« An Apple controlling a Mitsubishi Colt | Main | Computer gibberish #1 »

November 27, 2006

The spam avalanche: How I deal with the recent surge in spam

Spammers get smarter and smarter. Every day I see e-mails touting stocks, enlargements and the like reach my inbox, uncaught by spam filters that used to be doing a pretty good job.

In early summer this year, I heard Joshua Goodman from Microsoft talk about some of the techniques that spammers use to get around spam filters at a conference. And given that it takes Microsoft months to validate code before it is released, a small spammer can quickly figure out the next trick to fool the filter.

What they currently do is simple but effective. Spammers hide their message in one large picture (or in similar code), which is hard to "read" for a computer algorithm. Spam filters normally work by looking at the words contained in an e-mail. If they find something like "Penis enlargement", they'll keep the e-mail out of your inbox. But a spam filter can't "see" what is in an image - because to a computer, an image is a set of little colored dots, and not the letters and words and sentences that humans see.

So by "painting the message" instead of writing it, Spammers can send e-mail and get through. This is only possible because E-Mail clients happily present HTML e-mail, that is, e-mail that contains pictures and tables and most things a web page can contain. Microsoft were the first to make this kind of e-mail a common sight in their "Outlook Express". This function is of remarkably little practical value, but by introducing it, Microsoft has made spamming easy.

What to do about it?

Right now, the following trick does the job for me: I use a mail client (that is, something like Apple Mail, Outlook (Express), Thunderbird, etc.) that allows me to create my own filters for e-mails. I created such a filter that looks like this:

rules-screenshot.png

The trick is to look for senders that I have never sent e-mail to, and that aren't in my address book. E-mail from such people gets filtered out and put in a separate folder:

unknown-senders.png

Once a day, I have a look at the folder and quickly read the false positives, that is, legitimate e-mail from people that I don't know, or automatic e-mail that I'm not so interested in anyways.
I can quickly delete everything in that folder, and that's it.

This way, I can keep my inbox free of low-priority stuff. After all, e-mail from people I don't know is all to often to ask me for (free) advice with some of my open source software, and mostly spam.

Posted by dr at November 27, 2006 11:56 AM


Trackback Pings

Please use the following TrackBack URL:
http://www.davids-world.com/~dr/cgi-bin/mt/mt-tb.cgi/178

Comments

A suggestion of something to add to this -- also set a color to the mail filtered by this rule. Helps more quickly locate those emails.
This i saw on http://www.hawkwings.net/2006/08/01/mailapp-rule-fix-for-image-spam/

P.

Posted by: pulot at December 6, 2006 1:39 PM