SPAM (Junk Mail)

Special Page About SPAM

Can it be controlled?

I recently met with a potential customer to discuss his most urgent computer and software needs. One of the first things he asked was how to get control of his SPAM. He was getting 35-40 a day. I suggested he consider himself pretty fortunate since his name appeared as an E-Mail address on his WEB site. A WEB mail address can be encoded to make harvesting more difficult, his wasn't

Well, he asked the right person. I've become an unwilling expert on the subject of SPAM. I haven't done any of the things, (listed later on this page), that are considered cardinal sins for inviting junk mail, in over 10 years, but get it I do, in spades. The following image is a report from my primary E-Mail account of the SPAM counts they trapped that never got into my system.

SPAM Reprt

The top number on the longest bar is only 15,232

It's said that a picture is worth a thousand words. When I tell people about the amount of junk mail I have heading for my inbox they're surprised, when I show them they are amazed and shocked. The good thing is that I only see these if I bring up the report. There isn't a false positive in the bunch. The bad news is that this is only one account at Mindspring, and they don't catch all of it.. There are 4 other E-Mail addresses that funnel into that account because Mindspring does such a good job. They only trap known SPAM. I also have a Bellsouth account, 2 G-Mail accounts and several WEB site mail accounts. Between those additional accounts I accumulate another 1,000+ or so every day most of which I can just delete every week or so. The 2000 or more that are in one of the G-Mail accounts and the 2400 that I average in the Bellsouth account I don't even pay attention to because as with the ones in the Mindspring account they disappear over time anyway.

The people who send this junk change their methods about every 5 days or so on average. Just as soon as I find a way to stop more of the junk from getting into my inbox they find another loophole. These spammers aren't stupid, they have figured out every trick to bypass every protection possible.

I use 2 other filters for the 3,000, and more, that get into my system, (on an typical day). One filter is a very old and well trained program called Spamkiller. It's a rules based filter that checks my Mindspring account every 10 minutes and pre-filters any mail from certain countries, (I received one from Tanzania today as an example), and it also has key triggers in the header of the message, or contents, that will stop them before I check my mail.

After 8 hours away from my system one recent night Spamkiller trapped 641 but there were more yet to come. Mindspring stops junk from known SPAM sites, Spamkiller traps all the SPAM that gets by Mindspring that matches my rules, (which I update by necessity everyday), but what if there is nothing to set a rule for? This morning, for example, Spamkiller took out 641 but experience told me there were many more.

My E-Mail client is Mozilla Thunderbird. It has its own junk mail controls that attempt to intelligently determine what is junk and what isn't. That method, referred to as Bayesian Controls, needs some training to be accurate. (It learns what you have determined is junk and not junk).When I opened up Thunderbird the morning it said I had 437 messages, (Those were the ones nothing else had stopped to that point). When I told it to get mail 402 went to junk automatically and 35 went to my inbox of which only 12 were legit. The way I see it, because I don't have any other option, 23 junk mail items in my inbox overnight out of what may have otherwise been around 3000 or more isn't bad.

The big question from most people is "how can you stop it?" The answer is that individuals with a personal account may be able to stop it depending on their Internet service provider, but it's a lost cause for most businesses. I read a recent story in a computer industry WEB site about a law firm with hardware/software based SPAM control in house protecting the entire network. So much SPAM was still getting through they cranked up the rules to cut back a little. The result was that they never saw a notice for a court summons for a client so they never went to court that day. They lost the case.

There really is only one way to stop the SPAM. The only reason it gets sent is because someone is buying the product or at least clicking the link. If everyone stopped making purchases from SPAM mail it would take about a week for it to stop. Won't happen!

I can tell you from experience that there are many companies and individuals that will not do business with a company if they don't have a WEB presence. If you have a WEB site it doesn't make good business sense to have your E-Mail address at G-Mail or Yahoo or Hotmail. It's not very professional not to have an address followed by your WEB site name. The problem is that very few commercial WEB hosting sites have any junk mail controls.

In my case I have all my WEB site mail forwarded to the Mindspring account which does have SPAM control. All my mail goes to the WEB domain, that's the return address and everything appears to come from that domain so nobody can tell I'm using Mindspring. My E-Mail address on this site is encoded so the sites that harvest mail addresses can't see it.

Industry experts estimate that at any one point in time a Russian consortium, (Don't laugh, they call it the Russian Mafia), has control of over 70,000 computers acting as SPAM Bots sending out SPAM at the rate of thousands every minute. Those systems have been infected with worms that cause the computers to act like mail servers. The worm has a small bit of code that performs some pretty fancy tricks like changing the headers or the visible text for every message they send. That's one of the things that makes the SPAM so difficult to detect. There is no fixed point of origin and since the headers change it can rarely be determined where it came from with any accuracy. If the origin of the SPAM is a personal computer and the internet address, (the IP address), changes frequently as it's prone to do with some service providers it's a moving target. 70,000 moving targets are impossible to stop.

There have been times when those spammers have spoofed my WEB site as the originator of the SPAM. When that happens all of the mail that gets bounce from closed accounts or mail from people who have vacation messages in place or accounts that just don't exist get thrown, (bounced), back to my domain. When that happens I have been known to get over 4,000 of those bounced messages an hour for 2 or 3 days. That's when I have a really difficult time listening to other people's SPAM problems.




© 2002-2008 PC MAX All Rights Reserved