SPAM
What is Spam?
Would you like to...
Print this pagePrint this page
Email this pageEmail this page
Add to favoritesAdd to favorites
Spam is defined many different ways, but the official “legal” definition of spam is:
“E-mail spam, also known as junk e-mail, is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail. A common synonym for spam is unsolicited bulk e-mail (UBE). Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. "UCE" refers specifically to unsolicited commercial e-mail.” - http://en.wikipedia.org/wiki/E-mail_spam
In general “spam” is any message that the recipient did not wish to receive. There are many agencies/companies/tools that assist users in reporting spam. One of the more widely used ones is SpamCop (www.spamcop.net). SpamCop allows you to submit a message to them for parsing and they will send the spam complaint on your behalf.
Most spam complaints we receive are due to one of the following reasons (please note this is not a complete list, just examples):
1) Insecure SMTP server (open relay)
2) Exploited CGI or PHP scripts.
3) Infected server (Trojan/virus)
The most common method to help prevent spam if you run a mail server is to ensure that your server requires authentication to send any outbound email. This would include disabling the ‘nobody’ user from sending email. The ‘nobody’ user is the user that the Apache HTTPd server typically runs as. By enabling authentication you require that the person sending email have a valid username and password. This will allow you to track the source of the spam down (should there be an outbreak) and prevent them from further spamming.
If the complaint is in regards to a mailing list or subscribed newsletter that you run then please unsubscribe the user from your mailing list and block their email address from receiving any further communications.
We also highly recommend that you add in a header or some other identifying string to your newsletter or mailing list emails that would allow you to easily track the reporting party down. A large majority of the reporting agencies (SpamCop included) redact the reporting parties email address. Adding in this unique identifier allows you to find and remove the reporting party without having to go through SpamCop and asking the end-user to provide you with their email address.
Another thing to watch out for is exploited CGI scripts or exploitable PHP scripts. Any script that has the ability to send out email has a high likelihood of being exploited by spammers once they find it. There are controls that you can enable in your mail server that will enable you to track down the ‘source’ script of a spam complaint. cPanel provides this feature however it is not enabled by default.
Please keep in mind that spam not only harms your reputation as a company but also reflects negatively on us for hosting accounts that are prone to spam. For our full AUP and examples of what happens in the event of a complaint, please see http://pqcservice.net/aup.html
