06 June 2005
Program allows spam removal from Webmail
Program allows spam removal from Webmail By Taylour BurtonSummer Reporter
If spam is in your Purdue Webmail inbox, you can fix that problem.
The Purdue Webmail server can receive around one million spam messages in a day.
But the PureMessage system filters out most of them.
Students are automatically put on the spam filter system, said Jade Cloud, ITaP technical writer.
"(The program) learns how to filter as more spam goes through it," Cloud said.
The Purdue students who were questioned about spam mail said that they hardly receive spam messages.
However, it is still possible to receive spam.
Purdue students can go to Purdue's online directory and look up their own contact information.
After clicking the edit button, they can go to a spam-scanning link that will allow them to turn on the spam filter for their account.
If the spam filter is already on and there is still spam mail in an inbox, Cloud suggests using Microsoft Outlook 2003 because it has a junk-mail holder, or a program called Spam Assassin.
Despite legislative acts to fight it, the amount of spam has grown in the past few years.
According to Postini.com, the amount of spam mail has increased 65 percent since January 2002.
The Can-Spam Act of 2003 required unsolicited commercial e-mail messages to have labels and prevented the use of deceptive subject lines or false headers.
According to Cloud, the PureMessage system filters out labels containing the words "new products," "free" or "you have been approved."
Sometimes the system filters out messages that aren't spam.
Every few weeks a student will get an e-mail titled "Quarantined Spam Messages." This e-mail has a list of all the messages that were filtered.
Cloud said students might want to check that list to make sure nothing important was filtered out.
If spam is in your Purdue Webmail inbox, you can fix that problem.
The Purdue Webmail server can receive around one million spam messages in a day.
But the PureMessage system filters out most of them.
Students are automatically put on the spam filter system, said Jade Cloud, ITaP technical writer.
"(The program) learns how to filter as more spam goes through it," Cloud said.
The Purdue students who were questioned about spam mail said that they hardly receive spam messages.
However, it is still possible to receive spam.
Purdue students can go to Purdue's online directory and look up their own contact information.
After clicking the edit button, they can go to a spam-scanning link that will allow them to turn on the spam filter for their account.
If the spam filter is already on and there is still spam mail in an inbox, Cloud suggests using Microsoft Outlook 2003 because it has a junk-mail holder, or a program called Spam Assassin.
Despite legislative acts to fight it, the amount of spam has grown in the past few years.
According to Postini.com, the amount of spam mail has increased 65 percent since January 2002.
The Can-Spam Act of 2003 required unsolicited commercial e-mail messages to have labels and prevented the use of deceptive subject lines or false headers.
According to Cloud, the PureMessage system filters out labels containing the words "new products," "free" or "you have been approved."
Sometimes the system filters out messages that aren't spam.
Every few weeks a student will get an e-mail titled "Quarantined Spam Messages." This e-mail has a list of all the messages that were filtered.
Cloud said students might want to check that list to make sure nothing important was filtered out.
Spamming Outside the Box
Recently a publicist offered me a nice little scoop involving two of her clients, who planned to post a list of 10 U.S. advertisers that have been flouting the Can-Spam Act of 2003 by ignoring consumers' demands to unsubscribe. Instead of cutting down on spam, attempted delisting just generated more mounds of e-mail. Would I be interested?
Sure, I said. I hate spam as much as the next guy -- provided the next guy thinks spammers should be forced to visit every single person they have bombarded with junk e-mail and manually delete each ad. I also knew just how murky a world spam is, and how difficult it is to police, since nothing and no one is what it seems to be. After all, on the internet, just about everyone wears a mask, especially shameless hawkers trying to cram your inbox with come-ons for penile enhancements and lower mortgage rates.
First, the law: In addition to banning false or misleading advertisements (like putting fake messages in subject boxes to get around spam filters), the Controlling the Assault of Non-Solicited Pornography and Marketing Act gives marketers 10 days to stop sending e-mail after a consumer opts out, with each violation subject to a fine of up to $11,000. It also puts the onus on the advertisers to make sure their ads are in compliance, since they are the ones who ultimately benefit from online marketing.
But with many spammers concealing their identities, the Federal Trade Commission has had a rough time enforcing the Can-Spam Act (prompting cynics to dub it the U-Can-Spam Act). Not only that, but many of the ads for modern American staples like porn, pills, casinos and software don't even originate from the Pfizers and Microsofts of the world. They come from offshore front companies peddling ostensibly pirated goods, online gambling sites based in the Caribbean or hard-to-police affiliate marketers who follow their own rules.
With the government sitting on the sidelines, individuals have begun to take action. For example, Hypertouch, a small, California-based internet service provider, filed an $11.7 million lawsuit against Kraft in April for spamming 8,500 unwanted Gevalia coffee ads at its customers, citing violations of federal and state antispam statutes. A month earlier Hypertouch hit BobVila.com with a similar suit.
And that's where Joshua Baer and Brandon Phillips, the ones who created the list of "Top Ten U.S. Unsubscribe Violators," come in. (The list was recently posted, so as to coincide with the publication of this column.) Baer, CEO of UnsubCentral, which helps companies manage e-mail opt-out lists, and Phillips, president of LashBack, which sells a toolbar that can be added to Microsoft Outlook or Outlook Express that automatically unsubscribes the user from unwanted junk e-mail, say they did it because spam causes headaches for their customers.
Sure, I said. I hate spam as much as the next guy -- provided the next guy thinks spammers should be forced to visit every single person they have bombarded with junk e-mail and manually delete each ad. I also knew just how murky a world spam is, and how difficult it is to police, since nothing and no one is what it seems to be. After all, on the internet, just about everyone wears a mask, especially shameless hawkers trying to cram your inbox with come-ons for penile enhancements and lower mortgage rates.
First, the law: In addition to banning false or misleading advertisements (like putting fake messages in subject boxes to get around spam filters), the Controlling the Assault of Non-Solicited Pornography and Marketing Act gives marketers 10 days to stop sending e-mail after a consumer opts out, with each violation subject to a fine of up to $11,000. It also puts the onus on the advertisers to make sure their ads are in compliance, since they are the ones who ultimately benefit from online marketing.
But with many spammers concealing their identities, the Federal Trade Commission has had a rough time enforcing the Can-Spam Act (prompting cynics to dub it the U-Can-Spam Act). Not only that, but many of the ads for modern American staples like porn, pills, casinos and software don't even originate from the Pfizers and Microsofts of the world. They come from offshore front companies peddling ostensibly pirated goods, online gambling sites based in the Caribbean or hard-to-police affiliate marketers who follow their own rules.
With the government sitting on the sidelines, individuals have begun to take action. For example, Hypertouch, a small, California-based internet service provider, filed an $11.7 million lawsuit against Kraft in April for spamming 8,500 unwanted Gevalia coffee ads at its customers, citing violations of federal and state antispam statutes. A month earlier Hypertouch hit BobVila.com with a similar suit.
And that's where Joshua Baer and Brandon Phillips, the ones who created the list of "Top Ten U.S. Unsubscribe Violators," come in. (The list was recently posted, so as to coincide with the publication of this column.) Baer, CEO of UnsubCentral, which helps companies manage e-mail opt-out lists, and Phillips, president of LashBack, which sells a toolbar that can be added to Microsoft Outlook or Outlook Express that automatically unsubscribes the user from unwanted junk e-mail, say they did it because spam causes headaches for their customers.
CA releases latest version of its anti-spam solution
According to recent research, it is estimated that 40% of e-mail is unsolicited, unwanted spam while two-thirds of this is either false or violates the law. In light of this, Computer Associates Africa has released the latest version of eTrust Anti-Spam solution, r2.1.
eTrust Anti-Spam is an effective and easy-to-use spam filter that ensures companies and individual users only receive messages from people they know while redirecting unknown messages.
Indeed, the solution blocks 100% of all spam while at the same time protecting multiple e-mail accounts. It also integrates seamlessly with Microsoft Outlook (2000, 2002 and 2003) or Microsoft Outlook Express 5.5/6.0 and later.
