Buried Under a Mountain of Spam

Buried Under a Mountain of Spam

For years I didn't worry much about spam.

But lately it's got out of control. Over half of my email
is now spam, and it's growing by the week.

Spam is now such a problem that I know people who have
had to close down their domain name. This article offers
some tips on how to avoid being buried under a mountain
of spam.

---------------------------------------------
How Do They Get Your Address?
---------------------------------------------

In the old days, spammers got their addresses mainly from
Newsgroups - if you didn't post to Newsgroups, you were
reasonably safe. But they're now using a much more
efficient method to build their lists - email harvesters.

Email harvesters are robots that roam the Internet
collecting email addresses from web pages. Examples are
EmailSiphon, Cherry Picker, Web Weasel, Web Bandit and
Email Wolf, to name just a few.

How can you protect yourself from email harvesters?

By 'munging' (mung = 'mash until no good') or cloaking your
email address.

There are many ways of munging your address - the easiest
technique is to use HTML code for the punctuation in your
email address (instead of symbols).

For the colon after mailto use : and for the @ symbol
use @ and for the period use .

With this method, my email address would become:
mailto:msouthon@freezineweb.com

Your email address will appear exactly as it did before,
and it will still be 'clickable', but email harvesters will
ignore it and move on.

There are also JavaScript's that you can insert into your
web page that will make your email address visible to
humans but invisible to harvesting programs. Here's one
that works very well:
http://pointlessprocess.com/JavaScripts/anti-spam.htm

----------------------------
How To Fight Spam
----------------------------

The most important thing is never, ever, reply to spam.

Most spam contains an innocent-looking 'remove me' email
address. Do not use it. Here's why:

Spammers typically buy a CD containing a million or so
email addresses, but they have no idea how many of those
addresses are active. So before beginning their marketing
campaign in earnest, they send out a 'test message' to the
entire list.

The test message contains an email address for removing
yourself. When you reply to that address, it confirms to
the spammer that your address is active and therefore worth
spamming.

Worse still, the spammer may be distilling from that CD a
list of confirmed active addresses that he will then sell
to another spammer.

The key to dealing with spam is to report it to a 3rd
party: (1) the affiliate program that the spammer is
advertising, (2) the spammer's web host, or (3) the ISP the
spammer used to connect to the Internet.

When you report spam to a 3rd party, remember to be polite
- they didn't send the spam and they're probably just as
anti-spam as you are.

(1) Reporting to Affiliate Programs

Many spammers are affiliates advertising someone else's
products or services. So look for a website address that
contains an affiliate link, something like this:
www.affiliateprogramdomain/841526

Then just send an email to the affiliate program
(abuse@affiliateprogramdomain.com), informing them that
you are receiving spam from one of their affiliates.

Most affiliate programs have zero tolerance for spamming
and will remove an affiliate spammer without warning.

Now, affiliate spammers don't want you to see their
affiliate link, so many of them send their email as HTML.
All you see in the message are the words 'Click Here and
Order Now'.

But in your browser just click on 'View Source Code' and
search for the letters 'http'. That will take you to the
spammer's affiliate link.

(2) Reporting to Web Hosts

If the spam doesn't contain an affiliate link, its likely
that it is coming from the owner of the domain name. In
that case you'll have to report it to the spammer's web
host or their ISP.

To make a report to the spammer's web host just go to
Whois, the directory of registered domain names:
http://www.netsol.com/cgi-bin/whois/whois

Type in the spammer's domain (the website address that
appears in the spam) together with the extension (.com,
.org, .net etc).

The host for that domain will usually be listed as the
Technical Contact in the Whois record and there will be an
email address for contacting them.

(3) Reporting to ISPs

To report a spammer to his Internet Service Provider,
you'll have to look at the spam's 'extended headers'.

Extended headers show the servers that the message passed
through in order to get to you. The instructions for
viewing extended headers will vary depending on what email
client you are using.

=> In Pegasus Mail, open the offending message and then
right-click and choose 'Show raw message data'.

=> In Eudora Light, click on 'Tools' in the top menu bar,
and then 'Options', and then select the checkbox option
that says 'Show all headers (even the ugly ones)' and
click OK.

=> In Outlook Express, open the offending message, select
'Properties' from the File menu and then click the
'Details' tab.

Reading and understanding extended headers is quite a
detailed subject. Here's an excellent free tutorial on how
to decipher extended headers:
http://www.doughnut.demon.co.uk/SpamTracking101.html

As an alternative to these reporting techniques, you could
use a web-based spam reporting service such as SpamCop
(www.spamcop.net). SpamCop deciphers the spam's message
headers and traces the mail back to its source.

However, SpamCop is known to generate complaints about
innocent third parties, and as a result, many system
administrators ignore complaints received from SpamCop.

There is one kind of spam that the techniques in this
article probably won't help you with: spam from China.

This is the most peculiar spam you're ever likely to
receive. For example I regularly get messages from a
certain ChenHua of the China-Lutong mechanical company
asking me if I would like to order hydraulic heads for
the VE distributor pump.

Spam is not an issue in China so it's unlikely you would
stop the spammer by reporting him to a 3rd party. However,
while doing the research for this article I came across a
web page that offers a very ingenious (though rather
severe) solution to Chinese spam.

The Chinese government recently ordered all ISPs in China
to start monitoring email for subversive phrases. This
anti-spammer replies to Chinese spam with a message that
includes subversive phrases, such as "weapons and
ammunition", "Falung Gong" and "Free Tibet".

But I don't recommend you do this - the Chinese spammer
could end up spending years in a forced labor camp. Even
the worst spammer in the world doesn't deserve that.

Good luck in your fight against spam!

About the Author

Michael Southon is the author of the popular new eBook
'Ezine Writer!' Discover how to dramatically increase your
Traffic and Sales, starting today: http://www.ezine-writer.com/
Join his twice-monthly 'e-Profit Tips Newsletter':
mailto:ept-subscribe@freezineweb.com