Skyway West Spam Resources
In order to help our clients deal with and understand Spam, we have written a number of documents and posted them here. If you have questions about Spam, we hope this site will answer them.
- General Spam Information
- How Internet E-mail Works
- Spam Types and Characteristics of Spam
- Determining Who Owns a System and Their Contact Addresses
- Complaining Effectively
- Ways to Minimize the Spam You and Your Users Receive
- Ways to Fight All Spam
- What Skyway West is Doing to Fight Spam
- Your mail server is sending Spam
General Spam Information
How Internet E-mail Works
In order to identify the source of the Spam in your mailbox and be able to complain effectively about it, you need to have a basic understanding of how E-mail works.
- How Internet E-mail Systems send E-mail
- The structure of an E-mail message
- Viewing all headers in your E-mail client
Spam Types and Characteristics of Spam
There are different classes of Spam. Reading headers and complaining effectively requires different techniques depending on how the Spam was sent to you and what type of organization sent it to you. Each class of Spam has distinguishing characteristics which we will discuss. Naturally there are exceptions, but these should cover the vast majority of E-mail Spam you will receive.
These documents show some real spam and show you how to read the headers to figure out where the spam really came from and how it got to you.
- Botnet Spam
- Webmail Spam
- Open Proxy Spam
- Open Relay Spam
- Spam via an ISPs Mail Server
- Corporate Spam
Figuring out Who Owns a System and Their Contact Addresses
In the above section, we out learned to figure out the TCP/IP addresses of the sender of the Spam, the Open Relay if one was used, and we may also have found some web site URLs and one or more E-mail drop boxes.
Several utilities exist to help figure out who is responsible for these addresses.
Note that these are UNIX utilities, and the examples demonstrate them being used on a GNU/Linux system. Windows systems include a traceroute utility, called tracert. They do not include whois utilities by default. If you run Windows, third-party alternatives can be located, or you may wish to use online tools such as those located at Sam Spade. You should read these pages and learn what the UNIX utilities will show, if only to learn what the Windows or online versions are simulating.
- Important information from Spam message bodies
- Deciphering munged numeric URLs
- Using traceroute
- Using whois for TCP/IP addresses
- Using whois for Domain Names
- Abuse.net contacts
The point of learning to read Spam and decipher the headers, and locate the owners of the machines involved, is to complain! Complaining is the best way you can make your voice heard to the people involved in polluting the Internet with Spam. Complaining is one of the ways to get spammers kicked off their ISP. If complaining doesn't work, there are some other ways to get an ISPs notice, but they usually require you to be the system administrator of your mail servers or Internet firewall. Complaining can, in some cases, also convince the spammers themselves that they should stop.
A few rules that should apply to any of your complaints.
- Be aware that you will definitely someday make a mistake in reading the headers of a Spam . Always say "I believe", or "these headers seem to show", instead of accusing people.
- Always try to figure out who the spammer is, and try not to complain directly to the spammer (unless they appear to be a legitimate business). Complaining to "bulkmailshop.com" will not accomplish anything, and might invite a Denial of Service attack from the spammer.
- Be polite, use correct spelling and grammar, as you would with any business communication. Most of the people you contact hate Spam as much as or more than you do. Even when they work for an ISP who is soft on Spam, the people on the front lines who read your E-mail are not the people who make those decisions. No amount of swearing will expedite action regarding your abuse complaint.
- Never make threats of violence or threaten to do anything illegal. Refusing E-mail or other network traffic from someone is not illegal.
- Always forward the full headers and body of the Spam you receive to anyone you are complaining to. The recipient must be able to correlate those headers to their logs, and other complaints, to take effective action.
- Include the output from traceroute and whois in your complaints, where appropriate.
- Always state at the top of the message the reason you are sending a particular complaint to a particular recipient. The recipient is probably busy reading complaints - any help you can give them will save time and make it more likely they will act on your complaint.
- Remember which lists you did sign up for; don't complain about E-mail that isn't really Spam.
Who to complain to and what to tell them:
- Complain to the ISP the Spam was sent from
- Complain to the Open Relay operator and their ISP
- Report Open Relays to Blocking Lists
- Complain to the ISP hosting any Spamvertised web sites
- Complain to the ISP hosting any click-through, indirectly Spamvertised web sites
- Complain to ISPs hosting drop-boxes
- Complain to the Spammer's toll-free number
- Report illegal or fraudulent spams to police and regulatory bodies
- Complain to ISPs hosting sites that sell SpamWare or E-mail address lists
- Use SpamCop to do the complaining for you
- Have realistic expectations
Ways to Minimize the Spam You and Your Users Receive
Some of the following techniques are useful for end-users, others require that you administer the E-mail or web servers for your company. You might point your system administrator or consultant to these resources.
- Don't give out your E-mail address
- Don't use an HTML-aware E-mail client
- Don't post your E-mail address on web sites
- Don't post to USENET with your real E-mail address
- Block web scrapers from your web server
- Filter Spam at your MUA
- Block Botnet Spam
- Block Spam Sources
- Block Mail from Unresolvable Domains
- Use your Firewall
Ways to Fight All Spam
It might not be practical for you to implement these techniques. However, if you have the time and are able to do it, please do. The only way to effectively fight Spam long term is to make it as painful and unprofitable as possible for spammers and those that support them to stay in business.
- Block Spam Sources
- Firewall ISPs that refuse to stop spammers and the people who help them
- Boycott corporations who spam you - and make sure they know it
- Firewall corporations who spam you
- Boycott ISPs who knowingly house spammers or let their customers run Open Relays
- Handling collateral damage from filtering
- Educate people
What Skyway West is Doing to Fight Spam
- Blocking Incoming Spam
- Making Sure Clients Don't Run Open Relays
- Forbid Sending Spam or any other Spam-related activity
Your Mail server is sending spam
Copyright 2002-2004, Skyway West. All Rights Reserved.
Please send corrections or suggestions for improvements in this page to firstname.lastname@example.org.