"Spam is undoubtedly one of the most pervasive problems faced by global and local companies today which is why deploying an anti-spam solution is no longer a luxury but a necessity," comments Karel Rode, business technologist, security management at Computer Associates Africa.
CA's eTrust Anti-Spam r2.1 also offers spoof-proof fraud protection as well as international language support. Combined with CA EZ Armor (Antivirus and a Personal Firewall) as well as CA PestPatrol personal edition, CA is the first company to market with a complete personal protection suite, providing active protection against malware, remote access Trojans, spyware, adware, keystroke loggers.
eTrust Anti-Spam is an effective and easy-to-use spam filter that ensures companies and individual users only receive messages from people they know while redirecting unknown messages.
Indeed, the solution blocks 100% of all spam while at the same time protecting multiple e-mail accounts. It also integrates seamlessly with Microsoft Outlook (2000, 2002 and 2003) or Microsoft Outlook Express 5.5/6.0 and later.
"Spam is undoubtedly one of the most pervasive problems faced by global and local companies today which is why deploying an anti-spam solution is no longer a luxury but a necessity," comments Karel Rode, business technologist, security management at Computer Associates Africa.
CA's eTrust Anti-Spam r2.1 also offers spoof-proof fraud protection as well as international language support. Combined with CA EZ Armor (Antivirus and a Personal Firewall) as well as CA PestPatrol personal edition, CA is the first company to market with a complete personal protection suite, providing active protection against malware, remote access Trojans, spyware, adware, keystroke loggers.
Spam, spam, spam, spaaaaam!
In the decade or so since Web access became a consumer commodity, we've fixed many things about the Internet, from the slow speed of dial-up modems to browsers that crash three times an hour. But spam is a bigger nuisance than ever.
It starts taking its toll long before it lands in your inbox. First, spammers employ spyware and viruses to hijack home and office computers for use as unwitting relays for junk e-mail. Then your Internet provider must spend time and money running filters, lest its computers be swamped.
The junk e-mail that inevitably leaks through wastes your time and band-width as you wait for each message to download. Almost all of it insults your intelligence and good sense; spam assumes we're drug-addicted, money-grubbing, porn-addled fools ready to click on any stupid offer.
And the single worst thing about spam? Enough recipients are those kind of fools, plenty to keep spammers in business.
Nobody has found a technological fix for spam. The Internet's design puts a priority on the free flow of data. Internet providers, too many of which still whore themselves out to spammers and spammers' own cockroach-like tenacity, all but ensure there won't be.
Because the Internet spans the world, laws aren't likely to solve this problem either although I am always delighted to see spammers being litigated into poverty, fined into bankruptcy or imprisoned forever.
Spam can, however, be managed. You can make your e-mail address a smaller target for spammers, and you can shunt aside a healthy chunk of the spam that does find you.
If you can keep your address off spammers' lists, you will get little or no junk e-mail. So never post your e-mail address on any public spot on the Web, and be choosy about giving it to strangers or companies.
Instead, create a second, throwaway account at any of the free Web-mail services, such as Yahoo Mail, Hotmail or Gmail, and use that for online commerce. Most Web sites won't share your address with the world - but a few might, so why chance it?
This method will not, however, defeat a dictionary attack, in which spammers send messages to randomly chosen names at popular Internet providers. Having an address with an unusual spelling or at a lesser-known provider can reduce vulnerability.
When spam arrives, never respond to it. And make sure your mail software isn't doing that for you: If it displays a picture in a spam message, it often does so by downloading the image from the spammer's Web site, which tells the sender you just read the spam.
Current releases of the major mail programs - Microsoft's Outlook Express and Outlook, Apple's Mail, Qualcomm's Eudora and Mozilla's Thunderbird - won't display pictures in mail from strangers. But older versions will, so upgrade now.
You can try forwarding your spam to the authorities. In America, you can send a copy to the Federal Trade Commission at spam@uce.gov, or via the link at www.ftc.gov/spam. Forwarding another to the "abuse'' address of the Internet provider that relayed the message (abuse@aol.com, for example) is also smart. But to do that right, you'll need to use your mail program's "show full headers'' option, which is often hidden.
