What is spam and how you get junk email

What exactly is Spam?

Besides being the trademark for the popular Hormel meat product, when used in the context of technology, Spam is  just unwanted email.

Spam usually manifests itself as adult content, health tricks, personal finance tips or education and training topics.

There are several theories for why we call junk email Spam.  Some say – just as no one wants to eat the eponymous can of meat so no one wants to read Spam emails.  Others suggest that the term finds its genesis in the successful 70s British comedy Monty PythonIn one episode, the character sings “spam spam spam spam, spam spam spam spam, lovely spam, wonderful spam“.  Since Spam is just like that worthless, meaningless song people started calling junk email, Spam.   But ultimately, regardless of the origin, junk email is a problem for two reasons:

  • Bandwidth
  • Productivity

Bandwidth Cost

Besides being positively annoying, Spam consumes a prodigious amount of network bandwidth.  America Online estimated that one-third of the 30 million email messages it transfers every day are Spam.  In fact, according to message abuse awareness firm, Messaging Malware Mobile, Spam is estimated to account for between 80% and 85% of all the email in the world.  Kaskersky’s estimates are a little lower at 70% but the bottom line is that spam is pervasive.

Kaspersky Spam Estimates

Productivity Cost

Cost is the other problem.  Spam is costing employers portentous sums of money.  Let’s measure the cost of spam in terms of productivity.

Let’s say the average employee makes $80k per year and works 220 days annually.

She receives 100 messages per day of which 40% is spam.

Let’s also say that the average time required to read the message and delete it takes 5 seconds.

So we can calculate this person earns about $45 per hour.  I multiplied 220 (average number of work days) * 8 (eight hour day) and got the sum 1,760 hours.  So divide the yearly salary by 1,760 hours and you get $45.

Okay, are still with me?  So how many daily junk emails are we talking about?

40.

100 (the average number of total email messages per user in your organization) multiplied by the spam percentage (40%) gives you 40 daily junk mails.

That means, it takes any given user an average of 3 minutes per day to open all her messages (40 junk mails * 5 seconds divided by 60).

Which means she is actually costing her employer $2.25 per day just to check all her spam.  $45 * (3 minutes divided by 60)

So – if the company has 1000 employees, that’s about $500,000 per year just to handle spam.  I just multiplied 1000* 2.25 * 220 days.

That’s insane!

How Spammers find you

Spammers find victims in many ways but one common method is to buy your email address.  Believe it or a not, a spammer can buy 15 million email addresses from a vendor for just $129 bucks.  Many vendors sell or even rent lists to buyers.  By renting email addresses the vendor maintains ownership and control and receives a renewable stream of income.

Another insidious scheme employed by Spammers is to trick unwitting users into giving up their email addresses.  If you’ve ever seen those flashy, gaudy advertisements claiming you need to click a banner to claim your new iPad then you know what I’m talking about.  Often there’s a seemingly benign survey asking about your age and favorite color and then near the end they’ll ask you to dole out your email address to claim your prize.

Win an iPad!

Bingo you’ve just been duped.

The other less common method Spammers find you is through a process called Email Harvesting.   This is when unscrupulous vendors use bots to crawl the web and scrape addresses from web sites, blog comments, and forums.

What’s being done to fight Spam

Fighting spam is a continuous effort but here are a few things being done to avert spam.

CAN-SPAM Act of 2003

George W Bush signed the CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003) into law and established the first national standard for sending commercial email.  You can read the complete abstruse document for details, but in summary, the bill is supposed to control the influx of unsolicited emails that bombard users everyday.

However, despite being well intentioned, the bill is beset with problems.  For one, the bill doesn’t prohibit many types of spam.  For example, in 2004, less than 1% of spam complied with the CAN-SPAM Act of 2003.

Secondly, it actually overrides some state laws that would have given victims practical methods of remediation.    And third, the bill hasn’t really been enforced and is therefore futile.

Spam Cop

With the bill being virtually useless, one way to fight spam is to report it to Spam Cop.

Spam Cop parses reported email messages and then does two things:

  1. Sends a warning to the ISP responsible for hosting the services used by the spammer
  2. Adds the spammer to a blocking list

SpamCop

On a side note, make sure you enter spamcop.net and not spamcop.com since the former has absolutely nothing to do with the latter.  In fact, spamcop.com is owned by a company called Interspectrum and uses its service to market it’s own anti-spam products.

