Created: 1995. Updated: 2004


Junk e-mail and spam

(How to Get Rid of Junk Mail, Spam, and Telemarketers)

"The spam wars are about rendering email useless for unsolicited advertising
before unsolicited advertising renders email useless for communication."
-- Walter Dnes/Jeff Wynn


[Back to Junkmail home page]
EcoFuture ™ home           World Pop           Population


Junk e-mail and spam are both terms for advertising and e-mail sent to you which you did not ask for and which you do not want. See Junk Email, The Email Abuse FAQ, and Spam FAQ for more detailed information. Interesting articles are presented in Also see the informative How do spammers get people's email addresses? and the nicely-done Death to Spam page. The article Why Am I Getting All This Spam? by the Center for Democracy & Technology contains useful information and the results of several experiments. The Wired article Hotmail: A Spammer's Paradise?" describes how dictionary attacks are used by spammers to guess at email addresses.
Note that spam is a more generic term that includes broadcast posting to newsgroups as well as individuals. Here's a spam glossary and another spam glossary. The Netizen's Guide to Spam, Abuse, and Internet Advertising provides solid information on the topic. Also check out The Net Abuse FAQ for the official definition of SPAM and lots of good information about how to deal with it. Also see the net-abuse/spam FAQ at for net-abuse newsgroups, providing lots of good info and plenty of detail. (Note that the old newsgroup has been superseded by the* hierarchy (see newsgroup information).
Spam is, unfortunately, an abuse of the internet that you - the end user - ultimately pay for. If you think spam costs nothing, think again! In 1997, America Online estimated that between 5% and 30% of its email server resources were exclusively dedicated to handling spam. Between $2-3 of your monthly internet charges go to handling spam, according to the 1998 Washington State Commercial Electronic Messages Select Task Force report. 7% of Internet users who switch ISPs do so because of spam. This equates to a loss of more then $250,000 per month for an ISP with one million subscribers. Also see the essays The Insidious Evil of Spam and The Spam Solutions.
See spamming ethics research from North Carolina State University.
Spam costs you and your Internet Service Provider (ISP). Here are the True Costs of Spam, as calculated by actual victims of spam. In a survey of ISP's by CIX (Commercial Internet eXchange Association):
  • 94% reported that spam irritates their subscribers.
  • 80% reported that UCE (unsolicited commercial e-mail) slows system performance.
  • 76% stated that it increases operating costs.
  • 34% said it creates system outages.
  • 59% reported daily or more frequent performance impact.
  • 28% reported weekly performance impact.

Spam can cause a system outages: excess mail can clog up the mail servers, preventing non-spam e-mail from getting through. America Online testified to the Federal Trade Commission that one-third of their capacity was used to carry spam. Netcom reported that their cost was one million dollars per year. Brightline estimated a cost of $225 million, based on 5 seconds to hit the Delete key, with an average of 200 spam messages per person per year (a very low estimate). An estimated 25 million spam messages are sent each day.
"Spammers are the Internet's undead. Preying upon the innocent and naive, these bandwidth-sucking vampires hope to be network masters hiding in the shadows in cowardice and shame, only to fade to dust when burned by the light of day." - Bill McCarthy, Boardwatch, June 2000
Take the Boulder Pledge: "Under no circumstances will I ever purchase anything offered to me as the result of an unsolicited email message. Nor will I forward chain letters, petitions, mass mailings, or virus warnings to large numbers of others. This is my contribution to the survival of the online community."
[Top] [Back to Junkmail home page]

Who to Complain to?

Never reply to spam, even if it is to send a "remove" request. Most spammers ignore such responses, or worse, add you to their list of validated email addresses that they sell. Instead, you must complain to ISPs that originate and forward the spam. The easiest way to report spam is to use the automatic reporting features of SpamCop, described below. Use SpamCop and help reduce the volume of spam!
Here are simple instructions on how to report spammers. Also see Where to Complain About Frauds & Scams. Spam Hater software by Net Services handles responses to spam automatically. You can download their software for free (test it by sending spam to yourself). The Network Abuse Clearinghouse remails reports of spam abuse for you.
If you know the spam came from an individual, you can tell the spammer that you charge for use of your facilities to transmit and store unsolicited junk email, and insist for their postal address so that you can send the bill. You may e-mail this standard legal response which references US Code Title 47, Section 227(b)(1)(C), which can be interpreted to mean that unwanted spam is illegal. (Thanks to D. Larson; this response has been very effective before the advent of more organized commercial spammers). Copy the message to:
    abuse@(their address)
    postmaster@(their address)
    root@(their address) 
    admin@(their address)    

