A Weblog About Topics and Issues Discussed in the Book Spam Kings by Brian McWilliams

« Aussie spam king raided | Main | Free Jeremy Jaynes! »

April 7, 2005

Safe from the spam flood?

Send-Safe screenshotRemember the dire warnings earlier this year that a new feature in the Send-Safe spamware program might cause a flood of new spam?

Well, turns out that Send-Safe's ProxyLock feature is seriously broken. As I detail in this new article for O'Reilly Network, CipherTrust researcher Dmitri Alperovitch has disassembled the latest version of Send-Safe, and he concludes that the dreaded ProxyLock feature contains a fatal design flaw that renders it essentially harmless.

In short, Send-Safe doesn't have a smart way to find the SMTP server affiliated with a proxy. As a result, it presents no big threat to existing blacklist systems.

While Dmitri was looking under the hood of Send-Safe, I spent the better part of an afternoon trying to get the ProxyLock feature to work. I'm happy to report that every test message went out via the Send-Safe-supplied proxies, and not via the mail server of the proxies' affiliated ISP. Even better, every one of the proxies was listed on the CBL.

Posted by brian at April 7, 2005 8:23 PM


Weblog authors are solely responsible for the content and accuracy of their weblogs, including opinions they express,
and O’Reilly Media, Inc., disclaims any and all liability for that content, its accuracy, and opinions it may contain.

All trademarks and registered trademarks appearing on spamkings.oreilly.com are the property of their respective owners.

O'Reilly Home | Privacy Policy

© 2004 O'Reilly Media, Inc.
For assistance with this site, email: