On Wed, 16 Feb 2000, Furmanek, Greg wrote:
> Isn't there a way to send a user unknown reply.
> I bet some of the spammers look for those
> to eliminate the useless addresses.
Nope. Spammers forge their headers to avoid getting any replies at
all, since if they gave a valid "From" address they would get bombed
by angry recipients. They don't care how many rejections bounce
back to their hijacked originating sites, or to their forwarding
sites in Korea or Spain.
If you visit the anti-spam sites, you can learn a number of tricks
to help fight spam.
I have a procmail script which sorts my mail:
* Messages from list servers go to their own folders such as 'plug'.
* Messages that Primenet has already classified as spam go to
'spam'. (I opted to get the 'blocked' messages so I won't be
complaining to Primenet redundantly about already-blocked
senders.)
* Messages that don't include me in their addressee list go to my
"bcc" folder. I get a fair number of legitimate "bcc" messages,
but follow the steps below for the spam.
* Some spam still gets through to my main inbox because it's
addressed to me. I accept most mail from employment agencies,
which I file away for possible future reference.
For each spam message, I do the following:
1. I forward a copy to my ISP's 'spam' address, where it is
automatically tallied. After 10 complaints they block that address.
(Spammers change their "From" addresses frequently, but this is just
one more way to harrass them.) I don't complain to them about
messages coming to my "spam" folder since they're already being
filtered; and I don't complain to them about messages relayed to me
from two other sites by my request!
2. I forward a copy to
spamrecycle@ChooseYourMail.com, which
supposedly does good stuff with it: keeps statistics to support
anti-spam legislation, identifies sites to be blackholed, encourages
relaying sites to turn off forwarding, etc. This will also be
useful, I hope, when they start targeting certain offenders under
anti-spam laws.
These two steps only take a moment. Going further depends on how I
feel at the time.
3. If I have a few minutes and the forwarding site seems reachable,
I forward a copy to postmaster at that site to encourage them to
turn off SMTP forwarding; Subject: MASS MAIL VIA YOUR SITE.
4. If I have a few more minutes and the original sending site seems
identifiable, I go one of two ways: if the site itself appears to
be innocent (an ISP, free-e-mail site, or business unrelated to the
spam), I forward the spam to their postmaster. If the site seems to
be involved, I forward to postmaster at whatever domain comes just
before them in a 'traceroute'. Subject: MASS MAIL FROM YOUR CLIENT.
5. If I have STILL more time, and the message advertises a web site,
I decode the address if it's all numeric (nslookup, traceroute,
etc.). If this is not one of the sites I've already complained to,
and seems to be "innocent", I'll forward a complaint to webmaster
and postmaster at that site. Otherwise it goes to their upstream.
I use a subject line such as MASS MAIL ADVERTISING YOUR CLIENT.
Of course as you know, it's essential that the forwarded copies
contain the full SMTP headers to allow them to identify how the mail
really got to you.
Simply discarding spam is what most folks should do, but since it's
convenient for me to follow some of these procedures, I figure it's
my netizen duty to help clean up the streets.
Vic