No, this isn't about the stuff in the can coming to life and attacking
you. It's about junk email. The name Spam has become the name for such
unwanted material, perhaps because of it's namesake - the undefined variable
that comes in a can and is sold in most popular grocery stores. The people
who send out spam often are people who think they're going to get rich
overnight by sending out lots and lots of copies of an advertisement for
something useless or worse, some sort of scam.
The
product "Spam" itself, is actually a food product that, from what I
hear, is quite good in chili.
You could consider the information below as an extensive tutorial and
reference guide to battling spam. If you're familiar with how most
of this stuff works and know how to dissect an email header (and would
like to skip the reading) visit the
The
Tools page, where the search forms and resources only, are
duplicated. I haven't included the links to the FTC and others for
reporting fraud, since that doesn't seem to be much of a problem (yet).
You can always come back here if you discover something of the sort...
There are nice ways and not-so-nice ways to deal with this junk. I will
detail below some of the do's and don'ts of trying to make it leave your
email inbox, and some ways to take an active stance against junk email.
As for the stuff that may still be haunting your kitchen cabinets, well,
that's up to you.
Dont's:
-
Don't ever use the reply button,
or address a message to the spammer to attempt to communicate with them.
First of all, this tells the spammer that you looked at the junk mail,
and invites them to send you more. Second, you may end up on a dozen
more lists the next day. Also, they probably faked the name into
the From: field of the message, which would become your To:
address if you hit reply. Your message may go nowhere, or it may
go to an actual address of some unwitting soul who has no idea that his
name is being put on junk mail. Often, less than respectable spammers
will hack into an unprotected system and either make up a user name or
grab one from the system and use this as a faked sender's email name.
I was amused for a very short time at work to discover at least two pieces
of spam that were supposedly sent from inside our own system, from our
postmaster. I'm sure our system administrators were even less impressed...
-
Also, Don't look through the message and find some line that goes something
like, "To be removed from this mailing list, please send email to <some
email address> with the word 'remove' in the subject line". The junk
mailer will again see this as a sign that you took the time to read through
the spam, with the same results as above: you'll get more.
-
Don't visit the spammer's web site
unless you feel you have a genuine need to. Often, there are web
site links in the spam that offer you an invitation to visit the spammer's
site. This isn't so much of a "don't ever", but rather a "do at your
own risk" type of don't...
-
The very crafty of the spammers will have web pages written with
java, cgi, or activeX controls in them that are capable of extracting information
from your web browser and sometimes your hard drive. This information
can include your true user name, your email address, and other types of
personal information that may be available from your browser preferences
settings, or other documents on your computer.
-
The link may send your browser to something controversial, (such as a pornographic
or terrorist web site for example), and your company may have some policies
regarding this type of stuff in the workplace...
-
Don't set up an automated message to be sent out
as a reply to anyone who sends you email while you're on vacation
or away from the office (or home) for a while. These same messages
will be sent to any spammers who contact you, as a reply to their junk
mail. At the spammer's end, they don't care what the body of your
message might be; most of them use automated address collection software
that will simply grab your email address from your message and discard
the rest without a human eye ever seeing your polite message about being
back in the office in a week. Then, your email address is considered
spammable, as above.
-
Don't add your email address to an "opt-out" list.
Sometimes at the bottom of a piece of spam you'll notice a link to a site
that supposedly will take your email address and remove it from some spam
database somewhere. Don't put your name on these lists, don't even
go to the site. Most spammers who use this tactic are actually gathering
names of the naive to confirm that the email addresses they sent their
garbage to are real, so you'll actually end up getting more spam, the volume
of which will probably increase by an exponential amount. Also, see
the bullet above about how a web site can gather data from your web browser
simply by you visiting the site.
Do's
-
If it looks like a scam, notify the Federal Trade
Commission. The
FTC
has an interest in shutting down spammers who are trying to use the internet
to conduct pyramid schemes, illegal gambling and other activity that would
be unlawful outside of the internet. If you think that you've received
junk email of this type, don't hesitate to send the entire message, including
headers (see below for how to get the full headers of your email), to an
FTC email address specifically set up for this type of complaint, at uce@ftc.gov.
You can also visit the National Fraud Information
Service (a project of the National Consumers League) and report
it there using their form. The NFIS can take a potentially fraudulent
piece of email and direct it to the appropriate agency after a bit of investigation
on their part. Another good site to pay a visit to is the US
Consumer Gateway, where they maintain a Scam Alert (bottom
of their front page) to let the public know what kinds of dirty tricks
are being played on them currently. Note that not only are these
organizations trying to do something about illegal spam, they can also
investigate fraudulent telephone and regular postal mail solicitations.
-
Do use filters in your email package,
if your software supports them, to try and route spam to a separate folder
for later processing. Microsoft Outlook calls them 'rules'.
