Spam Fighter's Toolkit
Fighting the never ending tide of spam mail can turn into a very
frustrating experience if you don't know the real tricks of the
trade. After all, there's a whole lot more to it than simply
responding to a (usually bogus) From: address with a peevish
complaint!
Here's a fairly extensive overview of resources that will aid
you in effectively combatting unsolicited email, showing you the
possibilities (and, alas, the limits!) of your endeavor.
General resources ----------------- The Spamhaus Project
features a database tracks known Spam Gangs, Spam Support
Services and the providers who keep organized spamming alive by
knowingly hosting stealth spamming services on their networks.
An extensive set of databases allows for tracking of established
spam outfits, including statistics, etc. <
http://www.spamhaus.org/ >
Look up this list of established spambots: <
http://mosa.unity.ncsu.edu/brabec/antispam.html >
Resources for header reading are listed at the Forum for
Responsible and Ethical E-mail (some broken links, though): <
http://www.spamfree.org/resources/header_reading.html >
Some spambot harrassment programs are listed here: <
http://www.turnstep.com/Spambot/harassment.html >
Spam.abuse.net calls for spam boycots and offers lots of
information an spam prevention legislation, and more. <
http://spam.abuse.net/ > Read their useful guide titled "How To
Complain To The Spammer's Provider" at: <
http://spam.abuse.net/howtocomplain.html >
Mail forwarding services ------------------------ Protect your
mail box with disposable email addresses by signing up with
Sneakemail: this service forwards everything to your regular box
without disclosing your real address. If you find your
Sneakemail address is being abused, you can simply delete it.
Plus, it will help you track down businesses that flog your
address to third party marketers. Neat. < http://sneakemail.com/
>
Free email forwarding claiming to sport the net's best anti-spam
filters can be found at Despammed.com. Basically, it works as a
remote spam filter. (That's why they term themselves a "mail
filtration service".) < http://www.despammed.com/ >
Spamex takes a similar approach, offering disposable email
addresses as a measure to counter spam. It doesn't bother with
sophisticated spam filters, though - the minute your Spamex
address receives spam, simply nuke it and get a new one. You can
also fit their log in box link into your web browser's links bar
for facilitated access. Their slogan is noteworthy, too:
"Because Sending You Email is a Privilege Not a Right!" <
http://www.spamex.com/ >
One of the best known anti-spam forwarders is Spammotel (what a
name!) which also offers a pretty sophisticated, award winning
plug-in for your email client, allowing you to keep track of
whom you have given which email address of yours. This, of
course, makes it dead easy to test web sites' privacy policy.
Moreover, it makes for a great tool to help you organize the
e-mail you actually do want to receive. (Windows only.) <
http://www.spammotel.com/ >
Mail Abuse Prevention System LLC offers a commercial spam
protection forwarding service at: < https://stop.mail-abuse.org/
>
Spam filters ------------ Webmasters running their own mail
server may be interested in The MAPS Relay Spam Stopper, a
queryable DNS-based database of spam-relaying mail servers. You
can configure your server to utilize their list if you want to
refuse mail from these types of servers. <
http://work-rss.mail-abuse.org/rss/ >
The same site offers the Realtime Blackhole List (RBL). This is
a system for creating intentional network outages ("blackholes")
for the purpose of limiting the transport of
known-to-be-unwanted mass e-mail. The RBL is a subscription-only
system, working in such a manner that no one is denied
connectivity to a non-RBLSM-subscriber. <
http://mail-abuse.org/rbl/ >
Reporting spam -------------- This spam complaint primer spells
it all out as it is and offers a sample complaint covering every
important aspect of reporting spam to get spammers' accounts and
web sites terminated. < http://combat.uxn.com racing.html >
The all-time classic to report spam to is the not-for-profit
Mail Abuse Prevention System LLC. < http://mail-abuse.org/ >
The Network Abuse Clearinghouse is a complaint service that will
forward your spam complaints to the culprits flooding your mail
box. < http://www.abuse.net/ >
The MMF Hall of Humiliation takes the approach of ridicule to
combat spammers. Lots of parodies and spoofs of obnoxious
unsolicited commercial emails, and more. Still, it has a very
serious background, informing in detail about fraud indictments
and offering rudimentary legal analysis of spam scams. <
http://ga.to/mmf/ >
This site offers monthly case studies of reporting spam and
lists successes. You'll see that while it's quite an uphill
battle, it can be done. <
http://www.obliquity.com/computer/spambait/ >
Reporting Tools --------------- Some abuse reporting tools are
listed here: < http://www.abuse.net ools.html >
As for anything on the net, there's a fitting mailing list
available for people interested in software tools that detect
and process unsolicited bulk e-mail: <
http://www.abuse.net/spamtools.html >
Proactive Strategies --------------------
UXN Spam Combat offers a nice one-page form aggregating all the
tools you need to solve the spam problem, ranging from NSlookup
and Trace Routing to Pings, decoding of obfuscated web URLs,
etc. Very useful. < http://combat.uxn.com/ >
Uni-encoding the email addresses displayed on your web site is
still a very efficient method of thwaring email address
harvesters or extractor bots: <
http://fantomaster.com/famshield0.html >
This page offers you tools to "poison" the spambots with by
feeding them tons of invalid email addresses. While this
admittedly places some strain on bandwidth and system resources,
it's also pretty easy to crash a spammer's system this way - ah,
sweet revenge! < http://fantomaster.com/faantispamtip2.html >
Many spammers are now offering their pathetic wares not via the
internet but offline, preferably using toll free numbers. This
article outlines a strategy on where and how to hit them hard -
in their pockets! < http://fantomaster.com/faantispamtip3.html >
Probably the most effective method of prevention is blocking
spammers and their harvester bots from your web site altogether.
This tip expounds the strategy to pursue. <
http://fantomaster.com/faantispamtip4.html >
The Coalition Against Unsolicited Commercial Email (CAUCE) is an
international organization promoting anti-spam legislation. <
http://www.cauce.org/ > They also publish "True Tales of Spam"
here, where you may see your own story featured some day if you
wish tp submit it: < http://www.cauce.org ales/index.shtml >
Fighting spam with procmail under Unix is discussed in detail
here: < http://www.itworld.com/App/354/lw-03-geek_1/ >
The Mega Zine SpamScript software generates tons of bogus email
addresses on the fly to feed (and crash!) spambot systems with.
< http://www.softham.pwp.blueyonder.co.uk/spam_bots.htm >
For people who can't run CGI on their systems, here's a remotely
hosted version of the spam script: <
http://www.softham.pwp.blueyonder.co.uk/spam_bots.htm >
Tips on how to lure in spambots to special, "poisoned" sections
of your site while keeping away innocent visitors can be found
here: < http://www.turnstep.com/Spambot/lure.html >
Articles -------- Steven Champeon, Save Your Site from Spambots.
Techniques to Prevent Address Scraping <
http://webtechniques.com/archives/2001/08/champeon/ >
Spambot Fighting site: < http://www.turnstep.com/Spambot/ >
Humor ----- As a comic aside, spam haikus (some more, some less
witty) are featured by the chockfull here: <
http://www.mmfhoh.org/mmf/haiku.html >
Finally, yours truly's "Spam Sonnet" is offered as an educative
example of what spam can inflict on the sensitive artistic mind
... < http://fantomaster.com/faantispamtip5.html >