Spam FAQ
This page provides answers to frequently asked questions about spam and PEP. I got spam that claims to come from my own address! Has my account been compromised?No. Keep in mind that most e-mail headers are easily forged and may contain anything at all. Spammers use a variety of techniques to confuse recipients, presumably in an effort to minimize complaints. One such technique is to send their junk with headers that make it look like it came from the recipient.
Refer to the SMTP Tutorial for details on how they do this.
I got spam that comes from another user on Islandnet.com. Why won't you delete their account?If the spam truely does come from one of our customers, then we usually do end up terminating their account. However, most reported spam like this does not actually come from the customer.Similar to spam that appears to come from your own address, you will often get spam that appears to come from another user at the same domain that you're using. This is yet another spammer technique to try and cover their tracks. In this case they are sending a message to a group of people at a given ISP or domain, and they pick one of those recipients at random and make the message appear as if it came from them.
Refer to the SMTP Tutorial for details on how they do this.
But my friend on another ISP also got the same spam from the same customer of yours. How do you explain that?It's not uncommon for spammers to forge a single sender address on all the spam they send. This causes any bounced messages and complaints go back to that person instead of the spammer. Sometimes the address is selected at random, but often it's a revenge tactic to get back at someone who complained about an earlier spam. This practice is known as a "Joe Job".I got spam that has a list of other Islandnet.com addresses in the headers. Did you sell our addresses?No. We have never given, traded, or sold our customer list to anyone and we never will.Some e-mail programs will sort the recipient list based on the domain name. This can speed things up because multiple messages are sent over the same connection to the recipient's server. Long lists are also frequently broken into smaller chunks for various reasons. The end result can be that you get a spam that contains a short list of other addresses at the same domain, which can look like the spammer is targetting a particular ISP when he's not.
How do the spammer's get my address then?Spammers build their lists in many ways:
- Perhaps the most common method is to harvest email addresses from web sites, newsgroup postings, mailing list archives, guestbooks, forums, domain name registrations, etc. Software to do this is readily available and trivial to write.
- Another popular method is called a dictionary attack. This works by combining each word and name in a list of words (like a spell checker dictionary) with a list of domain names.
- Similar to the previous technique, spammers will take a list of harvested addresses and substitute different domain names to get a whole new set of addresses.
- Some spammers will even resort to combining domains with randomly generated usernames.
- Some otherwise legitimate companies will sell your contact info to other outfits. Don't be surprised if you receive spam at an address that you've never used for anything except purchasing from certain online retailers.
The sad fact is that virtually no e-mail address is safe from spam.
I signed up for an account on another ISP and it hardly gets any spam at all. Why?Usually when we hear this they are talking about a brand new account. In that case it should be rather obvious that a brand new account normally won't get any spam because it hasn't made it on to any spam lists yet. It will eventually, there's nothing any ISP can do to prevent that.But sometimes we hear the opposite. A person gets an account on another ISP and it immediately gets more spam than their current account. This is also an unfair comparison - the most likely explanation is that your new account used to belong to someone else a long time ago.
Both scenarios are possible regardless of which ISPs you use.
Can't you block the spam at the mail server?Some ISPs implement global spam filters that apply to all their customers. While this can certainly reduce the amount of spam you get, there are a lot of problems with that method:
- What is spam to one person may not be spam to another. Consider the mailing lists run by Topica.com. To most people their mailings are spam because they never asked to be on the their lists in the first place. Yet many people do sign up for their lists. An ISP that blocks mail from Topica would be doing many customers a favour, while blocking wanted e-mail for many others.
- Most spam filters are work by blocking e-mail based on the IP address or domain name that the message comes from. For example, some ISPs have been known to block all e-mail that comes from Chinese or Korean servers. While that certainly cuts out a lot of spam, it's a pretty broad filter that will definitely stop legitimate mail sooner or later. Another example: a lot of spam would be blocked if we configured our mail servers to reject mail that comes from a hotmail.com address (even though most are forgeries). But blocking all mail claiming to be from Hotmail isn't a realistic option for a site-wide filter.
- Some ISPs use tools like SpamAssasin to analyze incoming mail and reject it if it scores higher than a certain amount. But who decides where that threshold should be? A number that works for one user will not necessarily work for all users.
When it comes to filtering e-mail, one size does not fit all. We feel that e-mail filtering is something that is best left to the individual and that it is generally not an ISP's place to do it. This is precisely the reason that we created PEP, which allows each customer to implement their own filters.
Having said that, there are certain circumstances where we will block an IP address, domain name, or a specific e-mail address due to abuse. The bottom line is that we reserve the right to protect our customers, employees, servers, and networks from abusive people. Our goal is to not block any legitimate mail however, so we'll usually remove a block if a customer asks us to.
I got a spam that contained removal/un-subscribe instructions, but they didn't work.We recommend that people neverfollow the instructions contained in spam. Most of the time they don't work at all, and when they appear to work it's more likely that you've just confirmed the validity of your address.So how do I get off these spammer's lists?More often than not the answer is, unfortunately, you don't. It's rare to get spam that contains legitimate removal instructions. It's even rarer to get spam that comes from a legitimate address.You really only have two realistic options. You can try to track down the spammer's ISP and have the spammer's accounts terminated and web sites shut down (which is perhaps the best thing in the long run, but it does take a lot of your time), or you can filter out the spam before it gets to your mailbox, which is what PEPis for.
I've seen "global remove lists" that say they'll get me taken off spammer lists. What about them?Avoid them like the plague. None of them actually work. Some are well intentioned, but many are flat out frauds that are just trying to collect addresses for spamming purposes.