Black Frog leaps into fight against spam

Okopipi project aims to continue antispam campaign launched by now-defunct Blue Frog effort, which suffered a DOS attack.

Spammers beware--hostile amphibians are once again rising against you.

First there was Blue Frog, a community antispam effort that stopped operating last week after Blue Security, the company that started the project, came under a withering denial-of-service attack.

Out of the ashes comes Black Frog, part of a project that is apparently willing to become a flag bearer in the fight against spam. The project, dubbed Okopipi, is developing the Black Frog antispam software as an open-source project, according to the group's wiki.

"This project aims to become a distributed replacement of antispam software Blue Frog," the Okopipi wiki states. The project merges two separate efforts--Okopipi and Black Frog--that arose after the demise of Blue Frog.

Blue Security waged a sort of do-it-yourself spamming campaign against the spammers. It said that more than 500,000 customers downloaded its Blue Frog software, which automatically sent replies back to mass e-mails. If all of these customers' systems responded, the spammers' systems would be overwhelmed.

But the Web sites of Blue Security and some of the company's partners were knocked out last month by a massive distributed denial-of-service attack. In such an attack, scores of computers try to continuously log onto Web sites, in an effort to overtax the servers.

Okopipi's battle plan is to avoid depending on a centralized server, creating a target too big to be taken out by a single DOS attack.

"It will be based on a P2P network (the frognet)," according to a posting on the wiki. "On failure to connect, it could still opt out given e-mail addresses."

Participants will send reports of spam e-mails to Okopipi, which will use "handlers," which include dedicated servers, to analyze it. To avoid suffering the same fate as Blue Security, Okopipi's staff will not disclose information about its servers.

"Only the Okopipi administrators will know their locations," the group said on its wiki. This should make a DOS attack "very difficult," it said.

The Okopipi wiki said that the Black Frog software will set participants' systems to automatically click the "opt-out" or "unsubscribe" links contained within spam--sending a response to the mailers. The software is still being developed.

Richi Jennings, an analyst at security research company Ferris, said that Okopipi should be careful if it decides to fight fire with fire.

"The project should also take care not to cross the line from legitimate spam complaints to attacking spammers using DDoS-like techniques," Jennings wrote on a posting to Ferris' Web site.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Jaguar F-type S Coupe is beautiful and impractical

With stunning lines and sharp handling, the F-type S Coupe is an excellent sports car, and as impractical as a true sports car should be.

by Wayne Cunningham