Whatever they're called, a good filtering system checks everything in every
email message for possible spam keywords and phrases, including all the
usual email header information such as the From:, To: and
Subject:
lines, as well as the body of the email itself. The filter then automatically
processes the email in some way, such as routing it to a spam collection
folder. The only way to develop a really good set of filters is,
unfortunately, to read your junk mail for a while and try to determine
what common phrases and punctuation are used by spammers. It takes
time, it's annoying to have to scan junk mail, but it's worth it once your
filters start doing a decent job of separating your useful email from the
trash.
-
To get you started, some of the more common phrases I've seen include,
"make money fast", "free vacation", "you've got to see
this", "XXX", "live nude girls" (I suppose this would
be better advertising than "dead nude girls"), "send email to",
"18 or over" and "!!!" (three exclamation points).
After a while, you'll have a large collection of spam filters that will
slowly begin paying for the effort you put into creating them.
-
You don't want to automatically send the spam to the trash folder, since
something important might get caught by a filter and you would miss it.
For example, my boss' secretary sometimes sends out messages with the "!!!"
(three exclamation point) keyword in them. You should send the suspect
messages to a separate folder first for review, just to make sure you don't
trash your bosses email (unless that's what you want to do).
-
The filters allow you to keep your inbox mostly clear of junk so you only
see the important stuff, and at the end of the day, you can go and check
out the junk quickly in your spam collection folder and delete it all at
once if all the senders all appear to be spammers.
-
You can also filter your mail by the address of the sender. I only
know of one person who uses AOL as their ISP for example, and I know of
nobody who uses the Hotmail system at all, but I get at least a dozen pieces
of junk mail at work from various AOL and Hotmail accounts each week.
Because of this, I've set up filters to check the From: fields of
all my email for aol.com (and aol.net, aol.org) as well as the variants
of hotmail.com and others, to route them to a "domain spam" collecting
folder. I look very quickly at the addresses to see if my friend's
name is in any of them, and if not, all of these email messages are toast
within five seconds. By the way, AOL and Hotmail have policies about
their users sending out spam - they won't tolerate it - and have special
email addresses you can write to, to inform them that one of their users,
or someone impersonating one, is violating their anti-spam policies.
More about this below.
Obtaining the complete email header:
At present, I only use two email packages, and can't offer advice for
obtaining the complete routing information for other packages. Most
of the packages have some method or other for obtaining the required information,
and it's probably not too hard to find. This is how you would go
about obtaining the complete email message including the header and routing
information for the Netscape email package and Microsoft Outlook's email
section:
-
Netscape: While viewing the email message, select "View" from
the main menu, and then "Page Source". This will show you the entire
email message, including all of the routing information from the originator
to you. For email complaint purposes, first begin composing your
message then copy this entire window and paste this into your complaint
message, below your complaint.
-
Microsoft Outlook 97: While viewing the email message, select
the "Options" folder tab at the top of the message frame. This will
show you just the routing information of the message. For email complaint
purposes, first begin composing your message, then copy and paste this
routing information, then switch back to the message window and copy the
message and paste it in below the routing information.
-
Microsoft Outlook 2000: While viewing the email message, select
the menu item "View", then "Options", then do as above for '97.
-
Microsoft Outlook Express (Win98/IE5 version): While viewing
the email message, select the menu item "File", then "Properties".
When the dialog box pops up, select the "Details" tab which will show you
the header information only, then select the "Message Source" button which
will show you the entire email message including headers and body as would
be seen in the Netscape instructions, above.
-
Do visit the spam.abuse.netweb
site to see about more ways of curbing the ooze of spam through
the internet. Among the resources there are:
-
Do visit the Consumer.Net
site to see even more information regarding spam stoping, and
also some information on stopping the predecessors to spam: Namely
junk mail delivered by the US Postal Service and those ever-annoying telephone
salespeople. Their primary objective is the monitoring of direct
marketers and the campaign for consumer privacy. Among their resources:
-
Consumer.Net operates cyberpromo.org
- No, this isn't the infamous Cyber Promotions mass junk mailer which is
operated by Sanford Wallace (see Additional Resources, below), but rather
a site where the ongoing battle against spam through the courts and the
media is being chronicled. Also on this page are a number of various
other items and tools related to stopping spam.
-
Privacy.net will analyze
your connection to the net in an attempt to see what information can be
gathered from your browser. Follow their instructions once you get
there.
-
I've created interfaces into Consumer.Net's Network-Tools.com
search engines below for the hunting of spammers...
The next page
has an example of how to dissect the header of an email message to determine
where the spam came from, and how to use this information to complain to
the spammer's ISP.
|
This page last updated May 22, 2000 |
 |
