Advertisment

Beyond Anti-spam Tools

author-image
PCQ Bureau
New Update

E-mail was the killer app of the Internet, but now it seems to be killing the bandwidth, thanks to spam. While it’s impossible to completely get rid of spam, you can reduce it by following various measures. One is rules based blocking, which is not sufficient because spammers will always find new ids, subjects, and body text to send you spam. The next level is using anti-spam software at the client as well as servers level. These tools use sophisticated algorithms to filter spam, and also keep updating their filters with fresh rules. You can also subscribe to DNS blacklists, such as mail-abuse.org and spamhaus. org, which keep a list of known spamming domains. Even these measures are not enough. To fight spam effectively, it’s also important to know how it is generated and spreads. Plus, you also need proper anti-spam policies. 

Advertisment

Tracing tools like VisualRoute can be used to determine which ISP is the spammer using to spam you

How’s Spam Generated



It all starts when spammers manage to get hold of your e-mail address. The most common way is when you register with a website, perhaps to download software or purchase a product. The website could belong to a spammer, or it might be in the business of selling its mailing databases. Either way you figure in the spammer’s list and start receiving unsolicited mail. Subscribing to news- letters is another common cause of spam. You could do it unknowingly or worse someone else subscribes you to mailing lists (either because you stole his girlfriend in college or maybe the person is extremely fond of you). In such a case, you could either ignore the deluge of mail or check out the websites (if they have one) of each newsletter for legitimacy. This is important because most spammers provide an unsubscribe link in their email. If you try to unsubscribe from the link, then the spammer gets a confirmation of your existence, and starts sending you even more spam. So as a rule of thumb, don’t fall for the “unsubscribe” bit in spam mail. Only if you’re certain that the website or mailing list is legitimate should you proceed with

unsubscribing. 

Besides the user, the mailing list owners should also take measures to avoid getting unwanted subscribers. They can send an email to new subscribers to check if they’ve actually subscribed or not. This mail should mention that only after the subscriber responds to the mail would they continue sending newsletters in the future. Those who don’t respond would be removed from the list.

Advertisment

It’s also important to know about Web bugs. These are clear or transparent graphic images, merely 1 pixel x 1 pixel in size that can be placed in email or Web pages. These are used to monitor the usage patterns of websites or email. While the Web bug points to the website from where the image has to be downloaded, it also sends information about the user’s machine to the website. This information can be the IP address and the Web browser used of the machine. Spammers can use Web bugs to confirm the presence of an email address so they can continue spamming. Web bugs use cookies for sending back information, so blocking cookies can stop Web bugs from sending your personal information.

Fighting Back



Spammers use clever techniques to avoid getting caught, such as IP spoofing, using drop boxes and free email websites, finding open relay servers, and using spamming tools (see the glossary in PCQuest Buzz with this issue for their explanation). So you may not be able to find out who is spamming you, but you can always find out enough to do something about it. Spam mail headers come to the rescue as they can reveal useful information about the spammer. You can reach the mail header by choosing the e-mail’s properties. In Outlook Express, right click on the spam mail and choose properties. The window that pops up has two tabs, general and details. Click on details and you’ll be able to see the mail headers. 

Advertisment

The mail header usually tells you the route that the mail has followed to reach you. In this, look for the IP addresses or domain names in the “Received” lines. There are two to three such lines that show which ISPs have relayed the message. The first line will say “Received from by yourISP.com. Ignore the second address as that’s your own ISP’s domain. The first will be the ISP who relayed this message to you. Next look at the second “Received” line. This will most likely be the ISP where the spam originated. 

Once you know the ISPs who relayed spam to you, the next step is to lodge a complaint with them about the spammer. You need to find out the ISP’s contact information like email id and phone numbers. The most effective way of doing so is by using tracing tools. These track the entire path used by an email to get to your mailbox. They can also give complete information about all ISPs found in this path. This information can include the ISP’s complete name, who’s it registered to, phone and fax numbers and the contact email id. There are also some free websites that can give you this information. Many ISPs provide a separate email id that you can use to send them headers of all the spam mail you’ve received through their servers. 

While the process is simple, it may not be easy to execute, simply because there’s too much spam. Therefore, this process is better suited for companies who can use dedicated staff for the job, rather than individuals wasting time on it. 

Anil Chopra

Advertisment