We are getting severely hammered at my company by spam
mail. Literally thousands daily. Is there anything we can
do about this to stop it. We have blockers etc. It's is
just excessive. Is there some agency etc...we can report
this?
It can not be legal to sell drugs on the internet!
Any assistance will be appreciated!
Short answer: This isn't something that Outlook does very well.
You'll need to look elsewhere.
Multiple part answer:
1. Stopping spam
1.1 Where to block
1.1 Ways that work
1.2 Ways that don't
2. Reporting it
3. How about the government?
4. More information
======================
1.1 Places to block spam:
There are two main places to block spam: At your ISP's or your
company mail server, and at your own computer.
Does your company have an IT department, and its own mail server? If
so, then the best solution would be to install spam-filtering or
blocking software on your server. A lot of good software is free. At
best, it can reject the spam while the spammer is still trying to send
it, and it never takes up any space on the mail server. It can also
send a "reject" message which some (not all) spammers will use, and
just maybe, quit trying to send their junk to that server.
Or, contact your ISP and ask them what they can do. They might
already offer some type of protection that you're not taking advantage
of. For example, they might be "tagging" the email with information
in the headers, so that your own email program (Outlook) could use it
decide whether to reject the email or not.
But with this solution, the server still accepts the spam from the
spammer, and you're still downloading the spam. Blocking at the
server is a better idea, for most of us.
1.2 How to block
Whether it's done at a mail server or on your own computer, right now
there are two fairly good methods of blocking, and several that don't
work.
1.2.1 IP blocking, or DNS blocking
One good way is to examine the headers of incoming email. Email
typically travels in 2 or more steps between the sender's computer and
yours. The steps are recorded in the "Received:" headers, that are
normally invisible to you.
Some spam blocking software looks at these headers and examines the IP
numbers, which is the unique number that identifies the computers that
sent and handled the email. It then checks these numbers against one
or more "block lists" (some people call them blacklists). If the mail
comes from a number on a block list, then it's rejected as probable
spam.
You can use your own local block lists, or you can also use block
lists that are maintained (free) by spam-fighting organizations. Most
people do both.
I don't have enough spam so I don't use this program, but I know
people who do and they're happy:
www.spampal.org
This site also has a good description of how it works, and comparisons
between itself and other programs. Totally free.
There are differences between the philosophies of different block
lists. Some like SPEWS are very aggressive, blocking even legitimate
email from companies that happen to be clients of ISP's that support
spammers. Others have a lower "false positive" rate, but will still
block most spam.
http://www.dnsbl.us.sorbs.net/
http://www.spamhaus.org/
http://spews.org
1.2.2 "Bayesian" filtering.
A lot of spam uses stupid tricks to try to fool simple filters.
"Bayesian" filtering is a lot more sophisticated. SpamPal (mentioned
above) has a Bayesian add-in, here's some more information:
http://www.paulgraham.com/spam.html (how it works)
http://popfile.sourceforge.net/cgi-bin/wiki.pl (Bayes spam filter)
1.3 Ways that don't work
1.3.1 Simple filtering. As you probably realize, the simple
filters in Outlook and most email programs just aren't up to the job
(see Bayes filters, above)
1.3.2 Challenge / response
There are some spam "solutions" that claim to protect your inbox.
When somebody sends you a message, the system sends an automatic reply
and "challenges" them, asking them to do something simple and reply.
The idea is that a spammer won't answer the challenge. People who
answer correctly will then be "whitelisted", or allowed to send mail
to you.
But this system is broken in several ways. At its worst it
contributes to abuse of innocent people. Please don't use it.
http://email.about.com/cs/spamgeneral/a/challenge_resp_2.htm
1.3.3 Fake bounce messages
Don't do this either. The SpamPal page has some good explanations.
http://www.spampal.org/faqengine/fa...4&catnr=19&prog=spampal&lang=en&onlynewfaq=38
2. Reporting it
There are two groups to complain about. One is, whoever allowed the
spam to reach your ISP. Two, whoever hosts the web site mentioned in
the spam. That has to be real, otherwise the spammer has no way to
receive any orders from his "customers".
Sad to say, most spam these days is sent by hard-core spammers who
can't be shut down by complaints, or from computers owned by people
who don't know that their machines have been infected with
spam-sending "trojan" programs right under their noses. You can try,
but be warned that results may be meager. If you want more help on
that, see the links at the end of this message.
3. Government.
As far as the government, they've been somewhat useless so far,
beginning with the stupid "CAN-SPAM Act". That law just means, "You
can send spam". But it can't hurt to send copies of your spam to:
(e-mail address removed) - the FTC makes studies of spam, prepares statistics on
where it comes from, what it is advertising, whether it is fraud, etc.
http://www.fda.gov/oc/buyonline/buyonlineform.htm : "To report e-mails
promoting medical products that you think might be illegal, forward
the email to: (e-mail address removed)
4. More help
This posting is getting way long, so I'll end with more pointers:
http://www.spamfaq.net/spamfighting.shtml
http://www.cauce.org/
http://www.mall-net.com/spamfaq.html
http://email.about.com/cs/winspamreviews/