diabolical spam

[richardmyers]

I've been receiving hundreds of spam messages per day. Many of these take
advantage of a diabolical trick: they spoof my own email address as the
sender. Thus, if i try to block them, i block all messages that are returned
to me from certain email lists that i participate on.

How do i deal with spam that spoofs?

richard myers

 

[t-4-2]

Call your ISP. Get a new e-mail address, then remove that account after
notifying your contacts whom you do trust.

t-4-2

 

[Spirit]

Make a rule to ALLOW your NewsGroup messages and BLOCK the rest
with your address as both sender and receiver.

 

[richardmyers]

Make a rule to ALLOW your NewsGroup messages and BLOCK the rest
with your address as both sender and receiver.

That's a good idea, but a little cumbersome, since i subscribe to more than
fifty email lists. Granted, not all of them return with the address of the
originator as sender. But even so, it seems like a significant hassle for
some of us to accomplish.

I don't know, i've never experimented with email rules. But i'm thinking i'd
have to specifically allow each email list.

Since this spoofed spam seems like a relatively new trick, i expect we'll
all see more and more of it.

Seems to me email clients ought to have a simpler method of dealing with
such a problem. Is it impossible to block email messages by analyzing the
headers, and maybe isolating an originating IP address? It seems to me that
would be a more elegant solution, if it is possible given the email header
protocol. (I'm not an expert in such matters...)

thanks,
richard myers

 

[Gary VanderMolen]

That's not really feasible since most mailing lists send out messages using
the From address of the poster.You can't very well white-list hundreds of names.

 

[Gary VanderMolen]

If there was an easy solution to spam, it would be made widely available
by now. There is no easy solution. Deciphering the originating IP
address of a spam email is no trivial matter.

Your mail provider should be your first line of defense. Most employ
very sophisticated server filters that you can't duplicate at home.

 

[...winston]

You really don't...once your address is known(harvested from newsgroups, malware infection, or in many cases from another person's
address book)......it will be used as a spoof for spam and included in mass distribution for the same or other purposes.

Adding a rule for news and blocking the rest(as one poster suggested) is rarely a convenient solution.

Don't open the messages or view in the preview pane....just delete them..eventually the frequency will dissipate. If you or a
contact have been a victim of malware harvesting, its also likely that your contacts will also be experiencing similar spoofed
senders(from you and themselves).

 

[Spirit]

If the newgroups name is mentioned it gets through would work.

However the poster here complained about messages that were
sent to him using his own addy as spoofed, the rule would work.
I doubt he is a member of hundreds of lists. So he allows the
messages using the LISTS to which he subscribes to pass in
the rule. None are actually white listed though that might work
also though more difficult since they are using his addy as the
SENDER.

That's not really feasible since most mailing lists send out messages using
the From address of the poster.You can't very well white-list hundreds of
names.

 

[Spirit]

See Complex Rules

http://www.insideoe.com/tips/rules.htm

http://www.webdevelopersnotes.com/tips/internet/outlook_express_message_rules_filter_emails.php

http://www.freeemailtutorials.com/o...OutlookExpress/creatingAndUsingEmailRules.cwd

http://www.sitedeveloper.ws/tutorials/spam.htm Outlook/Outlook Express

You could send ALL those addressed to yourself from yourself into one folder
that might be easier to manage. Complex rules or multiple rules should work.
For 50 lists it becomes which is a bigger hassle, writing the rules or
having
to deal with the spam. Take it one step-at-a-time. Send all those addresses
to
you from you to a separate folder and work from there to see what is needed.

Remember you can have complex rules, multiple rules and a combo of both.
The goal should be that all you want gets through and hopefully keep most
out. Rules should be thought of as filtering IN and not so much OUT.

You could also add a Bayesian Filtering program to filter mail prior to
Email
Program displaying it.....

http://email.about.com/cs/bayesianfilters/a/bayesian_filter.htm

http://getpopfile.org/

http://www.spamihilator.com/

http://www.codeode.com/spamfilter/index.html

PopPeeper can also be used to whittle out spam before it hits your email
program's inbox. You can even set up any filtering to be used in front of
PopPeeper which works on Pop, IMAP, and many webmail sites at the
same time.

http://www.poppeeper.com/

 

[Spirit]

If his ISP can filter by IP then the white list may be less hassle come
to think of it. Use a special email address for these LISTS. BlueBottle
or others than use a challenge could work and then his white list and
embedded rules might do very well. The problem is that its a hassle
no matter how he does it.

That's not really feasible since most mailing lists send out messages using
the From address of the poster.You can't very well white-list hundreds of
names.

 

[Spirit]

Richard I would be interested in how you attack this problem as it
definitely is shared by many others. The "Spoofed" addressed
SPAM is my biggest issue also. So far I have not added a Bayesian
filter however I might look into that route again as it did work in the
past. Sometimes its just not convenient to change email addresses
and even if one does the spam comes on quick these days.