Unspam Technologies has taken the first steps in tracking down spammers in the United States, with help from the ISPs. The company has filed a lawsuit in the Eastern District of Virginia seeking the identities of spammers under the U.S. CAN-SPAM Act and the state of Virginia"s own anti-spam statue. The suit seeks damages that could potentially reach $1 billion, but Unspam said it would be happy with driving spammers out of business.
Unspam has collected 2.5 million IP addresses of spam senders and 15,000 IP addresses of crawlers using Project Honey Pot – a trap for spammers that use crawlers to sift through every page on a Website for valid e-mail addresses, and then adds these addresses to their database. Any Website operator can download the Honey Pot software, which will set up a dummy page that gives a fake, unique e-mail address to the crawlers. When spam comes in to that unique address, both the IP address of the crawler that harvested the fake e-mail address is known, and Honey Pot also scores the IP address of the sender of the spam.
The company has released what it calls the http:BL, a blacklist of the 2.5 million compromised computers (commonly referred to as zombies or bots). The users of these computers will find out they are infected and will be denied access to the home page when they visit an Apache-based site where the blacklist is installed. The 15,000 crawlers that collect and sell e-mail addresses "will be some of the first targets from this litigation. We"ve identified very specific targets," Matthew Prince, CEO of Unspam and Project Honey Pot. The lawsuit grants subpoena power, which the ISPs wanted. "In most cases ISPs have said we"d love to share info with you, but to make sure we"re not violating privacy of members, we"re rather have a subpoena," said Prince.