Junk Email and Spam Abatement Strategies

Unwanted junk email or “spam” is a persistent problem for most email users, and usually gets worse. Since email is nearly free to send and there seem to be suckers born every minute to click on mortgage enlargement ads, these scams are too lucrative to disappear entirely. Here are a few tips, then, to help you understand spam: where it comes from and how to manage it with intelligent junk mail and spam abatement strategies.

For you to be bothered by junk mail a certain number of definite things need to happen, each of which provides a potential barrier or “choke point” to help minimize or decrease the amount of spam you see.

  1. You must have an email address
  2. A spammer must guess or obtain your email address
  3. Your email provider accepts the email
  4. You download the email
  5. You view or respond to the email, encouraging more

The trick to gaining an edge in the great junk mail arms race is to understand these choke points and use them to your advantage by constructing a layered defense of the appropriate complexity and sophistication for your needs, one step at a time.

Choose a Good Email Address (or three)

To receive spam you have to have an email address, but there are some things you can do to make that address more difficult for spammers to find or identify. One of the simplest tricks is to have an obscure or difficult address, but a more useful one is to have more than one address. Consider getting different email addresses for different things

  • A public address given out for work or professional purposes
  • A private address given out to to a few trusted family or friends
  • A separate address for use in online fora or for online dating
  • An address to use when shopping
  • Disposable addresses created explicitly to be discarded at will

Which of these you need depends on your situation, but with most ISP’s offering more than one email address for each account, it isn’t hard to get more than one. Some people use free online services for extra addresses, while others choose to use paid email forwarding services. One example of such a service is IC Group’s PoBox.com, which for $20 per year provides three email “aliases” which can be pointed to any mailbox you choose, with the option to buy more aliases as needed, change aliases often or supplement them with additional filtering and services.

When choosing your email address, consider whether it is something that will work for its intended purpose. “ArthurAndersonCPA@hotmail.com” may be a good professional address while “ArtsyInVancouver” may be a better user name for social purposes. If your name is common consider ways it can be altered to make it harder to guess, and try not to choose an email address that contains only dictionary words. Initials and birthdays make good email addresses for family and friends, so if Arthur was born on July 4 he might make his personal address something such as “AA704@yahoo.com” or “ArthurReadsHisEmail@yahoo.com” to make it memorable but harder for the spammers to guess.

Users who upgrade to Yahoo’s “Mail Plus” service for $20 will find many of these features available through its “Address Guard” feature, while at $35 yearly will also give one “business email” with a custom domain (the ultimate in address configurability).

Spammers Get or Guess Your Email Address

Spammers get email addresses from all sorts of places, most of them perfectly legal and obvious. Among the most common techniques are

  • Computer programs that comb web sites and online fora for email addresses
  • Stolen or purchased from someone else who has your address
  • Guessed by combining common words and names at known domains
  • Harvested from other users using spyware, Windows viruses or “cc” fields

If you have an email address the easiest way to keep it private is just that: keep it private. If it is not easy to guess, mine from web pages or find on dozens of Windows computers using Outlook, the chances of a spammer getting or buying it are minimal. If you respond to spam or already receive lots of spam, the chances of your address being sold or stolen or reused over and over by spammers are much greater, which is one of the reasons it is sometimes easiest to just abandon an old email address or begin using another which the spammers do not have.

ISP Server-Side Spam Filters and Tools

However much trouble spam causes you, it is much more trouble for internet service providers or “ISP’s.” If each user receives one hundred spam messages a day and only a dozen “legitimate” emails, the ISP has to process and store nine messages for every one that gets read. For this reason many ISP’s are working to filter out email before uses even see it. When choosing an ISP you might consider whether they offer junk mail filtering of some sort that you can turn on or fine-tune to meet your needs. Most ISP’s have a variety of techniques for filtering spam. Some of those include

  • Blocking email messages from known spammer IP addresses or domains with a “blacklist”
  • Encouraging customers to establish a personal server address book or “white list”
  • Filtering for characteristics of spam such as HTML formatting or odd addressing
  • Other filters (such as keyword) that the software may learn over time

This last characteristic of “learning” to better identify spam is usually accomplished using a mathematical technique called “Bayesian spam filtering.” Basically what this does is ask the user (or a large group of users) to identify some messages as “spam” and some as “not spam” and then examine the content of a given email to determine its relative “spamicity” on a scale of zero to one hundred. Based on this score the message may be labeled or filtered into a special “bulk mail” area. When applied to a wide variety of emails by a wide variety of users, such “server side filtering” can be quite good.

Different ISP’s vary in their technical ability to block spam and if your ISP does not offer enough of such services there are companies which specialize in this sort of thing. One such company is SpamArrest, which uses several strategies to help contain spam.

  1. Create a special mailbox where all mail will be forwarded
  2. Create a “white list” or address book of addresses to accept email from
  3. Allow creation of a “black list” of explicitly blocked senders
  4. Generate a “challenge-and-response” message to “gray list” senders

Only addresses from the white list are automatically delivered to the mailbox, with the server bouncing or silently junking blacklist messages. Messages from unknown addresses are sent a special reply which requires that the person log on to a web site or send a special response email which triggers a message which is delivered, allowing the recipient to review the message and perhaps add them to the “white list.” Such a system is terrific for some people, but cumbersome for others.

Unfortunately, in the evolving spy-versus-spy world of spam, the spammers are also learning and adapting techniques to circumvent such filters.

