Spam Information Page
Go directly to MailGuard to configure spam filtering.
|What is spam?|
|It is probably the most annoying part of e-mail. You check your CalWeb e-mail account, and you have messages waiting for you. However, some of it is that annoying junk e-mail that is trying to sell you some products or services. What you just received is unsolicited commercial e-mail, more commonly known as "spam". Some of the products or services offered are of questionable legality (i.e. getting prescription medication without a prescription, off-shore gambling sites, and marketing schemes), and some of it is offensive and definitely inappropriate to minors. In some cases, the spam deceives you by looking like innocent e-mail from a friend or business customer with the subject line of "I missed your call" or the ominous "Payment past due", but, when you open the message, it turns out to be unwanted advertising.
Spam is the unfortunate side effect of the Internet, and has its beginnings in April, 1994 when two Arizona lawyers, Laurence Canter and Martha Siegel, advertised on the Usenet newsgroups about the Green Card Lottery. Since then, the spam has proliferated into e-mails problem we face today. The nickname of spam, incidentally, comes from a Monty Python comedy sketch, where whenever someone mentioned the word spam in a cafe, a group of Vikings would start singing or chanting SPAM!, drowning out the other people in the room.
So, if spam is so annoying, why do some unscrupulous businesses do it? Simply because it's cheaper. The United States Post Office charges a per-item fee for each piece of mail sent through the mail system. On the other hand, a spammer can simply open an account with any ISP and pump out thousands of the e-mails. This is usually a violation of the ISP's acceptable use policy, and the account is cancelled. Believe it or not, there are some businesses who specialize in sending out unsolicited commercial e-mail. They are actually contracted for a fee to send out unsolicited commercial e-mail, and receive a commission on the sales, cashing in on the 1% who actually respond to the advertising. Their attitude about the unwanted e-mail is that you can just delete it, and defend the practice, saying that no trees are cut down in the process, and no gas is consumed or pollution generated by delivering the advertisements door-to-door.
There are laws against unsolicited commercial e-mail, but they are hard to enforce, especially since some of the unsolicited commercial e-mail originates from mail servers located outside of the United States. In some cases, the spammers find a open mail relay set up by a innocent third party and use it to relay the e-mail.
|How do they get my e-mail address?|
|There are several methods which the spammer harvests your e-mail address, including:
CalWeb Internet Services does not sell it's subscriber e-mail addresses to anyone. We do use your CalWeb e-mail address to communicate you about your CalWeb account, including new services that are available to subscribers.
|What is CalWeb doing about spam?|
|Plenty. Some of the measures include:
|How can I prevent myself from being spammed?|
|Here are a few suggestions:
These tips should frustrate the people who sent you spam.
|What filtering does CalWeb offer?|
|CalWeb offers a spam filtering service called MailGuard. This proactive filtering system scans the message for SPAM-like characteristics that indicate that the incoming email has been sent by a spammer. Some of MailGuard;s features include:
MailGuard is a service offered by CalWeb at no additional charge. You need to log in to the MailGuard website for the first time to activate SPAM filtering or you can contact a member of our support staff to set you up.
|How do I configure my e-mail program to send the Spam E-mail to the Deleted Items or Trash Folder?|
|Many e-mail programs come with a option called either "Message Rules", "Message Filters", or "Inbox Assistant". This allows you to set up certain criteria based upon the mail contents and then take certain actions automatically. To assist you with setting up your e-mail for filtering, CalWeb has on-line instructions for the following e-mail programs:
If your e-mail program isn't listed, then either the instructions are not yet available or it is a older mail program which lacks message filtering capability. The e-mail rules or filter should consist of the following:
You may want to study over the existing directions to get some idea of how to configure your e-mail program.
|According to the e-mail, the message said that it complies with "S.1618 Title III passed by the 105th Congress". Is that true?|
This is a hoax. According to the official site for United States Legislation, this bill was referred to the House Committee on Commerce on October, 1998, where it died. It was never signed into law.
|How come I received the e-mail even though my e-mail address is nowhere to be found?|
|The spammers use a field called Blind Carbon Copy (or Bcc:) in order to hide the actual sent-to e-mail addresses. We cannot block e-mail simply because your e-mail address does not appear in to To: or Carbon Copy field (Cc:) simply because it would interfere with the receipt of messages from legitimate e-mail mailing lists.|
|What About Relaying?|
|Spammers invariably never send the spam directly from their machine to the recipient. In most cases, they will forge their email address, and then send the message to a handful of servers around the Internet. Unfortunately, they are not legitimate users of those systems, and instead stealing the resources. Any ISP or other site on the net that does not protect themselves of this problem, will become a victim of it.
If you are accessing your CalWeb e-mail from outside CalWeb, we highly recommend replacing smtp.calweb.com as your outgoing mail server to that ISP.s outgoing mail server. (The incoming mail server of pop.calweb.com remains unchanged.) CalWeb does permit users to use CalWeb mail servers as relays, but only if the users are customers of CalWeb. If you are trying to use CalWeb servers from outside CalWeb (i.e., from your employer's connection), you will need to use SMTP Authentication feature of your mail program. Please be aware that some sources block access to port 25 if it's to a machine outside of their network.
If you are an ISP or other site on the net, and you are being used as a relay, consider checking out the sendmail rule sets at www.sendmail.org (key words: anti-relay), or if you are using other products, asking your vendor for suggestions. Remember: if you do not protect your SMTP server, you will be abused!
|What about all-digits addresses?|
|One of the tactics taken by spammers, is the use of mail forgery. The spammers will take a random series of digits, and a domain name at random (that does exist, but doesn't belong to them). The mail will then be sent out, with apparently usable email addresses that are all bogus. This defeats a lot of people's ability to filter these messages. You can't block by a specific user id, nor can you block a given domain, since both cases are random. Blocking a domain would also be unfair to the domain in question, since they had no knowledge of what was going on, nor could they have stopped the forgery.
|What about DNS?|
|Another tactic used by spammers, is the use of mail forgery. The spammers will make random domain names. These names may or may not actually exist on the Internet. In any case, they help prevent the spammers from 1: getting caught, and 2: catching people's wrath for the hell that Internet email has become for some people.
CalWeb does take steps to make sure that the sender's address can at least be possibly real. When a mail server connects to us, we check whom the mail is from (CalWeb users: the X-SMTP: line). We make sure that the Internet site that the mail claims to be from does indeed exist. (For those technically minded people: we check for A/MX DNS records). If there are no records for the given site, we block the mail. If the records are just slow to be answered, we give a temporary refusal, allowing the mail to be delivered later, once the DNS records are fixed.
If you send email, with the hostname (the part after the "@") faked, there is a good chance that CalWeb will refuse your mail. Many other sites will do the same, notably AOL, CompuServe, and other big name sites. Please, do not forge/fake your email address when sending email - you won't know when your mail is being refused, and your recipient may not get it.
|For more information.|
|Additional resources can be found at the following: