Kill All Spammers

Stop E-mail spoofing (forging)

Spammers are the lowest of the low, right up there with telemarketers on my hate list. Their only interest is ripping you off, and they are not concerned about hurting other people during their nefarious dealings. Often spamers are associtated with organised crime, so we are talking nasty people here. Some spammers launch e-mail campaigns that look like messages sent from other peoples websites. I have two domains, scott-hamilton*com and karmallama*com Unfortunately I am yet another victim of spammers who are forging/faking/spoofing my email addresses. It is totally beyond my control, and I am sorry that I cannot stop it. I have nothing to do with such spam. I do not send, and have never sent, spam email of any sort. I am strongly opposed to "spamming" or sending unsolicited commercial email (UCE). In fact I hate it with a passion. If you have received such spam email I am sorry, but it was nothing to do with my website and is currently beyond my control.

Hopefully there is a solution to this insidious problem on the way. Microsoft has a solution under development. Read about it here: http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx

What is E-mail Spoofing? (Faking or Forging)

"E-mail Spoofing" is the latest nasty trend in spam, it is the practice used by many spammers to falsify the header information in their e-mail advertisements. By changing the header information someone can make the email appear to come from whoever they choose.

Hackers are now routinely stealing the e-mail or Web site identities of many people on the Web, and using them to send millions of pieces of junk advertising or offending e-mails. The average person on the Internet doesn't yet understand what's happening here, and many legitimate companies are obviously being victimized.
 

How You Can Help - Handling Spam Spoofers

If you ever receive such spam-mails that look like messages sent by one of my domains, please do this:

1. Report spoofed e-mails to me here:

Send the original spoofed e-mail as an attachment. (See the "send" menu of your e-mail program) Sending the e-mail as an attachment is the best way to preserve the "header information," which makes it easier for us to trace the true origin of the forgery.

  OR

If you cannot send the forged e-mail as an attachment, forward the e-mail, and include as much of the header information as you are able to maintain.

The headers I need are well labelled and look something like this:

 X-Sender: someone@domain.com
 X-Sender-IP: [10.1.2.3]
 X-Date: Tue, 18 Apr 2003 20:12:06 +0000 (UTC)
 X-Recipient: you@domain.com
 X-OUID: 1

To find the header information, configure your e-mail program to show All Headers (this varies from program to program).

 For Internet Explorer you can do this:
 - right-click the unopened e-mail in your inbox,
 - and then click "Options" to open the window that includes "Internet Headers.".

To track the actual sender of a particular message, I need this "extended headers" information. If you simply forward an e-mail message to someone, these headers will be lost, so whenever you are reporting spam be sure to cut-and-paste the message header from the spam message and send it in the body copy of your e-mail message. Please understand that I will not be able to respond to all of the e-mail reports I receive.

2. Report spam to your ISP

Report spoofed e-mails to your ISP and notify them that someone has stolen my e-mail identify. Be sure to cut-and-paste the message header from the spam message and send it in the body copy of your e-mail message, as described above (1).

3. Never respond to requests for personal information that may be contained in the forged e-mail.

4. Please don't do anything which might result in my domains being wrongly blacklisted as a spammer.

Thank you for your help and understanding on this. Lets hope we can stamp out spammers one day.

Blog Spam

Another big problem for bloggers is blog spam. This could be spam entered into comments or trackbacks on the web site, and can be very annoying to deal with. I actively monitor my site for such spam, and make every effort to remove it as quickly as possible. If you have come to my site via such spam, I'm sorry, but again there is not a lot I can do to prevent it. My policy for this site is that you have to log in to access most of the features, and this seems to keep a lot of the spammers out. Trackbacks are a bit of a problem though, and I might disable this functionality if the problem gets serious. For now I'll just monitor it.

If you join this site you have to enter your email address to verify your identity. Your email address is secure, and cannot be accessed by anyone except me. Your email address is never revealed to anyone at any stage while using this site. It is never displayed so it cannot be harvested by spammers. Do not ever enter your private email into a message. Create a hotmail or yahoo or gmail account for this purpose. There is a good article on Wikipedia about email spam that you might want to read as well.

Regards,
Scott

Last Updated Friday, June 16 2006 @ 11:17 AM GMT-14; 2,176 Hits