Find Events Find People Find Jobs Find Sites Find Help Index

 
   

June 24, 2002

Spam a fact of e-life, but there's help

Pam Crawford is a security agent for the Information Technology Division

The Information Technology Division (ITD) receives spam complaints daily—either directly through the Customer Support Center, via e-mail to abuse@emory.edu or help@emory.edu, or from the Emory Police Department.

When ITD receives a spam complaint, the mail header is reviewed to determine the source. If the spam originated on
an Emory server, the incident is reported to the appropriate individual, who is asked to close the open relay on that server. In many cases, however, the spam doesn’t originate on an Emory server, but is passing through as it moves to its final destination.

ITD could implement content filtering as part of the e-mail anti-virus scanning service, but discussions with management, local support and system administrators across campus led to the decision not to exercise this option. There were concerns about academic freedom, as well as the difficulty in defining spam and specifically what would and would not be filtered. It also was noted that some individuals on campus have no objection to spam.

On the legal front, there may be some liability with spam, particularly if it results in identity theft, theft of resources, or other legitimate complaints. Some, such as the Nigerian e-mail scam (reported in May 2002 as the No. 1 e-mail scam by the National Infrastructure Protection Center), can involve fraudulent activities.

This scam, of which there are dozens of variations, costs Americans “staggering amounts of money [in] one of the most well-organized rackets on the web,” according to federal investigators quoted in the Detroit Free Press. Recipients of these e-mails are drawn into a scheme in which they are led to believe they will receive a share of purportedly unclaimed funds, usually in the millions of dollars, from a bank in Africa if they give the e-mail sender their bank account numbers and other personal information.

One reason spam is difficult to avoid is that, once an e-mail address is on a list, it tends to disperse on the Internet. Users need to pay attention to their online habits and be aware that e-mail addresses become public whenever they post to a message board or newsgroup, provide their e-mail address to chat boards, subscribe to mailing lists, create member profiles that reveal screen name and e-mail addresses, put an e-mail link on a web page, or even simply browse web pages.

Many users don’t realize that mail-filtering tools provided by some e-mail programs (like Netscape and Outlook) or Internet service providers can be used to delete messages or automatically route incoming messages to a specified mail folder. These filters stop messages from reaching in-boxes by setting conditions on where to file, forward or answer the mail. In addition, e-mail from certain people or with certain words in the subject line can be filtered.

To cut down on spam, two e-mail accounts can be set up. One e-mail address can be used for personal mail, and a separate account (an alias) used for registering with companies, websites, products and mailing lists. Most Internet service providers allow subscribers to have multiple e-mail accounts, and there are numerous free e-mail services available (Hotmail, etc.). Several companies provide disposable e-mail addresses, for a fee, that allow subscribers to receive mail using an alias.

Other precautions for recipients of unwanted spam include never replying to a spam message and never choosing the option to remove their name from the sender’s mailing list. Doing so validates the recipient’s address and may result in the receipt of additional spam.

If spam continues to be a problem, it can be reported to services like SpamCop (www.spamcop.net) or to the originating service provider of the message, or the recipient may install an anti-spam program, such as Spamkiller, Junk Spy or Spam Buster.