Anjin / 安心, 様 (techno1992) wrote in spamkiller,
Anjin / 安心, 様
techno1992
spamkiller

My Anti-Spam Tips

Hi, all! I'm new to the group and wanted to say "hello" and share some of my anti-spam tips. Feel free to let me know what you think!

Note: It's a bit long, so I put it behind a cut link.

First, and often hardest, you should try to prevent your email address from falling into a spammer's hands. These days, spammers often use bots to surf the web, trawling for email addresses. In response, some websites have put up scripts that will flood the spambot with millions of fake, and useless addresses. Other sites have put up "honeypots" or hidden addresses that only a spammer would use, instantly proving to the spammer's ISP (if they care) that the email was unsolicited and likely violates the spammer's ISP's term of acceptable use and can be used by the ISP as a reason to boot the spammer.

The neatest trick I've seen is a page on toastedspam.com that generates an email address based on your IP address, date and time and presents an offer (in the contract sense) to the spammer. Basically, the contract says that the spammer can freely send as much email as it wants to that email address, provided that the spammer pay $50US for each mail sent. The spammer can accept the offer (and thereby enter into a legally binding contract) simply by sending email to that address. Since spammers don't really read the sites their bots find email addresses on, it's unlikely that the spammer even realizes that sending email to that fresh address will cause them to be liable for every email they send to it. But what can they say? They didn't read the contract? Well, thier IP address is clearly recorded, as well as the time and date they (through their bot) saw the contract. I haven't heard much about whether this approach is *******ful, but it sure is nifty.

So, with that in mind, here are some things you can do to prevent a spammer from harvesting your email address:

-never post your real email address on the net; munge or hide your email
If you look at most websites nowadays, including LiveJournal, email addresses are no longer "clickable" with a mailto: extension and a real address. Instead you see either non-clickable addresses that look like: "email: bob dot jones at someplace dot com," which is useless to a bot. Or, you'll see a mailto:bob.jones.removethis.nospam@someplace.nospam.com line. A real email can easily be sent by deleting the silly parts in the "To:" line. A bot will try to send email to an address that doesn't exist.

-read your email in text only, not html fomat
Spammers routinely use html to cause your email client to ping the spammer's server, alerting the spammer that that email was read, and that the email is valid. This is not a good thing for them to know. Your email will instantly appear on a "confirmed email" list and your spam will quadruple.

-never, ever “click to be unsubscribed”
Spammers are awful people. They lie, cheat, and steal. When you click "unsubscribe" they have no intention of unsubscribing you. Instead, they send you lots more spam and sell your address as a "confirmed email," owned by someone who clicks on links sent to them. "Unsubscribing" makes you a big, fat target for spammers.

-get a free email account for any stuff you need a valid email to access
So you want to register for the New York Times online? Well, they want an email address (so they can send you ads and other stuff). Yahoo lets you make spamguard addresses so you can set up a specific address like mymail-NYTonline@yahoo.com. When you get spam to that address, you know where it's coming from (or at least who gave our your email address). When the spew gets too high, you can simply delete the spamguard address. Similarly, I have a Hotmail address that I use for everything that isn't real business, like registering for the NYT online, for example. I don't care if that email address gets spammed, because I rarely use it. I check in every couple of weeks, empty the junk mail folder, read the one or two legit emails, and that's it.

-get a spamcop.NET account if you want to report spam
If you want to go a step further, you can get a spamcop.NET account and use their free service to report spam to the appropriate ISPs. Basically, what spamcop does is provide a service that will parse the email headers and figure out where the email really came from. It also provides a very easy form for you to send (anonymously) email LARTs to the responsible ISPs. It's a good thing, and it's free.
Note: there is a bogus site called spamcop.COM that will try to sell you their anti-spam software. Make sure you go to spamcop.NET, not .COM. I have a huge problem with a company that is so obviously trying to take advantage of another company's goodwill and business reputation. I'm not sure why spamcop.net isn't able to shut them down for trademark infringement. Maybe there are jurisdictional issues. . .

-get zone alarm, which will help ensure that your computer isn’t an open proxy
One of the popular tricks a spammer will use is to send their spew through an open proxy. Essentially, an open proxy is an email relay that will accept and forward email from anyone, without accurately (or at all) recording the correct email routing. Some folks use open proxies to gain a bit of anonymity, but mostly they're exploited by spammers and are a big problem on the Internet. If you send mail through an open proxy, it's impossible to trace where the email came from; you can only trace it to the proxy. That's why spammers love it; open proxies prevent anyone from proving (to their ISP, or in court) that the spam came from them.

Zone Alarm (offered in its basic version for free from Zone Labs) is a firewall that will prevent any access to ports on your computer. If your PC has an open port on it, hackers can crack in and take control of your computer, including making your computer send their spam. In the first few hours after I installed Zone Alarm, I noticed that I was getting port-scanned (what hackers do to find vulnerable computers) about five or six times a minute. You will also be amazed at how much information about you and your computer gets sent out into cyberspace without your knowledge. Seemingly innocuous websites will often request your eBay password and a bunch of other stuff you probably don't want the site to have. Zone Alarm is good; everyone should have it (or some other firewall). You can find the Zone Alarm site with a quick google search.

-download and install AdAware and Spybot S&D
Another problem, not necessarily spam-related, is the vast amount of adware and spyware that will accumulate on your computer as you surf the web. A lot of sites will put "cookies" on your computer and they are usually harmless. LiveJournal, for example, uses cookies to keep you logged in and record your user information.

The problem is that some sites use cookies to keep track of what you're doing on the Internet. Ad companies want to know what ads you've clicked on, what sites you like, etc., all so that they can figure out how best to get you to buy stuff. Apart from the privacy issues, these cookies take up space on your hard drive (albeit not much space).

Worse, some sites will try to install adware or spyware programs on your computer. Gator, Kazaa, and CometCursor are some of the more notorious evil programs. These programs can hijack your browser, resetting your start page, making your searches run exclusively through their engine (from which they make money), and can monitor your every keystroke. CometCursor, as I understand it, also monitors exactly where your cursor is at all times; you don't even have to click on an ad, merely hovering over it will register as some level of interest. These horrible programs can also eat up a lot of your system resources, which can slow your computer down to a crawl.

To solve the problem, two companies (and many others, actually) offer free programs that will root out and delete malicious or otherwise nosy spyware and adware. My two favorites are AdAware, offered by LavaSoft, and Spybot S&D. They're free, easy to use, and will make it very easy for you to get rid of all that badness lurking on your computer. I think you'll be shocked by all the junk these programs find when you first run them. It's amazing. You can find the programs very easily with a quick google search.

And that's it. There's lots more I could cover, but this post is long enough as it is! Feel free to post a comment if you have a specific question.
  • Post a new comment

    Error

    default userpic

    Your IP address will be recorded 

  • 1 comment