Lycos Ends AntiSpam Effort, Denies Downing Spam Sites

Lycos Europe says it is officially ending its MakeLoveNotSpam anti-spam campaign, saying the controversial campaign has accomplished its objectives. The company also said traffic from users of the MakeLoveNotSpam screensaver wasn't responsible for outages at two spammer sites targeted during the attacks.

"Lycos has decided to close down its Make Love, Not Spam website," said spokesperson Malte Pollmann. "The aim of the campaign was to ignite a debate about anti-spam measures. We feel that we have achieved this through our activity and will now continue that debate with others in the email industry. We hope that this will lead to further new and innovative solutions to the problem of spam."

The company also says a published list of sites affected by traffic from the screensaver represented "historic data" and not ongoing activity. Netcraft used the list as a guide in analyzing the screensaver's impact, monitoring three sites which Lycos cited as being hardest hit by its campaign. Our analysis found two of the three sites cited by MakeLoveNotSpam were not available, and attributed this status to traffic generated by the screensaver. Lycos Europe says its attacks on those particular sites had already ceased.

"At the point of time of your measurement, December 1st 2004, all the 3 sites you measured were not on the target list of the screensaver activity," Pollmann said in an email to Netcraft. "The information you took from the website of was merely historic reports and all the 3 Domains were targeted only between October 20th and November 9th, 2004. The 2 sites not responding in your measurement were most probably moved or shut down after." A screenshot of Lycos' initial description of its target sites can be seen here.

The screensaver download was pulled from the Web Thursday after more than 110,000 copies had been downloaded.

Meanwhile, an explanation has emerged for persistent reports that the MakeLoveNotSpam site was defaced by hackers, a contention denied by Lycos. The "defacement" appears to have been a message posted by MCI and presented to users of its network that tried to access the site. The message, reported by many users, warned that "attacking spammers is wrong. You know this, you shouldn't be doing it." An MCI spokesperson acknowledged seeing the message while trying to access MakeLoveNotSpam from the MCI network.

That explanation suggests that Internet backbone providers began blocking requests for MakeLoveNotSpam - a practice known as "blackholing" - as early as Nov. 30, several days before the practice became widely known.

Lycos Europe advertised MakeLoveNotSpam as a "screensaver that spams the spammers," using idle computer time to attack sites that have been blacklisted for abusive spamming practices. The campaign, designed to appeal to e-mail users fed up with spam, was widely criticized by the Internet security community, and the site was blocked by many major connectivity providers.

Pollmann said all traffic generated by the screensaver will be halted by the end of the campaign, and challenged descriptions of the campaign as a denial of service attack. "Contrary to some reports, the service never launched a 'distributed denial of service attack,'" Pollmann said. "Rather, a centralized database ensured all known spammers' sites were left with at least 5% of bandwidth. The idea was simply to slow spammers' sites and this was achieved by the campaign."