Spam, Part One: Protecting Yourself -- #Hackerz_Rulez dal.net
by Golden_Eternity

Spam is a commonly used term for unsolicited commercial e-mail messages, though it also refers to posts on usenet with similar content, or any unsolicited and unwanted e-mail message you may receive (especially chain letters), it can even refer to advertisements you might receive while on IRC (most commonly porn web sites).

This will not be a difinitive essay on spam or how to protect yourself and fight back, but I'll do my best. First I will address the issue of protecting yourself from the various arenas of spamming. Then, in the second part to this lesson, I will discuss methods of fighting back against the spammers.

-- Protecting Yourself --

There are a number of ways your e-mail address can fall into the hands of spammers. Posting on Usenet, contact links on web pages or signing guest books, or just being signed up with certain ISPs will get you spammed. Here is some suggestions on how to stop spam before it starts.

- Usenet -

I have already discussed this in small part in my lesson on NNTP, but don't worry, I'm not going to make you go look that up. The thing to watch out for is using your real e-mail address in posts. Adding the string "nospam" to your identity will still give people the ability to find you by e-mail, but your real address wont get picked up by usenet spiders/spam bots.

(Def: String ($) - a string is a chunk of text)

The way that spammers pick up e-mail addresses in usenet is to use a program to read every post, and strip out anything that matches the form of "[email protected]". If you post with your real e-mail address anywhere in the headers or body of your post you will get spammed. If you alter your identity just slightly, spam bots wont know the difference, and spam intended for you will disappear into the void.

No spammer is going to waste their time on reading posts by hand, so you don't have to worry too much about them spotting the "nospam" comment and stripping it out by hand, but keep in mind that this is a commonly used technique, so as the newer generation of spam bots come out, they will most likely start stripping this string automatically.

- Web -

I already addressed this in part, but I'll expand a bit on this section now... If your e-mail address is posted on a web page somewhere, you are vulnerable to web spiders similar to those spammers use for usenet. This mainly applies to sites listed with search engines, but it also goes for any web page with links to it from another site. Web spiders follow links and once again search for something matching the "[email protected]" format.

If you administer a web page, beware of this. That link you put up so that people can tell you how spiffy your web page is is more likely going to draw multi-level marketing scams, and ads for Tiffani's Play-Pen or Tina's Virtual Wh0rehouse.

Remember the techniques you learned in the Usenet section. I'm not saying to put "nospam" in there again, but you can always type it out differently. Links are nice for people visiting your site, but they're also nice for spammers.

Another great spot for spammers is guest books. If you sign someone's guest book and give your real e-mail address, you are *begging* to be spammed.

- ISPs -

Most of us know from repetition that "AOL sux!". But here's a specific point why AOL is a bad "ISP" to have. AOL members are the target of spam whether they post on usenet, have web pages, or none of the above. Why? Because they're AOL members. Good targets in most people's eyes; after all, anyone gullible enough to stick with AOL is likely to go for their MLM scheme or forward along the chain letter about the sick boy and the American Cancer Society. Or so the stereotype goes...

So, say you're on one of these target providers but don't want to switch (Hey, I was quite happy on AOL for a long time. Its fine as long as you don't expect any more out of your provider). What can someone on an "ISP" like AOL do about spam? First off, don't register with any member databases. Putting yourself in the member directories might be nice and all, but it's just asking for a mailbox full of spam. Take it from me, when I was on AOL I would get 12 spam messages a day on my main account (That I had a profile in the member directory for). None of my other accounts got anything.

You might also want to consider changing providers. Now that I'm on a real ISP, I haven't had a single spam message in weeks. (There are other advantages, but I wont go into those here)

- IRC -

As most of the people present for this lesson will know, IRC spam is also quite common. We've all gotten ads to go check out the Naughty Nursing Station at http://www.emergencyroom.com or been told to go check out someone's girlfriend on their web page (Just on the other side of a $20 charge to your credit card, most likely). Now, I don't know about you, but I'm not on IRC for the porn. Else, I'd be in #!!!100%XXXPixs and not #Hackerz_Rulez.

I can't say for certain how this works, but I can tell you a very helpful trick to keep from getting these ads. (First, and most obvious, don't go into those sex chans)

The solution for the average IRC user is to set themself invisible on the server (+i). Many clients have this option available at a click in their setup. Otherwise type "/mode +i" and set this to autoexecute when you sign on.


For a transcript of the lesson, click here.