Reduce Spam Using Free Software

BEST SOFTWARE

Reduce spam using free software

By Ian "Gizmo" Richards

Today I'm going to show you a way to reduce to almost nothing the quantity of spam e-mail you receive using free products and services.

The technique I'll outline will not only zap your spam but will let your real mail pass unhindered while imposing a minimal processing load on your PC.

The free and easy way to stop spam cold

Does this sound too good to be true? Well, it's not. I have long used the very same technique to filter my public e-mail box, which attracts up to 1000 spam e-mails a day. Of these, only three or four manage to creep through to my inbox. Additionally, so few of my real e-mails get falsely classified as spam that I don't even bother checking my spam box for misplaced mail.

That's the good news. The bad news is the technique works best for users of Outlook Express, Outlook, and Windows Mail, though it could possibly be adapted to other clients. Webmail users are, unfortunately, out of luck.

The key to the technique is the use of two spam filters rather than one — the filter built into Google's Gmail service and SPAMfighter. Neither of these filters has the best performance available for detecting spam. However, by chaining them together, their overall spam-detection rate is outstanding.

That's because each of the two detects spam using a different technique, so the effectiveness is additive rather than overlapping.

When it comes to not classifying your real e-mail as spam, both Gmail and SPAMfighter have outstanding performance. And that, folks, is a very important characteristic for a spam filter. Unless, that is, you enjoy browsing through hundreds of spam e-mails to pick out your missing correspondence.

Two top spam filters take different approaches

The Gmail filter is based on the well-known Postini filter widely used by corporations. It's a multifactorial filter that takes into account many different variables to determine whether mail is spam or ham (real mail). It's normally a commercial service, but by using Gmail you effectively get Postini for free.

In contrast, the SPAMfighter network-based filter uses the judgment of more than five million users worldwide to determine whether e-mail is spam. It's a commercial service, but if you are a private user and prepared to tolerate a short message promoting SPAMfighter at the end of your outbound e-mails, then you can use it for free.

SPAMfighter is available only for Outlook Express, Outlook, and Windows Mail. Users of other e-mail clients will need to consider a replacement to use as their second filter. I won't be covering that possibility in this article.

Step 1: Use your webmail as your spam filter

If you already use Gmail as your main e-mail account and you have POP3 access enabled for that account, you can skip straight to Step 2. If you don't use Gmail, set up an account. It's simple, it's quick, and it's free.

Once you have created your Gmail account, enable it for POP3 access by following these steps described on Google's site. This is an important step because you'll use POP3 to retrieve your e-mail from Gmail.

Note that you won't be using this Gmail account to replace your normal e-mail address but rather as a transit stop. The idea is to funnel the e-mail from your normal account into Gmail and then pick it up from Gmail using your normal e-mail client after it has been filtered at Gmail.

Next, use Gmail's Mail Fetcher to forward messages from your normal e-mail account to your Gmail account. Google offers step-by-step instructions.

Mail Fetcher works only with e-mail accounts that use POP3. If your normal e-mail account doesn't have POP3 access, you'll have to use the settings in your ISP's e-mail control panel to forward your POP3 messages to your Gmail account.

Gmail's Mail Fetcher settings

Figure 1. Set Gmail to retrieve messages from your POP3 account via the service's Mail Fetcher settings.

Step 2: Install your client spam filters

SPAMfighter's setup is straightforward; just make sure you close your e-mail client before you start the process. If you run into trouble, consult this tutorial.

Incidentally, for the first 30 days you use the program, SPAMfighter appends no ads to your outgoing e-mail. After that, you can pay U.S. $29 to continue using the program without ads or do nothing, in which case the ads will start appearing. I suggest you opt for the latter.

Once you have installed SPAMfighter, start your e-mail client. If all is well, you'll see a new toolbar in your e-mail client. Once it's there, you're ready for the next step.

Step 3: Tie your POP3 client to your webmail

Google provides excellent POP3 configuration instructions for Outlook, Outlook Express, and Windows Mail.

Do remember that you must have configured your Gmail account for POP3 access.

Step 4: Test your spam double-filter

Now any mail that goes to your normal e-mail account will be redirected to your Gmail account. Also, your e-mail client should have a new account that collects your e-mail from your Gmail account. Your mail will thus be spam-filtered twice: First at Gmail and then again locally by SPAMfighter.

That's the theory, anyway. Be sure to test the system first by sending an e-mail to your standard e-mail address. Ten minutes later, pick it up from your Gmail account using your e-mail client.

If it's working, you may wish to disable your normal e-mail account in the e-mail client. If you don't, you run the risk of picking up your mail before it is forwarded to Google, which defeats the purpose.

Once you have this working, you'll be delighted with the results. Almost all spam will be eliminated from your inbox yet your real mail will arrive unaffected.

I've found the results using this two-filter system to be better than those obtainable using any single spam filter. And the best news is that the technique doesn't cost a cent.

