[Comp.Sci.Dept, Utrecht] Note from archiver<at>cs.uu.nl: This page is part of a big collection of Usenet postings, archived here for your convenience. For matters concerning the content of this page, please contact its author(s); use the source, if all else fails. For matters concerning the archive as a whole, please refer to the archive description or contact the archiver.

Subject: news.admin.net-abuse.email FAQ (3/3): Understanding NANAE (updated 07-Jul-2001)

This article was archived around: Monday, 23 Jul 2001 22:45:43 GMT

All FAQs in Directory: net-abuse-faq/email
All FAQs posted in: news.admin.net-abuse.email
Source: Usenet Version

Archive-name: net-abuse-faq/email/terminology Posting-Frequency: bi-weekly Last-modified: 07-Jul-2001 URL: http://www.twinlobber.org.uk/antispam/faq/faq3.txt Maintainer: James Farmer <nanae-faq@usenet.twinlobber.org.uk>
========================================================================== An FAQ For news.admin.net-abuse.email Part 3: Understanding news.admin.net-abuse.email ========================================================================== TABLE OF CONTENTS Recent Changes Disclaimer Preface 3.1 About This Newsgroup 3.1.1 What can be discussed in news.admin.net-abuse.email? 3.1.2 Can anyone join in? 3.1.3 What if I've got a new idea to end spam forever? 3.1.4 What's with all these nonsense posts and reposts? 3.2 Colloquialisms 3.2.1 What is "nanae"? "nanau"? "nanas"? 3.2.2 Why does the word "spam" apply to junk email? 3.2.3 What is a LART? What is a mallet? 3.2.4 What's an "ack"? What's an "auto-ack"? 3.2.5 What's a "throw-away"? 3.2.6 What does it mean if a website is "404-compliant"? 3.2.7 What's a TOS? What's an AUP? 3.2.8 What does "bulletproof" mean? 3.2.9 What's a "spamhaus"? 3.2.10 What's a "pink contract"? 3.2.11 What is "spamware"? 3.2.12 What is "mainsleaze"? 3.2.13 What is "TRUSTe"? 3.2.14 What's all this s/something/somethingelse/ stuff mean? 3.2.15 What do ^H and ^W mean? 3.2.16 What's a "sam-o-gram"? 3.2.17 What is "Afterburner"? 3.2.18 What's a "cartooney"? 3.2.19 What's a "Joe Job"? 3.2.20 What's a "murk"? 3.2.21 What's a "black-hat"? What's a "white-hat"? 3.2.22 What's Rule #1? What's Rule #3? 3.2.23 What does "C&C" mean? 3.2.24 What is the Lumber Cartel? 3.2.25 What do "tinw" and "tinlc" mean? 3.2.26 What is a "Chickenboner"? 3.2.27 What's "Whack-a-mole"? 3.2.28 What's a "BOFH"? 3.2.29 What's a "pump-and-dump" scam? 3.2.30 What is "Viral Marketing"? What's a Pyramid Scheme? 3.2.31 Someone said I'd invoked Godwin? Is that bad? 3.2.32 What's a "troll"? 3.2.33 What's a "kook"? 3.2.34 What's a "sock"? 3.2.35 What does "Cut it out, Ron!" mean? 3.2.36 Who is Dave the Resurrector? 3.2.37 Who is "Brunner"? 3.2.38 Who's this "Spamford" guy people talk about? 3.2.39 Who was Rodona Garst and why do people talk about her? 3.2.40 Who is "Hacker X"? 3.2.41 What is a "plonk"? 3.2.42 What does "fsck" mean? 3.2.43 What is the "Quirk Objection"? 3.2.44 Who is "Ralsky"? 3.2.45 What is "SPAM-L"? 3.3 Abbreviations 3.4 Technical Terms 3.4.1 What are open relays? How can I fix my open relay? What is "relay rape"? What is a "teergrube"? 3.4.2 What is "port 25 blocking"? 3.4.3 What is "POP-before-SMTP"? 3.4.4 What does "direct-to-MX" mean? 3.4.5 What is a "Smarthost"? 3.4.6 What is "wpoison"? 3.4.7 What do those slashes after an I.P. address mean? 3.5 Keeping Up-To-Date 3.6 Keeping Happy Credits Use Policy ========================================================================= --------------------------- RECENT CHANGES ------------------------------ ========================================================================= Finally got those last two deja.com links changed to google.com links! The Quirk Objections makes it into the FAQ! Section 3.2.43 at the moment, to be moved somewhere more relevant once I've got the FAQ marked-up in XML (my next project). And Ralsky also gets his own section (not so much for demand but because I myself had no idea who the guy was). And SPAM-L also gets a mention, although I don't have much to say about it. And finally section 3.4.7 looks at network prefixes. ========================================================================= ------------------------------- DISCLAIMER ------------------------------ ========================================================================= The following document should, where not otherwise stated, be understood to represent the opinions and beliefs of the FAQ-maintainer only. I endeavour to ensure that these opinions and beliefs are as correct as possible, but take no responsibility for any problems caused by errors herein. This document should not be considered to represent the opinions of any individuals or organisations other than the FAQ-maintainer. Please note that in this document, "we" is intended to collectively refer to all regular or semi-regular posters to the news.admin.net-abuse.email newsgroup, including those of all persuasions, and should not be read as indicating the existence of a "clique" comprising persons of similar viewpoints. ========================================================================= -------------------------------- PREFACE -------------------------------- ========================================================================= This is one of three documents I have compiled to comprise an FAQ for the news.admin.net-abuse.email newsgroup. Each document addresses points in a given area, specifically: The SPAMFIGHTING OVERVIEW offers a taste of the many techniques people use to fight spam. The objective isn't to teach you how to fight spam (there are many far superior documents that do just this), but rather to introduce some of the techniques you can use and refer you to some more detailed works. THE EVILS OF SPAM covers the more ethical, moral, and legal aspects of spam, including just what constitutes spam and the types of people who become spammers. UNDERSTANDING NANAE aims to introduce all of the weird, wonderful, and sometimes impenetrable terminology that people use in news.admin.net-abuse.email (nanae). It covers both colloquialisms (e.g. "chickenboner") and technical terms (e.g. "direct-to-MX"). These three parts are designed to stand alone and don't have to be read in order; feel free to pick and choose just the bits you're interested in. These documents shouldn't be considered to be "the" FAQ, as there are plenty of other FAQs that are superior in insight, detail, or depth of coverage. They are just an FAQ that I hope will answer some questions that have been troubling you. These documents are currently maintained by James Farmer. If you have any suggestions for additions or corrections, then feel free to send an email to nanae-faq@twinlobber.org.uk The latest versions of all of these documents can always be found at <http://www.twinlobber.org.uk/antispam/faq/> ========================================================================= ------------------------ 3.1 ABOUT THIS NEWSGROUP ----------------------- ========================================================================= 3.1.1 What can be discussed in news.admin.net-abuse.email? The short answer to this is: abuse of the email system. Please note the terminology here; abuse _of_ the email system is anything that endangers the existence or widespread usability of the email system. Most of the discussion in news.admin.net-abuse.email is concerned with spam, as this is, by far, the most prevalent abuse of the email system in recent times, but discussion of other abuses (e.g. mailbombing) would be on-topic. However, issues like electronic stalking and sexual harassment by email are not on-topic, as they are abuse _on_ the email system. This means that, while these things are undeniably abuse, they don't threaten the survival of email as a communications medium. There are other newsgroups far more appropriate for discussions of these issues. RELATED LINKS news.admin.net-abuse.* FAQs <http://www.killfile.org/~tskirvin/nana/> Newsgroups Related to Net Abuse <http://www.eyrie.org/~eagle/faqs/nana-groups.html> 3.1.2 Can anyone join in? Yes. There is no prerequisite in terms of technical knowledge or spamfighting success for contributing to this newsgroup. Everyone is welcome! Even spammers are welcome to post their views, so long as they don't mind hearing a few conflicting opinions. I advise newcomers to this newsgroup not to believe everything you read. Before making up your mind on any issue, read around and see what makes sense TO YOU. There are a lot of knowledgeable people in this newsgroup, but also a lot of people talking about things outside their knowledge, and a few people who aren't above deliberately mis-representing the facts to fit the stories they want to tell. My advice, which I repeat throughout these documents, is to take everything with a pinch of salt, read as many different views as you can, and form your own opinions. If there's anything you don't understand, feel free to ask. But think carefully about what answers you choose to believe; adhering slavishly to the dogma of "accepted wisdom" in any newsgroup is not a good idea. 3.1.3 What if I've got a new idea to end spam forever? Let's hear it! People on this newsgroup don't have all the answers, so if you think your idea has merit, we want to hear about it. Fighting spam in the same way every day, it's easy to get tunnel vision and to overlook new possibilities. "Out-of-the-box" thinking is ALWAYS welcome. The absolute worst that can happen is that people spot a hitherto-unseen flaw in your idea and think that it won't work. There's absolutely no shame in being wrong. But don't let anyone tell you that you're wrong unless they can CONVINCE you that you're wrong. A few people may decide to flame any newcomer who posts an idea. This is an unfortunate fact of life on Usenet, and my advice is to ignore these people. After all, it's always easier to criticise than create. 3.1.4 What's with all these nonsense posts and reposts? Ah. Because some people done like the fact that we fight spam, this newsgroup is occaisionally subjected to attacks by people trying to shut us up. One form of attack is the cancel attack, whereby the attackers cancel lots of our posts. Fortunately a bot called Dave the Resurrector (see 3.2.26) is always running and when it detects such an attack it will repost the articles removed. This does mean that you might see an article more than once, but that's generally considered to be better than never seeing it at all. The other type of attack is the posting of hundreds or even thousands of nonsense articles in an attempt to drown out conversation. These articles are generated by a program to look enough like genuine articles they they'll evade filters whilst still being total and utter gobbledegook. Such attacks are generally attributed to the entity "HipCrime" (a leading Usenet terrorist), although whether they are perpetrated by the real HipCrime or just someone using the software he wrote is unclear (and probably not very interesting). If your newsreader is able, you should be able to filter out HipCrime's spew a few hundred articles at a time by filtering on the NNTP-Posting-Host: header; the articles are almost always emitted through open news servers. For those who cannot, several people have recommended the program NFilter, which sits between your newserver and your newsreader filtering out the stuff you don't want to see. RELATED LINKS NFilter <http://www.nfilter.org> Old HipCrime FAQ <http://extra.newsguy.com/~rchason/> ========================================================================= --------------------------- 3.2 COLLOQUIALISMS -------------------------- ========================================================================= Over the years, news.admin.net-abuse.email has evolved its own dialect of abbreviations and terminology that can be quite confusing for new readers. It is, however, not intended to exclude newcomers, and in this section I will aim to explain the most commonly-used terms. RELATED LINKS Spam Jargon <http://www.rahul.net/falk/glossary.html> The Net Abuse Jargon File <http://www.ncf.carleton.ca/ip/freenet/subs/complaints/spam/jargon.txt> Jargon File Resources <http://www.tuxedo.org/~esr/jargon/> 3.1.1 What is "nanae"? "nanau"? "nanas"? nanae (sometimes capitalised NANAE) is short for "news.admin.net-abuse.email" - in short, the newsgroup this FAQ is for. nanau is "news.admin.net-abuse.usenet" - a newsgroup for discussing usenet abuse including newsgroup spam. It can be a slightly rougher place than NANAE, populated as it is by people with radically different principles on what Usenet should be like, as well as people who are just there for the rough-and-tumble. nanas is "news.admin.net-abuse.sightings" - a newsgroup for posting sightings of Internet abuse. See section in the first part of this FAQ, the "Spamfighting Overview". 3.2.2 Why does the word "spam" apply to junk email? The term is inspired by a Monty Python sketch in which a group of Vikings chant "SPAM! SPAM! SPAM!" repeatedly, drowning out the conversations around them. (A bit like the way spam threatens to drown out our own electronic conversations.) It has been applied to a number of different mediums over the years, most notably "newsgroup spam", and is now being used for "email spam" too. RELATED LINKS The Monty Python Spam Sketch <http://www.stone-dead.asn.au/tv-series/sketches/fc-25/spam-sketch.html> 3.2.3 What is a LART? What is a mallet? LART = Luser Attitude Readjustment Tool. It can be used as a noun (in which case it's something that hopefully causes the victim to re-evaluate their opinions by means of a short sharp shock) or a verb (in which case it means to apply a short sharp shock). Most often used as a euphemism for sending complaints to an ISP, as in "I've just LART-ed that spammer". One example of a Luser Attitude Readjustment Tool is a mallet (a hammer with a big wooden head), which is metaphorically used on a spammer's genitals when his account is cancelled. In male spammers the result of this manner of LART-ing is sometimes described as "testicular malletosis". Another example is a "clue-by-four"; a large wooden board (or baseball bat) with which spammers (or just those in urgent need of re-education) are metaphorically whacked. RELATED LINKS Mallets Ahoy! <http://members.home.com/mitchell425/ball22a.jpg> 3.2.4 What's an "ack"? What's an "auto-ack"? "ack" is short for "acknowledgement", and usually refers to an acknowledgement that a complaint or LART has been received by an ISP. An "auto-ack" is an acknowledgement that is generated automatically. For example, many abuse departments have configured their systems so that a standard acknowledgement is sent upon receipt of any complaint, explaining that the complaint has been received and will be dealt with when they have the time. Auto-acks are called "auto-ignores" when it is believed that the sending of the auto-ack is the _only_ action that will be taken in response to the complaint. 3.2.5 What's a "throw-away"? An account you don't intend to keep beyond the immediate future. Often used to refer to "throw-away" dial-up accounts that spammers open with no intention of them existing beyond the end of one spam run, but is sometimes also used in the context of "throw-away" email addresses - that is, email addresses, often from a free provider such as hotmail.com, that you intend to use merely for communicating with one party (often a spammer or suspected spammer) for a short period of time, and will afterwards throw away. The motivation for this could be to not endanger your "main" emailbox should the spammer decide to mailbomb you. 3.2.6 What does it mean if a website is "404-compliant"? It's not there anymore. 404 is the number of the HTTP error message "Not Found". Note that occasionally spammers design their webpages to look as though they're 404-compliant (especially for surfers who have disabled JavaScript) when really they're not. Take care. In these cases, your browser's "view source" feature is your friend. 3.2.7 What's a TOS? What's an AUP? TOS = Terms of Service. AUP = Acceptable Use Policy. These are documents that are published by an ISP describing what users are and are not allowed to do on their systems. The AUP or TOS of most ISPs will explicitly state that their users must not send spam. 3.2.8 What does "bulletproof" mean? Spammers often advertise "bulletproof" web-hosting or email-hosting. What this means is a spam-friendly (the term in spammer circles is "bulk-friendly") ISP guarantees not to cancel the "bulletproof" account no matter how many complaints they receive about it. 3.2.9 What's a "spamhaus"? A spamhaus is an Internet provider that seems to exist for no reason other than sending spam and/or providing spam support services. Note that the plural of "spamhaus" is "spamhausen" and not "spamhauses". 3.2.10 What's a "pink contract"? Towards the end of the year 2000, it became clear that some major ISPs had signed contracts with spammers that included clauses permitting the spammers to _not_ abide by the anti-spamming portions of the ISP's Terms of Service. When these came to light, anti-spammers dubbed them "pink contracts" (because SPAM is a pink luncheon meat) and the ISPs almost universally proclaimed that they had been signed by low-level marketers and would not be binding. These statements were not entirely believed by many in the anti-spamming community. RELATED LINKS Pink Contracts... the news breaks! <http://www.rahul.net/falk/pink.txt> AT&T Spam Contract Discovered <http://www.net4tv.com/voice/story.cfm?storyid=3052> PSINet Assailed as Spam Contract Surfaces <http://cnet.com/news/0-1005-200-3417237.html?pt.yfin.cat_fin.txt.ne> 3.2.11 What is "spamware"? Software designed primarily for the sending of spam. It can often be distinguished from legitimate bulk email software by the presence of tools for abusing open relays, or for obfuscating website addresses, or for harvesting or de-munging email addresses, or for managing a "remove list" or a "flamers list", or tools for hiding the source of the message, or indeed the presence of any features that are needed for spam but not for legitimate opt-in bulk email. 3.2.12 What is "mainsleaze"? Mainsleaze is when a well-known, mainstream company starts to spam. They quickly find themselves associated in the minds of their victims with the sleaze of the spam world and then people don't trust them anymore. Such companies often quickly come around to the idea that spam is bad, but it can take years to re-build the trust of their customers. 3.2.13 What is "TRUSTe"? TRUSTe is a programme for reassuring web site visitors about online privacy. The idea is that vendors which adhere to TRUSTe's principles regarding disclosure of personal information sales, opt-out options (if any), and personal information protection get to display a TRUSTe privacy seal. Web site visitors will thus know that they can find out just what the site will do with the visitors' personal data obtained through the web site, and use that disclosure to make a more informed decision about whether they wish to provide accurate information, or any information at all. In news.admin.net-abuse.email, TRUSTe's reputation is something of a joke. It is widely believed that TRUSTe is unlikely to revoke its privacy seal even when a site breaches its privacy policies. There have been numerous alleged cases in the past (such as when RealNetworks started spamming) when TRUSTe failed to do so. RELATED LINKS TRUSTe <http://www.truste.com> Freedom's Truth about TRUSTe and Your Privacy <http://www.freedom.net/resources/features/truste/> 3.2.14 What's all this s/something/somethingelse/ stuff mean? These are regular expression replacement instructions, as used in Unix utilities like sed. For the most part they're fairly simple to understand; just substitute the second expression (the "somethingelse") for the first (the "something") in the text above it. For example, the following follow-up to an article: > This FAQ is a wonderful thing s/wonderful/horrible/ should be read an instruction to replace "wonderful" with "horrible" - ie the writer is saying "This FAQ is a horrible thing". RELATED LINKS Learning to Use Regular Expressions <http://gnosis.cx/publish/programming/regular_expressions.html> sed Tutorial <http://www.math.fu-berlin.de/~leitner/sed/tutorial.html> 3.2.15 What do ^H and ^W mean? When you press delete (or backspace) on your keyboard, it deletes the previous character, right? Well, imagine it didn't... or at least, it did but the deleted character didn't disappear from the screen and instead a ^H appeared after it. Well, this is how some terminals work. So, you'd be trying to type: I hate spammers But you'd get half-way through it and find that you'd hit one wrong key, e.g.: I lat What do you do? You hit delete three times, giving you: I lat^H^H^H Then type the correction, imagining that the last three characters were deleted. So in all you'd see: I lat^H^H^Hhate spammers But when you hit return, the computer would actually see: I hate spammers Because you deleted the "lat". Clear? Well, that's the background. In a newsgroup posting, ^H can be read as the author hitting the delete key in an effort to erase a "mistake" which was usually put there for humour value. ^H^H can be read as an attempt to delete the last two characters, and so forth. Similarly, ^W can be read as an attempt to delete the last word, e.g.: I bow to your monumental flatulence^W intelligence. (Hmmm... does anyone know of a website explaining ^H and ^W that I could link to?) 3.2.16 What's a "sam-o-gram"? A particularly biting or sternly worded utterance, either by or in the style of noted NANAE contributor Sam, directed towards someone who has been shown to be in need of a clue-by-four. 3.2.17 What is "Afterburner"? Not "what"; "who". Afterburner was the abuse admin at erols.com, which has since become part of rcn.com. Apart from being very good at his job, he is famous for his witty and sadistic lines in account cancellation messages, and for calling his subordinates "Minions" and requiring them to take unpronounceable names. :) His own name is often abbreviated to "AB". RELATED LINKS RCN Abuse Administrators <http://users.rcn.com/abuse/admins.html> 3.2.18 What's a "cartooney"? A nonexistent attorney (or other lawyer) with whom a spammer will threaten you, but who will never be seen, usually because he doesn't exist or isn't really an attorney. 3.2.19 What's a "Joe Job"? The act of faking a spam so that it appears to be from an innocent third party, in order to damage their reputation and possibly to trick their provider into revoking their Internet access. Named after Joes.com, which was victimized in this way by a spammer some years ago. RELATED LINKS Spam Attack: The Story of joes.com <http://www.joes.com/spammed.html> 3.2.20 What's a "murk"? A "Murk" is a disclaimer in a spam email that claims it abides by the dead Murkowski anti-spam bill of a few years ago. E.g.: Under Bill s. 1618 TITLE III passed by the 105th US Congress this letter cannot be considered spam as long as the sender includes contact information and a method of removal. This is a one time e-mail transmission. No request for removal is necessary. The presence of a Murk is 100% proof that a message is spam. Note also that most spam featuring this disclaimer doesn't comply with the provisions of the Murkowski bill anyway. If you're interested you could have a look at the text of this bill; technical reasons prevent me giving a direct link but go to <http://thomas.loc.gov/home/c105query.html> and enter "S. 1618" in the "Bill Number" field, then select either the version passed by the Senate or referred in the House. 3.2.21 What's a "black-hat"? What's a "white-hat"? Apparently, in the old cowboy movies, the good guys always wore white hats and the bad guys always wore black hats. These terms have since been applied to Internet Providers, with Black Hats supporting spam and White Hats being anti-spam. In a similar veign, the term "Grey Hat" is sometimes used to refer to providers whose anti-spam policies seem a little schizophrenic. "Empty Hat" is a term occasionally used to refer to providers who are utterly stupid or clueless about spam. 3.2.22 What's Rule #1? What's Rule #3? Rule #1: Spammers lie Rule #2: If a spammer ever appears to be telling the truth, consult Rule #1 Rule #3: Spammers are stupid I believe the first two rules came first, and the third was tacked on at some point later. Less widely stated rules include: Rule #0: Spam is theft Krueger's Corollary to Rule #3: Spammer lies are really stupid Russell's Corollary to Rule #3: Never underestimate the stupidity of spammers. There are a few alternative versions of the rules, including: Rule #1: Spammers lie Rule #2: There is no such thing as legitimate or ethical UCE Rule #3: Spammers are stupid 3.2.23 What does "C&C" mean? Coffee & Cats. It's a warning that you should remove from your vicinity all tasty beverages and furry felines, as the content of the message may cause you to convulse with laughter in a manner which will scare furry felines and can result in spilling of a tasty beverage over your keyboard (or alternatively choking on your beverage if you are drinking it when you start laughing). Incidentally, that's what the "You owe me a new keyboard/monitor" statements allude to - someone forgetting to put the C&C warning on a funny message and endangering cats & computer equipment as a result. 3.2.24 What is the Lumber Cartel? The Lumber Cartel is a nonexistent organisation allegedly formed by the world's paper-producing companies, who were supposedly worried that the growth in spam would result in a decrease in junk postal mail, thus a decrease in demand for paper, thus a decrease in their profits. They were supposedly funding anti-spammers to prevent this. It is, of course, a complete fiction. Some spammer posted this story a few years ago and the whole thing has been a massive running joke ever since. References to the Lumber Cartel are usually suffixed "(tinlc)" (There Is No Lumber Cartel) in order to reflect the fact that, well, there is no lumber cartel. RELATED LINKS The Story of the Lumber Cartel <http://www.geocities.com/SiliconValley/Lakes/5362/cartel.html> Lumber Cartel (tinlc) Homepage <http://come.to/the.lumber.cartel> 3.2.25 What do "tinw" and "tinlc" mean? tinw = There Is No We. Used to reaffirm that the anti-spamming movement comprises individuals who have own ideas and motivations, and often-times don't necessarily agree with each other. tinlc = There Is No Lumber Cartel. Used to reaffirm the nonexistence of the Lumber Cartel. 3.2.26 What is a "Chickenboner"? Someone's words once painted an incredibly vivid picture of an archetypical spammer living in a trailer, hunched in semi-darkness over his computer and surrounded by rotting chicken bones in half-eaten KFC buckets and empty beer cans. The image has stuck, and "Chickenboner" is now used to describe any two-bit spammer who wants you to think he's a big shot with his own yacht... but isn't. RELATED LINKS The Three Stages of the Chickenboner <http://groups.google.com/groups?oi=djq&ic=1&selm=an_591962033> Things we Don't Know about Spammers <http://groups.google.com/groups?oi=djq&ic=1&selm=an_617237499> 3.2.27 What's "Whack-a-mole"? Whack-a-mole is an old amusement park game. You stand in front of a board with a fluffy mallet, and as plastic moles pop up through holes in the board you have to whack them over the head. Spamfighting is sometimes like that. Sometimes it seems as if no sooner do you get one of a spammer's accounts killed then they get another one... and another... and another... and their accounts keep popping up like the moles in that old amusement park game. And you keep whacking them. 3.2.28 What's a "BOFH"? Bastard Operator From Hell. Inspired by an extremely witty series of stories about a sadistic, homicidal systems administrator, this acronym is now applied as a compliment to any sadistic or potentially-sadistic admin-type, with the implication that the victims of a BOFH deserve everything they get. RELATED LINKS Simon's Stuff, including the BOFH <http://bofh.ntk.net/> 3.2.29 What's a "pump-and-dump" scam? This is a type of stock scam that often makes use of spam. The idea is that the scammers buy some shares that are trading relatively cheap. Then they try to encourage investors to buy shares in this company, hoping to drive the price up as much as possible. This is the "pump", and it can continue for some time. Finally, when the scammers judge that they're not going to be able to force the share price any higher, they "dump" by selling their shares and walking away with a huge profit, while the investors they encouraged are left with shares worth a lot less than they paid for them. Spam is just one way that the scammers may use to try to entice people towards their chosen shares. After all, spam is a cheap way of reaching lots of people, who probably don't have experience of investing, and won't be wise to the tricks of the trade. Of course, there are others. Discussion boards are another favoured venue for creating hype. Throw in a healthy dose of outright lying (e.g. "Microsoft is about to buy this company!") and the situation can quickly spin out of the control of the normal reality of the markets. In the U.S., pump and dump scams are illegal and people DO get busted for them. You should report them to enforcement@sec.gov. RELATED LINKS Anatomy of a Pump & Dump Stock Spam Scam (excellent article) <http://ragingbull.lycos.com/mboard/boards.cgi?board=ASDG&read=230> MMF Hall of Humiliation: The Pump & Dump Scheme <http://ga.to/mmf/SpamExplained/Pumpndump.html> Pump and Dump <http://www.investopedia.com/terms/p/pumpanddump.asp> 3.2.30 What is "Viral Marketing"? What's a Pyramid Scheme? Most marketing material is broadcast; ie the promotional material is sent to many people at once. Viral Marketing is a concept wherein the marketing message spreads gradually from person-to-person, a bit like a virus does. Imagine a man getting off a ship at Plymouth. Now imagine that this man has the Plague. This plague is very contagious, and anyone this man touches will be infected. But it's a cold day and the man is wearing lots of thick clothes, so between the dock and his hotel he only touches ten people. And then he dies, because this plague is very lethal and will kill 24 hours after infection. Let's imagine that the next day, the ten newly-infected people will each infect ten more people, and then die. So after two days, there are 11 (1+10) people dead from the plague, and a further 100 (10*10) people are infected. Next day, the 100 people infect 10 each, for 1000 total, then die. And so it continues on... Day 1, 1 infected Day 2, 10 infected, 1 dead Day 3, 100 infected, 11 dead Day 4, 1,000 infected, 111 dead Day 5, 10,000 infected, 1,111 dead Day 6, 100,000 infected, 11,111 dead Day 7, 1,000,000 infected, 111,111 dead Day 8, 10,000,000 infected, 1,111,111 dead Day 9, 100,000,000 infected, 11,111,111 dead Day 10, 1,000,000,000 infected, 111,111,111 dead Except that the population of the UK is only 60 million, and so before the end of the tenth day the entire country will have caught the Plague and died. And all from one guy getting off a ship in Plymouth. The obvious type of viral marketing is the chain-letter-style Multi-Level Marketing scheme. You know the type; you have to enrol other people in some "scheme" to make money, and each of those people have to enrol others, and so forth, and so before you know it everyone's drowning in solicitations to join the scheme. When the solicitations are sent by email, the effect can be similar to spam even though no one individual is sending more than a handful of messages. But of course, not everyone who receives such a solicitation will join the scheme and try to enrol others. Then again, most of these schemes don't place a limit on the number of people you can enrol, either, so people on the scheme will often send spam to thousands or millions of email addresses in the hopes that they'll persuade lots of people to enrol in the scheme. Such pyramid scams whereby enrolling others is the only major way to make money are highly illegal in most parts of the world. Such scams are often referred to as "MMF schemes" after an early such scam that was spammed with the subject line "Make Money Fast". The term "viral marketing" is often also applied to legal MLM schemes in which people can earn more money by "referring" others. The obvious examples are the Get-Paid-To-Surf schemes such as AllAdvantage. At their height, solicitations to join such schemes seemed to be everywhere. Many such schemes will have policies that forbid their users using spam to solicit referrals, but some don't and some that do don't enforce their policies rapidly. I should just point out that I've emphasized the abusive elements of viral marketing here, as these are the ones most often discussed in news.admin.net-abuse.email, but if used in a properly-constituted manner, viral marketing techniques need not constitute Internet abuse. An example of this would be free email providers that place an advert for themselves at the bottom of every email message sent. (Although this in itself was controversial at one point.) RELATED LINKS The Bottom Line about Multi-Level Marketing Plans <http://www.ftc.gov/bcp/conline/pubs/alerts/pyrdalrt.htm> Viral Marketing for Internet Websites <http://internet.about.com/industry/internet/library/weekly/1999/aa092799.htm> Viral Marketing - Web Marketing Today Info Center <http://www.wilsonweb.com/webmarket/viral.htm> MMF Hall of Humiliation <http://ga.to/mmf> U.S. Postal Inspection Service on Chain Letters <http://www.usps.gov/websites/depart/inspect/chainlet.htm Don't Get Burned by a Pyramid scheme> <http://www.ftc.gov/bcp/conline/edcams/pyramid/index.html> What's Wrong with Chain-Letter Schemes? <http://www.wco.com/~rteeter/pyramid.html> 3.2.31 Someone said I'd invoked Godwin? Is that bad? Godwin's Law (named for Mike Godwin) states that if a discussion in usenet goes on for long enough, someone will eventually make a comparison to Hitler or the Nazis. (This is due to the fact that history records Hitler and the Nazis as just about the worst people; ever.) The law is often mis-stated as "If you mention Hitler or the Nazis you automatically lose the argument" or "If you mention Hitler or the Nazis then the thread is over". Is it bad to invoke Godwin's law? Well, comparing people to Hitler rarely results in anything good... RELATED LINKS Godwin's Law Website <http://www.godwinslaw.com/> 3.2.32 What's a "troll"? In a "troll", someone will disingenuously make controversial statements in the hope of creating a large ruckus. A "troll" can also be one who trolls. 3.2.33 What's a "kook"? A sort-of crossbreed of troll with a paranoid conspiracy theorist. Handle with care, or even better, ignore. 3.2.34 What is a "sock"? A commonly-used abbreviation for "sock-puppet". In the context of usenet, a sock-puppet is an alter-ego established by an individual for the purpose of posting messages that agree with his views, thus making it appear that the individual in question has more support than (s)he really does. 3.2.35 What does "Cut it out, Ron!" mean? This is a reference to Ron Ritzman, an insightful antispammer famous for some rather witty trolling of news.admin.net-abuse.email, to the extent to which any suspected troll is now met with cries of "Cut it out, Ron!" or "Cut it out, Ritzman!". RELATED LINKS Supertroll.com <http://www.supertroll.com/> 3.2.36 Who is Dave the Resurrector? It's not who, it's what. You see, there are a few people who don't like what we talk about in this newsgroup, and will periodically try to sabotage our discussions by cancelling articles en masse. Fortunately, this doesn't work, and Dave is what saves us from it. Dave the Resurrector is a bot that sits watching this newsgroup (and several others), and when it sees an article cancelled it immediately reposts it. This means that our discussions can't be removed from Usenet by rogue cancellers, but it does have the disadvantage that we cannot cancel our own messages in this newsgroup. So be sure you really want to say what you're posting before you click "send". RELATED LINKS Dave the Resurrector in the Cancel Message FAQ <http://www.killfile.org/~tskirvin/faqs/cancel.html#appendixA> 3.2.37 Who is "Brunner"? Software author Andrew Thomas Brunner got rather annoyed at people classifying his bulk email program "Cybercreek Avalanche" as spamware and came to the newsgroup to complain about it. Thereafter the whole affair spiraled out of control, with Andy threatening numerous "lawsuites" and making alleged death-threats. Andy has recently filed lawsuits for libel against his software in several small claims courts. Also known as "Spamdy" and "The Burglar" (after someone dug up some old court documents). Andy runs Combat.org (dedicated to "making sure the Internet is free from all types of abuse", in his words) in addition to Cybercreek.com (although he's been having trouble finding stable hosting for it as a result of the publicity from this affair), and can trigger massive threads in news.admin.net-abuse.email with a single breath. RELATED LINKS cybercreek.com (although it may well be down at the moment) <http://www.cybercreek.com/> combat.org <http://www.combat.org/> Andrew Brunner Usenet Archives <http://www-users.cs.umn.edu/~krueger/archives/> Andrew Thomas Brunner - A History in URLs <http://www-users.cs.umn.edu/~krueger/archives/cybercreek/history.html> Brunner's Lawsuit against MAPS <http://www.mail-abuse.org/lawsuit/brunner.htm> Brunner's Lawsuit against Bruce Pennypacker <http://people.ne.mediaone.net/brucep/Andy/index.html> Ruling in Brunner's Lawsuit against the Blaylocks <http://www.impulse.net/~thebob/BurglarLoses/> 3.2.38 Who's this "Spamford" guy people talk about? The King of Spam in the mid-1990s, Sanford Wallace ran Cyberpromo and was the most hated man on the Internet. After failing to make a sustainable living from spam, he reformed. RELATED LINKS Sanford Wallace Biography <http://www.annonline.com/interviews/970522/biography.html> 3.2.39 Who was Rodona Garst and why do people talk about her? Rodona Garst (sometimes known as "Rodentia Razzle" after her ICQ nickname) was apparently a spammer who tried to keep a low profile, but the owner of a domain she forged got angry, hacked into her computer, and posted a load of stuff stolen from it onto a website. Note that many anti-spammers consider hacking into spammers' computers to be a bad idea because it breaks the law and brings the anti-spammers down to the same level as the spammers. It can be very important to occupy the high moral ground. 3.2.40 Who is "Hacker X"? Probably some spotty-faced adolescent sitting in a darkened room lit only by the glow of his monitor, as it's far too good a name not to have been used by someone. In fact, someone calling themselves "Hacker X" hacked into Sanford Wallace's computer back in the mid-1990s and published the names and addresses of lots of Cyberpromo customers. But these days, when people refer to "Hacker X" in news.admin.net-abuse.email, they don't mean any known individual; rather it's a facetious reference to people blaming an unknown hacker for something they did, in order to try to evade the blame. For example, some spammers have claimed that they didn't send spam, but rather mysterious hackers hacked into their systems and sent the spam. To put it mildly, such claims are not often given a lot of credence. More recently, variations on this have sprung up, such as "Employee X" (an unknown but low-level employee did something bad without the knowledge of management) and "Salesman X" (a junior salesman made promises he shouldn't have without the knowledge of management). 3.2.41 What is a "plonk"? The sound of a poster being added to a killfile. Many readers of this newsgroup use "killfiles" to screen out posters they find annoying, so that their newsreader hides the objectionable articles from them. When someone has said something they think is the last straw, some people post a followup saying "Plonk" to let the recipient know that the poster won't be seeing any of their messages in the future. 3.2.42 What does "fsck" mean? fsck is a Unix command used to repair the filesystem. Often used as a "clean" version of a certain expletive that differs from it in only one letter and rhymes with "duck". 3.2.43 What is the Quirk Objection? Named for its projenitor Gym Quirk, it goes like this: "Objection! Assumes organ not in evidence!" It's usually invoked after someone mentions the testicles or brains of a spammer. 3.2.44 Who is "Ralsky"? Alan Ralsky, believed to be one of the biggest spammers currently operating. Ralksy has several hundred domains he uses for spamming, in order to evade filters and confuse spamfighters. RELATED LINKS Inside the Spammer's World <http://news.cnet.com/news/0-1278-210-6397016-1.html?tag=bt_pr> Ralsky at ROKSO <http://www.spamhaus.org/rokso/spammers.lasso?-database=spammers.db&-layout=list&-maxrecords=100&-response=roksolist.lasso&-noresultserror=rocksonorecords.html&-operator=eq&spammer=Alan%20Ralsky&status=live&-sortfield=subject&-search> 3.2.45 What is "SPAM-L"? SPAM-L is a mailing list dedicated to spamfighting and discussion of spam-prevention measures. See <http://www.claws-and-paws.com/spam-l/spam-l.html> for more details. ========================================================================= --------------------------- 3.3 ABBREVIATIONS --------------------------- ========================================================================= These abbreviations are common all over usenet, and so I won't go into too much detail. However... BMOC - Big Man on Campus ESAD - Eat S**t and Die FWIW - For What It's Worth FYI - For Your Information GoAT - Go Away Troll HTH - Hope That Helps or Happy To Help IANAL - I Am Not A Lawyer IIRC - If I Recall Correctly IMHO - In My Humble Opinion LOL - Laugh Out Loud RTFM - Read The F*****g Manual ROFL or ROTFL - Rolling On the Floor Laughing NANAE - news.admin.net-abuse.email NANAS - news.admin.net-abuse.sightings NANAU - news.admin.net-abuse.usenet YMMV - Your Mileage May Vary There's tonnes more abbreviations listed at the following website: Acronyms, the Insider's Language of Usenet <http://www.utdallas.edu/ir/tcs/techsupp/acronyms.html> ========================================================================= -------------------------- 3.4 TECHNICAL TERMS -------------------------- ========================================================================= 3.4.1 What are open relays? Most mailservers (or mail relays) on the present-day Internet will deliver email from and to only a small set of authorised users. For example, let's take an imaginary ISP "example.com". The mailservers at example.com could be used to deliver email sent to users of example.com, and to transmit email sent by users of example.com, but would deliver no other emails. This type of relay is generally known as "closed" or "secure". However, some relays are configured without this security, so that any unauthorised user can use them to send email messages to other unauthorised users (ie any email address in the world). For example, if example.com's mailservers were open, they could be used by a user of aol.com to send an email message to a user of twinlobber.org.uk. Why is this a bad thing? Well, spammers love to use open relays to send spam. There are several reasons for this: * Because they don't use their own ISP's mailservers, it helps them to conceal their spamming from their ISP. * Open relays will help the spammer to conceal their identity, and help to deflect complaints to the wrong ISP. * It's more efficient to send spam using several mailservers rather than just one (the spammer can spread the load to make it quicker, and the less the load on a mailserver the less likely that the mailserver's administrators will notice his activities and stop him). And one of the main ways to get use of more than a handful of mailservers is to use open relays. All mailservers on the Internet used to be open relays (they could be useful; for example you could still use the email system even if your own ISP's mailserver was down), but constant abuse of them by spammers has resulted in a mass move to closed mail relays in recent years. Many people now consider open relays to be nothing more than sources of potential email abuse. ORBS describe open relays as an "attractive nuisance". Because of this, many ISPs block email from open relays, often using an open-relay listing service such as ORBS (<http://www.orbs.org>) or the MAPS RSS (<http://www.mail-abuse.org/rss/>). Often, the people running the open relay can be completely unaware that their relay is open, as much mailserver software ships with open relaying being the default configuration or open relaying is trivial to enable. Other people leave relays open as a convenience to friends or customers, intending to allow them to send email no matter which Internet Provider they use, not realising the potential for abuse. Surprisingly few open relays are run as a deliberate service for spammers. Many mailserver admins are only too happy to close their open relays when they are pointed out to them. RELATED LINKS Fighting Relay Spam - One Man's Opinions <http://fightrelayspam.homestead.com/> How can I fix my open relay? It's good that you're approaching this in a positive frame of mind. With any luck, securing an open relay should be a relatively quick and easy task and then you will be on your way to removing yourself from any lists of open relays. Here's a few links to get you started. If you run into problems, people on the newsgroup will be happy to help you out. Securing and Testing Servers <http://www.orbs.org/otherresources.html> MAPS Transport Security Initiative <http://www.mail-abuse.org/tsi/> Open Relays in another NANAE FAQ <http://samspade.org/d/nanaefaq.html#4.3> An alternative tactic some people adopt is to post to news.admin.net-abuse.email about the injustices of having to close an open relay in order to get off one list or another. This doesn't often achieve much for the poster. What is "relay rape"? The "hijacking" of an open mailserver for the purposes of sending spam. What is a "teergrube"? "Teergrube" is German for "tar-pit". The idea is that you run what appears to be an open mailserver that a spammer will find and try to abuse, but he'll find when he tries to send mail through it... things seem to start going very slowly... In fact, what is happening, is that the teergrube holds the SMTP connection with the spammer open but doesn't actually do anything. Thus the spammer's UBE-sending software is slowed to the point of stopping, wasting his time and preventing him from abusing the Internet. (Since the expectation is that the spammer won't be sitting watching in case anything goes wrong, this situation could continue for quite some time.) The teergrube may still be able to send and receive legitimate email for authorised users; it's only when someone tries to use it as an open relay that this activity kicks in. A teergrube is just one example of a way that fake "open relays" can be set up to entrap spammers. They may be configured just to waste spammers' time, or they might log the spammers' activities and allow the administrator to report them directly to their ISP! RELATED LINKS Teergrubing FAQ <http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html> Fighting Relay Spam <http://www.fightrelayspam.homestead.com/files/antispam01192001.htm> 3.4.2 What is "port 25 blocking"? SMTP communications generally take place using port 25. "Port 25 blocking" is a technique sometimes used by ISPs who have a problem with users connecting to external mailservers to commit email abuse. Put simply, the ISP blocks any outgoing connections on port 25 from its users to the outside world. Thus the spammers cannot connect to the external mailservers to commit their abuse. The downside is that their customers won't be able to connect to external mailservers for legitimate reasons either. Of course, the spammers will still be able to connect to external mailservers that listen on a non-standard port, but these are rare. RELATED LINKS Port 25 Blocking at Earthlink <http://help.earthlink.net/port25/> BYTE Column: Port 25 Blocking Still Needed <http://www.byte.com/column/digitalbiz/BYT19990816S0021> 3.4.3 What is "POP-before-SMTP"? Recalling our discussion of open relays, I stated that a closed relay would only relay messages that were from or to a set of authorised users. I went on to give an example where the authorised users were the customers of a given ISP. This is the most common situation, but there are cases where an Internet Provider will want to provide a mailserver to users who are logging in through different systems. The main problem here is that normal SMTP (the Internet protocol used for sending email) doesn't require authentication (ie you don't require a username or password to use it). There is a proposed extension to SMTP that allows authentication, but this is not widely supported right now. So there's a problem in working out whether someone trying to use your mailserver to send email from an external system is one of your customers or a spammer trying to abuse an open relay. This is the problem that "POP-before-SMTP" is designed to solve. POP3 is an Internet protocol often used for retrieving email, and unlike SMTP it does require authentication. The idea here is that the mailserver notes a machine successfully logging in with POP3 and then allows that machine to make SMTP communications (ie send email) for a period of time thereafter. This way only authorised users can relay through the mailserver (because only they'll have POP3 passwords), but they can do it from anywhere on the Internet. RELATED LINKS RFC 2554: Authenticated SMTP <http://www.imc.org/rfc2554> POP before SMTP for Sendmail <http://spam.abuse.net/tools/smPbS.html> POP3 Authenticated Relaying <http://bsd.reedmedia.net/Software/Servers/SMTP_Mail/POP3_Authenticated_Relaying/> 3.4.4 What does "direct-to-MX" mean? This is beyond my area of expertise, so I'll pass you over to Philip Newton: "MX Records" are one type of resource record (RR) used by DNS, the Domain Name System. They show which mail servers accept mail for a given domain. (MX stands for "Mail Exchanger".) Generally, you or your mailing program don't need to know what the mail exchangers for a domain that you're trying to send email to are - you usually send the mail to your ISP's mail server, which will look up the MX records and send the mail on its way (it acts as a "smarthost" for you so that your configuration need only include one mail server and you don't need to do DNS lookups for every message you send). "Direct-to-MX" spamming is where you find out the MX records for the target domain (by querying the DNS) and deliver mail directly to that domain's mail exchangers, rather than using your ISP's mail server. One reason why spammers do this is so that they don't leave any logs with their ISP that can be used to track them down. 3.4.5 What is a "Smarthost"? This isn't really an email abuse issue but it is a term that gets thrown around a lot in the newsgroup. A Smarthost is a mail server that passes mail between other mailservers and doesn't necessarily interact with any mailboxes directly. For example, a large organisation might have a firewall and a mailserver for each department within the firewall, all of which talk to a smarthost which handles communicating with mailservers outside the firewall. This set-up has a number of advantages over the traditional approach of having one big mailserver, including: * the local mailservers buffer outbound traffic for users so after hitting the Send button their mail gets handled quickly no matter how busy the smarthost is (or even if it is down for maintenance) * the local mailservers buffer inbound traffic so the mailspool of the smarthost is less likely to overflow as it trickles to local servers * because the mailboxes are stored on local mailservers inside the firewall, they are less vulnerable to hacking. Another advantage is that, if the recipient mail exchanger can't be reached, the smarthost will try the other mail exchangers in preference order, if more than one is listed. If none are listed, most mail servers will attempt delivery to the domain itself (an 'A' resource record). Also, if none of the delivery attempts work, smarthosts will usually queue the mail and retry at intervals, meaning you don't have to do all this yourself (and dial up each time to retry the delivery). ISPs sometimes run "smarthosts" to allow their customers to collect email by SMTP. 3.4.6 What is "wpoison"? Another tool designed to frustrate spammers. Many spammers obtain email addresses using harvesting software that extracts them from websites, automatically following links and exploring new sites to find new addresses. What wpoison does is generates linked webpages containing lots of made-up email addresses, to the end of: (a) Filling the spammer's mailing list with useless addresses. (b) Wasting the spammer's harvesting program's time while it finds these useless addresses. To quote from <http://www.monkeys.com/wpoison/what.html> : "So the basic idea behind Wpoison is to trap unwary and badly engineered address harvesting web crawlers, and to fool them into adding enormous quantities of completely bogus e-mail addresses to the E-mail address data bases of the spammers, thus polluting those data bases so badly that they become essentially useless, thereby putting the spammers who are using them out of business, or at least shutting them down for a time and causing them some major headaches while they try to clean up the mess in their now-heavily-polluted e-mail address data bases." You can install Wpoison on your own website as a CGI script. Note that some spammers have now developed address harvesting systems that are smart to wpoison's tricks. RELATED LINKS Wpoison <http://www.monkeys.com/wpoison/> 3.4.7 What do those slashes after an I.P. address mean? Sometimes you'll see something like an I.P. address, but with a slash and a number after it, e.g.: This is actually a way of specifying a block of I.P. addresses. The number after the slash is the size, in bits, of the network prefix. Remember that, although they're written as four eight-bit integers, an I.P. address is really one thirty-two bit number. The first few bits are what is known as the "network prefix"; that is, the number of the network the I.P. address is a part of. The remainder of the I.P. address is the "host address"; that is, the number of the host within its local network. So, in the example above, the 32-bit I.P. adress has a network prefix 24 bits long, so the host prefix will be 8 bits long (32-24=8). This means that it specifies a block of 256 I.P. addresses, starting at and going all the way up to Another example would be: which specifies a block of four I.P. addresses (the network prefix is 30 bits, leaving 2 bits for the host address, and there are only four two-bit numbers), starting from Traditionally, a /24 is known as a "Class C" network, a /16 a "Class B" network, and a /8 is a "Class A" network. With the advent of classless addressing this terminology has fallen out of use. RELATED LINKS routerresources.com <http://www.routerresources.com/> ========================================================================= ------------------------ 3.5 KEEPING UP-TO-DATE ------------------------- ========================================================================= Wonderful though it is, news.admin.net-abuse.email should not be considered the fount of all wisdom or the source of all news where spam-related issues are concerned. Here are a few links you can use to keep up-to-date about various spam issues: Spam News Daily Press-Clippings <http://www.petemoss.com/> Whew.com Anti-Spam Campaign <http://www.whew.com/Spammers/> MAPS has press-release and press-coverage sections <http://www.mail-abuse.org/> ========================================================================= --------------------------- 3.6 KEEPING HAPPY --------------------------- ========================================================================= Spamfighting is tough sometimes, especially for those who've been at it for years. Sometimes you just don't feel like you're getting anywhere; you LART the spammers but some more spring up and there seems like no end to it. When you get a little down, it's time to touch on the lighter side of this whole business... SPAM HUMOUR! Here's a few funny links to get you started. Do remember though, to differentiate between the humorous sites and the serious ones! :) Spamhaus Spammer Threats Page <http://spamhaus.org/threats.html> (proving that the spammers don't need any help to look like morons) The Humour of News.Admin.Net-Abuse.* <http://www.panix.com/~tori/abuse-humor.html> The Anti-Spam Cadre <http://www.msg.net/nospam/> Norman DeForest's Spam Page (includes some humour) <http://www.chebucto.ns.ca/~af380/Antispam.html> Spam Hall of Fame <http://sendmail.net/?feed=000807knaussspamone> Spammer's Paradise: The Album <http://www.orca.bc.ca/spamalbum/> (I especially love "The Rant") ========================================================================= ------------------------------- CREDITS --------------------------------- ========================================================================= No document of this magnitude can be the work of only one man. I would like to thank everyone who offered ideas and suggestions, everyone who pointed out grammatical errors and gaps in my logic, and places where I was just plain getting things wrong. This wouldn't have been possible without you, people. Big-time thankings also to Paul Anderson for giving all this an official proof-read. ========================================================================= ----------------------------- USE POLICY -------------------------------- ========================================================================= You may copy and redistribute this FAQ in unmodified form by any means or media you see fit. You may modify the presentation of this FAQ as you see fit, so long as the content remains unaltered. You may modify the content of this FAQ so long as you appropriately credit both your changes and the original authors of this FAQ. At a minimum, the link to the FAQ's website _must_ remain in place.