Become a Patron of Ask Leo! and go ad-free!
Transcript
Hi, everyone. I’m Leo Notenboom for askleo.com. One of the, I’ll just call them the “angrier” kinds of comments and questions that I often get relate to spam and why there is so much of it and what are we supposed to do about it and kind of a “get off my lawn” kind of voice is what I hear.
Why can’t we do something about it? Why can’t we track down the spammers? Why can’t we make them stop? It’s a complicated situation and before I get to the answers to some of those questions, I do want to summarize my bottom line recommendation for how you and I and pretty much everybody who’s faced with spam, should be dealing with it.
And that’s actually pretty simple. Never click on links in spam. Never open attachments contained in spam. Never reply to spam and never try to unsubscribe from spam because those aren’t unsubscribe links; those are links that will end up getting you more spam.
Instead, what you should be doing is simply marking spam as spam in your email interface or your email program, letting it move to the spam folder, letting your email program or email interface manage spam for you so that it learns better over time, what is and what is not spam to you and then, honestly, get on with your life. There’s nothing more you can do.
There are folks who believe it is important to forward spam to some kind of reporting address – that there are places that you can report spam. And while there are such places, my opinion is that it’s a total waste of time – for two reasons.
One, as we’ll see in a minutes, stopping spam is really, really hard in the current environment. And second, there’s tons of people already getting spam that are either already forwarding it to those addresses or to be honest, the people behind those addresses and those addresses themselves, they’re getting all the spam already so there’s really no point in sending them more.
So, why is it so hard to stop spam? Well, it’s hard to conceptualize but there are thousands upon thousands of spammers. Hundreds of thousand. Heck, maybe even millions of people out there actively sending spam or causing spam to be sent. Now, there has been action. Every year or two, we hear about some major spam sending organization getting taken down.
What that really means is that the individuals at the head of the organization stopped, maybe some technology is interrupted. Some bot nets are taken down but the bottom line is that some small percentage of the people out there sending spam are indeed caught and are indeed stopped from sending more spam.
The problem? Each of those is a drop in the bucket. There is so much spam coming from so many different places that stopping one, even a semi-large organization sending spam really makes no tangible difference to folks like you and me.
We still end up getting bucket loads of spam. There are two major reasons why spam continues to be such a problem and why spam is so hard to stop. First, you might not realize this but you might be the spammer. And I say that not in any intentional way, like you’re intentionally sending spam, although you can stop forwarding things to me.
Those, I mark as spam because I didn’t ask for them. But if your machine is infected with malware one of the more common pieces of malware turns your machine into a spam sending bot, a machine that is under remote control from any of a number of different places that is causing your machine to be the source of spam.
It’s causing your machine to send spam so that whenever is traced back, it’s traced back to you. And that means that it’s almost impossible to go back any further. Tracing spam in and of itself is not enough. It’s the bot nets, it’s the individuals controlling these bot nets that then end up having to be discovered somehow.
And when there is a large takedown of spam of any sort, it’s typically the bot net controllers, the machines and the individuals behind those controllers that are using your machine and the machines of others to send spam but again there are so many and so many different ways to avoid detection, that it’s almost an impossible task.
Another reason that it is so difficult to stop spam is simply that it’s global, it’s coming from all sorts of different places, different countries and much as we in the United States might like to sort of feel otherwise sometimes, the U.S. is not he world’s police; our laws don’t apply everywhere and that what means is that while spam is absolutely illegal here it may not be in other countries.
On top of that, when the spammers are originating out of some other foreign countries, that means in order for us to try and stop the spam, we have to work with those other countries, those other countries often have other priorities. They don’t have the resources or they simply don’t care about a problem that we’re having over here that while they are, perhaps, the originators of are not seeing themselves.
So, it gets very complicated, very quickly. It’s not to say that there aren’t people actively trying to do things to stop spam it’s just a much more complicated problem, a much more complex infrastructure than I think most people realize. Now, the bottom line for spam, to be honest, is that the reason it exists at all is because it works. And by that I mean, even if one in a million or one in ten million emails causes someone to by a spam advertised product or get infected by a phishing attempt or have their identity compromised because they fell for a phishing attempt, spam has worked.
Sending spam is free. They can send millions of messages at no cost whatsoever so all it takes is for one in a million, one in ten million to actually work and then the entire concept of spamming continues to work. Yes, I know you’d think by now that most people would understand that this is spam and you should not do these things, they don’t.
