» Anti Spam Links «

Links

This page lists resources and tools to fight the fight. If there's any broken links or you know of any good sites to add, let me know.

Thanks - Paul

Sections:

• Whois? Determining the origin of Spam
  
  
• Anti-spam sites, companies and organisations
  
  
• Anti-spam filter and RBL sites
  
  
• Procmail and Sendmail related
  
  
• Anti-Spam and Mail books from Amazon
  
  
• Other links of interest
  
  
• Government and Commerce bodies
  
  
• DTI: Don't be a Spam mug
  
  

Whois? Determining the origin of Spam

It is extremely important to identify the origin of a message. A useful technique in doing this is the correct analysis of the message headers contained in every e-mail message, which provide useful information on the message's origin and path. A little training is required to read message headers, but the links below should furnish the necessary information in a matter of minutes:

• NetDemon's WHOIS tutorial - a useful guide for tracking down a Spammer's location.
  
  
• net.demon's HayWyreSM Nullifyer
  To decode pages that were obfuscated with a javascript encoder's such as Haywyre or Merlin simply view the source of the page and paste it in the form here.
  
  
• Opinionated Geek : Decode Base64 (from spam)
  
  
• Samspade.org - several useful tools available here.
  
  
• UXN Spam Combat - Hosts a really nice online tracing toolkit.
  
  
• UXN's guide to reading message headers and tracing Spam.
  
  

WHOIS :

• Apnic.net
  
  
• Arin.net's whois
  
  
• DNSSTUFF - This one's REALLY good
  
  
• Domain White Pages This place rocks. Even gives the IP ranges to block
  
  
• EURid ~ The European Registry of Internet Domain names
  
  
• Cyberabuse.org's whois
  
  
• Geektools' whois
  
  
• InterNIC whois
  
  
• LACNIC whois - Latin American and Caribbean
  
  
• Network Solutions' whois
  
  
• Nominet for .UK whois
  
  
• OpenRBL - whois, and list of RBL's the domain is blocked by
  
  
• Ripe.net's whois
  
  
• SORBS IP Lookup - I like the attitude of these guys. Reflects my own.
  
  
• UWhois : The Universal Whois
  To identify the registered holder of a domain name, enter the domain name, followed by either .com, .net .org, or one of the 246 country code suffixes in the entry box above and click the go button.
  Or to check it's availability to register
  
  
• Whois.biz
  
  

Anti-spam sites, companies and organisations

• 419 Eater - The hilarious (real) escapades and windups on a Londoner (British) taking the Nigerian 419 Scammers for a ride.
  
  
• Internet Research Task Force
  
  
• CAUCE - The Coalition Against Unsolicited Commercial Email
  
  
• CAUCE's resources page
  
  
• CAUCE Europe
  
  
• Claws and Paws have a brilliant article on tracking headers
  
  
• COTSE: Church of the Swimming Elephant
  They have a more complex and comprehensive set of tools. Anti-Spam mail options too
  
  
• Dark Dream Personal Privacy
  Welcome to the personal privacy pages of DarkDream. DarkDream is your guide to information concerning personal, financial privacy and expatriate information available on the internet. We cover internet security, crime, politics, communication and rights
  Not looked in depth here, but there's lots of links.
  
  
• The FBI's Internet Fraud Center (Errors October 2004)
  
  
• Internet Fraud Watch / National Fraud Information Center
  
  
• Get Netwise - About Spam - Very good this one
  
  
• HostedScripts: Fight Spam!
  I LIKE these guys. They appeal to my atimes warped sense of humour. The page is a honey trap for spambots and causes merry havoc with then. Way to go! Of course the only problem is the Spammers fake so much that the messages rarely bounce back where they came from.
  

  How Does It Work?
  On the Anti-Spam page, there is a list of 100 randomly generated, fake email addresses. When a spammer's program comes by to collect email addresses, it will find the link to Anti-Spam. When it follows this link, it will find a hundred fake email addresses and index them. At the bottom of the Anti-Spam page is a link back to itself, slightly modified, so that 100 new email addresses come up. This puts the robot into an infinite loop collecting fake email addresses. When a spammer sends out a mailing, he will receive a TON of returned email.

  
  
  
• Internet Research Task Force (IRTF)
  
  
• JHMO on Spam
  Dedicated to those with little or no experience in fighting against Internet Abuse
  
  
• Junkbusters
  Lots of interesting stuff here - translated acrosses several languages too!
  I particularly like this page : If you don't want junk email, here's a way to say so strongly
  
  
• MAPS: Mail Abuse Prevention System
  A non-profit organization whose mission is to defend the Internet against Spammers. Take a look at their Realtime Blackhole List (RBL) information
  On July 1, 2004, Kelkea, Inc. purchased the assets of Mail Abuse Prevention Systems, LLC.
  The MAPS subscription services are now offered as part of the Kelkea Anti-spam Service.
  
  
• Metropolitan Police fraud alerts
  
  
• Jørgen Mash's DNS database list checker - Another long list of dnsbl sites
  
  
• Network Abuse Clearinghouse
  Generally accepted as the official repository for email addresses for network abuse.
  The anti-spam section is useful too.
  
  
• PC World - read about how to keep junk e-mail from ruling your in-box.
  
  
• Quatloos! Cyber-Museum of Scams and Frauds
  Quatloos.com is a public educational website covering a wide variety of financial scams and frauds, including wacky 'prime bank' frauds, exotic foreign currency scams, offshore investment frauds, tax scams, 'Pure Trust' structures and more.
  They like winding up the greed scammers too. Hilarious!
  
  
• Rex Tincher links - Comprehensive links and information on Spam
  
  
• www.silicon.com are a good one to watch.
  
  
• SORBS Spam FAQ
  
  
• Spam complaint boilerplates
  Boilerplates for categories of Spam so you don't have to write a whole new message every time you report abuse to an ISP or Web site
  
  
• - ESSENTIAL
  
  
• SpamCon Foundation - Lots of news here. They fight the fight in the courts.
  
  
• Spam Faqs
  
  
• Spamhaus
  
  
• Spam Help - This one is REALLY useful.
  
  
• Spam Laws - Fastinating and essential if you intend to take legal action.
  
  
• spamNEWS - by Pete Moss Publications
  spamNEWS is a daily journal of aggregated news articles about junk e-mail, and Internet marketing
  
  
• Spamotomy is an interesting site to visit.
  Lots of news items and links to 149 (or more) anti-spam related products, a number of which are reviewed.
  
  
• Spam Primer: Getting Rid of Spam Other E-mail Pests by Randy Cassingham
  The basics of spam, how they got your address in the first place, and what to do now.
  
  
• Spam Reaper: What Spammers have ruined
  
  
• Spamsites.org - Who's hosting your spammers today?
  Offers lists of Spammers to add to your old block lists. Good.
  
  
• SPEWS: Spam Early Warning System also have a long list of filters and methods
  
  
• [ www.stop-spam.org ] Stop-spam.org (down May 2005)
  
  
• Thank the Spammers - not
  
  
• Toasted Spam : Along with the anti-spam stuff there are some nice too tools, including:
  • Attacks on your network to test security
    
    
  • Decoding decimal IP address to dotted quad (http://3638992906/ into http://216.230.160.10/.)
    
    
  • Convert base64 encoding to something legible
    
    
  • Convert quoted-printable encoded text
    
    
  • (cf RFC 1521 on MIME (Multipurpose Internet Mail Extensions))
  
  
  
• Trimmail
  
  
• Whew.com - good
  
  

RBL Sites

Spam Blocking Lists of interest:

• Bonded Server
  

  Sponsored by IronPort Systems, the Bonded Sender program turns the spam problem upside down by identifying legitimate email traffic. Originators of legitimate email can now post a financial bond to ensure the integrity of their email campaign. Receivers who feel they have received an unsolicited email from a Bonded Sender can complain to their ISP, enterprise, or IronPort and a financial charge is debited from the bond.

  
  
  
• Composite Blocking List
  
  
• NJABL : Not Just Another Bogus List
  

  NJABL.ORG maintains a list of known and potential spam sources (open relays, open proxies, open form to mail HTTP gateways, dynamic IP pools, and direct spammers) for the purpose of being able to tag or refuse email and prevent at least some spam. We do not block email. We just provide a tool for network/system/mail administrators to use to protect their mail servers from email abuse. Our goal is to provide a stable and effective dnsbl with clearly stated and strictly adhered to criteria for listing

  
  
  
• OpenRBL.org
  A whois and list of RBL's the domain / IPs has been blocked by
  Very useful, but seems to generate reports at a tiny 6 point
  
  
• ORDB : the Open Relay DataBase.
  