Just something to be aware of.

Google Header Analysis Tool

Email headers show the path a message took through each mail server as it traversed the internet.  With the Google Header Analysis Tool you can find and approximate the source of delays and more importantly find out whose responsible.

Google Header Analysis Tool

Just copy and paste the email header into the header tool and click Analyze the header above.

The way to view your internet headers depends on your email client.  Fortunately, Google has a support page that shows you how to get the headers from the most popular email clients.

Let’s manually analyze an email header so you can get a feel for how this works.

In this fictional example, vonnie@fixedbyvonnie.com send a message to joe@example.com.

Delivered-To: joe@example.com
 Received: by 10.36.81.3 with SMTP id e3cs239nzb; Mon, 12 Aug 2013 16:59:01 -0800 (EST)
 Return-Path: 
 Received: from mail.fixedbyvonnie.com (mail.fixedbyvonnie.com [111.111.11.111]) by mx.gmail.com with SMTP id h19si826631rnb.2005.03.29.15.11.46; Mon, 12 Aug 2013 16:59:01 -0800 (EST)
 Message-ID: <20050329231145.62086.mail@mail.fixedbyvonnie.com>
 Received: from [11.11.111.111] by mail.fixedbyvonnie.com via HTTP; Mon, 12 Aug 2013 16:58:58 EST
 Date: Mon, 12 Aug 2013 16:58:58 -0500 (EST)
 From: Vonnie
 Subject: Hey, What's up Joe!
 To: Joe

Here, the above text might look arcane but it basically breaks down to three headers:

The first header when Vonnie created the email message:

 Date: Mon, 12 Aug 2013 16:58:58 -0500 (EST)
 From: Vonnie
 Subject: Hey, What's up Joe!
 To: Joe

And again as a second header when the message moves from my email server to Joe’s email server

 Message-ID: <20050329231145.62086.mail@mail.fixedbyvonnie.com>
 Received: from [11.11.111.111] by mail.fixedbyvonnie.com via HTTP; Mon, 12 Aug 2013 16:58:58 EST

And then again when the message arrives on Joe’s email server:

Delivered-To: joe@example.com
 Received: by 10.36.81.3 with SMTP id e3cs239nzb; Mon, 12 Aug 2013 16:59:01 -0800 (EST)
 Return-Path: 
 Received: from mail.fixedbyvonnie.com (mail.fixedbyvonnie.com [111.111.11.111]) by mx.gmail.com with SMTP id h19si826631rnb.2005.03.29.15.11.46; Mon, 12 Aug 2013 16:59:01 -0800 (EST)

Email headers are already read from the bottom up.  So the first server is listed toward the end of the header and the final destination is listed first.

When you think you’ve identified the sender’s source address you can copy and paste it into who.is to glean more data.

Download free Antispam Software

MailWasher

MailWasher is a popular antispam software suite that helps you get rid of spam.  It lets you preview all your email before you download it so you can delete unwanted messages before they hit your inbox.  If you’re new to MailWasher, there’s a 90 second tutorial on Youtube.

MailWasher Client

The interface is clean and the application learns and improves as you use it.  And since MailWasher has a low false positive rate, you can set it up so that it automatically removes spam in the background.

MaskMe

A new tool from Abine called MaskMe, lets users create alias email addresses they can use instead of their real addresses when website ask for their contact info.   The pro version is $5 per month and includes everything in the free version but also lets you create virtual credit card numbers that you can link to a users real account.  You can also make similar aliases for your phone with the pro version.

Mask Me

The Bottom Line

Spam is the refuse of the internet and is about as undesirable as the canned precooked meat product of the same name.

It costs companies wasted bandwidth and lost employee productivity hours and has been a pervasive problem for years.  Spammers find victims by tricking users to provide their email addresses to claim prizes or in some cases, spammers resort to automated bots that pull email addresses stored on web servers.  Congress made an abortive effort to allay the effects of Spam in 2003; therefore I recommend using Spamcop, the Google Header Analysis Tool and MailWasher to manage spam.

Unfortunately, as long as the barrier to entry remains low, spammers will abound.  In 2011 alone, it was estimated that seven trillion spam messages circled the globe.

Have you discovered any novel approaches to combating spam?  Do you think legislation will one day render spam obsolete?  Let me know in the comment below.

About

Connect with Vonnie on Twitter

Posted in Outlook, Windows