| TRAINING | CONSULTING |
| PRODUCTS | SOURCER'S DESK |
The Net Abuse FAQ
Last changed $Date: 1998/12/23 19:28:32 $, making this $Revision: 3.2 $.
The most frequently asked question is always "Who do I complain
to about this?"
Please see sections 3.8 through 3.12 for
answers.
If you read no other part of this FAQ, read section 3.21.
POLITICS
1.1) What are
the news.admin.net-abuse groups, and why were they created?
1.2) (this section has been merged into 1.1)
1.3) What is
net-abuse?
1.4) What is
the purpose of this FAQ?
1.5) What questions
does it leave unanswered?
1.6) Who's
responsible for this FAQ?
1.7) Where
can I get it?
1.8) Is this
the only Net Abuse FAQ?
1.9) I don't
understand a word of this.
SPAM, SPAMMERS, and MOOSES
2.1) What is
Spam?
2.2) What is
Excessive Multi-Posting (EMP)?
2.3) What
about cross-posting?
2.4) Where
did the term come from?
2.5) Tell me
about the Great Spammers.
2.6) Who were
Canter and Siegel?
2.7) Where
can I get more info on them?
2.8) What
should we do about the book?
2.9) Who is
Cancelmoose
2.10) Who
are the current spam cancellers?
2.11) Has
this problem really been going on for FOUR YEARS?!
NITTY-GRITTY
3.1) Yeah, but
how many times is 'X'?
3.2) What is
the Breidbart Index (BI)?
3.3) What is
NoCeM?
3.4) Is there
a blacklist of net-abusers?
3.5) How can
I tell if a post is forged?
3.6) How do I
know when I've got spam on my hands?
3.7) My group
is full of crap. Why isn't it being cancelled?
3.8) OK, I
think I've spotted a spam. Who should I mail-bomb?
3.9) OK, I
think I've spotted a spam. What should I do?
3.10) What
about e-mail spam?
3.11) I
e-mailed a complaint to {so-and-so} about their {e-mail, post} and now they're
threatening to complain to my system administrator. What should I do?
3.12) List
of Basic Adminstrative Addresses
3.13) What's
a cancel-bot?
3.14) Where
can I get me one?
3.15) How do
spam-cancellers cancel spam?
3.16) Can I
sic The Man on these MAKE.MONEY.FAST losers (or other types of net abusers)?
3.17) What
is a killfile, and how do I use one?
3.18) How do
I killfile all crossposted messages?
3.19) What
is the Usenet Death Penalty (UDP)?
3.20) Do all
hierarchies have the same rules?
3.21) How
about we start a campaign to stop all the spammers?
GROAN
4.1) Why are you
net-abuse people such net-cops?
4.2) Isn't
cyberporn a bigger issue than spamming?
4.3) Hey, I
think my newsgroup is being invaded by alt.syntax.tactical!
4.4) Hey, I
think my newsgroup is being invaded by the Usenet Freedom Council!
4.5) Hey,
somebody posted an ad in {newsgroup}!
4.6) Hey,
so-and-so's not being nice in {newsgroup}!
4.7) Hey, the
Good Times virus--
4.8) Hey,
there's this (AT&T, Jerry Garcia, whatever) banner message in the newsgroup
descriptions!
4.9) Hey, one
of those net.cops posted an ad for {something}! Haw! Haw!
POLITICS
1.1) What are the news.admin.net-abuse groups, and why were they created?
Originally, news.admin.net-abuse.misc was created to replace alt.current-events.net-abuse and news.admin.policy. The former was one of the most widely read and respectable alt.* groups, while the latter had become largely a mess of messages cross-posted from a.c-e.n-a and news.admin.misc.
news.admin.net-abuse.misc was then, not surprisingly, for discussions of net-abuse (see "What is net-abuse", below): definitions, occurances, objections, complaints, battle plans, peace plans, etcetera.
As you can guess, that generated amazing amounts of traffic. By early 1996, it had gotten to the point where it was impossible to keep up with the group without investing hours and hours of time.
In November of 1996, after many months of hard work from Tim Skirvin and others, the news.admin.net-abuse.* groups were reorganized. The charters are stored at:
http://www.uiuc.edu/ph/www/tskirvin/nana
1.3) What is net-abuse?
Since the first net-abuse newsgroup, many curious forms of Usenet behavior have been discussed. Of these, spam is the one most universally accepted as 'net-abuse', which is why it gets its own section below. Other Frequently Aired Complaints are discussed throughout the FAQ.
However, as Neil Pawson says, "it's for abuse *of* the net, NOT abuse
*on* the net." Just because somebody does something vile doesn't mean we
can do anything about it on n.a.n-a. To qualify as true panic-inspiring net-abuse,
an act must interfere with the net-use of a large number of people. Examples of
this: newsgroup flooding, widespread or organized forgery campaigns, widespread
or organized account hackery, widespread or organized censorship attempts,
etcetera.
1.4) What is the purpose of this FAQ?
