Certified Mail: July 2003
Spamming the Globe
The Skinny on Spam
In response to Em C. Pea’s ”Auntie” column in the May issue, “Spam, Spam,
Spam, Spam,” I spend at least two hours a day blocking unsolicited spam,
along with updating SurfControl. Just like the U.S. Mail, it never stops—nor
rain, nor snow, nor sleet, nor hail, spam keeps a-coming.
—Jason Griffith, MCP
Charleston, West Virginia
I was amused by Em C. Pea’s take on spam. I, too, would have showered
the room with my cornflakes. However, my morning meal happened to be a
bagel.
While I agree that spam-filtering in Outlook stinks, I think the bigger
issue is that Microsoft should offer some functional server-side options.
If you’ve ever tried blocking e-mail with Exchange Internet Mail Connector
functions, you know what I mean.
I know that Microsoft has always relied on third-party developers for add-on solutions (like spam-filtering, antivirus and so on), but a basic set of utilities would be helpful—i.e., the ability to use black lists, easily block senders and scan for malformed SMTP data.
Filtering spam at the client level leaves much to be desired, even if the next version of Outlook spam-filtering actually works. The mail has already entered the enterprise and been delivered to the desktop—simply moving it to another folder does little to control the disease. Third-party server-level applications will have to be deployed by admins seeking to reduce the huge volume of junk sent to their users each day.
A server application that can filter mail prior to the Exchange organization
receiving it allows admins to have the final say regarding what is allowed
into their networks. There are cases where employees have filed suit claiming
a hostile workplace environment where certain spam e-mail has reached
their desktops. This situation can only get worse. If we admins don’t
make a valid effort to stop the insanity, we could be named on those legal
filings...ouch.
—Gary A. King, MCSE, CCNA
Granger, Indiana
I monitor an Exchange server with more than 1,500 clients and deal with
spam on a daily basis. The average time spent daily is about 45 minutes.
It doesn’t seem like much, but it adds up to three hours a week, which
equals 15 hours a month, which totals 180 hours a year. That’s 22.5 days
a year out of 260 working days. That’s 8.7 percent of my time dealing
with spam.
—Don Harris, MCSE, MCSA
Denver, Colorado
The best (and only) way to really eliminate spam is to modify the SMTP protocol (perhaps one could call it the SAMTP, Simple Authenticated Mail Transfer Protocol). What’s needed is a way to authenticate senders using certificates, password hashes and so on, and some way that SMTP servers validate the sender before accepting each message. Because spammers forge their originating addresses and mail headers, they couldn’t come up with a valid certificate/password hash from the ISP they’re forging as the source.
Using this scheme, when an SMTP server receives an e-mail, it would also receive the identifying key supplied by the sender’s e-mail client encapsulated in the message. The key would be authenticated against the private key (or hash or password) held at the authoritative source for the originating domain (usually the ISP). This would allow all fraudulent mail to be rejected prior to wasting the bandwidth used allowing the spam-vector server to send the body of each message, like the way blacklist rejections work today. If a spammer got a hold of a user’s identity key, it would become apparent to the user’s ISP when hundreds (or thousands) of validations came in for a single sender. The ISP could then issue a new public key/password and shut down the spammer immediately. It would take a couple of years to get it in place, but it could be done. Then spammers would have to go back to paying for phone calls!
Spammers just skirt the laws by going overseas. Besides, who has time to report spammers to their ISP? Charging for messages? Forget it. That’s punishing the good guys.
Filters? The spammers always seem to stay one step ahead of them, as
well. We can solve the problem with technology, and all it would take
is a request for comment and a cooperative effort on the part of ISPs,
users and e-mail client developers. Everyone would be forced to get on
the bus because their e-mail would start being rejected otherwise.
—Norm Hinman, MCSE, MCP+I
Auburn, California
Both Outlook and its little brother Outlook Express do a poor job of screening spam. Unfortunately, I’ve found most spam-screening software does a mediocre job of filtering out junk from real stuff—especially as spammers are getting more creative in the ways their junk is marketed. It appears the spammers always keep one step ahead of any software created to counter it.
As I don’t completely trust spam-filtering software, I now use MailWasher
Pro exclusively to screen all e-mail coming into my mail server. There,
I have the option of viewing the message, deleting it, bouncing it back
or accepting it. I’m able to ensure mail that I want gets through and
doesn’t get inadvertently deleted by some spam filter that isn’t set up
correctly. It’s worked great for a year now.
