How to Stop Spam
Email is almost the perfect communications method. It allows people to send free messages that can be accessed instantly, it allows people to create electronic communication archives, and it breathes new life into the age-old tradition of letter writing. Email was so close to attaining electronic communications utopia! Unfortunately, it never made it, and it never will, because the spammers went and ruined everything.
If you use email, you know what we're talking about. Spam, or electronic junk mail, has been clogging email boxes for years now, and it's only getting worse. According to the experts, spam now accounts for over 80% of all email. Incredibly, spam now costs US organizations alone over $10 billion dollars every year!
Apple's Mail thinks this is junk mail, and it's right. We don't want any!
How do you get rid of the junk messages? You can, of course, click on every email message and hit the delete button, but that gets old when you receive dozens of spam messages every day. A better solution is to train software to identity, quarantine, and delete spam so you don't even have to look at the stuff. We'll show you how to do it!
What Not To Do
Maybe you can relate to this: As junk mail fills Hypothetical Bob's Inbox, he's gripped by an uncontrollable rage. He feels the urge to do something -- anything! Bob responds to one of the (ahem) more vulgar spam messages and writes something (ahem) equally inappropriate to whoever just spammed him.
Resist the urge. It won't do any good, and it'll waste time -- time you could have used to configure your anti-spam software.
Here are other things you should never do:
- Contact Spammers: Do not reply to spam messages. Do not click unsubscribe links. Do not email the ISP (Internet Service Provider) that supposedly delivered the message. People sending spam forge their IP addresses and use bogus email addresses, which means you can't contact them or trace them. But even if you could email them, you wouldn't want to: Such an action would only verify that your email address is correct -- something that would ensure that you get even more spam!
- Post Your Email Address on the Internet: Do not post your personal email account on a website. Evil spam-bots scour websites for email addresses -- if they find yours, they'll grab it and never let go. People try to get around this by breaking their email addresses up into chunks, like this: matt [at] macinstruct . com. That won't help you evade spam-bots these days! Create a junk Gmail account and post that if you really need to publish an email address on the Internet.
- Be a Cyber Vigilante: Do not spam the spammers. Do not try to retaliate against people spamming you. Legend has it that a systems administrator at the University of New Mexico tracked down an individual who had spammed him and launched a DOS attack against the spammer -- from a UNM production web server. Turned out that was a bad idea. The spammers completely flooded UNM's mail server with junk mail for months after that, rendering the UNM mail server completely useless.
- Buy Spam Stuff: Don't even think about buying anything advertised in a junk mail message. If you want to buy cheap, no-name pharmaceuticals (!), buy them from somebody other than a petty electronic criminal.
- Report Spammers: There are tons of websites and applications that allow you to track and report spammers. The organizations that provide these services claim to be building databases full of the bad guys, and they say that the information they collect can later be used to track down and eliminate the nasties. Don't believe the hype. The spammers can't be tracked or traced, and even if they are busted, they'll just move somewhere else.
Basically, there's nothing you can do with spam except get rid of it.
Obviously, there's a lot of pressure to make all this spam stop. Junk mail is costing people big time and money. But how do you make it stop? There are two lines of defense in the war against spam: Server-level filtering and client-level filtering.
Systems administrators have three options when considering how to filter spam:
- Block Spam Messages: This is risky business! An administrator implements SpamAssassin or Brightmail to find and block spam messages. Unfortunately, this can sometimes block valid email messages. (This is known as a "false-positive.")
- Tag Potential Spam: This is probably the best option, and the one most administrators opt to use. Both SpamAssassin and Brightmail can place tags in an email message's headers to help the client's filtering software determine whether or not a message is spam.
- Do Nothing: More and more administrators are taking this route. It takes a lot of energy and resources to filter spam on the server-side, and clients hate it when a false-positive deletes a valid email message.
The client-level spam defense is up to you. In order to best plan your attack on spam, you'll need to figure out what spam-filtering steps your internet service provider takes. Here's how:
- Open Apple's Mail application. You'll find it in the Applications folder.
- Select a junk message. From the View menu, select Message, and then Long Headers.
- If you see headers related to spam, you'll know your internet service provider tags potential spam messages. If you don't find anything, call your provider and ask them how they handle spam.
Knowing what you know now, you can decide how best to attack the spam flooding your Inbox. We'll show you how.
How Anti-Spam Software Works
Filtering spam from your Inbox is a little like using birth-control: There are a lot of options, and none of them work 100% of the time. In fact, unless you abstain from email altogether (we don't recommend it), the best you can hope for is about a 97% spam filtration success rate.
What you decide to use should depend on your situation: Assess your internet service provider's policies, the amount of time you have to work on this stuff, and your patience and tolerance for complicated filtering software. If getting every piece of spam isn't important to you, look at less complicated options, like Apple's Mail junk options.
The most popular programs use one of two spam-filtering methods. Applications like Apple's Mail use something called latent semantic analysis. Unless you're a rocket scientist, you probably won't understand the complex math that goes on behind the scenes. (And who cares, anyway?) The most important thing to know is that latent semantic analysis analyzes relationships between documents and then creates a matrix to create trends based on the relationships. In the case of Apple's Mail, you help create the matrix by selecting mail messages that are junk. Mail uses this information in the future to automatically flag messages as spam.
