Page 1 of 2 12 LastLast
Results 1 to 15 of 21

*Due to the overwhelming posts on numerous boards regarding the influx of spam, especially in ... BlackBerry Internet & Email forum

  1. #1
    N8DBB's Avatar
    N8DBB no está en línea Stack level 8
    Join Date
    Feb 2006

    Spam: How it finds you. How you can prevent it. How you can deal with it


    *Due to the overwhelming posts on numerous boards regarding the influx of spam, especially in the last two weeks, hope this post can help understand how they receive spam and what they can do to combat it.

    How Spammers Find You...

    All it takes to get on the mailing lists used by spammers is an email
    address. There is no need to sign up for anything or ask for emails. The
    spam just starts coming, out of nowhere, apparently without any plan,
    and without a reason. It invades email addresses that are never used.

    But how do spammers discover email addresses? How do they find your
    mailbox when your best friend does not?

    Dictionary Attack

    Big free email providers like Hotmail or Yahoo! Mail are a spammer's
    paradise, at least when it comes to finding spammable addresses.

    Millions of users share one common domain name, so you already know that
    ("" in the case of Hotmail).

    Try to sign up for a new account and you will discover that guessing an
    existing user name is not difficult either. Most short and good names
    are taken.

    So, to find email addresses at a large ISP, it's enough to combine the
    domain name with a random user name. Chances are both "asdf1@hotmailcom"
    and "" exist.

    To beat this kind of spammer attack,

    1. use long and difficult addresses.

    Brute Searching Force

    Another tactic employed by spammers to discover email addresses is to search common sources for email addresses. They have robots scanning web pages and following links.

    These address harvesting bots work a lot like the search engines'
    robots, only they're not after the page content at all. Strings with '@'
    somewhere in the middle and a top-level domain at the end are all the
    spammers are interested in.

    While not picky, the pages the spammers are particularly keen to visit are web forums, chat rooms and web-based interfaces to usenet because lots of email addresses are likely to be found there.

    This is why you should

    1. disguise your email address when you use it on the net or, better
    2. use disposable email addresses.

    Worms Turning Infested PCs Into Spam Zombies

    To avoid being detected and filtered, spammers seek to send their emails
    from a distributed network of computers. Ideally, these computers are
    not even their own but those of unsuspecting users.

    To build such a distributed network of spam zombies, spammers cooperate
    with virus authors who equip their worms with small programs that can
    send bulk emails.

    Additionally, these spam sending engines will often scan the user's
    address book, web cache and files for email addresses. That's another
    chance for spammers to catch your address, and this one is particularly
    difficult to avoid.

    How Can You Prevent Spam..

    Stop Spam with Disposable Email Addresses

    But what should you use instead of a real email address?

    1. Use disposable email addresses!

    A disposable email address will forward all mail to your real address.
    So where exactly is the benefit? Won't it forward all the spam, too? Not
    if you dispose of it.

    What To Do When You Get Spam

    As soon as you get spam through a disposable address, you disable it,
    and all messages (and all spam) sent to the disposable address bounce
    back to the sender instead of your Inbox.

    Since (and this is a crucial point) you give every disposable email
    address to precesely one web site or contact, you know exactly who
    spammed you or leaked the address to spammers.

    For the same reason turning off a disposable address has no impact on
    all the other mail you receive through your real address and
    (preferably) other disposable email addresses.

    You merely stop the spam.

    You can even use disposable email address to stop spam you get from
    posting your email address on your home page or blog in a mailto link.

    Disguise Your Email Address in Newsgroups, Forums, Blog Comments, Chat

    To avoid ending on a spammer's mailing list when you post to a web forum or a newsgroup, you can

    1. disguise your email address by inserting something obvious into it.

    If my email address is, I can modify it to read, for example. I will not get spam at
    that email address since all messages to it will bounce, but people who
    want to send me an email can still do so after they remove "delete_this"
    from the address.

    Obscuring your email address does make sending mail a bit more difficult.

    But this is not always a disadvantage.

    Automatic Email Address Obfuscation

    Email address encoding tools take the obfuscation a step further. While
    primarily designed for use on web sites, you can also use addresses
    encoded with such tools on web forums or web-based usenet, for example.

    Use Disposable Email Addresses at Your Web Site

    Use a disposable email address in the mailto: links on your site instead
    of your real one. Depending on the mail that comes in, you take two
    different sets of actions:

    If a stranger sends you a legitimate email that you welcome, she gets
    her own special disposable email address. Create a new disposable email
    address and send a reply including the information that any further
    emails should only be sent to the new, dedicated disposable email address.

    * Make sure you also set the Reply-to: header to that new disposable
    * If spam arrives at the disposable email address posted on your
    home page, disable the address immediately and replace it with a
    new disposable email address. This will stop all further spam sent
    to the old disposable address, but it won't hamper mail from all
    the welcome senders since they already have their own dedicated
    disposable email address.

    (Of course you can also give welcome senders your real email address
    instead of a dedicated disposable one if they claim that "you don't
    trust me.")

    For totally understandable (and entirely unacceptable) reasons, spammers
    rarely send their unsolicited messages using their own email address in
    the /From:/ field. Not only would this reveal their identity, it would
    also allow you and the millions of other recipients to write angry
    replies. (You can still find out where the email originated, though, and
    complain to the spammer's Internet Service Provider.)

    Authors of worms and viruses desire the opposite to what spammers want,
    but the result is similar. For worms to spread, social engineering is
    important, and a crucial point is that the malicious code appears to
    come from a friendly or even trusted source.

    At the same time, the From: line should not contain the email address of
    the infected computer's owner.

    The reply from a virus filter notifying them that their computer was
    infested could alert them. That's why worms put real, but random
    addresses in the From: line. They usually pick them up from the email
    clients' address books.

    For both spam and worms don't care who the recipients of their —
    hopefully millions — of replicas are, the messages often go to email
    addresses that are inactive, full or have never existed.

    When, How and Why Delivery Failure Reports are Generated

    Since email delivery usually works (or at least did before overzealous
    spam filters started blocking legitimate mail), success is not normally
    reported but failures are. If you have ever mistyped an email address
    I'm sure you know the often detailed, not always easy to parse but
    usually alarming "delivery failure" messages.

    Ignore Delivery Failures of Messages You Did Not Send

    Now, what happens if a spammer or a virus decides to put your email
    address in the From: line can be annoying, disturbing or disastrous. If
    the messages claiming delivery failures of messages you did not author
    (sometimes, these bounces of messages you did not send are called
    "backscatter") don't come in the thousands,

    1. it is usually best to ignore them.

    You Didn't Request Information

    There are two words that you will find in almost any unsolicited bulk
    email: you requested.

    Don't believe it.

    Spammers count on your uncertainty, and that in doubt you will rather
    not take any action and complain about the spam.

    Chances are, however, that

    1. you did not request anything,
    2. there is nothing about the company or person sending you bulk
    email you recognize, or if
    3. the service offered does not sound like something you would ever
    be interested in or request.

    Unknown Email Addresses

    People who know you do not spam you. They may terrorize you, but they
    never spam you. Usually, these people are in your email client's address

    If they are not there yet, you should probably add them, because such an
    address book of everyone you know can be a helpful tool to identify spam.

    If you do not usually receive mail from strangers, you can assume that

    1. every message not from somebody in your address book is spam and
    2. filter such messages to the /Junk Mail/ folder.

    Now and then, you should check this folder for important messages you
    may have missed, maybe because somebody's email address has changed.

    Building on this idea of only allowing known senders, challenge/response
    spam filters render your email virtually spam free with very little to
    no maintenance.

    Watch Those Check Boxes

    When you sign up for something on the Web, there is often some
    innocent-looking text at the end of the form saying something like:
    "YES, I want to be contacted by select third parties concerning products
    I might be interested in." Quite often, the checkbox next to that text
    is already checked and your email address will be given to you don't
    know who.

    To avoid that,

    1. look closely at every form you fill on the Web and
    2. make sure all relevant checkboxes are not ticked.

    Sometimes, the text will read: "NO, don't give away my email address,"
    and the checkbox will consequently be unchecked by default. Check it.

    They Found Me! HELP!

    So what do you do if your email falls victim to a spammer?

