Blue Security has ceased its anti spam operation that went after spam websites by counter-spamming them.

The company sent a slew of messages to websites that were advertised in spam, overwhelming their email systems.

19 May 2006

The idea was to defeat spammers at their own game, but Blue Security didn't play the game very well. One spammer retaliated by launching a denial of service attack against the venture, which in the end force the company to pull the plug.

Security Vendor Kasperksy Labs in a blog posting cautioned that Blue Security called this upon itself.

"Destabilizing sites if the site names are mentioned in spam is a very dubious tactic - it’s neither ethical or really legitimate," the company pointed out.

"I think that the path Blue Security chose was more or less doomed, if not to failure, then at least to causing a lot of Internet users, not just spammers, to react negatively."

I'd argue that Blue Security programme wasn't necessarily bad, it was just poorly executed and vulnerable to retaliation.

Spammer spam because they have an economic incentive to send their messages. To kill spam, you have to kill their business: prevent spam from reaching inboxes (filters) or close down websites that are advertised in spam (Blue Security's approach).

Photo: Luis Alves

Tags: blue security, spam, security