informa
/
4 min read
article

Langa Letter: Has Spam Won?

Don't let spam win! Take back your mailbox with these anti-spam tools.
SpamCop, HostedScripts, And More
SpamCop offers E-mail-filtering services, but without ads, and for a fee. It costs 50 cents for each megabyte of E-mail you filter through SpamCop. (The SpamCop site also has good, free information and spam-reporting resources, and is worth visiting for that alone.)

The Sam Spade site features a rich array of live, Web-based spam-fighting and -tracing tools, and you also can download its freeware, an integrated network query tool for Windows 95, 98, NT4.0, and 2000.

With the recent expansion of top level domains, it's become somewhat harder to track spam to its source because some "whois" services are limited to specific domain types. But several meta-whois services, such as SmartWhois and Allwhois, make multiple- top level domain searching easy, so no spammer will be beyond your ability to back-track. (For an extremely thorough how-to on tracking spam to its source, see Claws and Paws.Com.)

The Network Abuse Clearinghouse offers easy ways to look up the correct address for reporting spam abuse at thousands of sites. They also provide information on automated spam reporting tools, ways to decode obfuscated IP addresses, and more. Its sister site, http://spam.abuse.net, is aimed at promoting ethical Net commerce.

The Open Directory Project's metacategory of "computers:internet:abuse" is a veritable gold mine of additional resources for fighting not only spam, but fraud, denial-of-service attacks, and a host of other related problems.

Finally, if you're a Webmaster or site owner, HostedScripts has a page that's absolutely wonderful. The free dynamically generated page is designed to trap the spiders and robots that spammers use to harvest E-mail addresses from the Web. These robots usually look for a "mailto:" HTML tag, or an alphanumeric string with an @ in it somewhere. When they find something that looks like an E-mail address, they send it back to the spammer's central database.

The idea behind the 'bot trapper is to place a link to http://members.hostedscripts.com/antispam.html on your site, so any address-harvesting robots traversing your pages will detour off to that page. Each time it's visited, the HostedScripts page generates 100 totally bogus, totally random fake E-mail addresses, complete with "mailto:" tags. The bottom of the page features a recursive link back to the same page. So an E-mail-harvesting robot will enter the page, find 100 fake E-mail addresses, then follow the link on the bottom of the page back to the same page, where it discovers 100 new (fake) addresses, etc. It's an endless loop that can stuff a spammer's databases full of useless fake addresses.

Of course, a clever spammer can build a robot to skip the "hostedscripts" domain or any recursive pages. But the scripting trick can easily be locally duplicated on any site. If most sites offered up at least one page of legitimate-looking but totally fake addresses that a spammer would have to identify and weed out of their databases, Web-based address-harvesting would become far less attractive and economical for spammers. I love this idea!

So as you can see, the tools for fighting spam are there and available at every level of the E-mail chain. Arm yourself--and take back control of your mailbox!

How do you fight spam? What sites and resources do you use? One estimate places the volume of spam at about 30% of all E-mail; how does yours compare? Does your company allow or mandate the use of spam filters? Do you use filters on your personal system? If you use a filter, how do you prevent throwing out some valid E-mails along with the chaff spam? What other ways do you use to stop the rising flood of unsolicited commercial E-mail? Let's pool our knowledge--join in the discussion!