I HATE SPAM, it's insulting because while I may
not be a mental giant, I don't think of myself as being so stupid as to fall
victim to a "Karen Liddell" or "retired attorney" chain letter. Sure I would
LOVE to have 8 trillion dollars in the bank, but that is probably never going
to be my lot in life, and for sure a chain letter is not going to change that.
My main concern is that all this garbage consumes net resources that are better
used for legitimate purposes such as the exchange of information. The net is
a wonderful resource, but I hate to see it corrupted by these criminals who
only want exploit it for a cheap dollar, I think most people who use the net
think along similar lines. So I think the best thing to do is make the net
as difficult as possible for these criminals to ply their trade. So becoming
SPAM "resistant" is one way these criminals can be thwarted.
1.) Do NOT reply to any SPAMs you receive, many SPAMs offer a "remove" or
"opt-out" option by having you reply to an address with "remove" in the
subject field. Chances are that any remove message will bounce, or if
it doesn't, the SPAMmer will know that the email address is good and you'll
be SPAMmed even more.
2.) Do NOT post a hypertext linked email address in any web pages you post.
You can put your email address on your pages, but leave the hypertext out,
i.e. "a href="mailto:johndoe@wherever.com." Leave that out and simply put
your address on the page as simple text, perhaps using the font color
command to highlite it. SPAMmers harvest many of their email addresses by
harvesting them off of web pages. If your address is there in simple text,
it will be ignored. The only advantage to using hypertext for email addresses
is that any viewer of your page simply can click on it and the address
will be pasted in the "to" field of their email client when it comes up.
If there is no hypertext there, they'll have to jot it down and enter
by hand in their email client. I don't find that to be a big disadvantage,
if someone really wants to reply, they'll jot it down.
3.) If you post to newsgroups, DON'T use your primary email address, instead
set up a drop box account on Hotmail, Yahoo, Excite, etc.. SPAMmers harvest
email addresses from USENET, if you set up a drop box account and post
to USENET, it will get SPAMmed, but your primary email address which is
probably with your ISP should remain fairly SPAM-free. Just log on to your
drop box account periodically and flush out the SPAM that has accumulated
there.
4.) If you do get SPAMmed, complain about it. Forward a copy of the SPAM
with verbose headers to any and all domains listed in the header. The
first IP address in the header will be that of that forwarding MTA.
Most likely this will NOT be the SPAMming source, but a server
that has been abused by the SPAMmers and the admins of that site need
to work quick to secure their servers. Many SPAM's are forged so that
the host name that appears with the actual IP address in the header is
bogus. So the identity of the forwarding MTA can be only confirmed
by doing a rDNS lookup on the IP to find what the true bound hostname
is associated with that IP. If rDNS doesn't resolve on that IP and
often it won't, a WHOIS lookup on that network block will show the
administrative contacts for it and you can complain to them. SPAMmers
can run, but they can't totally hide, try they may by forging headers,
but they can't totally obscure themselves. A badly misconfigured MTA
may hide the injection point of the SPAM, but the host that actually
delivered the SPAM to you will always be tracable. If the admins of
these sites receive enough complaints, they'll usually take action to
secure their site. Nobody administering an internet site wants their
inbox filled with complaints and bounced SPAMs.