I was the victim of some bizarre spam yesterday directed at my work e-mail account. Someone used the neo-con spin site NewsMax' article-forwarding feature to send me an article about how the Democrats in California were assaulting the Constitution, with the message, “Spam this f**kboy.” I'm guessing the sender meant the author of the artilce and not me…or maybe they were referring to my anti-spam column?

In any case, the return address the culprit used was the e-mail for The Randi Rhodes Show,a “liberal” talk-radio show on ClearChannel's WJNO in West Palm Beach, Florida. I somehow doubt Ms. Rhodes herself sent me the message…it smells more like someone who'd want to embarrass her. Or maybe she's that stupid? I don't know, really, or care.

What's more interesting, or disturbing, to me is the potential for abuse of sites like NewsMax for spam attacks. While this one was pretty much a blunt-force approach, as far as I could tell, it wouldn't take an amazing piece of coding to create a robot that could be pointed at a site like NewsMax's article forwarding feature to churn out e-mails using harvested e-mail addresses for both the sender and target address. Some script kiddie could wack out something like that in Visual Basic in fifteen minutes, I suspect.

Stopping attacks like that would require webmasters to be able to link the source IP addresses of the spam, and not the sending e-mail address. Some straightforward code could limit the damage–say, limiting article forward requests from a specific IP address within a single day. (Also, having user authentication as a gateway to using article forwarding would reduce the likelihood of a spam engine assault).