Imagine going to your mailbox every day, pulling out hundreds of flyers, and then sorting through them to find the one bill or personal letter you were expecting. For many of us, this is exactly what the spam epidemic has become: a frustrating and time-consuming daily ritual of weeding out offensive and irritating offers so we can get to the messages we actually want and need. To make matters worse, spammers’ tactics are constantly changing—rendering spam-proofing strategies that worked a year ago all but useless today.
Even by conservative estimates, spam now accounts for well over half the e-mail sent worldwide. But you can fight back—in many cases by using tools you already have. Stopping spam involves much more than just clicking on a check box. A good spam-fighting strategy includes keeping your e-mail address away from spammers, using common sense about reading and replying to spam, and fine-tuning your built-in filter for optimum accuracy.
I’ll focus on optimizing the spam-fighting tools built into Apple Mail and Microsoft Entourage, two of the most popular e-mail clients for Mac OS X. However, many of the strategies I discuss apply to all e-mail users, regardless of what software they use.
Don’t Let the Spammers Find You
So who exactly are these spammers, and what do they want with you? Although some spammers are hoping you’ll give away personal information so they can steal your money, most just want to sell you something. Clever hackers write programs that gather potentially valid e-mail addresses, and then they sell these addresses by the hundreds of millions to spammers—often ordinary people hoping to make a quick buck. Spammers know that most of their messages will be deleted or ignored, but they make up for this in volume. If even a tiny fraction of their messages results in a sale, spammers can make a considerable sum.
Your first line of defense, then, is to stay off the radar of spammers and their address-gathering programs.
Guard Your Address The easier it is for someone to find your e-mail address, the more likely you’ll be the target of junk mail. So avoid publicizing your e-mail address on Web pages or in newsgroup postings. If you really must post your address online, turn it into a graphic with no
mailtolink. If you need to enter an address in Web forms for online purchases, contest entries, and the like, consider getting a second address, such as a Hotmail.com account, just for this purpose. This will let you to keep your primary address private and relatively spam-free.
Practice the Silent Treatment Resist the temptation to reply to spam messages—even to unsubscribe from them. In most cases, no one will read your reply. And if it does get through, it simply confirms that your address is valid. In general, you can safely unsubscribe from newsletters and other mailings from legitimate companies with which you’ve done business—but if you’ve never heard of the mailer, chances are any Remove Me links are bogus.
The same is true of bouncing messages—returning a spam to its sender in hopes of tricking the spammer into thinking that your address is invalid. Savvy spammers can still tell that a message reached its destination. Besides, since spam messages are sent out by the millions, spammers aren’t likely to bother removing invalid addresses from their lists.
Turn Off HTML Spammers can tell that you’ve read their messages by using a Web bug, a small graphic that your e-mail client downloads when you display a message with HTML formatting. The graphic’s URL contains a unique identifier tied to your e-mail address, so merely displaying the message tells the spammer’s server that you’ve read it.
To thwart Web bugs, turn off the display of HTML graphics in your e-mail client. By default, Entourage 2004 doesn’t download images unless the sender is in your address book. In Mail, open your Viewing preferences and deselect the Display Images And Embedded Objects In HTML Messages option. If you receive a legitimate HTML-formatted message, you can easily download the images by clicking on the Load Images button in Mail or the Download Pictures link in Entourage 2004.
Take Advantage of Spam Filters
Of course, it’s almost impossible to elude spammers completely. This is where your e-mail program’s built-in spam filters come into play. Spam filters function as e-mail gatekeepers, separating invited guests from the riffraff.
Apple Mail 1.3 (included with Panther) and Entourage 2004 both offer significantly better spam-fighting tools than their predecessors. In fact, if you’re using earlier versions of Mail or Entourage, I recommend upgrading for the spam improvements alone. But to really put these built-in filters to work, you need to train them to recognize the type of company you like to keep—and the type that should be left on the curb.
Practice Makes Perfect Mail and Entourage use statistical junk-mail filters—programs that try to learn which words and message attributes distinguish spam from legitimate mail. When you identify an incoming message as junk, the filters add information about that message to a database, making it easier for them to identify similar messages in the future. Likewise, the filters track the attributes of valid messages to avoid marking them as spam. By constantly updating their databases, these junk-mail filters get smarter as you use them and are able to better adapt to the latest spamming tactics.
But for statistical filters to be effective, you must diligently correct their mistakes. If your e-mail client fails to identify a spam message, take the time to mark it as junk. In Mail, select the message and choose Message: Mark: As Junk Mail. In Entourage, choose Message: Mark As Junk (or press Command-shift-J in either program).
Similarly, if your e-mail client mistakes a legitimate message for spam (called a false positive ), correct that mistake by marking the message as Not Junk.
Introduce It to Your Friends Because legitimate messages sometimes include the same words and phrases as spam, the best way to prevent false positives is to create a white list —a list of people whose messages should never be marked as junk.
Entourage’s spam filter automatically exempts messages from anyone listed in the Entourage Address Book. Similarly, you can have Mail exempt anyone in the OS X Address Book by opening Mail’s Junk Mail preferences and selecting the Sender Of Message Is In My Address Book option. Then be sure to keep your address book up-to-date with the names and e-mail addresses of everyone who regularly sends you mail. To add the sender of a selected Mail message to the OS X Address Book, choose Message: Add Sender To Address Book (or press Command-Y). To add a sender to Entourage’s Address Book, go to Tools: Add To Address Book (or press Command-= [equals sign]).
Optimize Mail’s Settings
Mail’s default spam settings offer a good start to fighting junk mail, but they should be considered just that—a start. There’s plenty more you can—and should—do to optimize Mail’s spam sensitivity.
Go Automatic Mail provides two modes for filtering junk mail. The default—Training mode—simply uses color to distinguish suspected spam from legitimate mail. This lets you easily monitor whether Mail is flagging spam correctly. But once you become comfortable with Mail’s choices, you should switch to Automatic mode.
In Automatic mode, Mail moves all suspected spam to a Junk mailbox, letting you largely ignore its existence. And despite the confusing names, switching from Training to Automatic mode doesn’t interfere with the training process at all; the Junk Mail filter continues to learn new spam-fighting skills as you correct its mistakes.
To put the filter in Automatic mode, open Mail’s Junk Mail preferences, make sure Enable Junk Mail Filtering is selected, and then select the Move It To The Junk Mailbox (Automatic) option.
Tweak Your Preferences While you have your Junk Mail preferences open, I recommend making a couple of other changes to further heighten your spam security.
Because spam frequently includes the recipient’s full name, deselect the Message Is Addressed Using My Full Name option. Next, turn on the Trust Junk Mail Headers Set By Your Internet Service Provider option. Some ISPs add a special header (called the X-Spam-Flag header) to incoming messages their servers suspect are spam. By telling Mail to look for this clue, you can increase the Junk Mail filter’s accuracy. Even if your ISP doesn’t currently offer this feature, there’s no harm in leaving this setting turned on.
Preempt Other Rules If you use mail rules to file your incoming e-mail, you may find that Mail misses a considerable amount of spam. That’s because Mail’s built-in Junk Mail rule affects only the messages left in your in-box after all other rules have been applied. So, if you have a rule that filters all of the mail sent to your personal account into a special mailbox, the Junk Mail filter will never look at any of those messages. In this case, consider overriding the built-in Junk Mail rule with one of your own.
To create a new rule that mimics Mail’s built-in filter, go to Mail: Preferences, click on Rules, and then choose Add Rule (see screenshot). When you’re done, move the new rule to the top of the list so it runs before any others.
Thin Out Your VIP List You should also keep an eye on Mail’s Previous Recipients list. Mail assumes that if you send someone an e-mail, you want to receive the reply. So every time you hit Send—even if it’s only to unsubscribe from a mailing list—Mail adds the person to its Previous Recipients list. Because the Junk Mail filter ignores messages from anyone on this list, you could accidentally give approval to any number of unwanted guests. In fact, in previous versions of Mail, just moving a message to any mailbox other than Junk could add its sender to the approved list.
To remove spurious addresses from this list, choose Window: Previous Recipients. Click on any suspicious addresses and select Remove From List. If you find the process of pruning your Previous Recipients list too tedious, or if it results in too many false negatives, you can instruct Mail to ignore this list when filtering. Just open your Junk Mail preferences and deselect the Sender Of Message Is In My Previous Recipients option.
Optimize Entourage’s Settings
Entourage 2004 also lets you customize your spam filter to determine how aggressively it filters your e-mail.
Become Less Tolerant Entourage offers three levels of spam filtering—Low, High, and Exclusive. You can access these settings by selecting Junk E-mail Protection from the Tools menu (see screenshot).
Although Entourage uses the Low setting by default, High is appropriate for almost everyone. You should choose Low only if the High setting results in too many false positives—and if you can’t correct the problem by adding the senders to Entourage’s Address Book. Avoid using the Exclusive setting, which filters out all mail from anyone not on your white list. While this is certain to keep your in-box free of spam, it’s also likely to clutter your Junk folder with legitimate messages.
