Hello List Buds, one of my very favorite sites "Hot-deals.org, aka hotdealclub.com" the webmaster posts deals and great info and is 100% non-profit. He's very knowledgeable in IT and he posted the following on his site regarding SPAM...
(FYI. I check this site many times a day as there is always great information and especially good deals... and being in IT for many many years, I can tell he does know a lot about the net and running websites..) Anyhow, on his site today is the following on SPAM. Since many of us are wondering how to stop SPAM, etc... I thought it relevant and figured Maniac wouldn't mind.. FYI, the links to his sites are: www.hot-deals.org or www.hotdealsclub.com since his page changes daily and new stuff is appended to the top of the page, I thought I'd clip it and put it in an email that y'all can save if you like. Anyhow, he identifies in a very simple manner how to distinguish spam from non-spam, and what to do. Sorry if it may seem off topic, but this is a subject very dear to all of our hearts and... seems to come up all the time... Laura ---- from hot-deals.org Fight back against SPAM email: Do you hate spam as much as I do? Sending out unsolicited spam email is not only illegal, but wastes people's valuable time. This article may help you fight spam, if you follow these simple steps: Never post your email address in a public place on the Internet. Never respond to spam. Send complaints to the spammer's ISP either by yourself or by using a spam complaint service. First, let's explain what SPAM really is: "Spam" is unwanted unsolicited impersonal commercial advertisments sent over email One easy way to identify a spam message is by its subject or looking at the "from" email address. Spammers often attempt to hide their email source. If you signed up to receive commercial advertisments from Blockbuster.com, the commercial email they send you is not spam, because you requested to receive advertisments from that company. If a company trades your personal information to a third party for the purpose of sending you email advertisments, that is not spam as long as you agreed to a company's terms & conditions that specified your information may be shared. Spam emails hide their return addresses. For example, a spam email may appear to be from [EMAIL PROTECTED] or [EMAIL PROTECTED] Spam messages are sent across the Internet by automated robots and get to your inbox by random chance. Spammers often guess email addresses or scan usenet posts in the hopes of finding a valid mailbox. It's kind of like parking your car on the street, and finding a flyer on the windsheld a few hours later. The advertisments are not directed at you personally. The key here is personal. If a message appears to be personal, like your name is written in the message, then it is not spam. Spam messages often advertise illegal or too-good-to-be-true stuff, such as: "Win a million dollars", "buy Viagra online", or X-rated things. Spam messages are easy to identify with their pushy advertising, silly text graphics, and bad grammar. It is important that you understand what spam really is, before you take the action against the spammers. Here are some examples of what is and is not spam: This is not spam, assuming your name is John Doe: Hi, John Doe. Would you like to win a million dollars? This is spam: Click here for a chance to win a million dollars. Once you identify a message as spam, follow these important tips: Never ever respond to a spam message or click on their links, otherwise you will just get more spam. If a spam message says "to be removed from our mailing list" with instructions to either respond to the message or to click a special "remove" link, do not do it. Spammers have lists of millions of email addresses, and they have no idea which emails are actually valid. In fact, only a small percentage of their email lists contain valid email addresses. They have no idea which ones are good and which are not. If you respond to a spam message, then they will identify your email address as hitting a real person, and you will be subject to receive more spam. Some spammers just send out bulk emails instructing the user to click a link or send an email to be removed from a list, and the spammer will collect a list of emails that received a human response, and sell illegially those email lists to other spammers. Never trust the spam's "From" email address. A fatal flaw in email technology is that the "From" email header can be false. It's kind of like dropping off a letter at the post office - technically you can write any false name & address on it to hide your true identity. Some spammers have even been known to impersonate others. One time someone sent out spam with a "From" address of this website, and people actually believed it was from us when it wasn't. It took us a few days to collect some spam evidence from various sources and shut down the spammer. To throw off the authorities, spammers can create bogus "Received" lines in the message header. Typically when you receive a spam message and you click on "view all headers" in your email program, you may see several "Received" lines. 99% of the time, all the "Received" lines are completely bogus, except for the first one which cannot be falsified. For example, a spammer may write a "From" email address at "@yahoo.com", and enter some bogus "Received" message headers to make it look like the message originated from Yahoo.com. Some examples of this can is showed below. Spammers use robots to obtain lists of email addresses from the following sources. It is important to understand this, so that you can avoid publishing your email addresses to unwanted parties. Public newsgroups (Usenet). If you post a message to the newsgroups, never write your real email address since the message will become a permanent public record and there's no way to get rid of your email address once it has been posted. Some people try to thwart the spammers' robots by writing their email address in words, like "john at yahoo dot com", however the spam robots are smart enough to decode that. Also some people use something like "[EMAIL PROTECTED]" or "[EMAIL PROTECTED]" but again, the robots usually decode those as well. If you want to post an email address on the newsgroups, do something that requires a human brain to decode an email address. For example, you could do "my .com email is john876 followed by aol" or maybe "replace xxx with 800 + 70 + 6: [EMAIL PROTECTED]". Websites. If you have a personal website with your email address on it, the robots used by spammers may find it, especially if you use a "mailto:"; href link. Message boards some email mailing lists that are run poorly, by publishing participients' emails on the web, such as fsck.com. When you participate in an email mailing list, you may not be aware that all messages you write can be made public on the web. It is perfectly legal for mailing list managers to publish all received email to the public without telling you. This is bad because people may find their personal information compromised when they thought a personal email to a small group of people would be private. Public whois domain name databases. These typically generate the most spam. If you register a domain name, the email address of the owner is made public to everyone. Spammers know that a valid email address is required on that list, so they spam those addresses like mad. Guessing. A robot can be used to guess email addresses out of common names. For example, a spammer might try [EMAIL PROTECTED] in the hopes of finding a valid email address. To learn how to fight back against spam, you must first understand how to distinguish between real and fake "Received" headers. Here is an example. Let's assume your email server is "hot-deals.org", let's look at an example of spam message headers: Date: Wed, 31 Jul 2002 20:18:43 -0400 Received: from nobody ([205.188.156.51]) by hot-deals.org with esmtp (Exim 3.35 #2) id 15fa3u-0004ah-00 for [EMAIL PROTECTED]; Wed, 31 Jul 2002 20:18:42 -0400 Received: from yahoo.com ([64.58.76.177]) by rly-ip06.mx.aol.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id QBB5J982 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Win a million dollars, just for responding to this message Just click this link below to be entered in the Yahoo.com million-dollar-giveaway contest. http://202.101.163.34/yahoo-entry to be removed from our mailing list, just respond to this message with the word REMOVE in the subject line. In this example, only the top "Received" header is the real one, the other one is fake - made up by the spammer. Look for the "Received" headers that were created by your mail server, because that is the only one which cannot be faked. In this example, I know that my mail server is "hot-deals.org" so that is the only line that I trust. The IP address (shown in red) is the true IP address of the spammer, and that cannot be falsified. The second "Received" header was crafted by the spammer to make the message appear to have originated from Yahoo.com. The best way to get rid of spam is to either notify the spammer's ISP's, or to submit a copy of the spam on SpamCop.net. If you do it yourself, Go to ws.arin.net/cgi-bin/whois.pl and look up the IP address of the real "Received" header. In this example, do a whois on 205.188.156.51. That tells which ISP owns the IP address, in this case it's aol.com. Most ISP's use "abuse@ISP" for reporting spam, so in this example we would send email to "[EMAIL PROTECTED]" notifying them their IP is being used for spam, and forward them a copy of the message with full headers. We can do the same thing to the ISP of the site they are advertising, in this example it is the 202.101.163.34 shown in blue. If you submit a spam report through SpamCop.net, they will do that work for you. The best way to get rid of spam is to cut them off the Internet. ISP's are required to take spam complaints very seriously. ________________________________________________________ Current Ver: 1.61 FAQ : http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
