Internet Efficiency, Privacy, &
Avoiding Junk Email
This Web page can be accessed at http://www.minich.com/interneteducation/efficiencyprivacyspam
- Internet Efficiency
- Reading your work-related email on your home computer or vice versa
by using your email incoming server and username.
- Read your email directly on the web at Mail2Web.com.
- Using "disposable" email addresses such as mail.yahoo.com
or Hotmail.
- Dealing with pop-up windows. Are you sure that you want to disable pop-up
windows?
- How to organize your favorite places or bookmarks. Use the Favorites/Organize
Favorites menu command.
- Setting various Internet Explorer preferences under the Tools/Internet
Options menu command.
- How to inspect and delete files in the Internet "cache" on
your computer. Use the Start/Search/Search for Files or Folders command
to search for a folder named "Temporary Internet Files".
- See my Practical Reasons to Use the
Internet page for some more tips on using the Internet efficiently
- There are few things that you can do to stop pop-up windows from annoying
you while surfing the web. This government
web page explains a couple
of techniques including how to disable the Windows Messenger Service
that may be enabled on your computer. You can also install the free and
useful Google
Toolbar that includes a feature that stops pop-up ads.
- Privacy on the Internet
- What can web designers and web sites learn about you when you visit
a web site?
- Should you be concerned with "cookies"?
- How to tell if an ecommerce web site is secure or not.
- Should you use your email address on online forms?
- Always protect your personal information. Only share your credit card,
social security number or other personal information when making
purchases from a company or financial institution that you know and trust.
- Never send personal information to email requests. You should never
be asked for a password, credit card number or social security number
from a legitimate source via email. Beware of official-sounding notices
that require you to reply with personal information.
- Verify any transaction. If a Web site address looks different from the
name of the organization that you're dealing with or if
you have doubts about your transaction, look for a phone number on the
Web site and call the organization to verify that the Web site is valid.
Don't deal with any organization that doesn't clearly state its name,
physical address and phone number on its Web site.
- Do not allow "adware" to be installed on your computer. You
can use the free program Adaware
to sweep your computer free of spyware.
- Programs such as McAfee's
Privacy Service ($40/yr) or Norton's Privacy Control can be used to
help you guard personal information.
- Check out spywareinfo.com for information and reviews about spyware.
- Avoiding Junk Email (i.e. Spam)
- Nearly 40% of all email is unsolicited up from 8% in 2001. Twenty-six
states have anti-spam laws and federal legislation is in the works. However,
it is difficult to define spam. In addition to unsolicited commercial
advertisements, some people consider jokes and chain letters sent to you
from your friends to be spam.
- Nothing will stop ALL junk email
- How they get your address:
- from your registration at web sites
- from newsgroup postings (such as groups.google.com)
- from chat sessions
- from spambots that crawl the Internet and find email address links
in web pages
- junk email lists that spammers can purchase
- from mailing lists that you've subscribed to
- by randomly trying various username combinations at the domain (i.e.
adding "jsmith" to the front of "@aol.com"). This
is called a "dictionary attack".
- by harvesting all the email addresses on your company' server
- To hide their identities, spammers send spam through unsuspecting third-party
mail servers & relay mail through them. You can carefully read see
the full header of the message to try to tell who really sent the email.
Visit spamcop.net/fom-serve/cache/19.html to learn how to read the message's
header in your particular email program. In the message header the Message-ID:
line is difficult for a spammer to forge. If the domain name (i.e. the
part after the @ symbol) in the From: area is different from the domain
name in the Message-ID: area then it is a telltale sign that the sender
is trying to remain anonymous. It is also difficult for a spammer to forge
the Received: lines as well. Read the lines in the Received: block from
the bottom up until you find the first line where the IP address (a 10-12
digit number in square brackets [ ] ) matches the domain server name.
To tell whether an IP address "matches" a server name, use geektools.com/cgi-bin/proxy.cgi
. The domain name of this first authentic domain server is most responsible
for sending the email message. You can also copy and paste the message's
full header to spamcop.net/anonsignup.shmtl.
- Your ISP (e.g. AOL) may have installed filtering software or use blacklists
to catch and delete suspected spam before it's delivered to you. However,
this sometimes deletes good messages (i.e. false-positives). Hotmail offers
three levels of filtering: default (only obvious spam is detected), enhanced
(most is detected), and exclusive (you only receive email from predetermined
addresses).
- The dangerous aspect of deleting spam messages manually is "spam
fatigue". In the process of quickly deleting 100 spam messages, you
may accidentally delete a good message that's mixed in with the spam in
your inbox.
- What you can do to avoid spam:
- DO NOT respond to spam, even in an attempt to take yourself off
of their junk mail list. When you respond to the spam, it confirms
that your email address is valid and will probably guarantee that
you'll receive junk email from that spammer forever. If you receive
an email after you have replied indicating that you do not want to
remain on a mailing list, you can forward that email to uce@ftc.gov.
- Never buy spam-advertised products! Aside from encouraging the spammers,
this also makes more of your personally identifiable
information-name, address, phone number, credit card numbers, etc.-available
to spammers.
- Do not give out your email address unnecessarily. Do not use your
email address in an instant message, a newsgroup post, a bulletin
board, or a chat room.
- If you need to use an address when registering on a web site but
you really don't need to receive a reply, then use a fake address
such as john@doe.com. Be sure that you don't need to confirm to a
verification message from that site though. (If you suspect that a
verification will be necessary, use your disposable address.)
