Mac Musings

Tips for Fighting Spam

Daniel Knight - 2001.12.06

It seems Low End Mac readers hate spam as much as I do. Here's some feedback on Spam, Spam, Spam, Spam:

I was pleased to see the article conclude with such levelheaded advice, particularly not to reply to spammers in an attempt at "removal".

Perhaps a future article might also reference pages helpful in actively tackling spam - not really a task for a newbie, but those willing to spend some time acquainting themselves with Received lines and online tools like <> and <> can certainly play a useful role; there are also various sites around the web aimed at introducing people to header reading and the like. Of course, that still leaves the significant issue of larger providers like SprintLink, Broadwing, and Qwest, who have, as you may well know from personal experience, rather poor histories on enforcing their own terms of service.

Perhaps about the only place I'd recommend newcomers didn't go unprepared might be :) It certainly does offer much timely news and information, populated by many sysadmins, network architects, and simply people fed up with spam - but it's also a very busy group, with no shortage of chatting and (deserved) vitriol towards spammers and spam-supporters. Better - though such is good advice for any newsgroup, nanae very much so - is to simply read and understand, and then consider joining in.

If only spamfighting paid better. :)

But if anyone dislikes spam: Please don't just hit delete. If you can spare a few minutes, contact your provider and see what their stated position on spam is. Find out what blacklists (SPEWS, SBL, RBL, et al) they use, whether they're aware of Vernon Schryver's DCC, and what your own local legislation is on the matter.

-- just a red panda


Nice column and quite informative.

Let me tell you a few of my thoughts. I have had my domain for about 6 years. I use it only for personal communication, never for business, I never post it, you get the idea. Then my email got "harvested" from Network Solutions, by a fly-by-night spammer named Joe Bianco. He was a prolific spammer that incurred the wrath of netizens everywhere. He has since exited the business, but his parting shot was to sell all the names he had taken from the NSI database.

Thanks to him, little by little my spam grew. Like a cancer, it spread and grew, getting worse all the time. Now I have hundreds of personal contacts that know my email address by heart, and I am not leaving. I have used Spamcop, and, while it hasn't stopped the spam, I have joined the ranks of like-minded people, who hate spam and report it to the responsible ISP. In some cases, as a group, Spamcop users have made life very difficult and more costly for spammers. (One spammer we drove out of his/her ISP almost 2 dozen times. I haven't received anything from that spammer again.)

I thought I might suggest that you one day might do a story on Spamcop. While filtering on the client side is okay, getting at the root of the problem is even better. I should state that I am just a user (very happy one) of Spamcop, and I have no affiliation with them.

Spamcop takes little time and is quite simple, really. I may be faster than others, but I report spam in about 10 seconds or so. Well worth the effort. Closing spammers down, educating people and administrators is the goal of Spamcop.

I have driven most of the domestic spammers offshore and now most of my spam comes from the Pacific rim, so I am fortunate enough to have my own mail server, on which I will install Procmail rules, which will filter mail and refuse mail from places that I specify, i.e., open relays, known spammers, entire countries, etc. That will be done soon, and I will kill 99% of my spam. My mail will be mine again. I have other mailboxes, and I will continue to use Spamcop.

My last thought: Spam is similar to the telemarketers that just want a few minutes of my time. If I gave each one the "few minutes" they asked for, that would be a considerable amount of time. By the same token, the spammer thinks something similar; that we are inconvenienced just a small amount and we can just delete it. They don't consider that spam is hated, illegal in 18 states, and so illegitimate, that they have to hide where they send it from. They forget that spam is theft of services and sends spam "postage due." The cost is not borne by the sender.

Okay, that's enough for now.


I receive very little spam these days, since I switched to the nearly free SpamCop service, which I recommend highly. I own a domain name, which, as you know, gets you a lot of spam, since companies with hosting services or mailing-list CDs to sell can extract your email address from the Whois database; I got several spam emails per day when I had my contact info set to [address removed].

As a free service to the 'Net community, SpamCop provides a means of reporting spammers to their ISPs and the sysadmins of computers with open relays that are used by spammers. For a very small fee per kilobyte processed, you can also get an email address from SpamCop that passes all inbound email through their filters and gives you an easy, two-click means of reporting spammers; the paid service also allows you to tell them to poll other POP mail servers and filter email you receive at those addresses. Then SpamCop forwards to a "secret" email address you specify (I use a address) any email that (1) passes its filters or (2) is released by you via their website or (3) is released by them after they send a "challenge" email to the sender and get a reply - spambots won't respond, but real people whose messages were erroneously held can respond and release their own messages to you.

SpamCop provides a preferences page that lets you set up filtering options. Since most ISPs will act against spammers using their services, I was getting a lot of automated replies to my reports (which confirmed that SpamCop has a pretty good "kill ratio" against spammers whom they report!), so I changed my prefs so those would not be forwarded to me (that's now the default). I have shut down the [address removed] address (I changed to a new userid, since I just got married a month ago, and I didn't think my wife would want to be known as "mrsgasser"!) and switched my contact info for the domain name, as well as on the website itself; now I maybe get one spam per month or less! I don't know if this is because spammers know and fear the SpamCop service, or if it's because they are trying to outsmart people who mangle their email addresses like "" or "" by deleting the most common insertions - if so, then is surely very angry at me for all the spam he's getting instead of me!

The great reduction in the volume of spam has allowed me to sidestep one problem that can be caused by SpamCop - when I first sold some items on eBay, I had the filters turned on, and some potential buyers were being confused by the "challenge" messages it sent! I do not know exactly how sophisticated the SpamCop filters are - I think it incorporates the RBL "blacklist" of ISPs whose users generate a lot of spam, so legitimate users from those domains were getting challenged. (The "challenge" email informs the sender of a dubious email that has been tentatively identified as spam, and invites him to go to a webpage and release the email. Once the email has been released, either by you or by the sender, the sender is added to a "whitelist" and not challenged further, but since you get a lot of new correspondents when you put an item up on eBay you can count on a lot of challenges being issued.) Since SpamCop has deterred almost all spammers (or caused them to bug poor ol'!), I simply turned off the filters. This causes all messages to be forwarded to your "secret" account, but unless the sender is on your "whitelist" it still retains a copy on the SpamCop servers, and you can still use the one-click reporting procedure to nail any remaining foolhardy spammers. Works for me!

Best regards,
Mark D. Looper

Thanks for the feedback. If we all work together, maybe we can reduce the scourge of spam.