Spam Control

Up

 

Spam Control – A Practical Perspective

by Greg Hanger

Like most Monday mornings John was prepared to hit the ground running.  Before grabbing that first cup of java his routine was to swing into his office and hit the power button on the PC.  This allowed his PC to crank to life while he headed down the hall towards the coffee machine.  John was always thinking of efficiency because he was selling his time.  He knows time is money. 

His first task like most Monday mornings was to check his email.  This way he can see if any directives, or client information had arrived that would help him organize his workload.  John opens his Microsoft Outlook email program and is struck in horror!  His mailbox was stuffed with over 200 email messages touting online gambling, mail order brides, pornography, and prescription offers.  Now forced to scan each message most with misleading subject lines, he has lost the first 20 minutes of his day sorting out the 5 or 6 legitimate messages he needs to read.  To add to his misery his email program is announcing new messages every 2 or 3 minutes.  Only a few are legitimate. 

Sound familiar?  If it does you have been located by one of thousands of junk mail operators clogging the Internet.  If this is not you, then you are likely taking steps to take care of the problem, or these nefarious operators just haven’t found you yet.  John’s story is true, and unfortunately not too unfamiliar. 

THE PRACTICAL APPROACH 

Legislation and technical efforts are underway to stem the tide of junk mail.  This is little consolation to businesses and CPA firms who need a solution today.  Below are some ideas to help avoid spam if you don’t already have the problem: 

1)      Sign-up for a throwaway email address to do on-line commerce with.  If you want to keep your address a secret from spammers then consider making your Internet purchases with a free account.  Hotmail (MSN), Yahoo, and a host of smaller companies offer free email accounts.  If the spam on the free account gets annoying throw it away and start fresh with another account. 

2)      Never respond to a spammers email.  Also turn off the message preview function on your email software.  Spammers seldom actually take you off a list.  By responding to “opt-out” or responding with “remove” requests you are likely to receive more spam.  Spammers use the “opt-out” requests to confirm the address is live.  Many of these emails contain a “call home” function that springs into life when mail is read.  Don’t preview your email. 

3)      When purchasing products on line from legitimate companies always be careful to clear any check boxes offering to send information to “trusted affiliates” or to be contacted by email.  This is a sure way to end up with spam.  Also, consider using your throwaway address when registering software, or other activities that require you to enter your address.

 The pointers for avoiding spammers who have not found your address work, but what about John’s problem?  Sure he can avoid receiving even more spam, but what about the spam he is already receiving.  Below are a few steps that can be taken to help listed in order of the easiest to implement to the most difficult but possibly most effective:   

1)      If you are using Outlook turn on your Junk E-mail filter.  The filter is far from perfect, but can be a good first step to eliminating some of the problem.

2)      Consider installing “client based” software.  This software is installed on your machine as opposed to the network.  Two examples are:

a)      “I Hate Spam for Outlook” http://www.sunbelt-software.com.

b)     McAfee VirusScan SpamKiller  http://us.mcafee.com

Typically the more time spent fine tuning the software, the better the result.

3)      If you run your own email server than you should consider a server based spam filters.  Our organization uses a product called Mail Essentials http://gif.com.  This product has several nice features for blocking spam including the use of blacklists that connect to organizations such as Spamhaus. 

Spamhaus maintains a real time database of IP addresses of spam-sources, including known spammers, spam gangs, spam operations and spam support services.  The product also blocks emails based on keywords contained in the subject line, message body.  Also various mail characteristics are analyzed.  For example email that arrives as an image only is blocked.  Our organization has been successful at blocking almost all its spam using this product.  Many other products are available in server versions.  Your network administrator should try several before deciding on the package best suited for your organization.

4)      The most effective products are whitelist products.  As the name implies these products are designed to block all mail unless they are on your list of acceptable users.  The best of these products use a challenge response system to completely remove spam.  In a challenge response system a spammer is requested to fill out a form asking for permission to be added to your list.  Typically a spammer uses fake reply address, or would not reply anyway. 

If you think this might be your solution, and you want a free test drive see http://www.qurb.com/.  Qurb offers a product designed for use with Outlook.  The obvious downside of this type of product is the possibility of blocking legitimate mail not on your whitelist.  The upside is that it will be 100% effective in removing spam from your inbox.

 PROS AND CONS

Generally speaking the more aggressively your organization fights the spam war the more you will run the risk of blocking legitimate email.  Most programs that filter spam will contain a quarantine option.

An effective strategy would be to initially quarantine email, which has been filtered by your software.  By scanning the quarantined email you will be able to locate legitimate email which might have inadvertently been caught and adjust the filter rules to avoid blocking legitimate messages the problem.  At the same time you typically can adjust rules to catch junk mail that got through.  This tweaking will yield good results, and should result in fewer legitimate emails being caught.

THE DISTURBING REALITY OF SPAM

The spam issue has been of growing concern.  Spammers have become increasingly sophisticated in techniques used to spread their trash.  The statistics vary depending on your source, but one thing all agree on is that the economics of spam mean that the sender will bare less of the cost than the recipient.  Further as long as this economic fact exists we will all continue to be targeted by spammers.

Lawmakers have been struggling with the problem, but very little actual progress has been made.  Steep fines and jail time for violators could increase the cost of sending spam.  Filtering spam also raises the cost of sending it.  If we can filter 80% of all spam sent then we have increased the cost by 5 times, if we filter 95% of spam sent we can estimate we have increased the cost of sending it by a factor of 20.  Battling spam by ignoring, filtering, and otherwise disregarding it maybe our best weapon for increasing the cost of sending it.  Increasing the cost may deter spammers.  If they can’t make money sending junk email maybe they won’t send it.

 

Home ] Up ]