Spam Notes

Someone posted a question in a newsgroup:

How Does [ISP] Compare With Other ISPs In Blocking Spam?

Question:

Please post your experiences and opinions regarding how you believe [our ISP] compares with other ISPs in blocking spam. If you know of another ISP that seems to be significantly more effective, what practices make it more effective. Your observations and experiences will be very helpful.

I answered:

There is no real way to compare the spam receipt experiences of different people, or different ISPs, or even multiple email addresses at the same ISP. Too many factors are involved.

1. How common is the word(s) of the email ID
2. What is the exposure of the ID
   1. Opened a spam in HTML and got tagged by the embedded codes
   2. Clicked the "remove me" in a spam once
   3. Signed up for newsletters and other registration on the WWW
   4. ID is posted on a web page or in someone's guest book
   5. ID harvested by malware from address books, cache, etc. on an infected computer (your own or someone else's) ¹
   6. Used at an e-greeting card site, as Sender or Recipient ²
   7. Used in the clear on Usenet (try http://groups.google.com/)
      (Mung your address in newsgroups)
3. What degree of filtering is set at your different ISPs
4. The ID was in the TO: or CC: fields in the clear in massive joke forwards (Tell your friends to use the BCC: field and to trim out addresses from those that don't)
5. Your ID (even if uncommon words) is in use by someone else at a popular ISP and has been compromised due to careless use, so the spammers take the ID and append every other popular ISP.
   joe@hotmail.com / joe@msn.com / joe@aol.com / joe@att.net / joe@earthlink.com ...
6. Whether or not the ISP uses domain or mailserver blacklisting
7. MSN (and I assume Hotmail) has four degrees of user-configurable spam blocking (paraphrasing here):
   1. Let it all pour through
   2. Block obvious spam
   3. Be really aggressive (and trap a lot of legitimate mail) ³
   4. Accept mail only from those in my address book
8. Spammers are stupid, but ... spammers are smart.

Your best bet is to use uncommon words/numbers for your ID, and then guard it with great care.

• joe@isp.net will receive tons of spam
• joe.6a3.smith@isp.net won't receive any, unless any of the above cases have occurred

Users of Google's Gmail have a disadvantage with using dots in the ID. For example, j.smith@gmail.com will receive mail sent to jsmith@gmail.com as well, because Google, in their infinite wisdom, ignores the dot!

Subscribers of AT&T Worldnet have a double disadvantage when the email ID has been harvested (or 'dictionaried') by the spammers. Due to poor planning by this ISP, the subscribers have two addresses (which are functionally the same):

• joe@att.net
• joe@worldnet.att.net

..and the spammers send to both.

Finally, I can say that the several addresses I use at http://www.myrealbox.com/ never receive any spam. I must point out, though, that none of these addresses has ever been exposed as in my points above.

1. Addition suggested by "J"
2. Tell your friends that some e-greeting card sites are, or were, in the business of selling IDs to spammers. They may still be in this business; I don't have any current documentation.
3. I can attest this is the case. One of my clients asked for help with his 300 spams per day. He was on MSN setting (B) above. I raised him to (C) and the filter immediately began to trap most of the spam, but also to catch legitimate mail. About half of it!

I have enhanced some of the above since posting in the newsgroup. A bit more organized, so to speak.