If their address includes a common domain name like "", send the message to the appropriate party:
    America Online:, and send complaints to 
           , then to,
                     where tos refers to "terms of service".  
    ATand T WorldNet:

Note: AOL has implemented a preferred mail option (keyword = PREFERREDMAIL) to protect user's accounts from receiving email sent by certain junk email sites. The spammer list is updated regularly.
Some people also send a copy of their complaint to the following, just to make them aware of the significance of the problem:

Complain directly to the postmasters of these spammers and insist that they take disciplinary action. If their business name matches their domain name, complain to the postmaster at the next link up. Be sure to include the complete original spam including all header information. Simply copy the original spam and its header information after the legal notice. Also remove any residual CCs and BCCs in your e-mail header - you don't want to inadvertently propagate the spam!
Next post a copy of the spam, with headers, subject line, and body intact to the following Usenet newsgroup:

First check the newsgroup to ensure no one else has posted the spam - no need to clutter up the newsgroup with multiple postings. Be sure you post the article as a new post, not as a "reply" to the spam posting - this way you won't perpetuate the spam. This newsgroup is robomoderated, and is used to identify new spam. After spam is posted to this newsgroup, it will then be cancelled. In your posting to signtings, add the following lines to your header:
    Followup-to:     (for e-mail spam you received)  
    Followup-to:    (for spam posted to newsgroups) 

    Abuse-spotted-in: (the first group where the spam was spotted)
    Abuse-Subject: (subject line from the spam)
    Type-of-abuse: (EMP, ECP, binary, forgery, etc.  Common terms follow:)

              ECP      Excessive Crossposting
              EMP      Excessive Mass Posting
              MMF      Make Money Fast
              OTCP     Off-Topic Commercial Post
              OTP      Off-Topic Post
              UCP      Unsolicited Commercial Post

    Description: (description and/or comments)

If your email complaints to spammers' postmasters bounce back to you, you can do a traceroute - see the combat sites. (Windows 98 users can use c:\windows\tracert.exe). Using traceroute, you can sort out the path taken to get from your ISP to a spammer's ISP. To precisely pinpoint a spammer's uplink, run traceroute from several different servers (ISPs). For more information, see the next section on Cracking Forged Headers.
You may find it most effective to complain to the spammer's ISP. However, if the spammer is running from a dedicated spam site (such as Cyberpromo), you might have better luck complaining to their upstream provider. Don't complain further up the chain, though, until you've exhausted the lower levels. It's considered rude, and just might get your postmaster into legitimate trouble.
Don't mail-bomb, as periodically suggested by persons trying to get rid of junk email. A mail-bomb is where you would bombard the sender with a return of their spam and a note insisting they delete you from their distribution list - and then keep resending your email.
Keep in mind that your ISP (and probably the offending party's) certainly will not approve of either of these practices (it very well can get you cancelled). What actually ends up happening is that your ISP (who is on your side) gets trashed with all of the e-mail traffic, as well the ISP of the offending party - and both ISPs are probably innocent. In addition, chances are that the spammer forged their "path" and "from" headers, so the mail-bomb probably won't reach them.
Also, check out the discussion on They discuss email spams, and practice ways of eliminating these spammers' accounts.
[Top] [Back to Junkmail home page]

