Spam Kings (12 page)
"They're using a copyrighted ad and can be sued for that," he said.
But the woman from Peak just gave him the brush-off. She refused to disclose who
operated QuikSilver, although she agreed to bring up the matter of the advertisement when
she had a chance. It was obvious to Dr. Fatburn that Peak was protecting QuikSilver because
Hawke was making money for Peak.
In later spam runs QuikSilver used the same basic ad, modifying only the return address
and the web site address for ordering. By August, Dr. Fatburn decided it was time for a
change in tactics. He dusted off his bulk-mailing program and sent out his first salvo of
spams for Extreme Power Plus. In a subtle jab at QuikSilver, he used the subject line
"Finally A Product That Lives Up To Its Name." Like the ad QuikSilver had ripped off, Dr.
Fatburn's message included a description of the product along with testimonials from
customers. But Dr. Fatburn added a bonus QuikSilver didn't have. If shoppers ordered within
forty-eight hours, they'd get a free trial pack of Extreme Colon Cleanser.
It was Dr. Fatburn's first foray into spam, but you'd never know it from the techniques
he used to keep anti-spammers from reporting the spam to his ISP. The hyperlink to his
ordering site was obfuscated, so that instead of the legible domain name (in this case, his
site freecableland.com), it showed only a series of numbers. Rather than including his
regular email as the message's return address, Dr. Fatburn used an account he had specially
set up at Yahoo!. Then, for the message's "return path" headerâthe address to which bounces
and other error messages would goâhe listed an account he had created with a free email
service in Poland.
But despite these stealthy spamming tricks, Dr. Fatburn did something junk emailers
almost never do: all of his spams included his real name and home-office phone number. It
wasn't out of naïveté or an oversight. Dr. Fatburn considered himself an honest businessman
and wanted customers to know that his company, Maryland Internet Marketing, was on the up
and up. Only time would tell whether the calculated gamble would give him a competitive edge
against spammers such as QuikSilver.
But one thing was certain. Hawke was on his way to earning a reputation among other junk
emailers as a scammer.
[
1
]
An unidentified anti-spammer celebrated the turn of events by providing Shiksaa with
a new graphic for Chickenboner.com. It was a parody of the DVD case for the movie
Gladiator
. The anti-spammer had replaced actor Russell Crowe's
head with an image of Hawke's, taken from a newspaper article about his neo-Nazi days.
The title of the movie had been changed to "Spaminator."
In early 2001, anti-spammer Rob Mitchell continued to watch tickling fetishist and
spammer Terri DiSisto's online activities out of the corner of his eye. When he did mention
DiSisto, he referred to him as "Terrance." But Mitchell had almost given up hope that the
law would ever catch up to the strange spammer.
Then, in March of 2001, Mitchell got a phone call from
Reader's
Digest
reporter Hal Karp. The reporter told him that federal prosecutors
in Massachusetts had quietly announced a plea agreement with David P. D'Amato, a guidance
counselor and assistant principal at West Hempstead High
School on Long Island.
The 39-year-old D'Amato had pled guilty to misdemeanor charges of email bombing
computers at Suffolk University
in Boston and James Madison University
in Harrisonburg, Virginia. The U.S. Attorney's press release didn't mention
D'Amato's Terri DiSisto persona or the spams for videos. But Karp assured Mitchell the feds
had found their man and said D'Amato was facing up to a year in prison and fines of over
$100,000 on each count, with sentencing scheduled for July.
Mitchell surfed to the West Hempstead High web site. There, at the top of the home page,
was D'Amato's name. As an educator himself, Mitchell was aghast at the thought of a sadistic
spammer and online harasser like D'Amato working in schools most of his adult life.
"Such a person should never be in charge of children in any capacity ever again," wrote
Mitchell at his Project Iceberg site.
Newsday
, a daily paper serving the greater New York metropolitan area, was
among the first to publish a photograph of D'Amato. Taken from the West Hempstead High
yearbook, the photo showed the plump, unsmiling assistant principal seated in his office.
D'Amato's balding pate and jowls made him look older than his years.
"Ewwww. He looks like Truman Capote," was Shiksaa's response after Mitchell posted a
link to the photograph on Nanae.
Karen Hoffmann chimed in as well when she saw the photo: "MY GOD, could he have been any
uglier?"
Another anti-spammer used the image to create a parody playbill for the movie
Titanic
, which Shiksaa posted at her site Chickenboner.com
. It showed D'Amato's head, juxtaposed with the female image of Terri DiSisto
above the luxury ocean liner. Superimposed over the ship were the words "Titanic Spammer"
and "A Rob Mitchell Film."
