Spam is unsolicited bulk email (UBE) that you don't want, usually promoting dubious get rich quick schemes, or trying to sell you something you also don't want. What is even worse, you get to pay for receiving it.
How do you get your email?
What you might try doing about spam depends upon how you receive your email.
I get personal email via a modem on a bandwidth restricted connection using POP3 accounts. I want to minimise spam downloads, without occupying too much of my time. That means I want to look at headers and as little as possible of the message body, and delete spam email without downloading it.
System administrators with hundreds of users have different tools and methods, and can use filters that look at the entire contents of an email to help decide whether it is spam. In my situation I'm not likely to get much advantage from better methods such as Bayesian filters (named after Rev Thomas Bayes, a method of statistical analysis used to identify patterns in text). Good article on Bayesian filtering here www.paulgraham.com/spam.html
Spam Filters
I need a spam filter that works before my email client downloads mail. When I was using a Windows computer, I used Nick Bolton's Mailwasher.
Possible Spam Fighting Approaches
- Blacklists
- Identify known spam senders, list them, and block everything from their domain. Also blocks all legitimate email from that domain. Spammers can easily avoid this approach, by using other domains, having random names, and by taking over poorly secured computers.
- Challenge Response
- Ask sender to reply when an email is received. Annoys users, works poorly on newsgroups, some users can't respond via web sites for instance. If the sender uses the same message, your challenge response then triggers their challenge response, and neither of you see the message. I hate it and won't use it.
- Collective Blacklists
- Share spam blacklists, anyone on it frequently gets listed. Examples are Matthew Sullivan's Spam and open relay Blocking System (SORBS).
- Pattern Matching Filters
- Looks for particular patterns. Can give false positives.
- Whitelists
- Blocks everything except specifically listed addresses. Needs a bit of effort to add everyone you know. Tend to lose contacts over time as addresses change without notice. Many false negatives.
Mail Washer
If using Windows, the shareware Mailwasher does an excellent job of checking your POP mailboxes for spam, and deleting it without loading more than the headers. I like Mailwasher. It isn't perfect, especially for new computer users, because you have to do some configuring of whitelists and filters to get the best results. However it has some nice features, and does a good job of cutting back spam. Because you can get false positives (genuine mail you tag as spam), you may not want to set Mailwasher up to delete every bit of suspected spam. You can allow email from known senders through, and optionally build blacklists (or use spam block sites lists as a blacklist). There are a bunch of spam packages, and these "advertise" themselves in their headers. You can set filters to reject any message whose headers contain these package names. I delete 95% of my email (on exposed addresses) totally unread. So if you are emailing me, please give a meaningful and specific subject header, so your email doesn't get deleted.
Filter with Eudora
Next, I set up some filters in my actual email client. The aim here is to move possible spam that gets through Mailwasher into a Spam mailbox, so you can check it periodically. You check these so you can extract real email, and so you can improve your filters.
Eudora Light or Pro keeps your email in a nice clean ASCII file, so I wouldn't want to move to anything that uses a proprietary file format. Eudora also has mail filters. You could send mail from everyone you know to one mailbox, and all the rest elsewhere. If most of your spam comes from one domain, just junk everything from that domain. Make a spam mailbox (I call it zspam so it is at the end of the list). Then Tools, Filter, New, Headers select Any Header. Add the domain name of the spammer. The Action is Transfer to your spam mailbox. The next Action box should be set to Skip Rest since you don't need to filter further.
Don't Reply to Spam
Lots of spam sites tell you to reply to a certain address, or click on a web link, to be removed from their lists. Don't do it. It just serves to let them confirm they reached a valid email address.
Complain to postmaster at their ISP instead, with a copy of the spam including the complete header. Some large ISP have an email address called abuse, for such complaints.
Annoyance leads to some people sending spammers core dumps or other large files. The spammers generally don't care, because they just "borrowed" the system from which they sent their junk mail, using either an account opened just for spamming, or sending via some ISP who didn't lock their door.
The site from which the spam is sent, according to the From: address, is usually a fake. If you have the tools (Sun's nslookup maybe) you can use the DNS to look up the Start of Authority (SOA) record for the most recent domain it passed through. Not that even InterNIC always have a valid email address for some domains. You may not get much co-operation, but sometimes you find a site that will take thing further. Backbone sites are often willing to help cut off spammers. Remember to send them the entire contents of the spam, including all headers. You should be able to just email postmaster@domain, but it seems that despite RFC 822 and 1123, some domains don't have a postmaster address. Some large ISPs have addresses such as abuse@ to receive complaints.
Don't Enable HTML or Styled Email
A spammer can leave a graphic on a web site, and include that location in spam you receive. If you have HTML enabled and look at the spam, the fact that you did so can be determined by the spammer. This means the spammer now has confirmation that your email address exists. So turn off viewing HTML and or viewing images.
ISP Action on Spam
Many reputable ISPs will take action against spam. Most have acceptable use policies against it, and against address forgery, and against attacks on other sites. If an ISP will not act against spam, do not use that ISP, and tell them why you dropped them.
ISPs that promote spam can expect complaining email, or retribution such as ping attacks, law suits from sites and users, or even being black holed.
I'd like to see all ISPs block new accounts from being able to send more than a hundred or so messages an hour via their SMTP server for their first year.
