digg

Join DiggAbout

Discover and share the best of the web!
Learn more about Digg by taking the tour.

The Ultimate Guide to Eliminating Spam Email

itsecurity.com — This in-depth guide to reducing the amount of spam you receive covers tools for both the novice and the power user: reputation filters, context analysis, DomainKeys, augmented addresses, and other tips and tricks to keep spam from ever reaching you.

Bury
show profanity settings
expand all
  • PPoff, on 10/12/2007, -17/+12The long term solution for eliminating spam is more government regulation and prosecution of cases against spammers.

    I know government oversight isn't a popular stand to take with Diggers, but in this case I think it is the only real way to finally beat the spammers. Solid article otherwise though.
    • resplence, on 10/12/2007, -7/+7For goodness sake, keep the government, any government, out of it. What the internet NEEDS is an international consortium.
    • robman8023, on 10/12/2007, -3/+10Spam sucks, but we'll never win this battle.
    • robman8023, on 10/12/2007, -1/+20Government regulation would NEVER work. Too much spam is generated overseas, where our gov't would have little or no jurisdiction. For the Gov't to even try to tackle this problem would be a total waste of time and tax-payers' money.
    • inigomntoya, on 10/12/2007, -1/+6It takes the government WAY to long to react to anything. By the time they got a bill passed, spammers would be using different methods...
    • rmxz, on 10/12/2007, -3/+1Not going to happen. If I wanted the government to do something spam related it'd be to stop all the physical junk mail ads I get - but no, rather they encourage them with low rates to send that spam.

      The best long term solution is to teach the end users that unsolicited email is not to be trusted and likely sources for fraud, identity theft, other otherwise not a good idea. If people learn this, the spammers won't make any money and will quit doing it. If people start trusting email (i.e. spam filters hide them from most of it) people will stay as stupid as they ever were.

      Personally, I find the best remedy to use the "plus addresses" feature in gmail [more details below] so I give every real contact and every potential spammer a different address and that lets them be easily filtered.

      This works so well, I wouldn't consider a email provider that doesn't allow me to generate unique & filterable emails for subscribing to stuff.


      "Gmail also supports plus-addressing of e-mails. Messages can be sent to addresses in the format username+extratext@gmail.com, where extratext can be any string. This allows users to sign up for different services with different aliases and then easily filter all e-mails from those services. However, a significant number of services do not support email addresses containing plus signs."
    • eclectro, on 10/12/2007, -1/+4Well, there were a lot of tough state laws on the books that could have helped with this. But then congress comes a long and passes a watered down crap bill (thanks lobbyists!!!) that is completely ineffective.

      Statistics don't lie. The vast majority of spam originates from a few US spammers. I'm with you on this one. We throw a handful of guys in a supermax prison for a year for stealing everyones resources on a massive scale (because that's what it is), and a huge part of the spam problem goes away. Sure there will be foreign spammers - but we can find a way to take care of them the same way that the RIAA finds a way to take care of overseas pirates.

      Spam is a real problem and it has stopped being funny.
    • withashovel, on 10/12/2007, -0/+0I agree with robman8023, the problem lies the in the 'cross-border' nature of a lot of spam.
    • provost, on 10/12/2007, -4/+2blah blah, libertarian pipe dream keep government out of it blah blah..

      back in the real world now, what needs to happen is the same thing that needs to happen when it comes to illegal immigration. Screw punishing the spammers, cut off the head and the body will die; all spam soliciting contains a link to buy stuff. That link is paying the spammer to spam. Go after any company that sends out unsolicited bulk email and shut them down and throw the top brass in jail for breaking the spam laws.

      The spammers wont spam if they are not offered money to spam. Just like illegals wont get jobs if the people that hire them are in jail and shut down.

      Its obviously crossing borders since most doesnt come from the US, but odds are we give millions (or billions in israels case) to their governments. Stand firm, cut off the aid we give until those governments get the people they govern under control.

      Sounds harsh, but if it is that serious of a problem, harsh solutions might be in order.
    • Parasocks, on 10/12/2007, -1/+2I completely solved spam last year. I am an adult webmaster, and get a lot of e-mail. I went to Mexico for a month in 2005, and came home to nearly 5,000 new e-mails, mostly spam. I had enough. I spent $80, got 2 years of Spam Arrest, and now I get maybe 3 spams a year.