It’s just that spammers are getting better and not everybody is as aware of the issues as you might think. That’s one of the reasons I’m doing this video; one of the reasons I talk about spam a lot on Ask Leo! Because it is a process of continuing education for everybody who’s involved with email.
A bottom line is that it is unrealistic to expect any change any time soon. The fight continues. Like I said, people are looking for spammers and occasionally spammers are getting caught. There are issues with technology that yes, it would be nice if we could change the way email works.
The problem is that to do that we have to change every email provider and every email client on the planet. That’s not something that would ever happen overnight. The current solutions or infrastructure that’s been added to help combat spam, well it has helped to combat spam.
Things would be worse if it were not for some of the techniques that are in place today. The problem is of course they aren’t perfect. They still let spam through especially the spammers get more sophisticated. So like I said, it’s unrealistic to expect anything about spam is going to change any time soon.
The bottom line then for you and me as email users is simply what I said earlier. Never act on spam, always mark spam as spam so that your spam filter learns what is and is not spam to you and get on with your life.
I’d love to hear what you’re fighting with spam. Is it a real problem for you? What kind of techniques are you using to battle spam or are you just giving up? As always, come visit me on askleo.com if you happen to be viewing this video anywhere else. That’s where the moderated comments are. Those are the comments that I read every one of.
Here’s the link. I will see you again next week with another topic. Until then, I’m Leo Notenboom for askleo.com. Have fun, stay safe and of course don’t forget to back up. Take care.
I like everyone keep getting bombarded with spam. I have been running Mailwasher pro for a while now and it seems to work pretty well. Now there might only be 1 or 2 get through a week where before it was dozens a day. What Leo says in the video is spot on I have found, in particular trying to unsubscribe. I learnt the hard way that this just invites more crud to be sent.
I find the g-mail spam filter works well for me. It’s not perfect, what is? I don’t unsubscribe at all, something Leo advised a while back.
I use hotmail for entering sweepstakes and most public interactions. I get very little spam there. I used gmail for two weeks for sweepstakes and decided I didn’t like how gmail worked. From that two weeks, I get 20+ spams a day and it has been over a year since I tried it out. So, fifteen years of hotmail and I get a few spams a day; two weeks of gmail resulted in over 20 spams daily. I’ve never been able to figure out why folks like gmail.
I worked with my domain/email provider to “tune” their Spam Assassin and for a long time tried to “teach” Outlook by marking emails as spam at the individual and domain level. Neither accomplished much and the latter was time consuming. After doing some research I installed Cloudmark’s DesktopOne add-on for Outlook on our two desktops. One runs Outlook using POP and other runs Outlook using IMAP. Desktop One does a very good job on both machines. One problem with IMAP is that when the machine with IMAP goes to sleep Desktop One doesn’t operate. This results in my user seeing lots of spam on their iPad resulting in the occasional complaint. Desktop One catches close to 100% of the spam with an occasional false positive. It seems to be the nature of those emails that gets them trapped because other emails from the same sender don’t get trapped. So, again, no solution is 100%.
Thanks for the article Leo; very good discussion of the issue.
Dear Leo,
Absolutely love the ability to speed you (video) up to 2x and save me time. Many thanks.
And many thanks for taking the time to share all this good info with us.
tom
I have a question — Can just opening a spam email, without interacting with it in any other way, result in malware/infection or any unwanted actions? I’ve heard different opinions on this and would like to hear your take on it, Leo. I usually just delete spam unopened, as it’s usually pretty obvious. But I have occasionally had them arrive with a name and return address that are known to me, and I don’t discover the ruse until I’ve had a look.
Just opening an email won’t result in malware being executed on your machine as long as you don’t click on any links or open any attachments.
Actually, and just “for what it’s worth”, I received an email from an engineer in the same department where I worked. The Subject line was very much the way Joe would send stuff, “Hey, Check this out!”
All I did was click on the email, and in an instant, I heard the computer start spinning the HDD, and I had “0” control of the desktop unit. I unplugged it from our VPN/LAN, unplugged the computer. Four days later, I was just getting back to “normal” again.
It’s called a drive-by download or drive-by install and an older and/or unpatched vulnerable browser was likely to blame. In theory, clicking a link in an email should result in software being surreptitiously installed. That said, it’s obviously not a good idea to click on suspicious links even if you’re using a current and up-to-date browser.
Go back a decade or so and vulnerabilities in Outlook and other mail clients of the day made it theoretically possible for a PC to be compromised simply by opening an email. These days, mail clients are much more secure and, as Mark said, it’s really not possible for an email to compromise a PC unless and attachment is opened or a link clicked.
Great summary on spam.
I have noticed that different email providers manage spam differently. So email hosting that is routinely bundled with domain/website hosting is usually not so good at handling spam. The paid services do better. Gmail does an amazing job of keeping spam out of my inbox.
I am facing the other side of spam; when my emails are rejected as spam by other email servers. My email hosting provider has been listed by some spam blacklisting services. It is not my domain that is blacklisted. It is some of my host’s IP addresses. The result is that when my emails are sent to AOL or Yahoo email domains, and if one of the host’s blacklisted server IPs is used to send it, then the email is rejected as spam. If I send from Gmail, everything goes through, first time, every time. The hosting company’s response was “Send it again and it should go out from a different IP.” Therefore, I will be moving my company email to Gmail for hosting since they apparently have figured out what the “experts” at other email hosting services have not.
I never had spam before, then I began to receive ten maybe twenty a day in bursts for about a month. I began to back trace all of them and then identified the originating servers. I looked up the ‘ABUSE’ e-mail address for each IP and immediately returned the offending spam with the back trace to them, asking them to investigate. A number of the IP replied and said they were pursuing the originators. It was hard work but after a few weeks it all stopped suddenly and I have had no more spam since four weeks ago.
Mick
The thing is that spammers constantly move from server to server. They will actually get a domain, and then “groom” that domain to look good and honest. Then when they are ready they blow the domain until it is blocked, and then move on. They make a lot of money. Too bad everyone doesn’t follow Leo’s advice to never buy from spammers!
It’s also worth noting that a significant proportion of spam originates from botnets/compromised systems. Reporting it is really quite pointless.
Thanks for your comment. I am no expert but I was surprised how cooperative some IP’s were in their response to abuse, also how quickly it all stopped from about ten IP’s. May be I was just lucky.
Mick
At our company we have discovered, for filtering spam from Outlook, no program works better than Spam-Reader. We tried several solutions, but none cut down the mess more. There is a free version which is good, but the paid version much better. It definitely “learns” as you fine-tune the filter, and ends up catching easily 98% plus of the junk. Also, very easy to use—unlike some we tried.
I am no paid shill at all, just a satisfied customer wishing to share a happy experience. Try it and I think you will be as pleased as we are.
http://www.spam-reader.com/
Yahoo has a feature, over under ‘more’ called BLOCK. Near as I can figure it takes spam and returns it to the spam folder, because spam actually seems to increase.
My Hotmail account’s BLOCK feature seems to work.
Thunderbird’s Junk filter doesn’t work at all for me. I can’t teach it anything. I’ve been right clicking and “K,J”ing junk forever and it just keeps coming from the same sources. It’s worse on my wife’s account I think because she has a more attention getting user name. Maybe if I went right to the web account interface I would have better luck.
In my experience, using a spam filter always means some legitimate email goes into the spam folder. I can delete 50 spam messages (unread) in a minute, so that’s what I do.
“In my experience, using a spam filter always means some legitimate email goes into the spam folder.” – Yup, and this means that, unless you’re willing to risk losing the occasional legitimate email, you need to check the contents of your junk folder – which somewhat defeats the object of filtering spam in the first place. Like you, I simply hit the delete button: it’s the quickest and easiest way to deal with spam.
I’ve been using http://www.spamarrest.com to block spam for some years now. I even have it set to block email for my email address. I would never send myself an email so I don’t understand why the spammers or phishers would use my own address to send me spam. as a result I almost never get a message I don’t want. Except for all the political spam. Letting just one or two in is like the old story about let the camel get just his nose in to the tent when soon the whole camel will invade.
“I would never send myself an email….”
I do all the time, using BCC.
The email lands in my Inbox, has a usable subject line, is unread so in bold font, and serves as a reminder to me if I don’t get a timely reply to the email I sent.
It’s funny, just yesterday a friend was sending a group email to her students’ parents. I showed her how to use Bcc. I then explained to her that when you use Bcc, it makes the email appear more professional if you include your email address in the To: field. Otherwise most email programs place “undisclosed recipients” in place of the email address which might give an unprofessional flavor to the email.
I do it as well for a variety of reasons – mailing myself a note from my phone, for example, to be read on my desktop.
