> Articles >
To Deal With Spam: Part 1 | Part
Contributor: Andrew Ward
highly informative extended article discusses the
world of Spam (unsolicited email), and provides advice
about how to counter it.
Although spam causes problems to network infrastructure,
perhaps the biggest nuisance it causes to an organisation
is the effect on users. Spam wastes employee time,
and not just because of the time taken to read the
headers and then delete them. Although many spammers
are extremely stupid, as evidenced by the illiterate
nature of most spam, some do make a crude attempt
to make messages appear to come from someone known
to the recipient, and this can trap busy or unwary
users into paying them more attention than they deserve.
Furthermore, users may go so far as to click on the
links advertised in some spam messages, causing yet
further distraction, wasted time, and even the downloading
of offensive or illegal material.
Spam And The Law
There is considerable international variation in the
laws relating to spam, but it is very unlikely that
any spam is ever legal. If there is no specific anti-spam
law within a country or state, then spam will almost
certainly fall foul both of any computer misuse (anti-hacking)
legislation as well as any data protection legislation
that might be in force.
Regardless of the law of the land, Internet service
providers usually have a contract term that specifically
prohibits the sending of spam. Any Internet user sending
unsolicited commercial email therefore is in breach
of contract and may have their account terminated.
This does in fact happen, although some spammers will
simply immediately open a new dial up account, usually
using stolen credit card numbers. Fortunately, there
are ways to protect against even this tactic.
There are many ways in which an organisation can cut
down the amount of spam
it receives, as follows:
Educate users to avoid
actions that might encourage spam.
Report spam so that spammers
and their web sites are shut down.
Prevent systems being
used by spammers within or outside the organisation.
Subscribe to a service
that helps the organisation control the amount of
Subscribe to a service
that filters email and removes spam.
Install filters that
spam is generated through careless user behaviour.
Users need to be educated about the various actions
that can easily generate spam, and perhaps the company’s
acceptable use policy should be modified to include
dissuasion of spam-friendly activity.
Users should not post messages in any forum that spammers
might see. This
includes Web bulletin boards, Usenet newsgroups, chatrooms
and virtually every Internet-based communications
environment except email itself. If users do need
to use Usenet or similar forums for their work, they
can corrupt their email address in such away that
a genuine user, but not an automated spam email address
harvester, can understand and correct. For example,
change firstname.lastname@example.org to andrewREMO.VEward@itp-journals.com.
Alternatively and additionally, users can post messages
in such environments using a different email address
- for example, one from a free Web-based service such
as hotmail - where the vast volumes of spam generated
won’t interfere with their daily work or the
It’s also a good idea to keep watch on what
users are doing. How to do this depends on what monitoring
capabilities there are within the elements of network
infrastructure already in place. Some firewalls can
monitor and log user activity, as can Novell Border
Manager. Otherwise, add-on products such as eTrust
from Computer Associates (http://www.ca.com)
can do the job. It may be worth going even further
and physically preventing certain activities - such
as Usenet postings - using filtering tools or the
capabilities within firewalls.
thing that users should never, ever do is to respond
in any way to a spam message. Replying to the message,
or replying to any address that might be listed within
the message for being removed from the mailing list,
simply tells the spammer that the address used is
live and active. The result - a lot more spam, both
from the original spammer and from anyone to whom
he sells the list.
Furthermore, even clicking on a link within a spam
message can tell the spammer who responded and when.
People who respond are immensely valuable to spammers,
since of course most people just delete these illegal
How do spammers achieve this? Careful inspection of
spam messages reveals that some contain hyperlinks
with complex URLs. Encoded into these is the user’s
email address, or a reference to it within the spammer’s
When registering on Web sites, explain to your users
that they must take the utmost care to only register
with legitimate, recognised businesses and to avoid
any guestbooks, free memberships and other dubious
sites that request email addresses. Even with legitimate
sites, users should be careful to read any small print
about junk mail, and either check or uncheck boxes
as appropriate to opt out of any follow-up email.
Often the same registration form will contain more
than one checkbox, with some requiring the box to
be checked and others unchecked.
Some sites don’t offer these options at registration
time at all, but include registrants on mailing lists
automatically. It’s necessary to revisit the
site and amend user preferences to opt out of junk
Both the organisation itself and individual users
should be wary about publishing email addresses on
Web sites. If possible, publish forms that people
can use to send enquiries instead, so no email address
is visible to automatic address harvesters. However,
recent activities by spammers have even included posting
messages onto forms rather than sending email.
Whatever procedures and systems are put in place,
it’s almost inevitable that some spam will get
through to users, so guidelines should deal with this
eventuality. Ideally, messages should be forwarded
to the network administrator and then deleted but
the tendency of many mail clients to remove full headers
means that users need to go to some trouble to forward
messages correctly, which may be unworkable. Full
headers are necessary if the spam is to be reported,
or the sender and/or sending domain are to be added
to filtering rules.
Any spam received should be reported to the sender’s
ISP, the owner of the mail relay used (which may be
a different organisation), and the ISP of any web
sites and email addresses referenced within the spam
- unless they are spoof addresses, of course. There
are many resources on the Internet that explain how
to read and understand message headers in order to
be able to report the spam to the appropriate authorities.
To Deal With Spam: Part 1 | Part
article by Andrew Ward first appeared as a
guide at Tech Support Alert. In addition to
a well respected computer technology bi-monthly
newsletter, Ian 'Gizmo' Richards, editor of
provides many useful guides on his site that
delve into many technical issues relating
If you observe inaccuracies in our in-house
contributions or wish to contribute an article
or review to be included at AbleStable®
Although our contents are free to browse,
copyright resides with the originators of
all works accessed at AbleStable®, and
unauthorised copying or publication of our
site contents is strictly prohibited. To use
our specially selected premium content go
Syndication and Licensing.
AbleStable © 2002-2007
Material: AbleStable © 2002-2007