The War on Spam Part I – The Basics
What Spammers Do…
The biggest headache in the online world today, other than viruses, is spam. Spam is unsolicited email usually sent in mass to many email addresses at once. Another form of spam can be the repeated submissions of web forms, such as guestbook entries, contact forms, product reviews, blog comments, etc. These submissions usually contain bogus contact information and a series of links leading to not-so-nice sites.
How They Do It…
Email spammers usually use automated programs to send large quantities of spam to lists of emails they’ve harvested off the internet. I’ll get to harvesting in a moment. They use an automated web form on a web site the spammer has hacked to send the spam messages. The spammer enters the list of harvested addresses, the subject, and the message body into the web form and hits send. It can sometimes be hard to determine the origin of spam since many of the forms they use to send spam are on sites they’ve hacked – not their own.
Spammers’ software can “memorize” the field names of your web forms and create an attack “filling in” your required form fields. They visit the web site via a bot and search out web forms to download the fields to be filled in later. The bot will go back to the url, fill in the web form and submit the form over and over until that wave of attacks has ended. This will repeat automatically at pre-determined times of the day or night.
How They Collect or Harvest Email Addresses…
The bots I mentioned previously seek out and find any information the spammer can use to make their attack. Just like the bots used with Google, Yahoo and MSN, they will “crawl” a site gaining information and harvesting any email addresses or web forms they may encounter. Bots find this information based on the code in the web page.
Email addresses are usually in the form of this coding:
<a href=mailto:email@my domain.com>email@mydomain.com</a>
The “a href=mailto:” is the code the bots picks up and then harvest that link.
If you have an email address on your site that you receive spam on, this is the most popular way they get your information.But what if you don’t have an email address on your web site?
There are many other ways Spammers can get your information:First, you can look to see if an email address shows up in a WHOIS search. Whois is public information about who owns a domain and the contacts provided. Harvesting can also take place on this type of site by scraping an email address from the information provided.
Second, and most importantly, I would look to see where you could have entered your email address. Realtors have access to tons of email addresses through their local association. Chambers of Commerce often post members information including email addresses. Blogs, guestbooks, and any other site you could have entered an email address that may not have been secure.
Another way spammers collect email addresses is through viruses. If someone has your email address and their computer becomes compromised by a virus, then your email addresses may have been compromised as well. This is simply guilt by association so to speak.
Ok, I’m Depressed. How Can We Win?
I don’t think we can ever “win” the war on spam. Laws in the US differ from other countries where a lot of spamming occurs. ICANN (Internet Corporation for Assigned Names and Numbers) has already helped by going after registrars around the world who have known spamming domains, but this is only temporary - until they find a new home.
Until then we have to protect ourselves. First, you can purchase spam protection software such as QURB or other good software to protect third party email programs like Outlook.
Webmail users, such as Horde, Gmail, Yahoo, and Hotmail have built in software to filter junk mail. They do a fairly good job overall.
Be careful about where you use your email address. Once it has been harvested, it will take a long time to get it back to its pure state, if ever. Create an email address on yahoo or msn that isn’t personal (doesn’t contain your name, etc) that you can use for the web. This keeps your personal email safer (firstname_lastname@domain.com). Outlook and other mail programs support multiple email accounts. You can create rules and actions to put these general emails in special folders as well as filter for junk mail.
Web site and domain owners can eliminate headaches by removing all important email addresses from the web site and by using a “catch all” account. This catch all account will receive all the spam and inquiries from your site and whois searches. Catch all accounts can be info@, or sales@, or contact@. Web users usually use the contact form to submit questions, so you’ll still have to sift through it – but at least your personal account is safer.
Email addresses on a web site can be encrypted with a string to mask the code. However, sometimes doing this can make the “mailto” link not work correctly in certain email programs.
Web forms can reduce spam attacks by using code in the mail processor. This code can do a culmination of things. It can halt spam attacks through spam injections (this will be discussed in an advanced article). It can collect the user’s IP address and host info so that the webmaster may block that IP from accessing the site. It can also create email headers which are useful in tracking origin.
Web forms can reduce bot attacks by using CAPTCHAs. This is the combination of numbers and letters you have to type in before you can submit a form.
Last but not least, changing web form field names can help reduce spam for a short period of time.
While spoofing IP addresses can bypass IP logging, the above tactics can at least slow down these attacks.
-----------------------------------------------------------------------------------------------------------
Although this article discusses techniques used by spammers, there are still many other methods used today that are not listed. We have chosen to discuss the spamming situations above based on past experiences.
2412 Gulf Breeze Ave
Pensacola, Florida 32507
850-455-1464
sales@bluewebtechnologies.com