      Messages Processed 73492
      Messages Forwarded 7857
      Spam Percentage 89.31%

      No filters. This is especially useful since I'm in the porn business, because filters obviously have a tough time with the legit e-mails I get. Now I rarely if ever miss a real person's e-mail, and the spammers just don't respond to the challenge e-mail. Nobody has complained, if they want to e-mail me, then can take the steps to be added to my address book themselves.

      I'm sure you can do this without Spam Arrest by using a server side program that does the same thing, but as a business owner $40 a year is a small price to pay for a clean inbox. Also I can post my e-mail anywhere I want at will, without fear of harvesters and spammers. Spam me all you want now bitches!

      http://www.spamarrest.com
    • jefbob, on 10/12/2007, -0/+1No, the solution to spam is to make it not profitable anymore. If we can get everyone in the world to ignore spam for some time and not buy anything from the offers they recieve, educate them about phishing, and that those people really don't want help smuggling money into the country, only then will spam dissapear.

      In short, I don't see spam going away anytime soon.
    • DrDabbles, on 10/12/2007, -1/+2That is literally the WORST approach I've ever heard. How, exactly, do you hold international spammers liable? Better yet, how do you hold ANYBODY liable when you can't typically track the original source dud to zombie machines? Now, get a government involved and really watch the gears grind to a halt.

      We can't find Osama, but we can find spammers? I highly doubt it. Most spammers are orders of magnitude smarter than him.
    • rocketryguy, on 10/12/2007, -0/+1No, the only way to beat the spammers until email is fixed, is to make it socially unacceptable to respond to spam even if it's something you're interested in.

      Authenticated email and/or micropayment systems with a zero cost threshold above normal use would also do it.

    • talman, on 10/12/2007, -0/+1I semi-agree with PPoff, but not in creating more regulation but being more active in enforcing against cyber-crime. Hackers in to major systems aren't ignored, but people just seemed to have given up when it comes to zombies/botnets.

      Any Internet savvy user knows that anonymity has basically gone from the Net being traceable back to an IP address to an ISP then to a person. Especially the people that have been served up with RIAA/MPAA notices. Perhaps we could make people more responsible about the activity from their Internet connected computers.
  • sagar13d, on 10/12/2007, -7/+1Most people do not know about the effective use of email filter. This articles gives in-depth explanation on its use.

    I found this one really helpful: "you should use three email accounts: one for business, one for personal stuff, and another for online shopping".
    • BoneyB, on 10/12/2007, -3/+3Yeah I thought a dummy hotmail account for things like newsletters and signups was common sense by now. apparently not...
    • armbar, on 10/12/2007, -1/+6I just use Gmail as my filter. Right now, I have 4,482 spam messages from the last 30 days (auto-deleted); 4000-6000 is average. I get maybe 1 or 2 spam messages that make it through to my inbox every day, but that's a pretty good ratio (.008 or so).

      Make that 4,485.
  • rwjussel, on 10/12/2007, -3/+7By John C. Dvorak.
    • tofagerl, on 10/12/2007, -0/+6you mean John C. Dvorak dot org slash blog?
      /TWiT reference for all you non-listeners
  • LoneStar, on 10/12/2007, -5/+6Solution: never post your email on the internets
    • babymitch, on 10/12/2007, -3/+5Could get lost in the tubes, and end up in the wrong hands.
  • gypsi, on 10/12/2007, -0/+3keep alias accounts and shield your real accounts. client-side filters help the end-user in the short term but don't do anything for the problem at large

    Sorry to say it, but the only real solution is to stop responding to these things. If spammers didn't profit, there would be no spam. Too bad there's no remedy for stupid users.
  • tw0k1ngs, on 10/12/2007, -6/+1"Bounce" it, works for me.
    • solarpowered, on 10/12/2007, -0/+5Bad idea: collateral damage, usually to an innocent "Joe"
    • cquilliam, on 10/12/2007, -0/+1@solapowered

      "Bad idea: collateral damage, usually to an innocent "Joe""

      Can you elaborate on this statement? I'm curious.
    • turbo2ltr, on 10/12/2007, -0/+3Most spam messages dont have valid "reply to". I get hundreds of bounce messages a day from emails that I didnt send. If you bounce a spam it does nothing but send a bounce message to some innocent person who's email was randomly picked by the spammers as the "reply to" .