Approve Large Groups Adding recipients to your Address Book is a great way to exempt them from your Junk Mail filter. But trying to add everyone with whom you work can be tedious. A simpler solution is to add an entire domain—that of your employer or school, for example—to your white list. To do this, open the Junk E-mail Protection window (under Tools), click on the Safe Domains button, and enter all approved domains, separated by commas.
If you subscribe to mailing lists, you can guarantee that mail from these lists isn’t considered spam by using the Mailing List Manager (in the Tools menu). The Mailing List Manager not only helps you filter any related messages into a dedicated folder, but also ensures that any messages other members sent to the list make it through—regardless of whether the senders are in your Entourage Address Book.
Look for Outside Help
What if you’ve diligently trained your junk-mail filters and fully optimized your settings, but you’re still getting a steady influx of spam? Your built-in filters simply may not be accurate enough to handle the problem—especially if you receive hundreds or thousands of spam messages every day. What you need is some external help.
Third-Party Software One of our favorite add-on spam filters is Michael Tsai’s $25 SpamSieve ( ; “Guard Your In-Box,” April 2003), a powerful, accurate, and highly configurable statistical filter that works with Mail, Entourage, and other OS X e-mail clients. (It’s also included with Bare Bones Software’s Mailsmith). Whereas Mail and Entourage let you optimize a few basic settings on their spam filters, SpamSieve provides almost endless opportunities for customization.
Mail users should also consider Benjamin Han’s JunkMatcher software. JunkMatcher is a free Mail plug-in that lets users define wildcard patterns called regular expressions to identify spam characteristics that Mail’s built-in filters could otherwise miss—such as intentionally misspelled words.
A Better ISP Another option is to switch to an ISP that can take on some of the heavy spam filtering for you. Many ISPs use expensive server-based spam filters that are much more sophisticated than what’s available in desktop e-mail clients. Some of these filters tag suspected spam messages so that your e-mail client can take whatever action you choose, while others block spam from reaching you at all. For example, if you own a paid FastMail account, you can choose what action FastMail takes—to delete, move, or just mark suspected spam—based on the message’s spam score, a numerical measure of how similar the message is to confirmed spam. Apple’s own .Mac e-mail service also offers excellent spam filtering. Other good choices include Tuffmail and Runbox.
If switching to a new e-mail provider is out of the question, consider subscribing to a spam-filtering proxy service. A proxy service checks your existing e-mail account for you and runs its own high-powered spam filters on it. You can then set up Mail or Entourage to retrieve your (freshly filtered) mail from the proxy server, rather than your original mail server. This lets you keep your existing e-mail account while benefiting from the superior spam filtering of a much larger service. Examples of such services are Spam Zapper and SaferSurf’s Spam Guard.
Keep Spam in the Can
Spam is on the rise. But with a bit of effort and the right tools, you can prevent it from taking over your in-box. If you use your built-in tools wisely, remain diligent, and know when to ask for help, you’ll remain ahead of the game.
[ Joe Kissell is the author of Take Control of E-Mail with Apple Mail and Take Control of Spam with Apple Mail (TidBits Electronic Publishing, 2004). His secret identity is Curator of InterestingThingOfTheDay.com. ]
To make Entourage less tolerant of spam, make sure its Junk E-Mail Protection setting is High. To catch spam that Mail’s Junk Mail rule misses, create your own rule and put it at the top of the Rules list.Sidebar: Essential Spam-Fighting Rules
Although statistical filters are much better at catching spam than manual rules, there are a few cases where adding your own rules can help catch spam your built-in filters might otherwise miss. (For instructions, see “Get Organized.” )
Here are three rules that all spam-fighting warriors should have in their arsenals.
1. Look for Spam Headers Some ISPs insert a hidden header—most often the X-Spam-Flag header—into messages they suspect are spam. To view these headers in Mail, choose View: Message: Long Headers; in Entourage, choose View: Internet Headers.
Although Mail knows to use these headers to help filter your mail, Entourage doesn’t. But you can add this capability with the help of a new Entourage rule (Tools: Rules: New). Choose Specific Header from the first If pop-up menu, type
X-Spam-Flaginto the text field that follows, and then select Exists from the second pop-up menu. (If your ISP uses a different flag, enter that header in place of X-Spam-Flag.) Under the Then section, specify where such messages should be moved to.
