Anti spammers revive Blue Frog in P2P form

Satdude

Anti spammers revive Blue Frog in P2P form

When controversial anti spam firm Blue Security was knocked off the internet last week, under the onslaught of a crushing denial of service attack, it looked like the spamming community had run away with the fight. But in the last few days, a small team of developers has banded together and issued a call to arms to revive the Blue Frog project.

A Sourceforge project under the name "Okopipi" was registered on Friday. In homage to Blue Security's Blue Frog anti spam tool, Okopipi has taken its name from a South American poison dart frog, also blue in colour.

Blue Frog was applauded by some and criticised by others for its technique of tracing the origin of spam mails and flooding the senders with opt-out mails - in effect spamming the spammers.

Okopipi intends to follow in the same vein. "The rules of engagement would be the same as Blue Frog. One spam equals one opt-out request. No DDOS [distributed denial of service]. We use bandwidth throttling sufficiently low to not overwhelm the site," John Simmerman, one of the project creators, wrote on a forum.

Although it had some success, forcing six of the world's top ten spam operations to capitulate and use its open source mailing list scrubber, Blue Frog's problem was that it annoyed one of the biggest spammers in the world.

The one particular culprit, thought to be from Russia and known only as PharmaMaster, subjected Blue Security's websites to sizeable DDoS attack, and exploited a Cisco security feature known as Black Hole Filtering to prevent web traffic reaching the Blue Security sites.

The Okopipi project believes to have found a way around this concern by building its open source Blue Frog replacement on peer to peer (P2P) technology. This means, "No centralized reporting server. No website. Any single point of failure could be switched out on the fly," the project leaders said.

"The entire project would exist in P2P-space. No single node becomes more important than the rest. Simply give your spam to the client, and it goes out on the network where it is processed. Control of the client would be through PGP commands sent to each client for coordinated opt-out requests. A voting mechanism will prevent any single node from having control over the network."

However, the group has expressed concern that the websites it uses as a forum for developing the project could become the target of DDoS attacks, as the spammers seek to cripple any potential threats. If anything, Blue Frog's short lived existence proved that it was keeping the spammers on their toes.

But right now, the focus for the Okopipi project is to pull together a team of developers and a secure method for the m to communicate to see the project to fruition.

"We are software consultants with the knowledge to design the project but insufficient resources to see it to completion. We know how this can be done, but we need help. We believe there are a lot of bright, talented and pissed off people that would like to be involved.

"It is a complicated project but we think it is doable if we can find the right talent," the project leaders said.

Regards Satdude.