Frequently Asked Questions
UBC Mathematics: MathNet FAQ [Avoiding Spam]



UBC Mathematics: MathNet FAQ [Avoiding Spam]



Question: How do I minimize the amount of spam I get?
Author: Joseph Tam
Date: July 28, 2005

Spam seems to be a problem that annoys people disproportionately to its actual damage. These people are offended by the content and the violation of what they perceive as their "personal space". For a few people, the sheer volume of spam causes real problems.

This FAQ topic will outline some strategies that an account holder can use to reduce or eliminate spam. This FAQ will not cover issues of countermeasures employed by the IT staff to filter spam.

Preventative measures

Preventative measures are by far the most effective means by which one can reduce spam. Once your Email address gets into a spamming database, it's virtually impossible to get out of one. At this point, it's not a question of if, but how much, spam you get and the solutions to combat it get harder.

  1. Do not divulge your Email address: this is drastic and unpractical in the most rigid sense, because enacting this policy would preclude you from getting any Email, spam or otherwise. However, the closer you can come to this ideal, the greater the chances you can avoid spam. At the very least, you can ...

  2. Avoid putting your Email address on public web pages: spammers have special web search spiders that crawl over the Internet and pluck out Email addresses from web pages, and collect them into a database that they can later use to send spam to. If you must publish your Email address, either use a disposable Email address or obfuscate it in such as way to defeat automatic collection.

  3. Avoid revealing your Email address in newsgroups and public mailing lists: the same applies here.

  4. Keep out of people's address-books: if someone you know has your Email address in their address-book, and their computer gets infected with a virus, there's a significant chance your Email address will get picked up in a spammer's database.

  5. Leave Email fields empty when filling out web forms: web sites often require you to enter an Email address as a confirmation or for correspondence purposes. If possible, use alternate forms of contact or leave it blank. You can also use a disposable Email address. Either way, you ought to do the next step ...

  6. Read privacy policies: some organizations will bury in the fine print of their "Terms and Conditions" that by using their service, you are allowing them to use your Email address for commercial purposes, or sell your address to a third party. Treat your Email address like your unlisted telephone number: don't give it out until you are assured that it is only to be used for its intended purpose.

  7. Use obfuscated Email addresses when you must publically reveal your Email addresses: this will lessen the chances that an automated Email collector will get your Email address. Sometimes it's hard to tell where your Email address will appear. For example, you might contribute to a closed mailing list, but unbeknownst to you, contributions may be archived on a public web page.

  8. Use temporary/disposable Email addresses: if you have the means to do this, this is a good way to communicate via Email when you are unsure whether divulging your Email will breach your privacy. It's also a good strategy in cases of confirmation or other short-term communication needs where the lifetime of the correspondence is limited.

Counter-measures

Over and above what the IT administrative staff employs, you can take extra steps to try and reduce the spam you get.

  1. Change your Email address: a drastic step since you will have to update all the people you correspondend with, but you will start fresh and go back to preventative measures.

  2. Whitelisting: almost as drastic is to only accept mail from addresses you know. You may use procmail to enforce this, or you may use automated software that will Email the sender if the address is not recognized and confirm whether they want to register. This tends to be annoying for the first-time sender, but if you can live with the upkeep, this method is highly effective.

  3. Complaining to the source of spam:this is like throwing a tantrum: it might make you feel better, but in the long run, it never works. Spamming hosts are usually computers owned by innocent people who have had their computers hijacked. The computers may also be owned by spam-gangs who set us their own ISPs or use another ISP with the full intention of not living up to the ISP's acceptable use rules. When the ISP kick them out, they move on to another ISP. Many times, the sending host is located in another country with lax enforcement or insufficient laws to deal with the spammers.

  4. Filtering: the IT staff has many filters in place, but as with all spam filter, none of them do a perfect job. If the spam you get can be characterized by a string pattern (e.g. always from the same Email address, has foreign chacacters you can't read, etc.), the IT staff can help. You can also write your own filters via procmail.

  5. Ignore and delete: by far, the easiest and most straightforward way to deal with the spam you get.

Things not to do

What you should never do is to respond to spam. Most automatic "click link to unsubscribe" or "Email us to unsubscribe" is to sucker you into revealing the fact you actually got the spam they sent, and you will likely get even more spam.

 
Top