Can you hang with the latent semantic analysis derivation? We can't.
Your other option -- and this is the most interesting -- is Bayesian spam filtering. Applications like SpamSieve use Bayesian spam filtering. Because Bayesian spam filtering relies heavily on probability, it's completely worthless without user input. You'll have to train applications that use this method! Here's how it works: The probability that an email is spam, given that it has certain words in it, is equal to the probability of finding those certain words in spam email, times the probability that any email is spam, divided by the probability of finding those words in any email.
Generally speaking, Bayesian spam filtering will probably provide the best defensive against spam. However, now that junk mail messages have started relying heavily on images, Bayesian spam filtering is less effective than it used to be. Spammers have also starting pasting valid text (i.e.: news articles, etc.) into spam, and this also reduces Bayesian filtering's effectiveness.
This text doesn't make any sense, but it ruins the probability that Bayesian filtering relies on.
How to Stop Spam with Apple's Mail
Apple's Mail application ships with a built-in spam filter that uses latent semantic analysis. We'll be honest with you: Mail's filtering is far from perfect. But it'll do in a pinch, and it's a nice option if you don't want to spend weeks training another anti-spam application. The Junk Mail feature works pretty well straight out of the box!
Here's how to turn on Mail's spam filtering:
- Open Apple's Mail application. You'll find it in the Applications folder.
- From the Mail menu, select Preferences. Click Junk Mail.
- Select the Enable junk mail filtering check box. We strongly suggest that you leave junk mail in Training mode (Leave it in my Inbox, but indicate it is junk mail), at least for a couple days, while you're starting out. Leave the next three checkboxes selected -- none of those people should be sending you spam.
- Remember those server-side spam tags we talked about? The ones inserted into email message headers? Mail can use those to determine whether or not an email message is spam. If your internet service provider tags email messages, check the last box (Trust junk mail headers set by my Internet Service Provider).
- If you'd like to set advanced mail rules for spam, click the Advanced button. We don't recommend doing this if you're just starting out -- it's more of a tweaking thing.
- Close Mail's Preferences. Mail will start looking for junk mail the next time you receive email. Messages that Mail thinks are spam are colored brown.
- If you receive spam messages that Mail doesn't recognize as junk, you can tell it that the message is spam. Simply select the message and click the Junk button on Mail's toolbar. Mail will mark the message as junk and learn from its mistake. When Mail marks valid email messages as junk, click the Not Junk button on Mail's toolbar. After a couple days, you should notice that Mail is increasingly accurate at identifying spam.
- After a couple days (or perhaps weeks, if you're being careful), you should take Mail out of Training mode. Go back into Mail's Preferences and select Automatic. From now on, Mail will automatically put spam into the Junk folder on the sidebar. You can occasionally glance at the email messages in that folder to make sure Mail is filtering out spam and not valid email messages.
Congratulations! You've configured Mail to identify spam.
How to Use SpamSieve to Stop Spam
If Mail's Junk Mail feature doesn't tickle your fancy, SpamSieve will. This is probably the first and last spam filtering application you'll ever need. If you train it correctly, it'll bust spam like none other!
Here's how to use it:
- Download SpamSieve. You'll have a month to decide whether it's a keeper or not -- after that, you'll have to pay $30 to continue using it.
- When you first start SpamSieve, you'll see the following "tip." (We'd call it a make-it-or-break-it piece of information, but whatever.)
- From the SpamSieve menu, select Install Apple Mail Plug-In. (Or select a plug-in for your mail application of choice.)
- SpamSieve will confirm that it has installed the plug-in. Quit the Mail application and reopen it.
- Turn off Mail's Junk Mail filtering. You could have major problems if you try to use SpamSieve and Junk Mail filtering at the same time.
- Now we need to create a folder for our spam. In the lower left-hand corner of Mail's sidebar, click the + button. Type Spam in the Name box.
- Next, we'll need to create a rule for SpamSieve. In Mail, select Preferences from the Mail menu. Click Rules. Type SpamSieve into the Description box, and make sure everything looks like our screenshot below. Close Mail's Preferences.
- Now the training begins. Over the next couple days, you'll have to flag spam messages for SpamSieve. To do this, select a junk message and select SpamSieve - Train as Spam from the Message menu.
- SpamSieve will slowly start identifying spam on its own. Keep training it! The more training you do, the more accurately SpamSieve will filter spam. To find out how successful you've been, select Show Statistics from SpamSieve's Filter menu.
That's it! You've successfully configured SpamSieve to filter your spam. Now you're a Mac spam-buster!
Meet Your Macinstructor
Matthew Cone is a technical writer living and working in Albuquerque, New Mexico. In his free time, he does the desert rat thing and hikes and road bikes around the Southwest. The rest of the time, he studies straw-bale houses, reads Anarchist philosophy, and pretends to not be working. You can email him at: [email protected]