cancel
Showing results for 
Search instead for 
Did you mean: 

Email: Spam FAQs

csogilvie
Grafter
Posts: 5,852
Registered: 04-04-2007

Email: Spam FAQs

Tutorials and FAQs: Email: Spam FAQs

What is Spam?

"Spam" is the term used to refer to Electronic junk mail or junk newsgroup postings, and is the Internet equivalent of junk mail which arrives through the postal service. Some people define Spam even more generally as any unsolicited email, however, real spam is generally considered to be e-mail advertising for some product sent to a mailing list or newsgroup.

In addition to wasting people's time with unwanted e-mail, Spam also eats up a lot of network bandwidth. Consequently, there are many organizations, as well as individuals, who have taken it upon themselves to fight Spam with a variety of techniques such as our Spam filtering (details) and redirection address. However, because the Internet is public, there is really little that can be done to prevent spam, just as it is impossible to prevent junk mail. However, some online services have instituted policies to prevent spammers from spamming their subscribers and we will block those seen to be sending spam from our network.

What is "spoofing"

Email spoofing may occur in different forms, but all have a similar result: a user receives email that appears to have originated from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).
Examples of spoofed email that could affect the security of your site include:


  • email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not do this
  • email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information
  • email claiming to be from a popular website (such as Ebay) asking you to confirm your credit-card details etc.

Many people now see a "returned message failure" which looks to be a message they have sent which has failed and a notification is sent. If you did not send the message, and do not recognise the users then please delete these messages as they are spoofed and not warnings or notifications to yourself.

More information on what Spoofing is can be obtained from Ebay's Spoofing Tutorial

Why do people send Spam?

It is sent for a number of reasons some of which include:


  • Purely malicious - just to clog up the Internet and people's mail boxes.
  • For marketing and financial purposes selling things as varied as prescription drugs right through to banjos and so on. Also covered under this are those advertising services and websites which generate many pop up windows when viewed in a web browser which make money for the sender.
  • those who are trying to gain private details such as credit card or bank details (this is known as phishing). Under no circumstances should these ever be replied to as no bank will ever mail you asking for a mailed confirmation of account or password details.
    Note: although the URLs in these emails may look legitimate, they rely on bugs in a variety of web browsers where if a "null" character was included, the site would look legitimate but be somewhere else. This means that although you may see a standard Internet Banking Login page, your details are actually being sent to a hacker who owns the site www.example.com (note this is a legitimate web address used purely for example purposes)
  • Spam may also be generated by people who you know and trust. This is usually because they have managed to become infected with a virus and it has started sending emails without their knowledge. If you see this happening it would be advisable to contact your friend and let them know. However, it may not be completely obvious who this is as the address may be spoofed. (see What is "spoofing")


Who is sending Spam?

The people who do this are many and varied and it is hard to put a tag on any specific groups, as it ranges from those who do it for a gain, for malicious purposes and those who do it by accident (eg. Virus infection) and it seems new spammers and groups are appearing every day. Spam mails are often accompanied by viruses or worms. In order to prevent a computer being infected by these it is important to have a good understanding of this possibility - more information is available in the Essential Security Software FAQ.

How are people managing to Spam me?

As a policy we (VISP Full Name) will never ever release your details to any 3rd parties at all.

However, almost as soon as you get an email address and start using it then you will begin to receive spam. The main reason for this is because people trawl Internet sites (including discussion forums etc.) and news groups to find email addresses that have been used. This is often automated using what are called havester bots - programs/scripts that automatically scan public websites, newsgroups and forums for email addresses contained within web pages and posts/signatures, similar to how web search engines collect details of websites for inclusion in their search databases.

Another technique which is often used is to send an email to popular email sites such as Hotmail where the mailbox (the bit before the @) is common, and to a lot of variations (eg smith1, smith2, smith1242). These web based providers also recycle email addresses and publish them in members directories which makes them public. Another tactic often use is to send email to public mailing lists, where they just need to use one address and the email is sent to many subscribers.

How can I stop it?

The simple answer, is that you can't. However, you can take preventative measures.

VISP Full Name offer a redirect address which you can send all offending messages to this address is blackhole@abuse.plus.com – which can be set-up in the Email Settings area of the Portal. This is particularly useful if you follow the policy of signing up for different websites with a "unique" address for that site. For example, registering for Ebay with ebay@username.plus.com means you can instantly identify fake emails concerning Ebay as they won't go to that address. If the address starts receiving junk mail, you can then change it at the site and block it using the Blackhole address. There is also a services bundle which includes a spam filter and can be activated via the Services area of the portal. (Note: There may be an extra charge for this service depneding on your account type.)

Users can also set-up separate mailboxes so that only mail addressed to that alias will go into the mailbox and the default mailbox can be blocked by request.

Another way to combat email collection is to not put email addresses on websites (use a contact page instead), or include email addresses on forum posts or within your signature on public forums or newsgroups. Using methods such as specifying your email address as name@nospamdomain.co.uk (with a note to remove nospam before sending email), or use a format like sales at domain dot co dot uk which still allow you to show email adresses but in a format that will be less likely to be picked up by email harvesting bots.

Finally there are sites such as www.spamcop.com which allow you to report spammers and can help with finding out where the message is from.

