Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

Filter Feeders

Filter Feeders -- Following last week's Damn That Spam! article in NetBITS-003, a number of people wrote in with their systems for dealing with spam via filters. I still believe that filters are inherently doomed to fail because it's too easy to forge messages. There are some filters that work better than others; nonetheless, I always recommend caution.

Several readers wrote in to say that they filter out all messages that don't contain their email address in either the To or Cc lines to a special spam mailbox. Since your address won't appear in the To or Cc lines of messages from most mailing lists, make sure to filter all mailing list postings to another mailbox before filtering for possible spam. This technique wouldn't work for me (because it's not uncommon that I'll be legitimately blind carbon copied on a message), but it might be worth trying if no one ever sends you mail by putting your address in the Bcc line.

Jason Whong <jason@ambrosiasw.com> reports that a specific program that many spammers use has a bug that you can exploit in a filter. This program's forged headers use the timestamp of "-0600 (EST)". However, Jason notes that Eastern Standard Time is usually marked "-0500 (EST)" and Eastern Daylight Time is "-0400 (EDT)". Thus, filtering messages with the bad timestamp will catch either spam from this particular program or mail from incorrectly configured mail servers. I tried a search on my several hundred megabyte archive of stored mail and found that this technique worked well - it turned up only spam.

I received contradictory notes on the utility of changing your email address. One reader said that he was spammed immediately after changing, whereas another said that changing addresses had eliminated spam entirely. I suspect that changing your address and using it solely for individual mail (not Usenet postings or for listing on Web pages) would eliminate most spam to that address. Of course, changing your address can be a major pain and expense, so even in this case, you're paying for spam.

Some folks intentionally screw up their return address so automated address gathering programs can't use it. They then include information in each message on how to reply (usually by deleting or changing a character in the address). Although this method does help reduce spam, it's just another example of how spam shifts costs away from the spammers. In this case, the costs shift to those who must do extra work to reply to your messages. This technique also causes numerous headaches when you try to subscribe to mailing lists using the incorrect address. [ACE]


Smile makes tools so you can have a productive day. PDFpen: Massage
your PDFs into shape on Mac, iPhone, and iPad. TextExpander:
Automate typing on Mac, Windows (in beta), iPad, and iPhone.
Free trials and friendly support. <http://smle.us/smile-tb>