Anti-Spam Techniques for Email…
First of all, I take spam very seriously. Since I get about 40-50 spam emails per day, I’ve established a few procedures I use on a daily basis that help reduce the amount I am personally exposed to:
Reduce the spam:
- Trust no one. If I’m on a website that asks for my email address in order to access information I want, I try first leaving the form blank. Most of the time, that works. If that doesn’t work, and I REALLY don’t want to hear from the people ever, I use blah@blah.com or no@thanks.com (so sorry if you happen to own one of those domains!) If I only want to hear from them if they’re sending me a check for, say, $5 million dollars (which hasn’t happened yet unfortunately!) I use an account that I expect to receive only spam. Email sent there is automatically sent to the trash bin, but I have the option of scanning through it if I want. Plus, there’s the added benefit of reporting anyone who sends spam to that email address!
- Block them out. I am fortunate to have my own domain and hosting server, so I can control my domain better than someone who uses AOL or MSN or any of the other major online hosts. In the case where a spammer consistently inundates you over and over gain, but they keep sending the emails from the same server, you can block them permanently. In my case, I block netnames.com, imustlotto.com, and iexpect.com from ever sending emails to me or anyone within my domain (my wife, kids, friends, etc.) This is accomplished by adding a REJECT status to each of the above-mentioned domains into the email manager’s Access Control List. Ask your ISP to do it for you if you don’t know how to do that.
- Filter them out. Microsoft Outlook and Qualcomm Eudora allow you to set up filters on incoming email. I use them to either delete emails that are definitely spam, or flag them with a special color to indicate questionable emails. For example, emails coming from domains ending in .kr, .cn, .jp or .tw (of few of the countries that do not actively pursue spammers) are transferred to the trash bin, since I’ve never received a valid email from those countries. Obviously, if you frequently receive business or personal emails from one or more of those countries, you would have to alter that technique. I still scan through the automatically deleted emails, just in case. Also, I filter out and delete emails that contain phrases like debt consolidation, bad credit, descrambler, million dollars and many more. Emails from hotmail.com, sprint.com, and msn.com are flagged as possible spam, the color changed to bright orange, and then placed in a special spam folder, but they are not deleted in case ex-coworkers or old friends try to contact me. This technique allows me to easily scan the FROM and SUBJECT fields and make a quick decision to delete them. 49 out of 50 emails from those domains are actually spam.
- Let someone else filter them out. I route all email going to certain email accounts that receive a lot of spam through my free Google Gmail account, which is then accessed via an email client using POP3. Yahoo and others offer similar services, but most require an additional fee for POP3 access.
- Again, trust no one. Following the instructions that spammers provide to you in order to supposedly “remove” your email address from their spam lists usually involves filling out a form on their website, which proves that the email address they used to reach you is valid. Then they sell your email address to someone else as a valid email and the cycle continues. Another technique spammers use is to provide non-existing or invalid email address. Sending a REMOVE request or complaint to these addresses does nothing.
By the way, to those of you spammers reading this, these are not the only examples or techniques I use, so trying to get around the spam filters by relying solely on the above methods just won’t work!
And, I take great pleasure in reporting spammers:
- I did say “trust no one”, right? Email headers are extremely confusing and, to make matters even more difficult, they are often forged or altered by spammers. Most times, the FROM attribute is forged, so you can almost never rely on that as the source of the spam. Spammers frequently alter the FROM attribute so that it appeared that I sent MYSELF the spam! Since I (even as an experienced computer professional) can’t be expected to decipher the headers manually and reliably (nor can the average email recipient), I use SpamCop to do the deciphering for me, and the service also routes my complaint to the appropriate “authorities”. The service is based on volume, and while they have a free service, my volume of spam warrants paying for their service. Frankly, it’s a bargain! First, I do NOT forward all my email through their service as they recommend. I get so much normal email that it would be far too expensive. Rather, I only report those emails that I know are spam. For SpamCop’s service I paid approximately $12, which should last at least one year. In fact, their usage metering indicates it could last me up to three years! FYI, I receive no compensation or discount whatsoever for endorsing SpamCop.
- In the case of really bad spammers, such as em5000.com, I contacted their ISP by phone today and lodged a verbal complaint. Cybercon (like most ISPs) isn’t always effective in dealing with spam reports via email, but their customer service person that I spoke with on the phone (Dave) assured me that the situation would be dealt with immediately. They probably assume that if someone is willing to take the time to call, it must be way out of hand.
- I now also forward all spam to the Federal Trade Commission (FTC). The latest trick spammers use is to send email to a similar or abbreviated address (often just the last three letters) to see if it is a valid address. I love that, because now that they’re abusing an email address that was never valid to begin with, I’ve set up my server to automatically forward all the spam directly to the FTC! Thanks for making my job easier, guys!
- Emails advertising pyramid or multi-level marketing (MLM) schemes are emailed to a separate department within the FTC.
- Websites that appear to illegally sell drugs, healthcare products, foods, dietary supplements or cosmetics, I report to the US Food and Drug Administration (FDA). Emails including headers are also forwarded to the FDA.
- I forward emails making recommendations about buying or selling specific companies’ shares or securities to the Securites and Exchange Commission (SEC).
- I’ve reported child pornography to the Federal Bureau of Investigation (FBI), but since they don’t accept email, I’ve contacted my local field office and have worked several times directly with a special agent to report issues. Typically, I’ll spider the entire website and send an electronic copy via snail mail. The procedure can be difficult and time-consuming, so if you need help capturing the website or want to report it anonymously, please send me an email with the URL.
- So far, I haven’t had any emails that require reporting to the CIA, NSA or other governmental agencies, but I have no problem doing so!
Other useful tools:
- Verisign’s Whois lets you look up the owner and IP address of a domain. Looking up the spammer em5000.com reveals that they are a California business and that their website is hosted by twistedhumor.com at IP addresses 64.37.103.98 and 64.37.114.66.
- The American Registry for Internet Numbers (ARIN) Whois Database gives you a web interface to do a reverse lookup on domains. Give it an IP address and you get the name of the company that controls that range of IP addresses. For example, looking up em5000.com’s IP addresses show that they are within the IP block controlled by Cyberon, Inc. (who also control twistedhumor.com’s IPs)
- SpamLaws details a few of the laws that reference spam. It is interesting to note that em5000.com, being a company conducting business in California, does not conform to California legal requirements for spam, and is therefore in danger of being sued and/or charged with criminal offenses.
The bottom line is that if you plan on spamming me, don’t! You can’t cover your tracks well enough. By using the techniques outlined above the spammers really can be traced and stopped. Please do your part to make their efforts wasted. Thanks!
