[Hidden-tech] Anti-spam help

[Robert Heller]

At Fri, 18 Apr 2008 13:13:17 -0400 Chris Hoogendyk <hoogendyk at bio.umass.edu> wrote:

> 
>    ** The author of this post was a Good Dobee.
>    ** You too can help the group
>    ** Fill out the survey/skills inventory in the member's area.
>    ** If you did, we all thank you.
> 
> 
> 
> 
> Rikk Desgres wrote:
> > The easiest thing to do is change your email address. I know it´s a 
> > hassle, but it WILL kill your spam. I suggest getting 2 email 
> > addresses, one for buisiness/personal email only and another one where 
> > you sign up for web forums and buy things with. That way your main 
> > email stays clean. And DON´T put it on the web EVER.
> 
> One thing I neglected in my previous post, but this brings it up again.
> 
> The strategy Rikk recommends is good as part of the game. However, email 
> addresses also get harvested from PCs that get infected by viruses and 
> trojans. So, you can have an address that never gets used on the web but 
> still gets hit by spam. It's because someone among your correspondents 
> got infected.

Also, spambots use 'common name' E-Mail addresses: joe at domain.com
jane at domain.com, etc.  These are names that were never harvested from
anywhere. So it is possible to get spam sent to an address that was
never on the web AND was never in anybody's address book!  Spambots also
send to 'standard' E-Mail address, like webmaster@, support@, sales@,
and info at .  Sometimes some of us need to have addresses like these due
to the nature of our work.

> 
> There's no perfect solution. You need a variety of good behaviors, good 
> software, and good services. Even then, you may have to put up with some 
> degree of inconvenience and spam.

Yes.  One of the important things is you need to keep updating your spam
filter.  Another thing I have discovered: spammers (*espically
phishers*) depend on HTML E-Mail and often send pure HTML E-Mail, as
opposed to sending a 'multipart/alternitive' with a text/html and a
text/plain version.  This is done partitularly for phishing messages
(often from (supposedly) banks, paypal, or ebay).  This is done to
'hide' non-legit URLs, since a text/plain verison would have the literal
(and obviously bogus) URL in the 'clear'.  Setting your spam filter to
give a high spam score to messages that are all or mostly HTML will cut
a large part of the spam out.  The only down side is that it is likely
to catch *some* legit E-Mail.  Also, lots of spam is purely images, with
no actual text.  Again giving high spam scores for these sorts of
messages also cuts the spam as well.  

> 
> 

-- 
Robert Heller             -- Get the Deepwoods Software FireFox Toolbar!
Deepwoods Software        -- Linux Installation and Administration
http://www.deepsoft.com/  -- Web Hosting, with CGI and Database
heller at deepsoft.com       -- Contract Programming: C/C++, Tcl/Tk