Anti-Spam ResourcesAnti-Spam Resources

As promised, here are some additional anti-spam resources.

Bob Evans, Contributor

January 7, 2005

4 Min Read
information logo in a gray background | information

As promised, here are some additional anti-spam resources from Andy Lester and Mitch Wagner, along with the full text of the letter from Paul Howell:

More anti-spam resources from Andy Lester:

More anti-spam resources from Mitch Wagner:

And Paul Howell's letter:

Hello Bob,

It's nice to gather readers' opinions and share them with us all, but too often of late you've shared old ideas that have been considered and rejected ... yet you've shared these ideas with us as if they were things of value. This does your readers no service, and your editorials lose value to me, and perhaps to others, each time it happens.

The latest example is the three variations on a "single simple theme" that you shared in your "Readers' Ideas Take A Bite Out Of Spam" article: send a message back to the spammer saying "No thanks, I don't want any spam from you." In the early days of spam, this activity simply told the spammers that the E-mail address was alive, and hence the address actually gained value to the spammer either for more spam or for selling the E-mail address as part of a list to other spammers.

Today, of course, all this idea would do is clog up the E-mail pipes even more. The majority (yes, majority) of spam coming to my clients' in-boxes is from hijacked home computers on broadband. Not from identifiable, semi-legitimate bulk E-mailers, but from home PCs on DSL and cable broadband that have been infected by Trojans and serve out spam all day, unwittingly, until the ISP figures it out and shuts them down. Any return E-mail to these spam factory robots is ignored, of course. They aren't set up to process incoming E-mail.

A worse problem is that sending such a reply would unwittingly bomb legitimate E-mail users who are totally unrelated to the spam problem. How? Most of these spam robots send out E-mail with spoofed headers, including spoofed return addresses, for two good reasons: (1) they can hide the robots better that way, making them more difficult to trace back, and (2) the spam messages seem more legitimate when they come from a "real" E-mail address.

I should know. Several times a week I get spam messages from myself, offering prescription drugs at steep discounts. One of my E-mail addresses has been listed on a Web site for many years and has been harvested by many spammers. That E-mail address is now used (spoofed) by spammers as a reliable outgoing address so often that I get spam (and viruses and Trojan attachments) from myself, and others I know get them from "me." When it first started, I was accosted by several colleagues saying "Ack! Fix your computer! You've got a virus, and it's sending out E-mails!." I have not been so infected.

One byproduct is that I now get several E-mails per day from friendly mail servers, automatically telling me that the E-mail address I was trying to reach with my offer for discount Rolex watches has a full mailbox or is no longer available at this address. So I know that my messages are getting through.

So, regarding your editorial, none of the suggestions from readers of the "cat-o-nine-tails" persuasion will help me, none of the "traceable sender" or return E-mails ideas will help me, and certainly none of the "pay-as-you-go" ideas will help me. Improved filtering does help, both on my incoming servers and at my desktop.

Alert ISPs that automatically alert and shut off access to the robot spam clones would help--but such ISPs don't exist. That would alienate those who pay them. If you want to get the broadband ISPs to help, let's threaten to make THEM pay the per-E-mail fines for the illegitimate clone spam factories they harbor on their networks.

Simple solutions for complex problems are rare in any field. A quick look into the archives of any forums discussing spam solutions or a conversation with any competent spam-security consultant should have buried these ideas. Perhaps a more meaningful article in information would address precisely this issue--Why Simple Solutions Won't Work Against Spam.

With best wishes for a clean in-box in the New Year.

Paul Howell
CEO
Smoothstone Systems
Lexington, Ky.

Return to the story:
Business Technology: A Trip To The Woodshed For Serving Tainted Spam

Read more about:

20052005

About the Author

Bob Evans

Bob Evans

Contributor

Bob Evans is senior VP, communications, for Oracle Corp. He is a former information editor.

See more from Bob Evans
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

A group of smiling college graduates celebrating their graduation.
IT Leadership
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era

Jan 17, 2025

Flame front of the Eaton Fire on the first night during the January 2025 California wildfires in Altadena and Los Angeles
IT Sectors
How Tech Supports the Emergency Response to the LA County Wildfires
How Tech Supports the Emergency Response to the LA County Wildfires

Jan 16, 2025

Graphic Pop Art style Illustration of Keanu Reeves as NEO from the film, The Matrix
IT Infrastructure
Y2K and Infrastructure Resilience 25 Years Later
Y2K and Infrastructure Resilience 25 Years Later

Jan 7, 2025

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring
IT Leadership
Help Wanted: IT Hiring Trends in 2025
Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Cobol programming language software development concept on vitual screen.
IT Leadership
Untangling Enterprise Reliance on Legacy Systems
Untangling Enterprise Reliance on Legacy Systems

Jan 21, 2025

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports