Site Menu:  About Me  Resume (C.V.)  Quotations  Anti-SPAM

Martin Green's
Anti-SPAM Page

If you are like the majority of Internet users, you are frustrated, or maybe even directly financially impacted by the proliferation of SPAM on the Internet (SPAM costs everyone indirectly). Well, this page is dedicated to explaining not only what SPAM is, but also why it may be hurting you, even if you don't mind it, and what you can do to combat it.

What is 'SPAM'?

SPAM is any unsolicited email sent to you to try to entice you to purchase something or take part in some activity. In most cases SPAM falls into one of four categories:

  1. Bulk advertising.
  2. Fraudulent Business or Investment Opportunities
  3. Invitations to sex oriented Web sites.
  4. Internet chain letters.

SPAM got it's name from a Monty Python comedy sketch. For those too young to know, or those that lived under a rock for the last forty years, Monty Python was (is?) a British comedy troupe famous for a television series, several movies, and numerous recordings. In one of their comedy routines, the audio track was repeatedly overwhelmed by a men's choir singing the name SPAM (a canned pork sandwich meat) over and over and over again. When unsolicited email began to become a problem, someone decided the repeating nature of SPAM reminded them of the Monty Python sketch, hence unsolicited email acquired the name SPAM.

Bulk Advertising

Basically, this is just an electronic version of the junk mail that gets stuffed into your mailbox. It is similar in many ways to the junk faxes that proliferated a few years ago before they were outlawed in the US (and maybe elsewhere as well, I know I still often receive junk faxes here in Canada), but they are easier to send, harder to stop, and cost everyone (except the perpetrator) much more (see below). Most bulk advertising SPAM is sent by small companies on a limited budget, but some of the worst SPAMmers are huge organizations sending millions of SPAM messages per day. Probably the most notorious of these is Sanford Wallace, whose company 'CyberPromotions' has been the subject of many lawsuits (Note: I just read that Sanford Wallace has 'reformed' and sworn off using SPAM... we'll see!). Most of these companies jump from one Internet service provider to another as their accounts are terminated because of their SPAMming activities.

UPDATE! On May 10th, 1998, Bigfoot announced a court victory against Sanford Wallace. CyberPromotions, Sanford Wallace, and all clients of CyberPromotions are now prohibited from sending any unsolicited email to customers of Bigfoot. They are also prohibited from placing the Bigfoot domain in the headers of any SPAM sent. Since Bigfoot's email redirection service is a useful weapon against SPAM (see below), this is welcome news.

UPDATE-UPDATE! Well, it is now ten years after that previous update was written, and it seems our old friend Sanford wasn't being entirely truthful about getting out of the SPAM business. The US District Court for the Central District of California made a default judgment (because the accused didn't show up) in early May of 2008 against Sanford Wallace and Walter Rines for using MySpace to send more than 700,000 spam messages to users of the popular social networking service. The result is $234 million in damages for MySpace (the highest award ever to date)... assuming, of course, that Wallace and Rines can be tracked down and forced to pay up.

Fraudulent Business or Investment Opportunities

This is similar to normal bulk advertising except that the solicitations are intended to defraud anyone foolish enough to take them up on the offer. The pitch typically relies on the greed of the recipient, though the less gullible would usually recognize the promise as too good to be true. Typical examples are phoney stock market recommendations, big-money/no-effort business "plans", and online "confidence schemes", such as the Nigerian.Advance Fee Fraud (4-1-9). More than just SPAM, the key word here is SCAM.

Invitations to sex oriented Web sites

Another variation on bulk advertising, this has some additional considerations beyond normal non-sexual SPAM. Since email addresses are collected at random, usually by automated SPAMbots, the recipient of these often explicit ads can be anyone, including children. Usually these ads contain a clickable WWW address, making it easy for those children to find sexually explicit sites. Due to their overt sexual nature, this type of SPAM is often offensive even to those who don't otherwise mind SPAM.

Internet Chain Letters

Again, this type of SPAM is an electronic variation on a real-world theme. Chain letters, electronic or otherwise, are a type of scam known as a pyramid scheme, similar to a Ponzi scheme, except the participants know from the outset that the only thing changing hands is the money obtained from recruitment. In a Ponzi scheme (named after Charles Ponzi) the investors believe they are investing in some real property or project. For more information on pyramid and Ponzi scams check out this US Postal Service pyramid scam alert.

NOTE: do not confuse pyramid scams with legitimate MLM companies such as Amway, Quixtar, Mary Kay, or Avon, etc. Many blatant email pyramid schemes try to convince the reader that they are an MLM business instead by offering some worthless product or information as a smokescreen. The classic example is the 4-letter scam where to reader is asked to send a sum of money to each of four individuals on a list, supposedly to purchase a different valuable business tutorial from each. These documents are actually worthless drivel purporting to teach you how to reap big profits from the Internet, but which actually instruct the hapless dupe on how to repeat this ancient scam for their own benefit. The kicker that clearly flags this as a chain-letter scam is that after sending the four cheques, the reader is supposed to remove the name on the top of the list, add their own to the bottom, and continue the cycle by sending the new list out to all their friends. Make no mistake, despite the "valuable" merchandise being offered, this is an illegal chain letter scam. In a flabbergasting display of sheer audacity, almost every example of the 4-letter scam I've seen has a paragraph claiming that the program has been reviewed by the FTC and declared legal, even going so far as to refer to a paragraph and subsection in a Federal Trade Commission document as supposed proof. Amazingly, if the reader took the time to look this reference up they would find that the specified clause clearly defines the solicitation as illegal. The perpetrator relies on important sounding prose and the laziness of the gullible to create a false aura of authenticity. Arguably, by pointing the reader to a clear declaration of the illegality of the program being promoted the culprits might be somewhat protected from legal liability by claiming that the recipient had been warned from the outset.

For information on the legal differences between a pyramid scam and a legitimate MLM company see this MLM Law Library page.

Why does anyone send SPAM?

Quite simply because it is by far the cheapest way to get your advertising message out to a huge number of people. Except for the nominal cost of an account with a service provider, all the remainder of the cost of distribution of the message is borne by the Internet community as a whole, and by the recipient of the message. By comparison, imagine that every piece of junk mail that was delivered by your mailman had a COD charge of a few cents to cover the postage. This transfer of the cost of advertising from the sender to the recipient makes SPAM irresistibly attractive to the less than scrupulous in the business world. The other reason, and this is a compelling one, is that it WORKS! Despicable as it is, when you send ten thousand messages to the general public, even totally at random, at least a few people will respond with an order. Personally, I would like to slap these people "up-side-of-the-head", but they are out there, and as long as they are, we will have SPAM.

So What Harm does SPAM really do?

Isn't SPAM really harmless? I mean, can't you just delete it from your mailbox if you don't want to read it? Well, actually no, SPAM is an immense drain on the resources of the entire Internet community, both in time and money. Here are some of the ways that SPAM costs us all:

  1. Some recipients of SPAM are charged by the message by their Internet service providers. These days this is more common outside North America, but even here there are still users being charged directly for each piece of mail they receive, even if that mail is unsolicited advertising.
  2. In 1997 the world's largest ISP estimated that between five and thirty-three percent of its server time was spent processing SPAM mail. The sheer volume of SPAM forces constant unnecessary upgrades to the infrastructure of the Internet, the physical cabling, routers, computers and software that make up what we call the Internet. The cost of these upgrades is passed on to end-users by their service providers, sort of a hidden tax necessitated by SPAM abuse.
  3. SPAM floods are sometimes so great they actually choke the mail servers of the originating service provider, or relay sites, causing service outages that sometimes last days. Even huge sites like AOL and Sympatico (Bell Canada) have suffered service outages lasting several days due to a SPAM attack passing through their mail servers. I recently read of a single victim mailbox that was plugged with over 250,000 copies of a single piece of unsolicited commercial email.
  4. In efforts to combat SPAM, many service providers now block entire domains that have been used as the source or relay point for large SPAM attacks. This means your important message may never make it to its destination if your domain has been blocked by the recipients provider, or any relay site on the way.
  5. As a result of the widespread use of Relay Mail to hide the true source site of a SPAM flood, most mail servers around the world now block any outbound mail being sent from an outside site. This prevents you, for instance from sending mail from your personal email account via the direct Internet connection you have at work. While this is usually only an annoyance, were it not for SPAM this policy would not have been initiated worldwide.
  6. Permanent Email Address services, such as Bigfoot, which provide a valuable service to the Internet community, have been the target of a huge spoofing attack by the large SPAM offenders, such as CyberPromotions. Spoofing means that the SPAM originator falsifies the originating domain name to make it look like it came from somewhere else, thus making the offender harder to track down while also giving the message some extra undeserved credibility. Some service providers are now blocking ANY incoming mail that has been routed via Bigfoot (although this practice has almost disappeared lately) because it has been spoofed so often by SPAMmers. A good friend of mine, who has used a Bigfoot email address exclusively for several years was forced to publish his physical email address recently when his service provider unilaterally blocked all incoming email that had passed through a Bigfoot server.
  7. In 2002 Bigfoot decided to alter their pricing structure, replacing the completely free "Bigfoot for Life" permanent email address service with a tiered program. The free level now only allows 25 messages per day, with additional mail simply rejected and returned to the sender. Some days I receive over twenty pieces of SPAM, despite my agressive defences, which doesn't allow much room for legitimate email. Rather than pay the upgrade fee to Bigfoot, I have decided to use a mail redirector service provided with a domain name I own, but not everyone has this alternative. Most people I have convinced over the years of the benefits of a permanent email address have been forced to upgrade and pay a yearly fee to allow more than twenty-five message a day. This cost is directly attributable to SPAM, since none of those people would exceed the limits of the free Bigfoot service if not for the unsolicited mail flooding their inbox.
  8. In a July 5th, 2002 article in Wired Magazine, Michelle Delio writes of the dangers of taking a vacation in the midst of today's SPAM flood. Many people find that when they return to their mailboxes after an extended absence, they have received so much SPAM that their ISP or company mail server has cut off their account because they have exceeded their allotted server space for email. Their mail programs have happily stored gobs of useless SPAM, eventually rejecting all new messages, including legitimate and important business and personal mail.

How do the SPAMmers get your email address?

SPAMmers use something called a SPAMbot to collect email addresses from the Internet automatically. A SPAMbot is a program similar to the ones used by the Internet search engines such as Lycos and AltaVista to collect information on Web pages. By searching for any sequence of letters that conforms to the layout of an email address (name@domain.type), SPAMbots compile huge databases of unqualified addresses that are later fed to the programs that actually do the SPAMming. These addresses are unqualified because they may or may not be valid or active, but as I'll describe in the section on combatting SPAM, you may be tricked into inadvertently confirming a valid address. Even if they are not confirmed, an address picked up by a SPAMbot may still be valid so it will be used anyway. Here are some of the places the SPAMbots look for your address, and other ways SPAMmers can find you:

  1. The most common is probably via mailing lists and newsgroups. Every time you post a message to a newsgroup or mailing list you are also posting a return address that the SPAMbots can read. Most newsgroups and mailing lists also archive old messages, giving the SPAMbots access to literally thousands or even millions of candidate addresses.
  2. If you have a personal Web page, or your email address appears for any reason on a Web page, a SPAMbot designed to follow the links from one Web site to another can capture your address.
  3. If you respond to a questionnaire on a Web page by supplying your email address, it may be made available to SPAMmers the same way that magazine publishers periodically sell lists of their subscribers to direct mail advertisers. Names obtained this way are very attractive to advertisers since they are already validated, and allow targeting of SPAM to people with specific interests. Some Web sites will ask you if it is OK if they sell your address, but most don't. Even some well known and trusted companies that insist they won't release your information have been caught in the act. Often, a reporter will create a unique email address with one of the free web mail services such as Microsoft's HotMail, then use it to order a single item from a single web vendor. Almost invariably the reporter will begin to receive SPAM in the new account, often within a week. So much for the promises of that "reputable company" to keep your data private.
  4. Just as there are companies that sell lists of snail-mail addresses to direct marketers, there are also companies that will sell you a CD-ROM containing thousands or millions of email addresses. Again, addresses obtained this way are often more attractive to a SPAMmer since they are often categorized by the interests of the addressee.

FrontBridge, an E-mail protection vendor, evaluated hundreds of millions of SPAM messages and identified the top 10 ways that SPAMmers obtain or guess your address:

  1. Put an E-mail address on a high-traffic Web site.
  2. Post (or reply to a post) on Usenet.
  3. Post (or reply to a post) on a public Web-based discussion group.
  4. Register the address with a Web site that goes out of business and sells its list.
  5. Register the address with a Web site that sells its list.
  6. Subscribe to a porn site with the address.
  7. Reply to an opt-out E-mail or click on an opt-out link in a message.
  8. Use an address with a common name that can be easily guessed (such as bob@company.com).
  9. Register a domain name.
  10. Post an E-mail address in a chat room.

What can you do to combat SPAM?

There ARE effective ways to minimize the impact of SPAM on your life:

  1. NEVER post your real email address to a newsgroup or mailing list. Instead, set up your mail reader to supply an altered version of your address as the author and reply-to fields of the message, and include instructions on how to reply somewhere in the message. A human reader can see these instructions and reply easily, however a SPAMbot will blindly read the address as posted and any SPAM sent to that address will go nowhere. For instance, add the letters NOSPAM to the domain part of the address, then include the following in the signature at the end of the message:

    mrgreen@NOSPAMimage-power.com
    This address has been altered to defeat SPAMbots.
    To actually send me mail remove the NOSPAM from the domain name.

  2. Do the same wherever your email address appears on a Web page. Alternately, you can obscure your email address by writing some JavaScript code to generate the "mailto:" statement on-the-fly, then call it when the user clicks on your link. Any SPAMbots that read your page will scan for anything that looks like an email address (name@domain) and should ignore the JavaScript code since it doesn't get converted to an email address until the user clicks on the link.
  3. Route all your incoming mail through a service like Bigfoot, which provides sophisticated SPAM filtering. This way, email originating from known SPAMmers will not even make it into your mailbox.
  4. Use an email reader that allows incoming mail to be scanned for key phrases or names, and automatically deleted or routed to a special junk mail folder if they are found. I use Agent, by Forté Inc., but many good email readers will provide this feature. Note that the Netscape mail reader will not perform this function. A good phrase for the filter to look for is the one that tells you to reply to the SPAM with 'remove' in the subject line to be removed from the SPAMmer's mailing list. Almost all SPAM mail has a similar line somewhere in the message.
  5. Use a third-party SPAM filter program that checks incoming mail and deletes those identified as SPAM. I cannot recommend any of these since I have not needed to use one, but they work in a similar fashion to the filtering function built-in to the better mail readers.
  6. Create one or more free email addresses using a service like HotMail or Yahoo Mail and supply these instead of your main one when you order something online. This way, even if the vendor releases your address to the SPAM community you can simply delete the free address and create another one for future purchases.
  7. NEVER be fooled by the line in a SPAM message that tells you to reply to the message with the word 'remove' or something similar in the subject line. Not only does this never actually result in your removal, but SPAMmers use this technique to identify valid email addresses from the millions of unqualified ones they start with. Requesting removal is guaranteed to increase the amount of SPAM you receive, not reduce it.
  8. Be careful if you set up a "vacation autoresponder" on your email account to alert people that you are away. This tool typically sends a short message to anyone who sends you mail notifying them that you will not be able to read or respond to the message in a timely manner. Unfortunately, anyone who sends you mail will get this message, including SPAMmers, which will of course confirm a live email address as surely as if you had tried to 'remove' yourself from the list.
  9. The ONLY sure-fire way to eliminate SPAM is to use a mail service that allows "whitelisting". With this technique, only mail from senders you have specifically confirmed in advance are accepted by your mailbox. Hotmail and America Online are two examples of services that provide this feature if you want it. Of course, the big drawback of a whitelist is that sometimes someone who is not on the list has a legitimate reason to send you mail. If they don't have your phone number or snail-mail address to request inclusion in the list you may never know that they tried to contact you.
  10. As SPAM becomes more prolific and abusers become more devious, many people find that a layered approach improves their SPAM kill rate. For instance, use a redirector service with SPAM exclusion like Bigfoot to prefilter incoming mail. When the email is routed to your real address by Bigfoot, your ISP or company SPAM fighting tools can further winnow the wheat from the chaff. Finally, if anything gets through those first levels of defence, your email reader's filtering capabilities can nuke any specific offenders you become aware of.