You'd think that writing a program to delete spam would be easy, since even an Internet beginner can tell spam from real mail. But that hasn't happened - yet another way in which the computer can't match the human brain.
Your Internet provider's spam filtering will usually sweep the worst offenders out of sight, but some adopt an excessively strict policy that wrongly tags innocent e-mails as spam. Last winter, for example, Verizon's filtering suddenly began flushing away many legitimate e-mails sent from parts of Europe and Asia.
If you use your own mail program instead of a Web interface such as Hotmail or Yahoo, you can run your own spam filters. The best learn from your use, watching what mail you label as spam and adjust their screening to match. Apple's Mail and Mozilla Thunderbird (www.mozilla.org), both free, include this type of filter, as does the US$50 (HK$390) edition of Qualcomm's Eudora (www.eudora.com).
Microsoft's Outlook 2003, by contrast, has a non-learning spam filter, while its free Outlook Express includes no spam block. You can add a learning filter to either program with various add-ons; some, such as POPFile (popfile.sourceforge.net) and SpamPal (www.spampal.org), are free but may require tricky configuration; others, like SpamBully (www.spambully.com) cost money.
A more stringent defense, "challenge-response'' filtering, requires would-be correspondents to pass a simple test online that a bulk mailer can't or won't bother to complete - usually, visiting a Web page and typing in letters shown in an image. Some Internet providers - notably, Earth-Link - and such add-on software as SpamArrest (www.spamarrest.com) and ChoiceMail (www.digiportal.com) offer it.
But although these systems wave through mail from people in your address book, other legitimate senders must perform extra work. Challenge-response has not been widely adopted.
All of these techniques can only treat spam. A cure will have to be economic: When no money can be made from spam, nobody will send it. Filters, lawsuits and fines can raise the costs of sending junk e-mail, but there's still money to be made by defrauding the gullible.
It starts taking its toll long before it lands in your inbox. First, spammers employ spyware and viruses to hijack home and office computers for use as unwitting relays for junk e-mail. Then your Internet provider must spend time and money running filters, lest its computers be swamped.
The junk e-mail that inevitably leaks through wastes your time and band-width as you wait for each message to download. Almost all of it insults your intelligence and good sense; spam assumes we're drug-addicted, money-grubbing, porn-addled fools ready to click on any stupid offer.
And the single worst thing about spam? Enough recipients are those kind of fools, plenty to keep spammers in business.
Nobody has found a technological fix for spam. The Internet's design puts a priority on the free flow of data. Internet providers, too many of which still whore themselves out to spammers and spammers' own cockroach-like tenacity, all but ensure there won't be.
Because the Internet spans the world, laws aren't likely to solve this problem either although I am always delighted to see spammers being litigated into poverty, fined into bankruptcy or imprisoned forever.
Spam can, however, be managed. You can make your e-mail address a smaller target for spammers, and you can shunt aside a healthy chunk of the spam that does find you.
If you can keep your address off spammers' lists, you will get little or no junk e-mail. So never post your e-mail address on any public spot on the Web, and be choosy about giving it to strangers or companies.
Instead, create a second, throwaway account at any of the free Web-mail services, such as Yahoo Mail, Hotmail or Gmail, and use that for online commerce. Most Web sites won't share your address with the world - but a few might, so why chance it?
This method will not, however, defeat a dictionary attack, in which spammers send messages to randomly chosen names at popular Internet providers. Having an address with an unusual spelling or at a lesser-known provider can reduce vulnerability.
When spam arrives, never respond to it. And make sure your mail software isn't doing that for you: If it displays a picture in a spam message, it often does so by downloading the image from the spammer's Web site, which tells the sender you just read the spam.
Current releases of the major mail programs - Microsoft's Outlook Express and Outlook, Apple's Mail, Qualcomm's Eudora and Mozilla's Thunderbird - won't display pictures in mail from strangers. But older versions will, so upgrade now.
You can try forwarding your spam to the authorities. In America, you can send a copy to the Federal Trade Commission at spam@uce.gov, or via the link at www.ftc.gov/spam. Forwarding another to the "abuse'' address of the Internet provider that relayed the message (abuse@aol.com, for example) is also smart. But to do that right, you'll need to use your mail program's "show full headers'' option, which is often hidden.
You'd think that writing a program to delete spam would be easy, since even an Internet beginner can tell spam from real mail. But that hasn't happened - yet another way in which the computer can't match the human brain.
Your Internet provider's spam filtering will usually sweep the worst offenders out of sight, but some adopt an excessively strict policy that wrongly tags innocent e-mails as spam. Last winter, for example, Verizon's filtering suddenly began flushing away many legitimate e-mails sent from parts of Europe and Asia.
If you use your own mail program instead of a Web interface such as Hotmail or Yahoo, you can run your own spam filters. The best learn from your use, watching what mail you label as spam and adjust their screening to match. Apple's Mail and Mozilla Thunderbird (www.mozilla.org), both free, include this type of filter, as does the US$50 (HK$390) edition of Qualcomm's Eudora (www.eudora.com).
Microsoft's Outlook 2003, by contrast, has a non-learning spam filter, while its free Outlook Express includes no spam block. You can add a learning filter to either program with various add-ons; some, such as POPFile (popfile.sourceforge.net) and SpamPal (www.spampal.org), are free but may require tricky configuration; others, like SpamBully (www.spambully.com) cost money.
A more stringent defense, "challenge-response'' filtering, requires would-be correspondents to pass a simple test online that a bulk mailer can't or won't bother to complete - usually, visiting a Web page and typing in letters shown in an image. Some Internet providers - notably, Earth-Link - and such add-on software as SpamArrest (www.spamarrest.com) and ChoiceMail (www.digiportal.com) offer it.
But although these systems wave through mail from people in your address book, other legitimate senders must perform extra work. Challenge-response has not been widely adopted.
All of these techniques can only treat spam. A cure will have to be economic: When no money can be made from spam, nobody will send it. Filters, lawsuits and fines can raise the costs of sending junk e-mail, but there's still money to be made by defrauding the gullible.
Anti-spam duty
THE deluge of unsolicited mails is increasing at a rapid pace — much faster than the technology to curb it.
When one opens the mailbox after a weekend or even an ordinary working day, the inbox can show absurd figures of unread mails. The wise ones know that this is no indication of their popularity.
With e-mail forming a significant part of business communications (estimates say it constitutes over 60 per cent of internal as well as external communications), managing mails effectively and efficiently becomes an imperative.
The Chennai-based Aspire Systems says it can help fight spam - with its spam filter, Mail Guard. Its features include, according to the company, automatic filtering of e-mails, notification of progress, spam notification, cleaning existing e-mail folders, managing context stamp derived out of spam e-mails and managing spam senders. The company says a key aim of this product is to increase the productivity of e-mail users.
There are two major problems with respect to spam or unsolicited e-mail. On average, approximately 30 per cent of incoming mail is spam. Before users can focus on important mails, valuable time is spent in identifying and deleting spam to unclutter the inbox. Furthermore, spam uses up precious Net bandwidth, takes up storage space, and cuts into processing time.
Shankar Krishnamoorthy, Vice-President (Development), Aspire Systems, says, "Mail Guard identifies spam mails based on the sender's ID or the context of the mail. If the sender's ID changes but the context of the mail is the same, then the product deletes the spam mails based on the context. The first version of this product is designed to work within Microsoft Outlook. It reduces repeated spam attacks using two different approaches depending on the origination of e-mails and extracting `content stamp' from spam mails and using it in future to check whether an incoming e-mail is a spam."
Kada Rajasekar, who has been using Mail Guard for the last one year, says it has helped manage his mailbox efficiently. "Mail Guard has saved me a lot of productive hours by removing spam e-mail, right when I am downloading mails." The market for anti-spam solutions is huge. Different solutions by the various players use different ways to detect and eliminate spam.
While some work on the server end, others work on the desktop end. The initial version of Mail Guard is designed for the desktop segment.
Ananthanarayanan Krishnamoorthy, project manager, Aspire Systems, says Mail Guard lives up to its claims.
