«

»

Jan 07

Battling Spam?

I recently scripted a rather long-winded message to one of my sisters about methods to combat spam and thought it would be helpful reading. Her initial question was:

I’ve been getting 3-5 messages daily from first name only senders trying to get me to download some new program. The following is cut and pasted from an unopened example of these emails:

“Dear customers and friends of DS Team, Please let us represent our new special offer you can’t afford to miss. Office 2007 is available for enterprise users from November 30, 2006.”?

I did recently do some microsoft updating on my pc (I got IE 7), and the messages have occurred since then. I’ve run my spyware program, but am still receiving the messages.

My recommendations to her are shown in the following text.

Before considering any of the options below, read this article to get a better understanding of the many issues behind spam. http://www.cdt.org/speech/spam/030319spamreport.shtml

Installing IE7 will not increase your inbound spam unless you offer your e-mail address to a site posing as a Microsoft download site to get your information which then sent you to the legit site without you knowing it.

The specifics of your recent spam onslaught are well published ~ check out these two articles:

http://spam.in.vu/2006/12/16/ds-team-target-windows-vista/
http://www.theinquirer.net/default.aspx?article=36634

Some options to slow this stuff down are as follows:

  1. Purchase a quality security software package like ZoneAlarm Internet Security to help with the judgment calls before you see the messages. You need good anti-virus and security software anyway. Default offerings from Microsoft just don’t do the trick. This is the highest-rated, least expensive, most effective software suite you can snag for this stuff. The downside is obviously it’s cost and it’s yearly update fees. However, this is a system-wide solution that protects you on all fronts in addition to the e-mail spam issue.
  2. Purchase a one-time spam filter for Outlook like InBoxer that places suspect messages in purgatory until you review and allow into your InBox. Software like this builds intelligence over time so the more spam it reviews the smarter it gets! If you’re thinking about this option don’t trash your spam, keep it in a folder all it’s own and use that folder for InBoxer training after installation.
  3. Use Thunderbird instead of Outlook because its Bayesian Junk Filtering is much better than Outlook junk detection. It learns very quickly and I have just a few sneak by during the course of a week.
  4. Build message rules within Outlook to stanch the flow of these messages by constructing your own “Whitelist” of people you’re willing to let through the gate. Block everyone else temporarily and add to the whitelist as time goes by.
  5. Try a preconfigured “Trust Filter” plugin before working on your own message rules to see how it works. Pay special attention to the installation instructions and backup your PST while Outlook isn’t running.
  6. Get a new e-mail address and don’t publish it. You would think that defeats the purpose of e-mail, eh? What it does is put you in a safe zone until you can build a better defense mechanism to ward off the spam with other tools and methods.
  7. After getting the new address, use only disposable e-mail addresses for all web sites requesting an address. These addresses expire after a time limit you set and leave no trace to your shielded address.
  8. Use “alias” addresses within your e-mail server to point to your new (still undisclosed) address for sites that are trusted like banks, critical businesses, and family members.
  9. If at any point in time spam catches you on one of the aliases, just create a new alias and point it to your undisturbed address.
  10. Ask experts what techniques they use to combat spam. Odds are high that you know someone who works to solve computer problems regularly or even for a living, eh?

I use combinations of all the above methods and still get spam. This is primarily because I’m partial to my e-mail address. For business use, I have no choice of addresses. For personal use, I use my own domains! After all, my address is my name . . . and I have only a few derivatives available.

So there you have it . . . my two cents-worth.

~SP

Leave a Reply