|
Issues Related to Blocking Spam |
|
|
If you use e-mail, you receive SPAM (unsolicited e-mail), usually advertising get-rich-quick schemes, pornography, web site promotion, mortgages, DVD copying software etc.
The return addresses on SPAM are mainly fictitious, in which case the emails are easily blocked by probing the apparent sending server to detect whether the email address exists and, if it doesn't, refusing to allow the email onto the recipient server. ammonet InfoTech uses that technology.
However, SPAM operators now routinely use trojans that infect all manner of computers around the world to create zombie networks that send out millions of SPAM emails witout the knowledge of the owners of the computers. Below we discuss what to do about this kind of SPAM.
SPAM operators also sometimes use the domain name of your hosting or connectivity provider, in the belief that you are likely to open an e-mail showing that return address. This practice is known as SPOOFING an e-mail address. Since the SPAM does not originate from your provider's server, there is nothing he can do about it. At the ammonet office, we receive numerous SPAM e-mails per day, some with our own domain as a return address. Please rest assured that we do not transmit SPAM from our servers to our customers or to anyone else. |
|
|
First and foremost:
1) use a good commercial product to protect your computer against viruses, trojans and other malware, whether it enters your system via email or via a web browser. These products should also provide a good spam warning system and a firewall. Note that Windows has its own firewall which should be disabled if you plan to activate a second firewall as provided by Symantec or McAfee products.
2) if you are receiving email via the POP account of your own website, make sure that your hosting provider has a good anti-spam filter in place. ammonet uses Spamhaus to block email originating from blacklisted IP numbers.
You might also want to consider the following points:
1) Be selective when you click "reply" to remove your address from a SPAM mailing list, as sometimes instructed - this is usually a ploy to obtain the e-mail addresses of active users, for sale to other spammers. If the "remove" option opens a legitimate website, then this method of removal might be successful.
2) Make use of the filter option on your e-mail software, utilising the subject field as an identifier. By judicious configuration of filters, you can greatly reduce the SPAM you see. Our office e-mail filters catch about half of the spam messages sent to our e-mail addresses.
3) If you are making use of our autoresponder option, please ask us to set up a mail-drop for you so that autoresponses sent to fictitious SPAM addresses can be filtered out by you when they bounce back, rather than accumulating on our servers (or, even worse, being delivered to us as the ultimate maildrop).
4) When promoting your site through link generation and search engine submission, especially if using an automatic submission software, be certain to set up an e-mail address specifically for this purpose and direct e-mail sent to that address to a separate mail box or the trash box. There are only about 16 search engines that generate traffic, the rest being useless at best, or, at worst, FFA (Free For All) listing services, the only purpose of which is to bombard listers with spam. Never list on FFA sites.
5) Anti-spam software is often useless and can be pernicious. There used to be a software in common use that, at the click of a key, would send a complaint to the apparent return address of the SPAM e-mail as well as to every identifiable entity upstream. Since we are up-stream of you through several steps, this software sent us five or six e-mails complaining about spam that we are powerless to prevent. The complaint contains a message advertising the anti-spam software. Spam indeed. However, this type of product is rarely used nowadays for the reasons just given.
6) Your anti-spam strategy could include the following steps:
a) Replace the text e-mail addresses on your web sites with images plus a javascript that enables clicking on the image to open an e-mail send message box. Use a script that does not contain a text version of the e-mail address because e-mail addresses in the HTML are also harvested by spammers. Then accept e-mail sent to that address only. b) Bounce all other e-mail sent to your domain name. This is better than sending it to the black hole of your server because some spammers delete e-mail addresses that bounce. Do NOT use these image-based addresses when submitting to search engines. Set aside another address for that purpose and filter replies to it into a mail box reserved for that purpose. Similarly, when registering domain names, set aside another address. Spammers trawl the domain name registries for e-mail addresses. c) Some types of spam contain hidden code that can inform the spammer that you have received and opened the message. These web bugs are usually graphics files included in the message and containing HTML code that that displays images and links within the message body. When you open the message, the web bug requests the spammer's server to download the requested graphic and reports your e-mail address. To prevent this, you can delete before opening any message where the return address and/or subject line suggests spam. You can then log off and open any other e-mail from unknown senders. Well-configured firewalls and anti-spam filters can also reduce the effectiveness of this exploit. d) Make judicious use of the server-side SpamAssassin that ammonet provides with all accounts. SpamAssassin uses the combined score from multiple types of checks to determine if a given message is spam. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|