| How to avoid spam > Identifying spam |
Last updated: 12 March 2004
SPAM is, of course, the brand name of a canned meat product manufactured by Hormel. However, in Net parlance, "spam" is used to represent something else entirely.
Put simply, "spam" is excessive and unwanted multi-posting of messages; be they on Usenet, via e-mail, or using some other mechanism.
Spam is often commercial in nature (e.g. offering goods or services for sale, or trying to get you to visit a pay-for-use website) but that is not what classes it as spam. The criterion is quantity, not quality or content.
Spam can also be referred to as Excessive multi-posting (EMP). Opinions differ on how many constitutes "excessive", but most people would agree that sending 40 copies of an article qualifies as spam.
Excessive cross-posting (ECP), also known as velveeta, differs from EMP in that the sender only transmits one copy of the article, with multiple destinations mentioned in its header. Most users won't notice the difference, so I have used the term spam in the remainder of this document to refer to both ECP and EMP.
There are other activities which can be confused with spam:
To clarify the differences, here are some examples:
The usage can be traced back to an episode of the UK comedy show Monty Python's Flying Circus, originally transmitted by the BBC on 15 December 1970.
The show contained a sketch called "The Spam Song". Copyright restrictions prevent me from repeating the sketch itself, but here's a short précis:
A customer enters a café (diner) and notices that every dish on the menu contains Spam. The customer asks if there are any dishes that don't contain Spam, only to be interrupted by a male voice choir dressed as Vikings singing the praises of Spam: "Spam, Spam, Spam, Spam, Lovely Spam, Wonderful Spam" - despite repeated requests to stop, they persist in singing their song, drowning out the attempted conversation of the other characters in the sketch.The sketch appeared on Monty Python's second LP ("Another Monty Python Album", Charisma Records CAS 1049, issued 1971).
The show was eventually transmitted on the PBS network of TV stations in the USA in the late 1970s, and acquired a large cult following.
When fledgeling BBS networks were being set up in the early 1980s, sysops remembered the Python sketch and used the word to represent the "message flooding" that certain unruly users were prone to engage in. Someone even went to the trouble of devising a backronym for S.P.A.M., which was so memorable that I've long forgotten it.
It was only a matter of time before spam spread to the Internet. In the case of Usenet, the first significant onslaught happened in March 1994; on the rest of the Internet the spam deluge didn't start in earnest until the rise in popularity of the World Wide Web in late 1994 and early 1995. As other mechanisms became available, so spam spread to them (ICQ spam? Check. AIM spam? Check. SMS spam? Check.) - the basic rule is: if it's a way of sending a message to someone, expect to receive spam on it.
Spamming to Usenet is very easy: a list of Usenet newsgroups is readily available, and all a spammer has to do is get posting.
Email spamming requires the would-be spammer to obtain a list of email addresses from somewhere. They can either collect the addresses themselves, or buy them from someone else who has already collected them.
Here are some of the ways that email addresses are harvested:
1. Guard your email address carefully so that spammers can't steal it: see the list above. Also, bear in mind that some unscrupulous people sell-on email addresses to bulk mailing companies. This is especially important when visiting unfamiliar Web sites: consider whether you really want the information enough to risk divulging your email address. The same considerations apply to the Email directory sites, although in this case the problem is with subsequent visitors to the site rather than the owners or operators of the site itself.
One possible way round this is to sign up for an account with one of the many sites offering free email accounts on the Web. Examples include Hotmail and Yahoo - there are many other such services. You can now quote your "free" email address more widely, while keeping your "real" email address for close friends etc.
I would suggest you log-on to your "free" Web-based email account every so often. This keeps the account active: you don't have to read the emails themselves, just delete them. This sounds like a bit of a chore, but it is actually faster than having all the junk sent to your "real" email address, especially if someone takes it into their head to start sending you large messages...
2. Don't use your real address when posting to Usenet.
Many ISPs allow you to set up multiple mailboxes on your account; alternatively
you can use one of the "free" email services mentioned above. If you
want to post messages to Usenet, use one of these other mailboxes as
your "From:" (and "Reply-To:") address - anyone scanning
Usenet messages for email addresses will pick up the wrong address, and
any mail sent to that address can safely be ignored.
In the body of your message, put instructions on how to reply. For example, you might say something like: "To reply, send email to 'real-mailbox' at 'my-site' dot 'com'"
Some Usenet servers allow you to use addresses ending in ".invalid" (e.g. fake-address@fake-site.invalid ) - special care needs to be taken with this method as it can cause problems with certain news-reading programs. It is mentioned here for the sake of completeness.
Don't put a fake site name in the "From:" field: you could fall foul of the Acceptable Use Policy (AUP) imposed by your ISP. You might think that an obviously-made-up ".com" address won't actually exist ("nobody will have registered 'invalid.com', will they?"), but there is the risk that it might exist (either now or in the future) and the owner may object to your misuse of the address.
There isn't much you can do about completely dodging the spam on Usenet, because the system is that much more public. However, some Usenet servers use spam-cancelling techniques such as SpamHippo or NoCeM to remove any spam messages they receive: it might be an idea to shop around for such a Usenet server.
Failing that, it's back to using your loaf when looking at Usenet messages:
If the spammers have discovered your email address, what you now need to do is get rid of the spam from your inbox. There are two ways of achieving this:
Be warned that manually filtering spam can be quite difficult to do: it is all too easy to delete genuine email by mistake. Proceed with caution.
They don't work.
Consider exactly what it is you are doing when you write to one of these sites. You are supplying them with your email address and you are revealing that you read junk mail (how else did you find the removal instructions?) - this makes your email address a very saleable item.
Remember, there's little incentive for spammers to honour any removal instructions. Sure, there's some legislation in the USA, but don't expect too many spammers to take much notice of it. Many of them are in other countries, for a start.
You can try, but don't expect to get very far. For a start, email spam is now legal in the USA, so for Americans the only recourse is to complain to your congresscritter in the hope that the law can be changed. Don't hold your breath.
Secondly, spammers are getting quite good at covering their tracks. A significant proportion of spam is now relayed by unsuspecting members of the public who have been tricked into running a malicious program on their PC. In other words, finding out who sent the email won't necessarily lead you to the spammer.
If you still want to track email spam back to its source, this article explains how to do it. Tracking down a Usenet spammer also requires a bit of digging: click here for a document that explains the process in detail.
Please send comments to the address listed on the contacts page.