spam : Java Glossary

*0-9ABCDEFGHIJKLMNOPQRSTUVWXYZ (all)
The CurrCon Java Applet displays prices on this web page converted with today’s exchange rates into your local international currency, e.g. Euros, US dollars, Canadian dollars, British Pounds, Indian Rupees… CurrCon requires an up-to-date browser and Java version 1.8, preferably 1.8.0_131. If you can’t see the prices in your local currency, Troubleshoot. Use Firefox for best results.

spam
Introduction Blacklisting
Spammer as Epithet Spam Motivation
Reporting Abuse The Future of Spam
Fraud legal means
Securing Your Mailserver boycotts
Blocking Spam The Boulder Pledge
Spam Blocking Software Future Technology
Spam Blocking Hardware Dodging Spam Filters
Junk Mail Links

Introduction

Monty Python did a skit where they said the word SPAM so many times you wanted to run screaming from the room. SPAM is either junk e-mail or junk postings in a newsgroup. Typically it is an advertisement for some product, or scam totally unrelated to the newsgroup, e.g. pornography in the comp.lang.java.programmer newsgroup. People try various tactics to avoid getting on the spammer’s hit lists. For the most part they just annoy or block legitimate correspondents. Eventually we will invent legal or technical countermeasures, but for now it is just a fact of life like mosquitos on a camping trip.

Spam is usually an advertisement for something, but it can be any sort of junk mail sent without any regard for whether it would be of interest to the recipient, such as chain letters or Kristian proselytising.

Spam is beginning to cripple the entire email system. The number of spam message has increased 8 fold between 2000-12 and 2002-05. This is a compounding rate of 13% a month, even faster than MasterCard interest mounts up.

Spammers commandeer mail sites and make the broadcast spam email. Going through a commandeered mail server helps mask the spammer’s identity.

There are three things can do, report abuse, secure your mailserver and block spam.

Spammer as Epithet

People often use the word spammer as a general insult word in place of shithead. It is used to chastise someone for a lame post, an irrelevant post, an unhelpful post, a post that another disagrees with, a slightly-off-topic post, an erroneous post, a post that mentions a commercial product favourably, a post with a link to one’s own website, a post that answers the wrong question…

It can drive you mad trying to defend yourself against the charge of spammer if you take the insult literally since those using it have no idea of its original meaning.

Psychology

Spammers use all kinds of tricks to get you to look at their spam and click its links:

Reporting Abuse

For how to report newsgroup spam see net abuse.

Spam Cop provides an unsolicited email complaint system with access via both email and the web. They try to figure out the responsible party or parties and send an (somewhat) anonymised complaint form to them. .

To do the complaint yourself, use the Eudora Blah Blah icon, or equivalent in your mail program, to display all the message headers. In there, are clues to the possible culprit.

X-Persona: <Shaw>
Return-path: <someone@mindprod.com>
Received: from pd2mr1so.prod.shaw.ca
(pd2mr1so-qfe3.prod.shaw.ca [10.0.141.110]) by l-daemon
with ESMTP id <0HWA001A9NPPLM@l-daemon> for someone@shaw.ca; Fri, Received: from pd5mi2so.prod.shaw.ca ([10.0.121.83])
by pd2mr1so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar
15 2004)) with ESMTP id <0HWA00962NPJ0ZC0@pd2mr1so.prod.shaw.ca> for
someone@shaw.ca (ORCPT someone@shaw.ca); Fri, 16 Apr 2004 20:46:31 -0600 (MDT)
Received: from vega.servlets.net (vega.servlets.net [209.162.192.248])
with ESMTP id <0HWA00B2YNPO47@l-daemon> for someone@shaw.ca; Fri,
Received: from mail.inter-corporate.com ([24.87.56.254])
by vega.servlets.net (8.9.3/8.9.3) with ESMTP id TAA07545 for
<java@immuexa.com>; Fri, 16 Apr 2004 19:46:41 -0700
ID MO0006B1; Fri, 16 Apr 2004 19:46:33 -0700
Received: from spooler by mail.inter-corporate.com (Mercury/32 v3.32); Fri,
Received: from someone.mindprod.com (24.68.232.84) by mail.inter-corporate.com
Date: Fri, 16 Apr 2004 19:42:55 -0700
From: Roedy Green <someone@mindprod.com>
X-Sender: someone.mindprod.com@mail.mindprod.com
Message-id: <6.1.0.6.0.20040416193649.02f391f8@mail.mindprod.com> Original-recipient: rfc822;someone@shaw.ca

Buried in that gibberish there, especially X-Complaints-To, are many domain names you can look up with whois and IP (Internet Protocol) that you can look up who owns them at arin.net or domaintools.com. From that you can track down some email addresses to complain to a telephone numbers to call, in the same manner as for newsgroup net abuse.

When you make your complaints, make sure you include the complete text of the email including the full header.

If the email contains a virus, there is no point is reporting net abuse. The person it purports to be from was very unlikely the actual sender and the person who did send it did not do so intentionally. Don’t blame the FROM: person. He is nearly always innocent! His machine is not necessarily infected. The machine of someone with his email address in the Outlook address book is infected.

Fraud

The American FTC (Federal Trade Commission) is still interested in email scams such as 419 (Nigerian, advance fee) spam mail. The usual scam involves someone wanting to launder millions of dollars through your bank account.

