Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Stopping Spam is Harder Than You Think

Become a Patron of Ask Leo! and go ad-free!

Transcript

Show Transcript

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

55 comments on “Stopping Spam is Harder Than You Think”

  1. I like everyone keep getting bombarded with spam. I have been running Mailwasher pro for a while now and it seems to work pretty well. Now there might only be 1 or 2 get through a week where before it was dozens a day. What Leo says in the video is spot on I have found, in particular trying to unsubscribe. I learnt the hard way that this just invites more crud to be sent.

    Reply
  2. I find the g-mail spam filter works well for me. It’s not perfect, what is? I don’t unsubscribe at all, something Leo advised a while back.

    Reply
    • I use hotmail for entering sweepstakes and most public interactions. I get very little spam there. I used gmail for two weeks for sweepstakes and decided I didn’t like how gmail worked. From that two weeks, I get 20+ spams a day and it has been over a year since I tried it out. So, fifteen years of hotmail and I get a few spams a day; two weeks of gmail resulted in over 20 spams daily. I’ve never been able to figure out why folks like gmail.

      Reply
  3. I worked with my domain/email provider to “tune” their Spam Assassin and for a long time tried to “teach” Outlook by marking emails as spam at the individual and domain level. Neither accomplished much and the latter was time consuming. After doing some research I installed Cloudmark’s DesktopOne add-on for Outlook on our two desktops. One runs Outlook using POP and other runs Outlook using IMAP. Desktop One does a very good job on both machines. One problem with IMAP is that when the machine with IMAP goes to sleep Desktop One doesn’t operate. This results in my user seeing lots of spam on their iPad resulting in the occasional complaint. Desktop One catches close to 100% of the spam with an occasional false positive. It seems to be the nature of those emails that gets them trapped because other emails from the same sender don’t get trapped. So, again, no solution is 100%.
    Thanks for the article Leo; very good discussion of the issue.

    Reply
  4. Dear Leo,
    Absolutely love the ability to speed you (video) up to 2x and save me time. Many thanks.

    And many thanks for taking the time to share all this good info with us.

    tom

    Reply
  5. I have a question — Can just opening a spam email, without interacting with it in any other way, result in malware/infection or any unwanted actions? I’ve heard different opinions on this and would like to hear your take on it, Leo. I usually just delete spam unopened, as it’s usually pretty obvious. But I have occasionally had them arrive with a name and return address that are known to me, and I don’t discover the ruse until I’ve had a look.

    Reply
    • Just opening an email won’t result in malware being executed on your machine as long as you don’t click on any links or open any attachments.

      Reply
      • Actually, and just “for what it’s worth”, I received an email from an engineer in the same department where I worked. The Subject line was very much the way Joe would send stuff, “Hey, Check this out!”

        All I did was click on the email, and in an instant, I heard the computer start spinning the HDD, and I had “0” control of the desktop unit. I unplugged it from our VPN/LAN, unplugged the computer. Four days later, I was just getting back to “normal” again.

        Reply
        • It’s called a drive-by download or drive-by install and an older and/or unpatched vulnerable browser was likely to blame. In theory, clicking a link in an email should result in software being surreptitiously installed. That said, it’s obviously not a good idea to click on suspicious links even if you’re using a current and up-to-date browser.

          Reply
    • Go back a decade or so and vulnerabilities in Outlook and other mail clients of the day made it theoretically possible for a PC to be compromised simply by opening an email. These days, mail clients are much more secure and, as Mark said, it’s really not possible for an email to compromise a PC unless and attachment is opened or a link clicked.

      Reply
  6. Great summary on spam.

    I have noticed that different email providers manage spam differently. So email hosting that is routinely bundled with domain/website hosting is usually not so good at handling spam. The paid services do better. Gmail does an amazing job of keeping spam out of my inbox.

    I am facing the other side of spam; when my emails are rejected as spam by other email servers. My email hosting provider has been listed by some spam blacklisting services. It is not my domain that is blacklisted. It is some of my host’s IP addresses. The result is that when my emails are sent to AOL or Yahoo email domains, and if one of the host’s blacklisted server IPs is used to send it, then the email is rejected as spam. If I send from Gmail, everything goes through, first time, every time. The hosting company’s response was “Send it again and it should go out from a different IP.” Therefore, I will be moving my company email to Gmail for hosting since they apparently have figured out what the “experts” at other email hosting services have not.

