How many messages in your Inbox are spam? Security firm Postini said that spam has increased 59 percent in the past 3 months and went on to say that 91% of all email is spam. 91% – wow!
We block several IP ranges through our .htaccess files and we filter out “select” keywords so, we do a pretty good job of blocking it and so we only get 25% spam – ONLY. Spam is a scourge these days. It is mostly coming from Russia and China so we block IP ranges coming from those countries and have turned off comments on the blog.
But, these are methods that the average person does not do (how many people know what .htaccess is or how to update it). What can the average person do to help combat spam? I would like to break it down into three of the very basic steps:
The spam scourge is most helped by the MILLIONS of knuckleheads that do not patch their software regularly, despite the fact that the software vendors will do this for them for free automatically!
Because said knuckleheads do not patch the security holes in their software, they are open to hacker attack. As this unpatched computer is surfing the Internet (“la dee da, surfin’ the net”) or opening email (“oooo, I better open this message from this person I do not know”), a hacker finds their unpatched computer, inserts a itty, bitty little program and turns that computer into a spam bot. That computer then starts sending out spam behind the scenes. The computer owner is not even aware of what is going on.
Of course, unpatched software is not the only reason for spam. Spammers are also using image spam and document spam to get past security. Also, spam is included with some software (purchased by another group of knuckleheads). But, if everyone just patched their software regularly, the volume would be reduced significantly.
I think that ISPs should contact the infected customer (we log all IP addresses from which we receive spam and then notify the ISP), tell them that their computer is sending out spam, help them get it patched and cleaned up and then send them a bill. If they gripe about it, cancel their account. They are not responsible enough to be a member of the Internet society. They can be reinstated once they complete a 6 week course on staying safe online and mow my grass 3 times (ok, maybe not that last part). But, seriously, the ones contributing to the problem should be somewhat accountable.
(Loud applause as ranter steps down from the soapbox) Another simple thing to do is what is called “greylisting.” Basically, you make it so that when someone sends you an email, before it is delivered to you, the senders server receive a reply that asks them to send it again. Spam servers usually will not complete this step, so the message is not delivered. Nice.
To sum up, patch your software, don’t open email from someone you don’t know and don’t purchase spammy software. That is a start.