Junk Email, or Spam
Spam, also known as Unsolicted Commercial Email (UCE), is the junk mail of email. While there isn't total agreement as to what constitutes spam (other than processed ham), basically a message is spam if:
- It's bulk mail - a generic message that isn't personally directed to you. (NOTE: just having your name "plugged into" a generic message doesn't make it personally directed to you.)
- You didn't ask for it or agree to receive it.
- The sender has more to gain from sending the email than you do from receiving it. The decision as to who has more to gain is totally yours - the recipient's.
(NOTE: These criteria are based on the spam definition published by MAPS. Visit their site for more details.)
Yes! Boreal has installed a mail filtering system called Spamassassin. Spamassassin scans all incoming messages for common spam characteristics, and if it finds enough, it flags the message as spam. How it's handled at that point depends on what spam-handling option you're using (see the options below). More information about Spamassassin and the tests it performs can be found at spamassassin.apache.org.
You have several options for using spamassassin:
- Option 1: All your incoming mail is filtered through spamassassin. Any mail identified as spam is deleted. If you want this option, you don't need to to anything. By default, all Boreal members use this option.
- Option 2: All your incoming mail is filtered through spamassassin. Any mail identified as spam is moved to a special Spam folder, and you can access these spam messages via Boreal's web mailer. Spam messages are stored in this folder for 10 days, then deleted. If you want this option, please contact the Boreal office.
- Option 3: None of your incoming mail is filtered through spamassassin. If you want this option, please contact the Boreal office.
You may change your spam filtering option and also update some of your other spam filtering settings (such as whitelisting and blacklisting addresses) at http://www.boreal.org/phpsaadmin. Changes to your spam filtering option will take about a day, but changes to other settings will take effect immediately.
In addition to Spamassassin, Boreal has implemented a Greylisting system to reduce spam. Greylisting is optional - your email will not be greylisted unless you request it. If your mail is greylisted, the first time an unrecognized sender sends you a message, our system returns it with a "try again later" message. Most spammers' systems will not try again later, but most legitimate mailers will. This has a result of significantly reducing your spam. The side affect is that messages sent to you will be delayed half an hour or more, depending on the sender's system. The other thing to be aware of is that there are a few legitimate systems who won't try again later, so if you receive mail from one of these systems the message may be dropped. You can whitelist addresses from these systems to prevent this.
To sign up for greylisting, visit the greylisting sign-up page here.
Spammers have lots of ways of getting e-mail addresses. A few are:
- Usenet groups: If you've ever posted a message to a public bulletin board or newsgroup, your address is out on the internet and easily accessed by spammers. NOTE: Using Boreal's mailing lists, such as news and for-sale, will NOT result in your email address being made accessible to spammers. Boreal's lists are private mail lists, not publicly accessible Usenet groups or bulletin boards.
- Bots: Spammers use programs called "bots" to search through the internet and "harvest" e-mail addresses from web pages. If your e-mail address is published on your web page, a bot can pick it up as it's compiling a list of addresses for spammers. This is especially true if your page is listed in a search engine. Some ways to make it harder for bots are:
- If you've published your email address on your web page, don't publish it in a "mailto" link - ie. the person looking at the page just clicks on your address to send an email. The "mailto" addresses are easiest for bots to harvest.
- Some people disguise their email address so bots won't get the right address, but people will. For example, if your address is email@example.com, publish it as jsmithDELETETHIS@boreal.org.
- Opt-Out lists: Some places will tell you to send them your email address and they'll take you off spammers' lists. Use these with caution - unfortunately some of them actually turn around and sell your email address to spammers.
- Web page: If you visit a spammer's web page, he/she may use hidden code on that page to get your email address.
- Viruses: There are many viruses which allow hackers access to your computer if your computer has the virus. Some spammers take advantage of these viruses to access personal computers and harvest the email addresses in people's address books.
- Online forms: Before you give your email address to a company via an online form, make sure that the company has a policy not to sell your email address. Look for a box on the form that asks if it's ok to send related offers or information to you - make sure it isn't checked.
- Dictionary attacks: It doesn't cost the spammer anything to send mail to an invalid address, so many spammers "guess" at email addresses by using common names and domains and going through the alphabet. For example, they'll send messages to firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com, etc., hoping that a few of those messages hit a valid address.
- Responding to spam: If you respond to a spam message or click on a link in a spam message, even to tell the spammer to remove you from their list, you've just alerted the spammer that you have a live email address that someone is reading. This makes your address valuable and the spammer will a) keep it on his list and b) sell it to other spammers.