    Reply
  7. I never had spam before, then I began to receive ten maybe twenty a day in bursts for about a month. I began to back trace all of them and then identified the originating servers. I looked up the ‘ABUSE’ e-mail address for each IP and immediately returned the offending spam with the back trace to them, asking them to investigate. A number of the IP replied and said they were pursuing the originators. It was hard work but after a few weeks it all stopped suddenly and I have had no more spam since four weeks ago.

    Mick

    Reply
    • The thing is that spammers constantly move from server to server. They will actually get a domain, and then “groom” that domain to look good and honest. Then when they are ready they blow the domain until it is blocked, and then move on. They make a lot of money. Too bad everyone doesn’t follow Leo’s advice to never buy from spammers!

      Reply
      • It’s also worth noting that a significant proportion of spam originates from botnets/compromised systems. Reporting it is really quite pointless.

        Reply
      • Thanks for your comment. I am no expert but I was surprised how cooperative some IP’s were in their response to abuse, also how quickly it all stopped from about ten IP’s. May be I was just lucky.

        Mick

        Reply
  8. At our company we have discovered, for filtering spam from Outlook, no program works better than Spam-Reader. We tried several solutions, but none cut down the mess more. There is a free version which is good, but the paid version much better. It definitely “learns” as you fine-tune the filter, and ends up catching easily 98% plus of the junk. Also, very easy to use—unlike some we tried.

    I am no paid shill at all, just a satisfied customer wishing to share a happy experience. Try it and I think you will be as pleased as we are.

    http://www.spam-reader.com/

    Reply
  9. Yahoo has a feature, over under ‘more’ called BLOCK. Near as I can figure it takes spam and returns it to the spam folder, because spam actually seems to increase.

    My Hotmail account’s BLOCK feature seems to work.

    Reply
  10. Thunderbird’s Junk filter doesn’t work at all for me. I can’t teach it anything. I’ve been right clicking and “K,J”ing junk forever and it just keeps coming from the same sources. It’s worse on my wife’s account I think because she has a more attention getting user name. Maybe if I went right to the web account interface I would have better luck.

    Reply
  11. In my experience, using a spam filter always means some legitimate email goes into the spam folder. I can delete 50 spam messages (unread) in a minute, so that’s what I do.

    Reply
    • “In my experience, using a spam filter always means some legitimate email goes into the spam folder.” – Yup, and this means that, unless you’re willing to risk losing the occasional legitimate email, you need to check the contents of your junk folder – which somewhat defeats the object of filtering spam in the first place. Like you, I simply hit the delete button: it’s the quickest and easiest way to deal with spam.

      Reply
  12. I’ve been using http://www.spamarrest.com to block spam for some years now. I even have it set to block email for my email address. I would never send myself an email so I don’t understand why the spammers or phishers would use my own address to send me spam. as a result I almost never get a message I don’t want. Except for all the political spam. Letting just one or two in is like the old story about let the camel get just his nose in to the tent when soon the whole camel will invade.

    Reply
    • “I would never send myself an email….”

      I do all the time, using BCC.

      The email lands in my Inbox, has a usable subject line, is unread so in bold font, and serves as a reminder to me if I don’t get a timely reply to the email I sent.

      Reply
      • It’s funny, just yesterday a friend was sending a group email to her students’ parents. I showed her how to use Bcc. I then explained to her that when you use Bcc, it makes the email appear more professional if you include your email address in the To: field. Otherwise most email programs place “undisclosed recipients” in place of the email address which might give an unprofessional flavor to the email.

        Reply
  13. Well said!!! :-)

    Actually, doesn’t it come down to non-thinking folks not using common sense ;-(

    I wish you’d do one of these great videos on these non-thinking folks who continually forward hoaxes;
    to me, it’s the same lack of common sense.

    Reply
    • “Actually, doesn’t it come down to non-thinking folks not using common sense?” – Yup, and this is what spammers and scammers count on. Take phishing emails, for example. While there are some exceptions, most are very obvious scams that would never fool a smart person. And that’s by design. The scammers don’t want to deal with smart people as it’d be a waste of their time. Even if they could trick a smart person into replying to an email, they’d almost certainly not be able to get them to part with their money. By dumbing-down the emails the scammers ensure that they’ll be dealing with the people who are most likely to part with money: in other words, the extremely gullible and/or vulnerable.

