Hack59.Slam That Spam

Hack 59. Slam That Spam

You don't have to be bedeviled by unwanted mail. Use this hack to kill as much as 90% (or much more, in my case) of your spam.

People who have certain body parts they'd like enlarged, who expect Nigerian strangers to shower several million dollars upon them, who favor spending boatloads of money for semiworthless goods, and who enjoy vile, pornographic come-ons littering their email box love spam.

Everyone else, like you and I, hate the stuff.

While there's no foolproof way of stopping all the spam that makes its way into your mailbox, I've found ways to block at least 90% of what I don't want headed my way. To get such an effective blocking rate, you'll need to use downloadable software; the antispam features built into Outlook and Outlook Express simply don't cut it. (However, if you're bent on trying to use Outlook and Outlook Express's antispam features, head to the end of this hack to learn how.)

You can use two primary kinds of software to block spam. One type sits between your email program and the mail servers where you pick up your email. It checks your mail, marks email that it considers spam, and then (depending on the program) lets you handle that spam in a variety of ways, such as automatically deleting it, letting you manually delete it, or marking it in a way that will alert your normal email program that it's spamand letting the email program filter or kill the spam. In all cases, you'll be able to read the messages before they're deleted, if you want.

The other type of software integrates directly into Outlook or another email program and kills spam from directly within the program. I favor this kind because it's a simpler, one-step process. But I've used both types, and both work well.

For the kind of spam killer that sits between your email program and your mail server, I suggest the free program MailWasher (http://www.pcworld.com/downloads/file_description/0,fid,20000,00.asp). It imports your existing email server account settings so that you don't have to set them up from scratch, and it lets you read and preview messages before deleting spam. I especially like its bounced mail feature; it will send a false "address not found" message to the sender so that it will appear as though your email address doesn't exist. While not all spammers bother to clean up their lists of addresses, this could lead to less spam ultimately coming into your mailbox. As with most spam killers, you can add addresses to a list of known spammers, though spammers so frequently spoof their addresses that this might not be of much help. You can also create filters with specified words or groups of words that MailWasher will look for in email, and if it finds them it will consider the message spam.

A more powerful, for-pay version of the program is available for $37 from http://mailwasher.net. Its primary benefit is that it will check multiple email accounts for spam; the free version will check only one. If you need to check only a single account, stay with the free version.

One of the tricks spammers use is to target a site and send a dictionary attack to many potential email accounts on a server. They will send to "bob," "nancy," etc., as well as to "asmith," "bsmith," "csmith," etc. Most of the emails will bounce, but the spammer doesn't care. He encodes the email in HTML with an embedded <IMG> tag. The tag has information encoded within it to uniquely identify the valid email addresses. For example, say cjones@mycompany.com gets an email in HTML format. Inside the email is:

<img src=83.48.123.74/img/jojo_jpg_cjones_mycompany_com.jpg>

The web server at 83.48.123.74 will load the image named jojo.jpg to an email in cjones' email program. When the user sees the advertisement for herbal Viagra or whatever, she will delete it. However, the damage has already been done. The spammer knows cjones@mycompany.com exists because he knows the image was downloaded. Soon the user cjones will be getting more than just offers for herbal Viagra.

One way to prevent this type of attack is to turn off displaying HTML or displaying graphics in emails. In Outlook 2003, displaying graphics is turned off by default. Instead of a graphic, you'll see an X for each graphic. To view the graphic, you have to right-click the X and choose Download Pictures. If you're receiving email from a spammer, obviously you don't want to view the graphic.

If, for some reason, Outlook 2003 is displaying graphics in your email, you can easily tell it to stop. Choose Tools Options Security and in the Download Pictures area, click Change Automatic Download Settings. The screen shown in Figure 6-1 appears.

