Register. Retrieved 23 June 2026.
  12. Richardson, Tim (11 May 2005). "Telewest punters 'unaffected' by spam blacklist". The Register. Retrieved 23 June 2026.
  13. "Telewest e-mail addresses blacklisted". Out-Law / Pinsent Masons. 10 May 2005. Retrieved 23 June 2026.
  14. McWilliams, Brian (7 September 2004). "Spam, the Nazi hunter and Citizen Joe". Salon. Retrieved 23 June 2026.
  15. Berkes, Jem E. "Design of a DDoS Attack-Resistant Distributed Spam Blocklist" (PDF). Retrieved 23 June 2026.
  16. Brunker, Mike (18 October 2003). "Spam block lists bombed to oblivion". NBC News. Retrieved 23 June 2026.