February 09, 2005
Be a Hero - Can Some Spam
Did you ever want to be the guy/girl in the white hat, fighting the bad guys and making the world safe for democracy? If you have a web site, you, too, can be a hero by participating in Project Honey Pot to help rid the world of spam.
Here's how it works. You sign up for an account with Project Honey Pot, and they issue you a dummy email address. You include this email address on your site. (Of course, you don't use this email address for any correspondence.) When the spam starts rolling in as a result of email harvesting by spammers, Project Honey Pot collects it, and reports the spammers to the authorities.
That's it in a nutshell. For more information, see the Wired article, Turning the Tables on Spammers and the Project Honey Pot web site.
Posted by Cindy L. Chick at 04:23 PM | Comments (0)August 08, 2004
More on Spam - Antispam Tools Keep Up
PC Magazine tests the latest version of five spam blockers including Choicemail One, iHateSpam, MailFrontier Desktop, SpamBully and Spam Shredder, giving their Editor's Choice to MailFrontier Desktop 4.0.
Posted by Cindy L. Chick at 05:49 PM | Comments (0)July 01, 2004
Protect Your Email Address
As you may already know, posting your email address anywhere on web is a sure-fire way to increase your spam exponentially. Luckily there are ways to prevent the onslaught. PC Magazine's article "Protect Your E-Mail Address" tells you how to keep the spam at bay when you absolutely, positively need to post your address to a web site.
The article cites a series of experiments conducted by the Center for Democracy and Technology, in 2003. Dozens of new e-mail addresses were created, then used in a variety of ways to mimick real-world use. Ninety-seven per cent of the spam was a result of email addresses posted to the web. Addresses registered at e-commerce sites received little or no spam.
If you must post your email address, what can you do? Several things. Spell out "youremailaddress at domain dot com", put your email address in an image, or use a free encoding service, Hiveware's Enkoder, to name a few.
Posted by Cindy L. Chick at 06:12 PM | Comments (0)March 28, 2004
More on Spam - Directory Harvest Attacks
I opened a new email account a couple of months back in preparation for closing down my old one because of the large volume of spam it collects. Within a couple of days I'd received several spam messages on my new, never used email address. Obviously the address wasn't harvested from listservs, web sites, or chat rooms, or any indiscretion on my part. So how did the spammers get it?
Easy. As a matter of course, they simply send out email to randomly generated email addresses. Inevitably a percentage of their guesses are correct and are delivered to real people. So since the spam sent to my new email address didn't bounce, the spammers could note that it was a confirmed, valid email address, and send even MORE spam. Oh happy day.
This process is detailed in "Understanding Directory Harvest Attacks", PC Magazine, April 6, 2004. Though I've be aware of this method I did not understand all of the details, mainly that the spammer adds all such "found" addresses to their database.
Now that I do, it seems quite obvious to me that most spam filtering software is missing the boat. They should not only filter the spam, but ALSO bounce it back to the sender making it look as though the address doesn't exist. The other advantage to this approach is that if your spam filter bounces a legitimate email, the sender is notified, and if the message is important, can choose to contact you using alternate methods.
There is one spam filter that does this now, Mailwasher, and I used it for quite a while. (See my November article on spam in Searcher Magazine for more details.) Though it might not be an ideal spam filter in some ways, it certainly does foil the harvest attacks. All the other spam filters should be doing the same.
Posted by Cindy L. Chick at 04:54 PM | Comments (0)February 16, 2004
One Woman's War on Spam Continues....
My quest to find the perfect spam solution continues. As I reported last week, I decided to try Spamex to solve my spam woes. I've since moved on to Mailblocks, and think that this may be the one for me.
The concept of disposable email addresses (DEAs) used by both Spamex and Mailblocks is a good one. On Spamex I set up several different DEAs, including one for all my mailing list email such as law-lib. I received messages without a problem, but even after following all the instructions carefully, and sending email via the Spamex interface, I was unable to post to the mailing lists. So back to the drawing board.
Mailblocks, rated highly by both PC Magazine and PC World, is a different kind of animal. It provides a web-based email interface which includes spam-fighting capabilities, unlike Spamex which concentrates solely on DEAs.
The Mailblocks DEAs are called trackers. All messages addressed to trackers arrive in your inbox just like any other email. But should you start receiving spam addressed to a tracker, you can delete the address, stopping the spam in its tracks without effecting any of your other email addresses.
But Mailblocks offers much more in their "challenge/response" system.
The Mailblocks challenge-response system works as follows.
1. An email arrives addressed to you.
2. If the sender was previously approved by you, or included in your address book, the email is delivered to your inbox.
3. If the sender is new to you, it goes to a pending folder.
4. A "challenge" email is sent to the sender, asking the sender to type a confirmation number into a box.
5. Upon completion of the confirmation by the sender, the email is moved from your pending folder to your inbox.
That should stop spam in it's tracks!
So as of today, all of my mailing list email being sent to a Mailblocks tracker address. By the way, mail coming in to trackers is not subject to the challenge-response system, which is important for automated mail. After all, there's no one on the other end to respond to the challenge! I have no problems posting to the lists I'm subscribed to. I simply choose the correct address from the drop-down box in the compose window.
Ultimately I can filter ALL of my email, including my Yahoo account, and my main email account through Mailblocks. I'm on my way to a spam-free, or almost spam-free existence. How's that for optimism!
Posted by Cindy L. Chick at 02:58 PM | Comments (0)February 08, 2004
Can Email Survive?
Email’s reputation as an efficient tool for home and business communication is being questioned these days, mainly because the spam that is flowing into our inboxes is devouring our day. You can judge the state of email by scanning such article titles as “Can E-mail Survive?” (PC Magazine, Feb. 17, 2004, p. 65)
Why the wailing and gnashing of teeth? The spam blockers we’re employing are not just blocking spam, but also blocking legitimate emails. For those of us hooked on email, the value proposition may start to wane when we have to follow up important emails with a phone call to make sure that our recipient actually received it.
But for every problem there's somebody out there trying to solve it. "Can Email Survive" reviews a variety of such efforts including email clients, web mail, utilities, antispam filters and more. Editors' Choice includes Microsoft Outlook 2003, Mailblocks Extended Service, Norton AntiSpam 2004, and Qurb 2.0.
New spam fighters have come on the market since this article was published, for example, Zoemail, announced just last week, promises a better life online by providing a spam-free existence for a dollar a month. If they can deliver on that promise the world really would be a better place.
Posted by Cindy L. Chick at 12:25 PM | Comments (0)November 09, 2003
Spam - Weapon of Mass Disruption
I don't think I've ever met anyone who wasn't fed up with spam. If you'd like some help dealing with the constant barrage of unwanted emails, you might want to take a look at my article, Weapon of Mass Disruption, published this month in Searcher Magazine.
Posted by Cindy L. Chick at 06:08 PM | Comments (0)