This FAQ is *not* intended as a comprehensive guide to
netiquette. That is covered in RFC 1855. Many
things that this FAQ appears to treat lightly are, in fact, extreme breaches of
netiquette. The FAQ primarily attempts to answer: are these situations
"net-abuse", in the sense that the whole world should hear about
them?
1.5) What questions does the FAQ leave unanswered?
Probably quite a few. If you have questions that you think should be added to the FAQ, feel free to contact me -- especially if you also have the answers.
I'd also love to have a section on network/address tracking and informational tools (telnet, traceroute, nslookup, etc.) a la "The Spam-tracker's Handbook". Whatever happened to that?
Anyways, feel free to contribute whole new entries.
1.6) Who's responsible for this FAQ?
It's currently maintained by J.D. Falk (jdfalk@cybernothing.org), and was originally maintained by by Scott Southwick (scotty@bluemarble.net). The information has been gleaned from various Usenet sources --primarily posts to the net-abuse groups made by a wide variety of authors-- and so the maintainer must actively disclaim all responsibilty for the veracity, advisability and/or legality of anything contained in the FAQ. Thanks to the following people who have contributed to it, or at least discussed its contents in a non-threatening manner:
Arthur Byrne, Pekka Pirinen, Keith "Justified and Ancient" Cochran, Lamont Granquist, Victoria Fike, Steve Patlan, Wilf Leblanc, Seth Cohn, Neil Pawson, Bram Cohen, Mitchell Golden, Rahul Dhesi, Stephen Boursy, Mary Branscombe, David Cortesi, Alexander Lehmann, Greg Lindahl, Jack Hamilton, Morten Welinder, Axel Boldt, Richard Lee, an48985, Phil Pfeiffer, John van Essen, Pierre Beyssac, Michael Shields, Travis Corcoran, Tim Skirvin, Chris Lewis, Daniel J. Barrett, Ricardo H. Gonzalez, Dave Hayes, Ed Falk (no relation), Nathan J. Mehl (Nathan says hi), Peter Kappesser, Robert Braver, Loy Ellen Gross, booter, Johann Beda, Shaun Davis-Gluyas, John R. Birch, Penn Hackney, David Grabiner, Brendan O'Sullivan-Hale, Bob Allisat, John Moreno, and many others we have undoubtedly missed over the years.
Contributions are always warmly welcomed, as are suggestions, corrections
and criticism. However, you know where to shove the flames.
1.6.1) What are the big changes made in 1998?
After letting this FAQ languish for a while, I realized that it was time to go through and clean stuff up, as well as adding new information. To tell you the truth, I'm quite dismayed at how little has changed.
This Net Abuse FAQ will continue, however, to focus on usenet. There are a lot of other good documents about e-mail abuse, and that's an area which changes way too often.
1.7) Where can I get it?
This FAQ will be posted thrice monthly (on the 1st, 11th, and 21st) to the following newsgroups:
- news.admin.net-abuse.usenet
- news.admin.net-abuse.misc
- news.admin.net-abuse.bulletins
- news.admin.misc
- news.groups.questions
- news.answers
It will also be available at the various public FAQ archives, including rtfm.mit.edu and its mirror sites. The master hypertext version is available at:
http://www.cybernothing.org/faqs/net-abuse-faq.html
1.8) Is this the only Net Abuse FAQ?
Unfortunately, the topic of Net Abuse is so vast and so controversial that it cannot be covered completely in one document.
Of course, that didn't stop Daniel Barrett from trying, and doing a very good job. He wrote a book (published by O'Reilly Publishing) with the unfortunate but fitting title of Bandits on the Information Superhighway. More information is available at:
http://www.ora.com/item/bandits.html
I've removed much of the rest of this list, because Stan Kalisch III is doing a much better job of keeping his list of news.admin.net-abuse.* Newsgroups' Documents updated. You can view it at:
http://www.crl.com/~sjkiii/news-admin-net-abuse.html, or ftp://ftp.crl.com/users/sj/sjkiii/pub/usenet/news-admin-net-abuse.txt
For an almost totally different viewpoint, see Dave Hayes's long-awaited document, "An Alternative Primer on Net Abuse, Free Speech, and Usenet," which at first denied the existence of this FAQ. You can find it and some related documents at:
http://www.jetcafe.org/~dave/usenet/
My answer to Dave's Alternative Primer is also worth reading:
http://www.cybernothing.org/faqs/dave-hayes.html
There are a number of very good indices of net abuse-related documents:
Fight Spam on the Internet! (Scott Hazen Mueller)
news.admin.net-abuse.* homepage (Tim Skirvin)
http://www.math.uiuc.edu/~tskirvin/home/nana/
1.9) I don't understand a single word of this.
One of the best starting places for learning about Usenet has historically always been Indiana University's Usenet Resources page, which is now at:
http://kb.indiana.edu/menu/usenet.html
It has links to most Usenet primers, netiquette documents and news FAQs, Son-of-RFC-1036, some charters, newsreader man pages, etcetera. Also, perhaps one of the following resources will help:
http://www.landfield.com/usenet/
http://sunsite.unc.edu/usenet-i/
http://www.geocities.com/ResearchTriangle/8211/
Click here to read more of this article.