Hiding Your Email Address
Spammers get your email address from material you put on the internet. If you have a web page, consider either having a special email account that is not your normal one, or else make it difficult for spammers to extract your address by coding it (look at the source code for some of my page for an example, however note that spammers can now extract email addresses hidden this way).
Newsgroups seem to me the place some spammers pick up addresses.
Consider putting some junk in your email address, and remove the @ symbol (along with a text explanation of how to generate the correct address). Spammers don't like looking through text to figure this out. I don't like hiding addresses, but now that worms use exposed news group addresses, I'm no longer willing to expose any valid address.
Use an address that changes. If your ISP gives you multiple email aliases, make your name jan2001 in January 2001, and feb2001 in February 2001, when you post in newsgroups. Tell people to use a recent name. Get rid of the old alias a few months after they expire. Your old name won't do spammers who use lists of email addresses any good.
There are valid objections to hiding your address. See these articles elsewhere for additional information. www.interhack.net/pubs/munging-harmful/ and www.faqs.org/faqs/net-abuse-faq/munging-address/
Now that worms exist that gather addresses from news groups, I think hiding your real address on newsgroups is inevitable, regardless of the valid objections to the practice.
Attack Spammers
The only thing that really decreases spam is to drive their costs up. Force them to work harder on their mailing lists, by seeding them with false email addresses. Make them pay extra for advertising.
There are web sites that generate multiple false email addresses for the spammer robots to harvest, such as this list of 10000 addresses formerly at http://www.towerofbabel.com/antispam/ or this one Fight Spam! Click Here!
Web Poison is nice. Not only does it generate fake addresses, it also tricks badly done spiders into returning to it for more badly done addresses. www.monkeys.com/wpoison/
Even better, especially if hundreds of thousands of people do it, each day follow search engine links to sponsored bulk email sites (search for bulk email), so the spam sites get charged for click throughs, as suggested formerly at http://www.spambattle.com/
If you happen to find a spammer web site with genuine email addresses, and you are a system administrator, consider setting your MX records to divert all bounced email to that site.
Encourage your government to entirely ban spamming, and have massive fines per email. If enough countries do it, spammers will gradually find it harder to locate safe havens from which to spam. Australian generated spam has declined since such laws started.
If you find a physical address for a spammer, sign them up for every piece of junk physical mail in the known universe. With a bit of luck, they won't have time to separate out legitimate mail, like payments.
If you receive spam from a legitimate company, write to them and tell them that you will not deal with any company that sends spam. Make sure that you don't deal with them ever again.
If you encounter a spammer, and feel like physically attacking them, consider whether a jury would let you out of jail before they get out of hospital, and take appropriate action.
Encourage your government to bring back the neglected custom of duelling, and challenge a spammer to a duel.
If you happen to work in some illicit trade, and have the appropriate contacts, consider getting together with some of your gang to hire an assassin. I like the idea of a permanent solution to the spammer problem.
Hosts and Popups
If you have facilities to run your own hosts file (Unix, Linux, some versions of Windows), you can try pointing potentially offensive hosts (places that send you web page popups and the like) at 127.0.0.0 Get rid of places like flycast.com
See links at http://www.grc.com for some (overly dramatic) hints.
Sites About Spam
- Australian Caube
- Volunteer grass roots anti-spam organisation, pushing for legislation as a potentially effective measure within Australia, backed by education. www.caube.org.au
- Cauce
- Attempting to make spamming illegal in the USA. Scott Hazen Mueller. www.cauce.org
- Dan's Data
- Computer review site with a good introduction to using filters to reduce spam, by Daniel Rutter. www.dansdata.com
- FAQ
- An FAQ about dealing with spam formerly at http://ddi.digital.net/~gandalf/spamfaq.html
- Junkbusters
- Lots of details about junk email, spam, plus advice www.junkbusters.com
- Mail Server Protection
- Ways to set up your mail server to avoid relaying spam accidentally. Formerly at http://mailabuse.org/tsi
- Spam Cop
- Does an email complaining about spam to the service provider (free, but a pain to use - the paid for version is better).
- Spam abuse information site
- Lots of handy information about preventing spam. Good site to check first when you start wanting to attack the problem. spam.abuse.net
- Spam Laws
- Lists various laws and bills from different countries regarding spam. Different sections cover USA, European Union, and others. By David Sorkin. www.spamlaws.com/
- Spam Relay Sites
- There are lists of known spam relay sites (so you can block them) at MAPS www.mailabuse.org and elsewhere.
This page isn't actually intended for anyone except me. I just want to list places that help get rid of spam.
John Walker compares the net to a slum he once lived in, with some dismay, at www.fourmilab.ch/documents/netslum/. Graphs of just how much crap spammers and worm creators are generating. Good article (one of many good articles on the Fourmilab site).
Spam on Television
The advertising on TV is spam. Advertising pays for the (mostly crap) programs. We get to put up with the spam, as our price for free to air TV. Video recorders help, but you still have to pay some attention as you fast forward through the adverts. Mostly a video recorder gets used to play pre-recorded movies, with a little time shifting of programs.
What will really help are Personal Video Recorders (PVR). These are a hard disk substituted for a video tape. Because of the "instant search" nature of a random access device like a hard drive, you can move forward or backward through what you record without waiting. You can record a program, and then skip all the commercials. You can leave the PVR working, and get an instant replay of anything missed.
The ones I've heard of in the USA are TiVo, and Replay. They have
sold less than old figures100,000, a very disappointing result. They are expected
to really take off when bundled with cable set top boxes.