Holt Offers Strategies to Keep Spam from Clogging Your Inbox -- Mason Gazette

August/September 2002

Holt Offers Strategies to Keep Spam from Clogging Your Inbox

If you use the Internet, you will almost certainly find spam—unsolicited e-mail commercials—clogging your e-mail box. And the more we use the Internet, the more we increase the chance that a spammer will obtain our address, says Tracy Holt, manager of e-mail systems and accounts for the Information Technology Unit (ITU). However, there are ways to limit the amount of spam you receive. In his paper, “How Do I Get on Bulk Email (Spam) Lists?” Holt presents strategies for avoiding spam.

Just Say No

If an e-mail address is not necessary, don’t give one, Holt advises. But if you do receive spam and the vendor offers a link to remove yourself from future mailings, do not click on this link. A reputable site will remove you from its mailing list but less-reputable sites use this to determine whether your address is legitimate; in some cases this will cause you to be added to even more spam mailing lists.

Often, online vendor services require us to create an account to place an order, browse a catalog, or subscribe to a service. In addition, many vendors seek online registration so they can keep us informed of product changes or warranty issues. It is common practice to use these registrations for mass marketing purposes. While some vendors allow you to select the type of information you want to receive, other vendors will flood you with “important” information, or they will provide your e-mail address to third parties or send you information on a third party’s behalf. When vendors allow you to choose what mail you will receive from them, opt for none, says Holt. “Make sure to choose any options that specify that your address information is not to be shared.”

Try a Pseudonym or Alternate Address

“If you’re truly not interested in receiving mail from vendors but still need to use their services, obtain a second account from one of the free services like Hotmail and use that address when doing product registrations,” says Holt. If you’re an active participant in online chats, newsgroups, and mailing lists, the chance of receiving spam is very high, so, if possible, use a separate account or name for postings to these services.

Because web sites can obtain your e-mail address settings by software run from their web sites, consider using separate clients for e-mail and surfing the web. This is problematic at George Mason since the university supports both the Netscape browser and e-mail client. Another option is to disable Javascript and cookies so that programs to extract information about you cannot be executed. However, be cautious because a number of sites also use Javascript and cookies to function, and disabling these features may prevent you from using these sites.

Watch for the Web They Weave

Spammers use a number of different, often illicit, ways to get our addresses, such as using tantalizing subject lines and seeking open mail relays so that their e-mail comes via unsuspecting sources. Many advertising companies have software that will scan newsgroup postings for valid e-mail addresses, or pirate improperly configured mailing list software and automated mailing lists.

Another technique used for very large sites is to try random addresses—jsmitha, smith, john_smith, john.smith—in the hope of finding some valid addresses. A small percentage of IDs will turn out to be valid, and some percentage of those users will respond.

Finally, spammers love university sites because many of them, like George Mason, run the Unix operating system, which requires that a public file of valid accounts on the system be readable by all users. Since everyone on the system has an e-mail address, the spammer who can gain access then has a massive list of valid e-mail addresses. WebShield, the new virus scanning software and hardware ITU installed to screen all incoming e-mail, has the ability to stop some spam as it enters George Mason.