An incessant stream of unsolicited emails is not only irritating, it also
slows down productivity and limits your resources. David Peterson shows us how
to hit the stop button on spam
Nobody likes spam. The constant barrage of unwanted emails promoting pyramid
schemes and pornography is the bane of every Internet users life. Some
spam is simply annoying, some is offensive and much of it is illegal, but the
problem extends beyond the content of the emails themselves.
Companies that dont block spam from reaching their employees can expect,
at best, to waste valuable time and resources and, at worst, may run the risk
of hostile work environment lawsuits for allowing explicit emails
to reach staff.
According to various surveys, the number of spam messages received by the average
Internet user has doubled every 3 to 6 months over the past two years
and the trend shows no sign of slowing. The cost of this traffic has been conservatively
estimated at around US$9,000,000,000 per year. So against these statistics,
how can you stem the tide of mailbox-clogging junk?
Getting off the hit list
Spammers get their lists of email addresses
from a range of sources, including buying lists from other spammers or harvesting
them with automated tools from Web sites, newsgroups and online databases.
There are a number of ways to reduce the chances of this happening:
- On public newsgroups you can obfuscate your reply-to email address and
signature to confuse automatic email harvesters (for instance: david at petersonitconsulting
dot com or david@petersonNOitSPAMconsulting.com, with instructions on how
- Before posting to a discussion group on a Web site or joining an email
discussion forum, check what measures the operators have taken to keep your
address safe from spammers. The GenForum site (www.genforum.com)
is a good example of this, converting email addresses to graphics and thus
rendering them invisible to email harvesting tools, but remaining easily readable
by other site users.
- Rather than publishing email addresses on your Web site, consider the use
of feedback forms that post customer enquiries to a contacts database or that
generate emails behind the scenes.
- Take care when using search engine submission tools that promise to register
your Web site with thousands of search engines. Some of these Web sites fund
themselves by selling your contact details to spammers. Best to limit yourself
to the major search engines and any specific to your region or industry and
avoid the rest.
- Whenever you fill out a registration form or survey that requires your email
address, check for a box that asks you if its okay to send you material
from selected partner organisations. Make sure you say no, unless
you are certain that your email address wont be abused.
- Set yourself up a disposable email address with a free email provider such
as Hotmail (www.hotmail.com)
and use that if you need to provide an email address to an untrusted party.
That way, all of your spam should end up in the one spot, leaving your regular
email address uncluttered by junk.
- Commercial emailers who are members of the Direct Marketing Association
will periodically check their lists against the Email Preference Service database.
If you register your email address at www.e-mps.com,
this can help reduce the amount of unsolicited commercial email that you receive.
Did I really do that?
Registering on a Web site to download software will often subscribe you to a
company mailing list for product updates and so forth. If you arent careful,
you may inadvertently opt-in to receive even more commercial email.
Many sources claim that attempting to unsubscribe from any unsolicited email
will simply verify your email address to spammers and invite even more spam.
This is rarely the case, with automatically generated delivery and read receipts
and bounces being a far more reliable method of confirming active
addresses. In many cases, your request will be honoured, and you will have one
less source of spam to worry about.
However, even if an email message says that it was only sent to people that
requested it, that may not necessarily be the case. Some spammers include this
as a tactic to feign legitimacy and to convince their ISPs not to evict them
when complaints start rolling in. These are less likely to respect your unsubscribe
Even if they do, its probable that they bought your email address on
a spam list that may have been sold to hundreds of other spammers. Expressions
of outrage will certainly be ignored, so your time may be more productively
spent hitting the delete key, or setting up your email software to block spam.
How to block spam
If requesting to be removed doesnt work, email
software such as Microsoft Outlook can provide you with a last line of defence
with its built-in spam filtering. By clicking on the Organise button on the
toolbar or from the Tools menu, you can configure Outlook to highlight any emails
that contain certain keywords, automatically delete them or move them to a junk
email folder as soon as they are received.
Unfortunately, spammers are always working on new ways to circumvent junk email
filters and will often studiously avoid including any of these keywords in their
emails. Fortunately, Outlook gives you the ability to add new customised filters
through the Rules Wizard (see the sidebar Blocking spam in Outlook, at left).
Conversely, a junk filter may inadvertently classify legitimate email as spam.
The party is on Saturday; bring a carton of VB and a carton of XXXX
would be picked up by the same rule that filters Visit my XXX Web site.
So Outlook allows you to specify certain email addresses as exempt from filtering.
Improving your image
Email marketing can be an extremely effective and
efficient tool to promote your products and services, build relationships with
your customers and increase sales if done correctly. If not, it can be
an extremely efficient way of destroying your companys image.
- If you buy a direct marketing mailing list, make sure that the list is
correctly targeted, that the individuals on the list have explicitly opted-in
to receive information on products like yours and that anyone on a Do
Not Mail file (for example, www.e-mps.org)
has been removed.
- Check the credentials of your list provider and ensure that they are a member
in good standing of an industry body such as the Australian Direct Marketing
- It is much safer to create your own opt-in list but even here you
need to exercise caution. There is always a chance that a competitor or other
malicious party will seek to sabotage your reputation online by subscribing
anti-spam activists to your opt-in lists. If you end up on a spam blacklist,
you will have great difficulty communicating with your customers. To avoid
this, make sure that your sign-up process follows the double opt-in
model, emailing a message asking for confirmation that the recipient really
did intend to join your mailing list.
