Boulder Community NetworkIndian Peaks, mountains above Boulder County  
Volunteer!   Feedback
About BCN   Donate
COMMUNITY NETWORK:Resources, services, news for Boulder County, Colorado

Thanks to our sponsors:

Sponsor This Page

Consumer Support Center

Resources for :
This website includes all the information from scams to information about recycling resources to internet related topics and much more!

 

Last Update :
Wed, April 30, 2003 by Meghana Joshi


 
Internet Spam


This page gives you information about and links to resources to help you deal with Internet spam.

Unsolicited email ("Spam"), or "UBE - Unsolicited Broadcast E-mail", is a nuisance for users and a very serious theft of resources problem for the Internet Service Providers who usually would like to be notified when their computer resources are being stolen.

To quote from a recent talk by Charlie Oriez, a leading anti-Spam expert :
Spam has a cost. In a survey of Internet Service Providers (ISP's):
94.0% reported that spam irritates their subscribers.
79.5% reported that UCE (unsolicited commercial e-mail) slows system performance.
75.9% stated that it increases operating costs.
58.5% reported daily or more frequent impact.
33.7% said it creates system outages.
28% said weekly impact.
Source: CIX (Commercial Internet eXchange Association)

America Online testified to the Federal Trade Commission that one-third of their capacity was used to carry spam.

Netcom reported that their cost was one million dollars per year.

Brightline estimated a cost of $225 million, based on 5 seconds of processing time to hit the Delete key, with an average of 200 spam messages per year (a very low estimate). An estimated 25 million spam messages are sent each day.

This section gives resources for tracing the originators, notifying the appropriate parties, and hopefully getting your name off future spam mailings.

An excellent resource to trace out where your spam came from, advice on turning on your email program's display of all the routing information, and some suggestions about where to complain to is the Spam Cop website.

The Campaign to Stop Junk Email by JCR Design has extensive and detailed instructions on tracing and reporting spam.

Another resource to learn how to report spam so action is taken.

To learn how to interpret email headers visit this Earthlink page.

To investigate the owners of a domain name visit the InterNic website.

To investigate the owners of a numeric IP address visit the American Registry for Internet Numbers (AIRN) website

If you are reading your mail at the unix shell level, you might be interested in setting up Procmail to filter your mail. Here are some links regarding setting up Procmail, mostly to work with Pine. Be warned that Procmail is fairly complicated to get up and running.
Using Pine and Procmail to filter e-mail
Procmail website
How to configure Pine with Procmail
Filtering Mail FAQ
Processing mail with Procmail
Using Procmail

The link comprehensive discussion  is about spam how to deal with it by Charlie Oriez, a leading anti-Spam expert.

Abuse.net is an extensive resource that explains many aspects of the spam problem and has suggestions about what you can do to help control the problem.

The Network Abuse Clearing house keeps a database for the reporting and control of abusive use and users -

Once you have the IP (Internet Protocol) number, what do you do? Spam Combat is a site that tries to translate all valid IP numbers to their email or postal address.

Another resource for determining who owns a domain name or an IP number is the web equivalent of the whois command is the NTT/Verio website.

A site with more information about spam and some tools and suggestions to avoid and fight it Email Abuse

A site that claims to clean up your e-mail spam Spam Killer

Another resource to deal with spam Fight Spam on the Internet !

The Mail Abuse Prevention System LLC page will give you more information about the spam

The ORDB list provides a service to Internet Service Providers that attempts to block a lot of spam from reaching your mailbox."

Bigfoot.com spam tracing procedure.

A Spam FAQ

Lots of links to places to complain about various frauds & scams on the Internet LinkScan

Another resource to deal with spam, junk mail and telemarketers EcoFuture

Coalition Against Unsolicited Commercial Email (CAUCE)

HotPOP's AntiSpam Page

Dealing Constructively with Spam
Here are some suggestions for handling the spam problem -

