Skip to main content

5 practical ways to reduce spam

Internet "spam" is a term coined to describe unsolicited emails that companies and individuals send out en masse. Because it is very cheap to send an email spammers will send millions of emails out. Even if just one or two people purchase their product the spammer will still make a profit. Spam ranges from being simply annoying to being an outright scam or even dangerous. Consider as an example the ability to purchase medication without needing to see a doctor or obtain a prescription. Spammers send this information out to children.

Spam messages eat up a large amount of internet bandwidth which leads to service degradation for legitimate users. It has become such a problem worldwide that many countries are adopting legislation to combat it.

Spam Statistics


Currently the world's worst offending country is the United States, followed by China and the Russian Federation. America has adopted the CANSPAM act which is aimed at reducing spam, but this has yet to show significant effect in the amount of spam messages coming out of America.

There are many companies that deal with spam. In order to obtain a quick indication of spam statistics I chose one at random and viewed their stats. They recorded 2,509,170 spam complaints in the 24 hours prior to writing this example. Now consider that there are many other companies dealing with spam and not all users will actively complain about spam. This means that the global statistic must be a great deal higher than this.

Reducing Spam


  1. Ask your ISP if they use a spam filter on their servers and consider swapping to another company if they don't. One of the most popular products is "SpamAssassin". It's free and easy to configure. Having a company filter spam on their servers will reduce your bandwidth costs (since you won't be downloading spam messages) and improve your security by blocking malicious emails before you download them. Of course this also means that you will save the time you used to spend manually downloading and deleting the messages.


  2. Avoid publishing your email address on your website or Internet forums. Spammers use web "spiders" to search the internet for email addresses to send spam to. If you are going to publish your email address on your website make an effort to obfuscate it with Javascript or some other method. One approach is to write out your email address in full: For example - info@drugalarm.co.za becomes info @ drugalarm [dot] co [dot] za. Obviously it can't be hard for a spammer to program a search spider to scan for these common patterns so this method is far from foolproof.


  3. Use the services of websites that offer free temporary email addresses when you're registering on a forum or service that you either don't trust or don't intend to use more than once. Mailinator.com is a good example of this sort of service. Remember that because you're using a temporary email address you won't be able to use it to retrieve passwords, track parcels, etc.


  4. If your spam problem is severe you could consider setting up a challenge response system. This runs on your mail server and sends a reply to anybody who sends you an email. If the person replies to the challenge reponse their email address gets added to the list of people who may email you (and they won't have to keep confirming they're not a spammer). Most spammers will not be able to receive or replt to these challenges. One negative side effect of using this system is "back scatter" - spammers routinely fake the "from" field of their emails so your challenge response will target whoever the spammer is pretending to be.


  5. Augment your server side protection by using programs that run on your computer. There are several effective and free solutions that will reduce your spam load. SpamPal is one such program. It is fairly simple to setup and is quite effective in reducing spam. A drawback of using client-side spam filtering is that you will still be paying for the bandwidth required to download your spam messages.


Ultimately the world's spam problem will only be solved when people stop buying their products or falling for their scams. Educate your friends and family about the risks of purchasing products from spam messages. Make sure that you understand what a 419 scam is so that you can avoid making a spammer rich.

Comments

Popular posts from this blog

Separating business logic from persistence layer in Laravel

There are several reasons to separate business logic from your persistence layer.  Perhaps the biggest advantage is that the parts of your application which are unique are not coupled to how data are persisted.  This makes the code easier to port and maintain. I'm going to use Doctrine to replace the Eloquent ORM in Laravel.  A thorough comparison of the patterns is available  here . By using Doctrine I am also hoping to mitigate the risk of a major version upgrade on the underlying framework.  It can be expected for the ORM to change between major versions of a framework and upgrading to a new release can be quite costly. Another advantage to this approach is to limit the access that objects have to the database.  Unless a developer is aware of the business rules in place on an Eloquent model there is a chance they will mistakenly ignore them by calling the ActiveRecord save method directly. I'm not implementing the repository pattern in all its ...

Using Azure Active directory as an OAuth2 provider for Django

Azure Active Directory is a great product and is invaluable in the enterprise space. In this article we'll be setting it up to provide tokens for the OAuth2 client credentials grant. This authorization flow is useful when you want to authorize server-to-server communication that might not be on behalf of a user. This diagram, by Microsoft, shows the client credentials grant flow. From Microsoft documentation  The flow goes like this: The client sends a request to Azure AD for a token Azure AD verifies the attached authentication information and issues an access token The client calls the API with the access token. The API server is able to verify the validity of the token and therefore the identity of the client. The API responds to the client Setting up Azure AD as an OAuth2 identity provider The first step is to create applications in your AD for both your API server and the client. You can find step-by-step instructions on how to register the applications o...

"Word of the Day" PHP script (with word list)

I was looking around for a way to generate a word of the day on the web and didn't find anything. So I coded a quick and dirty script to do it. Just in case anybody does a Google search and manages to find my blog: here is my Word of the Day PHP script : Copy this code snippet into a wordoftheday.php file: $file = fopen("interesting_words.txt","r"); $raw_string = fread($file,filesize("interesting_words.txt")); fclose($file); $words_array = explode("|",$raw_string); echo $words_array[array_rand($words_array)]; Of course the real issue I had was finding a list of interesting words in the right format. Here is the list of interesting words that I used: Copy this into a file called interesting_words.txt : ubiquitous : being or seeming to be everywhere at the same time; omnipresent| ecdysiast : a striptease artist| eleemosynary : of, relating to, or dependent on charity| gregious : c...