The War on Spam Part I – The Basics
What Spammers Do…
The biggest headache today in the web world, other than viruses, is spam. Spam is unsolicited email usually sent in mass to many email addresses. Another form of spam can be the repeated submissions of web forms, such as guestbook entries, contact forms, product reviews, blog comments, etc. These submissions usually contain bogus contact information and a series of links leading to not-so-nice sites.
How they do it…
Email spammers usually use automated programs to email large quantities of spam to lists of emails they’ve harvested off the internet. I’ll get to harvesting in a moment. They use an automated web form on a web site the spammer has hacked to send the spam messages. The spammer enters the list of harvested addresses, the subject, and the message body into the web form and hit send. It can sometimes be hard to determine the origin of spam since many of the forms they use to send spam are on sites they’ve hacked – not their own.
Spammers’ software can “memorize” the field names of your web forms and create an attack “filling in” your required form fields. They visit the web site via a bot, and search out web forms to download the fields to be filled in later. The bot will go back to the url, fill in the web form and submit the form over and over until that wave of attacks have ended. This will repeat automatically at pre-determined times of the day or night.
How they collect/harvest…
The bots I mentioned previously seek out and find any information the spammer can use to make their attack. Just like the bots used with Google, Yahoo and MSN, they will “crawl” a site gaining information and harvesting any email addresses or web forms they may encounter. Bots find this based off the code in the web page.
Email addresses are usually in the form of this coding:
<a href=mailto:email@my domain.com>email@mydomain.com</a>
The “a href=mailto:” is the code the bots picks up and then harvest that link.
If you have an email address on your site that receive spam on, this is the most popular way they get your information.But what if you don’t have an email address on your web site?
There are many other ways Spammers can get your information:First, I would look to see if an email address shows up in a WHOIS search. Whois is public information about who owns a domain and the contacts provided. Harvesting can also take place here taking an email address from the information provided.
Second, and most importantly, I would look to see where you could have entered your email address. Realtors have access to tons of email addresses through their local association. Chamber of Commerce’s often post members with emails. Maybe blogs, guestbook’s, and any site you could have entered an email address that may not have been secure.
Another way could be through viruses. If someone has your email address and their machine becomes compromised, then your email addresses may have been compromised.
Ok, I’m depressed. How can we win?
I don’t think we can ever “win” the war. Laws in the US differ from other countries where a lot of spamming occurs. ICANN (Internet Corporation for Assigned Names and Numbers) has already helped by going after registrars around the world who have known spamming domains, but this is only temporary - until they find a new home.
Until then we have to protect our home front. First, you can purchase spam protection software such as QURB or any other good software to protect third party email programs like Outlook.
Webmail users, such as Horde, Gmail, Yahoo, Hotmail, have built in software to filter junk mail. They do a fairly good job overall.
Be careful about where you use your email address. Once it has been harvested, it will take a long time to get it back to its pure state, if ever. Create an email address on yahoo or msn that isn’t personal (doesn’t contain your name, etc) that you can use for the web. This keeps your personal email safer (firstname_lastname@domain.com). Outlook and other mail programs support multiple email accounts. You can create rules and actions to put these general emails in special folders as well as filters for junk mail.
Web site and domain owners can eliminate headaches by removing all important email addresses and by using a “catch all” account. This catch all account will receive all the spam and inquiries from your site and whois searches. Catch all accounts can be info@, or sales@, or contact@. Web users usually use the contact form to submit questions, so you’ll still have to sift through it – but at least your personal account is safer.
Email addresses on a web site can be encrypted with a string to mask the code. However, sometimes doing this can make the “mailto” link not work correctly in email programs.
Web forms can reduce spam attacks by using code in the mail processor. This code can do a culmination of things. It can halt spam attacks through spam injections (this will be discussed in an advanced article). It can collect the user’s IP address and host info so that the webmaster may block that IP from accessing the site. It can also create email headers which are useful in tracking origin.
Web forms can reduce bot attacks by using CAPTCHAs. This is the combination of numbers and letters you have to type in before you can submit a form.
Last but not least, changing web form field names can help reduce the spam for a short period of time.
While spoofing IP addresses can bypass IP logging, the above tactics can at least slow down these attacks.
-----------------------------------------------------------------------------------------------------------
Although this article discuss techniques used by spammers, there are still many other methods used today that are not listed. We have chosen to discuss the spamming situations above based on past experiences.
2412 Gulf Breeze Ave
Pensacola, Florida 32507
850-455-1464
sales@bluewebtechnologies.com