Viewable With ANY Browser

Note: My Web pages are best viewed with style sheets enabled.

Spam: The Junking of Junk E-Mail

Copyright © 1999-2001, 2003-2007, 2010, 2011, 2014 by David E. Ross

The first time some terms are used on this page, they are links to a glossary. The glossary appears as a separate page.

What To Do About Spam?
ISP Filtering
Legislation
A New Source of Spam
A Vicious Spam
Really Dumb Spam
A Growing Problem
More Information

spam: the abuse of E-mail systems to send unsolicited bulk messages indiscriminately, frequently with commercial content.

In a scene from a biographical, made-for-TV movie about Alexander Graham Bell, the inventor of the telephone is sitting in his home. The phone rings, and he answers it. He starts cursing and hangs up. It was a telemarketer, using Bell's own invention to annoy him.

A phone call from a telemarketer might waste my time, annoy me, and even prevent me from receiving a phone call that I want. But I do not pay for the call. Junk mail — the U. S. Postal Service now calls it "standard mail" instead of "bulk mail" — also wastes my time, annoys me, and clogs the landfills. But I do not pay to receive junk mail; the advertiser pays the postage.

The sender of spam (junk E-mail) does not pay for my Internet connection; I do. In some nations, connections to the Internet are metered; the user pays for the connection by the minute or by the number of bytes. This is very much like receiving junk facsimiles; the recipient pays for the paper and toner to receive unwanted advertisements.

What To Do About Spam?

There are various actions individuals can take to handle spam. No-Spam graphic

According to AT&T Business Internet Services [link no longer available], you should never respond to spam. Be very careful that you do not send a "remove" request even if the message suggests doing that to remove your E-mail address from the spammer's distribution list. Any response to the sender (if you can determine a legitimate address for the sender) will merely confirm that your own address is valid and make it even more valuable to spammers.
You can ignore most spam. The outcry from a mass E-mailing is generally sufficient to have the sender's account cancelled. The sender expects that to happen — often before you even receive the spam — and has already made plans to acquire a series of new accounts.
Most E-mail clients include options for filtering incoming messages. I used Eudora's filters to send suspected spam to my E-mail Trash folder. For example, I trashed any message with XXX in the Subject line. For some reason, spammers think bracketing the subject with XXX will attract attention to their messages; actually, this repels me.
You can filter out messages from E-mail domains known to be sources of spam. A major source is hotmail.com, a unit of Microsoft. In the latter's favor, they do act promptly and vigorously against spammers; however, they appear to be overwhelmed by the volume of unscreened users for their free Web-mail service. Another source is yahoo.com, whose efforts to control spam is also overwhelmed.
Finally, you can filter based on IP addresses. It is far easier to forge a domain name in an E-mail header than it is to forge an IP address. Blocks of IP addresses are assigned to particular service providers. Other blocks are assigned to entire nations. Where a provider or a nation is lax in dealing with spam, reject all E-mail from that source.
Of course, filtering a message to my E-mail Trash folder did not delete it at my ISP's mail server. It first had to be downloaded before it could be filtered. Further, sending it to my E-mail Trash folder did not delete it from my PC. I still had the opportunity to view the directory entry in case it was mail I really want.
But this particular spam is disgusting! It promotes pornography, implies you need liposuction, or solicits a donation to a political party run by troglodytes. You can't ignore it. You want to do something about it.
Don't bother! As noted above, by the time you decide to take action, action may have already taken. Of course, there are ISPs that don't seem to care; they will ignore your complaints.
While I long opposed munging (corrupting) E-mail address on outgoing messages, I have been forced to do this for newsgroup messages. While it is a damned annoyance and is not completely effective in stopping spammers from collecting E-mail addresses (they are too clever at unmunging), it does reduce the problem.
However, I still strongly oppose this practice for E-mail. If I receive E-mail with a munged return address, I cannot reply without bothering to enter the return address manually. (I really do not understand this. Why munge an address in an E-mail message sent only to me? If I were a spammer, why send me E-mail? Since I am not a spammer, why munge your address?)

ISP Filtering

Many ISPs filter spam at their E-mail servers. This trend responds to two issues. First of all, their subscribers have been complaining about the time it takes for them to search through junk messages to find the message they want. Then there is the large amount of space spam occupies on a mail server until a subscriber downloads those messages.

