How to protect from spam?
Are you sick with spam and do you want to protect your box from unwanted mail?
Do you want to understand where does it come from and how to fight with it?
With this article you will learn the following:
- where does spam come from
- where do spammers have got your e-mail address from
- how to protect your e-mail address
- how to reduce the quantity of the received spam
Where does spam come from?
Majority of spam information comes from the United States (over 25%). The other two countries on this disputable podium take South Korean and China.
International spam is made of advertisements of products and services offered by suppliers who do not care for their image. They use scale effect – sending millions of advertising mails in deep belief that there will always be someone who will decide to buy.
Credit offers, fakes of mark products, medicines, means against erection disorder and those against overweight.
Spam comes from firms, which do not have the awareness of illegal character of such actions and negative influence of spamming on the perception of their marks.
What are the legal regulations?
In 2003 President George W. Bush signed CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and Marketing Act).
In the European Union the question of spam is regulated by Directive 2000/31 issued on June 8 2000 on electronic trade. According to it is forbidden to send unordered trade information directed to a given receiver by electronic means, especially per electronic mail.
Some spammers try to avoid the regulations and send information in the form of a question – asking for consent to send trade information. Theoretically, such activity is allowed – but on condition that such a question does not contain trade offer. Sending unordered trade offers is law violation and can be prosecuted in individual way (as misdemeanor or individual goods violation) as well as under the charge of violation of collective consumer interests.
Local legal system – of course and unfortunately – does not refer to foreign senders. They are obliged by law appropriate of the seat – its localization is very difficult or even impossible to trace.
Majority of spam is send over by the so-called “botnets” – i.e. big networks connecting “zombie” computers. These are computers and servers the remote control of which was taken over. Mails are there by mail servers type OpenRelay, i.e. those, which do not verify identity of the senders.
More information about legal regulations concerning spam: http://www.spamlaws.com/
Where to report cases of spam?
Spam is forbidden by law, i.e. its cases can be reported directly to the police. Less drastic means is sending spam example (with full heading) to the Internet service provider to the address [email protected] We mean here not the mail service provider, but the firm, where the www site advertised in spammed news is hosted.
In 1998 the international enterprise was established, the purpose of which is reporting and fighting spam – spamcop.net. Information suspected of spam can be sent to the website http://www.spamcop.net/ can – they will be automatically scanned and then announcement will be sent to the address of an appropriate administrator. Using the service requires registration. Attention: all announcements are sent further in the name of the original sender – that is – ours.
Where do spammers get my e-mail address from?
Small spam senders – i.e. firms, which are not aware of the consequences – most often buy (or get in some other way) bases of certain firms. Thus, they know general contact addresses of firms – rarely individual persons. In general – there are small chances for them to get our private address. International mass senders pose a much bigger problem. They need a huge number of addresses, so they use special software to get the addresses. Harvester is software, which surfs on Internet sites and searches among the content with regard to e-mail addresses. If we publish our address anywhere – in the section “contact” of the www site, on a blog or in the signature on the Internet forum. Sooner or later a harvester will find this site and add our address to the spam base. The longer our address is on the site, the more harvesters may scan it – it means that the probability of getting spam from a bigger number of sources grows.
Luckily, there are effective methods of protecting e-mail addresses from harvesters – this will be discussed later.
Another way of getting addresses – even more aggressive – is using computer viruses and the s- called “Trojan horses”
On infected computer no e-mail address is safe – all addresses from contact book and information gathered on the disc are caught.
Spammers also used the so-called “vocabulary method” – which means that when they know the Internet domain they automatically add various prefixes – most often names and popular family names.
If the spammer has in its basis the domain “domena.com” and your address is [email protected] the probability of finding your address in its basis is quite big.
Another source of unwanted information is found on websites created by spammers themselves. Most often they offer folders to draw (including illegal ones) – but they need registration. When we register we give our e-mail address and accept regulations, and practically we never read it. Yet, the regulations give to website owner the right to send us advertisements in flood – as well as to make our address accessible to other senders! This time such information cannot be even called spam – because we expressed our consent to getting them.
How to protect the e-mail address?
Spammers have their own techniques, but – luckily – there are also techniques, which will help to prevent intercepting your e-mail address.
1. Non – typical username.
When we open mail account it is good to think over, what should be the prefix – that is name of user before “@”. In the case of earlier mentioned vocabulary attacks, prefix “adam” or “adamw” will guarantee a place in the spammer’s basis.
The use of full name in combination with surname or its first letter should be sufficient.
2. Avoid publishing.
The fundamental principle we have to observe, in order not to get to spammers’ bases, is avoiding publishing the e-mail address in open form (text). If the address appears on any www site – whether blog, discussion forum or announcement service – most probably, sooner or later, it will be scanned and intercepted.
What to do, if there is a need of making e-mail contact with us possible?
The answer is in the next point.
3. Hiding address
We do not always have the possibility of placing contact form instead of giving e-mail address on the site. Such a possibility exists on www sites we administer on our own. What should we do in all other cases?
Sometimes we shall find e-mail addresses given in the following form:
[email protected]. This operation is based on the assumption that some will reflect and delete what is needed from the address – and robot will not reflect. Unfortunately, the most recent harvesters can do this. They have the list of the most popular notes and simply delete them automatically.