Cracking Forged Headers

For further information on cracking forged headers, see SubGenius Police, Usenet Tactical Unit (Mobile). Then browse on to a few of the following sites: Spam Patrol site and Figuring Out Fake E-mail and Posts. MultiTrace has an excellent explanation of traceroute, along with a traceroute and enhanced whois server.
Check out Julian Byrne's Get That Spammer page, which discusses what an ISP can do, and contains a wealth of information on how you can dissect e-mail addresses, and tools you can use against spam.
VisualWare has a good section on cracking spam email headers.
If you need to use these facilities, your followup e-mail should also mention that the spammer hacked the email headers to avoid retribution, which indicates knowledge of guilt, which means that the postmaster will often cancel the account immediately instead of waiting for further violations. In addition, many postmasters will not notify you directly of their actions, but will instead post summaries to
If the spammer's address is an independent address like "", you can determine responsible parties by using whois - a standard UNIX utility. Or, simply go to for a web-based domain lookup. Also, Whois Source offers some industrial strength lookup facilities. Whois, Finger, and additional network utilities are also available for Windows. One good package is:
     NetScanTools TM  Shareware Version
     Northwest Performance Software
     PO Box 148
     Maple Valley, WA 98038-0148,  USA
       (Check shareware sites such as Strouds and Tucows)

Here's an example of a whois command:
     PowerNet (PWRNET-DOM)
        3010 LBJ Freeway, Suite 1435, Dallas, TX 75234, USA
        Domain Name: PWRNET.COM
        Administrative Contact:
            Booth, Paul D. (PB204)  paul@PWRNET.COM (214) 488-8295
        Technical Contact, Zone Contact:
            Shapiro, Joel  (JS3319) joel@PWRNET.COM (214) 488-8295
        Billing Contact:
            La Mar, Steve  (SL978)  steve@PWRNET.COM (214) 488-8295
Other whois servers include:
Once you determine the appropriate people to contact at the spammer's site, copy each of them with your complaint (including for example, the legal statement and billing statement noted above). If you need additional help, contact your system administrator about specific email abuse.
[Top] [Back to Junkmail home page]

Spam Combat

It is recommended that you switch to an ISP that uses one or all of the anti-spam databases (RBL, RSS, DUL, Spamcop, etc.) About 40% of the internet is using these services, with good success.
The following is a list of spam-fighting tools and services.
  • Cloud Mark anti-spam products for home and business.
  • Spam Arrest is a tool to eliminate spam.
  • Hot! SpamCop will automatically send complaints about spam for you! All you have to do is establish a userid, then forward your spam to SpamCop. SpamCop will generate complaints to all appropriate parties, upstreams, and open email relay ISPs. Using SpamCop is probably the best thing you can do to help eliminate spam. Effective and highly recommended!
  • Spam Bully anti-spam product.
  • Spam Fighter anti-spam product.
  • Spam Fire anti-spam product.
  • Spam Weed anti-spam product.
  • UXN Spam Combat offers traceroute, extended Whois, and other services - all from one web page!
  • Sam Spade also offers a comprehensive set of tools.
  • Spamhaus tracks known spammers and support services.
  • Spam Whack works essentially like a "bad check" database, in that users establishing new accounts with member ISPs are checked against a database of known spammers.
  • Single Fin email and webfiltering product.
  • searches all domain name registrars.
  • Whois Source offers some industrial strength lookup facilities.
  • VisuzlWare offers VisualRoute (a graphical traceroute) and EmailTrackerPro products.

[Top] [Back to Junkmail home page]


Chain letters over the internet as well as via snail mail are illegal. For more information, see the US Postal Service page on chain letters. To report fraud where money is requested, you can send e-mail to
Pyramid schemes multi-level marketing (MLM) scams are illegal. E-mail the Federal Trade Commission at In the UK, contact the Trading Standards Officer.
The Securities and Exchange Commission (SEC) now operates a complaint center where investors can report online scams. You can send e-mail to
Many junk emails are illegal get rich scams. The National Fraud Information Center has an email address where you can report suspected scams. They have an Internet fraud division, and work closely with the Federal Trade Commission and State attorney generals. The e-mail address for general frauds is
Also see Where to Complain About Frauds & Scams.
[Top] [Back to Junkmail home page]