Level 4 Service's Filter

Level 4 Services (my ISP) uses a commercial spam filter developed by EdgeWave. To protect subscribers against losing an incoming message that has been falsely identified as spam, spam messages are not deleted. Instead, they are saved and made available through a Web interface. If I find a legitimate message has been filtered, I can use the Web interface to have the message delivered to me. The filter allows me to either accept or reject future messages according to the domain or complete address of the message's sender.

All ISPs should use filters that have the characteristics of the EdgeWave filter:

Messages identified as spam are sequestered but not deleted. Users can still access them.
The filter can be tuned, both to capture messages that were not previously identified as spam and to pass messages that were falsely identified.
Users can submit passed spam and rejected non-spam to support the tuning.

EdgeWave's filter seems effective, contrary to the declaration of the California Legislature. A similar filter concept is used by Mozilla-based E-mail clients Thunderbird and SeaMonkey. The difference is that EdgeWave applies its filter at the mail server before I see my E-mail while the Mozilla clients (not running a mail server for the public) apply their filters in the mail client as messages are downloaded.

Broken Filters

Accurately identifying spam via software is highly problematical. It can be worse when an ISP deploys a filter developed by an outside vendor or uses an outside service to identify the sources of spam. The Internet remains a highly technical system, and good filters are also very technical. Many ISPs, however, fail to employ professionals who really understand what is happening.

America On-Line (AOL) — in attempting to prevent spam from reaching its subscribers — blocked E-mail from a number of Pacific Bell Internet (PBI) subscribers who were not sending spam. (In a series of telecommunications mergers PBI became part of Southwestern Bell, which then became AT&T.)
- According to the Los Angeles Times (print edition, 22 April 2000), a college instructor (a PBI subscriber) received complaints from many students (all AOL subscribers) that he never responded to their E-mail messages after he had requested them to use E-mail rather than the phone.
- The San Francisco Chronicle reports about a strained romantic relationship. The girlfriend (an AOL subscriber) sent several E-mail messages to the boyfriend (a PBI subscriber), who appeared to ignore her and never replied.
AOL claims that PBI was at fault because of a poorly evaluated change PBI made in its E-mail server. From personal experience, AOL's claim is credible. However, PBI's server was not broken and did not contain invalid software. AOL was at fault here because it neither bounced the rejected messages back to their senders (to let them know something was amiss) nor held the messages in a spam folder for AOL subscribers to review. (Note: PBI has been taken over by AT&T.)
On and off through the years, AOL blocks messages from me to their subscribers. They variously claim that I have a dynamic IP address for a non-dialup Internet connection, that my ISP's mail server is an open relay, or that excessive spam is originating with the ISP. All of these assertions were false, but they required special effort by my ISP to resolve. (Yes, I had a dynamic IP address; but it was because at that time I did indeed have a dialup connection.)
Occasionally, ATT/SBC Global — operating as SBC Yahoo! DSL — also bounces messages from my ISP's mail server. They use an outside service to identify spam sources, and the ISP's server was identified as an open relay for no valid reason.
E-mail from my daughter to my son was bouncing. My daughter was using Allstream (a national ISP in Canada, formerly operating as ATT Canada). My son uses ATT Worldnet (a national ISP in the U.S.). (Despite the names, ATT Canada was quite unrelated to the ATT we know in the U.S.) Apparently, a spammer used Allstream to flood ATT Worldnet with unwanted messages, so ATT Worldnet rejected all messages from Allstream. Both ISPs were at fault.
- Allstream should have noticed the large number of outgoing messages from its system. Either they had an open relay (inexcusable since that error can easily be detected and corrected), or else they had a rogue subscriber. In either case, Allstream could have stopped the spam. However, Allstream did not know they had a problem until their own subscribers started complaining about bounced messages to other ISPs.
- ATT Worldnet failed to inform Allstream that it was a source of spam. Then, instead of filtering only the spam, it rejected all messages from one of the largest ISPs in Canada.
For other reasons, my daughter cancelled her Allstream account and switched to a different ISP.
The following appeared on the Risks newsgroup (comp.risks), in Risks Digest 22.95.
From: John Bechtel
Subject: Re: Too much spam filtering
I read with interest the item in RISKS-22.92 about spam filtering for good e-mail, and note as well the comment about not trusting your ISP. I have recently had to change my ISP from AXX (name changed) because of their aggressive spam filtering policy. AXX advertise that they aggressively filter spam, and equally go after spammers. I applaud the attitude. I cannot applaud their mechanism.
After too many games of "Did you get my e-mail?" … "What e-mail?" leading to missed appointments and what-have-you I was told that 1) AXX was spam filtering my e-mail even though I had set my account not to filter anything, 2) I would not be allowed to see or change the policies used to decide what was spam and what wasn't, 3) It was not possible for me to see what was being "filtered" in order to rescue it, and 4) Filtering could not be turned off. After I gave them a list of addresses that I knew were being blocked I was told that AXX had detected spam from their ISPs… not my people specifically, just the ISP. I was told it was best for me to contact those people's ISPs to ask the ISPs to stop allowing spam. Only then would AXX stop deleting my e-mail. BTW, I don't consider that AXX was filtering my e-mail… they were deleting it, at random, without notice.
They produced some discussion about possibly being able to selectively allow specific addresses, in the concept of allowing known addresses through, but were not sure it would work, and of course that would not solve the problem of e-mails from third parties that I do want being filtered never to be seen again.
I believe some new versions of AXX can allow users more control since then, but I was not told about that at the time (1 month ago), nor am I sure now, nor do I care.
John Bechtel, Surrey, UK
Outblaze provides E-mail applications to ISPs, including to PBI. Apparently, the applications include a built-in spam blocker that works from a list of IP addresses. I was blocked from replying to mail I received from a PBI user.
My ISP's analysis indicated that another user had been infected by a computer virus that caused the user's PC to generate a flood of E-mail. Outblaze's list of blocked IP addresses was then updated to block all E-mail from my ISP, not merely E-mail from the infected user. The ISP was never notified of this block, and Outblaze failed to remove the block when the ISP itself took corrective action against the infected user.
I consider it unacceptable that PBI allowed its users to send me E-mail but not receive E-mail from me. This is almost as bad as the "E-mail black hole" that AOL instituted earlier against PBI. Instead, if PBI insisted on bouncing any message from any ISP's server, PBI should have also bounced messages from its own users to that server.

