Regular visitors to this site probably noticed that the site was unavailable for eight days during January, and that although the site eventually came back, the weblog hasn't been updated for a while. Here's the story behind that.

Around 1pm EST on Friday 12th of January, the server that hosts the site came under a sustained distributed denial of service (DDoS) attack. In order to protect other, unrelated sites and servers in the same location, the hosting company that provided webspace to spamnation.info was forced to take the site offline.

There is little doubt that the target of the attack was spamnation.info (rather than another site on the same server), and there is reason to believe that the attackers were spammers who were unhappy about the fact that the site publishes information about stock spam. Several other anti-spam sites were also attacked at the same time. No advance warning was given, and the attack successfully took down at least four sites. The attack was conducted by a botnet consisting of multiple zombie computers and in a later phase of the attack against spamnation.info we recorded thousands of simultaneous connections and traffic levels as high as 37Mbits/second. It's hard not to conclude that someone really wanted us offline.

The site is now back again thanks to the kindness of some supporters of spamnation.info who stepped forward to provide hosting and worked to mitigate the effects of the attack. Because of other commitments, it took me a few days to finish moving the site to its new home. When I brought the site back up again , the attack immediately resumed but the mitigation measures put in place by our friends were apparently effective in containing it.

At this time, the site is no longer under attack. There's no guarantee that the spamnation.info won't be attacked again in future, and an attacker who is really determined could probably bring the site down again. It takes much deeper pockets than we have to successfully fight off a really massive DDoS attack. Even with the support of Prolexic, one of the industry leaders in DDoS mitigation, Blue Security were forced to shut down after a concerted assault that began with a similar attack.

So those are the facts about our temporary absence. Now for some commentary.

The first obvious point is that apparently we're doing something right. The fact that someone — presumably a spammer — cared enough to try to kick us off the web suggests that they're not happy with the information we're publishing. To which all I can really say is, "Good, that's the idea".

The second point is that the whole incident reminded me yet again that spam isn't some minor irritation, but a form of organized criminality. Spammers are thugs who will use whatever means they have at their disposal to silence their critics and to prevent any interference with their 'business', a business based on theft and fraud. Fighting spam is about more than just being able to read your email or use the web without being drowned in junk; it's about trying to put a spoke in the wheel of crooks who make their money by preying on ordinary people.

The other realization that I had was that having to waste still more time that could be better spent on more useful projects in order to overcome the temper tantrums of some grasping low-life is intensely irritating. I despise spammers in the abstract, in the same way that I despise all abusers and con-men, but this incident has added a personal edge of loathing to the way I feel about these people.

So there we are. Both sides have come out of this initial encounter with unused weapons in reserve. There may be more hostilities to come, there may not. However, for the time being, we're back and we have the satisfaction of knowing that we pissed somebody off, at least a little bit.