E-mail filtering techniques

The following list contains information on how to filter your e-mail on Unix, Windows, and other platforms.
  • Filtering Mail FAQ.
  • Pegasus Mail now contains anti-spam headers. You can now filter your e-mail based on these headers!
  • Pete Beim's Eudora Spam Filter and autoresponder is easy to use!
  • See the Procmail FAQ.
  • Brightmail offers spam-filtered email accounts.
  • also offers spam-filtered email accounts.
  • Freely Available Information Filtering Systems tells you how to configure Procmail and other Usenet Newsgroup filters.
  • Netizens Against Gratuitous Spamming offers articles and a Unix script file to filter spam.
  • The BoycottBoycott Internet Spam site provides an FAQ, lots of info on spam, filtering e-mail, blocking an ISP, etc., and contains some interesting links.
  • Adcomplain is a unix-based system which composes and mails complaints about inappropriate commercial postings, chain letters, and e-mail. For example, you can press a button from within your newsreader, and adcomplain will automatically mail a complaint to the offender and their postmaster.
  • Filtering Spam (with Eudora) by checking who the message is addressed to. Also see Using Eudora's Filters to avoid spam.
  • Spamhandling Perl handles your spam.
  • Spam filter andi-spam filter.
  • Doug Oard's Information Filtering Resources page can tell you just about about everything filtering concepts and tools.
  • Freely Available Information Filtering Systems tells you how to configure Procmail and other Usenet Newsgroup filters.
  • MailShell has a free and a fee-based email management service that prevents junk email.
  • Spam News is the daily e-mail magazine about breaking events pertaining to spam. The site also includes a list of filters, ISP contact information, and Spam News archives.
  • Spam Guard Network is a fee-based filtering service.
  • Postini offers a mail filtering product for email servers.
  • Screen4me is a free service that helps you eliminate junkmail, spam, and telemarketers.
  • SneakemailSneakemail is a free service that you can use to generate disposable email addresses which are aliases of your real email address, which is kept hidden. You can enter these Sneakemail addresses into web forms or use them to contact e-businesses without the risk of your real address being abused or bought and sold.
  • Broadband Antispam is a commercial product to filter spam.
  • GFI MailEssentials for Exchange/SMTP is server-based commercial product.
  • Spam Outpost is a commercial product to detect and eliminate spam.
  • Spam Inspector is a commercial product that bounces email back to spammers as if your mailbox is invalid.
  • Bluebottle offers a fee-based service to accept mail only from known senders.
  • SpamAssassin is a Unix-based filtering tool that uses Vipul's Razor database of spam (commonly know as SpamNet). A Spamnix is available as a commercial Eudora (Windows) plugin.
  • Cloudmark Spamnet also offers the same SpamNet technology with Outlook Express under Windows.

Don't support scams and spammers!
  • Don't send in money for a product you are not sure of, or for what might be an anti-spam scam.
  • TSW's $15 filter kills junk e-mail on your server. However, if you buy their filter, you are supporting their spamming software and list extraction software. Watch out for wolves in sheep's clothing!

What to Filter - Lists of Spammers

  • Most e-mail spam is generated automatically by software which eliminates the TO: header field. You might want to filter e-mail that does not have your e-mail address in at least one of the header fields TO:, CC:, BCC:. However, keep in mind that many legitimate listservers that you subscribe to might also trim the TO: field.
  • Bad mail from is a database of user maintained spam source addresses.
  • Network Abuse Clearinghouse maintains a list of abuse domains, and can automatically remail messages about spam you receive.
  • Here's a rather old list of domain names used by Cyberpromo.
  • See the Blacklist of Internet Advertisers.
  • Check out Web-D's list of spammers!

[Top] [Back to Junkmail home page]



The Can-Spam act was passed in 2003. ("Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003"). Here is information and text of the act. The act covers commercial email, but does not seem to address non-profit and personal email. Here's how to comply with the act. The act is not perfect - from Ed Foster's gripe log:
"It's clear that only the Direct Marketing Association, Microsoft, AOL and a handful of others had any input into the law, because it's carefully crafted to allow the big marketers free reign. And the loopholes it provides them will be more than big enough to provide aid and comfort for the smallest and sleaziest of spammers as well."
"Not only does the Can-Spam Act take an opt-out approach, meaning that each spammer can e-mail you until you ask them to stop, but it allows the spammer to dictate what steps you must take to get off their list. The recipient must opt-out "in a manner specified in the message" that can include replying to an opt-out email address or "other Internet-based mechanism." The spammer can also force the recipient to opt-out via "a list or menu from which the recipient may choose the specific types of commercial electronic mail messages the recipient wants to receive or does not want to receive from the sender" just as along as opting out from all e-mail from that sender is one of the choices."
According to PC World News Radio on 3/30/98, EarthLink Nails Spamford for $2 Million. Under a consent decree, Cyber Promotions agreed to pay EarthLink $2 million, stop sending spammming EarthLink's 450,000 members. If Wallace or Cyber Promotions breaks the agreement, Spamford Wallace will be held personally liable for $1 million.
Elsop's Anti-Spam page also follows current anti-spam legislation. The Spam Laws website follows U.S. and international legislation.
Read the Houston Chronicle article.