      Reply
  14. I’ve been successful in reducing spam by using a pobox.com email address for many years. For $20 a year a get a mail forwarder with powerful spam detection built in. I have my mail forwarded to a gmail account where I actually read my mail. Gmail traps a few more that sneak by pobox.com. The mail forwarder has options to block/bounce all mail by country of origin and holds mail for review of any that are “possible spam”. I get one email a day from pobox.com that includes a list of emails with just the sender address and subject that were held for my review. Works well for me.

    Reply
  15. Once I didn’t require business email anymore due to change of employer and company email supplied, I shut down my personal email (I control the domain), then created a new one for myself. Sent out an email to my address book advising of the new address. I know I dumped tons of garbage on the internet, but I didn’t get bothered in the last 2 years.

    Reply
  16. While I wouldn’t recommend that people attempt to unsubscribe from spam (except in the circumstances mentioned below), I’ve never been convinced that doing so actually “validates” your email address leading to more spam. Given the ease with which an email list can be compiled – and the fact that spams can be sent out at zero cost – I really don’t think there’d be any ROI to a tracking/validation process. I’ve actually seen a couple of studies that support this. That said, I’ve also seem some anecdotal evidence to the contrary.

    Additionally, it does make sense to unsubscribe from spam that has been legally sent in accordance with the CAN-SPAM Act 2003. Companies are legally entitled to email you – even if you’ve had no prior contact with that company – so long as the email complies with a number of criteria, for example:

    Not sent through an open relay
    Not sent without an unsubscribe option.
    Not contain a false header
    Must contain at least one sentence.
    Unsubscribe option should be below[ he message.
    A legitimate physical address must be provided.

    Unsubscribing is the only way to stop these emails.

    In the case of illegal spam – in other words, email that hasn’t been sent in accordance with the CAN-SPAM Act – unsubscribing would be, at best, likely pointless and, at worst, possibly result in an increased volume of spam.

    Reply
    • “I’ve never been convinced that doing so actually “validates” your email address leading to more spam.” Validating your email address by clicking on an unsubscribe link in a spam email tells the spammer that your address is valid. Those validated addresses then become a marketable commoditiesy which are then sold to other spammers.

      Reply
      • “Validating your email address by clicking on an unsubscribe link in a spam email tells the spammer that your address is valid.” – That’s the theory but, as I said, I’m not convinced that it actually happens and I’ve certainly never seen any evidence to support the claim. On the contrary, most of the credible research I’ve seen suggests that such tracking/validation doesn’t happen. But, as I said, I certainly wouldn’t recommend that anybody put this to the test – not in relation to illegal spam, anyway (it does make sense to unsubscribe to legal/CAN-SPAM-compliant spam).

        Reply
  17. My computers, with MS Outlook as the mail handler in Win 7 and 10, protected by Norton Internet Security suite, and whatever protective layer my ISP has in place, are not really a victim of much spam. Only a couple of times a week will a terminally ill Nigerian princess, or a vital warning about my account at a bank I don’t use, get through. However, I am still plagued by Spam, but on an older technology. I must receive about 10 phone calls per day, onto a land-line and smartphone. These robo-calls all have their caller ID spoofed, either “unavailable” or spoofed to look like they originate locally or anywhere around the country. Your telephone has zero malware protection, no way to filter these out. Some calls don’t even bother to wait for an answer, some calls are robotic voice calls and some connect you to a boiler-room operation. I now simply do not answer the phone, letting all but several known caller ID’s go to voice mail. If the unknown caller is real, he can leave a message and I’ll consider calling him back. However, there must be money to be made in initiating these robo-calls, and since the phone companies haven’t stopped the practice, I assume the phone companies benefit from the Spam too. Perhaps complaining about telephone Spam in a computer venue is a bot off-topic, but I see Spam as an affliction to all communication modes.

    Reply
    • Ed, there’s a free solution: https://www.nomorobo.com/

      I’ve been using it about a half year, and have recommended it to my family and friends. All report great results. It stops these sales calls pretty much cold.

