My first view of this book made me feel somewhat impressed by it. It's a rather large book, with 432 pages in a fairly generic looking blue, white and red cover. The cover advertises the fact that there is a website devoted to the book and gives registered readers the opportunity to download 4 free e-booklets covering various internet security issues. The cover attempts to engage the reader by asking “You may hate Spammer-X, but can you afford to ignore him?”.

Opening the cover gives us more details on the website and the e-booklets which may be downloaded from the site. The webpage also contains a “From the Authors” forum which apparantly will contain timely updates and links from the authors.

The book has sixteen chapters which are broken up into sub-sections focusing on a fairly tight definitions of the concepts being dealt with. On the whole, I found this to be extremely useful, as it made referring back to relevant sections easy.

At the risk of sounding terribly boring, I devoured this book. The book is written from the perspective of the spammer and as such, it reads very much like a How-To book for aspiring spammers. I believe this book is a must read for anyone connected to system administration or network security.

Foreword;

Chapter 1: Inside the head of a Spammer;

Who am I?

Chapter 2: How Spam Works;

The Business of Spam

Spam in the Works: A Real-World Step-by-Step example

Chapter 3: Sending Spam;

The Required Mindset to Send Spam

Methods of Sending Spam

Chapter 4: Your E-mail: Digital Gold;

What Does Your E-mail Address Mean to a Spammer?

Hackers and Spammers: Their United Partnership

Harvesting the Crumbs of the Internet

Mass Verification

Chapter 5: Creating the Message and Getting It Read;

Jake Calderon? Who Are You?

Chapter 6: Getting Paid as a Spammer;

Do You Really Expect to be Paid?

How Much Can You Make?

Money Methods

What if You Don't Get Paid?

Chapter 7: Spam Filters: Detection and Evasion;

Detection: Identifying Spam

Basic Evasion: Tips on How to Beat a Filter

Chapter 8: Spam Filters: Advanced Detection and Evasion;

Filters and Spammers

Noise Filters: Detecting Your Random Data

Abusing Pre-Defined White Lists

Playing the Language Game: Tips on How to Beat Bayesian Filters

Accountability, SPF and Sender ID

Chapter 9: Phishing and Scam Spam;

A Million Baited Hooks: Scamming Spam

Types of Attacks: The New Age Battle Ground

Inside a 419 Scam: A Real World Example

Chapter 10: Spam and the Law;

The Rules of CAN-SPAM

What About Global Laws?

Making a CAN-SPAM Compliant E-Mail.

Legal Cases Against Spammers

CAN-SPAM in a Nutshell

Chapter 11: Analyzing Spam;

Tracking Spam

An Example of Perfect Spam

Chapter 12: The Real Cost of Spam;

Finding the True Cost of Spam

Chapter 13: Statistics of Spam;

Spam's Stats

Chapter 14: The Future of Spam;

RFID and VOIP

Chapter 15: FAQs of Spam;

Chapter 16: Closing Comments;

Appendix A: Combating Spam with Exchange Server and Outlook.

Index.

Review

As said above, this book reads very much like a “how-to” book for aspiring spammers. I found the book to be unexpectedly good reading and found the information presented in a clear and well put together manner.

To put it bluntly, this book is a must for any System Administrator, Network Security Expert, Newsletter Publisher, Forum Owner or Database Designer. Anyone who deals with access to any of Joe Public's details should take the information this book presents and use it to secure their system.

After reading Inside the Spam Cartel, I decided to test some of the information it provided by setting up a very simple website which contained a CGI form mail script and a PHP version. Following the instructions in the book, I attempted to spam myself. Now while I am not completely innocent of the ways of the web, I'm not exactly a technical guru either.

The results were scary. With a few minutes work and some reasonably easy to find software, I managed to drop fifty emails into my email account, all of which could have been avoided using a little bit of forethought.

The book goes into extraordinary detail on all aspects of sending spam. Evading filters by using random words, using insecure SMTP servers, using servers geographically so as to avoid rule based spam filters and tricks for making text invisible to readers are all explained fully in this book. As an example of the last trick, did you know a common spammers trick is to make individual letters only one pixel in size, making the letter invisible to the human eye, but breaking up “banned” words so spam filters let the email through? I found that and more of the details in this book absolutely intriguing.

My only criticism of the book would be that in the places where a lot of detail was provided, it still wasn't enough. How does one find the insecure servers? What are the processes needed to take advantage of them and what's the best way to plug the holes? For those reasons, I would give this book 8 / 10