Acro.net – Technology Rants & Raves by Acroplex®

It’s Friday and all while I’m sitting tight waiting for the delivery of my new camera, I thought I’d reach out to my friends.

I love you all – I just don’t love your spam.

You know who you are: every funny video you see on YouTube, every joke your co-worker sent you, every damn recipe your mom wants to share with the rest of the world – you stick all that in an email and send it my way.

Seriously, I thought I wade through enough unsolicited emails daily; from lowball offers for domains to inquiries about purchasing services I myself provide, such as web and graphics development. The last thing I need is more spam, from my own friends.

I call it “friendly fire” spam.

So here’s what I do to fight back – gently.

I use Gmail to retrieve my email, then mark those multiple daily emails of yours as spam. Gmail learns fast to recognize what I don’t like. Hey presto, more time to deal with regular spam.

I hope you still love me. TGIF.

Currently, there are several active threads over at DNForum, related to spam sent to domainers.

According to Wikipedia, spam is the use of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately.

With regards to domainers, we all get excited when domain offers arrive in the email; but several such offers aren’t true but simply “pings” to gauge one’s selling price.

When these emails arrive without any indication of a legitimate attempt to contact us, they are borderline spam. Most bulk emailers out there harvest email addresses from the WHOIS information of domains. Since the WHOIS contact information needs to be current and active, there is no real way to avoid receiving such emails along with individual inquiries or system-generated emails from the Registrar.

The type of bulk email that targets domainers and which deserves to be classified as spam, is that which resembles a dictionary attack. Having created a list of A to Z words or compounds, spammers query the domain and email its owner. Sequential emailing means that if you own a domain that starts with A and another that starts with B, you will receive an email from the spammer for A, first.

How soon you will be receiving that second email for domain B depends on the pacing of the spammer, which can be slowed down on purpose, in order to avoid detection and banning by the ISP or email/hosting provider. Sometimes it could be minutes or hours, other times it could be days.

The only difference in such sequential spam emails sent out to domainers seems to be the domain listed, sometimes the offer price also – but the wording is essentially the same; often times, it’s grammatically incorrect and contains obscure phrases: Google “Best gards” and see what I mean.

An example spam email targeting domain owners is below. While most such spam emails come from Gmail accounts, due to the easy method of creating new email accounts, some serial spammers register a new domain with WHOIS shield on and use a free hosting package – usually with GoDaddy – to send out their boilerplate spam without any discrimination.

When I sent my first email while in college in the late 80′s, we didn’t even call them such. They were “network messages“; few of us had access to the gateway that would send these messages outside of the local network and into the wild unknown. In fact, there was nothing of interest out there, until the early 90′s.

But enough with these old tales. Roll forward a couple of decades and email is as common as picking up the phone. At times, it’s faster to communicate via email than by phone, as it can be delivered through several media.

The problem is of course, spam - the sheer amount of junk email that ends up clogging your mailbox. Nowadays, there are several methods to block email spam effectively, including filters and even forwarding through Gmail that seems to catch a lot of it.

But what about comment spam on blogs?

For blogs that run WordPress, you should enable Akismet as soon as you set up your blog, although unfortunately it doesn’t keep the spammers away; the comments are sent to your spam queue along with several false positives. You still have to go through the queue to read them.

On a given day, I get 75 to almost 100 spam comments sent to the spam queue. I used to skim through them to see if anything was caught by mistake but after a while it became tedious.

So I tried installing various captcha plugins that were forcing commentators to enter a jumbled up code into a form field along with their message. Aside from being an extra inconvenience to those wanting to leave a comment, the captchas were cracked in 3 days by various spambots peddling cheap pharmaceuticals, flooding my mailbox like wild jellyfish in an old port’s waters.

The solution?

The single most important WordPress plugin that will effectively block all spam from ever reaching the queue, is called WP-SpamFree and it works wonders. It has various parameters to do what you ask it to do; you don’t have to worry about how it does it, but it works.

Having tested WP-SpamFree at the recent traffic onslaught of DomainGang.com after a post made Digg’s homepage, the plugin logged no less than 350 spam comments that never made the spam queue. These blind spambots released their scummy digital farts into the air, never reaching the DomainGang.com database. Not a single false positive!

Download it, install it, and forget about comment spam for good. And while you’re at it, follow me on twitter http://twitter.com/acroplex