      The only negative, but a small one, is that sometimes the phone will ring once. If I quickly answer, I hear a dial tone. Apparently the call got by Nomorobo’s filter, but then the filter caught up and blocked the call. When I check CallerID I see that indeed the caller was unknown to me. Sometimes there’s no name, sometimes there is and the caller is obviously in sales.

      This company ought to get a Nobel Prize. :-)

      Reply
  18. Spam isn’t a big issue for me. Gmail and Yahoo filter it well enough. A quick check once a week at the Spam folder lets me retrieve emails that were sent there by mistake, and there are never more than a couple of them, if that.

    What’s interesting is that this weekend I was considered to be a spammer myself.

    Last month I was elected to our HOA board of directors. As a long time AskLeo fan I had the most computer smarts on the board, and volunteered to build us a new website. (The old one, which didn’t work, was costing us $40 a month. -month!- Of course, I easily brought that down to $4 a month using Bluehost and WordPress, and the new site seems to be clicking on most cylinders.

    But how to tell all 200+ residents of the new website…or other important things that email is so good at communicating?

    Our management company had about 130 email addresses. I entered them into a mail group and sent an email (Hello, go to our website, reply that you got this, etc) to all 130 addressees. Got back an error saying I was violating a spam policy (without the word spam being used, if I remember right).

    So I broke down the 130 addressees into 9 mailing groups (I’m using Thunderbird tied to my Yahoo account), and sent the same email to one or two groups at a time, limiting the number of addressees to be below whatever Yahoo’s max is.

    Well, that worked, but after I’d sent one or two emails (to one or two groups), I found the next email would error out. The error message wasn’t clear (I forget exactly what now), but I surmised, apparently correctly, that Yahoo’s watchdog was not letting me send to too many addressees within a certain period of time. I found I could come back in a couple hours and send to another one or two groups before erroring again. So I’d send a second batch, come back in a few hours and send a third, and so on.

    What should have taken one email in one minute (less the time to write it) took a lot of copying and pasting and most of a day from first send to last.

    I understand what Yahoo is trying to do. What I wish I could do is help Yahoo understand what I’m trying to do.

    Unfortunately, you can’t seem to find an email address or support contact info at Yahoo, so I’m stuck with this Rube Goldberg system of sending emails to my neighbors. I doubt they could make an exception for me anyway. It would open the door to countless similar requests, and they don’t have time to investigate each one.

    Augh! I hate spammers.

    Reply
    • You need to use mailing list software – anything from a Yahoo Group to MailChimp to the “mailing lists” available in your BlueHost account.

      Reply
  19. “I surmised, apparently correctly, that Yahoo’s watchdog was not letting me send to too many addressees within a certain period of time.” Yup, the free email provider all have some form of send rate/recipient restriction. The only way around it, other than what you’ve been doing, is to use a paid email service or an alternative communication method – a Facebook Group, say.

    https://help.yahoo.com/kb/SLN3353.html

    Reply
  20. I have some relatives that fill my email with anywhere from 20-30 emails a day with links to everything from Jesus to poetry to things they think are funny. They go straight to my spam folder and I have left it that way because it is easy to delete the unwanted emails. These are relatives that will shut me off entirely if I do not accept their emails and for various reasons I need to stay in touch with them. I do not want 30 emails on any subject per email, but until my grandchildren reach 18, I am kind of stuck with the situation. Thanks for the good work you do.

    Reply
    • YOU SHOULDN’T DO THAT!

      That’s a good way to get ISP’s totally blacklisted.

      Setting a filter up to delete and mark emails read from {removed}@AOL.com would be a better idea!

      Chris

      Reply
      • Setting up a filter for that relatives’ email is a good idea. Instead of deleting them, you could set up a folder to send those emails to and mark them as read. That way you wouldn’t lose any important email from them.

        If she marks them as spam in an email program, nothing is sent to the email service provider so there’s no danger of being blacklisted. If she marks them as spam on the email provider’s website, only the relatives’ email address would be blacklisted not the entire email domain.

        Reply
  21. My understanding is that Apple Mobile devices (through iOS 9.2.1) do not implement SPAM filters in their MAIL programs. An opportunity to declare an email message as SPAM is provided, but nothing is actually done win response to the email messages that are so identified. What approach do you recommend for combatting SPAM with Apple mobile devices? How would you modify this approach to accommodate PCs in addition to the iOS devices? Thank you for your help.

