Subject: SPAM
ART MATRIX - LIGHTLINK
PO 880 Ithaca, NY 14851-0880
(607) 277-0959 Voice
(607) 277-8913 Fax
(607) 277-5026 Modems
homer@lightlink.com E-mail
jes@lightlink.com E-mail
08/26/02 Monday 11:17am EST
Version 7.1
WHAT IS SPAM?
Spam is any *UNSOLICITED BULK E-MAIL*.
Spam is all that junk mail you receive that you wish you didn't
receive.
Since the 9/11 disaster and the Anthrax scare the amount of spam
hitting our system has greatly increased. I personally get over 300
spams a day.
WHY DO I GET MAIL SENT TO ME@ONLINEIMAGE.COM or ME@LIGHTLINK.COM?
Because lightlink.com and onlineimage.com are the same thing.
All users are free to use either form as they wish and each user
will receive mail to their username at either domain.
WHY DO I GET MAIL ADDRESSED TO GOOBER@DUMBISP.COM?
Because the spam is addressed to you in the Bcc: which is the
blind carbon copy which is not shown in the headers of your e-mail.
Rest assured, if you received the e-mail, it was addressed to you even
if you don't see your address anywhere in the e-mail.
WHY DO I GET MAIL ADDRESSED FROM MYSELF?
The mail protocol allows anyone to put anything they want in the
From: and To: lines. Spammers like to send mail to people in their
own name to confuse where it came from. So for example I will get
mail,
From: homer@lightlink.com
To: homer@lightlink.com
It's annoying but harmless, and shouldn't be taken to mean
someone has hacked your account.
WHAT IS LIGHTLINK'S POLICY TOWARDS SPAMMERS ON LIGHTLINK?
The following actions may result in the termination of your
account without recourse.
1.) Sending spam from a lightlink account or lightlink network
either through our smtp servers or anothers.
2.) Using your lightlink account to receive answers to spam or
bounces from spam sent from another ISP.
3.) Advertising your lightlink web page in spam sent from any
ISP.
4.) Using spam originating from anywhere as part of your business
plan or normal internet activities.
WHAT IS AN OPT-OUT MAILING LIST?
An opt out mailing list is one where your name is put on the
mailing list without your permission and you are then sent a mailing
which offers you the option of unsubscribing from the list somewhere
in the message.
Yes this is spam.
WHAT IS AN OPT-IN MAILING LIST?
An opt in mailing list is where you have signed up to receive
e-mail from a company and the company has your original request on
file.
No this is not spam as it is not unsolicited.
Opt-in mailing lists are OK.
DOES LIGHTLINK GIVE OUT ITS SUBSCRIBER LIST?
No.
HOW DO SPAMMERS GET MY EMAIL ADDRESS?
*.) They use huge lists of dictionary names and random words in
e-mail addresses hoping that some will work. For example they will
try sending mail to asmith, bsmith, csmith, dsmith etc. Having a
username that is made of your name or initials is a sure way to get
spam.
Once a name is found to work on ANY ISP, they sell the name for a
premium to other spammers as a working name on one ISP that may work
at another ISP also.
Many a user will find that they start receiving spam the
very first day they open their account with us. Well the
username they chose has been getting spam here at lightlink
long before they opened the account, it merely bounced before
as 'User Unknown...', now they get it.
We are now takings steps to prevent new users from creating
new accounts with 'pre-spammed' user names. We record all mail coming
into our system sent to unknown users, and those names then become
unavailable for new account creation.
*.) Spammers will send mail to ALL 3, 4 and 5 letter combinations
hoping to get user's initials and corporate acronyms.
*.) If by whatever means they have found that a username works on
another system, they will try that same name on ALL systems.
For example if mail to goober@aol.com does not bounce, then
spammers will know it is a good name, and then try
goober@earthlink.net, goober@lightlink.com, goober@cornell.edu etc.
*.) If your e-mail address is used in the registration of a
domain it is public knowledge. These databases are reaped
continuously by spammers for e-mail addresses.
*.) If you post to usenet news with your e-mail address in the
From: line, you will get spam. All of usenet news is reaped regularly
for valid e-mail addresses, this includes not only the headers of
postings, but the bodies of postings as well. If an e-mail address is
even *MENTIONED* in a posting, the spammers will get it.
Some people like to post with a username that has been altered to
fool the e-mail reapers, such as homer@nospam.lightlink.com. The idea
is to generate an address that will bounce. Spam reapers know how to
fix this automatically, by parsing the domain until they find one that
resolves under DNS. They also know how to take out
homernospam@lightlink.com and any of a million of other combinations
that people use.
Spammers *LOOK* at the means people use to get around spam on
usenet news and program their reapers to handle it.
Remember that no matter how much you try to hide your domain name
in the From: line of your posting, your correct NNTP-POSTING-HOST is
contained in the headers of the usenet news article, and often your
username is also.
*.) If you join any e-mailing list (listserv, listproc,
majordomo, yahoo free mailing lists etc) even private ones, you will
get spam. Spammers join every e-mail list on the planet and watch all
the traffic. If you post to the e-mail list, the spammers will grab
your e-mail address. Even if you never post, many e-mail lists allow
subscribers to issue a who command to the list to find out who is on
it, thus the spammer gets everyone's address immediately, and they
sell for a premium because they are known to be good!
*.) If your e-mail address is listed in ANY web page, white
paper, advertisement or document on the net, even in passing, the
spammers will get it. We have a white paper on our system describing
how to use the lightlink info bot. It mentions in passing
stamps@artmatrix.com just as an example. This address now receives
spam.
