Over Spammed

[MamaMoose]

•••••• I POSTED THIS NOTE A COUPLE OF HOURS AGO B UT IT DID NOT APPEAR IN FORUM!••••••••••


My mail client is Eudora running under OS 10.5.2 on my MacBook Pro. I use two ISP to access my mail. Eudora has a primitive SPAM filter and in addition, I  use SpamSieve as my primary filter.My main ISP is Verizon. However, they do not support domain names. So, I have a secondary ISP, SBC Webhosting that was recently taken over by AT&T. I use Verizon because thy are my principal Internet and e-mail source via FIOS.In switching from SBC to IBM, I noticed that I am getting 100 to 400 new SPAMS a day. To be clear, they do not appear in my IN box but rather in  my Junk box. So, the filters work just fine.

The problem is that I lie to check the new Junk mail to make sure that a good e-mail didn't accidentally wind up in the Junk box. However, searching through hundreds of e-mails in the hopes of finding a good one is a huge pain.

Does anyone have any ideas as to how to solve this problem or is it unsolvable? That  is, there are hundreds of new SPAMS per day and while the filters work to catch 98% of them,  they do appear in the Junk box.

Thanks,

MamaMoose

[Mayo]

Have you figured out why there is such a huge increase in spam? I'm a bit perplexed... What is it about your e-mail addresses, where they are publicly available, etc. that is making them available to spammers? Are your ISP addresses receiving spam or your domain addresses?

Having Been There, I have a few suggestions based on the info that you have provided so far:

1.  Don't bother checking for genuine e-mails unless you are expecting an online order confirmation that doesn't arrive, etc. (999 out of 1,000 times it will be just spam and it isn't worth the effort checking the junk mailbox.) Then use Eudora's powerful search features to quickly find the missing e-mail. Your regular correspondents should already be making it through the filters.

2.  Change your e-mail addresses.

3. Switch to an ISP that offers server-side spam filtering. I prefer it but YMMV. You still have spam to check if you are so inclined but I have found the two server-side spam services that I have used to be less hassle and more accurate than solutions residing on my computers.

[Xairbusdriver]

QUOTE

Eudora has a primitive SPAM filter and in addition, I use SpamSieve as my primary filter.

If I'm not mistaken, SpamSieve replaces Eudora SPAM filters. SS sees the messages before Eudora does so your Eudora SPAM filters are never needed. They will be used, of course, to sort messages to the particular mailbox you want.

But it sounds like the filters are not really the problem, anyway. It might be possible to send all your known good addresses to SS so it can build a DB of stuff you want admitted. But you also have that capability when you find a 'false negative.' If there are so few of those that might be the easiest method, then follow Mayo's suggestion and don't bother checking the Junk box. It might also help to have those messages deleted in a shorter period of time than whatever you may be using...something like one day?

[Gregg]

If you're concerned that legit e-mails might end up in the Spam Box, then add those addresses you want to receive mail from to the "allowable address" list, or whatever your e-mail client calls that. Yep, it's a pain. (And it's not foolproof.) I have had legit e-mails go to my Bulk Mail from addresses that had always gotten through before, as well as the same happening to my outgoing mail on the receiving end. If an ISP changes its spam protocol, weird stuff can happen.

[sandbox]

Tom, you have to define the spam. Are they being sent to you? tom@mooseville.com or tomato@mooseville.com and every other name imaginable?

Your domain host should have a spam program built-in, like Spamassasin, it will remove all or most known spam from around the world.

If you set your domain up to catch wrongly addressed email in a default address like default@mooseville.com all email wrongly addressed to your domain will go there instead of to your address. You can catch it and hold it for a time, or blackhole-it or have the server send a message back to the sender that there is no one at that address.

If your getting spam from overseas you can block the whole IP range like
38.0.0.0-38.255.255.255 and never see them again. Or you can block a domain like Viagra.com.

You have to find out who's spamming you in order to stop them. Or you need to find out if they're just phishing and the address isn't yours at all?

[Paddy]

Tom, as Mayo and SB have noted, you should be looking for the reason you're getting the spam in the first place - and then, ideally, doing something about that. You can filter spam till the cows come home - but that doesn't make it go away. I'm all over the place online - but I get maybe two spam messages a week in my Mail inbox, if that.

If at all possible, change your primary email address. ONLY use that for trusted uses - friends, family, trusted business associates and perhaps the big reputable online retailers who never sell their mailing lists (Amazon etc. - I've never had any issues with them) Then change your secondary email addresses, using Yahoo (including Yahoo's new email domains) or GMail and only use those accounts for less-trusted uses. You can set your old email addresses to forward to the new ones for a time, until you're sure you've informed everyone you want to have your new addresses.

BUT - before you do this, you must make sure that your email address is nowhere to be found online, in the open. IE: any time you have a "contact me" on a site, or are listed in a directory, that the email address is spam-proofed in some way (usually only possible if it's your own web site and you can do the coding). If there are situations where you are listed in an email directory on someone else's web site, you have two options - request that they spam-proof the email link in some way, or failing that, use a free email address that goes through Google or Yahoo (both of whom have very good email filters in my experience). With gmail, I have the email picked up by my mail client - all the spam is held in gmail's junk folder, which I empty via a browser login once in a while. The Yahoo address is used as my real "throwaway" - I check it via a browser once in a blue moon and generally empty almost the entire inbox and junk mail folder into the trash. I use that address for sites that ask you for an email address, where you don't really want them to have your email addy.

If it is impossible to change your email addresses, then you have a bit of a problem, since you're on a lot of spammers lists already. If that is the case, you need to take steps to ensure that your current email address is well protected. Don't use it anywhere that isn't trusted - use a secondary free one. Make sure that it is not openly available on web sites - that the sites either use a contact form (one that doesn't include the email address anywhere in the coding!) or some other method of obscuring the email address from spam-bots. I still use the simple method of substituting the ASCII characters for the "@" symbol - it works exceedingly well still, despite the warnings I've read that spam-bots now are programmed to recognize this. In my experience, they still don't.

[chriskleeman]

I would concur with Paddy, SB and Mayo here...

My email address was left naked on my website for years, and I've reaped the benefit of being on a lot of spammer's lists. The amount of spam I get on a daily basis varies, but it's around 50-75. Most of it is caught by the server program, "Postini" and it takes just a minute or two to go through it. That being said, since Paddy changed the @ on my website to the ASCII code, I'm getting less spam directly off the site than I used to by a big margin.

My primary e-mail address is way compromised at this point. And it is going to be a huge pain to change it, as it is used for most of my contacts, which is a very long list.

Probably take the better part of a morning to get it done, but probably is going to be well worth it once I get the time to actually do it. And that's the rub, because it will take a few hours to go through all the contacts that need to have the address changed, like credit card sites, and so forth.

Chris K