What is spam, and how to avoid it?

What is spam?

So-called spam, also known as UCE (Unsolicited Commercial Email) or UBE (Unsolicited Bulk Email) has become an increasingly serious concern to anyone who provides or uses email services. Most spam is a form of commercial advertising, which is economically viable because email is a very cost-effective medium for the sender. If just a fraction of the recipients of a spam message purchase the advertised product, the spammers are making money and the spam problem is perpetuated.

Spammers harvest recipient addresses from publicly accessible sources, use programs to collect addresses on the web, and simply use dictionaries to make automated guesses at common usernames at a given domain.

Spamming is politically debated in several countries, and has been legislated some places with varying results. Spammers often conceal or forge the origin of their messages to circumvent laws, service provider regulations, and anti-spammer lists used by anti-spam software.

At the present more than 90% of email messages sent worldwide is believed to be spam, making spam fighting tools increasingly important to all users of email.

Spam and viruses

Spam is increasingly generated from computers by viruses. Virus-makers and spammers are combining their efforts to compromise innocent computer users’ systems and converting them into spam-sending “drones” or “zombies”. These malicious programs spread rapidly and generate massive amounts of spam pretending to be sent from legitimate addresses.

It’s important for all computer owners to install and maintain anti-virus software to avoid having their computer infected and possibly become a source of spam without their knowing.

Effects of spam

Aside from the amount of junk arriving in the Inboxes of millions of innocent email users every day, spam can have a more indirect and serious effect on email services and their users.

Runbox has, like most email services, been a victim of forgery by spammers using specially designed software to generate false email headers and From addresses. Using various server names and domains, they confuse domain administrators, email services, and spam victims, concealing the true origin of the messages. See Wikipedia: E-mail_spoofing for more.

Hijacking of real users’ addresses is also common. Typically these messages will have the From field showing something like “Lisa W Harold” <info@nullrunbox.com>. Please note that such messages have no actual connection to Runbox. To see what a real Runbox header looks like, look at this example. Runbox does not in any way distribute users’ email addresses, and is not a source of spam — directly or indirectly.

Several email services have been affected by falsified messages claiming to be from the service’s administrators, stating that users’ account are closed and require some action by the user to be reopened. Such messages often contain viruses and should be ignored or deleted.

Runbox is sometimes, like many email domains available to the public, blocked by some other services and private domains. We always follow up on such cases, but some services and ISPs tend to ignore attempts to inform them. The more complaints they receive, the more likely they are to realize what the actual problem is.

If you have had email sent from Runbox blocked by the receiving service, please contact Runbox Support, and file a complaint to the postmaster or support desk of the domain in question. Often, setting your From address under preferences as @runbox.no or @runbox.us will circumvent such domain blocks. All Runbox addresses are synonymous on the .com, .no, and .us top level domains.

Phishing

An increasingly common phenomenon is “phishing”, where messages appearing to be sent from e.g. legitimate financial institutions attempt to trick recipients into “verifying” sensitive data (such as credit card information) on fraudulent web sites.

Legitimate services will rarely (if ever) send messages requesting you to click a link and provide personal or sensitive information. Be sure to verify the source of the message before complying with such a request.

If you receive messages claiming to originate with payment services such as PayPal, eBay, financial institutions, or even Runbox, please verify that the message is indeed sent from the service in question:

  • Look at the links in the message in plain text (not HTML) view. Verify that the actual link contains the domain name (e.g. runbox.com or paypal.com), and not another domain name or IP address, by hovering the mouse pointer over the link while looking at the status bar of your browser. Remember that links in an HTML message may be “disguised” and link to a different server than it appears to do.
  • Check the message headers. Look at the IP address of the sending server and verify that it resolves to the correct domain and country by using a service such as DNSstuff.
  • Falsified messages will rarely address you by name or provide any personal information about you except your email address, because the senders do not have access to such information.

In the wake of this onslaught of junk clogging mailboxes, aggravation and frustration has caused a lot of misguided accusations and misconceptions about how spam reaches people in the first place. Runbox is dedicated to fighting spam as effectively and unintrusively as possible, and in our Terms of Service strictly prohibits users from sending spam through Runbox. If you have concerns about our handling of in- or outgoing spam, please proceed to the FAQs below.

What does Runbox do to fight spam?

