Ann Arbor Business to Business
Small Business and the Internet

Spam Redux

May 2002

By Mike Gould

If you think the amount of spam in the world is increasing, you are right. Recent studies have shown the ratio of legitimate email to junk (what we techies call "Signal to Noise ratio")is now at 80%. This means a full 20% of the ones and zeroes speeding across the Internet are ads for Viagra, Nigerian banking scams and porn.

Faithful readers will recall that we have covered this before:

http://www.mondodyne.com/b2b/smbiznet.40.shtml
(Filtered Email)

http://www.mondodyne.com/b2b/smbiznet.27.shtml
(You've Got Spam!)

But things continue to deteriorate and countermeasures are evolving, so onwards.

Get Out of the State You're In
One reason you may be receiving vast quantities of spam is because you are on AOL. As this is the largest ISP in the country, it is a prime target for spammers. These slimeballs write mailbot programs to select random addresses (i.e., tom@aol.com) and send spam to them. If a message to tom@aol.com doesn't bounce, they know that this is an active account, and it goes on a master list to be sold to others of their ilk.

Pretty soon ol' Tom is up to his mouse in computer-generated junk mail. In other words, you can be an uninvolved bystander, not replying to spammers or leaving your email address around on chat groups where it can be harvested by snarf-bots (a technical term), and still receive your share of steaming badness simply because your name is Tom and you are on AOL.

What to do? Unfortunately, there isn't much that the postmaster at AOL can do about this. They have lists of known evil addresses, and do as much filtering as possible, but they are in a running fight against armies of despicable programmers who are changing their tactics as they go.

If you are a besieged AOL user, the best you can hope for is to change your email address to something harder for an automated spambot to guess at and then hope for the best. If Tom became t0m@aol.com (tee-zero-em),he might have a better chance of avoiding capture.

Of course this means that then you have to alert all your friends and family as to your new address, and change all your business cards and letterhead... But if you are doing business on the Internet, you have your own domain and don't advertise yourself as coolbiz@aol.com anyways, right? As I have mentioned elsewhere, a business address on AOL is like admitting to the world that you operate out of the trunk of your car.

And I don't mean to single out AOL exclusively. Any big ISP (Earthlink, Hotmail, etc.) is going to have this problem. The solution? Well, there is no complete solution, but getting your own domain is a good start, and that means leaving the big ISPs for a smaller, quieter Internet home.

If you are moving your domain, be sure to inquire of prospective hosts how they handle spam. This is still an evolving arena, but some ISPs have spent more time on this than others.

CD ROMs of the Devil
Ever get a spam advertising "Millions of known good email addresses just waiting to hear from you!"? These are compilations of compromised addresses on CD ROM and are in circulation among spammers. I should know; as a denizen of the Web since the mid-nineties, I think I am on every single one of these, and have the spam load to show for it.

I use Eudora filtering to deal with most of this, but am exploring other possibilities. If you do a Google search on anti-spam, you will come up with hundreds of organizations and companies involved in the fight. I list a few at the end of this article to get you started.

Stopping spam altogether has the same chance as achieving world peace. This is a global problem that will require a global solution. If legislation manages to outlaw spam in the United States, it will simply migrate overseas. Foreign ISPs, especially in Asia, have been very uncooperative about shutting down spammers. They see this as a source of revenue and, as the junk mail is generally not aimed at them, don't understand the impact of their actions.

Simple ignorance is also a factor. A lot of spam is sent through servers that are open to anyone. Responsible administrators will only allow registered users to send email through their servers; this is done by closing ports on the servers through which outgoing mail flows. One story has it that all the server installations in Korea are being done by one company, and this company, either through ignorance or disinterest, is leaving ports open on all their installs. This means that spammers have an entire country as a haven for their activities. This is why I have set up my filters to trash anything with a Korean .kr suffix. Ditto for most countries in Eastern Europe.

More ominously, spam relayed from China is increasing. Some U.S. ISPs are starting to filter out all email from China as a result. This speaks volumes about the situation; a medium that was supposed to provide a universal means of communication is now facing national barriers as a result of rampant advertising.

Some sources of help:

http://www.cauce.org/
http://www.arachnoid.com/lutusp/antispam.html
http://www.matterform.com/
http://www.contactplus.com/
http://www.spamex.com/
http://www.brightmail.com/
MonodoDyne <M> The Sound of One Hand Clicking...
734 904 0659
Entire Site © 2016, Mike Gould - All Rights Reserved