    Reply
    • You could mark them as spam on your email service provider’s (ESP) webmail interface if they provide that option. Google, Yahoo and Hotmail have that. The server that hosts my website and email also has spam filtering at the server level. If your ISP or ESP don’t provide that option, you can route your email through GMail to take advantage of their spam filtering.
      https://askleo.com/how_do_i_route_my_email_through_gmail/

      Reply
  22. 1. Responses above indicate results with certain software/certain email providers. Looking forward to your “take” on this.

    2. Consider correction to Team-member’s related response (if I understood correctly). I use Outlook’s “Block Sender” for spams I receive which appear to come from my email address. I click “Block Sender” each time one appears. It does not actually block actual emails I send to myself. Perhaps that happens, but not with “Outlook”.

    3. Why can’t we block spam by sending a trillion responses to each spam… from a series of ghost computers. Wouldn’t that overload and crash them?

    Reply
    • “I use Outlook’s “Block Sender” for spams I receive which appear to come from my email address. I click “Block Sender” each time one appears.” – There’s really no point in doing this as spammers often spoof addresses. Additionally, having too many blocked senders can cause issues with Outlook. Blocked sender functionality is best used for specific people or companies whose emails you want to go directly to your junk folder.

      Reply
  23. Hi Leo,
    IMHO we need to stop spam at its source. That requires a rewrite of the TCP and IP protocols to make it impossible to disguise or spoof the real source. When we know the source, we can get the spammer.

    Reply
    • Actually it doesn’t require changes to TCP/IP – it requires changes to the mail transport protocols themselves (though I’m sure some changes to TCP/IP could help). Either way that’s too massive a change to be practical at this point, and certainly not quick.

      The other thing that any solution needs to balance the need for is anonymous email. The ability to send email anonymously is critical for a variety of reasons. How to do that without enabling anonymous spammers is a tough problem to solve.

      Reply
      • Well, there’s work on it, with DKIM (DomainKeys Identified Mail).
        It is compatible with existing e-mail infrastructure, simply adding another header field, the DKIM-Signature field, which contains the signature of the message with the private key of the authoritative DNS server of the domain from which the mail is outgoing.
        To check it, one simply has to look up the public key of the *claimed* outgoing domain (the domain from which the mail claims it is coming) and check the signature. If the signature doesn’t work, it means that the origin of the mail was spoofed, so you can reject it (if you want to).

        If the outgoing domain doesn’t use DKIM, then you will simply receive an e-mail without that field. You can decide for yourself whether you want to consider such mail or not. In as much as DKIM will be more and more deployed, the incentive to still receive unsigned mail from “poor non-DKIM domains” diminishes.

        This doesn’t stop spam that really came from a given domain of course. But at least, domain spoofing is impossible with such a system.

        Reply
  24. I hardly get other spam than from the Canadian pharmacy and some sexgirls apart from two sources (twitter and my email provider), that are blocked by my spam filter. Apart from this, what comes in my spam box are things like Ask Leo, which are definitly not spam. I can tell it each time, but it knows better. Rarely so I get spam, but that is not recognised by the spam filter, gmail or Thunderbird.
    When I need to send something from my phone to my computer or opposite, I just put it in the drafts folder. Like I don’t send it. It arrives instantly.

    Reply
  25. My fight with spam has had many . . . techniques. I don’t remember which ones I tried first, so I’ll just list them:

    1. I got a new e-mail client about a decade ago that offered a way to fake an invalid address to send back. This does not work. Don’t try it. It also got time consuming. In the long run, I believe it increased the spam.
    2. I changed e-mail addresses. I had an address or two that was more spam than real, so I just changed the e-mail address. The downside to this is that it is time consuming to e-mail people that it has changed, and then you have to go to web sites and inform them of the change.
    3. I sent a phishing attempt to one of my credit card providers or something, hoping they’ll chase after them. All I got back was an e-mail that said it was phishing and to not reply. I stopped doing that right away.

    Now, the e-mail client, Outlook, does a good job with spam. Most are caught, and I just ignore them. As Leo said, there’s really nothing that can be done to stop it.

    Reply
  26. “I got a new e-mail client about a decade ago that offered a way to fake an invalid address to send back. This does not work.” – Yup, and this supports my contention (above) that spammers do not track/validate emails. If they did, tactics such as this would work.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.