Battle Creek, a town of 54,000 best known as the headquarters of the Kellogg's cereal company, is on the warpath.
Robert Drewry, a Battle Creek detective, said on Wednesday he was hoping
to file felony charges of computer intrusion against the person at the Orbz
anti-spam service who contacted the Domino server, and caused e-mail to crash
for 24 hours. "If we can identify the person responsible, yes, we will prosecute,"
Drewry said.
This new Battle of Battle Creek -- the first one
in 1824 pitted local Indians against surveyors -- began when an Orbz computer
allegedly connected to the town's mail server to see if it might be an anti-spammer
bugaboo: A relay point for bulk e-mailers.
It wasn't. But it was running an old Lotus Domino version, and what would
normally have been a routine test by Orbz allegedly caused the server to
mail-bomb itself into a tizzy.
Cindy Hale, a systems administrator for the town, said she was the one who had to deal with the crash.
"We had to get with our Cisco expert and get into our firewall and make
some changes in there and make some changes to our (Lotus) server to not
accept anymail from Orbz," Hale said.
Then Hale did what has incited a feeding frenzy this week in the online
communities devoted to canning spam: She called the cops. "I just called
our police department and asked if they wanted to investigate any further
and there we are," Hale said.
Hale's phone call and subsequent police investigation have led activists
on the spam-l mailing list and and news.admin.net-abuse.email newsgroup to
vow that "Battle Creek will soon become Battle Stations," and already has
prompted talk of a legal defense fund for Orbz.
The activist at the center of this controversy, who could face up to 10
years in prison under Michigan criminal law, is Ian Gulliver, a 20-year-old
systems administrator who lives near Ghent, New York. Gulliver is the administrator for the Orbz (pronounced
"orb-zee") blacklist.
Created last June, Orbz is one of the newer incarnations of blacklists
assembled by devoted activists fed up with clogged connections, cluttered
inboxes and overflowing mail spools.
It lists about 70,000 open relays that spammers typically rely on to spread
bulk e-mail. Network administrators can configure their systems to reject,
discard or return any mail that comes from an address appearing on Orbz's
blacklist.
Orbz claims some distinguished customers, including about 200 large institutions
-- Intel and AT&T Research among them -- who regularly download the latest
spammer blacklist, plus tens of thousands of individual users.
More importantly, Orbz relies on the same connect-to-a-mail-server technique
that's commonplace on the Internet. The Orbz queries -- phrased in the MAIL
FROM syntax -- may have given a
buggy Lotus Domino server fits, but they appear to be perfectly compliant with Internet standards.
Gulliver discovered the Lotus Domino problem last year. In August, he sent an
alert to the bugtraq mailing list saying Orbz had learned that its queries could "cause Lotus Domino to
enter a mail routing loop and consume 100 percent CPU." (Lotus has since released a patch.)