Figure 6-1. Blocking graphics being displayed in Outlook 2003

Check the box next to "Don't download pictures or other content automatically in HTML e-mail." If you want to automatically display pictures from people on your Safe Senders and Safe Recipients lists (see details later in this hack), check the appropriate boxes. You should also check the box next to "Warn me before downloading content when editing, forwarding, or replying to email." You should check this box because when you forward, edit, or reply to an email, Outlook will display and include the graphic, unless you tell it not to when you're warned. Checking this box tells Outlook to warn you first.

Unfortunately, there's no direct way to do this in Outlook if you have a version earlier than 2003, but there's a hack that will do the trick for you. When you're in your Inbox, turn off Outlook's Preview Pane by choosing View Preview Pane. (To restore the pane, choose View Preview Pane again.) HTML email will grab pictures from web servers only when you've opened the mail or viewed it in the Preview Pane, so all you have to do is delete spam without opening itby using spam killers as outlined earlier in this hackand you'll be safe. In Outlook Express, you can do the same thing by choosing View Layout and unchecking the box next to "Show preview pane."

If you use Outlook 2002 with at least Service Pack 1 installed, you can use a Registry hack to turn off the display of HTML. Close Outlook. Then run the Registry Editor [Hack #83] and go to HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Options\Mail. Create a new DWORD value whose name is ReadAsPlain. Double-click the new value to open it. In the Value Data box, type 1, and then click OK. Open Outlook and notice that any new unsigned emails are read as plain text, not HTML.

In Eudora, this is done by selecting Tools Options Display and then unchecking "Automatically download HTML graphics" (this turns off the display of HTML email); by selecting Tools Options Display and unchecking "Allow executables in HTML content"; and by selecting Tools Options Styled Text and checking "Send plain text only" (this turns off the sending of HTML email, which is just a polite thing to do).

6.2.1. Peer-to-Peer Technology Fights Spam

I've tried quite a few Outlook add-in spam killers, and my favorite is SafetyBar (http://www.cloudmark.com). I've found that it blocks well over 95% of the spam I receive. It uses peer-to-peer technology to gather the collective intelligence of thousands of other email users to fight spam. When you install it, it creates a Spam folder in Outlook and routes any spam into that folder, where you can review it and then delete it. If you get spam that isn't automatically routed to the folder, you can mark it as spam. Not only is the mail then sent to the Spam folder, but also, SafetyBar servers are told you consider that piece of mail spam. That information goes into a database, along with similar information from hundreds of thousands of other people who use the program. A variety of algorithms are used to determine what is spam and what isn't, and that's what ultimately blocks spam on everyone's system. It uses collective intelligence, which might be the ultimate spam killer.

You can also block and unblock messages as spam, so if mail is accidentally marked as spam it won't be blocked in the future. I've used the program for more than six months, and I've found it increases in effectiveness over time. By now, I estimate that it blocks more than 95% of spam, though that changes on a daily basis.

SafetyBar runs as a small toolbar in Outlook, as shown in Figure 6-2. (It runs as a toolbar in Outlook Express as well.) A nice little touch is the message bar that tells you how much spam the program has blocked, how much time it's saved you, or how much spam it's blocked in a day. Depending on my mood, when I see the total amount of spam it's blocked I'm either depressed that there's so much spam in the world or pleased at how much spam I've been able to avoid.

Figure 6-2. SafetyBar running on the Outlook toolbar

SafetyBar costs $39.95 for a one-year subscription. Admittedly, that's a hefty price for a spam killer, considering that others are available for free. But if you get enough spam, you might consider it worth the money.

One of the more intriguing features of SafetyBar is that it keeps a running count of all the emails you've received and what percentage is spam. It shows that more than half of all the mail I receive is spam. As of this writing, I've received 149,465 emails while using SafetyBar, and 84,622 of them were spam.

6.2.2. Slam Spam Before It Starts

The best way to fight spam is to make sure it never gets sent to your email box in the first place. So, how do you end up on spam lists? There are many ways, but the most common, according to a comprehensive study done by the Center for Democracy & Technology, is that your email address is harvested by spammers who use programs to automatically scan web pages and gather email addresses from them. Those addresses are then sold to other spammers, so you could end up on dozens of lists.