What do I do if the SPAMmers already have my address?

If you are like I was, your email address may have already fallen into the hands of SPAMmers. When I decided to take action against SPAM my email address was already in wide circulation amongst the SPAM companies, and I was receiving 5-20 pieces of SPAM mail each day. If you are in this boat, here's what you can do:

  1. Ask your Internet service provider to change your email address. They may take some convincing, but if you explain that you are doing this to combat SPAM, they will probably accommodate you. If not, your only solution may be to change service providers.
  2. Before you publish your new address to the outside world I strongly recommend you use a free permanent email address service such as Bigfoot, which will greatly simplify your life if you ever need to change your physical address again in the future. If you choose this route, publish only your Bigfoot address and keep your physical address secret.
  3. Notify anyone who regularly sends you legitimate email of your new address.
  4. From now on, follow all the suggestions in the previous section.

After changing my physical address, and by following the guidelines above, I received NO SPAM mail for over a year, and minimal amounts for several more years. Try it, it really works! (for a while anyway - repeat as needed)

What should you NOT do to combat SPAM?

Many people react to SPAM in anger, and the most obvious target of that anger is the email address in the "sender" or "return to" field of the SPAM message. Unfortunately this is probably the worst response to SPAM, since you are almost guaranteed to harm an innocent party. SPAM is almost always camouflaged with a fake return address. Supplying a fake address is simple, and even neophyte SPAMmers use this trick. Although these false addresses are often just alpha-numeric sequences randomly generated by the SPAM software the perpetrator is using, tacked on to a real or fake domain name, sometimes they are real addresses of unsuspecting computer users. When you respond to SPAM by "mailbombing" the return address, you are not hurting the offender at all, but you may be jumping all over an innocent bystander and/or his service provider.

Also, it is likely that even the source domain name for the SPAMmer is counterfeit, so "denial of service" attacks against what seems to be the SPAMmers ISP are likewise more likely to harm an innocent than to have any effect on the perpetrator.

If you are determined to find the true source of junk email, you will need an email reader that allows you to see all the mail servers that have passed the SPAM from the source to your mailbox. Find the first two servers the mail passed through, and send a copy of the SPAM to the postmaster and abuse mailboxes on those servers. Include a blurb just before the body of the SPAM text, explaining how the SPAM was received and what you expect the ISP to do about it. Here's an example of text I sent to two ISP's when I received the same piece of SPAM repeatedly over the course of a week via an email mailing list:

The following unsolicited email marketing has been sent to the PICLIST mailing list four times in the last week. The PICLIST is a technical roundtable mailing list focusing on microcontroller hardware and software. This advertising has no place in this venue.

As you can see, this message indicates that it originated from your domain, and the name portion of the address has been a different randomly generated series of numbers and letters each time it was sent. While I realize that the domain used here is probably counterfeit, I assume that you will want to take steps to prevent the use of your domain to proliferate SPAM.

Thankyou,
Martin R. Green

There is no guarantee that this will have any effect on the evil SPAMmer, but better that than to make life miserable for an Internet user that doesn't deserve it. By the way, the product being advertised by the SPAM that prompted this notice to the ISP's was a new type of SPAMming software robot that would walk the tree from any Web page you gave it, gathering any email addresses it found on those pages into a database. These addresses could be used later by the same program to send out bulk unsolicited advertising. The idea was to get higher quality addresses by starting your search on a Web page catering to the kind of customer you were hoping to lure. Meta-SPAM... SPAM being used to advertise a tool to create SPAM!

New SPAM Tricks

Since I originally posted this page the SPAMmers have become much more sophisticated. The cleverest trick I've seen so far is to send the SPAM to a known bad email address on a known good mail server. The stroke of evil genius here is that they doctor the email to look like it came from you, then when the mail server rejects the SPAM it gets sent back to you, not the originator. This is a difficult ploy to counter, you normally won't block returned messages since you want to know when your legitimate mail doesn't get where you want it to. Even worse, a message that reaches you mailbox this way will normally have had all the message headers removed, which makes it nearly impossible to trace the SPAM back to the perpetrator (see Reporting SPAM below).

Another popular trick these days is to start the solicitation by claiming the email was sent to you in response to a form you filled out on a website, or in some other way initiated by you. Just today I got one claiming that I had played online blackjack with the person on the Yahoo gaming site, and trying to convince me to try out a new online casino. Not only have I NEVER played blackjack, or gambled in way on the internet, I didn't even know Yahoo had a game site (maybe they don't, I didn't check). In most cases you will never have even heard of. the bogus web page or service they are claiming you visited. But you will probably look at the message a little longer and harder than you otherwise would have, and that might be enough to pique your interest in the "product" or "service" they are hawking.

A recent deception I've seen is to send you an innocent looking message, usually only a few lines long, thanking you for a file you sent, a business lunch you bought for them, or some other help you provided them with. Of course you don't even vaguely recognize the senders name. This message is not SPAM in the traditional sense, it doesn't fall into any of the four categories listed above in What is 'SPAM'?, but it's insidious nonetheless. When you, as a good-Samaritan, send back a helpful note telling the sender that their thanks have been sent to you by mistake, you confirm your email address is not only active, but "live", with a real breathing person behind it. If you reply to this type of message, expect to be deluged with fresh SPAM in the near future.

ZDNet is also reporting that some especially devious culprits are now making SPAM look like it came from a trusted source, such as the System Administrator at your office. An innocent message, such as "Your mailbox is over its size limit" invites you to click on a link to fix the problem, but of course you are taken to a sexually explicit site instead.

Reporting SPAM

No matter how hard you try, it is unlikely you'll be able to eliminate SPAM entirely. When it shows up you can report it to a couple of different places. These are North Americans links since that is where I live and they are the only places I know of. If anyone wants to let me know of any other place to report SPAM, including internationally, I will include them here.

SPAM (fraudulent or just annoying) can be forwarded to the Federal Trade Commission in the USA. In Canada fraudulent SPAM (such as chain letters or investment scams) can be forwarded to PhoneBusters. In either case it helps if you copy all the headers in the email into the body of the message since this is the info the authorities will use to track down the offenders. I won't give details of how to display these headers since it varies depending on the mail client you use so check the manual or help file. Even if you don't live in Canada or USA you can still forward SPAM to these addresses if you think it originated in those countries.

One type of scam is so widespread that PhoneBusters has dedicated an email address solely for reporting it. Sometimes known as the the Nigerian, or Advanced Fee Letter Fraud, regardless of the country of origin the common thread is that an individual claims to be trying to move a large sum of money to North America from a repressive or violence torn African country. The most recent one I have received claimed to be from the son of a white farmer from Zimbabwe murdered by Robert Mugabe's land-reform thugs. They promise a substantial fee to you if you will act as an intermediary, but the sting is that if you reply with interest they will request a "good faith deposit" or processing fee from you before any funds can be transferred to your account. Of course, your deposit will never be seen again, nor will any funds ever be transmitted to you. Rather than the regular PhoneBusters address send a copy of this type of SPAM to their West African Letter Scam line.

Anti-SPAM related Links

Go to CAUCE One of the best anti-SPAM sites on the Web!

Go to SpamCom Dedicated to protecting legitimate email on the Internet by defeating SPAM.

AntiSpamAnother really good site.

SpamHausHelp on finding out who the SPAMmer really is.