- Don't post your email address on web sites! If you must then you
could post it as john @ aol.com with spaces around the @ symbol.
- Do not accept HTML-based email unless you trust the sender. Some
spammers send Web bugs which are emails with image links that connects
your email address with your computer's IP address. Also, if you use
MS Outlook to read your email, you can disable the viewing of scripts
and active content in emails under the Tools/Options/Security/Secure
content.
- Use a free, web-based, "disposable" email addresses for
online registerations and such. Set up one or more free email addresses
at mail.yahoo.com or hotmail.com. You can abandon this address anytime.
- mail.yahoo.com - Yahoo detects
and labels spam as "Bulk Mail".
- hotmail.com - owned by
Microsoft. Messages pass through the server's Brightmail server
software and suspected spam is automatically deleted. Then other
junk mail is placed in a Junk Mail folder. However, you can explicitly
mark a message as being "not junk mail" if it is falsely
marked as spam.
- Emailias ($20/yr) - easily
create disposable addresses with a toolbar button in Internet
Explorer. Each disposable address (e.g. one per web site registeration)
can be marked to automatically delete after a period of time (e.g.
2 weeks after a purchased product has been shipped to you.)
- Mailshell ($35/yr) -
you create as many disposable email addresses as you like such
as whatever@john-doe.mailshell.com. You can read the email in
your email program or on the web. Each address can be marked to
automatically expire.
- Spamex ($10/yr) - Allows
up to 500 disposable addresses and messages must be less than
500 Kb. Addresses can be custom made or automatically generated
and even associated with individual web sites.
- SpamGourmet (free)
- Spam Slicer ($20)
- some colleges offer free, lifetime email to their graduates
such as john_doe@alumni.harvard.edu
- you can register your own domain name at www.doteasy.com
and receive 10 email accounts for the $25/year. This allows you
to have 10 email addresses and give out an address like junk@myname.com
for online registerations but use bill@myname.com for correspondence
with friends.
- Opt out of receiving email when registering at web sites.
- For the technical-minded person, you can examine the header of an
email message to look closely for signs that it is spam. You may need
to use a tool such as Sam Spade
which can analyze email headers.
- You can install software on your home computer that deletes or flags
suspected spam (just like antivirus software separately guards against
virus infected files and email attachments). This software can sometimes
be regularly updated to work more efficiently and accurately. The
following programs can be installed on your home computer to detect,
flag, and/or delete spam. Unfortunately, on average they only catch
75% of spam and occasionally mark a legitimate message (i.e. false-positive)
as spam. Most of these programs probably do not work with an AOL email
account. Most will probably not work with web-based email like hotmail
and yahoo. You can read recent
PC magazine reviews of most anti-spam software.
- SpamAssassin Pro ($30)
- low false-positive rate and decent spam detection overall. Works
well as a toolbar in MS Outlook. It is convenient with "Allow
Recipient" or "Block Recipient" buttons on the
toolbar. By default, it moves suspected spam to a folder named
Junk Mail.
- SpamKiller ($40) - This
program, sold by McAfee, works independently of your email program
(e.g. Outlook). A great spam blocking program that doesn't really
on dedicated whitelisting.
- Junk Spy 2.02 ($20)- analyzes
your mail in the incoming mail server before your computer actually
downloads it. It works independently of your email program (e.g.
Outlook), running as a local POP3 server, and can cause conflicts
with antivirus programs on your computer. Large attachments sometimes
lock up the program.
- MailWasher Pro 3 ($29)
- sold by Firetrust, takes more time to process mail, deletes
messages before they are actually downloaded.
- Matador 1.0.0.89 ($30)
- finds most spam but leads to a relatively high percentage of
false-positives. Only works with MS Outlook 2000 and 2002 so far.
If it gets a message from a suspicious sender, it sends a message
that can only be answered by a human. If that answer isn't replied,
the sender is blacklisted.
- Norton Internet Security 2003
($70) - In addition to acting as a personal firewall and virus
protection, it attempts to stop spam.
- SpamCatcher 2.1h ($20)
- Very few false-positives but allows a lot of spam to get by.
It works with MS Outlook 2000 or 2002. Works with web-based, disposable
email addresses such as hotmail.
- IHateSpam ($19)
- works with Outlook & Outlook Express. It is rated as a PC
World "Best Buy" with 4 out of 5 stars. It works very
well with Outlook having blocked 91% of spam and blocked 0 out
of 20 false positives in a review by Laptop magazine it
- SpamBuster
- SpamCon Foundation
- Spam Sleuth 2.0 ($29)
- sold by Blue Squirrel, in a review by Laptop magazine it blocked
84% of spam and blocked 0 out of 20 false positives.
- Choice Mail One version
1.5 - sold by DigiPortal, in a review by Laptop magazine it
blocked 100% of spam and blocked 0 out of 20 false positives.
It only allows messages from people in your address book to get
through. It sends everyone else a question which they must answer
and reply in order for their original email to get through.
- Don't send email such as joke lists, urban
legends, etc. to groups of your friends. Definitely do not place
their email addresses in the To: field but rather use the BCC: (blind
carbon copy) field if necessary.
- Use the mail filter capacities of your current email program. This
is different from relying on your ISP to delete spam before it reaches
you and this is simpler (though probably weaker) than purchasing one
of the programs like SpamKiller above.
- Use the following sites to find the origin of deceptive email: samspade.org, Visualware's eMailTrackerPro & VisualRoute, NSLookup, Whois, &Traceroute.