People complain a lot about the huge number of spam messages they receive. Sites are being accused of facilitating spammers, having poor security, etc. This might often be the case, but what the ‘receiver’ often forgets is that their online activity more often is the real cause of the deluge.
Spammers grab the email address to spam from somewhere and then try to ‘trick’ the system and the receiver into believing it’s a real message. They do this by spoofing the sender’s address and using something in the Subject that the receiver might recognise as legitimate. They try to create ‘trust’ so the receiver opens the message.
So, what can you do to stop spammers?
– Install SPF (Sender Policy Framework) or some of the other initiatives (DMARC, DKIM) that enable the receiving server to check if the the message actually came from the server the message claims it came from.
– Set up Checksum based filtering. Spam is sent in bulk. Checksum uses this to filter it out.
– Use DNS based filtering. DNS lists can be obtained from various sources, but are often not accurate as spammers simply move to a new DNS if one becomes unusable.
– Use Spamhouse or similar lists, again these are often incorrect as spammers move on.
These are only a handful of ways to block spam. There are many more ways to help fight spam.
What often happens in the fight against spam is that IT departments simply block the alleged ‘spammer’, which often is the site who’s email address has been spoofed. The spam will simply continue, but the spoofed site will have their email blocked. Another victim of the spammer!
Get the IT dept to look at the full header of the email as this will reveal the IP address where the spam originates from. This will exonerate the spoofed site and will reveal the real spammer’s location. We often use Arul John‘s site to see where the spam originates from.
So, don’t fall for what the spammer claims. Dig deeper and you can find out a lot more. Ask IT to do this. But, they often don’t like this as it means research, complaining with an ISP in China, Russia or the USA, following it up, etc. However it’s the only way to really do something about it.