Even Rebecca Ore, who had originally expressed skepticism about Mitchell's obsession
with DiSisto, had come around. She encouraged victims to travel to Boston for D'Amato's
sentencing. "All that's remaining is for people who want to see him do active time to show
up and let the judge know how much damage he did," she said.
To the amazement of Mitchell and many other people following the case, D'Amato continued
to work at West Hempstead High for nearly two weeks after signing the plea agreement. The
school district suspended D'Amato only after
Three Village Times
, the
hometown paper, acted on a tip from Karp and confronted school officials about D'Amato. They
admitted they had heard nothing about the charges until that point.
Karp suspected that D'Amato's attorneys had negotiated a deal to tone down the
government's press release and to keep it devoid of sensational details. Clearly, D'Amato
was getting good legal representation. D'Amato's father, George, was the head of a big Wall
Street law firm. And his lawyer, Tracy A. Miner, was one of the top defense lawyers around
and president of the Massachusetts Association of Criminal Defense Lawyers.
Karp concluded that George D'Amato was financially supporting his son, who lived in a
swanky penthouse in Garden City, New York, well beyond the means of most public-school
administrators.
When FBI agents raided the apartment in June of 2000, D'Amato admitted he was DiSisto
and detailed how he performed the mail-bomb attacks. He said he used CyberCreek's Avalanche
software to send the messages through open mail relays. He also admitted to registering
numerous post office boxes and telephone numbers under false names as part of his tickling
video schemes. Later, in a hearing held at the time of his plea bargain, D'Amato told the
court he had been under the care of a psychiatrist since January of 2000 for Internet
addiction and job-related stress.
The
Three Village Times
article revealed that D'Amato had submitted
his resignation to the school months prior to being exposed as Terri DiSisto. He had planned
to leave in order to attend law school the coming autumn at his father's alma mater,
Fordham. The news troubled Mitchell. Impersonating lawyers was one of the tricks DiSisto had
used to scare off anti-spammers and others who complained about his spamming and
abuse.
"A more unfit person to enter the legal profession I cannot imagine," concluded Mitchell
in Project Iceberg.
Fordham Law School
apparently reached a similar conclusion following D'Amato's sentencing in July
2001.
At the hearing, D'Amato stood up and addressed the court: "Your honor, I would like to
express my remorse and sorrow." He apologized to his parents, who were present, and to
"every person in this courtroom who may have been impacted." D'Amato pleaded to the court
for "mercy and compassion."
Prosecutors had provided the judge with a small stack of letters from DiSisto's online
victims. The letters were gathered by Charles Dirksen, a San Francisco attorney and regular
participant in the rec.music.phish newsgroup, who had put out an online call for testimony
on behalf of prosecutors.
"I realize there are (inarguably) far more important things to get excited about these
days...than putting a twisted, deviant spammer in jail for a year or two," Dirksen wrote in
an April posting to the newsgroup. "But nevertheless, as Phish fans, we have the chance to
help put someone in prison who trashed our online community and harassed, threatened and
insulted many of our fellow fans repeatedly and persistently."
Before sentencing D'Amato, the judge asked whether anyone in the courtroom wished to
speak about his or her experiences with the defendant. But no one rose to the occasionânot
even Sean Gallagher, the student who had been mail-bombed by DiSisto. He was present in the
courtroom but apparently content just to watch the proceedings.
The lenient sentence finally handed down by the judge disappointed many who had followed
the case. Noting that D'Amato had already paid over $20,000 in restitution to Suffolk and
James Madison universities, the judge spared D'Amato jail time for his violations of the
Computer Fraud and Abuse Act. Instead, he ordered D'Amato to spend six months in a halfway
house. The judge specifically stipulated that D'Amato's incarceration should not interfere
with his law school classes or mental health counseling. The order also didn't place any
restrictions on D'Amato's Internet use.
But a wrench was thrown into the works when officials at Fordham, apparently awakened to
the controversy surrounding D'Amato, balked and withdrew their offer to admit him. Despite
protests from D'Amato's attorney, the judge revised the sentence.
Instead of spending his days at Fordham's midtown Manhattan campusâjust a block from
Central Park and the Lincoln Center for the ArtsâD'Amato would be booked that August into
the Metropolitan Detention Center in Brooklyn, where he would stay for three months until
being transferred to a medium-security facility in Fairton, New Jersey. D'Amato would serve
out the remaining two and a half months of his sentence in Fairton and be released in
February of 2002.
