|
|
|
|
|
|
|
|
|
|
 |
 |
|||
|
 |
|
|
|
Spam Self-Defense
Tips |
|
|
|
By Rich Kulawiec, an independent Unix/Linux/Internet/open-source consultant (Published Mar. 1, 2004) (See Rich's previous column: Top 10 Spam Myths) Here are some tips (for end-users) that you can use to defend against spam. A number of them involve dealing with security issues because spammers have been exploiting weak software (i.e. Microsoft products) and network security on an enormous scale. 1: Be careful who you give your email address to.
Unfortunately, a lot of people view your email address as a saleable
commodity -- and they'll sell it to anybody with cash in hand. For
instance, there are now reports that people who gave "tagged"
email addresses to [ "Tagged" addresses are ones specially constructed
for use in only one place, e.g. an address such as fred.smith123abc98-3343@example.com
might be given to only one company/person. If any mail ever shows
up at that address from anybody other than who it Overstock.com is suing some former employees who stole 3 million email addresses and sold them to spammers:
Numerous other examples abound: so be conservative about handing out your address(es). 2. Don't use Outlook/Outlook Express as your mail client. They're known as "insecurity applications" for darn good reason. Spammers and virus/worm authors (some of whom are the same people, see below) know this -- in fact, they're counting on it and actively exploiting it. Given that there are hundreds of alternative mail clients, many of which are free, there's no reason to stick with the very worst. 3. The same thing goes for your web browser -- if it happens
to be Internet Explorer, which is just as bad. (So bad, in fact,
that there are companies where using IE is forbidden.) Here's just
one recent example of many that shows how just using IE to look
at a web page To deal with problems 2 and 3, I recommend visiting the Mozilla web site (http://www.mozilla.org/) where you will find excellent, free, multi-platform, open-source solutions that you can download, install, and run TODAY. Among those are:
(Mozilla was the nickname for the Netscape browser for many years.
It's now an open-source project, and it's the best available web
browser by a wide margin. It runs on everything, If you're on MacOS, Safari is an excellent alternative browser (and comes as part as MacOS X). So is Opera (http://www.opera.com/) on Unix, Linux, MacOS, and Windows. But whatever you switch to, the most important thing is to stop using Outlook and IE. Today. Because it's very hard to protect yourself from spam and abuse if you insist on using the same insecure applications that spammers and abusers are exploiting on a daily basis. 4: If you run Microsoft Windows, get a good anti-virus package. Install it, use it, and frequently update its virus defintions. What does this have to do with spam? Among other things, this: Sobig.e - Evolution of the Worm http://www.lurhq.com/sobig-e.html The SoBig series of worms was written specifically to allow infected systems to be used to send spam. They've gotten into millions of systems Internet-wide -- and it's still there many months later, AND those systems are generating enormous quantities of spam. Other worms are designed to host thousands of copies of spammers' web sites on hijacked systems, to attack anti-spam resources, or to accmulate lists of victim addresses. There's no doubt we'll see more of this very soon. 5. Get a firewall (especially if you're on cable or DSL):
a *real* firewall, e.g. a separate piece of hardware that sits between
your computer(s) and your Internet connection. (Software-only "firewalls"
that run on the system they're meant to protect aren't much good
unless the system itself is hardened against attack.) 6. Never, ever, ever, EVER respond to a spam. No matter what it says, no matter how angry you are, no matter how much it promises that you'll be removed: DO NOT DO IT. All you will achieve, without exception, is confirming for the spammer that your address is alive and well -- which means that they'll send you more, and they'll sell your address as "known working". This requires, by the way, NOT using autoresponders such as "vacation" programs -- because of course they'll respond to your non-spam and spam messages alike. 7. So if you shouldn't respond, what should you do? What you can do with spam is either (a) save it as evidence (b) delete it or (c) forward it to your ISP or company's abuse desk (e.g. abuse@example.com) WITH FULL HEADERS. That last point is critically important: spammers often forge much of the information in mail headers, so actually figuring out where the spam came from requires analyzing ALL the headers. Hopefully, whoever does the care and feeding of your mail system knows how to do that, and is using an effective anti-spam mechanism, so that they'll have a fighting chance of blocking future spam from the same source. You could consider complaining to the spammer's ISP, but in many cases that will backfire: some ISPs *are* the spammers, i.e. they're just phony fronts; others actually forward complaints to the spammers, who then conduct revenge attacks by forging complainers' addresses into the "From" field of subsequent spams, with predictable results. 8. Use anti-spam software: *carefully*. Because the spam problem has escalated so rapidly, a lot of "anti-spam" software packages have been rushed to market. Some of them are just ineffective; others actually make the problem worse. Two kinds of "anti-spam" software you should NEVER use (because use of these is just as abusive as spamming) are:
"Bounce to sender" packages attempt to punish the spammer by throwing their own effluent back at them. This rarely works, because spammers nearly always forge the mail headers, including the "From" line, so all these packages accomplish is abusing innocent third parties who were unlucky enough to have their addresses used as part of the forgery. (Oh, and what if it the headers aren't forged, and replies really go to the spammer? Congratulations, you just helpfully confirmed receipt -- see point 6.) "Challenge/response" packages suffer from the same problem, but compound it in multiple obvious and subtle ways -- including challenging a person who never sent a message in the first place, creating deadlock and/or mailbombing scenarios, and requiring out-of-band acknowledgement. For an excellent analysis of this, see: Challenge-Response Anti-Spam Systems Considered Harmful http://kmself.home.netcom.com/Rants/challenge-response.html Both of these approaches exacerbate a problem that's bad enough already -- so avoid them. (By the way, some mail clients have integrated anti-spam features. Yet another reason to look at Mozilla Thunderbird, or perhaps Ximian Evolution, see http://www.ximian.com/products/evolution/ for details.) 9. Use anti-spam software: *very carefully*. ;-) One more kind of "anti-spam" software you should never use is that which is sold by spammers. Yes, they're actually doing this, and getting away with it; "IHateSpam" is being peddled by Sunbelt Software, who are themselves notorious spammers. That doesn't seem to have stopped several magazines from giving it various awards -- but it should stop you from purchasing it. 10. Make sure that your ISP -- at home, at work, wherever --
has an You might argue that this is unfair; that it "punishes" people who aren't sending spam but happen to share networks with people who are. Yes, it's unfair: it's unfair that hundreds of millions of Internet
users have to deal with the abuse that flows out of spam-friendly
networks. And it's unfair to expect all those people to tolerate
all that abuse because somewhere buried in it might be a message
from you. And it's See "The Top 10 Worst Spam ISPs" on the lower right corner
of the Spamhaus.org home page: http://www.spamhaus.org/ Rich Kulawiec is an independent Unix/Linux/Internet/open-source
consultant whose anti-spam tool of choice is the Sears Craftsman
16-pound sledgehammer; he can found at rsk@firemountain.net
|
|
|