Securing Your Mailserver

This only applies if you run your own mailserver. Most people let their ISP (Internet Service Provider) do that for them. There are three ways to fight back to stop spammers from using your mail server.
  1. Refuse to forward mail unless the FROM: field is your domain. This is fairly easy to spoof so is not very secure.
  2. Keep a list of valid IPs from which your mail server is prepared to accept outgoing mail.
  3. Use POP3 (Post Office Protocol version 3) authentication. Make people login with a user id and password if they want to use your mail server.

Blocking Spam

If people would stop using Microsoft Email programs Outlook and Outlook Explorer, it would stop most virus-based spam in its tracks. These two programs are criminally negligent in the way they deliberately aid viruses to spread. Use something else e.g. Eudora, or some other mail reader.

To stop email viruses and worms, you need a virus checker such as Norton Antivirus or Panda Antivirus. You are protecting not only yourself, but also your reputation. If you are don’t take precautions you will infect everyone you send mail to.

There are 5 types of spam-blocking software:

Spam Blocking Software

Spam blocking software has two problems, recognising spam based on word patterns, without accidentally blocking real mail. It needs fairly sophisticated logic to make those decisions.

Spam Blocking Hardware

Premptive Devices né,e Tyrnstone Systems’ Deep Six was a box that protected an entire network from spam. It claimed to be much better at detecting spam and avoiding false positives than the competition. It claimed to allow only 0.8% of spam through with 0.002% false positives. It used blacklists (bad guys) and whitelists (friends). It cost  $995.00 USD so it could be justified only for corporate use. Tynstone keep updating the appliance automatically, though it is not clear if they are maintaining blacklists for you or just fine-tuning their detection algorithms. Spam costs corporations huge amounts in employee time, so even modest increases in spam-detecting efficiency are worth pursuing. WARRANTY: 30 day device performance assurance. 90 days appliance malfunction. Extended warranty and upgrade assurance is available. Last revised/verified: 2008-09-06

Blacklisting

There are dozens of databases that track known spammers. Many mail programs refuse to transport mail from or to this bad guys. People who leave open relays allowing spammers to hijack their mail servers can also get on this list. Sometimes people put you on such lists out of spite. To get off, you first need to check your status, then contact the various databases to plead you case. Insert the IP of the site you want test after ip=, or you can key it once you get to the dnssnuff site. Use ping to get the IP.

Junk Mail

You can block junk snail mail (aka hard copy spam) in Canada by writing to:
Canadian Direct Marketing Association
Do Not Mail Service
1 Concorde Gate Suite 607
Don Mills ON M3C 3N6
CANADA
Tel: (416) 391 2362
fax: (416) 441 4062

or in the United States:

Direct Marketing Association
Mail Preference Service
P.O. Box 9008
Farmingdale NY 11735
9008
U.S.A.
Tel: (212) 768 7277

You can request telemarketers and junk mailers leave you alone at iOptOut.ca.

Spam Motivation

There are at least eight classes of spammer:
  1. Vendors trying sell you something, usually pornography.
  2. Con artists fishing for suckers.
  3. L’enfant provocateurs just trying to annoy you out of simple childish malice.
  4. Fanatics trying to sell you religious ideas. They believe the importance of their divine message overrides the normal rules of courtesy.
  5. Propagandists with a desperate political message. They may even consider what they are doing a form of electronic warfare.
  6. Control freaks who want to shut you up and censor your ideas by clogging your email system and thus preventing you from communicating with others.
  7. Bigots who seek revenge on you for holding a divergent opinion from them, usually on matters political, religious or sexual. These types have taken to sending larger and larger messages, so that even if you automatically identify them as spam, they have still managed to tie up your Internet connection.
  8. Viruses that generate gibberish mail just to annoy people, but not to persuade them to act in any particular way. It is sort of competition to see how much havoc the virus creator can stir up.

The Future of Spam

I had a bit of a fright in 2004-06. I thought for a while I was under another email DOS (Denial of Service attack). I wondered if I would be able to publicly post even my munged public email address ever again. During the Serbian war, I received 80,000 letter bombs a day from people who objected to my pro-US stance. Pretty well anyone, even marginally more famous or controversial than I am, can no longer maintain a public email address. The proportion of people being cut off totally from public email access is gradually increasing.

In like manner, I can see how spammers with political, religious, pornographic, malicious, or commercial interests will gradually make the newsgroups and standard email totally unusable. As my Dad you used say all the time, watch the derivative.

We can’t wait like frogs in hot water until the email and newsgroups are completely gridlocked before taking action.

I see a multi-pronged approach will be necessary:

There should be a simple and uniform way on the Internet including websites, blogs, email, social media, forums… to say, I don’t want to hear another word from this turkey ever and I don’t want him posting on any of page I moderate. To make this work, everyone needs to get an unforgeable digital id, that has non-negligible cost. People and corporations are not permitted to have more than one, so they cannot defeat the system by writing under many aliases. Technically people would have two IDs, one where their true identity can be determined and one where they are anonymous, or equivalently post under an arbitrary display name.

Dodging Spam Filters

Any time you send someone an email, their spam filter does a miniature Turing test on it and tries to decide if if came from a human, came from some bot you are interested in or came from an advertising bot. If you are not careful, your message will end up in their spam folder. You would not for example just send a bare link. You must pad it with typical human small talk.


This page is posted
on the web at:

http://mindprod.com/jgloss/spam.html

Optional Replicator mirror
of mindprod.com
on local hard disk J:

J:\mindprod\jgloss\spam.html
Canadian Mind Products
Please the feedback from other visitors, or your own feedback about the site.
Contact Roedy. Please feel free to link to this page without explicit permission.

IP:[65.110.21.43]
Your face IP:[3.147.28.218]
You are visitor number