Most of these problems occur when an ISP relies on a simplistic approach to filtering, generally on a filter that uses a list of "bad" IP addresses or mail server domains. This does not work! This approach to filtering relies too much on the past, on what spammers did yesterday. At best, this approach to filtering fails to stop spam when spammers quickly abandon old E-mail accounts and start new ones with different IP addresses or domain names. More often, this approach results in legitimate messages being rejected because of a blanket interdiction against an entire mail server or even an entire ISP. It should be unacceptable for a major ISP to use a simplistic third-party spam blocker that relies on a list of IP addresses rather than on analyzing messages to determine if they are really spam.

Another problem with automated filtering occurs when strings of characters that might be offensive are blocked without any serious contextual analysis. Thus, a message about someone graduating from a university magnum cum laude ("with great honor") might be filtered because of the word cum (Latin for "with", but slang for "semen"). Such problems with string filtering without context analysis are thoroughly explored in the Wikipedia article on the Scunthorpe problem, the term often used to describe this problem.

Note, however, that an ISP can carry filtering to any length it chooses, even rejecting all E-mail messages from a competitor for the sole reason of competition. There is no law requiring an ISP to relay E-mail messages to its own subscribers from an outside service. However, this has never been tested in court. With AOL blocking PBI and my ISP and then SBC Global and PBI blocking my ISP — all for no good reason — perhaps an ISP blocked because of a false reason can successfully sue the blocking ISP. That might be the only way ISPs can be forced to use technically sound methods of preventing spam.

Legislation

*** Begin Right Sidebar ***

Virginia Arrests Man for Spam Email Under New Law

Thu Dec 11, 3:07 PM ET

DULLES, Va. (Reuters) — Virginia authorities said on Thursday they had arrested and charged a North Carolina man for sending "spam" e-mail in the first use of a new state law that could bring penalties of up to 20 years in prison.

Virginia Attorney General Jerry Kilgore said Jeremy Jaynes had been arrested earlier Thursday in Raleigh, N.C., on four counts of using fraudulent means to transmit spam. Kilgore told a news conference that officials were in negotiations for the surrender of a second man, Richard Rutowski, on the same charges.

Jaynes was charged with violating limits on the number of messages a marketer can send and falsifying routing information, both illegal under the Virginia law that carries penalties of 1-5 years in prison on each count.

Although based in North Carolina, Virginia is asserting jurisdiction over Jaynes because he sent messages through computers located in the state. Roughly 50 percent of the world's Internet traffic passes through Virginia, home to big Internet companies like Time Warner Inc.'s American Online unit and MCI.