First, what not to do:
- Don't reply - Many spam messages will tell you you can get off the spammer's list by replying with an "unsubscribe" message. Don't do it! You will probably end up either
- getting your message returned to you as undeliverable, or
- getting even more spam.
This is because
- Most spammers forge their return address. Usually it's a totally fake address, but sometimes it's the address of some innocent person the spammer wants to irritate by tricking you into sending them mail.
- If your reply actually gets through to the spammer, it just confirms that someone is receiving email at this address. This makes your email address more valuable, and the spammer can (and will) sell it to other spammers.
- Don't buy what they're selling. If spam didn't work, spammers wouldn't use it. Spam is not generally considered to be a reputable way of advertising - even if their product looks attractive, buy it from a more honorable source than a spammer. (Spammers almost always forge their return addresses so you can't find out who they really are - do you really want to send your money to a person who goes to such lengths to be un-traceable?)
- In some cases, responding to spam can be dangerous. Most spam is just irritating, but there are also many scams and frauds now being carried out via spam mail. Some of the most common are:
- Overpay for an item: You're advertising an item for sale, usually on a big site like Ebay. (Note - some Boreal members have been contacted by this type of scammer in response to a classified ad on the Boreal website.) Someone from another country contacts you to buy the item, but for some reason can't give you a check for the exact amount. They want to send you a check or money order for over the amount and have you send the excess back to them. Although your bank is required by law to make the funds available to you within a few days, it can take up to four weeks for a foreign check to clear the issuing bank. That means that after you've sent this person the money, the original check will bounce and you'll be left owing the bank the money you sent the scammer.
- Phishing scams: You recieve a message from a bank or online system like Ebay, saying there's some sort of problem with your account and asking you to click on a link to sign into your account and correct the issue. Often the problem is made out to be serious enough to try and scare you into action without thinking it through - for example, your credit card has been charged a huge amount, your funds have been frozen, etc. The mail looks very legitimate, and if you click the link you will go to a realistic-looking website where you'll be asked to provide a username, password, credit card information, etc. to correct your issue. This website is a fake, however, and the private information you enter here will be sent directly to the scammer. Never click on a link in an email like this - if in doubt, open a web browser and type the company's URL in the address bar to go to the site and check it out.
- The Nigerian Advance Fee Fraud: Someone from Nigeria or another foreign country will promise you several million dollars in return for letting them use your bank account to transfer funds out of the country, or wants you to help them manage their wealth in some way. People who've responded to this scam have lost thousands of dollars, and in some cases have even been lured into situations where they were kidnapped and held for ransom or killed. Information on this scam can be found at http://www.crimes-of-persuasion.com/Crimes/Business/nigerian.htm.
- Lottery scam: You've won thousands of dollars in some foreign lottery you didn't enter! If you respond and try to claim this money, many fees will appear that must be paid before you can receive your check. As long as you keep paying these fees, more will turn up. You will NEVER see a check, or if you do, the check will end up bouncing.
Here's what you can do:
- Report it to a spam filtering service such as Spamcop (http://www.spamcop.net/). Many providers, including Boreal, use their services to help filter spam, so by reporting your spam to them you're helping everyone detect and block the spammers.
- Report it to the spammer's Internet Service Provider (ISP) - This helps to cut spam off at the source. Every spammer has to go through an ISP, and most ISP's have very strict rules regarding sending spam using their service. If an ISP is made aware that someone is sending spam through them, they can take action against the spammer.
The problem: Spammers know that their ISP will be upset to find out about their activities, so they do everything they can to disguise where they're sending from. The return address you see on your spam mail is almost always a fake, so reporting to that ISP does no good. Fortunately, there are ways to get around this:
- spamcop.net - This site will let you send them your spam, they'll decode the headers to find the true source of the spam and send a complaint to the proper people. This is a free service, but be sure to read the directions for using the service first.
- This solution is only for you techie people! You can go through the message's headers to locate the IP address of the actual sender, look up that IP Address, and then send a message to their abuse desk. This is a complicated process, but fortunately it's explained in many places on the Internet, including:
- Filter your email - There are two ways to do this:
- Get filtering software or a filtering service. A few sources for these are SpamCop's Advanced Filtering Service and Top 10 Spam Control Tools, Choose your mail.com. NOTE: Boreal already filters all mail sent to your boreal.org email address. This means most spam is filtered out before it gets to you. Additional filters may or may not be helpful - many will filter using the same criteria Boreal does.