Tutorial originaly written by stewnorris
19 REPLIES
N/A

Email: Spam FAQs

I use Mailwasher to sort out which eMail messages to accept. I have been receiving a very large number of "Spoofers"recently, most of them purporting to be "Returned Mail". I bounce these using Mailwasher. I have received two lately purporting to come from "Mailer-Daemon@........". When I bounce this one, it is removed but immediately replace by an identical one. Any advice on dealing with this will be welcome.

gleet2
N/A

Email: Spam FAQs

Immediate advice: Don't bounce any messages with Mailwasher.

99.9% of all span comes from a fake address. This address is usualy picked at random, from the same list of addresses used to send to.

This results in nothing more than you sending a bounce to a 100% inocent party. AKA, much the same as you being sent the bounce from mailer-deamon@ in the first place.

As such, bouncing the message does little more, than help contribute to the spam out there on the internet.
Community Veteran
Posts: 6,983
Thanks: 8
Registered: 10-04-2007

Email: Spam FAQs

As philip has said above.
Disable the bouncing option on mail washer as you are just adding to the clutter on the internet by bouncing mail to addresses which will be nothing to do with the original sender.

Simply delete these messages.
N/A

Email: Spam FAQs

It gets complicated. Will follow your advice. Thanks acarr and Johnessex

[Moderator's note by Chris (Eurotrain4): Accidental double post removed]
N/A

Spammer using my domain name

There is a spammer using my domain name to email presumably millions of email adresses, and i am receiving hundreds of return emails every day. I have set up rules to transfer these return emails into the deleted folder on Outlook, and reported the spammer in as many places as possible, but it is still a real nuisance because of the volume of emails coming through.
All of the email addresses are in a format similar to XYZGGG@domain.com, but the XYZGGG is varied randomly.
Is it possible to block the emails at Plusnet's end? I only want to see emails that are addressed to legitimate email adresses like name@domain.com (the domain is hosted by Plusnet)
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Email: Spam FAQs

Yes it is possible:

- Create all the 'named' mailboxes you need including postmaster so anything that goes to your default mailbox can safely be deleted. This includes mailboxes for email addresses for your domain - i.e. for fred@domain.com, bert@domain.com you need to create 'named' mailboxes called fred & bert..
- Raise a contact us ticket and ask support to add a redirect on your default mailbox to blackhole@abuse.plus.com and all emails to your default mailbox will automatically be deleted.
CaptainFantasti
Grafter
Posts: 125
Registered: 02-10-2007

Email: Spam FAQs

I've received an email marked [-SPAM-] which isn't.

How can I tell the Spam Protection filter that this is legitimate email, so that it can learn?

I've been through the Spam Filtering FAQ with no answer, even following the link to Spam Filtering Overview page, which brings up a 404 Page Not Found error.



[Edit] - This post still stands - I edited the wrong post! :!:
N/A

Email: Spam FAQs

I run my website and mail through powweb.com at the moment. They have greylisting (which one can switch on and off). I've found this to be a *very* effective method of stopping spam. I do lose one or two mails from legitimate locations - typically sites I've signed up to that are asking for confirmation but you can whitelist an address and get them to resend it... or a lot to the time it resends anyway.

Overall, I'm very impressed with greylisting, it's reduced my spam from 10 a day per account to a lovely round zero. Smiley

Cheers
Vicky
Hoseman
Grafter
Posts: 30
Registered: 11-09-2007

Email: Spam FAQs

Quote
I've received an email marked [-SPAM-] which isn't.

How can I tell the Spam Protection filter that this is legitimate email, so that it can learn?

I've been through the Spam Filtering FAQ with no answer, even following the link to Spam Filtering Overview page, which brings up a 404 Page Not Found error.



[Edit] - This post still stands - I edited the wrong post! :!:


Anyone have an answer for this?Huh
MysteryFCM
Grafter
Posts: 528
Registered: 30-08-2007

Email: Spam FAQs

The Spam Filtering Overview page seems to have moved to;

http://portal.plus.net/support/email/spam_filtering_overview.shtml

For the Q (listed under 6. How does the Spam filter identify unwanted Spam email?);

Quote
You can also teach the Spam filter what is and is not Spam. If you are sent a Spam email but it is not detected as such, you should forward the email to thisisspam@username.plus.com. If you have any hosted domains you can also forward the email to thisisspam@yourdomain. You can choose to forward the offending email either as an attachment or in the body of an email and the system will learn to mark these emails as Spam.

Similarly, if you receive an email that is tagged as Spam but is not Spam you should forward it to thisisnotspam@username.plus.com or thisisnotspam@yourdomain if you have a hosted domain.
Hoseman
Grafter
Posts: 30
Registered: 11-09-2007

Email: Spam FAQs

Thanks as that should do the trick.
MysteryFCM
Grafter
Posts: 528
Registered: 30-08-2007

Email: Spam FAQs

Your welcome Wink
Hoseman
Grafter
Posts: 30
Registered: 11-09-2007

Email: Spam FAQs

Quote
Similarly, if you receive an email that is tagged as Spam but is not Spam you should forward it to thisisnotspam@username.plus.com or thisisnotspam@yourdomain if you have a hosted domain.


This hasnt actually worked as Im still receiving emails from the same source tagged as spam. Ive checked the email address and it is correct according to the above. Any idea why this might be?
MysteryFCM
Grafter
Posts: 528
Registered: 30-08-2007

Email: Spam FAQs

I've no idea I'm afraid (don't use PlusNet mail myself). You might want to ask one of the PN moderators.