You might need to have your email address on a public web site for many reasons, so removing your address from sites might not be an option. However, there are ways to hide your address from spammers, even when it's in plain view.

One way used to be to spell out your email addressfor example, post "preston at gralla dot com" instead of preston@gralla.com. Automated harvesting programs won't be able to grab your address that way.

At least you used to be able to use that trick. Some spammers have figured it out by now. My new favorite trick is to use a bit of inline JavaScript to generate my email address at page load time. Harvester bots see a <script> tag, but users see bob@bob.com.

<script type="text/javascript" language="javascript"> <!--     {     document.write(String. fromCharCode(60,97,32,104,114,101,102,61,34,109,97,105,108,116,111,58,98,111 ,98,64,98,111,98,46,99,111,109,34,62,98,111,98,64,98,111,98,46,99,111,109,60 ,47,97,62))      } //--> </script> <noscript> <a href = "mailto:%62%6F%62%40%62%6F%62%2E%63%6F%6D">email me</a>  </noscript>

I got the JavaScript generator from http://www.u.arizona.edu/~trw/spam/spam.htm. You feed it your email address, and it generates the JavaScript.

Another solution is to use HTML characters for your address rather than plain-text characters. That way, a person who visits the page can see the email address, since HTML translates the underlying code into a readable address, but an automated harvester won't be able to read it. To use HTML characters, you need to use the ANSI characters and precede each character with &#. Separate each HTML character by a ; and leave no spaces between characters. For example, in HTML, the preston@gralla.com address is:

preston@ gralla.c o&#109

Keep in mind, though, that if you use HTML characters to spell out your email address, you won't be able to include automated HTML "MailTo" links; that requires you to actually spell out the text instead of using HTML characters.

Table 6-1 lists the common ANSI codes you'll need for most email addresses.

For a more comprehensive list of ANSI codes and special HTML characters, go to http://www.alanwood.net/demos/ansi.html.

You can do several other things to keep your address out of spammers' hands. When registering at a site, always read the fine print to see whether you're also signing up to get unsolicited mail. I also suggest using multiple email addresses, including those from free mail services like Hotmail and Yahoo, and to use those addresses when registering at sites. That way, any spam will be sent to them rather than your normal mail address.

6.2.3. Viewing Mail Header Information in Outlook and Outlook Express

As a general rule, spammers spoof their email addresses so that you won't be able to find them. However, not all do, and if you examine email header information you might be able to trace spam to its source. Once you find the originating mail server, you can send a message to the ISP's administrator, asking to block mail from the sender. It might not always work, but it's worth a try.

The problem for Outlook and Outlook Express users is that those programs don't show mail header informationinformation such as the original sender of the message, the original mail server, and relay information in your messages. However, there is a way to view it.

In Outlook, right-click the message whose header you want to view, and choose Options. Header information appears at the bottom of the screen, as shown in Figure 6-3. You can scroll through it and copy and paste from it. You can also view this information if you're reading a message, by choosing View Options.

Figure 6-3. Header information in Outlook

Note that if you use logic when trying to view header information in Outlook, it won't work. If you choose View Message Header, for example, you wont see your header information. Instead, that option toggles the To:, Cc:, and Subject: lines on and off.

In Outlook Express, right-click a message and choose Properties Details, and you'll see header information, as shown in Figure 6-4.

Figure 6-4. Displaying header information in Outlook Express

6.2.4. Handling Spam in Outlook Express

Both Outlook and Outlook Express include ways to handle spam. Outlook Express doesn't do a particularly effective job because it requires that you manually determine what spam is and then block future spam based on that. Because spam comes in from so many different email addresses and includes so many different subject lines, it's difficult to control spam in this way. However, you can give it a try. Here's how to do it in Outlook Express.

Outlook Express handles spam by letting you add email addresses and domains to a Blocked Senders list. Then, every time a message comes in from the address or domain, the mail is automatically sent to the Deleted Items folder. To add an address or domain to the list, choose Tools Message Rules Blocked Senders List. The Blocked Senders tab of the Message Rules dialog box appears. Click Add, and you'll see the screen pictured in Figure 6-5. Type in the email address or domain you want to block. You can block mail, newsgroup messages, or both. Click OK when you're done.

Figure 6-5. Blocking spam in email and newsgroup messages using Outlook Express

6.2.5. Handling Spam in Outlook

Outlook handles spam differently than Outlook Express, and different versions of Outlook handle spam differently.

Outlook 2003 includes a surprisingly good spam killer. It checks incoming messages, and if it decides they're spam, it routes them to a Junk E-mail folder, where you can then examine and delete them.

To make sure its spam-killing capability is turned on, choose Tools Options and click the Junk E-mail button in the E-mail section of the screen. The screen shown in Figure 6-6 appears.

Figure 6-6. Configuring spam-fighting in Outlook 2003

You can choose among several options:

Low

This moves only the most obvious spam to the Junk E-mail folder. This means some spam will get through, but it's not likely that it will accidentally tag legitimate email as spam.

High

This is the most aggressive spam fighter. It catches a higher percentage of spam, but also will most likely tag legitimate email as spam.

Safe Lists Only

This will allow mail to come through only from people or domains that you have specifically said are safewhat Outlook calls Safe Senders. All other mail will be tagged as junk. As a practical matter, this isn't a particularly good setting because it will tag almost all of your mail as spam.

You can add senders to the Safe Senders list by clicking the Safe Senders tab, clicking the Add button, typing in the email address or domain, and clicking OK. You can also add senders to the list when you receive email. Right-click the message in Outlook and choose Junk E-mail Add Sender to Safe Senders List.

You can similarly put senders on a Blocked Senders list, which will block all email from them. Click the Blocked Senders tab, click the Add button, type in the email address or domain, and click OK. You can also add senders to the list when you receive email. Right-click the message in Outlook and choose Junk E-mail Add Sender to Blocked Senders List.

Previous versions of Outlook aren't nearly as effective in fighting spam. They don't have a Junk E-mail folder, and don't automatically send spam to the Deleted Items folder. Instead, these versions will color junk mail gray and color messages with adult content maroon. You can then scan your Inbox for messages with those colors and delete them manually.

In these versions of Outlook, when you receive a message that you consider to be spam or that contains adult content, right-click it and choose Junk E-mail. From the flyaway menu, choose "Add to Junk Senders list" or "Add to Adult Content Senders list." You can also manually add senders to either list by clicking the Organize button on the Outlook toolbar and then choosing Junk E-mail. The screen shown in Figure 6-7 appears. From here, you can turn on and off the Junk Senders list and the Adult Content Senders list. To add to either list, click the "Click here" link, click Edit Junk Senders or Edit Adult Content Senders, and add addresses to either list.

Figure 6-7. Turning spam filters on and off and adding new senders to the spam lists

You can also use Outlook's normal filters to handle spam. You can define a rule that will route messages from certain senders, or that contains certain content, to folders that you define, or to the Deleted Items folder. To create rules for doing this, choose Tools Rules Wizard and follow the instructions. Keep in mind, though, that because spammers use different email addresses constantly, this won't help you a great deal.

6.2.6. See Also

• You can download the Center for Democracy and Technology's report on how spam is generated and how to avoid it at http://www.cdt.org/speech/spam/030319spamreport.shtml.

• SpamPal (http://www.spampal.org) is a free spam fighter that marks email as spam before it gets to your email program. Then you use your email program's filters to filter out the resulting spam.

• An excellent resource for news and information about spam and what you can do to stamp it out can be found at http://spam.abuse.net.