SPAM ! ! ! What can I do!
Mindwatering Incorporated
Tripp W Black on 07/26/2004 at 05:38 PM


Category: Email F.A.Qs (Non-setup)
Receiving Email

Spam is a world-wide problem caused by a relatatively small handfull of people. The cost in wated time, additional infrastructure, and bandwidth are enormous.

As an end user there are things you should know about how SPAM works, how you start getting SPAM, and how you can reduce or elimate it from your Inbox.

HOW SPAM WORKS . . .

Spam are broadcast e-mails sent by a person to everyone. This person is almost never representing himself/herself as the sender. In most cases, the sending domain name is bogus (eg. spamdoktor123asdaaf23zz@2341234asdfdlkjojebuster.com) or stolen (e.g. you@yourdomain.com). The latter, from my point of view, is fraud as they are representing someone else, often a legitimate/real domain name. Often you will see you spam as from you to you, which obviously you did not do.

The person sending the spam is often using generic or custom broadcast marketing software. The difference between these people and "legitimate" marketing is that you did not sign up for it, and you cannot really get "off". In fact, following the spam's remove/unsubscribe link often only puts your email and name in a confirm database so that spammer knows your email is still a "real" email and you will see your spam sharply increase! On the other hand, you may have signed up to receive information from your favorite store or some business that you commonly shop. They send you newsletters. Or you may have a technical newsletter or forum/discussion that you receive updates. These are all legitamate senders of email.


HOW YOU START GETTING SPAM . . .

Spam exists because the spammers create/buy lists of email addresses and mass mail to those addresses. The result is that if you email address is public ANYWHERE, you will likely end up on the spammer lists, eventually. It is only a matter of time. The only way not to end up on the list, is to not give you email address to anyone and never send out an email - obviously, that is not an option. The result is that you spend resources trying to mitigate that possibility of it ending up on a list, and then once you do finally end up on the list, you spend resources trying to block as much of it as you can.
One of the spam messages you commonly receive will be an offer to buy a list of email addresses. Those lists are basically the lists we are talking about.

Steps to lengthen the time until your email address is on these lists:

Pop-Up's and Ad's
1. Never follow a pop-up advertisement asking to you register to win something. Many of these are actually spammers directly or just as likely, less than admirable vendors who will make money on the side selling your name and email. This is the fasted way to get on the list.
2. Never follow a pop-up to a gambling/gaming site. Basically, stay away from anything that promises to make you rich, quick.

Forums/Newslists
1. Never post your e-mail on a public forum/discussion/newslist that displays e-mail addresses. Back when the Internet users where nice, this was the common thing to do as we often would write each other to follow-up on discussion threads. But since the spammers showed up, most of these sites have now removed email addresses and only show a first or full name. The end result, is a once wonderful collaboration point with each access to each other has now become closed ended and restricted.
2. Never post your email on a web site. The spammers now use automated software to surf all the web sites and "mine" for email addresses. In the last couple years, Mindwatering recommends users think twice before listing an email on their web site.

Email Names/Aliases
Once again, in the old days it was common for webmasters (those who take care of a web site) to list their "webmaster@thisdomain.com" address for users to report bugs and to comment or seem the webmaster to create for them a web site. It was also common the company or individual to have an "info@thisdomain.com" for general inquiries to users of the web site. Other common email "aliases" are "postmaster@thisdomain.com" and "admin@thisdomain.com" and others. These are know by the spammers, as "guaranteed" names, so the spammers just need to get your web site's domain name to be able to spam you. The result is that most of us have removed these email aliases and no longer use them.

Other
You may receive some spam and not even be on their lists. Some spam may come in where they are just guessing at possible email addresses when sending the spam. (e.g. john@thisdomain.com or smith@thisdomain.com). The e-mail servers were constructed to do everything possible to get you your mail, mail servers will often come preconfigured to deliver mail when the user only got part of the user part of the email address correct -- this is often true of last names.)