  
• RFC-Ignorant.org
  Listings of sites whose administrators think that the rules of the Internet don't apply to them.
  
  
• SORBS dnsbl
  
  
• Spamhaus's SBL
  
  
• Spamhaus's new XBL - Exploits Block List
  

  The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
  
  Incorporates CBL data
  
  The XBL wholly incorporates the highly-trusted CBL (Composite Block List) from cbl.abuseat.org, therefore mail servers already using cbl.abuseat.org should NOT also use xbl.spamhaus.org or you will be making 'double' queries to basically the same data source and only one DNSBL will appear to work, the other will appear to not catch anything. For additional FAQs and information on the CBL see cbl.abuseat.org/
  
  How To Use the XBL
  
  The Exploits Block List can be used by all modern mail servers, by setting your mail server's anti-spam DNSBL feature (sometimes called "Blacklist DNS Servers" or "RBL servers") to query xbl.spamhaus.org. Use of the XBL is free.

Procmail and Sendmail related

• Catherine Hampton's Spam Bouncer
  
  
• Filtering by IP address - thread
  
  
• Introduction to Procmail - Nice 101 course
  
  
• Jari Alto
  I did have a link to his 'procmail tips page' which was exhaustive at 176 pages
  
  
• Stopping Spam and Malware with Open Source - by Brett Glass - Excellent (19 pages)
  
  
• Timo's procmail tips and recipes - Good. 45 pages worth
  
  
• Books :
  The Procmail Companion (Practical Solutions Series) by Martin McCarthy
  £28.99 Addison Wesley; ISBN: 0201737906
  
  

AntiSpam, Sendmail and related books from Amazon

I have removed this for now until such time as Amazon get their act together as regards accessibily code! After A LOT of wrestling I reworked their pathetic html to pass XHTML but I have absolutely no intention of doing their work for them to pass disability laws, some of which, relating to websites, come into affect on October 14th, 2004.

Not Spam related, but don't be in the least bit surprised when you read that Amazon or another high profile site has being embarrassed and fined in the courts over this!

Other links of interest

• BBC : Children upset by spam e-mail
  The content is basically, kids get the same email are the rest of us and Governments are beginning to recognise the menace of junk e-mail. Come the autumn (2003) the European Union will make unsolicited messages illegal across all member states.
  
  Oh yes, telling a crook he's breaking the law raking in millions fraudulently is really going to deter him. Lets see if the laws have teeth first. Hit 'em in the wallet I say.
  
  
• Direct e-mail marketing tips
  
  
• Foiling Spam with an email password system.
  
  
• Links to tools for controlling junk email Also links to buying lists. Hmmm
  
  
• Postage Due - Spam and the damage it causes
  
  
• References a good deal of tools for fighting spam.
  
  
• The War on Spam
  
  
• SMTP - What Some Of The Stuff In An Email Header Means
  
  

Goverment and Commerce bodies

Internet Governing Bodies and related

I have no idea why I forgot to add these. It's probably a familiarity thing. I only realised when I search for ICANN news and found nothing on Ackadia.
*cough*
I'll copy logos in another day. With no further ado:

• AFRINIC ~ African Regional Internet Registry (Needs work! (Feb 2004))
  
  
• APNIC~ Asia Pacific Network Information Center
  
  
• APNIC's FAQ on Spam
  
  
• ARIN ~ American Registry for Internet Numbers
  
  
• ARPANET
  Entry copied here from Webopedia for convenience.

  The precursor to the Internet, ARPANET was a large wide-area network created by the United States Defense Advanced Research Project Agency (ARPA). Established in 1969, ARPANET served as a testbed for new networking technologies, linking many universities and research centers. The first two nodes that formed the ARPANET were UCLA and the Stanford Research Institute, followed shortly thereafter by the University of Utah.