Finally, remember that the fundamentals of good business practice are the same
on the Net as they are in the world of bricks and mortar. Youll generally
get the best results for your marketing dollar by pitching for increased sales
from your existing customer base with whom you already have a relationship
of trust rather than cold-selling to a collection of unqualified leads.
Experienced spammers prefer to work anonymously. They are
constantly on the look-out for undefended mail systems, or Open Relays
through which to send their junk emails, rather than using their own facilities.
This way, any retaliatory action will fall upon an innocent third party rather
than the spammers who are then free to continue their activities unchecked.
This is obviously an issue for the administrators of corporate mail servers,
but it can also affect Web site owners. Microsoft Internet Information Server
(IIS), for example, includes an SMTP mail server to allow emails to be generated
from any hosted Web site through contact us or feedback forms to
email customer responses back to a company contact. As a result, your Web server,
or even your home PC if you use a product such as FrontPage to design Web sites,
may have an SMTP server installed.
If a spammer finds your computer and uses it to relay spam, you may find yourself
becoming the launching pad for hundreds of thousands of junk emails. As well
as the immediate impact of tying up your server and Internet link, you run the
risk of being mistaken for a spammer and having yourself placed on anti-spam
blacklists, having legitimate email from your company blocked and possibly even
your access to the Internet severed by your ISP.
Am I at risk?
If you are using Microsofts IIS, then the good news
is that the problem is easy to fix by making a couple of changes to your settings.
First, you need to check if you are running SMTP Server. If you have the Windows
2000 operating system, you can check this with the following steps:
- Open the Control Panel from the Start menu.
- Double-click on Administrative Tools, and then double-click
on the Internet Services Manager shortcut if it is there.
- When the Internet Information Services window opens, click on the
+ symbol next to your computer name and check the services that
are running. If you see an entry called Default SMTP Virtual Server,
then the SMTP service is installed and running. If you see Default
SMTP Virtual Server (Stopped), then the SMTP service is installed
but is not currently running.
Securing your server
As a general rule, you should never run any services
that you dont need on your computer. If your Web site has no need to send
emails, then stop the SMTP service.
To be completely safe, you may want to uninstall it altogether through the Add/Remove
Programs control panel. You can always reinstall it should you need to
use it in the future. This will not affect your ability to send emails using
Outlook or any other mail package.
If you do need the SMTP service, then make sure that logging is enabled. This
will keep a record of every time your SMTP server is used to send email. To
- Right-click on the Default SMTP Virtual Server entry in Internet
Services Manager and select Properties from the drop-down menu
to display the Properties dialog box.
- Check the Enable logging check box at the bottom of the window.
Next, make sure that your SMTP server is not allowing outsiders to use it to
send email. From the Properties dialog box, do the following:
- Click on the Access tab.
- Click the Connection
button to display the Connection
Control dialog box.
- Make sure that Only the list below is selected.
- Click Add
to add the address 127.0.0.1 and
the IP address of your computer.
- Remove any other addresses unless you are absolutely certain that those
computers will need to use your SMTP server to send email.
The Relay restrictions section of the Access tab can be used to
stop other mail servers from relaying mail through your computer. There are
very few occasions when you would want this to happen, so:
- Click on the Relay
button to access the Relay Restrictions
- Make sure that Only the list below is selected.
- Remove all entries.
This should be enough to deter most spammers, who will be using automated tools
to detect open relays and will not persist if an initial attempt to hijack your
server fails, turning their attention to easier prey elsewhere.
Have you been hijacked?
There are three easy ways to check whether your
system has been hijacked by spammers: you can check your SMTP logs; check your
mail root directory; and, finally, check with anti-spam blacklists.
SMTP logs: If you have logging switched on, these should be under log
files in your system directory (C:\WINNT\system32\LogFiles\SMTPSVC1 on most
systems). Look for any unusually large log files, keeping in mind that in the
case of most spam attacks the volume of emails will be so large that they will
have been sent over several days.
Open a couple of log files and check the IP addresses. If there are any foreign
addresses present, then this may be a sign of an attack, or a spammer checking
if your SMTP server is a likely target. Figure 5 shows an extract from a log
file where only the local machine (203.xxx.xxx.59) has been sending email
probably as a result of a customer filling in a feedback form.
Mail root directory: Open up your mail root directory (for example:
C:\Inetpub\mailroot) and use Notepad to open up a sample of the messages in
the Queue and BadMail directories. If the text of the message looks like the
content of a spam email, then your server has almost certainly been hijacked.
Anti-spam blacklists: A good Web site to check all of the major blacklists
in one go is relays.osirusoft.com/cgi-bin/rbcheck.cgi.
Simply enter your computers IP address and click the submit button to
see if you have been registered on any of the lists.
If you are on a blacklist, the blacklisting Web site will generally contain
information on how to get off the blacklist and avoid future incidents. You
may also be able to contact the blacklist owner for assistance but remember
to ask politely. Most of them are regularly bombarded by threats from irate
spammers who insist that they have a right to promote pyramid schemes and pornography
and will have little patience with you if you come across as a spammer trying
to get off the hook.
David Peterson is a principal consultant at Peterson IT Consulting (www.PetersonITConsulting.com).
He can be contacted by email at david@PetersonITConsulting.com.