The NoSPAM Crusade
Home | Our lists | Get delisted | FAQ | Feedback      

Frequently Asked Questions

Below are some of the concerns that have been raised by users of the system:
  • How do we prevent poisoning?

    Poisoning in this case indicates the blacklisting of an innocent party by a malicious one via the posting of forged headers.

    Since we have no way of verifying the accuracy of the posted headers, we cannot determine whether these are real or forged. A maligned party therefore has the chance to request a delisting. Such delisting requests are automatically approved the first three (3) times a source makes the request; the fourth request triggers an analysis of the reporter(s) and/or the blacklisted party which results in a judgement call by our staff. If the suspected SPAM source is a large organisation like AOL, we permanently whitelist them, if the complaints are numerous and from various sources, a chat with the violator may convince us to grant a fourth delisting, otherwise the source will remain blacklisted for three (3) months.

  • How is the dictionary spammer list generated?

    Automatically. We have written a script that watches the mail server's log and makes entries into our database. Anyone interested in generating their own dictionary spammer lists is welcome to the script. Just ask for it!

  • Can anyone make additions to the slipper list?

    No. Only we can, since we have no way of knowing that anyone else's slip messages are legitimate.

  • Are you not blacklisting joe-job bounces?

    No. Any legitimate MTA trying to deliver a failure notification is exempted as the from header contains the special MAILER-DAEMON account which we respect. The cost is that some spam may get through because its from headers are forged in this manner.

  • What is a joe-job?

    Suppose a dictionary spammer attempts to deliver a message to a non-existent account, say doesnotexist@aol.com; the recipient MTA will accept the message and attempt to deliver it to the local account. When it fails (because the account does not exist) it will try to notify the sender of a mail delivery failure. These notifications typically look like this: 

    The original message was received at Mon, 18 Aug 2003 13:52:44 -0700
from cs666870-183.austin.rr.com

   ----- The following addresses had permanent fatal errors -----


   ----- Transcript of session follows -----
mail.local: unknown name: doesnotexist
550 ... User unknown
    A joe-job occurs when the spammer forges the from: or reply-to: headers of the attempt. In such a case, someone who never attempted to mail AOL will be notified about the failure to deliver 'their' message.

  • What is a joe-job bounce?

    If the return destination for a joe job is an account that doesn't exist, the AOL attempt to deliver the failure notification will be recorded by the target domain as a dictionary spammer attack. This will blacklist AOL for appearing like a dictionary spammer in attempting to deliver mail to a non-existent account.