Support CAUCE

CAUCE CAUCE is an organization dedicated to expanding the US "junk fax" law to cover e-mail spamming. Join their effort! See their FAQ and list of recent news articles. Key points are ONCE, which stand for:
  • Opt-in. No spam. People get info when they ask for it.
  • No censorship. The leading objection to regulation does not apply.
  • Cost shifting. The principal reason for opposing spam.
  • Enforcement. By recipients, with no intrusion by government.

Several bills have been introduced over the last several years to deal with spam, by Chris Smith (R-NJ), Senator Murkowski (R-AK), and Senator Torricelli (D-NJ). Truly effective legislation must have teeth in it with stiff penalties, be truly opt-in, and must be enforcable. It must be written in such a way that does not simply encourage spammers to shift operations overseas or use innovative approaches to avoid the penalties. None of the bills introduced to-date have adequately addressed these issues.
One thing that seems inevitable, though, is that federal legislation of some sort will be required. Here's an editorial that sheds a lot of light on the subject. Also see discussion on the merits of legislation.

Contact Your Congresspersons!

Here are e-mail addresses and information for:
Please write and/or e-mail your Senators and Representatives on this issue! Insist on "opt in" legislation. Be sure to include your full name and snail mail address on any e-mail you send, otherwise it will be discarded.
Here are more details on state and national legislation. Also see the Berkeley Technology Law Journal and John Marshall Law School case summary, which has just about all the information you need.
[Top] [Back to Junkmail home page]

More Information

Read the official internet document RFC 2635 on spam.
SpamCon Foundation supports measures to reduce the amount of unsolicited email that crosses private networks.
Forum for Responsible and Ethical E-mail (FREE).
Find out if your browser makes information available to sites you visit.
Did you know that Invisible Web Bugs Track Your Surfing? See the article Uncover the Mystery of Web Bugs. Here's mbugs more information on privacy issues. maintains an informative spam and junkmail website. archives current articles on spam. You can also search their archives.
Maintain a web page? Add some spam bait! See why Robots, Spiders, Crawlers and Wanderers are Highway Robbers on your web site.
The Internet Mail Consortium has information on Limiting Unsolicited Bulk Email. Here you can find a link to information about L-Soft Listserv's spam filter.
You might want to read the books Removing the Spam: Email Processing and Filtering by Geoff Mulligan, Addison-Wesley Bandits on the Information Superhighway by Barrett, and Web Psychos, Stalkers, and Pranksters: How to Protect Yourself in Cyberspace by Michael A. Banks, ISBN 1-586-10-137-1. The December 1996 issue of Boardwatch Magazine focuses on junk e-mail and spam. Also see the November 1999 article. For additional informattion on spamming, also see the section on newsgroups, and check out the links section for additional information.
MailExpire lets you set up an auto-expiring email alias. You choose how long you want alias to last for and during that time, email is forwarded to your standard email address.
Although they charge for the service, claims to be able to filter most spam from their e-mail accounts. PaidMail is a service where junkemailers would have to pay you for you to receive their junkemail.
A philosophical note on exclusion lists, where you add your name to a list of people who do not want junk mail: it places the burden of getting off spam lists on the user, whereas the converse should be true - you should have to explicity request that you do want junk mail. Also keep in mind that someone who maintains an exclusion list could sell it as a database of validated addresses (e-mail as well as postal addresses). Sort of what can, and does, happen with DMA.
In May of 1997, the Internet EMail Marketing was formed. As a pro-spam organization, it offers an opt-out service. This is unacceptable, for the following reasons:
  1. The organization is formulated as a consortium of entities that promote spamming. It is an organization dedicated towards promoting spam, not alleviating it. Item (7) of their objectives states "To respond to opponents and adversaries of the E-Mail Marketing industry". That fairly well states their purpose.
  2. Interesting that the organization was formed just before the FTC hearings on privacy, spam, and the Internet earlier this month. If spammers can state that they have a voluntary control mechanism in place, then that precludes the FTC and Congress from needing to intervene on behalf of consumers. The last thing spammers want is effective legislation.
    An analogy is the Direct Marketing Association. It exists for the primary purpose of preventing legislation from being enacted to restrict junk snailmail. By creating their Mail Preference Service (where you write to supposedly get off mailing lists), the DMA preempted Congress from enacting legislation. Yet use of Mail Preference Service exclusion lists is completely voluntary on the part of marketers. In actuality, it is hardly used because it costs the marketer more to merge the lists.
  3. Similarly, the EMail Marketing Council is offering an "opt out" system, whereby you have to say you don't want spam. This is unacceptable. An "opt in" system is the only viable solution, meaning you have to ask for spam to receive it.
  4. Consider that the cost to a spammer is trivial to e-mail 10,000 addresses. Yet the cost to merge exclusion lists is significant in proportion. It is doubtful that exclusion lists would be used by most spammers, and certainly not by small outfits. In fact, it would be of greater value to add the exclusion list addresses to the spam list, since those are working, validated, addresses. What spammers are looking for is additional hits per spam broadcast. Each incremental hit means more revenue.

