Iowa State University nameplate

Inside Iowa State
Gold bar
May 2, 2003

Spam: A whole lotta fakin' going on

by Diana Pounds
An Ankeny man recently forwarded some particularly offensive spam to university officials with this note: "I object to getting this type of message, especially from an Iowa State server. Please let me know how you will stop this junk."

The spam appeared to come from an iastate.edu e-mail address. Not surprisingly to university information technology experts, it hadn't. The address on the spam was fake and the spam hadn't been anywhere near an Iowa State server.

Nearly all spam has fake return addresses, said Frank Poduska, a systems analyst in Academic Information Technologies.

Return addresses a sham
Apparently unable to take what they dish out (inboxes cluttered with unwanted mail), spammers hide their identities with fake return addresses. The fake addresses, which may belong to real people who are unwitting victims of the spammer or no one at all, protect the spammers from getting a flood of angry responses to their junk mailings.

Tracking down spammers is extremely difficult, Poduska said. For spammers, the prevarication doesn't stop at the return address line. Spammers also routinely use fake IPs, which are the numbers that identify individual computers on a network. Or they use someone else's computer (a computer in a library or university lab, for example, or a personal computer they have hacked into) to send spam.

A frequent request to Iowa State technology staff is to block spam-sending sites from sending any e-mail to the university. The university currently blocks several hundred domains and IP addresses because they consistently send spam, Poduska said. But the blockade won't work on the vast majority of spam that has fake addresses.


Delete and filter
Your best defense against spam is still the delete key and a good mail filtering program, Poduska said. Many mail programs (such as Microsoft Outlook, Eudora and WebMail) allow you to set up filters to screen out mail with spam-like characteristics, such as the use of certain words and phrases or copy punctuated with exclamation marks.

Iowa State has installed a spam-detection system on its mail servers that works nicely with such filters. The system scans every piece of incoming mail, giving it a spam ranking. For example, the system might tag a piece of mail with a 90 percent probability of being spam.

You can set your filters to remove probable spam from your mail inbox and either file it to another folder or delete it.

Information on using mail filters in conjunction with the spam-detection system can be downloaded from this Web site: http://www.ait.iastate.edu/pubs/gag322.


Reducing spam
To help reduce your spam, don't reply to messages from spammers, don't click on links in spam and don't click the "unsubscribe" links on spam. (Unsubscribe links can be a sneaky way to verify that your address is valid.) Also, avoid signing up for "free" services on the Internet or putting your e-mail address on warranty cards or providing it in chat rooms.



... Becoming the Best
Ames, Iowa 50011, (515) 294-4111
Published by: University Relations, online@iastate.edu
Copyright © 1995-2003, Iowa State University. All rights reserved.