Ack! I started off the day with 2500 email messages! 2450 of it spam. Someone used meryl.net to send spam. The sender name had all kinds of first and last names, so my inbox (the catch-all for meryl.net. A catch-all email address gets all emails that have been misspelled or don’t exist.) got all the delivery and confirmation failures.

I make my main email address the catch-all since I check that box most frequently. Hmm, maybe I need to change it to route it elsewhere so I don’t deal with all this garbage.

Why did a spammer choose meryl.net? It’s not like I’m a big company with lots of email addresses like yahoo.com or aol.com. I’m just a little one-person biz.

It’s been a long time since it happened, but I got a few angry emails telling me to stop spamming the recipient. But I haven’t seen those in a long time and meryl.net has been used a few times since. So I hope that means Internet users have a better understanding that spammers rarely use their own email addresses.

When I had to re-install everything on my computer, I opted not to install a few programs including the one I used to manage spam. It wasn’t bad, but I felt it wasn’t as effective as it could be. I rarely hear about a 100 percent effective spam solution, but I had enough of the tool.

I’ve been using Thunderbird for email and am happy with it. I also use Outlook for one of my clients and it drives me insane. It has its good and bad points. Anyway, Thunderbird’s spam and scam manager doesn’t work worth spit. I was spending too much time going through my inbox to weed the junk.

Went to Thunderbird’s forums to see if anyone found a solution. Came across open source POPFile. Figured I’d look into it. Where has this baby been??? Being an organized freak, it’s a great fit.

Buckets o’ mail

It took me a little time to figure out this buckets business. But now I rarely have anything coming to my Inbox. Everything goes into a bucket or “folder” as most of us call ‘em. Before using this app, I had all newsletters and general emails go to a folder, junk going into another folder and everything else (if the email did its job, it’d be personal emails) in the inbox.

Now, I have four folders: personal, occasional, newsletters, and junk. The only emails that land in the inbox are unclassified emails. I get about one every few days.

You can set up POPFile to modify the subject header or leave it alone. Some of you probably get junk email that gets [spam] added into the header. It’s trouble rather than helpful. Sometimes, without thinking, I hit “reply” and the recipient person would see [spam] in the header. That’s why I have such suspected emails going into a junk folder. Why clutter the inbox with [spam]?

Control Center

Any time I see an email appear in the wrong folder, I go into POPFile’s browser-based (which looks great in Firefox, by the way) Control Center and reclassify the bucket.

View larger image in a pop-up window.

The control center also shows a dashboard. You can see how much you email you get for each bucket. The data also shows the number of false positives and false negatives. Currently, the application has a 92% accuracy (it was 76% on March 30). The accuracy continues to climb. You can reset the data anytime to get fresh numbers. According to the help docs, it takes about 1000 emails to get the accuracy rate up to the 90s.

View larger image in a pop-up window.

Magnets, Configuration, Security, and Advanced Features

Magnets resemble message filters except you use them in POPFile instead of your email client. You can have POPFile look at the To, From, CC, or Subject for a value that you enter. If the value matches, then it goes into the selected bucket.

View larger image in a pop-up window.

In Configuration, change skins, language, History page view, and POP3 preferences.

View larger image in a pop-up window.

Security contains options for server operation, remote servers, automatic update checking, and reporting statistics to POPFile. Here you can set up an interface password.

View larger image in a pop-up window.

Advanced tab lists words that POPFile ignores. You can add and remove words from the list. You can also adjust the parameters here. For ultra-geeks, this app has command-line options.

View larger image in a pop-up window.

Requirements:

* The latest POPFile release.

* An e-mail account that uses the POP3 protocol (most accounts do, although you can’t use POPFile with web-based services like Hotmail and Yahoo! Mail without extra software)

* Around 10 MB free disk space

Final Notes

After using it for two weeks, I’m happy with the app. Email also downloads faster than it did with the previous app (both used the local host). POPFile is a Sourceforge project, therefore it’s free. Its Web site is available in the following languages: Norsk, Deutsch, Portugues do Brasil, Francais, Dansk, Espanol, Arabic, Japanese, Taiwanese, Chinese, and Korean.

It comes in two versions: “an easy-to-install Windows version, and a cross-platform version for technically-minded users.”

How to protect your business

by Meryl K. Evans and Tamara Halbritter

Spam is not just an inconvenience. For legitimate businesses, it steals productivity, may erode your brand and rob you of revenue. Consider the following: In 2001, a European Commission study found the average worker spent 10 minutes a day sorting through unwanted solicitations. This figure could be quadrupled twice over by now.

According to this same study, the world’s Internet subscribers fork over $8.8 billion dollars a year just to glimpse these box cloggers with nauseating headlines like, “Get Rich Quick,” “Tired of your current job?” or “Free offer for (your name).” Not to mention the plethora of porn, useless items and limited time vacation packages.

The Business Software Alliance estimates that worldwide piracy-related losses to software industry were about $11 billion in 2001. That’s just software alone.

Many companies have no idea their products are being sold on the black market or their customers are tangled in credit card frauds thinking they ordered something from their organization and are about to receive zip. These shifty sales schemes cost companies billions of dollars each year in lost customers and sales of products and services.

In this article, William Plante, ASP director for Symantec Corporation, and Robert Alberti, CISSP, president of Sanction, Inc., provide information about how spam crimes are perpetrated. They explain what you need to know about spam and how to protect your organization against this persistent threat.

The ever-increasing spam scam

While Aunt Margaret may have served Hormel canned pork (SPiced hAM referred to as Spam), Robert Alberti, a security expert, says, “Like it or not, you knew what was in it. With Internet spam (unsolicited bulk email or unsolicited multiple postings to one or more Usenet newsgroups), you don’t always know what you’re getting. Some spam messages are convincing. Some are plain annoying. Whether spicy or not, many of them result in criminal offenses on a worldwide level.”

Producers of a popular product, a drug like Retin-A, a best-selling software program or a service such as a vacation package, are all economically affected by spammers. When people buy these knock-offs, legitimate companies lose money. Alberti continues, “When people order something and don’t receive it, your company gets a bad name.”

Two ways spam costs billions of dollars annually

William Plante, who formed and chaired Symantec’s Brand Protection Taskforce, classifies the costly effects of spam on businesses as: 1) brand erosion and 2) revenue erosion.

Brand erosion. When someone receives spam for a particular product, repeatedly, they get irritated with a deluge of “buy, buy, buy.” Unfortunately, this person usually doesn’t realize the messages are coming from people not authorized to sell these products. A company’s brand name can be tarnished when its customers pay for a transaction, believing it’s legitimate and then receive nothing. Eventually, they may find out you were not the responsible party, but their image of you has already changed for the worse.

Revenue erosion. When customers buy imitations or illegitimate versions of your product, this decreases the revenue flow to your organization. Spammers make their money through revenue erosions. Spam Filter Review published figures stating an estimated 12.4 billion spam e-mails are sent each day and spam comprises 40 percent of all email. Obviously, their return on investment is high. Once they get hooked, most spammers continue scamming until they’re booked for fraud.

The bad taste of e-organized crime

Most spammers are calculated members of organized crime and continue to spread it. Besides sending missives under aliases (the FTC calls this false representation, which is a crime), two of the other crimes related to spam are felonies and fall in these categories: 1) pirating or bootlegging software or other products (people think they are buying a legitimate copy, but the one they receive is illegitimate); and 2) credit card fraud (never shipping the item). Information, such as credit card numbers, is sometimes transmitted over an unsecured network during these transactions. The numbers can be easily stolen and later sold to other criminals on the black market.

Plante draws on his own company’s experience for his diligence in helping stop spam. In 2002, $41 million or nearly 600,000 boxes of quality counterfeit Symantec software such as Norton AntiVirus, Norton Personal Firewall and pcAnywhere were seized. Regarding the biggest software incident in the industry, Plant says, “That was a turning point for us. We didn’t want to ever be that blind or vulnerable to that problem again.” Since that time, his company has taken many steps toward putting spammers where they belong.