I too regularly send myself emails from my phone with links to articles I wish to read on my desktop PC
Well said!!! :-)
Actually, doesn’t it come down to non-thinking folks not using common sense ;-(
I wish you’d do one of these great videos on these non-thinking folks who continually forward hoaxes;
to me, it’s the same lack of common sense.
“Actually, doesn’t it come down to non-thinking folks not using common sense?” – Yup, and this is what spammers and scammers count on. Take phishing emails, for example. While there are some exceptions, most are very obvious scams that would never fool a smart person. And that’s by design. The scammers don’t want to deal with smart people as it’d be a waste of their time. Even if they could trick a smart person into replying to an email, they’d almost certainly not be able to get them to part with their money. By dumbing-down the emails the scammers ensure that they’ll be dealing with the people who are most likely to part with money: in other words, the extremely gullible and/or vulnerable.
No video, but it’s one of my oldest articles: https://askleo.com/why_shouldnt_i_forward_this_email_asking_me_to_forward_to_everyone_i_know/
I’ve been successful in reducing spam by using a pobox.com email address for many years. For $20 a year a get a mail forwarder with powerful spam detection built in. I have my mail forwarded to a gmail account where I actually read my mail. Gmail traps a few more that sneak by pobox.com. The mail forwarder has options to block/bounce all mail by country of origin and holds mail for review of any that are “possible spam”. I get one email a day from pobox.com that includes a list of emails with just the sender address and subject that were held for my review. Works well for me.
Once I didn’t require business email anymore due to change of employer and company email supplied, I shut down my personal email (I control the domain), then created a new one for myself. Sent out an email to my address book advising of the new address. I know I dumped tons of garbage on the internet, but I didn’t get bothered in the last 2 years.
While I wouldn’t recommend that people attempt to unsubscribe from spam (except in the circumstances mentioned below), I’ve never been convinced that doing so actually “validates” your email address leading to more spam. Given the ease with which an email list can be compiled – and the fact that spams can be sent out at zero cost – I really don’t think there’d be any ROI to a tracking/validation process. I’ve actually seen a couple of studies that support this. That said, I’ve also seem some anecdotal evidence to the contrary.
Additionally, it does make sense to unsubscribe from spam that has been legally sent in accordance with the CAN-SPAM Act 2003. Companies are legally entitled to email you – even if you’ve had no prior contact with that company – so long as the email complies with a number of criteria, for example:
Not sent through an open relay
Not sent without an unsubscribe option.
Not contain a false header
Must contain at least one sentence.
Unsubscribe option should be below[ he message.
A legitimate physical address must be provided.
Unsubscribing is the only way to stop these emails.
In the case of illegal spam – in other words, email that hasn’t been sent in accordance with the CAN-SPAM Act – unsubscribing would be, at best, likely pointless and, at worst, possibly result in an increased volume of spam.
“I’ve never been convinced that doing so actually “validates” your email address leading to more spam.” Validating your email address by clicking on an unsubscribe link in a spam email tells the spammer that your address is valid. Those validated addresses then become a marketable commoditiesy which are then sold to other spammers.
“Validating your email address by clicking on an unsubscribe link in a spam email tells the spammer that your address is valid.” – That’s the theory but, as I said, I’m not convinced that it actually happens and I’ve certainly never seen any evidence to support the claim. On the contrary, most of the credible research I’ve seen suggests that such tracking/validation doesn’t happen. But, as I said, I certainly wouldn’t recommend that anybody put this to the test – not in relation to illegal spam, anyway (it does make sense to unsubscribe to legal/CAN-SPAM-compliant spam).
My computers, with MS Outlook as the mail handler in Win 7 and 10, protected by Norton Internet Security suite, and whatever protective layer my ISP has in place, are not really a victim of much spam. Only a couple of times a week will a terminally ill Nigerian princess, or a vital warning about my account at a bank I don’t use, get through. However, I am still plagued by Spam, but on an older technology. I must receive about 10 phone calls per day, onto a land-line and smartphone. These robo-calls all have their caller ID spoofed, either “unavailable” or spoofed to look like they originate locally or anywhere around the country. Your telephone has zero malware protection, no way to filter these out. Some calls don’t even bother to wait for an answer, some calls are robotic voice calls and some connect you to a boiler-room operation. I now simply do not answer the phone, letting all but several known caller ID’s go to voice mail. If the unknown caller is real, he can leave a message and I’ll consider calling him back. However, there must be money to be made in initiating these robo-calls, and since the phone companies haven’t stopped the practice, I assume the phone companies benefit from the Spam too. Perhaps complaining about telephone Spam in a computer venue is a bot off-topic, but I see Spam as an affliction to all communication modes.