    Well the first thing you can do is long onto your BIS website and see if
    they have a filter program you can set up (Most will). However, this may
    work for a day or two. Once the spammers realize that their messages are
    being stopped by a spam filter, they will simply re-work the subject
    line and body of the email to get past your filter. Next thing you know,
    you will have 20 filters set up and still be receiving spam.

    You can also set up your email to redirect through another email. Pretty
    much, have any messages coming in forwarded to an email provider such as
    Gmail (Which has the best built in spam feature by far), and then to
    your handset.

    Or, finally, you can just make a new email address, which I would
    recommend as a last step since its probably going to be a PITA to inform
    everyone of your email changes.

    Anyways, hope this helps

    Information Provided Mainly From
    Last edited by N8DBB; 11-16-2006 at 06:46 PM.

  2. #2
    SuzzyP's Avatar
    SuzzyP no está en línea Stack level 5
    Join Date
    May 2006
    Great Information N8. Hope everyone reads this and takes Spam seriously... It can be a real headache. Palm treo 700 & other windows based users are having real issues with it
    Sportin a kBerry Curve

  3. #3
    Dirty Cash's Avatar
    Dirty Cash no está en línea Stack Pro
    Join Date
    Aug 2006
    Very comprehensive! Excellent read!!!

    ~via BB (

  4. #4
    flash24's Avatar
    flash24 no está en línea Device Pro
    Join Date
    Aug 2006
    ~via BB ( for the info n8. Whenever I get spam I just mark it as "spam" and I never receive emails again from them

  5. #5
    N8DBB's Avatar
    N8DBB no está en línea Stack level 8
    Join Date
    Feb 2006
    BTW, of course some of the above only refers to computer based email accounts, so they are pretty much N/A to devices...

    The main one I think we all need to make sure that we watch is forgetting that there are spam-bots trolling bulliten boards...

  6. #6
    msbrenda64's Avatar
    msbrenda64 no está en línea Stack level 5
    Join Date
    Mar 2006
    Thanks for the information N8 and once again a great contribution to Pinstack!

  7. #7
    N8DBB's Avatar
    N8DBB no está en línea Stack level 8
    Join Date
    Feb 2006
    Is it just me, or is the post like kinda whack? I mean, fonts different sizes, major gaps, etc...I need to fix that...It's annoying me...

  8. #8
    msbrenda64's Avatar
    msbrenda64 no está en línea Stack level 5
    Join Date
    Mar 2006
    There are a few gaps, etc. you're a perfectionist N8!

  9. #9
    skip00319's Avatar
    skip00319 no está en línea Stack level 3
    Join Date
    Aug 2006
    ~via BB ( here is a trick to keep your email contact list from being raided. Don't know if they have a way around it. Set the first three email addresses to and such. This is is supposed to stop those spam and viruses that use your Email contact list.

  10. #10
    srl7741's Avatar
    srl7741 no está en línea Stack Professional
    Join Date
    May 2006

    Without question that is one of the best posts i've ever seen/read.
    Thanks for posting it, not only does it take knowledge but fortitude.

    "Lead, follow or get out of the way"
    you have certainly chosen to lead.


  11. #11
    naviwilliams's Avatar
    naviwilliams no está en línea Stack level 4
    Join Date
    Jul 2006
    N8, when Igrow up, I want to be like you...

  12. #12
    cp6169's Avatar
    cp6169 no está en línea Device Pro
    Join Date
    Mar 2006

  13. #13
    Rcbjr's Avatar
    Rcbjr no está en línea Stack Pro
    Join Date
    May 2006
    PM - Ask
    Great Post N8. Thanks for all the info.

    You Ask, We Will Answer
    Can’t Install theme via DM?No Additional Apps Found for Your Device
    Links to Usefull KB Articles

  14. #14
    MORTGAGESAVE no está en línea Stack level 2
    Join Date
    Apr 2006
    Great Post thanks for the Info !!

    Wish this crap didnt happen

  15. #15
    eddie8's Avatar
    eddie8 no está en línea Stack level 3
    Join Date
    Oct 2005
    N8,are there any settings we can do on our berries to stop the spammers?

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts