Anti Spam Tips and Techniques

The Trouble With Trivials (email that is).
I was receiving approximately 50 or more trash emails per day, that is 90 to 99% of what was coming in. I decided to update all my friends and family on a few tips to reduce or eliminate spam and protect themselves from the clever methods used to get us to open a bad email that can contain viruses, ugly images or just plain junk. Update; I wrote this originally in 2004. It is now 2008 and by following my own advice I now typically get about 1 or 2 spam emails a year!
#1 Anti-Virus Protection Have an antivirus program running on your computer and keep it updated. There are several good programs Out there, I use Symantec's Norton AV* because at $30 OEM it is a great deal and affordable. Panda* has a good deal as well and if your company you work for uses Panda at your office then check to see if you can get in on the free home use they have offered to business clients. McAfee* was my preference until they bloated their software. They may have fixed that by now but I haven't been interested in checking into it. Features to look for are prompt and frequent updates to the virus definitions and check the web for reviews. #2 Don't Preview Email If you have a "Preview Window", as exists in Microsoft's Outlook* or Outlook Express, unless you are sure that it has been adequately patched to not automatically execute embedded programs, be sure to turn it off. Don't allow previewing anything. #3 Attachments* If there is an attachment and you don't recognize the sender or the subject JUST DELETE IT! If it isn't garbage they can send it again. #4 Gibberish If there is any amount of gibberish contained in what you see, DELETE IT. If it was valid it would be more coherent. These are attempts to get through SPAM blockers. #5 Filters Use filters, but be careful about how you set up your rules. Use the "allow list" and add your friends to it, especially if they like to kid around a bit. I automatically delete emails that talk about certain personal subjects and supplements. However, if the email is in my "accept or allow list" it will get through for added scrutiny of the other rules here. #6 Recognition Recognition If you recognize the address but the subject is odd or it has an attachment that seems strange you might want to consider just deleting it. A good precaution is to email the person and ask if they sent an email with attachment and get an affirmative reply before opening it. I mean just to VIEW the email NOT the attachment. An attached file can be triggered sometimes just by viewing the email. #7 Hoaxes Hoaxes are SPAM propagated by unsuspecting friends and family. These are stories, reports, chain mail that are designed to incite you to some action, generally to forward the email to as many friends as possible. Please, if you are genuinely concerned with the subject, select some of the text of the subject and paste it into Google* and do a search. Often, if not every time, you will find links to pages that describe the hoax and even give some interesting history about it. #8 Keep Your Email Addresses Virgin Once your address is picked up by a spam list it's virginity is gone forever. It will NEVER be untouched again. How is that possible you ask? USE ALIASES religiously! (As if that means anything anymore.) Most email providers also provide aliases and often even though you only get a handful of addresses they'll give you unlimited aliases. Okay, you say, now what is an alias? An email alias is an email address that doesn't really exists but really sends the messages to another real address. For instance your real account could be mikey@adomain.com, which you use to login and send and receive your email but you give out an address like nospam@adomain.com or shoponline@adomain.com both send to your mikey@adomain.com account. If you start getting junk on nospam@adomain.com just delete the alias. This begs more information on ideas for aliases but once you get the hang of it you'll appreciate the option. Nuff said, less is more. #9 Email addresses are like underwear! Because of #8 you should dump your address from time to time. This is easy if you have been using aliases. However, things happen and sometimes the real account gets out there. Like someone sends you a eCard to your real address. Whoops, party's over! Give enough cross over time to put the new address out to those you care to have it then delete the old account. I mean delete it from the server it was on or the service it is with. That is just a courtesy to the service provider as it will bounce the messages, hopefully but doubtfully, back to the originating server. Continued at the top of next column...	Most of the time the designated original server has been SPOOFed and is not really the one to blame. If you own a domain name the address becomes available to the public and gets passed around fast. I have switched to GoDaddy* for registration not just because they are inexpensive but have an easy to use Control Panel so I can change my registrar information easily and quickly. I understand Verisign* has done something similar. #10 Use a contact page. If you own a website you can create a contact page that sends email to that real account. THIS DOES NOT MEAN THAT YOU SHOULD DISPLAY YOUR REAL ADDRESS THERE! No! You want a contact page where the person can select YOU as the person they want to contact and the page then deciphers the correct address to send the message to in the background. Like our contact page. NEVER DISPLAY or LINK YOUR EMAIL ADDRESS ON A WEB PAGE! That is just asking for spam. Spammers use spiders, like Google and Yahoo to gather unsuspecting email addresses just lying around on the web. If you MUST display it do it with a graphic. Other Suggestions: A word about "Passwords." Keep a password file that is itself password protected, even encrypted would be better, that contains all the places, user names and associated passwords so you know where to go to update with new addresses. I suggest you not call it password.doc but taking a tip from the garbage mailers, I'd call it "When I forget something.doc" or other cleverness unique to you. The more protection you need the more clever you need to get. Like using the same syllables and leaving one out in the password file, so that in case someone does manage to get a hold of it even then it is incomplete. If you don't care if someone gets your personal information then just ignore me. Most Importantly Find a way of making a complex but easily memorable password. Complex meaning no simple words found in the dictionary. My server logs are full of "Attempted Logins" using simple words for passwords and all the possible user names. Use letters, punctuation marks and numbers, even mixed upper and lower cases on the letters in odd places. For example, "L@@k@Me" or "me&myC0w" that is a zero in cow, and "b1With#7". A Cheap and Usually Free Firewall If you have DSL or Wireless, see how many NATs you can get behind. NAT is Network Address Translation, meaning that the IP (Internet Protocol) address that is exposed to the public is changed on the inside of your Internet connection by the DSL modem or WiFi Antenna or a Hub or Switch (if you have one you recognize the terms). If you have it why not use it. Firewalls Firewalls can be tedious and hard to understand but I have seen one by McAfee that does a pretty good job. This is just another step in protection and only deemed necessary by you depending on your assessment of sensitivity of data and vulnerability to attack. Opting out may not help. About Remove-Me Links Often at the bottom of these bogus emails there is a link that might actually take you to a page or allow a reply to remove you from their list. However, even if it does work the worst of these offenders will simply use your response as an acknowledgement that it is a valid and live address. If you find the link goes to a rather reputable looking page it is worth giving it a try. SPAM Blockers There are programs that have very good SPAM blocking algorithms and do a good job. One popular title I have seen is "iHateSpam" by Sunbelt software. More Info Google spam tips and check the references like About.com's tips.
* Trademarks are respective of the manufacturers. None of the products mentioned here are an endorsement by Formula 4 Success, Inc. nor an advertisement for them either. Please make your own informed decisions. Disclaimer: we do not guarantee any protection and do not assume any liability for damages or losses to the reader for any actions or events as a result of following or ignoring the information contained on this website. Please make your own informed decisions.
Last Updated: 8/8/2008