SPAM
SPAM FIGHTING 101The Annoyance:Like everyone else in the world, my mailbox is filled to the brim with more obscene offers, get-rich-quick scams, and other digitrash than I thought existed on the planet. It's so overwhelming that I don't even know where to begin to fight it. I know that there's anti-spam software out there, but which is the best? The Fix:There's no one "best" piece of spam-fighting software. Truth be told, most of the major anti-spam apps do a good job. The key is to choose a competent anti-spam program and use it to the max. Before buying, look for these features:
There are, of course, a lot of spam-killers out there. Here's a very short (and not exhaustive) list of capable anti-spam tools:
If you're feeling adventurous, you can also try a free Outlook spam-killing add-in from SpamBayes, an open source project devoted to killing spam. It's perennially in beta or alpha, but people report that it's useful and reliable. Get it from http://spambayes.sourceforge.net/windows.html. Tip: If you're willing to pay $20 a year for Yahoo!'s Mail Plus email, there's another way to protect your email address. Any time you make an online purchase, you can create a disposable email address that's used only for that purchase. After you've gotten purchase confirmation, you can destroy the disposable address, and so spam sent to it heads into the ether, not to you. STAY OFF SPAM LISTSThe Annoyance:I use spam-fighting email software, but I still get too much mail from friendly Nigerian millionaires and others promising to enlarge my bank account or other, um, assets. How can I stay off these spam lists in the first place? The Fix:You're rightthe best way to avoid spam is to avoid spammer lists. So how do you end up on these lists? The most common technique is "harvesting," according to a 2003 study ("Why Am I Getting All This Spam?") conducted by the Center for Democracy and Technology (http://www.cdt.org). Spammers use automated programs, or "bots," to scan web pages, forums, newsgroups, instant messages, and other sources for email addresses. Those addresses are then sold to other spammers, and boomsuddenly you're living in Spamopolis. So if possible, don't post your email address on a personal or public web site. If you post to forums, Usenet newsgroups, and the like, use an email account created specifically for this purpose, such as a free email account from Yahoo!, Hotmail, or Google. If you must list your email address on, say, a personal web site, you can hide it from the bots in plain view. One easy trick is to spell out your email addressfor example, write "preston at gralla dot com" instead of preston@gralla.com. Most harvesting programs won't be able to grab a spelled-out address. Anti-spam mavens also use another classic technique: show your email address in an image file, such as a screen shot of the address in .GIF format. People can read it; spambots can't. Some clever spammers have figured out ways around these techniques, so another solution is to use an inline JavaScript to generate your email address when the web page loads. Spam-harvester bots only see a <script> tag, but users see an address like preston@gralla.com. To get your own bit of personalized code, go to the Java-Script generator at http://www.u.arizona.edu/~trw/spam/spam.htm. Feed it your email address and it generates the JavaScript, ready for you to plug into your site. Yet another solution is to use HTML characters for your address rather than plain-text characters. Anyone visiting your site will see the address, because their browsers will translate the underlying HTML; bots will just see a string of numbers. The trick? Each letter or number in your email address is represented by its ANSI code. Instead of "p", you'd use "112", prefaced by &#. Separate each HTML character with a semicolon (;), and leave no spaces between characters. For example, in HTML characters, preston@gralla.comwould be:
