Back

STOP SPAMMERS AND ZEALOUS E-FORWARDERS
copyright © 2001-2008 by Robert Hosken

(See the link at the end of this article to download it in eBook format.)

How can we stop that annoying flood of "spam"? More and more often I receive "vital alert" email messages from friends or total strangers and usually CC'd to a large number of recipients, which encourage forwarding to many others for one reason or another, or unsolicited emails from spammers, utterly disgusting porno emails, or viagra advertisements. This is sometimes done with the noblest of motives, the sender being persuaded that the forwarded material will be vitally helpful. The first rule is this: DON'T forward email messages to people who haven't requested them.   The term "spam" means any email sent to groups of people who did not request receiving such messages. Likewise, "scam" email is also an unsolicited message, but in addition includes an attempt to get money from you. When you receive an unsolicited email message from an unknown source, never respond to it, or click on a website linked to in it and input personal info, or attempt to buy anything there.

Below you'll find some programs I've tested that can help you control spam. But what can you as just one person (not a program) do about the growing problem of spam? Let's say a friend on your whitelist sends you a "vital alert" message, urging you to forward his e-mail to "everyone in your address book." When investigated, more often than not they turn out to be erroneous "urban legends," -- hoaxes, or sometimes even dangerous because they urge you to delete a "virus" in your computer that is actually a part of the Windows operating system! Don't do what they urge you to do.

Once you forward an e-mail to "everyone in your address book" (as many such messages urge you to do), the problem rapidly compounds as the forwards increase in number exponentially, and Internet traffic becomes needlessly cluttered, eventually saturated, with useless or erroneous stuff. It's estimated that 80% (and growing!) of all e-mail traffic on the Internet consists of hoaxes, spams and scams. To the recipient, the three differ very little: all are unwanted intrusions, often designed to deceive.

To avoid duping and embarrassing friends, making them unwitting participants in hoaxes, spams or scams, or making you look foolish when they check out questionable e-mails and tell you it was a hoax, spam or scam, it pays you to always check the authenticity of such messages before forwarding anything. It only takes a few minutes. Go to:

http://www.snopes.com/ (Urban Legends),
http://www.symantec.com/avcenter/hoax.html,
http://http://www.truthorfiction.com/,
http://vil.mcafee.com/hoax.asp?, or
http://worldwidescam.com/

...and look up the supposed virus. If your friend has unknowingly forwarded a hoax, send the info from one of these sites *only* to the person who sent you the phony "virus warning" email, encouraging him to send that info to everyone he sent the hoax to and apologize for misinforming them. Spreading false or unconfirmed rumors is an un-Christian thing to do.

Even when forwarded material is authentic, another violation often occurs: the copyright notice is often left off! Recipients who forward the material themselves become copyright lawbreakers, often without realizing it. Not seeing a notice, the issue of copyright does not occur to mind and, once again, violations of copyright law compound exponentially. Even if material doesn't contain an explicit copyright notice, the new copyright law states that the author possesses a "natural copyright" to his work, and it is unlawful to copy it without the author's explicit, written permission. So the rule is: unless the author gives written permission for you to copy and pass something along, don't do it! However, you have my explicit permission to send the link to this message or download the whole message (see below) and send it to your friends who have sent you hoaxes, scams or spams.

If you feel you really must take further action against spammers, then instead of going to their websites or sending an email to unsubscribe from their lists (this just confirms that they have a valid address, which they may then sell to other spammers), send the "extended" header of their spam email message to: http://spam.abuse.net/userhelp/howtocomplain.shtml - let them go after the spammer. SpamCop (http://www.spamcop.net) adds spammer addresses to blacklist and sends email to spammers' ISPs on your behalf. You can report spam messages and get tools for tracking spammers at SpamAbuse (http://www.spamabuse.org). Another website where you can find useful information on how to stop junk email is Junkbusters: http://www.junkbusters.com/junkemail.html -they have links to lots of other related sites too.

