Usenet Spam: a Slice of History

by Charles Miller on January 12, 2021

This is an anecdotal account written decades after the fact by someone who was a teenager at the time it happened, and was only involved as an observer. There's no real point to the story beyond recording a noodly fragment of obscure Internet history.

The “modern era” of spam is generally accepted as having begun in 1994, when the law-firm of Canter and Seigel sent a message to 5,500 newsgroups advertising their Green Card lottery services. They said the advertisements netted them $100,000 in business for an outlay of “only pennies”, although this claim came on top of them launching a spam-for-hire business so take it with a grain of salt.

Spam on Usenet was a big deal beacuse of the way Usenet worked. It was a broadcast protocol where every message posted to Usenet got copied to every server that carried the newsgroup it was posted to. At least in theory. In practice, the system was highly unreliable and you just got used to replying to some post you never saw, except that someone’s reply to it made it as far as your server.

The cost of sending a Usenet message was tiny for you and the one server you were connected to, but the cost of storage and processing multiplied by every server in the network, plus the bandwidth costs of ferrying your message betweeen all these servers, was significant.

This program posts news to thousands of machines throughout the entire civilized world. Your message will cost the net hundreds if not thousands of dollars to send everywhere. Please be sure you know what you are doing. — Early Usenet newsreader software

Message volume was also a constant problem for Usenet server administrators. Raw disk-space concerns aside, Usenet servers would, by default, store each message as a separate file, and the twin demons of random-access seeking millions of tiny files, and each message consuming a filesystem inode, caused admins headaches even dealing with the network's organic growth. (INN, the standard Unix Usenet server software, would eventually implement its own custom filesystem as a circular buffer.)

This made Usenet spam a kind of DDOS attack. It cost the originator very little to post, but the protocols of Usenet itself could multiply that cost until it threatened to break the network as a whole. The Canter and Seigel Green Card spam was in itself merely annoying, but the risk of unscrupulous commercial operators habitually dumping massive amounts of data into a fragile network threatened the entire medium.

Which, of course, is what happened next.

Do you know what it feels like to know that your news server, despite the fact that it's some of the best hardware you can get with your available resources for an application that most people just don't care about, is running a backlog? That you're dropping incoming articles? That somewhere, somewhere there are things being posted which you are not receiving? They could be junk, they could be beautiful, well-expressed pieces of someone's soul, and you DON'T KNOW, you CAN'T KNOW, because legions of fucking vandals are throwing so much CRAP at your news server that it's running flat out trying to process it and delete it and just can't go any faster? — Russ Allbery, A Rant About Usenet

As a distributed, decentralised network, tools available to admins to stop abuse were limited. They could play whack-a-mole against spam accounts on their own servers, and band together to exclude servers with lax enforcement from the network as a whole, but very quickly the first line of defense became the 'cancel' message.

A Usenet control message was a specially formatted Usenet post that would be interpreted by the servers as a command. If you posted something and regretted it, you could send a 'cancel' control message, instructing the network to delete your post locally and no longer propagate it to other servers. Cancel messages were only valid if they were posted by the same account as the message being deleted, but since forging a Usenet message to look like it was from someone else was trivial, practically anyone could post one.

For a large chunk of Usenet history, when getting in trouble on Usenet meant having an embarrassing conversation with your CS professor about why you shouldn't lose network access, it was assumed if you were technical enough to know how to send a cancel message, you could be trusted not to abuse it. So even well into the Eternal September, most servers just accepted them without question.

Fast-forward to a year or so after the Green Card spam, a group of essentially vigilante Usenet admins were coordinating with each other to detect spam messages, and generate a cancel message for each one.

Mass cancellation of Usenet spam was controversial. Partly because cancel messages became a non-trivial component of Usenet traffic, and brought with them the same technical issues inherent in processing, storing and forwarding large numbers of tiny messages, partly because they infringed on the "free speech" rights of spammers, and partly because RFC 1036 said forging cancel messages wasn't allowed.

To which the correct reply is "Well actually, RFC 1036 never made it past 'proposed standard', please see son of RFC 1036."

The free speech question, particularly, became a hot topic of debate on newsgroups like the 'news.admin.net-abuse.*' heirarchy that were set up specifically to discuss spam and coordinate its removal. Free speech maximalists would argue that nobody had the authority to unilaterally remove messages from Usenet, admins would side-step the issue by arguing that they weren't censoring the content of messages, they were preventing the denial of service attack caused by them being posted over and over again.

The impact of anti-spam efforts on the arguments of free speech maximalists continues to be felt today. The impressive effectiveness of, say, GMail's spam filter, is a bit of an embarrassment to anyone claiming that removing particular classes of content from online services is just too hard to even attempt.

Like all Usenet arguments it quickly became impossible to tell who was seriously debating and who was just there to throw gasoline on the fire. Some wag suggested that anti-spam efforts were backed by a “Lumber Cartel” trying to protect its profits from the threat of junk mail becoming electronic, and thus reducing demand for paper.

At the same time, another vigilante group, not quite high up enough in the nerd hierarchy to take part in the high level policy discussions but still wanting to be involved, formed a parallel vigilante group around the activity of complaining about spammers to their Internet Service Provider and getting them kicked off the Internet.

Again, like all activities on Usenet, this quickly became a role-playing game. Participants adopted jolly pirate nicknames and set out to defeat evil, gleefully celebrating each “kill” and competing over who could be the most effective wielder of the holy ban hammer.

In the end, all this effort only served to prolong the inevitable. Usenet predated the Internet, its architecture forged in an era where only a few lucky hosts were permanently connected to the network, and the rest would sneakily dial up in the early hours when long-distance charges were low and slurp down the day's messages. Even by the mid 90s it was clear that Usenet's mass duplication and decentralisation was not only unnecessary on a fully-connected Internet, but a crippling overhead to the service as a whole.

I'm sure people are going to take exception to me referring to Usenet in the past tense for this whole article, but now, that's essentially where it lives.

Previously: Political Discourse in the Early 21st Century