Email Anti-SPAM News, Help & Advice.

Fed up of receiving SPAM, viruses, scams and phishing schemes via email?? We were - so here are some useful news articles, hints and tips to keep informed and reduce the problem!

July 25, 2004

Beware social engineering


Be wary of certain types of sites (for instance greeting card sites etc.) - most require both your email address and the email address of the intended recipient.

This may sound like paranoia but the problem is on a less-than-reputable site you could have just handed over 2 good email addresses.

This is certainly not to say that all (or even many) sites are like this - but better to be wary that this can happen!

July 18, 2004

If you run a mailing list...


If you or your company run a mailing list on your web site - ensure you validate each signup.

This is a simple and secure process whereby each signup request is automatically sent a confirmation email - they then either reply to that email or click a web link to actually be subscribed to the list.

Far too many web sites will accept a signup just by putting an email address in the box and clicking 'go' - the problem is people can easily abuse email addresses by signing up other people's email addresses.

The problem for you (as mailing list owner) is that this will leave you much more open to people accusing you of sending spam because after all they never did ask to be signed up.

July 09, 2004

Use anti-spam software


There is a wide range of anti-spam software available and we hope to have time to review several packages soon!

These generally fall into:

1. Server based systems - usually installed by your ISP on their incoming mail servers.

2. Client based - these can either scan your mailbox trying to identify spam before you download it or download it and then use various methods to try and determine if it is spam or not.

These work by 'scoring' the incoming emails - certain words and phrases will score more negatively than others - but the idea is to set a threshold where messages scoring under this will be allowed through and others (hopefully spam) removed. They may also have the feature to whitelist or blacklist certain email addresses to improve their accuracy.

The problem with all anti-spam software solutions is that there will still be a proportion of spam that gets through but worse still some legitimate email caught as spam.

Some of the accuracy figures looks impressive at first sight but if a spam filter was 98% accurate - for every 100 messages received you could have either 2 spam messages getting through - or 2 legitimate emails being incorrectly identified as spam! For personal use this could be annoying but for a business receiving just 50 messages a day - you could potentially be losing 300+ customer emails per year.

To make matters worse some anti-spam solutions are rather heavy handed and will just delete mail detected as spam without the opportunity to check / retrieve messages.

One other problem with this is that spammers are now designing their emails to get through spam filters - often they quote short blocks of random passages from books. Plus they will often download popular server and client anti-spam software and run their messages through to try and ensure they score low enough to get through to as many people as possible!

July 03, 2004

Avoid generic email addresses


If you have your own domain name - avoid using:
  • single name email addresses - i.e. firstname@your-domain-name.com
  • generic email addresses - i.e. sales@your-domain-name.com, support@your-domain-name.com, webmaster@your-domain-name.com

Spammers frequently use dictionary attacks to try and 'guess' these addresses!

July 02, 2004

FTP sites


Many FTP sites allow anonymous logins - but historically it was courtesy to login with your email address. Obviously this data could easily be logged and re-used!

We would recommend you use either:

1. Enter an invalid email address - something like: me@anonym.ous

2. Use a secondary email address