Combating spam

Posted: 11th May 2015

The causes of “spam” e-mails are numerous, ranging from cheap bulk marketing to that used by organised crime syndicates. The effect on businesses like ours can be the daily irritation of sorting your inbox to find a “real” message to full -scale recovery from a spam-borne virus attack.

A study in 1995 showed that 80-85% of e-mail could be categorised as spam and trends show this is increasing. Spam ranges from annoying advertisements to malicious messages carrying viruses and Trojans (commonly used in “phishing” scams to elicit financial and banking information for use by fraudsters).

So how do you combat spam? Following ten basic rules should reduce the amount you receive considerably if not completely.

Rule 1: Never respond.

Even if there is an “unsubscribe” option; this is a common technique by spammers to indicate that an address is actively used –far from being unsubscribed your address will be passed on to other spam lists.

Rule 2: Avoid including your e-mail address on a website.

Spammers scan the web and “harvest” e-mail addresses from websites. For contact purposes it is better to include the address as a graphic or enter it in a human-readable form, e.g., john<dot>smith<at>domain<dot>com

Clicking on a website link will also contain your e-mail address in HTML code –if you use this ask your web designer to convert the address into a machine-parsable form rather than clear text making it difficult for spammers to identify.

Rule 3: Avoid subscribing to “open” newsgroups or forums.

Spammers also harvest addresses from newsgroups open to the public (unlike the One List which is a closed forum).

Rule 4: Never provide your e-mail address online without good reason.

If an e-mail address is requested you can be pretty certain that the website owner intends using it. Always check the terms and conditions before entering your address. If in doubt, don’t.

Rule 5: Never buy or use a service advertised by spam.

You can bet that your address would be passed on as being an active account should you respond resulting in more spam.

Rule 6: Limit the user names for your domain.

If you own a domain name it is likely to be configured to forward <anyname> to your inbox. Spammers can rely on the use of any user name to reach you, particularly common names such as “webmaster” or “postmaster”. It is a simple process to limit users in your domain to specific individuals, e.g.,, with all non-recognised addresses being rejected.

Rule 7: Use a spam-filter and/or anti-spam software.

An online spam-filtering service such as SpamArrest can prevent non-authenticated mail from reaching your inbox. SpamArrest replies to non-authenticated mail senders with a request to identify themselves by clicking a link on a web-page before forwarding their message to you –automated scripts used by spammers are unable to do this. Once the sender is authenticated mail is forwarded to you without the sender being bothered again. This should block 100% of spam traffic.

Anti-spam software can remove potential spam but is susceptible to “false positives”, e.g., an e-mail containing the phrase “surveillance specialist” could be incorrectly classified as spam since the word “Cialis” occurs in “speCIALISt”. Conversely “false negatives” can allow spam through when the spammer includes long tracts of incomprehensible text in the message to fool the Bayesian filter in the anti-spam software.

The SpamFighter software uses a cunning approach. Spam messages are automatically reported to an online server –when a message arrives it is checked=”checked” against this central database and removed if flagged as spam. The larger the user community grows the more effective the service.

Simply changing your e-mail software can be beneficial –using Mozilla Thunderbird in place of Microsoft Outlook is free and includes a powerful spam -filtering option.

The cost of such services or software is remarkably low, even free, and can typically block some 80-95% of all spam.

Rule 8: Switch off the automatic download of images when viewing your e-mail.

Spammers can include a graphic in the e-mail, often so small it can’t be seen, that requires downloading from a website. When the image is automatically downloaded it identifies your e-mail address as being active to the spammer.

Rule 9: Never pass on chain mails, joke messages or virus warning threats.

Chain mails simply flood the internet and take up bandwidth without any benefit. Joke mails may seem funny the first time but after the tenth, the humour wears thin. Virus warning threats are chain mails in the guise of a hoax message. Forwarding such messages to your colleagues can contribute to spam and may even result in you being black-listed by someone’s anti-virus software.

Advice on where to check out if a ‘virus’ is real or not? List the sites

Rule 10: Always use a firewall and anti-virus software on your PC.

The combination of a firewall and anti-virus software can prevent your PC from being compromised by malicious spam carrying viruses and Trojans.

Remember to keep your anti-virus software up-to-date otherwise it’s not worth having.

Tony Goddard

DeChêne International Ltd
(01905) 723004

Tony is a Chartered IT Professional and Member of the British Computer Society with over 20 years experience in the computer industry. He’s also married to WiRE member Shirley –by far his best achievement yet!