Spam - 2
Dateline 09/08/97
Spam. What now?
So we've got that junk email in our inbox.
What to do now?
Nothing.
We can choose to simply delete the mail and forget about it. This is by far not the worst solution. In fact, by doing nothing we've done a lot: we have not contributed to spam being a marketing method that works; we have not caused any innocent victim grief or troubles by replying...hmm...emotionally; we have not wasted too much of our time. Until the next mail trying to sell recycled garbage cans or whatever arrives.
Once again, though, I repeat: Simply deleting any spam you get is a viable way to deal with it. If every unsolicited commercial email would find its way to the garbage can (may spammers recycle them or not), the whole spamming industry (?) would go down that path soon as well.
The process of deleting spam can, of course, be automated (that's what we have computers for in the end, huh?). How to do that with various email packages under various operating systems shall be explained in a future part of this series.
Reply to that spammer and tell them what we think.
This is the natural and understandable reaction, but of course (?) almost exclusively the wrong thing to do. The From: (or, if present, the Reply-To:) field in the header that any email program will use to reply to the sender is the easiest to be forged. It is simply a line in what email programs call the header but actually belongs to the body (as opposed to the envelope) of an email. To understand that, it is really helpful to have an understanding of how the SMTP protocol works.
The spammer will insert an arbitrary name or number with an arbitrary domain. Your reply will either go nowhere and be returned to you undelivered or it will reach an innocent. Your complaint would not be the only one, however. Complaints would mix with thousands of undeliverable emails returned to the (forged) "sender", eventually bringing the victim's system down. This can do a lot of damage, so please do not reply to a spam, however justified it may seem to be. The chance that the return path is correct is as high as that of this being a well thought-out and well-formed sentence.
Track down the real sender and hack their system.
Yes, revenge is one of manwokind's best friends.
The first part of this approach, finding out where the spam originates, is quite useful, though.
Track down the real sender and tell their ISP.
Every spammer needs an Internet Service Provider allowing them access to the Net. Most ISPs have an "Acceptable Use Policy" banning (among other things) spamming through their site. Some haven't. Some simply get abused. In such a case, you can complain to the ISP, explaining them that and why spam is bad and what to do.
Additionally, many sites will relay email. They will accept an email whose final destination is not their site and deliver it (possibly via another relay) to the recipient. This is one of the core concepts the Internet is based on. Unfortunately, it can be (and is) abused. Fortunately, it is possible to make relaying almost impossible. If you cannot identify the original sender of unsolicited email and it was obviously relayed by some host you can tell them how to avoid being abused by spammers.
Now how do I "track down the spammer"?
By taking a look at the email headers, you can find and complain about the spammer.