  1. Runbox runs restricted access servers only. This means that it is impossible to send mail from us without logging in as a registered user, and we can trace every single mail orginating from our system. This means that Runbox is not an “open relay” (an unsecured server exploitable by spammers).
  2. Runbox supports the Sender Policy Framework for verifying the senders of email messages. See Wikipedia for more information.
  3. Runbox offers state of the art spam protection to all users. It is a unique combination of the renowned points-based SpamAssassin, and the “intelligent” statistical spam filter Dspam.
  4. Runbox checks major databases of spam originators such as the Open Relay Database and Razor. Users can block senders and domains themselves using the Block sender button on mails, or the list directly, under Manager:Filter.
  5. Runbox does not allow trial users (those who have not yet paid for their account) to send email to more than 50 recipients per day.
  6. Complaints about users sent to abuse@nullrunbox.com are reviewed every day, and a single complaint is enough to shut down a trial account, or even a subscribed one, if the submitted email bears the hallmarks of spam, with no valid disclaimer.
  7. Runbox initially allows legitimate, double opt-in Internet marketing mailings. However, such email MUST include full disclaimers and numerous complaints will still get accounts shut down.
  8. Runbox manually reviews all trial signups and payments many times every day, and we close down all accounts that look suspicious, as a preventive measure.
  9. Runbox does not provide “Challenge-Response” anti-spam filtering, because it isn’t particularly effective, it misplaces the burden of spam management on the sender (which is often not the spammer due to forged messages), and several other problems. See for instance this article for more information: Challenge-Response Anti-Spam Systems Considered Harmful.

What can users do to avoid spam?

Do’s

  1. Use the Runbox spam filter and virus filter. Maintain your trainable spam filter by always correcting it when it misclassifies a message. See the Filter Help page and Blocking spam for more information.
  2. Always check the sender and recipient information of suspicious messages. Spam will typically be sent from falsified email addresses to conceal the real sender, with a number of recipients in the BCC (blind carbon copy) field of the message to hide the large number of recipients.
  3. Be careful in setting up autoreplies, as they may verify the existence of your email address to spammers.
  4. When you forward mail to a large number of people, weed out any addresses that are inappropriate, and put all addresses in the BCC field to hide them from the other recipients.
  5. Use firewall software on your computer to stop attacks from people attempting to compromise your system and possibly use it to send spam.
  6. Whenever you receive spam, always examine the full message headers. If they look like a dubious jumble of random servers and domains, they probably are. If the from address for example is on the format something-fjtr@nullrunbox.com or gshyt4j5kkds7j6@nullrunbox.com, this is a fake, made up address, and there is nothing much we can do about it. To see what a real Runbox header looks like, click here.
  7. If any valid message headers indicate what server the message was sent from, contact the service in question and file a formal complaint.
  8. Keep informed by checking the Runbox Information and Help sections, this page, and the Runbox Service Status page.

Please see the Filter Help page for more information on configuring Runbox to block spam.

Don’ts

  1. Do not select short or very easy usernames or aliases, as these are far more spam prone than slightly longer and more unusual ones. Underscores, hyphens and periods are also recommended as part of your username.
  2. It is crucial not to use valuable email addresses anywhere where it is visible to others (whom you don’t know). Never leave your email address behind in guestbooks, petitions, webpages, or similar where spammers might collect your address. If you must publish your email address, use a disposable one or at least obfuscate your address using for instance words instead of the special characters (“AT”, “DOT”, etc).
  3. Do not use real email addresses for signing up for (free) downloads of any kind online.
  4. Do not open suspicious-looking email or attachments. It might contain harmful viruses that can infect your computer and use it to send spam.
  5. Do not make purchases based on spam messages you receive, thus eliminating the spammers’ economic foundation.
  6. Do not use the same email address too much. Vary by using email aliases or disposable addresses.
  7. Do not use message preview if it displays scripts and external images. The email might send information back to the sender.
  8. Do not use the same username on several domains — it makes it easier for spammers to find you on other services.

Reporting abuse

If you suspect a Runbox account to be the source of unsolicited email, please review the headers of the message to verify that it does in fact originate with the Runbox servers. If you are certain the message is sent from Runbox, please forward the entire message with original headers to abuse AT runbox DOT com.

More information