Spam survey

4 comments

1. Up to the point that I got my domain, I had been making plans to roll out a spam initiative. When I finally got it, I put it in place immediately. Unfortunately, some of the better tactics I didn't devise until later, when my standard and very short alias was already being used by everyone, including spammers. Not wanting to make my friends and relatives have to change everything for me, I got myself a spamcop account, which is cheap enough, and works very well. I deleted the account on my end, set up a mail forwarder with that name to the spamcop account, and created a new alias that I directed spamcop to reforward all messages to. This is just basically creating a filter of my old account to a new one. It has blocked hundreds and hundreds of messages, including a few good ones, but I believe everyone that counts has since been whitelisted, and I'm able to go release the messages I want whenever. I've set the reply address to be the forwarder, so people replying to anything from that account still send it where it should go. In very rare cases where I need to correspond through one of these fake addresses, I just replace the reply-to with the address from which I received it. I suppose it would be quite easy in The Bat! to create a reply template that replaces the reply-to with the address to which the current mail was set. I just haven't bothered.

   The other thing I do is never give my address to anyone, but neither do I create any temp addresses. I find them annoying. When company wants my email, I give them companySIGNUP@mydomain.com. All “SIGNUP” addresses filter in my postmaster account to a SIGNUP folder, and I've pulled some of them out by “to” address into folders that I like to have off by themselves – bank statements, etc. This helps because most companies use a few different addresses, and even domains, so whatever they switch to, it still sorts properly by my address. This, along with the spamcop filter wiped away roughly 95% of all spam.

   I do not accept evites. Sorry. If you read their privacy policy, they spell out how they're going to use you and sell you to everyone. At least they're honest. I was getting 1-2 spams per week before I foolishly followed one of their links from an evite I received. That night, 13 spam messages. It's quite clear to me it was all a direct result of them, as it had been most of a year I was getting next to 0 spam. In the rare occasion I've wanted to go to something, I've replied to the sender and asked them to send me the invitation again, and to change my address at evite to eviteSIGNUP@mydomain.com. So far, the 3 people I've asked have had no problems doing that for me. They can spam that address all they want.

   Another rare thing is that someone abuses the address. I've been quite surprised to find out how infrequently anyone sells the addresses I give them. It does happen, but by a very select few. The most surprising was google. I began to receive spam to googleSIGNUP, and I'd only used the address once, on their site, to sign up for something I didn't bother with later. Months after that, I read about a security problem with [I believe] the google search bar that was quickly patched up, but it was a breach that let a lot of people's emails out. I don't believe they're in the business of spamming. However, some are, and in those few cases where I begin to receive a ton of email to a SIGNUP address, I simply go make a listserve at my account for that address, and tell it that only administrators can post, only administrators can sign people up, and that all mail not from administrators should bounce back with a message. Whenever I've done this, all mail to the offending address has died out immediately. Wonderful. This is the great power of using a different address for everyone. I've also killed off info@, as this is a common spammer location to which I receive spam, or rather, received spam 🙂

   Finally, for the 1-5 leftovers I receive per day, I always bounce them back from MailWasher. I have an old version that used to be free. It's more often that I receive less than 3 per day, but once in awhile, especially on a weekend, I'll get up to 5. Not bad.

   I'd like to look into the heuristic stuff one of these days.

   (http://livejournal.com/users/greatbiggary)

2. In my experience bouncing mail is useless. Most spam comes from addresses that are throwaway and don't receive a bounce message anyway. So generating a bounce message would just be a further waste of bandwidth.

   So what you're saying is, you don't get a lot of emails to insert-common-surname-here@ ? Emails of that kind make up 95% of my spam. But it's all grist for the Bayesian filter.

   (http://livejournal.com/users/elbeno)

3. Yes, no common surnames. I've gotten the occasional garbage or odd word before my @, but not too often, and thankfully so. Bayesian is the word I couldn't think of earlier.

   I'll have you know I'm replying from Knoppix->Konqueror. I was just checking a few things out.

   (http://livejournal.com/users/greatbiggary)

4. I also get a fair bit of the second row type, source address spoofing. i.e. some spammer using common-surname@my-domain.com as the source address for their spam. Of course, many times the spam bounces because their address lists are just wrong, and I get the bounce messages. Lucky me.

   Some types of this are particularly bad because for some reason Outlook/Exchange can't filter emails of this type – I don't know why, they count as system messages or something; perhaps if they come from remote servers which also run Exchange. Anyway, it defeats the Bayesian filter because Outlook won't allow it to be filtered. Yes, Outlook is dumb, but it's all I can use at work.

   (http://livejournal.com/users/elbeno)

This site uses Akismet to reduce spam. Learn how your comment data is processed.