Encoding is another non-working way – it involves writing address with the use of numerical values of individual signs, ex.:
Do not worry – there is a way, which is still effective and shall not cease to be one in the nearest future. Publishing e-mail address in graphic form. That is – instead of giving address in open text, we publish a small folder GIF, on which human being will see it, but robot will ignore it.
There is a technology called OCR – Optical Character Recognition – which allows automatically read text from graphics. But its possible use in spammer work would drastically slow down its activity. Scanning OCR is time- and money- consuming – and the robot would have to scan all graphic elements from every page!
4. Disposable email addresses.
In order to get access to various resources and information we still have to be registered somewhere. We should not use for this purpose the address of our basic e-mail box. Many users create additional mail account – only to register on websites, forums, etc.
But such an account – sooner or later – will also be clogged up by spam and finding information with registration confirmation will not be easy.
The best solution is to have one-time addresses/ temporary aliases. Addresses, which send mail to our genuine address and can also be turned off. We can use them without fear even in the most suspected sites.
5. Electronic mail hygiene
There are several principles according to which we should use electronic mail. They decrease probability of our address (and addresses of our friends) fall prey to spammers.
When sending mail to many receivers do not write all e-mail addresses in the field “To” or “CC”. If one computer of one of the receivers is infected with Trojan horse, all addresses from the list will fall to the spammer base. Instead of that, write your address in the field “To” and the remaining receivers should be placed in the field “BCC”. It is also good to consider application of the software to e-mail marketing sending group messages in the form of separate message to all users.
Turn off supposed message display in the form of HTML, Java Script and do not write off from those lists you were not written into. Spammers have to verify their bases from time to time and check hits in case of vocabulary method. HTML messages sent by them include code, which in the moment of display of the e-mail text sends information to their server that a given receiver is active. On the other hand, clicking on the link writing off from the list, where you were never written into, acts adversely than we would expect.
How to decrease the number of received spam?
Protection of the e-mail address from scanning is almost entirely effective in case of entirely new accounts.
In case of addresses used for some time, apart from avoiding intercepting by other spammers, fighting senders who have got your address in the basis is important.
The first line of defense is your mail server. If you have a good provider of Internet services, a huge number of spam is rejected on this level and you even do not know about it. Good servers use “blacklists” (reject all messages from sources placed on international black lists), “whitelists” (accepting mails from trusted sources) and “greylists” (rejecting first messages from unknown servers and accepting repetitions spammer websites do not do).
Apart from lists, on good server there is an antispam filter, which analyses headings and content of every message. One of the best known and the most effective server filters is http://spamassassin.apache.org/.
Ask administrator of your mail server if he/she uses it.
For every suspected element the filter ascribes to the message negative points. After crossing a given barrier the message is marked as spam – or even deleted immediately. Exemplary suspected elements: domain of the sender not compatible with the domain of the sending server, words related to medicaments for potency, weak ratio of text to the number of links in the message.
Mail filtered by the server tool can be also treated with your own filter – installed in your computer, as a plug in the mail software. Unwanted messages will be drawn from the server, but your filter will delete them and you will not see them – and it is your time, which should be spared.
Not many of you know how complicated are mechanisms filtering electronic mail. They contain genuine artificial intelligence in them – they not only use complicated algorithms, but they can also learn!
Unfortunately, filters are sometimes too restrictive. If you use Outlook in version at least 2003, it happened most probably quite often that a message unjustly fell to folder “Messages-wastes”. It must have contained something suspected.:)
A very effective, and tiresome for others, are solutions type challenge/response. They work in such a way that when you received them for the first time form a given sender, it is in quarantine and the sender is given reply in which there is information what is to be done to make the message reach the receiver. Most often it is enough to click the link, sometimes the text from the picture has to be written (the so-called captcha). The sender once authorized is added to the white list and will not have to go through the whole procedure. Of course, you can add all your friends to the white list. Then, only unknown/new senders will have to confirm that they are human beings and not robots.
How to cause damage to spammers?
Many users in reaction to spam reply to the sender with an outburst of anger. This action, however, is senseless and even harmful. Majority of spammers do not give genuine e-mail address, where to write back. And even if such address exists, it is served by a robot, which checks copied messages. Harmfulness comes from the fact that we multiply the load of the international network by doubling the negative effect of a given message.
Apart from the earlier described possibility of announcing spam cases, there is a way how to do damage to spammers – or at least make their functioning more difficult. If you administer your own www site or blog get to http://www.spampoison.com/ and use the code generated there.
Spammer robot, which gets there (ex.: with the help of your link) will find a huge number of generated non-existing e-mail addresses and will certainly add them to its base. Its infrastructure, while sending spam, will have very difficult moments when it gets back thousands of returns in a short time.
Is spam only electronic mail?
Unfortunately, unordered advertisement in Internet is not only e-mail spam. Blatant advertisements appear in Internet communiqués – in the form of ordinary messages. Communication spam has even its own name – SPIM.
Also vocal spam appeared – SPIT. It involves Internet telephones (VoIP) to display unordered advertisements to the users.
Spam is also certain activity from the group Black Hat SEO – that is unlawful practices, which aim at achieving the highest position in search results. They involve creating (often automated) big number of www sites of high content value and containing many links leading to other sites.