|
FAQ
OK, I just got spammed. Now what?
But I only got one copy. How do I know it was
really sent in bulk and therefore spam?
What are these "headers" you?
What follows are instructions for viewing
headers with some of the more popular mail clients
|
1- OK, I just got spammed. Now what?
|
First, please make
sure that it is indeed spam and that you didn't subscribe
yourself to a list and ended up forgetting about it. This is
more common than you might think -- ever fill out one of those
web forms and forget to check whether the "Send me Info" box was
checked or unchecked? It's usually set on by default.
Also make certain that it's not from someone you met or
corresponded with briefly, and have since forgotten. (It's
happened to me!)
Here's a list of things to look for:
- Forged headers.
- Sent from a throwaway account. Common ISP's that supply
throwaway account include CompuServe, Prodigy, and Netcom.
- Relayed through a third-party mail server.
- Promotes a webpage on another site.
- Directs replies to an e-mail address on another system.
Common examples include AOL and hotmail accounts.
If you're certain it's spam, continue on! [TOP]
|
|
2-But I only got one copy. How do I know
it was really sent in bulk and therefore spam? |
You don't. To
elaborate, you don't need to. If it looks like spam and smells
like it (be sure to check the headers for signs of forgery),
it's best to complain to the ISPs involved and let them make
that determination. If yours is the only complaint they have
received, then perhaps it wasn't a spam at all. If however the
ISP receives hundreds of complaints, they can then conclude that
their client did spam and take appropriate action against them.
[TOP]
|
|
3-What are these "headers" you?
|
|
An e-mail message is divided into two parts, the
headers and the body. The headers contain all the technical
information, such as who the sender and recipient are, and what
systems it has passed through. The body contains the actual
message text. The headers and body are separated by a blank
line. In some mail programs, the headers are shown separately. [TOP]
|
|
4-What follows are instructions for viewing headers with some
of the more popular mail clients: |
|
Elm,
Pine, and Mutt
Press "h" from the message selection
menu to view the full headers of the currently selected message.
Eudora
Open the message. Under the title bar
are four options. The second from the left is a box which says
"Blah, Blah, Blah." Click on that to display the full headers.
Hotmail
Go into "Options", "Preferences", and
choose "Message headers". You'll want to choose the "Full"
option to display Received: headers. "Advanced" will display
that as well as MIME headers.
Do note, however, that sometimes
Hotmail has to press some previous generation mailservers into
service, and messages sent through those mailservers won't show
any headers no matter what.
Lotus
Notes 4.6.x
Open the offending mail. Click on
"Actions", then "Delivery information". Cut and paste the text
from the bottom box, marked "Delivery information:".
Netscape
Mail
Choose "OPTIONS" from the options menu
bar. Listed as an option is "Show Headers". Choose full headers.
Outlook
Express
Open the message. Choose "File" from
the options menu bar. Listed as an option is "properties".
Another window will open, showing two tabs. You want to choose
the one titled "Details". Then cut and paste the headers into
the message you want to forward.
Outlook
2000
Double click on the message to open
itup, click on "View --> Options", and you will see the message
headers in a box at the bottom of the window. You can copy/paste
them from that window.
Pegasus
Choose "READER" from the options menu
bar. Listed as an option is: "Show all Headers". This does not
work for HTML messages, however. A workaround is to select the
message properties, and de-selecting "Contains HTML data".
[TOP]
|
Learn More...
1.Guard your in-box.
Don't give out your e-mail address to anyone but the people you actually
expect to correspond with. For dealing with everyone else, see tips 2
through 4.
2. Use free Web mail accounts.
For merchants and legit others you don't correspond with regularly, use
Web mail, such as Hotmail's or Yahoo!'s. You can abandon it if it gets
spammed. Many have spam filtering built in.
3. Use a disposable e-mail
address. Disposable e-mail addresses are great in-box
insulators. Give them out in place of your real address, which remains
hidden. You can always dispose of the address if it gets spammed.
4. Use fake addresses.
Most Web-based sign-up forms require an e-mail address, but ask
yourself, do they really need it? If you don't want to hear from the
site (and don't need a confirmation e-mail or tech support), don't give
a real address.
5. Don't post your address.
Resist the impulse to post it on Web sites, guest books, contact
lists, newsgroups, chat rooms, and so on; spammers harvest from these
places. If you absolutely must reveal yourself, use a Web-mail account
or a DEA. You can also put something extra in your e-mail that humans
will know how to read but harvesting robots won't: sean@pretend.com
could become sean AT pretend DOT com.
6. Don't answer spam. Ever.
You won't stop spam by writing to the spammers, even if you ask nicely.
At best, you'll flame a robot, which won't mind. At worst, you'll
confirm that your e-mail address belongs to a naive human being—a
valuable commodity for spammers. Ignore the "remove me" e-mail
addresses, too. Many of these lead to dead or inactive e-mail addresses.
7. Opt out. When
you do sign up for or buy something online and you have to give out an
e-mail address, remember to opt out of everything you're not absolutely
sure you want to receive.
8. Read the privacy policy.
Make sure you understand what a Web site promises to do (and not to do)
with your e-mail address. If there's no privacy policy, see tips 2
through 4.
9. Use a spam filter.
Even if you follow tips 1 through 8, you're going to get spam. If you
get more than you can handle, try one of the products we reviewed in
this roundup.
A variety of techniques can be used to attempt to identify
SPAM, and these techniques become more sophisticated all the time. (Of
course, so do the attempts of spammers to circumvent them.) Some of the
most common techniques include, in rough order of complexity:
Blacklists - blocking mail from certain senders, or sent
via specific ip addresses. ("Don't accept any email from
sam@spammer.com, or any other name on this list.")
Whitelists - similar methods as with blacklists, but
instead used to allow mail to bypass any other spam identification
methods being used and thus to be received. ("Deliver mail sent from my
father no matter how much it may look like SPAM. The man does love his
forwarded jokes, but he is my Dad, after all.")
Real Time Blacklists (RBL) - use of automated system to
reject or mark mail that comes from ip addresses or domains that have
been added to a blacklist due to reports of spam distribution or open
relay problems.
More information can be found here
Content Analysis - include pattern matching, spam
definitions, heuristics; often use scoring techniques
"Bayesian" Analysis - identifying spam based on
statistical analysis; characteristics of SPAM vs. HAM are learned from
existing mail categorized by user and then applied to new incoming mail
(further "learning" can take place in an ongoing fashion.)
All of these approaches have their own strengths and
weaknesses. For example, blacklists are perhaps most effective in saving
system resources related to processing spam in that traffic from certain
sites is simply blocked, but they are likely to yield a poor overall hit
rate, with high false positives. Alternately, user customized
application of rules derived from Bayesian analysis may be most accurate
method, but may not be scalable or easy to support for a large number of
users. These methods are often used in varying combinations by spam
filtering products. [TOP]
Spam Do’s
and Don’ts:
Never respond to a spam e-mail. For a spammer, one "hit" among
thousands of mailings is enough to justify the practice. Instead, if you
want a product that is advertised in a spam e-mail, go to a website that
also carries the product, inquire there, and tell them you do not
approve of spam methods and will not patronise a company that uses
spammers.
Never respond to the spam e-mail's instructions to reply with
the word "remove." This is just a trick to get you to react to the
e-mail - it alerts the sender that a human is at your address, which
greatly increases its value. If you reply, your address is placed on
more lists and you receive more spam.
Never mail-bomb spam sites or engage in hacking to stop
spammers. This only increases the amount of wasted Internet traffic,
creates sympathy for spammers, and makes the Internet even less reliable
than it already is. [TOP]
|
Support
