Sidebar: Essential Spam-Fighting Rules
Although statistical filters are much better at catching spam than manual rules, there are a few cases where adding your own rules can help catch spam your built-in filters might otherwise miss. (For instructions, see “Get Organized.” )
Here are three rules that all spam-fighting warriors should have in their arsenals.
1. Look for Spam Headers Some ISPs insert a hidden header—most often the X-Spam-Flag header—into messages they suspect are spam. To view these headers in Mail, choose View: Message: Long Headers; in Entourage, choose View: Internet Headers.
Although Mail knows to use these headers to help filter your mail, Entourage doesn’t. But you can add this capability with the help of a new Entourage rule (Tools: Rules: New). Choose Specific Header from the first If pop-up menu, type
X-Spam-Flaginto the text field that follows, and then select Exists from the second pop-up menu. (If your ISP uses a different flag, enter that header in place of X-Spam-Flag.) Under the Then section, specify where such messages should be moved to.
2. Dump Suspicious Attachments Attached files with extensions such as .exe, .pif, .scr, .bat, .com, .lnk, or .js are often Windows viruses or spyware programs. They may not harm your Mac (unless you’re using Virtual PC), but they certainly won’t do you any good. Mail’s rules ignore attachments, but you can set up an Entourage rule to automatically remove these attachments from incoming messages to a POP account (IMAP accounts don’t offer this option).
In Entourage, create a new rule; then choose Attachment from the first If pop-up menu and Name Ends With from the second. Enter the first extension (
.exe, for example) and then click on Add Criterion and repeat the process for each extension you want to exclude. From the Execute pop-up menu, select If Any Criteria Are Met. In the Then section, choose Remove Attachments, add a second action, and choose Change Status from the first pop-up menu and Junk E-Mail from the second.
3. Stick to English Sometimes messages that use non-Latin character sets, such as those written in Russian or Chinese, trip up statistical spam filters. If you don’t read these languages, it’s a safe bet that such messages are spam. To identify these messages, you need a rule that looks at the messages’ Content-Type headers.
When creating this rule in Mail, choose Edit Header List from the If section. In the resulting dialog box, type
Content-Typein the Header field, click on Add Header, and then click on OK. Change the Edit Header List pop-up menu to Content-Type, select Contains from the middle menu, and then enter the appropriate header in the text field. (For Arabic, that’s
Windows-1256; for Chinese,
EUC-TW; for Japanese,
EUC-JP; for Korean,
EUC-KR; and for Russian,
In Entourage, your If statement should read as follows: Specific Header Content-Type Contains appropriate Content Type header .
Improve Eudora’s Spam IQ Like Mail and Entourage, Qualcomm’s Eudora 6 uses a statistical spam filter. You can use the Junk Threshold slider (Preferences:Junk Mail) to make the program less tolerant. To determine how low you should go, first open the Mailbox Display panel and activate the Junk option under the Columns heading. A new mail column will appear, showing each message’s assigned spam score. Note the scores of any spam Eudora misses and then adjust the Junk Threshold slider to catch them.—ADAM C. ENGST
Sidebar: Spammers Versus the Law
Everyone hates spam. It’s a drain on your time, bandwidth, and patience. E-mail filters can reduce the time you spend scrolling through your in-box every day, but they can only do so much—and they do nothing to reduce the amount of messages being sent.
But voter outcry has spurred lawmakers to try to find a solution. CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003) is the result of three years of work by Democratic senator Ron Wyden of Oregon and Republican senator Conrad Burns of Montana. The law, which took effect on January 1, 2004, prohibits many of the worst spam tactics, including the use of false or misleading header information. The law also requires that all commercial mail include a valid mailing address, a clear demarcation that the e-mail is an advertisement, and a way for recipients to opt out of future mailings.
So how does CAN-SPAM measure up so far?
“CAN-SPAM made a lot of things illegal that already were illegal, and increased the penalties for criminals who weren’t being caught anyway,” says Cindy Cohn, Legal Director of San Francisco’s Electronic Frontier Foundation, a group dedicated to protecting technology-related civil liberties.
Cohen points out that fraud and deceptive advertising practices are already crimes. For example, the Buffalo Spammer case, hailed by many as a victory in the war on spam, had nothing to do with CAN-SPAM. Last April, Howard Carmack was tried and convicted under New York’s identity-theft law for stealing the identity of two Buffalo-area residents and sending out hundreds of millions of spam messages in their names.
“Spam is a difficult problem to address through legislation,” says Cohen. The positive side of the new law, she admits, is that it “spurred law enforcement to go after these people.” So far, four of the largest ISPs (AOL, EarthLink, Microsoft, and Yahoo) have filed more than 200 lawsuits against alleged spammers. And in late June, the federal government charged an AOL employee under CAN-SPAM with stealing 92 million AOL e-mail addresses and selling them to spammers.
Under current law, only ISPs and the government can sue spammers.
So what can you do to help the fight? If you have the time, you can report spammers to a higher authority. Although this won’t reduce the amount of spam you receive, it can help larger organizations build cases against the most flagrant abusers.
You can report spam to the Federal Trade Commission by forwarding the messages to spamuce.gov. Many ISPs also offer an address for spam complaints—often at abuse ispdomain .com. Since the sender information in most spam messages is fraudulent, you should examine the message’s header to see from where the message actually originated. (Earthlink offers a tutorial of what to look for.) Many ISPs will terminate the accounts of confirmed spammers. Others may use the information you send to improve their spam filters.—JONATHAN SEFF