Email Spam Protection

March 11, 2008

Ross Ross Gerring

Itomic’s Anti-Spam Policies and Advice

BBC News, 27 July 2006
“More than 95% of e-mail is junk, be it spam, error messages or viruses, report mail monitoring firms. Analysis of the contents of millions of e-mails has revealed that less than 4% is legitimate traffic.”

http://news.bbc.co.uk/2/hi/technology/5219554.stm

Spam/Anti-Spam Basics

  1. If you have an email address you will, sooner or later, receive spam. It’s a question of ‘when’, not ‘if’.
  2. There is no 100% effective anti-spam solution (and probably never will be).
  3. Multiple anti-spam solutions are available, some better than others. Some are free, some are fee-based. Some operate on your mail server (protecting lots of people) some operate on your PC (protecting just you). Some solutions allow you to personally ‘train’ them over time so that they get better at determining what is or isn’t spam according to your own individual preferences; others do not allow you to train them.
  4. Typically a combination of solutions is used to reduce the volume of spam ending up in your inbox.
  5. There is no ‘one size fits all’ anti-spam solution. An anti-spam solution that works for one person / organisation is not necessarily optimal for another person / organisation.
  6. The more ‘aggressive’ your anti-spam protection:
    1. The less spam you will receive in your inbox
    2. The higher the chance of ‘false positives’ (email messages that are determined to be spam that are in fact not spam)

Please note that your local PC/network support person is the first and best person to consult in relation to implementing anti-spam solutions that are right for you. If Itomic hosts your email services (ask us if you’re not sure), then we’d be delighted to liaise directly with your technical support person in order to assist in recommending the most appropriate anti-spam solution for you and/or your organisation.

What does Itomic do to reduce spam hitting my inbox?

Itomic takes the following steps, automatically and by default, for all clients using our mail services:

  1. We scan all inbound email messages for viruses using ‘Clam AntiVirus’ (www.clamav.net). Any messages with viruses attached are automatically blocked from hitting your inbox. This indirectly reduces spam, because viruses are often attached to spam messages.
  2. We check all inbound email messages against ‘Real-time Blackhole Lists’ (see:http://en.wikipedia.org/wiki/DNSBL). All messages that are identified as coming from known spamming sources are automatically blocked. The lists we subscribe to are:
    1. dnsbl.njabl.org
    2. bl.spamcop.net
    3. sbl.spamhaus.org
    4. list.dsbl.org
    5. cbl.abuseat.org
    6. relays.ordb.org

    Note that we choose *not* to subscribe to more ‘aggressive’ anti-spam lists. If we did then our clients would receive less spam, but also a proportion of legitimate emails would get blocked (‘false positives’). We believe that, at the margin, our clients are better placed than us to decide what is or isn’t spam.

The following anti-spam services are *not* enabled by default, and may be enabled by our clients using their website’s Control Panel (cPanel) – please ask us if you’d like us to do this for you.

  1. Auto-Delete Spam using SpamAssassin (http://spamassassin.apache.org/). “SpamAssassin is an automated mail filter that uses a wide range of heuristic algorithms on email headers and message bodies to identify “SPAM” (unsolicited email). SpamAssassin is designed to identify and mark emails that score beyond your threshold value. An email’s SpamAssassin score is the sum of values given to certain known spam characteristics.” We recommend a threshold value of 5, where more than 5 is less aggressive (more spam, less chance of false positives) and less than 5 is more aggressive (less spam, higher risk of false positives). cPanel > Mail > SpamAssassin > Auto-Delete Spam
  2. Spam Box. “SpamBox will deliver any emails identified as spam by SpamAssassin into a separate mail folder named ‘spam’. This ‘spam’ folder will fill up and should be emptied regularly.” cPanel > Mail > SpamAssassin > Enable Spam Box

What can I do to better manage/minimise spam in my inbox?

Note that when you start receiving spam, it’s highly unlikely that you’ll be able to stop spam arriving in the future for that email address. In other words, don’t expect the spammers to ever remove your email address from their lists. So aside from changing your email address (which is often not practical), the best you can do is:

  1. Use software to automatically filter out the majority of spam from your inbox. You can expect a 95%-99% success rate (i.e. between 5% and 1% of incoming spam will still appear in your inbox despite the best effort of your anti-spam software solutions).
  2. Do things that will reduce the rate at which your email address gets added to the mailing list of more spammers.

Non-software things you should consider to manage/minimise spam in your inbox.

  1. Change your email address
  2. Remove your email address from public display on the Internet, e.g.
    1. Don’t display your email address on any websites, business or personal
    2. Don’t use your primary email address (or any email address, if possible) when filling in any forms online.
    3. Avoid supplying your email address to potentially disreputable parties who may share/sell your email address with/to others.
    4. Don’t reply to spam (which includes asking to be unsubscribed from the mailing list). Ever. This merely confirms to the spammer that email sent to your address is being read, and therefore worth sending more spam to. Not very nice people, are they?

Software things you should consider to manage/minimise spam in your inbox.

Please note that any software adjustments you make are at your own risk, and Itomic takes no responsibility for any errors that may occur. If you have any doubt about what you are doing, consult with your local PC/network support person.

  1. Upgrade your email software to the latest version. The latest version of your software will typically have the highest anti-spam protection services built-in. E.g. Outlook 2003 has more advanced built-in anti-spam technology than Outlook 2002.
  2. Familiarise yourself with your email software’s built-in anti-spam protection, and adjust it to the level that suits you.
  3. Use your email software’s built-in ‘filtering’ / ‘rules’ capabilities (see instructions for Outlook 2003 and Outlook Express in ‘Recommended Reading’ below). Add filters/rules that will automatically move incoming emails into a ‘spam’ folder (or whichever folder you choose) if they exhibit spam characteristics. Note that if ‘SpamAssassin’ (see above) is enabled on your mail server, then the subject line of all emails that SpamAssassin believes is spam will automatically include the phrase *SPAM**. Therefore you can add filters/rules that automatically move all incoming messages into a spam folder if the subject line of the message contains the phrase *SPAM*
  4. Consider installing a 3rd-party anti-spam ‘add-in’ or ‘filter’ program that complements (and sometimes integrates into) your email software. For Windows users, Itomic recommends and uses K9 spam filtering software. It’s slightly technical to setup, but it’s free, it’s highly effective, and works with all PC-based (*not* webmail) email software packages, e.g. Outlook/Express, Thunderbird, Eudora, etc. Visit http://keir.net/k9.html for more information.
  5. Consider installing a 3rd-party spam score plugin. Spamness is a free plugin for Mozilla Thunderbird that shows the SpamAssassin score for each email. This will help you to set your score level from CPanel.
  6. Ensure that your company domain name does not have a ‘catch-all’ or ‘default’ email address. Before spam became a real problem, it was commonplace to redirect all incoming message that did not match an actual email address into a ‘catch-all’ email address. Example: There are just two people in a company, bob@company.com and mary@company.com. A catch-all system might automatically redirect all incoming messages to bob@company.com that aren’t addressed to either bob@company.com or mary@company.com, e.g. info@company.com, spam@company.com, xyz123@company.com, etc. So the problem here is that spammers can send to absolutely anything …@company.com and Bob gets it all.
  7. Consider not using automatic ‘Out of Office’ replies (or similar) that automatically send replies to incoming messages. Reason: the bounced message confirms to the spammer that your email address exists. Also, automatic replies of this nature can sometimes cause a chain reaction of multiple emails being sent between your inbox and other mail servers. This can result in your email address looking like the source of spam and get you blacklisted as such.

Recommended Reading

Stopping E-mail Abuse
http://en.wikipedia.org/wiki/Stopping_e-mail_abuse

Outlook 2003 – Managing Messages by Using Rules
http://office.microsoft.com/en-us/assistance/CH063564671033.aspx

Controlling Junk Mail in Outlook Express
http://www.microsoft.com/windows/ie/community/columns/junkmail.mspx

Top Antispam Tips
http://www.pcmag.com/article2/0,4149,849443,00.asp

Top 10 Most Popular Anti-Spam Tips, Tricks and Secrets
http://email.about.com/od/spamfightingtips/tp/popular_tips.htm

Help Prevent Junk E-Mail Messages with Outlook 2003
http://www.microsoft.com/office/editions/prodinfo/junkmail.mspx

Help keep spam out of your inbox
http://www.microsoft.com/athome/security/email/fightspam.mspx

Anti-Spam-Tips
http://www.anti-spam-tips.com/

Spam Filter Review
http://spam-filter-review.toptenreviews.com/