I'M ON THE LISTS! HELP! ! ! HOW DO I GET OFF! . . .

The short answer:
You can't other than to abandon that email address and make up a new one. Unfortunately, that is pretty much the current way to "fix" the problem once the spam just gets too bad and you cannot stand it anymore.
Will this work for you?
For many individuals and businesses, their address is personal, or heavily "published" where abandoning it would have great costs to them. The only option is to reduce the spam using various techiques. Some of the techniques are in the next section below.

Switching to a new email address is not an option, what else can I do?

An Overview of the Options:
Many Internet Service Providers and web site/mail hosting providers (ISPs/ASPs) now include spam filtering software on the server and in their web-based mail clients. The mail servers also have various configuration options you can change that affect mail receiving from sources you belive may be spammers. If you use POP client program, such as Microsoft Outlook, you can also buy off-the-shelf software to install on your PC to help combat spam. Either way, these software programs have to destinguish between the "good" stuff and the "bad" stuff. Spammers can make that hard in lots of ways. These techniques are outside the scope of this document. The issue is that they have to be good to block as much of the spam as possible while letting through the good emails that you want to get. Regardless of whether or not the protection is server-based, client-based, or both, the options generally involve the techniques of blacklists, whitelists, the receiving mail server's configuration anti-spam checks, and content filters (also called rules) on the server and/or on the client.

Blacklists
Blacklists are lists that companies or ISPs subscribe, that contain email addresses of known spammers. These lists are email addresses, mail server addresses, and domain names that send spam as reported by users of the blacklist. Sometimes a false positive will show up on these lists due to several reasons. The problem is that it may take a while for the false positive to be removed from the list. So the company or individual of that domain on the list often find their outgoing mail never get to their recipients or marked as junk mail/spam when the user does receive the message. It can be a lot of work to get off some of the blacklists. These are usually deployed at the server level by the hosting provider or ISP.

Whitelists
Whitelists are lists of individuals and companies that should be trusted. They are also contain email addresses, mail server addresses, and domain names. The concept of a whitelist is to override a blacklist. This is commonly used to temporarily "fix" a blacklist issue at the receiving end, so that a business can receive mail from a company "mistakenly" on a blacklist, while still blocking mail by any other assumed spammers still on the blacklist. This is also used commonly on web-based ISP mail programs as an option to reject/block all incoming mail as spam unless it is from the addresses in this whitelist. This is not usually practical for businesses who are hoping to be contacted by new previously unknown customers, but is often an option for an individual who is sending and receiving to a closed group of relatives and friends.

Content Filters / Rules
Filters, also called mail rules, are lists of phrases and terms, and other rules that can be created to reduce email. Besides the phrases and works that come readily to mind, other more boolean type scenerios are created. Examples include rules to block certain attachment types that often contain viruses outside the company, block messages based on a combination of phrases and the name of domain or mail server sending the message, block messages that are two more than x number of users of the mail server where the email originated from an external email address.

Mail Server Configuration Options (Receiving incoming e-mail)
Most mail servers now incorporate various options for reducing spam by deploying various techniques including the blacklist and whitelist options above. Options including:
1. Checking to make sure the sending domain name is a valid domain name/reallly exists and registered,
2. Conduct a reverse check to verify that the sending mail server is who it says it is before accepting an email from that connecting server
3. Combining #1 and #2 that the domain name is the same domain as the server domain. The latter is often not used as a mail server may actually handle many domain names and will report only its primary domain name rather than one in the email being delivered.
4. Make all servers authenticate and prove who they say they are. Currently this is not a viable option, as mail sent between servers is publicly transmitted and the servers may not have such a relationship to know each other previously. This is due to the fact that keys would have to be traded beforehand. Currently mail servers function similarly to the paper metal ones on the sides of houses and the side of a road -- anyone can walk up to it and insert a piece of mail.

If you are a Mindwatering customer and you have additional questions regarding reducing spam, please contact us. We'll be happy to discuss it with you.


previous page