  
  
  
• DARPA ~ The Defense Advanced Research Projects Agency
  
  
• EURid ~ The European Registry of Internet Domain names
  
  
• IANA ~ Internet Assigned Numbers Authority
  
  
• ICAAN ~ Internet Corporation For Assigned Names and Numbers
  
  
• ICAAN Registrars agreement
  
  
• ICAAN accredited Registrars (for Top Level Domains)
  
  
• InterNIC Registrar Complaint form:

  InterNIC Registrar Problem Reports
  If you have a problem with one of the registrars, you should first try to resolve it with that registrar. Contact information for the registrars is posted at InterNIC
  
  If you cannot resolve your complaint with the registrar, you should address it to private-sector agencies involved in addressing customer complaints or governmental consumer-protection agencies. (The appropriate agency will vary depending on the jurisdiction of the registrar and the customer.)
  
  All registrars with direct access to the .aero, .biz, .com, .coop, .info, .museum, .name, .net, .org, and .pro registries are accredited for this purpose by the Internet Corporation for Assigned Names and Numbers (ICANN). ICANN does not resolve individual customer complaints. ICANN is a technical-coordination body. Its primary objective is to coordinate the Internet's system of assigned names and numbers to promote stable operation.
  
  Although ICANN's limited technical mission does not include resolving individual customer-service complaints, ICANN does monitor such complaints to discern trends. If you would like to submit a complaint about a registrar for ICANN's records, please use the form below or send an email (including the information below) to <registrar-info@icann.org>. As a courtesy, ICANN will forward your complaint to the registrar for review and further handling. (Please note that there is no guarantee that the registrar will reply.)

  
  
  
• IAB ~ Internet Architecture Board (Part of the IETF)
  
  
• IESG ~ The Internet Engineering Steering Group
  
  
• IETF ~ Internet Engineering Task Force
  
  
• IEFT rtf0822 - The standard for the formal of ARPA Internet text message. (Set: August 13, 1982)
  
  
• IRTF ~ Internet Research Task Force
  
  
  
• Internet Society - This place is fascinating!

  ISOC is the organizational home of the Internet Engineering Task Force (IETF), the Internet Architecture Board (IAB), the Internet Engineering Steering Group (IESG), and the Internet Research Task Force - the standards setting and research arms of the Internet community. These organizations operate in an environment of bottom-up consensus building made possible through the participation of thousands of people from throughout the world.
  
  At the technical and developmental level, the Internet is made possible through creation, testing and implementation of Internet Standards, developed by the IETF. The standards are then considered by the Internet Engineering Steering Group, in consultation with the Internet Architecture Board. The specification documents of the Internet protocol suite, as defined by the IETF and the IESG, are published as RFC's. The RFC Editor prepares and publishes the RFCs and is responsible for the final editorial review of the standards in their definitive form.

  
  
  
• LACNIC ~ Latin American and Caribbean Internet Addresses Registry
  
  
• Public Interest Registry ~ The New Home of the .ORG Registry
  
  
• RIPE NCC
  RIPE covers Europe, Parts of Asia, Africa north of the equator, and the Middle East
  
  

Interpol

• Interpol’s - contribution to combating Information Technology Crime
  
  

Canadian Government

• Personal Information Protection and Electronic Documents Act (Revised 1st Jan 2004)
  
  

UK Government

• Information Commissioner
  
  
• Privacy and Electronic Communications (EC Directive) Regulations 2003 came into force on 11 December 2003.
  
  The Privacy and Electronic Communications Regulations 2003 superseded the Telecommunications (Data Protection and Privacy) Regulations 1999.
  
  The Information Commissioner is responsible for enforcing both the 2003 and the 1999 Regulations.
  
  The Privacy and Electronic Communications Regulations 2003 have two new rules for email marketing
  
  You can also see:
  
  • What the regulations cover
    
    
  • Your rights
    
    
  • and making a complaint.***
  
  
  
• The Telecommunications Regulations 1999 imposed rules on the use of telecommunications services and gave effect to EU Directive 97/66/EC. One of the main aims of this directive was to ensure the:
  protection of fundamental rights and freedoms, and in particular the right to privacy, with respect to the processing of personal data in the telecommunications sector.

*** Amazingly, and annoyingly, the 'Making a Complaint' isn't a form to complain, the complaint form (was) 'here'. If was basically a pdf to print out anyway.



To my way of thinking, this form:

• is a cop-out
• is a complete waste of time
• appears to show a complete and utter lack of interest in reducing Spam!
• shows a total lack of understanding of the Internet and of Spam in particular
• makes me sick!