Now let's look at various types of programs that can help stem this flood. I've investigated dozens and tried out several, and listed below are what I think are the best of the bunch. Then let's see what you as an individual can do to stop spam.

Outlook 2003 and 2007 have the ability to "whitelist" and "blacklist" email addresses, and you can also download just the headers so that you can look at the sender and subject line, which lets you decide to either delete or download the whole message. In addition, many webmail servers such as Google's Gmail provide pretty good spam filters that automatically place into an online "Spam" folder any messages that look like spam. But there's always the chance of a "false positive," so you should check your online "Spam" folder once or twice a week to see if there's any good email there, move them to your "Inbox" and delete the rest, or let Gmail automatically delete messages in your online "Spam" folder after 30 days.

One good way to effectively block spam is SpamArrest, with a free "Light" version and a "Pro" version. It is a web-based service, not a program you download. To use either the Light or Pro version, first you get a new, "private" email address from SpamArrest and you let them collect all your incoming emails to your old address. Next, you upload your known senders' email addresses to the SpamArrest server, or you OK good incoming messages. This forms the "whitelist" of people whose emails will automatically be forwarded to you. Then SpamArrest sends a message to all other email senders "challenging" them to click on a special link to your account at the SpamArrest website before their mail will be delivered to your "private" email address. Once they have clicked on that link, all further mail from those people will automatically be approved for delivery to your inbox. Since spammers send out thousands or tens of thousands of email messages at a time, they aren't going to bother about this process of getting approval to email you -- you'll never see their emails.

Because SpamArrest is web-based, you can access your email from any Internet cafe or library with Internet access, as well as from your POP3 email program on your own computer. This way of handling spams and scams is very automatic for you, the receiver. It puts the burden on unknown senders to verify themselves. But this may be confusing or annoying to some people writing you, so they don't go to the link provided, and thus you may not receive some messages that you wanted. And although I might feel comfortable storing my regular email ID and password on another server, I'd feel rather uneasy about placing the ID and password to my SSL-secured account there. But SpamArrest may work well for your needs.

My favorite program that helps you get rid of junk email is Mailwasher Pro, free for a 30-day trial period. You can get the old 2002 shareware version free HERE. In my opinion it's the best of the dozens of such programs I've looked at, so I purchased a license and used it every day. (Now I use Gmail's spam filters.) It helped me eliminate about 75% of my incoming email. In contrast to SpamArrest, Mailwasher puts the responsibility on you, the receiver, to verify what emails you want to receive: you run MailWasher on your computer, but it doesn't download your email. You can look at the sender and subject line of unidentified messages while they are still on your email server, delete the junk and virus email and then download only your good email. This is essentially what Outlook 2003 and 2007 now let you do.

This lets you see the message size, sender's email address and subject line, but Mailwasher also lets you preview your email by clicking on the subject line while the messages are still on the server, without downloading them. If it's a hoax, scam, spam, virus or just plain junk, you can just delete them from the server; or "delete-bounce-blacklist" them: bouncing a message back makes it appear to the sender that your e-mail address doesn't even exist. And presto! -- their automated software may remove your address from their junk mailing list. The "blacklist" option in Mailwasher flags any future messages from that sender. Then you use your regular email program to download the remaining, good messages. The Pro version accesses online databases of known spammers to flag incoming junk mail, and it has a filtering system that you can set up. It will also let you check messages on SSL-secured email accounts without your having to give up the password to your secure accounts.

These first two approaches deal with undesirable email messages before they ever get into your computer. I like the idea of not letting that nasty stuff into my PC in the first place. But this forces you to take some extra time on the Internet. For people with dialup access, that ties up the phone line and can be costly if you pay by the minute. What about programs that let you just dialup, connect to the Internet, download your email and disconnect?