This is targeted at the 25 to 30 age group. They surf and register their e-mail addresses at different Web sites, making them ideal targets for spammers. Mail Guard's Context Stamp' methodology and low cost give it an edge, says Gowri Shankar Subramanian, CEO, Aspire Systems.
The challenges in building the product lay in working with the customer, in clearly defining the specifications and designing the user interface. Since users are generally non-technical people, the focus had to be on usability and the reduction of the number of clicks for each action, among others. "We virtually counted the number of mouse clicks required for an action like marking an e-mail as spam for the first time and experimented accordingly," says Krishnamoorthy.
A satisfied user, Prathap Achutan, a software business development manager, says, "The best thing is that it detects the highest rate of spam without requiring any special configuration."
The product road map consists of many different features and releases and
Subramanian says, "Our immediate focus is to further strengthen the spam detection methodology and approach, besides having a spam repository in the Web for users to sync-in to the latest spam directory on a daily basis. We are also working towards addressing different e-mail platforms such as Outlook Express, Netscape, Lotus Notes and others."
When one opens the mailbox after a weekend or even an ordinary working day, the inbox can show absurd figures of unread mails. The wise ones know that this is no indication of their popularity.
With e-mail forming a significant part of business communications (estimates say it constitutes over 60 per cent of internal as well as external communications), managing mails effectively and efficiently becomes an imperative.
The Chennai-based Aspire Systems says it can help fight spam - with its spam filter, Mail Guard. Its features include, according to the company, automatic filtering of e-mails, notification of progress, spam notification, cleaning existing e-mail folders, managing context stamp derived out of spam e-mails and managing spam senders. The company says a key aim of this product is to increase the productivity of e-mail users.
There are two major problems with respect to spam or unsolicited e-mail. On average, approximately 30 per cent of incoming mail is spam. Before users can focus on important mails, valuable time is spent in identifying and deleting spam to unclutter the inbox. Furthermore, spam uses up precious Net bandwidth, takes up storage space, and cuts into processing time.
Shankar Krishnamoorthy, Vice-President (Development), Aspire Systems, says, "Mail Guard identifies spam mails based on the sender's ID or the context of the mail. If the sender's ID changes but the context of the mail is the same, then the product deletes the spam mails based on the context. The first version of this product is designed to work within Microsoft Outlook. It reduces repeated spam attacks using two different approaches depending on the origination of e-mails and extracting `content stamp' from spam mails and using it in future to check whether an incoming e-mail is a spam."
Kada Rajasekar, who has been using Mail Guard for the last one year, says it has helped manage his mailbox efficiently. "Mail Guard has saved me a lot of productive hours by removing spam e-mail, right when I am downloading mails." The market for anti-spam solutions is huge. Different solutions by the various players use different ways to detect and eliminate spam.
While some work on the server end, others work on the desktop end. The initial version of Mail Guard is designed for the desktop segment.
Ananthanarayanan Krishnamoorthy, project manager, Aspire Systems, says Mail Guard lives up to its claims.
This is targeted at the 25 to 30 age group. They surf and register their e-mail addresses at different Web sites, making them ideal targets for spammers. Mail Guard's Context Stamp' methodology and low cost give it an edge, says Gowri Shankar Subramanian, CEO, Aspire Systems.
The challenges in building the product lay in working with the customer, in clearly defining the specifications and designing the user interface. Since users are generally non-technical people, the focus had to be on usability and the reduction of the number of clicks for each action, among others. "We virtually counted the number of mouse clicks required for an action like marking an e-mail as spam for the first time and experimented accordingly," says Krishnamoorthy.
A satisfied user, Prathap Achutan, a software business development manager, says, "The best thing is that it detects the highest rate of spam without requiring any special configuration."
The product road map consists of many different features and releases and
Subramanian says, "Our immediate focus is to further strengthen the spam detection methodology and approach, besides having a spam repository in the Web for users to sync-in to the latest spam directory on a daily basis. We are also working towards addressing different e-mail platforms such as Outlook Express, Netscape, Lotus Notes and others."