  • False “from” or forged header information
  • Avoiding keywords or misspelling them such as “m0rt6age” or “\/!AGRA”
  • Including legitimate sounding subject lines or strings of “normal” text in a message
  • Using viruses to have Windows PC’s send spam from their private address books

The evolution of spam and anti-spam techniques is obvious to anyone who has been online for several years, and seen the ways in which spam prevention and spammer techniques change over time.

Avoid Downloading Spam

When email is sent to an address it normally sits for a time on a mail server until the user logs in with an email client and “downloads” their messages to a web page or email client software. If junk messages have been directed away from the main inbox on the server side, they would not normally be downloaded. One simple way to filter email before you download it is to log onto your ISP through a “web mail” interface where you can easily scan several subject lines and perhaps check off obvious spam messages to delete before using your “normal” email program. This is faster than downloading all the messages first, and for people who use telephone modems, can be a real time-saver, since you can delete several messages all at once, based only on the subject lines or their preposterous return address.

Premail and Email Client Filtering

In addition to server-side filtering, many email clients perform “client-side filtering” with a variety of methods. Sometimes this is done with special programs I call “premail clients” which check for potential spam before passing it reaches your “real” email client. Sometimes this is done within the email client using built-in Bayesian filters, user-created rules or other technologies such as the latent semantic analysis built into Apple’s OS X Mail.app.

Bayesian filters within an email client work much as they do on an email server, except with a much smaller set of email, which can be an advantage. If you are a pharmacist or a realtor, for example, filters which target words such as “mortgage” or “Viagra” may not help much, or actively get in the way. Client-side filters make some initial guesses as to what is spam or not, but allow you to tune them more precisely to your liking by marking messages the filter missed as spam and (as importantly!) telling it when it has incorrectly identified a message as spam. Because Bayesian filters rely on known-good messages as much as spam for training, it is almost more useful to correct false positives as it is to label the spam. Over time your personal filters will become much more precise, so spending time training them early is time well spent.

Among the more popular pre-client email filters for Mac OS X are SpamSieve and SpamFire, both of which filter for spam before passing what they think are good messages along to your email program. Among the email programs with built-in spam filters for further processing are Mozilla, Thunderbird, Gyzamail, Microsoft Entourage, Mail.app and the paid version of Eudora.

All of these email clients also have various “rules” or “filters” that can be further applied to mail, performing other actions such as automatically sorting it, moving it to different folders and even forwarding it to others or generating automatic replies. These are sometimes useful as part of a general email strategy, but are not only for junk mail.

One example of how I use rules or filters for my own email is to configure multiple email boxes for different kinds of email, which is automatically processed, labeled and sorted depending on the address it comes from, the subject line or how it is addressed. For example

  • Mail from email or announcements goes into a special “Elists” mailbox
  • Mail addressed to me from those in my address book goes to my “Inbox”
  • Mail of uncertain provenance goes into a special folder called “Graylist” for review
In combination with various other strategies, such rules or filters help enormously in managing my email. If you have two or three email addresses for different purposes, email could be filtered using a rule which places personal, professional and shopping email into different folders, based on who it was sent to. Or perhaps you could have it filtered, labeled or set to make a certain noise when mail from family, work or your boss comes in. Although not a junk mail strategy, identifying your most important email is as useful, if not more so.

Do Not View or Respond to Junk Mail

Spammers are very clever and have various ways they can tell when you have viewed a message, such as by embedding very small graphics from a web page into the mail. If you open the mail or view it, the graphic loads, showing them not only that you read the message, but exactly when. Similarly, they can also embed links in the email and then note when you click on those links. Most sinister is the request that you click on a link to unsubscribe or reply to be removed from their list. Since many spammers are also liars, more often than not such links merely confirm that you read email and that you are gullible enough to respond. For those who send out lots of spam or sell their lists, this makes your address more valuable and dramatically increases the chance that you will receive more spam. Not viewing mail, clicking on links or responding is usually the best way to decrease the amount of spam you receive.

Use Multiple Anti-Spam Strategies

The best defense against spam is having several defenses, using a combination of these strategies to gradually decrease the amount of spam that is sent to you, the amount that reaches your inbox and the amount of that which you actually receive and reward. Over time the amount of spam you receive can eventually go down, although it will almost certainly never go away completely. Like the common cold, the only way to fully prevent it is death (or avoiding email entirely), which is not the best way to live.

For more specific help in formulating an anti-spam strategy for you or your business please consider phoning for an appointment with Mac Rory at (360) 695-6929.


This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to Junk Email and Spam Abatement Strategies

  1. Mac Rory says:

    In the Sunday, Sunday, July 16 (2006) Oregonian, Laura Gunderson had an article “Something’s Phishy” which included some great information on online info-stealing scams such as “phishing” and “pharming,” which usually use spam email as a way to trick people into giving over their financial information.
    A printer-friendly version of the article and
    A “protect yourself” factbox and
    A quick glossary of variations on these scams

    These sorts of scams have been around for decades, usually using print ads and telephone calls to accomplish the same purpose but online “phishing” is directing people to official-looking web sites by claiming to be someone else, “spear phishing” is a more targeted version which uses individual information to seem more legitimate while “pharming” is loading false DNS information into a computer so that they will ask for a legitimate web site such as eBay or PayPal but actually be directed to a fake version, usually in eastern Europe somewhere. “Spoofing” is a general term for setting up email or a web site to look like it is something other than it is: an impostor posing as someone else, usually for deception.

  2. Glenna says:

    Thank you for such a thorough explanation of so much about this annoying and time-wasting problem. This was a detailed and complete explanation of some things I “sort of” understood and many that I did not. (And, no, I’ve never clicked on the “take me off the list” link! However, there is still an unbelievable amount of spam delivered to my chief email address.)

Comments are closed.