The first step of a viable solution is to enact "opt in" legislation like that proposed by Rep. Chris Smith, discussed above (with substantially higher fines).

Anti-spam listserv mailing lists

  • SPAM-L
    See the SPAM-L FAQ, which contains good information about tracking and handling spam.
    To subscribe, send mail to:
    Place the following in the message body:
    Subscribe spam-l your name
  • Spam-Ad
    To subscribe, send mail to to:
    Place the following in the message body:
    Subscribe spam-ad your name
  • Spam-list
    To subscribe, send mail to
    Place the following in the body of the message:
    Subscribe spam-list your email address

[Top] [Back to Junkmail home page]

Myths, Hoaxes, Chain Letters, and Viruses

[Top] [Back to Junkmail home page]

ISP Actions

Things your ISP can do to fight spam:
  • Have an Acceptable Use Practices (AUP contract). If you breach contract, you agree to pay $50 per complaint and cleanup costs per bounce received. Cancellation of spammers' accounts should be as fast as possible.
  • RBL, DUL, and RSS are databases supported by the MAPS Mail Abuse Prevention System (it's also "spam" spelled backwards). The RBL list blocks traffic to 40% of the Internet. The RBL list is a list of spammers' IP addresses.
  • RSS is the Relay Spam Stopper. 17% of mail servers are insecure. RSS is a verified open server list. Open servers are insecure and can be "hijacked" by spammers.
  • MAPS sends email to postmaster@badserver saying that mail is being blocked and how to fix the problem. MAPS checks the RSS and RBL lists.
  • RSS is more technical because they can test for open email relay.
  • DUL is the DialUp List. This is a list of IP addresses, provided by ISPs, that will never send valid e-mail. Spammers often forge email to use these IP addresses.
  • ORBS works like the RSS relay detector but is more agressive. ORBS lists open relay servers even if spam hasn't yet been sent through them. ISP's may consider this abuse of their network and block ORBS testing. If an ISP block ORBS, it will nevertheless be listed by ORBS as a suspected spammer.

[Top] [Back to Junkmail home page]

Spam Products

Now you can get official spam t-shirts from Hormel. Nice that they have a sense of humor regarding use of their product name.
[Top] [Back to Junkmail home page]

[Back to Junkmail home page]
EcoFuture ™ home           World Pop           Population

Copyright 1995-2004 Fred Elbel. This material may be freely used and distributed only for non-commercial purposes, with credit. Nothing in this web site should be construed as legal advice. This web site is provided for information purposes only. Opinions presented are those of the author (or of other contributors as indicated). Trademarks and copyrighted items remain the property of the owner.