Fighting Spam

      Comments Off on Fighting Spam

Fighting Spam

I wrote this article for the company I work for several years ago.  Though I still use the practices today and they still work incredibly well in keeping my email spam next to nil.

Spam, it’s a loosing battle….

Unfortunately, if you think spam just “magically appears” you would be wrong.  The spammer has to get your email somehow.  If you are making it easy for them to do so, then there is nothing your email provider can do to help you.  Just how do spammers get your email address?  Well, here is a few of the most popular ways.

1. Forwarding jokes.  You are thinking, “but I only send them to my friends”.  Let’s say, you send a joke to 10 friends.  Each of them forward to 10 of their friends.  That’s 100 more.  Now there are a total of 111 email addresses in the TO block.  Easily read by anyone who receives the email.  Now you can see that you don’t know all 111 people, but they have your email address.  Well what if one of them IS a spammer?  Or worse, what if they sell email addresses to a spammer.  For say $5 per email address.  That $555.00!!  Easy money.  You have no idea how tempting this is when I get such joke emails sent to me from a bunch of folks.  It also will get used if one of these people have a virus infecting their computer that sends spam.

2. Signing up with websites with memberships.  Such as a community website, shopping site or auction site.  Many of these sites will either have some sort of privacy clause that states they will send you advertising or sometime publish your info on their site for others to view.

3. Signing up for mailing lists.  Read the fine print, a lot of times they will state that you are not only going to be getting their newsletter, but info from other sites as well. Whether you like it or not.

4. Having your email address listed on a website (personal or business).  You want folks to email you for your services or help, yet you are advertising it to the world.  Even if you encrypt it, web bots and spiders are getting wise to these encryption methods.  Hundreds of thousands of these bots and spiders crawl webpages vigorously 24/7.  Harvesting your email addresses and sending the info back to their home server for the spammer to use.

5. Having an easy to guess email address.  Such as john@myisp.net, etc…  If you make it easy for the spammer to simply guess or use a name generator, you are certainly doomed to get spam. Sure it’s nice when you own your own domain and have the nice ability to have whatever email address you want.  But it’s better to not make it so easy.

6. Auto-Responders / Vacation Responders.  Sure it’s nice that when you go out of town or on vacation to have any one who sends you an email to get an auto-reply from you saying you’ll be out of town and will return on a set date.  However, this has very bad repercussions.  Sure, your friends, family, co-workers or customers will be notified that you are not at your desk.  However, any spam that slips in, will also get a validation to your email address.  Then when the spammer realizes this, they will quickly abuse and sell your email address to other lists.  By the time you get back to your desk, you’ll have a virtually unusable email address packed with spam!

Finally, there is the all time no-no of spam.  Once you start getting spam, people make the greatest mistake of clicking the link in the spam that states “Opt Out” or “remove me”.  THIS IS A HUGE NO-NO!!!  DO NOT CLICK THAT!  By clicking that link, you’ve just told the spammer they have a good email address.  Even IF they do take you off of their list, they will more than likely sell your email to hundreds of others and you’ll see a sudden increase in spam emails.  The ONLY exception to this rule is if the email message came from a legitimate company with whom you have an existing business relationship.

Anti-Spam Tools:

Today most email providers have their own spam filter system.  This will block “blacklisted” emails from coming at all.  Other emails that “may be considered spam” are simply marked with a SPAM in the subject line or are sent directly to a spam folder for your review.  Because even though you consider ads from someone spam, there are others out there who want that type of email.  So, it will only be marked or moved.  This will allow you to use your judgement to setup further spam filtering if needed.  Or if spam slips into your inbox, you can setup custom rules.  However, it’s best to set this up so that it moves the spam to a folder.  This way you can check it out and make sure it didn’t accidentally mistake an email from your friend or business contact as SPAM.  Which can be done just when your someone titles their email to you with words like “great deal” or “finance help”.  So you don’t just want to have it automatically deleted or you may miss some of your legitimate emails.