Ed, there’s a free solution: https://www.nomorobo.com/
I’ve been using it about a half year, and have recommended it to my family and friends. All report great results. It stops these sales calls pretty much cold.
The only negative, but a small one, is that sometimes the phone will ring once. If I quickly answer, I hear a dial tone. Apparently the call got by Nomorobo’s filter, but then the filter caught up and blocked the call. When I check CallerID I see that indeed the caller was unknown to me. Sometimes there’s no name, sometimes there is and the caller is obviously in sales.
This company ought to get a Nobel Prize. :-)
Interesting solution – and not one I’d heard of until now. Thanks!
Spam isn’t a big issue for me. Gmail and Yahoo filter it well enough. A quick check once a week at the Spam folder lets me retrieve emails that were sent there by mistake, and there are never more than a couple of them, if that.
What’s interesting is that this weekend I was considered to be a spammer myself.
Last month I was elected to our HOA board of directors. As a long time AskLeo fan I had the most computer smarts on the board, and volunteered to build us a new website. (The old one, which didn’t work, was costing us $40 a month. -month!- Of course, I easily brought that down to $4 a month using Bluehost and WordPress, and the new site seems to be clicking on most cylinders.
But how to tell all 200+ residents of the new website…or other important things that email is so good at communicating?
Our management company had about 130 email addresses. I entered them into a mail group and sent an email (Hello, go to our website, reply that you got this, etc) to all 130 addressees. Got back an error saying I was violating a spam policy (without the word spam being used, if I remember right).
So I broke down the 130 addressees into 9 mailing groups (I’m using Thunderbird tied to my Yahoo account), and sent the same email to one or two groups at a time, limiting the number of addressees to be below whatever Yahoo’s max is.
Well, that worked, but after I’d sent one or two emails (to one or two groups), I found the next email would error out. The error message wasn’t clear (I forget exactly what now), but I surmised, apparently correctly, that Yahoo’s watchdog was not letting me send to too many addressees within a certain period of time. I found I could come back in a couple hours and send to another one or two groups before erroring again. So I’d send a second batch, come back in a few hours and send a third, and so on.
What should have taken one email in one minute (less the time to write it) took a lot of copying and pasting and most of a day from first send to last.
I understand what Yahoo is trying to do. What I wish I could do is help Yahoo understand what I’m trying to do.
Unfortunately, you can’t seem to find an email address or support contact info at Yahoo, so I’m stuck with this Rube Goldberg system of sending emails to my neighbors. I doubt they could make an exception for me anyway. It would open the door to countless similar requests, and they don’t have time to investigate each one.
Augh! I hate spammers.
You need to use mailing list software – anything from a Yahoo Group to MailChimp to the “mailing lists” available in your BlueHost account.
“I surmised, apparently correctly, that Yahoo’s watchdog was not letting me send to too many addressees within a certain period of time.” Yup, the free email provider all have some form of send rate/recipient restriction. The only way around it, other than what you’ve been doing, is to use a paid email service or an alternative communication method – a Facebook Group, say.
https://help.yahoo.com/kb/SLN3353.html
A good service for sending lots of emails is a service like Mailchimp. It’s smallest account is free.
Very cool. I didn’t know they offered a no-cost option. Thanks, Connie!
I have some relatives that fill my email with anywhere from 20-30 emails a day with links to everything from Jesus to poetry to things they think are funny. They go straight to my spam folder and I have left it that way because it is easy to delete the unwanted emails. These are relatives that will shut me off entirely if I do not accept their emails and for various reasons I need to stay in touch with them. I do not want 30 emails on any subject per email, but until my grandchildren reach 18, I am kind of stuck with the situation. Thanks for the good work you do.
YOU SHOULDN’T DO THAT!
That’s a good way to get ISP’s totally blacklisted.
Setting a filter up to delete and mark emails read from {removed}@AOL.com would be a better idea!
Chris
Setting up a filter for that relatives’ email is a good idea. Instead of deleting them, you could set up a folder to send those emails to and mark them as read. That way you wouldn’t lose any important email from them.
If she marks them as spam in an email program, nothing is sent to the email service provider so there’s no danger of being blacklisted. If she marks them as spam on the email provider’s website, only the relatives’ email address would be blacklisted not the entire email domain.
