We all deal with SPAM. Unsolicited commercial email now constitutes the majority of email that is sent and received around the world. This type of email became known as SPAM because it reminded early Internet users of the scene in a Monty Python episode where a diner patron is informed that everything on the menu contained the canned meat SPAM. The diner responded "But I don't like SPAM" and that's where we get the term. SPAM is more than just an annoyance, however. A great deal of SPAM is laden with viruses and spyware. These nasty programs can greatly slow performance on your PC and even compromise your privacy and lead to identity theft. It is serious business. A recent thread on firstname.lastname@example.org discussed some ways we can reduce the burden of SPAM in our lives.
Client-Side SPAM FiltersThe Internet consists of server computers and client computers. Server computers store the files you read on the Web and also store the email sent to you before you retrieve it with your email software. The computer you use is called a client computer and any email software that runs on your computer is called an email client. Some common email client software includes Microsoft Outlook, Microsoft Entourage, Apple Mail, and Eudora. These programs all contain SPAM filters that identify SPAM using information in the subject line, message body, and message header. They then place all identified SPAM into a junk mail folder for you to review at your leisure. You can usually set the filtering to high, medium, or low. Setting it to high reduces the amount of SPAM but sometimes legitimate messages get caught in the filter. Client-side filtering is the most common way to reduce SPAM because it is usually free with your email software. It also gives you the most control because you can tweak the rules for filtering the SPAM and review all the filtered messages whenever you like. If you haven't yet turned on your email software's SPAM filter, look for the feature in your user's manual or help file and get started with client-side filtering. The big downside of client-side filtering, however, is that the filtering happens only after you download all your email. If you get a lot of SPAM, that increases the amount of time it takes to download your email everyday. That's where server-side filters come in.
Server-Side SPAM Filters
Server-side filtering software runs on a server computer that receives your email. The filter looks at the message header, message body, subject line, and FROM: address to determine if the message is likely to be SPAM. If so, it dumps the SPAM into a holding tank and sends you a message every day with a list of the held messages. If you see something in the list that doesn't look like SPAM to you, you can view the message on the Web and decide if you wish to have it sent to your computer. Server-side filtering can really reduce the annoyance of SPAM but it does so at a price. One of the more reasonably priced and effective server side programs is called SPAM Arrest (http://www.spamarrest.com/). For $35 per year, SPAM Arrest will greatly reduce the burden of SPAM.
Viruses and SpyWare
The great danger of SPAM is found in the files attached to some SPAM messages. An attached file can contain a virus that will hobble your system or, more likely, send copies of itself to everyone in your address book. Some viruses even transform your PC into a zombie mail server that sends SPAM whenever your computer is idle. The most important rule to follow is to never open files attached to suspicious messages. Today these are typically .zip archives with vague file names like document.zip or archive.zip. When unzipped on a PC, the files in the zip archive are often Worms that then use your PC to send copies of themselves to others. It is important that your email software be set to NOT automatically open ZIP archives without asking your consent first. This applies to all attachments. Some other suspicious extensions on attachments are .pif, .scr, .vbs, .exe, .cmd, .cpl and .bat. Word files (.doc) are also a problem if they contain Macro viruses.
To prevent Macro viruses, get into the preferences of Word on your computer and make sure it asks you before running any macros that may be embedded in Word files. If you open a Word file and Word tells you a macro is embedded, don't run the macro. Macro viruses in Word documents do their damage by using the visual basic programming language that connects Microsoft products on PCs running Windows. The Word macro sends code to Microsoft Outlook which then sends a message with a copy of the virus to everyone in your addressbook using random entries from your address book as the "from" address. If a common Word file has a macro, it is likely a virus. Use virus scanning software to repair the Word file so it won't try to run the macro in the future.
Microsoft Internet Explorer is another link in the visual basic chain that can result in viruses running on your system. For best results, break the chain by avoiding these applications. Microsoft Word is hard to avoid. We all seem to need it. Outlook, however, is easy to replace with another email software program like Eudora. If possible, remove Outlook entirely from your system to prevent its misuse by viruses and spyware. Internet Explorer is easy to replace with the more security-conscious Firefox Web browser. Firefox also protects against the SpyWare programs that often infect PCs running Internet Explorer. Pop-up windows on Internet Explorer often download and install SpyWare programs on your PC that monitor your activities and compromise your privacy.
If you are using a PC these days you absolutely must keep up to date on virus protection software (McAfee, Norton, etc.) and Spyware blocking software. These software packages should monitor and scan files you download or attachments you receive in email. Scan your PC. You might be surprised to find out what is running on your computer without your knowledge. Viruses are not a big problem on the Macintosh platform yet. The Mac operating system is a smaller target for virus writers and it is more secure anyway. That may change in the future but for now Mac users should simply practice good email hygiene by not opening unknown attachments or forwarding them to PC users.
An Ongoing Issue
We all get SPAM. I use both server-side blocking and client-side filtering for my company. However, I still spend time each day looking through the list of blocked messages to be sure I am getting the valid messages I need. It is a continuing hassle.
If you have any thoughts you wish to share on this issue, become a member of TI:ME and post your ideas to email@example.com or contact me at
by Steven Estrella
For more information about Dr. Estrella and his work, see the following sites.