In contrast to SpamArrest and Mailwasher that check incoming email before you download it to your computer, SpamWeed (14-day free trial) downloads the incoming messages into its own folders in your Program Files, then you run SpamWeed to sort out the junk and add good incoming messages to your "whitelist." Like Qurb below, it builds an initial "whitelist" from your existing addresses. But like SpamArrest and Mailwasher, it also uses filters to identify known spammers, and it also filters by various porno-, scam- or spam-related words. After downloading and sorting email with SpamWeed, you use your regular email client to read and reply to messages. It adds a little toolbar (like Qurb does) to your Outlook or Outlook Express program. It can be used with other POP3 email clients such as Eudora and Incredimail, and also works with Hotmail/MSN. SpamWeed offers either a perpetual license with one month of support, or an unlimited support subscription for 1-year, 2 years or 3 years. It doesn't handle SSL-secured email accounts.

Qurb (30-day free trial) is a a bit more relaxed way to curb spam and scams. It integrates into your Outlook or Outlook Express email program and builds an initial "whitelist" using your email address book and the FROM: addresses in your messages. When you dialup and download your email, it passes these good messages into your inbox, quarantines unidentified incoming messages in a special "Qurb" email folder and lets you click buttons on its little toolbar in Outlook or OE to "approve" or "block" them. You can also optionally have it send a "challenge" email to unknown senders. Because it integrates completely into Outlook or OE, you can set up filters in those programs to filter out messages containing forbidden words. It will handle incoming email from SSL-secured accounts. It's probably the easiest to use: you simply use your trusty old email program, just a few new buttons to click.

So we have here two programs that use built-in filters, one (Mailwasher) that lets you set up your own filters, and one (Qurb) that doesn't use any filters. Why? Some people believe that filters run the risk of a "false positive" -- labelling an email as spam because it contains the word "click" or has a few too many exclamation marks -- and that's worse than letting a few unwanted emails in. What if you wrote, "Happy Birthday to you!!!" to your child or grandchild, and they never got the message? Or what if you wrote, "Please click on this link..." in an important communication to a client or business associate, and their spam blocker deleted the message?

It should be mentioned that the old Netscape browser and email program have been revived as open-source programs called "Firefox" and "Thunderbird" (www.mozilla.com). The Firefox browser has tabbed windows so you can have several open at once, and a built-in Google search and optional popup blocker. (The new Google toolbar add-in for Internet Explorer and Windows XP Service Pack 2 both have popup blockers.) The Thunderbird email client has filters that you can train to block unwanted email messages. I've downloaded and installed these free programs, and the email client imported all my Outlook contacts -- except the "Categories" information! Because I use Categories extensively and didn't want to manually go through my 3,000+ Outlook contacts to input each Category code into Thunderbird, I've continued using Outlook. But these new programs (they also have Sunbird, a free calendar / to-do list program) may be just the thing for you.

Just as an aside, why do we blame popups for bad advertisements? Do we outlaw internal combustion engines because bank robbers often use automobiles? Neither should we ban popups: they often serve a legitimate purpose. And why do we blame Internet Explorer and Outlook / Outlook Express because evil programmers write viruses to exploit the flaws in those programs? As a 30-year veteran software developer, I know from bitter personal experience that all programs contain bugs: it's part of original sin! Many years ago I used Netscape all the time because it was better, but then Internet Explorer and Outlook / Outlook Express got up to speed and became better, so I switched. Do we blame F.D.R. or G.W.B. because they led a great country, and evil people wanted to destroy that country, so F.D.R. and G.W.B. fought back? Neither should we blame Internet Explorer and Outlook / Outlook Express for being the best and therefore becoming the biggest targets. The bad guys don't write viruses for the abacus or the Commodore-64, and not many for the Mac either.

So to conclude, find a way to filter your own incoming email messages, be nice to others by not forwarding e-mails that you haven't personally checked out to be true, and to be freely available for forwarding. By not participating in hoaxes, spams and scams, you're being nice to others, and you're being nice to yourself, because you'll keep the trust of your friends.

Robert Hosken, author of
"Stop-Spam", part of "Computer Security."
You can also click here to download this article (it's included in my free Computer Security eBook).

Back