- Set up a your own filter in your e-mail program. If you can identify some characteristic that is unique to the spam messages (for example, they have the word "advertisement" somewhere in the message), you can set up your email program to look for messages with that characteristic and delete them before they get into your mailbox. For instructions on setting up a filter, see the E-Mail Filters section of this FAQ. CAUTION: If you make your filters too general, you may start filtering out mail you want. For example, if your filter deletes every message with the word "buy" in the message body, and your sister sends you an email asking if you want to go in and help her buy a gift for your mom, your sister's message will get deleted along with the spam because it contains the word "buy". Make sure your filter checks for something that only spam mail has!
- There's a long list of spam information / anti-spam sites at http://dir.yahoo.com/Computers_and_Internet/Communications_and_Networking/Email/Spam/
- Here's a good link about replying to spam: http://www.spamdontbuyit.org/
To protect our email system, Boreal scans outgoing messages for spam content. If our system detects spam in a message you send, your message will be blocked and you'll receive a notification from Boreal. This notification will contain a spam report to help you determine why your message was blocked, and help you get your message through if it was mis-identified.
Unfortunately, the spam report isn't always as helpful as it could be, so this page has been created to help you interpret the report to determine why your message was blocked and how to modify it to prevent this.
You may also forward your notification to us at firstname.lastname@example.org, and we'll help you determine the problem.
The report lists a set of rules your message triggered along with their scores and a brief description of the rule. When the total score of all these rules is 6 or above, the message is blocked. Therefore, you want to look at the scores on the rules and try to get your total score under 6. Check the high-scoring rules first - fixing just one of these is usually enough to get your message past the filters.
Common rules you may see and how to fix them:
- n.n URIBL_XXXX Contains an URL listed in the XXXXXX blacklist [URIs: xxxxxx.xxxx] (NOTE: There are several rules that start with URIBL_. The n's and X's will be replaced with information specific to the rule that hit.) : Your message included a reference to a blacklisted website. Blacklisted websites are sites that are known to commonly appear in spam messages, and rarely appear in legitimate messages. Look at the URI shown in the s (ex. [URIs: store.com]). Then search your message for a reference to this website and take it out before sending the message.
This rule usually shows up when you are forwarding something you've received from a newsletter or joke list. The best way to get rid of it is to just copy and paste the part of the newsletter you want the person to see, rather than sending the whole thing. Usually the problem website reference is in one of the ads included with the newsletter.
- -0.5 ALL_TRUSTED Passed through trusted hosts only via SMTP : This is a GOOD rule - note the negative score of -0.5. This indicates that your message was sent from a trusted system and it brings your overall score down. You WANT this rule to hit!
- 0.0 HTML_MESSAGE BODY: HTML included in message : All this means is that your message wasn't in plain text. Since it's common to send messages in rich text this rule has a score of almost 0, and therefore does not need to be a concern. It's not what pushed your message into the spam category.
- 1.3 MISSING_SUBJECT: Missing subject header: Your message didn't include anything in the subject. Type anything in the Subject of your message to avoid this rule.
- n.n DATE_IN_PAST_xx_xx or DATE_IN_FUTURE_xx_xx: The date and time on the message is different than the actual date and time by a significant amount. Usually this happens because the clock on your computer is set to the wrong date and/or time. To avoid hitting this rule, double-click the clock in the lower right corner of your screen and make sure the date and time are correct. This rule can also be triggered if you send your message some time after you composed it - for example if you wrote the message and hit the Send button but the message didn't go out, and then a few hours later when you went online the message was sent.
- 3.0 NO_BODY2_BA Email with no body : Either you sent an empty message, or your message included an attachment with no text. Simply include some text in your message to keep this rule from hitting. (Both spam and viruses are commonly sent as attachments with no text.)
- 4.0 POSS_JOE_JOB_BA POSS_JOE_JOB_BA : This shows up if you forward a message that was returned to you - for example if you sent a message to the wrong address, it came back, and you're forwarding the message that was returned to the right address. Re-send the original message (you'll find it in your Sent items) instead of the returned message to avoid this.
Why are these flagged? Returned messages being forwarded on look just like returned joe-job messages. (A joe job is where a spammer sends messages using your email address as the forged return address. When his messages go to bad addresses they're returned to you, not him, since he forged your email address as the returned address. This results in you getting lots of Returned messages for email you didn't send.)