    • vitriolix, on 10/12/2007, -0/+1oh so you are the prick bouncing all those spams that forged my email address as the "From: " header. thanks buddy.
  • solarpowered, on 10/12/2007, -1/+5Nothing works for prevention. Nothing.

    The answer: GMail's excellent filtering. Pass all accounts through it.

    in TFA: "Test who's spamming you"? Right..... I have nothing better to do.
  • Lososaurus, on 10/12/2007, -1/+141. Get a gmail account
    2. See 1.
  • RichStevenson, on 10/12/2007, -1/+1Another tip if you own a domain is don't use the domain name as your email address. For example, if you owned digg.com some hosting services automatically create digg@digg.com as the primary email. I've seen accounts like that getting spam within a day or two.

  • solarpowered, on 10/12/2007, -3/+6From TFA: "Reply to each spam"

    That's just ludicrous.

    Why? So "that way you will put the spammer on legal notice that you did not want to be contacted"

    Since when is e-mail a legal document?

    Reply, and you've verified you exist.... good luck from there.

    Who writes this crap?

    Ignore. Lame. Bury.
  • jhubsch, on 10/12/2007, -0/+2I've set up a bunch of labels and so forth for GMail that direct certain senders into prespecified folders of sorts.

    What I would love more than anything is to somehow be able to filter anything else sent to me NOT already given a label to a Spam label/folder.

    I mean GMail traps a lot of spam, but I still keep getting a lot daily that I wish would just redirect via some sort of "If not labeled already, send to Spam"

    *sigh*
  • swooshonln, on 10/12/2007, -4/+0Honestly, I haven't had problems with spam for about a few years now it seems. If your still getting spammed, your on AOL or just dumb.


    HOW TO GET RID COMPLETELY OF SPAM:
    Don't post your email address online, and never use your email address to sign up for stupid *****. EOM
    • matthendrix, on 10/12/2007, -0/+1"If your still getting spammed, your on AOL or just dumb."

      Are you on the same internet as the rest of us?
  • evaneus, on 10/12/2007, -2/+0They didn't mention spam gourmet: http://www.spamgourmet.com/

    It allows you to create self-destructing email addresses on the fly that will forward x number of messages to your real account before ignoring any further emails.

    e.g. on a website form you submit an address something like:

    somewebsite.10.myaccount@spamgourmet.com

    spamgourmet will foward 10 emails from that site to your real address, after that it eats them.

    There are more advanced options but that is the basic idea.

  • groovymarlin, on 10/12/2007, -0/+2Cool article! I already use seperate email addresses for work and personal stuff, but I never thought to use a third address just for shopping-related things. What a great idea that now seems so obvious. Duh. :)
  • johnie1, on 10/12/2007, -2/+2now all we need is a way to eliminate digg spam off the front page
    • solarpowered, on 10/12/2007, -1/+1I think TFA was IronPort spam....
  • Spr0k3t, on 10/12/2007, -0/+3I'll digg anything that gives information on how to kill spam with 0 user interaction. I had no problems with spam at an email address I've had for years, then out of the blue I get bombed with 50+ a day. I've been able to eliminate quite a few, but they still creep in once in a while.
  • cheekybastard, on 10/12/2007, -2/+1Reply to each spam. WTF? Sloppy research and no practical experience would lead to this very bad conclusion. A GMail account forwarded to your clean (virgin - unshared with anyone) ISP account will save you alot of headaches. As everyone else has said. Writing letters to complain about spam etc. are a waste of time.
  • barryiggins, on 10/12/2007, -0/+2nuke russia
  • 7amWDG, on 10/12/2007, -0/+1So I have this thing called "The Sword" of which it I wield it at will or john or who ever I choose, and also cause it was the lamest name I could think of.

    The Sword is actually http://www.spammail.ca and I have requested that people sign up the email addy of spam@spammail.ca to newsletter, chain letters and newsgroups. It has been very successful, if we forward the mail to a gmail account the Gmail Spam Filter misses on average 450 messages a day that in delivers to the inbox not marked as spam.

    It sucks sorting that kind of volume by hand, trust me.