2. Dump Suspicious Attachments Attached files with extensions such as .exe, .pif, .scr, .bat, .com, .lnk, or .js are often Windows viruses or spyware programs. They may not harm your Mac (unless you’re using Virtual PC), but they certainly won’t do you any good. Mail’s rules ignore attachments, but you can set up an Entourage rule to automatically remove these attachments from incoming messages to a POP account (IMAP accounts don’t offer this option).
In Entourage, create a new rule; then choose Attachment from the first If pop-up menu and Name Ends With from the second. Enter the first extension (
.exe, for example) and then click on Add Criterion and repeat the process for each extension you want to exclude. From the Execute pop-up menu, select If Any Criteria Are Met. In the Then section, choose Remove Attachments, add a second action, and choose Change Status from the first pop-up menu and Junk E-Mail from the second.
3. Stick to English Sometimes messages that use non-Latin character sets, such as those written in Russian or Chinese, trip up statistical spam filters. If you don’t read these languages, it’s a safe bet that such messages are spam. To identify these messages, you need a rule that looks at the messages’ Content-Type headers.
When creating this rule in Mail, choose Edit Header List from the If section. In the resulting dialog box, type
Content-Typein the Header field, click on Add Header, and then click on OK. Change the Edit Header List pop-up menu to Content-Type, select Contains from the middle menu, and then enter the appropriate header in the text field. (For Arabic, that’s
Windows-1256; for Chinese,
GB2312,
Big5, or
EUC-TW; for Japanese,
ISO-2022-JPor
EUC-JP; for Korean,
ISO-2022-KRor
EUC-KR; and for Russian,
Windows-1251).
In Entourage, your If statement should read as follows: Specific Header Content-Type Contains appropriate Content Type header .
Sidebar: Tip
Improve Eudora’s Spam IQ Like Mail and Entourage, Qualcomm’s Eudora 6 uses a statistical spam filter. You can use the Junk Threshold slider (Preferences:Junk Mail) to make the program less tolerant. To determine how low you should go, first open the Mailbox Display panel and activate the Junk option under the Columns heading. A new mail column will appear, showing each message’s assigned spam score. Note the scores of any spam Eudora misses and then adjust the Junk Threshold slider to catch them.—ADAM C. ENGST
Sidebar: Spammers Versus the Law
Everyone hates spam. It’s a drain on your time, bandwidth, and patience. E-mail filters can reduce the time you spend scrolling through your in-box every day, but they can only do so much—and they do nothing to reduce the amount of messages being sent.
But voter outcry has spurred lawmakers to try to find a solution. CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003) is the result of three years of work by Democratic senator Ron Wyden of Oregon and Republican senator Conrad Burns of Montana. The law, which took effect on January 1, 2004, prohibits many of the worst spam tactics, including the use of false or misleading header information. The law also requires that all commercial mail include a valid mailing address, a clear demarcation that the e-mail is an advertisement, and a way for recipients to opt out of future mailings.
So how does CAN-SPAM measure up so far?
“CAN-SPAM made a lot of things illegal that already were illegal, and increased the penalties for criminals who weren’t being caught anyway,” says Cindy Cohn, Legal Director of San Francisco’s Electronic Frontier Foundation, a group dedicated to protecting technology-related civil liberties.
Cohen points out that fraud and deceptive advertising practices are already crimes. For example, the Buffalo Spammer case, hailed by many as a victory in the war on spam, had nothing to do with CAN-SPAM. Last April, Howard Carmack was tried and convicted under New York’s identity-theft law for stealing the identity of two Buffalo-area residents and sending out hundreds of millions of spam messages in their names.
“Spam is a difficult problem to address through legislation,” says Cohen. The positive side of the new law, she admits, is that it “spurred law enforcement to go after these people.” So far, four of the largest ISPs (AOL, EarthLink, Microsoft, and Yahoo) have filed more than 200 lawsuits against alleged spammers. And in late June, the federal government charged an AOL employee under CAN-SPAM with stealing 92 million AOL e-mail addresses and selling them to spammers.
Under current law, only ISPs and the government can sue spammers.
So what can you do to help the fight? If you have the time, you can report spammers to a higher authority. Although this won’t reduce the amount of spam you receive, it can help larger organizations build cases against the most flagrant abusers.
You can report spam to the Federal Trade Commission by forwarding the messages to spamuce.gov. Many ISPs also offer an address for spam complaints—often at abuse ispdomain .com. Since the sender information in most spam messages is fraudulent, you should examine the message’s header to see from where the message actually originated. (Earthlink offers a tutorial of what to look for.) Many ISPs will terminate the accounts of confirmed spammers. Others may use the information you send to improve their spam filters.—JONATHAN SEFF