MHRIC Logo

Spam: What Is It and What To Do About It

Updates at end of article!

What is it?

Spam is unsolicited bulk e-mail, including commercial solicitations, advertisements, chain letters, pyramid schemes, and fraudulent offers. If you've received email, you've probably received spam. Spam is not merely annoying: it is also a serious drain on the resources of ISPs (Internet Service Provider), other organizations, and Internet users.

Once you are on a spammer's list, it is very difficult to be removed. Because many of these lists are sold, it could be years before your email address is removed!

Where did it come from?

Things aren't always what they seem! Many times, email didn't come from where the return address shows. The most important tactic is to examine your full message header to determine where the message really came from. The "From:" header that is commonly shown in basic message header displays can be easily faked! It is harder to fake the complete message header, which can provide useful information about the message.

What you can do:

  • Don't reply to spam messages. Replying confirms that your email is valid, and will probably result in your getting more spam.
  • Assume mail from Unknown Senders is Spam! Delete it.
  • Don't fall for their Click here to opt-out (or sign-out) tactic which will actually confirm that you exist!
  • Don't spread spam.
  • Don't reply to spam.
  • Don't Use your primary email address to sign up for anything.
  • Ignore delivery failures of messages you did not send.
  • Don't put your email address on Web pages. Email collection programs (scrapers) harvest addresses from Web sites. There are programs called "obfuscators" to hide your email address with special code.
  • Don't post on Newsgroups.
  • Don't hesitate to use the delete key. The most reliable way to rid yourself of spam is simply to delete it.
  • Some email programs will allow you to set up rules to filter out junk mail.
  • You can try reporting it to the originating ISP (provider). Make sure you check out the complete message header so you know the correct originating ISP.
  • Stay away from greeting cards sites that collect your name from a friend of yours and then keep it or sell it to spammers.
  • You can't do anything about gussing: if there is a foo at example.com maybe there is another foo at whitehouse.gov The next step is to verify the address usually in one of two ways, either SMTP verify a mail command that will check to see if the recipient is actually ok with the mail server or perhaps a blank or innocuous message from no one you know to see if your address 'bounces.'
  • Harvesters craftily create a website that actually is not http but anonymous ftp. A lot of browsers would send your email address as the password for anonymous ftp (long ago courtesy in the early days of BBS). Making a worm which emails them with your (or friends) email addressbook, even a chain letter can be used for this purpose.
  • Many sites, when the dot-bomb implosion hit, realized a list of email address was an asset to be sold. The people buying didn't care if you only opted in one site they had your address used it and probably sold it off again.
  • Move to Virginia. They have one of the toughest anti-spam legislation of any state so far, imposing harsh felony penalties on spammers. European countries are also working together to effect harsh anti-spam laws.

Resources for more information:

  • www.cauce.org -- Coalition Against Unsolicited Commercial Email (CAUCE), one of the organizations dedicated to fighting Spam. Includes information on Spam and how to prevent it.
  • www.mail-abuse.org -- Mail Abuse Prevention System, a non-profit organization whose mission is to defend the Internet against spammers. Take a look at their Realtime Blackhole List (RBL) information
  • www.efuse.com/Grow/postage_due.html -- Spam and the damage it causes
  • www.spamhaus.org/ -- The Spamhaus Block List (SBL) is a free realtime DNS-based database of IP addresses of verified spam sources.

An excellent article for further reading is from the Center for Democracy and Technology: www.cdt.org/speech/spam/030319spamreport.shtm

Another great site is Spam Primer: www.spamprimer.com/

And another from PC World: Spam Watch: www.pcworld.com/resource/spamwatch/0,tk,cax,00.asp

Last updated: February 3, 2006

 

For more information or help, contact your local Help Desk.
Print this Page

 

These pages ©1996-2006 Mid-Hudson Regional Information Center.
All rights reserved.
Webmaster, webmaster@mhric.org