Spam has grown from a minor annoyance to a major threat to the stability of the Internet, experts say, and now makes up more than half of all e-mail traffic, according to several surveys. "These criminals are harming businesses in Virginia, and that concerns us," Kilgore told the news conference at AOL headquarters in Dulles, Va.

Copyright © 2003 Reuters Limited

*** Begin Right Sidebar ***

In California (where I live), several anti-spam laws have been enacted.

§17538.45 of the Business and Professions Code was added in 1998 to make ISP policies against spam enforceable.
§17529 (and subsections) to the Business and Professions Code was added in 2003 (becoming effective 1 January 2004) to make spamming a criminal offense. Civil penalties were raised to $1,000 per message and $1,000,000 per spamming action. Interestingly, the California Legislature explicitly declared in this legislation that anti-spam filters are generally ineffective.

While I do not know any details, I do know that anti-spam laws have been enacted in other states. Any legislation should consider the following:

Anonymous E-mail should not be prohibited. There are legitimate reasons why someone might want to send a message without being traced by the recipient; ask any whistle-blower.
Distribution of messages to mailing lists should not be restricted when the recipients indeed want to receive those messages. I have a friend who sends weekly joke messages to over 100 willing recipients.
The scope of any law should be limited to commercial messages. Political messages, personal messages from strangers, and unwanted rantings from your least-favorite uncle should not be classified as spam.

Most important, Congressional action on this issue should not block state laws (contrary to Congress's action on pollution and privacy legislation). Legislation being considered by Congress in 2003 would not only undo state laws and legalize some spam banned by states but would also favor business over consumers by allowing only ISPs to sue spammers. Recipients whose E-mail is clogged with spam would not be allowed to file lawsuits.

Oops! Too bad! Congress passed its legislation that indeed invalidated stronger state laws. And yes, the new federal law only allows ISPs to sue spammers; and it only provides for "opt-out" controls, not "opt-in" as provided in some of the state laws it repealed. But then, spam — very much like personal information — is business. As intended by Republican leaders of Congress, the new federal law has proven totally ineffective in reducing the flood of spam. Advertising über alles!

Nevertheless, a state appeals court in California ruled in 2011 that the Federal CAN-SPAM Act allowed states to enact laws against E-mail fraud and that spamming with deceptive Subject or From header fields was indeed a form of fraud. Since California's anti-spam law addresses such deceptive E-amil, the state law was not preempted by the Federal CAN-SPAM Act.

A New Source of Spam

[Written in February 2000]

According to the webzine Salon.com, a new "service" threatens to change the character of spam. Epidemic Marketing, Inc. is soliciting the public to become free subscribers to its service. Subscribers are given advertisements to insert into E-mail messages they send. The advertisements contain Web links. If the recipients select the links, the senders receive a small payment.

Get real! This is still spam, and I intend to handle it as I describe elsewhere on this page. I do not care if the message is from a friend or relative; spam is still unwanted in my E-mail queue. Unfortunately, the senders of these messages will be the ones whose ISP accounts get cancelled. Epidemic Marketing will remain untouched … at least until a subscriber whose account is cancelled sues Epidemic Marketing for causing the cancellation.

A Vicious Spam

Much spam originates in the nations along the Pacific coast of Asia. Not only are these messages unwanted, but also many are unreadable. They are not written in the Roman characters used in European languages.

A typical subject displays as:

¶W±j°ª¼é¤fªA²G§Y¤é°_¤T§é¯S»ù¾P°â¡A¥un9¬ü¤¸´N±a¦^®a¡A½æ§¹¬°¤î¡I

Even longer subjects are often seen. Subjects such as these crash my E-mail client, sometimes so severely that I must reboot my PC. When I delete these message via my ISP's Web-mail interface and then restart my E-mail client, I usually find that the table of contents for my In folder is corrupted.

I just cannot understand why a business in China, Korea, Taiwan, or other Asian nation would send me messages I cannot understand.

Really Dumb Spam

Some spam is truly dumb. Actually, some spammers are totally ignorant.

They send messages that no one can read. For example, I sometimes see both the Subject and body of a message that look like the example I gave of vicious spam. Or it might look like:

=A5=B4=C2Z=B1z=A4F=A1I=A5=D1=A9=F3=A5=BB=A4H=A6=B3=A4@=A8=C7=A7x=C3

Some messages have subjects that are too obviously spam (especially spam promoting pornography).