Putting spammers in the can

In legal circles, much time and attention have been spent on eradicating spam by going to the source of the spam itself, whether the message was sent from an individual disguised as another source or from a large mail group list through yahoo.com, excite.com or hotmail.com.

Instead of trying to legislate after the spam has been received, however, Plante recommends going to the end of the line, where the spammer gets paid. He describes the Internet as, “a wild frontier without much regulation.” He continues, “As soon as one e-commerce site closes down, another one opens up within hours. Because there are very few rules on the Internet, there are many ways spam can proliferate. Instead of stopping the spread of spam at the recipient, it’s much more effective to turn it back on the spammer.”

The Federal Trade Commission has passed laws strengthening criminal apprehension rather than regulating the actual sending of spam. This supports ending spam by following the money trail and hitting criminals hard in their money belts. If a spammer receives money, you can take legal action to stop the fraud, be it black market products or credit card fraud. Plant advises, “Once you stop their revenue stream, the spam will stop.”

Yet, while stopping one spammer is great, there are thousands out there. Due to the huge expense for businesses around the world, we urge organizations, whether small or large, to take action. One way to get started is by creating a task force.

Take action: Create a brand protection task force

A brand protection task force lets you fight back by protecting your brand and monitoring all spam-related activity. This involves setting up a process to handle spam complaints and organizing a team to tackle the spam problem.

A desirability assessment is one tool useful to a brand protection task force. The assessment asks your team these questions: Are you are household name? Has your product or services hit the level where spammers will want to steal them from you? How high is your risk for spam-related brand or revenue erosion?

Regarding determining your risk level, Plant says, “If your company is small and you don’t have a popular commodity, the chance of being affected by spam is less. You may want to put some things in place, but not create a full program.”

Once you assess the need for this kind of a task force, you can clarify your focus. This includes how you want to be set up organizationally, how involved each task member will be, and how much money you want to spend on the process.

With your task force in place, you’ll be ready to stop spammers in their tracks. Read the next article in this series from these security experts for five more strategies that will help you prevent brand and revenue erosion. You’ll even find out how your e-newsletter can help your campaign against spam. Watch for the article in the next issue of eNewsletter Journal.

William Plante is ASP director, Worldwide Security and Brand Protection for Symantec Corporation, the world leader in Internet security technology with a broad range of content and network security software and appliance solutions. In 2002, Plante formed and chaired Symantec’s Brand Protection Taskforce. In this role, he was responsible for developing Symantec’s strategy for identifying, assessing and countering counterfeit and piracy threats to the company.

Robert Alberti, CISSP, is the president of Sanction Inc., a team of highly-skilled business and technical experts who provide strategic, tactical and operational guidance for all levels of an organization. Alberti’s team keeps operations safer, more secure and working efficiently. Currently, he is writing a book about protecting the bottom line with business-driven security practices.

Meryl K. Evans is an editor, wordsmith and writer for InternetVIZ and other resources. The content maven is available for editing, writing and jazzing up articles and copy. Tamara Halbritter is a writer for InternetVIZ and other clients, an article and book editor for publishers, and is available to help you say what you mean. InternetVIZ is a custom publisher for companies wishing to find, acquire and retain customers through Internet newsletters.

Those who know me recognize my penchant for an organized system for everything including the house, computer, and cubicle. Over the years, I’ve adapted various strategies for keeping my email box clean. Too often, I’ve had on occasions when I saw others’ email boxes and just squirmed at the clutter.

One person had a long list of folders. Another person had emails in the Sent and Deleted folders going back at least a year. My own husband is an email pack rat. I play armchair quarterback and nag him about the emails from me that he should’ve deleted once they were no longer relevant.

The marketing folks behind the book are creative geniuses. They sent a plastic drinking cup with SPAM on it, a can of spam (I donated it to a food drive—this is good spam, right?), and a little truck (Hot Wheels / Matchbox style) with SPAM on the sides of it. That went to the middle child, the Hot Wheels lovers.

Moving on to reviewing the book. Before reaching the title page inside the book, the first few pages quickly cover the 12-step degunking program with a list followed by 15-minute, 30-minute, one-hour, and three-hour to half-day steps for degunking email and viruses with time limitations. This section finishes off with top 20 tasks for clearing the email cobwebs.

If you’re overwhelmed at the thought of following a 12-step program and spending more than a day going through each step, the time limitations section should ease your mind. It’s a good way to start, baby steps. Don’t stop there, however. Make it part of a long-term program and pick up some of the habits it covers.

I’m amazed at how many of the tips I already do but it should be no surprise as obsessed with organization as I am. Though I have implemented many of the suggestions, the book provides value because it offers a process for cleaning up as well as tips I hadn’t considered. It took me years to come up with many of the tips covered. So don’t wait years to figure it out yourself when you can get it right now with one resource, this book.

Sure, it covers the usual, “have a firewall running” and “ensure your anti-virus program is running and up to date.” However, you’d be surprised how many people don’t have either in place. This book would be incomplete without these recommendations.

Though a majority use Outlook or Outlook Express for managing email, Duntemann discusses other clients including The Bat!, Thunderbird, Pegasus, and Eudora. Like many things in life, everyone has different needs when it comes to email. The author discusses four email profiles and mentions them throughout the book so whichever you are, follow the advice for that profile.

Like the other books in Paraglyph’s Degunking series, this one is easy to read and addresses the advantages and disadvantages of various tools. Anyone who gets the book and follows its steps will experience a leaner, cleaner email box and possibly a faster-running computer. Most users of all levels should benefit from this book. The only group that might not invest in it are those who know everything inside out about spam, viruses, malware, and adware and how to deal with them.

Title: Degunking Email, Spam, and Viruses
Author: Jeff Duntemann
Publisher: Paraglyph Publishing
ISBN: 193211193X
Date: October 2004
Format: Paperback
Pages: 352
Cover Price: USD: $16.99
CDN: 26.59
UK: 12.59

The book is based on Land’s Web site of the same name, spamletters.com, which I discovered a few years ago and submitted a letter. The spam letter in question is about hydrogen peroxide and it’s included in the book (p. 112). The original letter is presented along with Land’s creative and hilarious reply to the spammer.

He takes on the role of lawyer, doctor, pastor, casting director, and woman (Joan). Pastor Land is the proud pastor of Church of Our Mistress of the Perpetual Blonde where he spent the ’80s importing hydrogen peroxide he baptizes his brethren through the blonding process. If anyone knows how he can get 500 gallons of the stuff, contact Pastor Land.

That’s what Land has been doing, replying to spammers, and in some cases, the spammers have written back and those are included in the book. He produces works of fiction (don’t tell anyone) and for once, spam is fun instead of an aggravation.

If the book is based on the Web site, why should we read the book? Here are the reasons:

1. There are many letters; it’s difficult to read more than a few online.
2. It’s great reading material away from the computer and the Internet.
3. Laptops don’t handle beach sand, ocean water, or other exotic locales very well.
4. After a lousy day at work, who wants to get on the computer at home? Get a good laugh with the book instead.
5. The book organizes the letters by topic and you can see which ones have replies from the spammers.
6. A book doesn’t make your legs go numb like a laptop on your lap while in the bathroom.
7. No downloading time involved!

You can try before you buy by going to the Web site and reading the letters. Also, check the table of contents to find out what letters are included in the book. Bet you’ve received over half of them. Take out your spam frustrations by reading Land’s retorts. Those who like reading humor books will enjoy this one, it’s one-of-a-kind.

Oh, if you’re one of the few people who buys books at those stores with bricks around them — you can’t miss this one. It’s bright pink. Odd, eh? At least, it will be harder to lose the book since it sticks out like a sore thumb.

Title: The Spam Letters
Author: Jonathan Land
Publisher: No Starch Press
ISBN: 1593270321
Date: June 2004
Format: Paperback
Pages: 336
Price: USD$14.95
CDN: 19.95
UK: 11.99

Spam Solutions II on WebReference Update provides resources and suggestions for getting spam under control. Yes, there have been many articles written on spam. This isn’t a long article and just gives a few quick pointers.