E-mail security specialists were happy to see Robert Alan Soloway arrested Wednesday, but expressed doubts that the downfall of Seattle's alleged "Spam King" would make a significant dent in the volume of unsolicited e-mails plaguing Internet users around the world. Soloway, owner of Newport Internet Marketing Corporation (NIM) in Seattle, was indicted by a federal grand jury on 35 counts of mail fraud, wire fraud, e-mail fraud, identity theft and money laundering in connection to advertising and sales of NIM's "broadcast e-mail" software product and services. According to the indictment, NIM relayed "bulk and high volume commercial e-mail messages that contained false and forged headers" via a proxy network of compromised computers, also known as a "bot-net."
The case brought by the U.S. Attorney's Office in Washington's Western District focuses on allegedly false and fraudulent claims made by Soloway about NIM products and services. Soloway, 27, is alleged to have transmitted tens of millions of e-mails containing false and fraudulent headers to advertise NIM.
"It's kind of ironic that he got in trouble for spamming people about his spamming service," said Rand Wacker, senior product manager at e-mail and Web security vendor IronPort.
Wacker said worldwide spam tracked by IronPort spiked from about 72 billion spam e-mails to 81 billion the day before Soloway was arrested, then dropped back down to 70 billion messages sent on the day of his arrest. But Wacker cautioned against making too much of those numbers or connecting them to Soloway.
"So that was an 8 percent drop, but it was during a week that there were 8 percent rises and drops on a daily basis," he said. "For the Internet as a whole, it's not going to have a very perceptible effect. This guy was one of hundreds of spam ringleaders out there, the majority of whom are outside the United States."
Barracuda Networks, a seller of e-mail and Web filtering appliances, actually tracked an increase in spam the day after Soloway's arrest, said vice president of product management Stephen Pao.
"I was looking this morning at our spam volume numbers, and we've actually seen spam volume tick up slightly. Consider the nature of [Soloway's] business. He sold packages to different organizations to push spam through his networks. He's already deployed the spy bots," Pao said.
"It's like Monopoly, where this kind of guy may actually do OK in jail, collecting rent."
The channel will still see plenty of demand for spam-filtering solutions regardless of isolated spammer arrests, said Tom MacArthur, president of Storbase, a Waltham, Mass.-based e-mail and Web security solution provider.
"How much of this organization is really [Soloway], and how much is going to morph into something else is the question. There's just too much money involved for spammers," MacArthur said.
Ken Tortura, vice president of channel sales at e-mail and Web security vendor MX Logic, paused for a brief second to celebrate.
"I'm glad when they nail guys like that. But from a channel perspective, I don't think spam's going to go away because it's too profitable. There's VC money chasing these guys. It's so cheap and inexpensive to get these viral networks going," he said.
Spam operations like the one Soloway allegedly ran aren't the real threat to security, said IronPort's Wacker.
"Robert [Soloway] himself didn't actually control specific bot-nets. Robert wasn't the guy out there writing the code that builds the bot-nets. He was using a program called Dark Mailer that uses the bot-nets others built," he said. "There's a whole underground of virus writers who are trying to get a piece of code on your computer that they can then get to upload commands onto your computer. Spammers may rent out time on these bot-nets, but they can be used for more nefarious purposes, like denial of service attacks."