Draw for a holiday in Florida
you should watch me do my thing
herbal pill will actually ENLARGE you
INVESTORS: Blue-Chip, Stock-Trading System---77% Return---Automated
Good sites to see, you asked to be on our list [no, I did not]
Re: john, size matters to me!
perform to pleasure her today.

Some messages have subjects with strange spacing or spelling, apparently an attempt to confuse filters.

Rx - Valium, Xanaxx, Via.gra...ashby [a misplaced . in the word Viagra]
Stop that SPA M emails forever [an extra space in the word SPAM]
Hérbal Viagrä Altérnativé [es with acute accents, a with an umlaut]
ñever pay for what you can get free [n with a tilde]

Some messages are in a foreign language that I don't understand.

Más de 20.000 solteras y solteros
Mise a jour de votre convention collective au 10 novembre 2003

Some messages have nonsense subjects.

guacamole concierge
gyrocompass loot pervasive
bagatelle friday quintillion
That epochal by managerial
you jacobian he euphoric
Be barnacle whichever inconsistent
calvary menial anticipatory
A it surprising
Back thank the external Galactic Spirit?

I made up none of these. Instead, I extracted them from actual spam. The point is that the spam nature of these messages is so obvious that no one (except possibly an Internet masochist) would do anything other than trash them. These spammers have dropped their junk into a black hole with no chance of accomplishing anything. These messages are NOT being read. Some day, one of these spammers might gain the intelligence of a rock and realize that he or she is expending time and effort on a useless task.

A Growing Problem

In 2006, I recorded 1,443 spam messages in one month; my ISP's filter caught about 1,080 of them. During one month in 2007, I recorded 4,589 spam messages, a growth of 275%. While the ISP's filter caught 2,735 of them, that was a smaller percentage of the total spam (75% in 2006 versus 60% in 2007). The filter also caught 10 messages that were not spam (0.4% false positives).

Looking at the problem differently, I received 4,759 total E-mail messages in that one month of 2007. Only 170 (or 4%) were "real" messages; 96% were spam. That's 5 legitimate messages against 148 spam messages per day.

In March of 2010, I again collected statistics on spam. In that month, 1,926 E-mail messages were received for me by my ISP's mail server, excluding test messages that I sent to myself and copies of messages that I sent to an E-mail discussion group.

391 (20% of the total) messages reached the inbox of my E-mail client.
- 380 (97% of that 391) were legitimate messages.
- 11 (1% of that 391) were spam not caught by the filter.
1,535 (80% of the total) messages were caught by the filter.
- 1,524 (99% of that 1,535 ) were actual spam.
- 10 (1% of that 1,535 ) were legitimate messages (false positives) resulting from my own setting of filtering rules.
- 1 (<0.1% of that 1,535 ) was a false positive not affected by my setting of filtering rules.

This demonstrates the effectivity of a mail server filter in stopping spam, but it also demonstrates that Congress's "business first" anti-spam legislation is obviously a failure. It is quite likely that spam is a greater cause of Internet congestion and bandwidth saturation than file sharing and the downloading of music and videos.

Despite the toothless federal CAN-SPAM Act, however, the volume of spam seemed to decline in 2010. Much of this decline is attributed to the shutdown of a very large botnet that was the source of spam. Improved anti-spam filters implemented by ISPs may have also contributed to this decline. It is not known whether the decline will continue or whether spam will again increase in volume. Nevertheless, spam still accounts for 65% or more of all E-mail messages. It is also seen in Web forums and newsgroups.

More Information

The following links may be useful in dealing with spam:

Network Abuse Clearinghouse: "The Network Abuse Clearinghouse is intended to help the Internet community to report and control network abuse and abusive users."
SpamCop: This is a free service for reporting spammers to the appropriate departments within ISPs.
Fight Spam on the Internet!: Offers advice on waging your own personal fight against spam.
How to Fight it — Elsop's Anti-Spam Page: Links to other resources.
Yahoo! Mail Help Topics: Spam, Viruses, and Other Abuse: This describes how open relays and open proxies aid spammers, defining those terms. It also has links to services through which you can test your own E-mail server.
The April 2005 hardcopy edition of Scientific American magazine contained the article "Stopping Spam: What can be done to stanch the flood of junk e-mail messages?". While the article was interesting, I'm not sure I agree with some of the approaches suggested. The article is available for purchase on the magazine's Web site; to locate it, do a search on the title from the magazine's home page.

And then, of course, there is the Spam page, owned by Hormel Foods Corp (manufacturers of Spam processed meat).

Updated 22 January 2014

Valid HTML 4.01