—Mike Frederick, MCP
San Antonio, Texas
The solution requires that you have your own Exchange Server. For us that meant having a Microsoft Small Business Server and that you host your own domain.
For example purposes, I will illustrate our solution using my email address.
For the last 6 or 7 years my address has been [email protected]. But
lately it’s been overrun with spam. Having my own mail server I easily
changed my default SMTP address to be [email protected] but kept the
‘robert’ alias because of the legitimate mail I was still receiving under
that name. I then e-mailed most people I know and asked them to update
their address books. Eventually, nearly all the mail incoming to ‘robert’
was spam but there still were some legitimate messages.
The final solution was to create another Windows 2000 user called “xRobert”.
I removed the “robert” alias from my account and re-assigned it to this
new account. I then logged onto the domain with the xRobert account, created
my Outlook profile, and set an Out of Office reply to read as follows:
Notice how I didn’t spell out my new address? Well, call me paranoid.
Anyway, several people got this message and responded as I had hoped.
The only negative aspect of this solution is that the new mailbox is growing
and still receiving all that spam. To solve this issue I gave myself full
rights to the “xRobert” mailbox and added it to my Outlook profile. This
enables me to still monitor the activity to catch those people who are
not reading my Out of Office message, and also to delete all the spam
in one fell swoop. We tried using the AutoArchive option to delete messages
automatically but we have not had great success with it.
Well, if you already have an Exchange server and host your own mail,
then this solution requires only a little bit of your time. After seeing
how well it worked for me, my business partner begged me to configure
it for him too! It truly has saved all of us a lot of time.
Luckily in my case, the impetus to change my address was both an antispam
and business need. We had already switched our default SMTP addresses
to the more professional scheme of “first initial + last name” structure.
Spam just gave us the push to get rid of the old alias.
—Robert Cioffi, MCP+I, MCSE
Yonkers, New York
I had multiple clients with more anatomical enlargement solicitations
than they knew what to do with. (Except maybe take them up and then join
the circus!) I looked around a bit and found a great low cost product
from GiantCompany called Spam Inspector that works as a plug-in for Outlook
and Outlook Express. It has been around for a while. The application actually
uses some adaptive learning techniques to start recognizing spam patterns
and has been a stellar solution for my small business clients. It has
taken some of them from 75-100 spam messages a day, to virtually none.
No legit emails have been bounced over the last several months either.
Hang loose and hey…let’s try to give computer geeks a better name eh?!!
—Mike McClendon, MCP, CSSA
Vancouver, Washington
I was very tired of Outlook Express not doing a good job of filtering
spam. So I started using Outlook XP to get my ISP mail. I figured it must
have better rule and filtering than OE—but it didn’t. I tried all kinds
of rules, even the junk mail rule, which is worthless. I get an average
of 60 messages a day of spam. I would have to delete them then delete
them from my deleted items folder. Annoying! Even tried renaming my email
account, ect. No good. Don’t ask me how but they always catch up. I only
receive about 10 important messages a day and I know who they are coming
from. From my AOL days, I remember that you could set a rule to block
all mail except from those you specify. I thought, Wow, it would be great
if I could do that. So off I went to the rules tool again. Did I find
what I was looking for, NO. But, I have found a way to delete all mail
that comes in except the ones that I specify. Here is how it works: (haven’t
tried it on Outlook 2000),
Make sure your contacts e-mail addresses are in your contacts list from
all that you want to receive messages from. Next, specify a new blank
rule: Start from a blank rule to check messages when they arrive. This
is KEY!- Don’t select any conditions. It will warn you that it will apply
to all messages. Then select Delete it from the “What do you want to do
with the message” options. Then Ad an exception, the last one “except
senders in specified address book.” Select your Contacts folder and finish.
Close outlook and reopen. Try sending yourself a message using an email
account not in your contacts list. It gets put right into the TRASH where
the spam belongs.
This one works pretty well for me. A few messages slip into the inbox
from time to time but not nearly as many that get deleted. I just browse
through tp make sure it did not delete any important messages and them
right click deleted items and select Empty. This has made my life e-mail
life much less frustrating.
— Paul Bassett, MCSE
Lakewood, New Jersey
About the Author
Have a question or comment about an article or letter that appeared in MCP Magazine?