*.) If you have a web page on any public server then spammers can
get your web address and send mail to it. For example if your web
address is http://www.lightlink.com/homer, spammers will send spam to
homer@lightlink.com. If your web address is http://www.artmatrix.com
spammers will send mail to owner@artmatrix.com.
I get mail to owner@artmatrix.com all the time even though there
is no such address. Most domains are set up to allow non existent
name@domain.com to go to a default mailbox which will then receive
more spam than usual.
If you have a domain hosted at lightlink, you can set your
default mailbox for your domain to devnull or spamtrap@lightlink.com
and then put in specific names that you want to receive mail from.
For example,
artmatrix.com spamtrap@lightlink.com
homer@artmatrix.com homer@lightlink.com
jane@artmatrix.com jes@lightlink.com
This way only mail sent to homer@artmatrix.com and
jane@artmatrix.com will be received, the rest will go to the spam
trap.
*.) If you have a shell account or public ftp directory it is
possible to send mail to that account name. Any spammer can sign on
to any public ftp server and list the usernames there, and send spam
to all of them. Remember once a name works for any ISP, it is assumed
to possibly work on all ISP's.
Interestingly enough we find that the spammers don't do this, or
haven't done it to lightlink. We have a whole mess of addresses that
are not real people but are real addresses. They have NEVER received
spam even though they are available for listing through our web server
and ftp server.
*.) If you engage in any web transactions with internet
companies, and give them your e-mail address they may offer those
addresses to other sellers. However traces of these transactions can
remain on your own system in the form of cookies which other web pages
can then access and use, even though they are not supposed to be able
to. Browsers have bugs.
*.) If you ever get a worm or virus that sends mail to other
people against your wishes, mail can be sent to spammers that collect
YOUR e-mail address from the mail.
*.) If you receive spam that says "hit reply to be removed from
this list" and you do, then your address is validated as an existing
address by the spammer and sold for a premium to other spammers, EVEN
IF THEY REMOVE YOUR NAME FROM THEIR OWN LIST!
We have had conflicting reports about the effectiveness of
hitting on the remove links. One user swears by it, says it
got rid of much of his spam over night once he started religiously
removing himself from all spam lists.
Others have reported that they got only little spam until the day
they tried to remove themselves, then they got flooded. I guess it
depends on the ethics of the spam list you try to remove your self
from.
WHAT IS LIGHTLINK'S POLICY ON FILTERING E-MAIL?
We don't. As long as the e-mail is sent with proper headers and
existing domains, we deliver that mail with one exception noted below.
HOW COME LIGHTLINK CAN'T FILTER SPAM?
Because there is no way to tell what is spam and what isn't with
perfect certainty, and we have a policy of zero tolerance for losing
ANY good mail.
Lightlink does offer a spam tagger. If you receive a piece of
spam and forward it to spam@lightlink.com the spam tagger will put
that mail's subject line into a database. All incoming e-mail is
compared against this database, if the incoming subject line matches a
subject line in the database, the subject line will be tagged with
[SPAM] at the beginning of it like so:
Subject: [SPAM] Buy our Junk!
If you wish to filter your incoming mail using this tag you will
need to implement the instructions at
http://www.onlineimage.com/filter
Note this is not a fool proof system. Spammers can and do use
very reasonable subject lines which then get sent to the spam tagger
by our users.
For example: "Hi, I haven't heard from you in a while". So if
that subject line is in the spam database and a friend sends you mail
with that subject line it will be tagged.
If you receive mail that should not have been tagged, you can
send it to notspam at lightlink.com and the From: line will be
protected from ever being tagged again.
If you decide to implement the filters to automatically filter
tagged mail to a special spam mailbox, you must make sure to check it
regularly to make sure no real mail got sent there.
Also check the new SPAMTRAP OPTIONS on our home page:
http://www.lightlink.com -> SPAM
These options will allow you to leave your tagged spam on our
servers in a special e-mail box which you can check using the web mail
interface periodically. Spam is held for 7 days.
HOW COME MY SPAM MAIL IS NEVER TAGGED WITH [SPAM]?
Probably because you are not having your e-mail delivered to a
lightlink pop mail box, but instead your e-mail is being forwarded
through our system to another ISP like aol or hotmail. The spam
tagger ONLY works on mail that is directly delivered to a lightlink
mail box, it does not work on mail that is merely passing through
lightlink to other systems.
Also if you are a shell user, you will need a special .forward
file in your home directory to get your mail tagged. It looks like
this:
"|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #xxxxx"
You will also need to make sure you are not running csh for your
shell, you can change it to bash or tcsh through the USER AREA on our
home page at http://www.lightlink.com/userarea.
I DON'T WANT MY E-MAIL TAGGED EVEN IF IT IS SPAM, CAN I BE
REMOVED FROM THIS SERVICE?
Yes, check the SPAMTRAP OPTIONS at http://www.lightlink.com ->
SPAM
WHY CAN'T LIGHTLINK TAG SPAM DEPENDING ON THE CONTENTS OF THE
MAIL?
Because there isn't enough CPU cycles in the world on one server
to scan the body of all e-mails coming in for key strings which change
all the time and are infinite in number.
DOES LIGHTLINK DO ANY VIRUS TAGGING or FILTERING?
No with some exceptions.
Sometimes when a particularly bad virus has a very specific
unchanging Subject line like "Snow White", we will filter it, but this
must not be depended upon, and in general we leave virus protection up
to the end user where it belongs.
If a virus is sent to spam@lightlink.com its subject line will be
placed into the spam tagger database and be tagged as [SPAM] like all
other spam, but it will NOT be tagged as [VIRUS].
Homer