  • sw3t, on 10/12/2007, -1/+0gmail ?
  • MrViklund, on 10/12/2007, -0/+3The Ultimate Guide to Eliminating Spam Email: Don't get an E-mail address.
  • billrdio, on 10/12/2007, -0/+0Since a lot of spam is sent via compromised PC's, wouldn't requiring ISP's to regularly and automatically verify the integrity of their client's computers (i.e., make sure they are up to date on patches, not infected with any malware ...) and block computers that fail their tests go a long way to getting rid of spam?
    • ThePict, on 10/12/2007, -0/+0Oh yeah, that's a great idea. I'll just lower my firewall to whatever IP my ISP specifies and let them rummage through my computer and eat its cycles whenever they deem it necessary. Or maybe I'll run whatever Antivir/Antispy/Antimalware products they specify. Or maybe I'll install some closed-source client software their sophomore student programmer dreams up. Yeah. That's a great idea. Oh yeah, and I'll reformat and install Windows on all my Linux PCs, because they "don't support Lunix" and besides, there's so many great security apps for Windows. /end sarcasm.
  • monergism, on 10/12/2007, -3/+1What a useless article.

    Spam works because SMTP wasn't designed to be used by evil people. Sadly, people are evil and therefore we need measures to protect us from spam.

    As for the moron who suggested we need additional Government regulations, sir, educate yourself. We are living in a world where jurisdictions and laws are not equal. More Government is NEVER the solution.

    I am so very, very close to creating a whitelist and having people call me to be added. If I had a way to auto-add, I'd go with it. Sadly my hosting service doesn't provide a challenge/response yet but that'll be the next step to allow people to email me.

    I get Junkmail via snail mail. I can't stop this for whatever reason. I just live with it. I can identify it and remove it. At times I do get tricked into opening mail that appears to be a check from my bank/employer/client. That's evil.

    The long term solution is a change in communication and respect. While latter won't happen because people are evil, we can at least change the method of communication.
  • JPW420, on 10/12/2007, -0/+0gmail's spam filter is amazing. The plus addresses are very helpful. Hell, the interface is one of the best. I have ran my own mail server for 10 years, using various software on windows, and Linux. For the DIY type with their own domain, postfix and any of the various postfixy ways to prevent spam are awesome. But if your're lazy, forward everything through a gmail account. It does just as well as my postfix server did, but it's easy and I don't really have to think about it. Plus it's an automatic backup of your mail. And if google loses your data, something REALLY bad had to of happened. If you're the tin foil hat type, gmail probably isn't the answer though.
  • DietMountainDew, on 10/12/2007, -0/+0I have an email service using my own server, so installing spam filtering software isn't the easiest thing to do. I've heard that if you have root access, you can shut off the mail server from anywhere from a few days to a week.

    When the spammer emails you, it bounces back to their server, and there is a chance they will remove you from the mailing list since the email appears to be invalid.

    However you'll also not receive legit emails during that time.

    If we need to put government restrictions on anything, it should be old fashioned post mail. With Spam mail I can simple delete it, with real mail I have to shred it or else my identity will be stolen... lol.
  • mb96net, on 10/12/2007, -0/+1FTA "The drawback with SenderID, is that it fails if a message has to be forwarded."

    This is not true, the SenderID (or SPF) is checked against the forwarding domain and not the original, so as long as it is setup properly it will pass the SPF check. It uses the envelope from address and not the header from. If there was a domain based reputation service like a DNSBL for domains, and every domain had an SPF/SenderID record this would be the cure to SPAM. If spammers weren't anonymous we could filter them based on reputation.
  • Punisher2K, on 10/12/2007, -1/+1To eliminate spam, don't use email. End of problem.
  • imatard, on 10/12/2007, -0/+1The only true solution to this is to forget about your email address.

    There are some important things that were mentioned, but it doesn't say anything new.
  • sharjeelsayed, on 10/12/2007, -0/+1Use spamassassin with DCC,Pyzor,Razor and an RBL (like spamhaus.org )..All open source..
  • jummy, on 10/12/2007, -0/+1Preventing Spam - Bulletproof Solutions
    http://www.smashingmagazine.com/2006/12/14/preventing-spam-bulletproof-solution/
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.