Ian "Gizmo" Richards is senior editor of the Windows Secrets Newsletter. He was formerly editor of the Support Alert Newsletter, which merged with Windows Secrets in July 2008. Gizmo alternates the Best Software column each week with contributing editor Scott Spanbauer.

PC TUNE-UP

New tactics to keep mail servers spam-free

By Mark Joseph Edwards

Quirks in the mailer programs spammers use to deliver mail can be turned against the senders.

This week, I share with you a little-known technique you can use to block a lot of spam before it ever reaches your mail server.

Simple DNS changes eliminate unwanted junk mail

Spam is — of course — a bane on the Internet. It drags down mail-server performance, puts a large load on mail clients, bothers recipients to no end, and causes us to spend money on antispam tools when that money might be better spent elsewhere.

But all is not lost: A little-known technique helps reduce spam levels on mail servers without costing you anything other than a few minutes of your time.

Spammers typically use a number of tactics to deliver junk mail. Some spammers rely on third-party mail servers that relay mail from any sender (typically called an open relay). Others use computers that have been assimilated into botnets, custom mailer software designed to behave similarly to a regular mail server, or any number of other tactics.

In my battles with the spam that is sent to the domains I manage, I have found that many spammers use custom mailer software. As it turns out, a lot of those custom programs have quirks that we can take advantage of to fight back against the spammers.

Before I explain how to do that, you need to know a little bit about how mail servers deliver messages. When a legitimate mail server tries to deliver mail to a recipient at a third-party domain, it first looks up the mail exchange (MX) records for that domain. The MX records tell the world which mail servers receive mail for the recipient's domain.

Each MX record is configured with a numeric priority level that determines which is the primary mail server, the secondary mail server, and so on. The lower the priority number, the higher the precedence. For example, an MX record with a priority of 10 takes precedence over an MX record with a priority of 15. That precedence order is the core of the technique I'm about to explain.

The custom mailer software used by spammers typically uses only the mail server with the highest precedence — the one with the lowest priority number. So even if you have five MX records for five mail servers in your domain, the spammers' mailer software will usually try to deliver mail to only one of them.

If that server doesn't respond, the mailer software simply drops its attempt to deliver the spam message and moves on to the next recipient on its list.

Conversely, legitimate mail servers will try to deliver the message to the other four mail servers in the order of precedence listed in a domain's MX records. If none of them responds, or if you have only one mail server — and thus only one MX record — then a legitimate mail server will most likely hold the message and try to resend it for a period of time determined by the mail server's configuration.

In short, legitimate RFC-compliant mail servers make several attempts to deliver mail, while a spammer's custom mailer software will likely make only one delivery attempt.

That's why you can eliminate a lot of spam by using a bogus host name to create an MX record for your domain and give that record the highest precedence by assigning it the lowest priority number. Then give your real mail servers' MX records a lower precedence than the bogus entry.

Since the fake server will never be reachable, a lot of spam will never be delivered to your domain. At the same time, legitimate mail will make it through as long as the sending mail server adheres to typical SMTP mail-server specifications (nearly all of them follow the specs).

The host name you use for the fake MX record can be any name that does not resolve via DNS. For example, you could create a set of MX records using the names listed below; blackhole.domain.tld is the bogus host name that has no corresponding 'A' record (i.e., address record) in DNS, while mailserver1 and mailserver2 are real mail servers.

IN MX 5 blackhole.domain.tld.
IN MX 10 mailserver1.domain.tld.
IN MX 15 mailserver2.domain.tld.

The actual syntax for creating DNS records varies depending on how your DNS tables are configured. The example above provides the gist of what you or your network administrator needs to know in order to make this technique work for you.

I've been using this spam-blocking tactic on one of the domains I manage for well over a year and half. It's important to note that I have not seen any instance where legitimate mail flow was hampered as a result.

Nevertheless, test your own results carefully! If anyone complains that mail they sent to you is bouncing, they're probably using a noncompliant mail server. Those instances should be incredibly rare, or nonexistent.

The spam levels for the domain I used to test this technique dropped like a rock. Before implementing this method, one particular e-mail address at the domain was receiving more than 1,000 spam messages every day. Shortly after I implemented this technique, the overall spam level dropped by well over 60 percent. Your results for total spam reduction will vary, of course.

If you run your own in-house DNS servers, you (or your network administrator) can configure MX records without much problem. However, if you use a hosting company to handle your DNS, you may have to ask the company to configure the bogus MX record for you, or you might have to use a custom Web-based DNS configuration interface provided by the hosting company.

In the latter case, it may be necessary to trick the interface into allowing you to define a bogus MX record by first creating an 'A' record for the bogus host using a bogus IP address.

After doing that, you then define the bogus MX record using that bogus host name. When you're finished, delete the 'A' record, since you don't want the bogus host name to resolve to any IP address.