Basically, you are expected to...

• open and/or download a pdf and print it out...
• then labouriously fill it out...
• ... for each incident. If you need to report several a day, tough! Get writing
• then post it off
• then wait for their response, if any...

Compare this to the FTC's Consumer Complaint Form where you enter the details on-line and they deal with it...
Words (that would wouldn't send solicitors running my way) fail me!

Some folk will quietly fish the cockroach out the soup in case they upset the waitress by complaining (Don't make a scene, dear.) Funnily enough, I'm not most folk and I let the government know exactly what I thought of the poor effort. They replied:

Hi Paul,

Sorry for the delayed response, we are aware that the present process is time consuming for people reporting spam. This will be reviewed with a view to an online report form.

Regards

Seán

Pleasantly surprised as I didn't expect a reply. I'll never, ever, EVER, be an ambulance chaser, but it just goes to show asserting your rights and views in a firm, polite manner can work. OK. I was blunt to the point of rudeness, but if you got a tenth of the the Spam I get you'd toss your modem out a Window!

Scams are assisted by the common belief that all companies or businesses must be legitimate because they are subject to vetting by government agencies. Unfortunately this is not the case. The Office of Fair Trading and local Trading Standards Departments are always looking out for bogus schemes but they can usually only take action once scams are reported to them. (Tip them off).

The DTI's Useful Contacts is particularly good as is covers the whole gamut of commercial and fraudulent pests, including how to get off mailing lists and phone lists. For a short time at least you too can be free of idiots ringing up every teatime for the double glazing etc etc.

I found a great way to permanently avoid these. Going ex-directory doesn't always work, though it should, but if you have your number as a business, they never ring you. Ever. Just the annual call from Yellow pages asking for a grand for an advert the size of a postage stamp

America : FTC

Stateside, the government responsible for dealing with "unethical" Spam is the Federal Trade Commission. The page you want is the FTC Spam index.

"The FTC wants copies of your unwanted emails and emails that have deceptive unsubscribe links. They use the unsolicited emails stored in their database to pursue law enforcement actions against people who send deceptive spam email."

To report any unwanted emails you receive, simply forward the messages to uce@ftc.gov. Make sure that you include the header information in the email.

The FTC wants to know if you find an email with an unsubscribe link that is not active, does not unsubscribe you or results in more spam. You can fill out a complaint form at www.ftc.gov/spam.

You can also formally report them using the FTC's Consumer Complaint Form

America : DMA

Direct Marketing Association - America

Unsolicited Marketing E Mails
If you wish to register not to receive Unsolicited Commercial E-mails (UCE), the EMPS (E-mail Preference Scheme) is operated by the DMA in the United States. Please note that the database is held in the US, and your personal data is not, therefore, covered by UK Data Protection legislation.

I'll add to this my own jaded comment. You are giving your personal details to a marketing association (that by definition make money from junk mail) who has, somewhere along the long, illegally and/or immorally obtained your e-mail address, saying:
Here I am. Don't send *ME* any more rubbish that I never asked for, nor gave permission for in the first place…
Cynical? Moi?

MCCA - Australia

The Ministerial Council on Consumer Affairs (MCCA) consists of all Commonwealth, State, Territory and New Zealand Ministers responsible for fair trading, consumer protection laws and credit laws. They don't like Spam either, for some reason.

Department of Trade and Industrusty (UK)

Here's an especially good set of links from the DTI:

• African E-Mail or Letter Fraud
  
  
• Clairvoyant or "Psychic" Scams
  
  
• Homeworking Scams
  
  
• How to Protect Yourself From Scams.
  
  
• How to Recognise and Avoid Scams.
  
  
• How to Stop Unsolicited Mail etc.
  
  
• Premium Rate Telephone Numbers
  
  
• Telemarketing Scams
  
  
• Internet Scams
  
  
• Invention Promotion Firms
  
  
• "Miracle" Lotions and Potions
  
  
• Pyramid Selling Schemes and Chains
  
  
• Telephone and Text Message Scams
  
  
• Timeshares and Holiday Clubs
  
  
• Unsolicited "Gifts"
  
  
• Unsolicited Prize Draws & Lotteries
  
  
• Useful Contacts
  
  
• Vanity Publishers