SPAM: Junk E-mail

What to do about it?

  1. Don't reply to spam. Don't even reply to the ones that say "Just reply to be removed from our list." All that does is confirm for the spammer that there is really a person at your e-mail address. This usually opens the door to even more spam. Consider this from RFC 2635:

    If the mailing contains suggestions for removing your name from a mailing list, 10s to 100s of people will respond to the list with "remove" messages meant for the originator. So, the original message (spam) creates more unwanted mail (spam spam spam spam), which generates more unwanted mail (spam spam spam spam spam spam and spam).

  2. Delete it and get on with life. This is the approach employed by many. They just routely delete messages with those tell-tale subject lines and move on.
  3. Write a filter: Popular e-mail programs like Eudora Pro, cc:Mail, Outlook Express, Groupwise Mail, and others, allow you to create a filter that automatically deletes certain messages. If you unwanted messages that all seem to contain certain key words, filter on that. If many spams come from one particular sender, set up a filter to trash all messages from that source.
  4. Speak to your local sysop: The system operator at your Internet Service Provider may be able to add senders or domains to a filter list, blocking the unwanted mail from ever getting to your ISP.
  5. Call them: while answering via an e-mail is a bad idea, calling or writing (without mentioning your specific e-mail address) can be useful. This is especially true if the e-mail includes an 800 number, or you can find out a toll-free number by other means. By all means, Take up their time and their telephone costs to say that you will definitely not be purchasing anything from them ever, because they use spam to market their products.
  6. Complain to their ISP: If you know what you're doing and can decode the headers on the spam, send an e-mail of complaint to the ISP for allowing a spammer to operate on their equipment. Be aware that e-mail header forgery is widespread and very often, the header will reflect a sender that had nothing to do with the offending message.

    For example, I received spam from several senders at aol.com, for example, lookyhere@aol.com. I forwarded the offending messages to abuse@aol.com. If e-mail to an "Abuse" mailbox bounces (doesn't go through) you could try sending it to the sysop, e.g. sysop@xyznet.com.

  7. Keep your address out of reach: Spammers operate bots (software that combs the web, trying all possible pages) to try to glean lists of e-mail addresses from web pages, or they buy massive lists from people who do. Although it is very convenient to include a "mailto" reference on your webpage, it make it easy for bots to harvest it. Consider writing a cgi script to generate the address so that it's not in the source code for the web page. Another method is to insert a word or illegal symbol into the address and explain on the web page what to change to make the address valid. For example, list joeschmoe#bigisp.com instead of joeschmoe@bigisp.com or give the e-mail as joeschmoe@NOSPAM.bigisp.com. Instruct your readers why you've done this and how to use your page.
  8. Read RFC 2635. A very excellent reference on all aspects of spam, including descriptions of the problems it causes. It's available at several sources, hopefully still available as you read this. Try any of the following links: (list revised 2-16-2000)
    1. The RFC Editor Official Site: ftp://ftp.isi.edu/in-notes/rfc2635.txt
    2. Internet Engineering Task Force: http://sunsite.auc.dk/RFC/rfc/rfc2635.html
    3. Sunsite Denmark: http://sunsite.auc.dk/RFC/rfc/rfc2635.html
    4. Internet Mail Consortium: IMC: http://www.imc.org/rfc2635
    5. Landfield Group: http://landfield.com/rfcs/rfc2635.html

Happy (spam free) surfing!