If your provider uses a use a non-web based email address (POP3) and has poor spam filtering.  Or you use web based email via an email client.  There are a number of anti-spam tools available.  Example being software such as MailWasher.  You can use this to preview your email first then mark the spam and delete it before downloading the rest of your email.  Nice tool, but there are drawbacks.  First of all, most of these tools rely on a main list that is hosted on a different server.  Thus it has to call home to update itself.  If you don’t, it will get out of date and spammers will find way to get spam to you anyway.  Secondly, most of these anti-spam tools may cause other folks spam.  Using a feature they call “bounce”.  This rejects the spam, but sends it back to the originating email address.  Most of the time, this is a false email address not belonging to the spammer.  Otherwise known as a spoofed email address.  Now you might be spamming some innocent person, or worst of all your provider’s server, and most likely violating the terms of service with them.  This could get your internet account suspended and/or terminated with your provider.  Bad idea.  If you use such a tool, you should disable the bounce feature.

There are good email programs available now that can help you fight spam as well.  The best free ones on the market at this time are Mozilla Thunderbird and Windows Live Mail.  These are stand alone email clients.  They have built in spam controls that actually you can teach. Most spam will come in and immediately be moved to the “junk” folder. Others you can tag as junk and the program learns from your marking these e-mails.  If you use web based email such as Gmail, Yahoo or similar, the spam filtering is built in.  All you may have to do is tweak them a little based on simply reporting spam or reporting what was marked spam as legitimate.  I actually recommend Gmail over other email services and not use an email client such as Thunderbird or WLM.

Though the all time best way to not get spam is to prevent it from the start.

These are time tested and true ways to avoid spam. No measure is fool proof, but this is the best suggested way to go if you do not want spam.

1. Get a new email address.  Don’t make it super easy to guess.  If your name is Brian, make your e-mail briankw (middle and last initial) or bkwilliams (first and middle initials) or brian11243 (add a number of sorts to the end).  This will make it harder for a spammer to guess it by using a name generator to find you.

2. Only give your email address out to trusted friends, family and co-workers.  If you are smart, you’ll have them follow these same practices.  This way it will really help cut down on the spam factor.

3. Do not forward jokes or stupid stuff.  Though if you are addicted to this sort of email fun, then at least do yourself a favor.  Use the BCC field and not the TO field to send it out to your friends.  This will hide the other email addresses and make it so the recipients can’t see the emails you want to protect.  It will not show the other email addresses and comes as “Undisclosed Recipient”.

4. If you want to sign up for a newsletter or do some sort of online shopping or join an online community…..  Use a free webmail for this.  Such as Yahoo, Hotmail or Google Mail (Gmail).  There are a lot of free webmails you can sign up for.  Find one and use it for all your online activities that involve a 3rd party websites.  This will allow you to login periodically and remove the spam.  As well as allow you to get the content you seek.  If it’s important, you can forward that to your real email address for safe keeping.

5. If you do own your own website or want to accept e-mail from a website, DO NOT PROVIDE A LINK.  Such as mailto:fred1454@whateverdomain.com or fred1454 at whateverdomain dot com.  Bots and spiders will get you for sure.  Instead, use a form.  This will allow you to hide and encrypt your e-mail address from the bots.  I suggest to have it done in PHP or java-scripting.  Then you can have your email address called from database well away from the bots reach.  At the very least, find a way to encrypt your email address.  Talk to your web designer, they can do this for you very simply.  The use of UNICODE is helpful and there are online generators out there that can aide you in doing this.

6. If you are in fact, going to be away for an extended period of time, do not use an auto-reply or vacation response system.  Instead, use your address book to find your important contacts.  Gather them up in your BCC field (as stated in rule 3), and send them a blanket message letting them know you’ll be away and that their emails will have to wait for your return.  This way, you aren’t letting spammers fill up your inbox, or selling your email address to other spammers.

If you keep true to these practices, you will be good.  Granted, no system is fool proof.  But this will keep your spam intake down to a minimum if at all.  This practice has been in use by our team for years and has worked very well.  Just remember, if you do start getting spam, move it to a new folder using rules and DO NOT CLICK the “opt out”, or you will be certainly doomed to have to start all over.

Shortlink: