Feature

How to foil the spammers

Spam or unsolicited bulk mail costs businesses in the UK millions every year. Nevertheless, there are ways to minimise what gets through to you

Spam is the name we give to those emails that appear unsolicited in our electronic mailboxes. Some are innocuous - simply giving us information, and they may be useful. Others, especially those that come from organisations we have never heard of, drain workers time while we sift and delete them. A small minority may be very offensive, containing pornography or offering sex services.

Spam is not a new thing. Regardless of the medium, we have been receiving unsolicited mail for a long time. First came the postal mailshot, then the fax spam. The key differences are that with electronic mail solicitations (spam) we have to pay to download them and we have to pay the price (in terms of our time) of deleting them. Many of our mail clients force us to download messages before we can scan or otherwise filter them, and some users even pay for the amount of data received. This puts the bill for spam squarely on the doorstep of the recipient, rather than the spammer.

A frightening statistic, put forward by Messagenet, is their estimation that 25 million unsolicited email messages are sent everyday. This adds up to 10 per cent of Internet email. If we assume that the opening and deleting of a spam email takes around 10 seconds and the average worker receives 4 a day, then extrapolating this to cover a company with 500 users, we see that about 166 working days are lost to spam each year.

It is also much easier to send this sort of unsolicited mail than paper spam. Sending a million emails, providing you have the right software, is as easy as sending one. With fax spam, this wasn't possible (although technically, it is now possible through PC-based fax services). However, with email, as long as you have the addresses there is very little to stop you sending whatever message you like to anyone.

The laws in respect of spam vary from country to country. The United States is way ahead of us in terms of developing anti-spam laws. Mostly, legal precedence determines what action may be taken against spammers and the responsibility falls to Internet Service Providers (ISPs) to act against the culprits.

One thing is certain about spam, and that is because of the lack of regulation, there is nothing to stop false or fraudulent advertising sent by email. Fake chain letters appealing for donations have been sent as spam, as have "unbelievable" deals where you have to email your credit card number with your order. This is of course, spam, but gullible people do respond and that, coupled with the low operating costs, makes spam such a lucrative business.

The SMTP protocol might appear to have been made for spammers. It creates the ability for anyone to email anyone else with just their email address. This is fantastic for communication, but sadly, equally fantastic for the spammer. Built in a community of academics and official bodies, no one thought co-operative protocols would be a bad thing. Unfortunately, commerce took hold and the flow of unsolicited bulk mail began. There are alternatives to the SMTP protocol, but in order for these to be adopted there would have to be a global change in protocol recognition.

The network administrator is often charged with tackling the problem of unsolicited bulk mail. He or she must first try to see the root and extent of the problem. If it is just one person being continually spammed, then by providing a new email account and deleting that person's (spam filled) inbox, the problem may be resolved. However, if there is just one person or a few people suffering, it's a good idea to identify where their spammers are getting the address from.

Some employees, for reasons known only to themselves, think it a legitimate use of company time to visit chat rooms and newsgroups where they broadcast their email addresses to potentially millions of readers. Employees using usenet newsgroups who use their real email address are almost guaranteed to get spammed because these groups are regularly trawled for information. So there is a need to educate employees not to give out their email address in these areas, or to alter it so that they will not be picked up.

If the problem is more widespread, you need to consider how so many of the company's email addresses are getting into the hands of spammers. Some companies sell the email addresses they receive from orders or from their customer database.

How to fight spam

Spammers have three enemies: governments, who can legislate against them and outlaw their activities; ISPs, who may deny them service or use technology to thwart their attempts to spam; and recipients, who can filter their mail and may choose to take some form of revenge against the spammer.

There are several things individual users can do to reduce their spam intake. The first and most obvious one is to recognise the value of their email address and not release it to all and sundry. Don't put it out on mailing lists, don't give it to commercial sites that might sell it on, and don't use your real email address on usenet postings. If you send group emails to blind carbon copy, rather than carbon copy email addresses, it stops them being used by nefarious recipients.

The second, more proactive approach is to filter your mail for spam. This will probably fail to remove all of it, but will prevent at least 85 per cent of unsolicited mail getting through to your mailbox. There are two types of filters, both based on the header information (to, from, subject). These filter messages either before they arrive in your mailbox, or as they enter the mailbox.

If you use Unix, you can use procmail. This program parses each mail item before it enters your mailbox. There are also several programs on the market which enable you to scan email for spam or adult content before they arrive in your employees' in-box. One of these is e: )scan from Messagenet. This product scans inbound emails for spam and offensive contents and blocks or quarantines suspect messages. However, this product does send a notification to the sender that the email had been blocked and this can actually lead to an increase in spam. This product also slows email down, around a 15 second delay to the delivery time.

Microsoft Outlook users are forced to download mail before they can use rules to search for spam content. Most email clients have a facility to filter messages for junk or adult content. Microsoft Outlook and Outlook Express both offer a junk email service which can be set to reject, delete or assign colours to messages from certain sources or with certain content. Eudora offers a similar facility. These allow you to quickly delete or even not see messages from sources which you know send spam to you, although this does mean that you have to pay to download them first, so it is really a time, rather than a resource saver.

If you are inclined to take revenge on the spammer, a few words of advice. Don't unsubscribe and don't mail bomb. Using unsubscribe facilities can, in some cases, increase the amount of spam you receive. This is because by responding to the email address, the spammer then has proof that your email address is legitimate and that you have read the contents. This means that he or she can then sell your email address, to another company, for a higher price. In most cases, it's more effective to ignore it, or turn on your filters than to respond.

Mail bombs are attacks on presumed spammers where the recipient sends hundreds or thousands of emails (usually with a document pasted into the body to make the email substantial to download) to the supposed spammer. These can backfire horribly, especially as you may inadvertently send it to the wrong person. This is because an incorrectly set up server may allow outsiders (and thus potential spammers) to send email through it. Therefore, although it may appear that a message is from XXX@educom.ac.nz, it may actually be from someone entirely different who has just hijacked the server for the purpose of spamming.

Another problem of mail bombing - aside from it being deliberate misuse and potentially criminal - is that it can bounce back to you if the account no longer exists. Which means that you can fill up your own mailbox with spam when they are returned as user unknown.

If you do want to take action, first of all check that the spammer is actually who you think it is and then contact their ISP. Internet service providers take very seriously the problem of spam, it costs them as well as you and they should take action against it. ISPs usually have a clause built into all of their contracts forbidding users from sending spam. They may or may not include a definition of junk email, but generally mass unsolicited mailings fall into this category.

You might also consider contacting the company involved in the spam. They may not be the same people who are responsible for the spamming itself. Many companies are convinced to pay for email marketing services sent to "subscribers". These companies may believe that the recipients will be legitimate subscribers who really have an interest in their products even though the list may simply consist of a trawl of usenet.

This does not mean mail bomb the company, but do forward them the mail in its entirety, allowing them to see the impression they are giving out. These spam messages are often poorly written and there are few companies who would see this as giving anything but a negative impression of their company and services.

Some spammers do prey on poorly configured mail servers. It's remarkably easy to dial into such a server and get it to relay messages. This means that the spam that you presume is coming from one place, may actually be coming from another. The spammer hijacks the server for the purposes of sending junk email. In this case, it's worth alerting the server owner to the problem and asking them to reconfigure it more securely.

A degree of temperance is required when dealing with this. For the odd message, it's worth adding the sender to your junk email list and just deleting it. If it becomes a company wide or significant drain on time and resources, you need to tackle the problem. The largest defence is to be cautious when deciding whether or not to use your email address, particularly in public arenas. Ask your suppliers not to divulge your details outside of their organisation and return the favour.

Rachel Hodgkins


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in September 1999

 

COMMENTS powered by Disqus  //  Commenting policy