For Mitchell, the conclusion of the case left many questions unresolved, such as how
D'Amato had acquired his spamming and mail-bombing skills and whether he worked alone or had
accomplices. Similarly, serious doubts remained for Karp about whether investigators had
missed evidence of pedophilia in D'Amato's past. The assistant principal's resumé showed him
to be a job hopper, having changed schools eight times in eleven years. Karp worried that
D'Amato's short stints at each school were the result of his being quietly let go due to
misconduct that administrators decided was best to sweep under a rug, rather than face a
lawsuit from D'Amato.
But those questions would stay unanswered, and Mitchell had to be content with knowing
that Terri DiSisto would never again appear online.
"The era of the Internet presence of Terri DiSisto is at an end, forever," he wrote as
the final entry to his Project Iceberg site.
But then in early August, just days before D'Amato was incarcerated, Mitchell was
surprised to receive a rambling email from the man. The message came from an email address
he didn't recognize, and the headers showed it was sent from a public library in
Brooklyn.
[
2
]
A history major in college, D'Amato had frequently compared their online battles to
those of opposing generals in the American Revolutionary War, and in his message that day he
acknowledged that Mitchell had been a worthy opponent.
"Everything is going to turn out just fine," said the former guidance counselor, noting
that he still had his permanent certification from the New York State Education
Department
.
Annoyed, Mitchell sent a terse reply stating that he had grown weary of D'Amato's
analogies. He said D'Amato seemed in denial about what he had done and what lay ahead of
him. But D'Amato apparently had no desire for introspection. He wrote back to say he was
disappointed not to see Mitchell at his sentencing in Boston, and he invited Mitchell to
meet him someday in New York.
When Mitchell finally responded, he said he'd try to look up D'Amato if his travels ever
took him to the Northeast. But Mitchell never received a reply.
[
2
]
Author interview with "Rob Mitchell" (a pseudonym) on March 23, 2004.
Although she appreciated the sentiment, Shiksaa wasn't entirely comfortable with being
called an anti-spam goddess. She knew that long before she received her first junk email
message, several other women had already distinguished themselves as elite anti-spam
activists. Among the established luminaries was Kelly Molloy Thompson, a Washington State
resident who for several years had been the public face of spam fighting and was quoted
widely in press reports on the topic.
But in the late summer of 2001, during a seismic shift in the world of spammer block
lists, Thompson did something that would force Shiksaa and other junk email opponents to
rethink Thompson's place in the anti-spam pantheon.
As early as 1998, with her round face, coiffed hair, and perky smile, Thompson came
across more like a kindergarten teacher than an anti-spam fanatic. That made her the perfect
spokesperson for the handful of spam busters who decided to picket a Seattle car dealer in
May 1998. Led by the 31-year-old Thompson, the protestors stood outside Aurora Nissan on a
busy suburban Seattle street. They held up hand-lettered signs to passing motorists,
decrying the car dealer's use of a contract spammer to send unsolicited email ads to
thousands of Seattle Internet users.
Thanks to some savvy advance PR work by Thompson, the unusual protest was covered by the
national media, which quoted her on the evils of spam, and eventually resulted in a public
apology from the dealer. The event also garnered lots of attention for an anti-spam group
Thompson helped found earlier that year: the Forum for Responsible and Ethical Email
(FREE)
.
Thompson's organizing abilities were showcased again in 1999, when FREE picketed
Internet multimedia software developer Real Networks. The Seattle company had drawn
criticism from anti-spammers for sending email advertisements to anyone who downloaded its
media player software. FREE argued that responsible email marketers send their ads only to
Internet users who have expressly confirmed their interest in receiving them. After Real
Networks stubbornly persisted, the Mail Abuse Prevention System (MAPS) placed the company on
its spammer blacklist. When that failed to change Real's practices, Thompson and a dozen or
so other protestors staged a protest across the street from Real's headquarters in a
downtown Seattle high-rise tower.
As the anti-spammers were handing out leaflets and displaying their signs ("Spam is
theft!") to passersby, a few Real Networks representatives showed up. They invited Thompson
and other organizers up to the company's offices and asked Thompson to instruct the other
protestors to disperse. Thompson said they'd happily meet with company officials after the
picket was over. But until then, the anti-spammers would hold their ground. At the scheduled
conclusion of the protest, Thompson and two other antis rode the elevator up to Real's
twenty-ninth-floor offices. They ended up spending over three hours trying to educate the
firm's marketing executives about why spamming was actually bad for business.
Thompson's impromptu meeting with Real Networks didn't instantly change the company's
business practices. But it did help her land a job the following November with MAPS in
Redwood City, California. As associate director, she was responsible for media relations as
well as for handling negotiations with companies eager to get off MAPS's Realtime Blackhole
List (RBL)
.
Soon, Thompson was working sixty-hour weeks, trying to keep both spammers and
anti-spammers at bay. She quickly discovered that being on the front lines at an anti-spam
protest was nothing like working the phones of a blacklisting organization. Anti-spammers
frequently emailed and phoned her to inquire why MAPS was slow to process nominations to the
RBL. But her toughest job was informing companies that they were about to be placed on the
RBL. Since many major ISPs, including America Online and Microsoft, relied on the RBL to
filter their email, blacklisted companies were unable to exchange email with large swaths of
the Internet. As a result, many firms facing the blacklist were hostile when Thompson gave
them the word.
On one occasion, when Thompson warned the manager of a company that it was headed for
the RBL, he snidely asked how many different fathers her children had. The representative of
another firm about to be blacklisted inquired whether she was on welfare. Another time,
Thompson informed a California ISP that it would find itself on the RBL if it continued
providing service to Bulk ISP Corporation
, a spam-support company. When word reached Saied Abdul R. Al-Zalzalah, the head
of Bulk ISP Corp, he left an angry message on the MAPS hotline answering machine.
"You've caused a lot of problems for us now. I have to move the site somewhere else.
That's a lot of work for me to do," said Al-Zalzalah. "I think you're a bitch. I'm going to
go speak with my lawyer today ... and get your site sued, you and your company, and try to
get you fired."
[
1
]
Al-Zalzalah never succeeded in his threats. But taking verbal abuse remained a regular
part of Thompson's workday. Some callers to the hotline even went so far as to threaten to
kill Thompson. One day, as she was getting into her car after work, she noticed someone had
shot a hole in the windshield.
Soon, the attacks on MAPS came from high-priced lawyers hired by large Internet firms.
In 2000, several companies, including Harris Interactive, a division of the renowned polling
firm, filed separate lawsuits against
MAPS after being listed on the RBL. In a news report about the Harris lawsuit,
the polling company's chief executive accused MAPS of being "a group of self-appointed
zealots."
Rather than circling the wagons around MAPS, Shiksaa and other spam fighters watched the
attacks with a sense of detachment. Over the years, they had grown increasingly
disillusioned with the service and were often frustrated with what they considered its
excessive caution and lack of communication.
But the erosion of support for MAPS accelerated in October 2000. A discussion had been
underway in Nanae about how the block list could improve its effectiveness. In a moment of
frustration, MAPS founder and chief executive Paul Vixie crashed the conversation.
"Fuck Nanae," he wrote in a posting to the newsgroup, and then twisted the knife.
"I mean, a lot of you are my friends, but...your opinions about what MAPS should be
doing are both generally and specifically worthless other than as
conversation-starters."
Nanae participants recoiled, giving Vixie an opportunity to soften his remarks. But
instead he dug in: "You may all fight spammers if you wish. MAPS is fighting spam
itself."
The distinction was an important one to many spam opponents who believed that it was
detrimental to personalize their battles with spam. But Vixie's proclamation caused a rift
among spam fighters.
Until that point, Shiksaa, like many anti-spammers, still thought of MAPS as a kind of
community-based project. Technically, it was a California limited liability corporation that
employed over twenty people. But MAPS relied heavily on nominations from the grass roots in
building its spammer blacklist. Shiksaa also tremendously admired the dedication of Thompson
and other people running the organization, and she had been prepared to contribute
generously to the MAPS legal defense fund. But Shiksaa announced that she had put away her
checkbook after reading Vixie's comment, as did a number of other anti-spammers on
Nanae.
MAPS nonetheless managed to weather its legal challenges. It was able to convince Harris
to drop its lawsuit and switch to a "confirmed opt-in" system, under which Internet users
would have to follow two explicit steps before Harris could add them to its mailing list.
But the lawsuits also drained MAPS financially, and when the dot-com economy started to tank
in late 2000, MAPS suffered as well. In response, the non-profit made a big announcement in
mid-July of 2001. The block list service said it was discontinuing its practice of voluntary
subscriptions and instead would require all large users to pay (up to $10,000 annually) for
access to the RBL and other MAPS services.
"MAPS' purpose is to stop spam on the Internet. That purpose can only be achieved as
long as MAPS can maintain itself as a corporation...MAPS can simply no longer afford to foot
the bill for the bulk of the Internet community," said Margie Arbon, MAPS business
development manager, in a posting to Nanae about the policy changes. Going forward, MAPS
would allow free access to its data only "under limited circumstances" she said.
[
2
]
Despite the stress, Kelly Thompson loved her stint at MAPS; and she loved making a
difference in the spam fight. But two weeks after the big subscription announcement,
Thompson posted a note of her own on Nanae: she had resigned her position and was looking
for work.
Thompson didn't explain why she was leaving, but it was obvious to Shiksaa. MAPS had
become increasingly impotent over the years, and its switch to a fee-based system was just
the final death knell. In making the decision to go purely commercial, MAPS would lose the
goodwill of many volunteers such as Shiksaa, who for years had felt that MAPS treated them
with indifference.
The MAPS announcement set in motion other important changes in the anti-spamming world.
In August, a new spam blacklist quietly appeared on the Internet. In many ways, it was the
antithesis of MAPS. Calling itself the Spam Prevention Early Warning System, or Spews, the
new blacklist could be downloaded for free by anyone. The operators of Spews were anonymous.
(The registration record for the site, Spews.org, listed an address in the Russian
Federation of Irkutsk, but most people on Nanae assumed that was a joke.)
Unlike MAPS, Spews was not interested in receiving nominations to its block list. "Think
of it as one group's Consumer Reports review of portions of the billions of Internet
addresses," said a notice at the site. In fact, there was no way to communicate directly
with Spews. The operators simply instructed individuals to leave messages for them on
Nanae.
Perhaps the biggest difference between Spews and MAPS was the ruthlessness with which
Spews attacked spam. MAPS usually tried to educate companies about how to avoid being
blacklisted, whereas the operators of Spews appeared to have a "shoot first, ask questions
later" mentality about hard-core spammers. They never shied away from causing collateral
damage and sometimes placed all of an Internet service provider's network addresses on the
Spews list, even if spammers were using only a small portion.
Yet the renegade new service continued to attract supporters, with significant numbers
of mail server operators using the block list to protect their users from spam. With its
higher public profile, Spews became the subject of intense speculation about who was running
the show.
One Nanae reader noted that the design of the Spews site was strikingly similar to one
used by Xoasis.com, a free web-hosting service run by a Seattle ISP. A Nanae regular named
Gary reported receiving a phone call from someone representing himself as one of the
principals of Spews. The caller had revealed that Spews was run by seven people, each of
whom was a system administrator at a large company. But the caller hadn't revealed his name
or those of the other Spews principals.
"I suspect any attempt to back track Spews is going to run into brick walls, dead ends,
land mines, booby traps...I suspect that a LOT of thought went into this," wrote
Gary.
While many anti-spammers admired Spews for its boldness, Thompson found the blacklist's
secrecy offensive.
"I signed my name to every single thing I did at MAPS. I took the phone calls, I
answered the email, and I didn't hide," she wrote in a note to Nanae. "People know who I am,
and they can decide whether to trust me or not. I owned my work. If they don't have the guts
to own their work, then I don't care to consider their opinion."
Thompson also resented Spews's decision to use Nanae as its support forum. Why should
the newsgroup have to be polluted with irate postings from companies blacklisted by
Spews?
Among those who defended Spews was Steve Linford, operator of Spamhaus.org. Linford said
he was saddened by the way some anti-spammers had greeted the new blacklist. He noted that
since Spews went live, it had already caused several recalcitrant ISPs to give the boot to
longtime junk emailers on their networks. Many of those same spammers had also been listed
in the Spamhaus Register of Known Spam Operations (Rokso), which had grown from just
twenty-four firms in 2000 to over sixty by August of 2001.
"There are suddenly a lot of homeless spammers" thanks to Spews, noted Linford. Then, in
a comment directed at Thompson, Linford defended the decision by Spews's operators to remain
anonymous. As he saw it, Spews was hoping to avoid the same fate as MAPS.
"The MAPS ex-staffers here know better than anyone how many people contacted you every
day asking and demanding replies, wanting every ISP black holed now, sending you spam after
spam, carbon-copying you on everything, not to mention the amount of spammers calling you
trying to wangle off your list," wrote Linford.
As he justified why Spews operated as it did, Linford might just as well have been
describing the pressures he felt as the not-anonymous operator of Spamhaus.
"They don't want their personal details, addresses and phone numbers known to every
spammer and every lawyer in town. They're in the front line, right in the thick of it,
finding out who's making the connection with whom, which spambag is about to set up on which
Costa Rica ISP, who's just agreed to provide haven for whom, etc. That's what it's all
about," he wrote. Linford concluded with a plea for spam fighters to give Spews a chance to
correct any systemic flaws.