Keep in mind, though, that if you use HTML characters to spell out your email address, you won't be able to use automated HTML "MailTo" links on the pagethat requires the email address to be spelled out using regular letters and numbers. For a comprehensive list of ANSI codes and special HTML characters, go to http://www.alanwood.net/demos/ansi.html and click the Symbol link at the top right of the page. Finally, if you're really drowning in spam, you should carefully choose a new email address, inform your friends, set up an auto-reply on the old one, and never visit the old account again. Sounds too time-consuming? Well, you probably spend at least 30 minutes a day deleting floods of spamnow that's too time-consuming! THIRTY-SECOND GUIDE TO TRACING SPAMMERSThe Annoyance:I'm sick of spam and I'm not taking it anymore. How can I track down these e-scum and turn them in? The Fix:Two pieces of software, eMailTrackerPro and VisualRoute, can track down the real source of spam and notify the spammer's ISP in as little as 30 seconds. You can download fully working demos of eMailTrackerPro and VisualRoute from http://www.visualware.com. After 15 days, you can buy the duo for $69.90. EMailTrackerPro (Figure 1-10) analyzes email headers and traces the messages back to their true senders, when possible, by finding the originating IP address. It even reports on the sender's country of origin. It also reports on the software used to send the message, which isn't especially useful but is something that Net geeks like to know. EmailTrackerPro also tells you if the email address it digs up has been "spoofed," or faked. Figure 1-10. eMailTracker Pro tracks down the source of spam, including the email program used to send it and the country of origin, and reports if the address has been spoofed. There are two ways to copy email headers into the program for analysis. If you use Outlook, eMailTrackerPro installs a button on the Outlook toolbar. Just highlight an email and click the button. If you don't use Outlook, copy the header information from the email, choose Edit
Tracking down the spammer's IP address solves the first part of the problem. To locate the spammer's ISP and send it an email, you must turn to VisualRoute. VisualRoute traces the route back to the IP address of origin, reporting on the path the message took and showing the owner of each server on the Internet over which the message traveled (Figure 1-11). So while eMailTracker Pro will find the originating IP address, VisualRoute will identify the originating ISPand that's who you want to complain to. When it finds the originating ISP, click the name, and VisualRoute will summon the WhoIs information for that ISP, including name, address, contact information, and email addresses (Figure 1-12). If you see an email address for reporting spam, click it, and it will launch your email program. Paste in the header from the spam and send your complaint on its wayyou've just reported a spammer. Figure 1-11. Once you know the IP address of the spammer, VisualRoute will find the exact path the spam took to get to you. Figure 1-12. VisualRoute finds the spammer's ISP and pops up handy contact info for turning in the slimeball.
CAN THE CAN SPAM ACT CAN SPAM?The Annoyance:Congress passed the Can Spam Act. Big deal. I get more spam than ever. Can I really use the law to can spam? The Fix:In a word, no. Experts hardly expect the act to stopor even slowthe flow of spam, and evidence indicates that it's not having much impact. For example, Vircom, a maker of security software, examined more than half a million pieces of spam originating in the U.S. (and so covered by the law) and found that only 71 messages complied with the act. Another study, by the anti-spam vendor Commtouch, found that only 10% of all spam originating in the U.S. complies with the act. The law itself has a variety of requirements, including that spammers must use their true return addresses and that they must include opt-out instructions in every email. But the law pertains only to the U.S., and many spammers have simply moved offshore or started sending spam from servers in other countries. In addition, there's no way that any government agency can possibly keep track of, much less prosecute, all the spammers who violate the law. Still, some of the big ISPs and various law-enforcement agencies are using the law to go after spammers. In March 2004, America Online, EarthLink, Microsoft, and Yahoo! filed civil actions under the law against hundreds of spammers. A month later, the Federal Trade Commission and the U.S. Attorney's Office of the Eastern District of Michigan announced they were prosecuting four spammers. But let's face it, the law is flawed. It doesn't prosecute those who benefit the most from spamthe companies that sell the products being advertised. After all, if McDonald's paid someone who paid someone to plaster private property with McDonald's posters, the company would be liable. But for some peculiar reason, anti-spam laws haven't taken this tack. Could this be yet one more example of Congress passing a law so it can tell voters it's done something about a problem, even if the problem remains? Look in your email inbox tomorrow morningthen you decide. BEWARE THE NATIONAL "DO NOT E-MAIL REGISTRY"The Annoyance:I signed up at the National Do Not E-mail Registry site at http://www.unsub.us, to get my name off of spammers' lists. Not only did my spam not stop, but I now get more than ever. Is the federal government trying to reduce the deficit by selling email lists to spammers? The Fix:You've unfortunately been the victim of a hoax. There is no such federal registry. The site you visited, according to the Federal Trade Commission, "mimics the language, look, and navigation of the web site for the National Do Not Call Registry, a legitimate free service of the federal government." The FTC believes the site might be collecting email addresses to sell to spammers. The site is currently down, but may rise again. Don't get fooled! UPDATE OUTLOOK'S SPAM FILTERThe Annoyance:I use Outlook 2003's spam filter, but after a few months, it seems like more and more spam is getting through. Is Outlook simply getting as tired as I am sifting through all this junk? The Fix:New types of spam are created all the time, and on its own, Outlook can't keep up with them. To solve the problem, Microsoft occasionally releases updates to its spam filter. Go to http://office.microsoft.com/en-us/officeupdate/default.aspx and click the Check for Updates link to look for the latest. MY NEWSLETTER GETS BLOCKED AS SPAMThe Annoyance:I send out a weekly newsletter to several thousand people who asked to receive it. But every week, hundreds of them don't get it because their ISP or their anti-spam software considers my email spam. What's the curative? The Fix:Spam tends to have certain common characteristics, and your newsletter may inadvertently mimic some of those traits. Follow these tips, and you'll go a long way toward making sure your emails don't get bounced:
Some of the most common blacklists:
If you find your newsletter or your IP address on any of the lists, contact the site, and ask how to be taken off the list. Keep in mind, though, that actually getting off one of these lists can be very difficult. For advice, go to http://www.spamcop.net/reported.shtml. For more tips, head to http://www.wilsonweb.com/wmt8/spamfilter_avoidance.htm and http://www.thatswise.com/free/lessons/0503.html. MY ISP THINKS I'M A SPAMMERThe Annoyance:I've got a much worse problem than some spam filters thinking I'm sending spam. My ISP thinks I'm a spammer, and it won't let me send out a newsletter at all. In fact, it's about to kick me off the service entirely. How can I change my ISP's mind? The Fix:Don't bother trying. If you're sending out a newsletter to more than 25 people, you should be using a service that does it for you. Don't do it from your own computer and your own email account unless you're absolutely sure it's kosher with your ISP. Check your ISP's rules before sending. On AOL, for example, head to http://postmaster.info.aol.com/tools/whitelist_guides.html. From this page, you can request to be put on AOL's whitelist, which means that you'll be able to send a newsletter and AOL won't block it as spam. However, you'll have to agree to a set of rules: your mailings will have to comply with the Can Spam Act, valid contact information must be included, all of your subscribers must have requested the newsletter, and so on. Some ISPs and web-hosting services offer free newsletter-mailing services, so check with yours. If they do, it'll most likely be limited to newsletters with a few hundred subscribers. You can also go with a free newsletter service such as Coollist (http://www.coollist.com) or Yahoo! Groups (http://groups.yahoo.com). To use the Yahoo! Groups service, first create a new group by clicking the "Start a new Group" link. After you've created the group, go to the Members section and click Invite Members. That will allow you to add subscribers to your newsletter, which you can then send out whenever you want. Pay sites, such as http://www.dundee.net, http://www.sparklist.com, and http://www.topica.com, are good if you're distributing to several thousand readers.
For a more complete list, head to http://directory.google.com/Top/Computers/Internet/E-mail/Mailing_Lists/Hosted_Services/.) The actual amount you'll pay varies according to the number of subscribers and the size of your newsletter. |
Options and click the Preferences tab. Then click Junk E-mail. Make sure the "No Automatic Filtering box is unchecked, or else you'll turn off Outlook's spam-killer. Choose Low if you want to catch only the most obvious spam, and High if you want to be more aggressive(and can live with it flagging some legitimate mail as spam).
Paste Headers in eMailTrackerPro, and the program will set off to work.
EAN: 2147483647
Pages: 89