RETURN ON TECHNOLOGY: Some suggestions on how to overcome spam

Some time back, I got onto the solicitation no-call list maintained by the state of Indiana. It’s the second-best decision I ever made, after proposing to my wife. My evenings are ring-free, blessedly non-commercial, aside from the ads that overly optimistic marketing people hope I’ll watch on TV.

There should be a similar no-call list for spammers, but there isn’t. Spam, as you probably know, is unwanted e-mail. Spam requires a lot of time every day to find, sort and terminate with extreme prejudice. Real messages, like stranded travelers, get lost in the blizzards of Nigerian scams, Viagra ads and pitches for cheap software. Spam can be used to infect your systems. God alone knows how much it costs American business.

You’d think spam would be comparatively easy to stop, but it’s like a virus, evolving new forms to sneak past the outer defenses. The outermost defensive ring for spam is your Internet service provider (ISP). Most ISPs have e-mail filters to screen out the worst of it. But in many cases, the ISP needs customers to forward spam back to the ISP so it can be analyzed by the filter. This is, as you might imagine, such a hassle that few people do it. Theoretically, ISPs will often trace back the source of spam and ask that the offender’s ISP remove the account, but spammers long ago learned not to depend on a single ISP, so that threat is little more than promises.

The next line of defense is your own spam filter. They’re available both for individual machines and for an entire enterprise. One filter for Microsoft Outlook, for example, is imaginatively called Outlook Spam Filter and you can find it at www.outlook-spam-filter.com/. Another one is Spam Bully, at www.spambully.com/. Most filters require your help, by identifying mail as spam so the filter can see what spam looks like. But after a while, good filters pick up patterns without as much help from you. Outlook has had its own filter for several versions now, but most weren’t updateable. Starting with Outlook 2003, you can update the built-in spam filter. See www.microsoft.comfor more information.

Still, spam filters rarely work perfectly, so some spam is going to get through. The last line of defense, unfortunately, is you. You have to pick through what’s left, trying not to trigger off even more spam. That can happen if you reply to spam, even to shout “no more, stop sending this to me!” The basic rule is to never reply to spammers, not even if you want what they’re selling. You can always find it somewhere else that doesn’t set off a cascade of rogue e-mails into your inbox. Even opening some emails can be trouble if they’re carrying viruses. This is rare, but it happens. Most of the time, the virus is in an attachment, so the second most basic rule is to never open attachments unless you’re utterly sure that they’re legitimate.

The best way to avoid spam is to keep your primary business e-mail close to your chest. Many Web sites ask for your e-mail so they can send you newsletters, updates or similar materials. It’s legal for these companies to sell lists of e-mails to buyers, just like it’s legal to sell lists of physical addresses. Some sites are devious enough to make your e-mail address your user name on that site. If your e-mail address is ever used on anybody’s Web site, it’s exposed to the many “crawlers” that scour the Web looking for email addresses. A moment of unthinking charity is all it takes for you to let the local Little League, church committee or Christmas canned goods drive use your e-mail as a contact point. Your e-mail address is now out there for the world to harvest.

To prevent it, get one of the numerous free e-mail addresses many sites offer, and use that one for your non-business contacts. Give it out as freely as you wish, reserving your business address for business purposes. Or if your ISP offers multiple e-mail addresses, make one contact@thusandso.comso you can quickly identify what’s addressed to your public e-mail. You can do the same thing with a business e-mail address if you want your business name publicized but don’t want your own e-mail address compromised.