My understanding is that Apple Mobile devices (through iOS 9.2.1) do not implement SPAM filters in their MAIL programs. An opportunity to declare an email message as SPAM is provided, but nothing is actually done win response to the email messages that are so identified. What approach do you recommend for combatting SPAM with Apple mobile devices? How would you modify this approach to accommodate PCs in addition to the iOS devices? Thank you for your help.
You could mark them as spam on your email service provider’s (ESP) webmail interface if they provide that option. Google, Yahoo and Hotmail have that. The server that hosts my website and email also has spam filtering at the server level. If your ISP or ESP don’t provide that option, you can route your email through GMail to take advantage of their spam filtering.
https://askleo.com/how_do_i_route_my_email_through_gmail/
1. Responses above indicate results with certain software/certain email providers. Looking forward to your “take” on this.
2. Consider correction to Team-member’s related response (if I understood correctly). I use Outlook’s “Block Sender” for spams I receive which appear to come from my email address. I click “Block Sender” each time one appears. It does not actually block actual emails I send to myself. Perhaps that happens, but not with “Outlook”.
3. Why can’t we block spam by sending a trillion responses to each spam… from a series of ghost computers. Wouldn’t that overload and crash them?
I read somewhere that #3 is illegal as it would constitute a DDOS attack.
“I use Outlook’s “Block Sender” for spams I receive which appear to come from my email address. I click “Block Sender” each time one appears.” – There’s really no point in doing this as spammers often spoof addresses. Additionally, having too many blocked senders can cause issues with Outlook. Blocked sender functionality is best used for specific people or companies whose emails you want to go directly to your junk folder.
Hi Leo,
IMHO we need to stop spam at its source. That requires a rewrite of the TCP and IP protocols to make it impossible to disguise or spoof the real source. When we know the source, we can get the spammer.
Actually it doesn’t require changes to TCP/IP – it requires changes to the mail transport protocols themselves (though I’m sure some changes to TCP/IP could help). Either way that’s too massive a change to be practical at this point, and certainly not quick.
The other thing that any solution needs to balance the need for is anonymous email. The ability to send email anonymously is critical for a variety of reasons. How to do that without enabling anonymous spammers is a tough problem to solve.
Well, there’s work on it, with DKIM (DomainKeys Identified Mail).
It is compatible with existing e-mail infrastructure, simply adding another header field, the DKIM-Signature field, which contains the signature of the message with the private key of the authoritative DNS server of the domain from which the mail is outgoing.
To check it, one simply has to look up the public key of the *claimed* outgoing domain (the domain from which the mail claims it is coming) and check the signature. If the signature doesn’t work, it means that the origin of the mail was spoofed, so you can reject it (if you want to).
If the outgoing domain doesn’t use DKIM, then you will simply receive an e-mail without that field. You can decide for yourself whether you want to consider such mail or not. In as much as DKIM will be more and more deployed, the incentive to still receive unsigned mail from “poor non-DKIM domains” diminishes.
This doesn’t stop spam that really came from a given domain of course. But at least, domain spoofing is impossible with such a system.
I hardly get other spam than from the Canadian pharmacy and some sexgirls apart from two sources (twitter and my email provider), that are blocked by my spam filter. Apart from this, what comes in my spam box are things like Ask Leo, which are definitly not spam. I can tell it each time, but it knows better. Rarely so I get spam, but that is not recognised by the spam filter, gmail or Thunderbird.
When I need to send something from my phone to my computer or opposite, I just put it in the drafts folder. Like I don’t send it. It arrives instantly.
My fight with spam has had many . . . techniques. I don’t remember which ones I tried first, so I’ll just list them:
1. I got a new e-mail client about a decade ago that offered a way to fake an invalid address to send back. This does not work. Don’t try it. It also got time consuming. In the long run, I believe it increased the spam.
2. I changed e-mail addresses. I had an address or two that was more spam than real, so I just changed the e-mail address. The downside to this is that it is time consuming to e-mail people that it has changed, and then you have to go to web sites and inform them of the change.
3. I sent a phishing attempt to one of my credit card providers or something, hoping they’ll chase after them. All I got back was an e-mail that said it was phishing and to not reply. I stopped doing that right away.
Now, the e-mail client, Outlook, does a good job with spam. Most are caught, and I just ignore them. As Leo said, there’s really nothing that can be done to stop it.
“I got a new e-mail client about a decade ago that offered a way to fake an invalid address to send back. This does not work.” – Yup, and this supports my contention (above) that spammers do not track/validate emails. If they did, tactics such as this would work.