  • Don't hit the Delete button and gripe to a colleague; that ensures your name stays on the spam lists, you will get lots more spam in the future and more ISP's will continue to be victimized. D
  • Do review the above spam information sites for background on this area and to find one that works with your email environment.
  • Do not respond the "click here to be removed" line - that may take your name off the current list, but it validates your address and probably guarantees more spam later on.
  • Do file a complaint to the responsible party. How to do so may appear complicated, but it is actually quick and simple. Here is one approach :
    1. Turn on the email header display in your email program per the instructions in several of the above sites. Especially Spamcop has an extensive list of email programs and setting their controls.
    2. Track down the probable culprit - remember that a lot of the ISP names in the header are false alarms. The above sites have several utilities that can analyze a header from a paste of the header, or by using the IP numbers, and give you the address of a responsible party who to file a report with.
      Note that the "From ... Sat Jul 22 17:34:36 2000" line at the beginning of an email is rarely the culprit.
  • Most responsible ISP's now have an "abuse" mailbox which is devoted explicitly for receiving spam reports.
    Write a report to the abuse mailbox along the following lines :
    • To: abuse@the_ISP_you_tracked_down_above.
    • Subject: Spam
    • The following spam is unsolicited and unauthorized email that apparently came from or through your server. Please tighten your security, and remove my name from this and all associated lists.
    • If there is an email or web address in the message, add a note to draw attention to it, such as Please kill account xxxyyyzzz@domain.com found in the body of the spam - this is a very important lead in helping the abuse department track and close down the spammer.
    • If the the spam has a possibly fraudulent offer (such as a chain letter or pyramid scheme) that involves sending money via U.S. Mail, report it to the U. S. Post Office Inspector General by making a printout of the header and entire message and send it to :
      R. J. Hang
      U.S. Postal lnspection Service
      Operations Support Group
      Gateway 2 Center Fl 9
      Newark NJ 07175-0003
      Denver area telephone: (303)313-5320
      U.S.P.S Mail Fraud Complaint Form
    • Thank you,
      Your email address - only as it appeared in the email header.
    • Send a background copy to the Federal Trade Commision , which is tracking the spam problem and will, hopefully, eventually develop the information to get serious legislation. Enclose the entire email header record without any modifications.
    • Enclose enough of the content to let whoever gets the report identify the message; such as through an address or telephone number, or at most a screen image. But don't fight spam with more spam by resending a lengthy spam message!
  • Alternatively
    • Enable a display of the header information as above.
    • Copy the entire email - important - the email header must be included - to the Clipboard.
    • Go to Spamcop and to their "Just Testing" page.
      Paste the email into their window and ask for an analysis.
      Save the address(es) of the spam and write a letter as above to those addresses. Of course, if you use this service very much, register and pay their nominal fee. Then Spamcop will, after analyzing the email, send the report to the offending parties for you.

 

Spam Control Bills before Congress
As of September 1, 2001
Finally, the federal Congress is beginning to address the Spam problem. There was a bill in the 2000 Congress that failed to pass. But this year, there are several bills pending action. Go to the Thomas site and do a search on "spam". Check them out and urge your Congressperson to support them.
Thomas

The following biils are under consideration as of now
     H.R. 113H, Wireless Telephone Spam Protection Act;
     H.R. 1017H, Anti Spamming Act of 2001;
     HR 1017H, Anti Spamming Act of 2001;
     S.630.S, CAN Spam Act of 2001, which deals with fraudulent routing information

Law
There are (finally!) some serious laws about spam. Visit U.S. Department of Justice Internet Fraud page for details.

 

Email Filters
Another approach to dealing with spam is to put filters on your account. To get more information about how to do this, check the Usenet newsgroups best.unix and best.abuse

Check if your ISP uses some or all of the anti-spam databases, such as RBL, RSS, and DUL, managed by Mail Abuse Prevention System MAPS.

These are system enhancements that the ISP can implement to filter out known spammers.

Or if you have a technical background, take a look at Catherine Hampton's email filters, at SpamBouncer

Another resource to track down a spammer and/or his his ISP an extensive set of (freeware) tools for the Windows environment Sam Spade

How Spammers Harvest their Addresses
How do the spammers get their address lists?

One way, which many email users may not be aware of is that the email message contains a lot of header information which is often not displayed by common email programs.

Anytime you do a CC: operation to another person, that second person's address (and everyone else who gets a CC:) shows up in all copies of the message. It is then a very simple operation for the savvy spammer to display the header information and - viola! - one, or a lot of addresses to pick on. As such do not use the CC: option in your email. Use the BC: (Background Copy) option instead. It sends a copy of your email to the other recipients but does not compromise

Be careful about giving out an email address in chat rooms and casual contacts in general.

After spammers get an address, they need to make sure it is a valid email address so they can brag about "x-million valid addresses" in their pitches to potential customer. That is where the rule - Never respond the "click here to have your name removed" message - comes from. Your address may get removed from one list, but be assured it will end up on one (or many more) other spam lists.

BCN Home   Feedback  About BCN  Donate  Search BCN   Volunteer!