Spam fighting

Simple ways to deal with spam

1. Get Mailwasher but DON'T bounce spam
2. One filter for 95% of spam
3. Hide your email address on web pages
4. Hitting back at spammers

1. Get Mailwasher but DON'T bounce spam

Recently I've been receiving hundreds of returned undeliverable messages a day. What's happening is that a virus or a spammer is inserting my domain into the 'From' address for their crap, and the recipients have their servers configured to blindly return or 'bounce' spam to the sender... so I gets it :o(

Bouncing spam used to be a good idea, but now it's only worsening the threat that spam and viruses pose to the useability of email. Indeed the only legitimate use for bouncing email now is to tactfully inform a known sender that you don't want the mail they're sending you (such as forwarded and widely circulated funnies). See 2 Bounce or not 2 Bounce for a fuller explanation of why BOUNCING IS BAD

There are many freeware and shareware programs out there (and some commercial ones too) which claim to block spam before it reaches you, and some of them probably do work, at least to reduce it a little. Unfortunately many of these programs are either complicated to set up or simply ineffective, or require subscription to a third party spam-filtering service, which removes control from the user somewhat.

However... I have found a cheap and highly effective tool - Mailwasher - which lets you examine the headers of your mail from multiple email accounts before you download them and apply powerful filters (including an amazing 'learning' filter) to weed out the crap. It can automatically mark suspected spam for bouncing/deletion using an easily configurable filter/blacklist system, and if you're uncertain about any message you can safely preview it (by double-clicking on its header) since Mailwasher doesn't parse HTML (so no executable code can be run). When you've marked them you can simply delete blacklist all the spam and then download the mail you want as normal using your default email client.

Simple, cheap... and very effective.

 

2. One filter for 95% of spam

A little while ago I stumbled across a very simple way of filtering out 95% of spam using a single filter.

Previously I had laboriously created numerous filters (a.k.a. message rules in Outlook Express) to identify and EXCLUDE spam, either by sender (e.g. Where the From line contains '@email-prom.net') or by message content (e.g. Where the Subject line contains 'mortgage rates').

However it kept on coming (especially the Lender's network crap) - the spam seeming to mutate as fast as virii.

Then I twigged that the vast majority of the spam I receive is not actually addressed to me. Much of it is addressed to '@myISP.com' and/or relayed to me via 'xyz456@hotmail.com' (for example).

So with a little effort I created a single filter to catch ALL this impersonalised spam, basically by assuming that EVERYTHING I RECEIVE IS SPAM and the best way to sort it is to identify and allow what has really been sent to me personally.

It goes something like this:

Where the From line does not contain 'me@myISP.com' or '@anyofmydomains.com' or 'NAMED SENDERS'
&
Where the To line does not contain 'me@myISP.com' or '@anyofmydomains.com' or 'NAMED SUBSCRIPTIONS e.g. SARC or thelist@lists.evolt.org'
&
Where the CC line does not contain [DITTO the To line]
>
TREAT IT AS SPAM (e.g.. 'Delete from server' or, for now, just 'Move it to the Spam folder' to be safe)

Not only does this filter catch unsolicited spam, but it also catches all those annoying update notices to which I have unwittingly subscribed, such as Real-anything, Computer-Arts etc. etc.

The only down-side is that new subscriptions will be caught by this filter if they are addressed to anything other than my subscriber email address... so the filter will have to be disabled for a short period after subscribing to anything new to let the first message come through so it can be checked and the filter can be adjusted if necessary to allow further messages to pass.

UPDATE: I recently received an unexpected email which was very important (from the British Council) but was addressed to no-one (they had correctly used the bcc line) and since I had not previously had email from them (and so not adapted the filter to allow it) this vital message was caught by my anti-spam filter. The filter is still in place, doing its job, but I would now advise only using this technique to sort spam into a separate folder and not to delete it, in case you do miss important but unsolicited mail.


3. Hide your email address on web pages

Most spam is sent to addresses extracted from web pages. If you put your email address anywhere on a web page - in a <a href="mailto:...> link, in the action parameter of a form tag or (especially) in a meta tag - it will be found by spam robots and added to spam lists.

There are many simple ways to disguise your real email address, from writing your address with '%40' instead of '@' (email protocol reads me%40mydomain.com the same as if it were me@mydomain.com, but 'spambots' won't) to inserting obvious human-readable bits into your address, like: me@DELETETHISANTISPAMSTRINGmydomain.com or me@NOSPAM.mydomain.com. The problem is the spam bots are aware of these traps too and are becoming more sophisticated in circumventing them.

On my contact page I used to use this code to write a mail link onto the page. The point being that the complete email address does not appear on the raw html page and so cannot be detected by spambots, but the link still works:

<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
<!--
fstr=''
fstr+='<a href="mailto'
fstr+='\:feedback'
fstr+='@'
fstr+='georgedillon.com'
fstr+='\?subject=Message sent via georgedillon.com">'
fstr+='E-mail<\/a>'
document.write(fstr);
//-->
</SCRIPT>

I also used something similar for the form action tag, until someone emailed me that the page simply didn't show anything if the user had JavaScript turned off... obvious really... so with my newly acquired CGI-hacking skills I switched it all server-side. Here, however, at the foot of the page is a demo of the above technique (but it will only be visible if you have Javascript turned on :o) Mouseover it and check the status bar (or click it if you like - it will only start your email program and won't send anything until you say so) and then click 'View' > 'Source' and scroll to the bottom to see the actual code.

4. Hitting back at spammers

Reporting them takes time and doesn't really have much effect. Bouncing is now a no no. There is another way to hit back at spammers... fill their lists with false email addresses. If you have CGI access on your website, it's simple to add a script like the one at Cliff's Perl Scripts to generate fake email addresses complete with realistic names and properly formed mailto: tags, which any email harvester will gobble up... Here it is in action

{Printed from http://www.georgedillon.com/web/spam_fighting.shtml on Wed, 20 Sep, 2017 @ 22:08:02}