May 2, 2003
Spam: A whole lotta fakin' going on
by Diana Pounds
An Ankeny man recently forwarded some particularly offensive spam to
university officials with this note:
"I object to getting this type of message, especially from an Iowa State
server. Please let me know how you will stop this junk."
The spam appeared to come from an iastate.edu e-mail address. Not
surprisingly to university information technology experts, it hadn't. The
address on the spam was fake and the spam hadn't been anywhere near an Iowa
Nearly all spam has fake return addresses, said Frank Poduska, a systems
analyst in Academic Information Technologies.
Return addresses a sham
Apparently unable to take what they dish out (inboxes cluttered with
unwanted mail), spammers hide their identities with fake return addresses.
The fake addresses, which may belong to real people who are unwitting
victims of the spammer or no one at all, protect the spammers from getting a
flood of angry responses to their junk mailings.
Tracking down spammers is extremely difficult, Poduska said. For spammers,
the prevarication doesn't stop at the return address line. Spammers also
routinely use fake IPs, which are the numbers that identify individual
computers on a network. Or they use someone else's computer (a computer in a
library or university lab, for example, or a personal computer they have
hacked into) to send spam.
A frequent request to Iowa State technology staff is to block spam-sending
sites from sending any e-mail to the university. The university currently
blocks several hundred domains and IP addresses because they consistently
send spam, Poduska said. But the blockade won't work on the vast majority of
spam that has fake addresses.
Delete and filter
Your best defense against spam is still the delete key and a good mail
filtering program, Poduska said. Many mail programs (such as Microsoft
Outlook, Eudora and WebMail) allow you to set up filters to screen out mail
with spam-like characteristics, such as the use of certain words and phrases
or copy punctuated with exclamation marks.
Iowa State has installed a spam-detection system on its mail servers that
works nicely with such filters. The system scans every piece of incoming
mail, giving it a spam ranking. For example, the system might tag a piece of
mail with a 90 percent probability of being spam.
You can set your filters to remove probable spam from your mail inbox and
either file it to another folder or delete it.
Information on using mail filters in conjunction with the spam-detection
system can be downloaded from this Web site:
To help reduce your spam, don't reply to messages from spammers, don't click
on links in spam and don't click the "unsubscribe" links on spam.
(Unsubscribe links can be a sneaky way to verify that your address is
valid.) Also, avoid signing up for "free" services on the Internet or
putting your e-mail address on warranty cards or providing it in chat rooms.
Ames, Iowa 50011, (515) 294-4111
Published by: University Relations,
Copyright © 1995-2003, Iowa State University. All rights reserved.