Skip to main content

5 practical ways to reduce spam

Internet "spam" is a term coined to describe unsolicited emails that companies and individuals send out en masse. Because it is very cheap to send an email spammers will send millions of emails out. Even if just one or two people purchase their product the spammer will still make a profit. Spam ranges from being simply annoying to being an outright scam or even dangerous. Consider as an example the ability to purchase medication without needing to see a doctor or obtain a prescription. Spammers send this information out to children.

Spam messages eat up a large amount of internet bandwidth which leads to service degradation for legitimate users. It has become such a problem worldwide that many countries are adopting legislation to combat it.

Spam Statistics


Currently the world's worst offending country is the United States, followed by China and the Russian Federation. America has adopted the CANSPAM act which is aimed at reducing spam, but this has yet to show significant effect in the amount of spam messages coming out of America.

There are many companies that deal with spam. In order to obtain a quick indication of spam statistics I chose one at random and viewed their stats. They recorded 2,509,170 spam complaints in the 24 hours prior to writing this example. Now consider that there are many other companies dealing with spam and not all users will actively complain about spam. This means that the global statistic must be a great deal higher than this.

Reducing Spam


  1. Ask your ISP if they use a spam filter on their servers and consider swapping to another company if they don't. One of the most popular products is "SpamAssassin". It's free and easy to configure. Having a company filter spam on their servers will reduce your bandwidth costs (since you won't be downloading spam messages) and improve your security by blocking malicious emails before you download them. Of course this also means that you will save the time you used to spend manually downloading and deleting the messages.


  2. Avoid publishing your email address on your website or Internet forums. Spammers use web "spiders" to search the internet for email addresses to send spam to. If you are going to publish your email address on your website make an effort to obfuscate it with Javascript or some other method. One approach is to write out your email address in full: For example - info@drugalarm.co.za becomes info @ drugalarm [dot] co [dot] za. Obviously it can't be hard for a spammer to program a search spider to scan for these common patterns so this method is far from foolproof.


  3. Use the services of websites that offer free temporary email addresses when you're registering on a forum or service that you either don't trust or don't intend to use more than once. Mailinator.com is a good example of this sort of service. Remember that because you're using a temporary email address you won't be able to use it to retrieve passwords, track parcels, etc.


  4. If your spam problem is severe you could consider setting up a challenge response system. This runs on your mail server and sends a reply to anybody who sends you an email. If the person replies to the challenge reponse their email address gets added to the list of people who may email you (and they won't have to keep confirming they're not a spammer). Most spammers will not be able to receive or replt to these challenges. One negative side effect of using this system is "back scatter" - spammers routinely fake the "from" field of their emails so your challenge response will target whoever the spammer is pretending to be.


  5. Augment your server side protection by using programs that run on your computer. There are several effective and free solutions that will reduce your spam load. SpamPal is one such program. It is fairly simple to setup and is quite effective in reducing spam. A drawback of using client-side spam filtering is that you will still be paying for the bandwidth required to download your spam messages.


Ultimately the world's spam problem will only be solved when people stop buying their products or falling for their scams. Educate your friends and family about the risks of purchasing products from spam messages. Make sure that you understand what a 419 scam is so that you can avoid making a spammer rich.
Labels:

Comments

Post a Comment

Popular posts from this blog

Separating business logic from persistence layer in Laravel

There are several reasons to separate business logic from your persistence layer.  Perhaps the biggest advantage is that the parts of your application which are unique are not coupled to how data are persisted.  This makes the code easier to port and maintain. I'm going to use Doctrine to replace the Eloquent ORM in Laravel.  A thorough comparison of the patterns is available  here . By using Doctrine I am also hoping to mitigate the risk of a major version upgrade on the underlying framework.  It can be expected for the ORM to change between major versions of a framework and upgrading to a new release can be quite costly. Another advantage to this approach is to limit the access that objects have to the database.  Unless a developer is aware of the business rules in place on an Eloquent model there is a chance they will mistakenly ignore them by calling the ActiveRecord save method directly. I'm not implementing the repository pattern in all its glory in this demo.  
Post a Comment
Read more

Fixing puppet "Exiting; no certificate found and waitforcert is disabled" error

While debugging and setting up Puppet I am still running the agent and master from CLI in --no-daemonize mode.  I kept getting an error on my agent - ""Exiting; no certificate found and waitforcert is disabled". The fix was quite simple and a little embarrassing.  Firstly I forgot to run my puppet master with root privileges which meant that it was unable to write incoming certificate requests to disk.  That's the embarrassing part and after I looked at my shell prompt and noticed this issue fixing it was quite simple. Firstly I got the puppet ssl path by running the command   puppet agent --configprint ssldir Then I removed that directory so that my agent no longer had any certificates or requests. On my master side I cleaned the old certificate by running  puppet cert clean --all  (this would remove all my agent certificates but for now I have just the one so its quicker than tagging it). I started my agent up with the command  puppet agent --test   whi
Post a Comment
Read more

Redirecting non-www urls to www and http to https in Nginx web server

Image: Pixabay Although I'm currently playing with Elixir and its HTTP servers like Cowboy at the moment Nginx is still my go-to server for production PHP. If you haven't already swapped your web-server from Apache then you really should consider installing Nginx on a test server and running some stress tests on it.  I wrote about stress testing in my book on scaling PHP . Redirecting non-www traffic to www in nginx is best accomplished by using the "return" verb.  You could use a rewrite but the Nginx manual suggests that a return is better in the section on " Taxing Rewrites ". Server blocks are cheap in Nginx and I find it's simplest to have two redirects for the person who arrives on the non-secure non-canonical form of my link.  I wouldn't expect many people to reach this link because obviously every link that I create will be properly formatted so being redirected twice will only affect a small minority of people. Anyway, here's
Post a Comment
Read more