What to do When You Receive Spam
First of all, relax. Spam happens to everyone. The person sending
the spam did not single you out, and they are not out to get you.
In the world today, we are bombarded with information, unfortunately
not all of it is going to be what we want to hear. Do not respond
to spam with angry messages, and do not attempt to "spam the
spammer" as this simply compounds the spamming problem. This
doesn't mean that you shouldn't do anything; however, there are
more effective ways to battle spam.
[More Information on Identifying Spam]
Once you have identified an email as spam, follow these steps:
- View the header information and determine where
the spam is actually coming from. To access the header
information of an email follow the client-specific instructions
below:
Email
Client |
Header
Instructions |
Microsoft
Outlook Express |
With
the email message open:
- Select File
from the top menu
- Click the Properties
option
- Select the Details
tab.
|
Microsoft
Outlook |
With the email message open:
- select View
from the top menu
- Click Options
- The header information
is displayed in the box labeled Internet
Headers
|
Netscape |
To
view the full header information for all e-mail
messages:
- Select View
from the top menu
- Select Headers
- Select All
|
Eudora |
From the top of
an opened email:
- Click the Blah
Blah Blah icon
|
|
- The important header information is located in the Received
lines. Each time an email message is passed between mail
servers or computers, a Received line is added to the
header. Reading the Received lines from the top down
describes the path back to the sender. Therefore, the very last
Received line will contain information about the original
sender of the email. Recieved lines are formated as follows:
Received: from anywhere.com (spamman@anywhere.com
[194.168.31.1]) by you.ca (0.0.1/0.0.2) with SMTP
id MAA00153 for jdoe; Mon, 13 Aug 2002 07:12:42 -0500
The information located in the from field (coloured orange),
contains the name and IP Address of the sender. If this is the
last Received line in the header, then you know the email
originated from 194,168.31.1
- Now that you know the email and IP Address of the sender, you
can use a Whois database to find the spammer's domain
administrator and the ISP that they are currently hosted on.
Using the spammer's email address, enter the
domain name portion (eg: anywhere.com).
If it is a .com,
.net,
.biz,
or .org,
domain name, then visit Internic.net
and type the name into their Whois search. If it is a .ca domain
name, the place to check is the CIRA
Whois Database. For a list of Whois servers for the top level
domains of all other countries, visit the Top-Level
Registries page.
Using the spammer's IP Address visit one of the
following IP Address Whois Databases: whois.arin.net
for North America, whois.ripe.net
for Europe, and whois.apnic.net
for Asia Pacific.
[More information on Tracing Spam]
- Once you have found the spammer's ISP, report the spamming
incident to the postmaster or email abuse contact of
their domain. If there are no postmaster or abuse email addresses
found, send your complaint to the administrative contact of their
ISP. Be sure to include a copy of the original spam's header in
your message, to allow the ISP to locate the spammer's account
and deactivate it.
- You may also report the spamming incident to a spam
blacklisting service. These services keep extensive lists
of servers that originate spam and harbour spammers. Many servers
on the internet use these blacklists or RBL's to automatically
block any messages they receive from servers listed. When you
submit spam to an RBL, make sure to include the original headers
with your message so that the appropriate action can be taken.
[More Information on Reporting Spam]
|