So How Do Spammers/Scammers Know

[Jon Light (deceased)]

As I receive renewal notices from Norton for my dwindling subscription (7 days left, I think I'm going to ditch it) my spam filter is catching daily bullshit scam Norton renewal notices with ridiculous headers. I was not receiving these until now.

Why do they know that my Norton re-upping is coming up?

[Dave Potter]

"All your bases are belong to us...."

I'm sorry, Jon, couldn't resist. I honestly don't know the answer to your question.

But the over-arching issue of anonymity comes to mind. Who knows what Norton (or any of their sub-contractors) do with your contact information? When you put your personal email address out there, on the web, it's red meat - you've relinquished it, and it's out of your control, once you've put it out there.

That's why I've been using a Firefox add-on called Blur, which is too involved to explain here, but, suffice it to say, it offers the opportunity to use masked, disposable email addresses. You have as many faux email addresses as you want, each of which forwards to your personal email address, and each of which is disposable. If one of them starts to become a spam magnet, you simply delete it, and it's done. Just food for thought.

[Jon Light (deceased)]

"All your bases are belong to us...."

I'm pretty sure that's the best answer I'm going to find. And it's good enough.

I actually have a handful of anonymous addresses from my provider but it's a pain to associate them with my most used accounts. I only use them for stuff I rarely log in to. The spam catcher works well enough to reduce the nuisance factor. My primary addresses remain quite usable after all these years.
But it's food for paranoia when spam hits me with discount stamina pills just when I've got a hot date.

[Charlie McDonald]

"All your bases are belong to us...."

The new paradigm.
Feeling safe is wearing a crash helmet or riding in a heavy car. It appears we can give up the illusion when it comes to computers.

But I can sympathize Jon. Perhaps the paranoia food comes as the effect of shotgun marketing; you're bound to hit something, it's just a question of time. We shouldn't kid ourselves; 'they' want us to be paranoid; it's good for business.

[Dave Potter]

I actually have a handful of anonymous addresses from my provider but it's a pain to associate them with my most used accounts.

Totally understand. I experimented with other, less flexible disposable email address schemes with similar results. The beauty of the Blur add-on is that it's not only free, but links each specific disposable address you decide to use to a specific account, along with it's own, discrete and disposable password Blur also offers to generate when one is required, so there's no duplicating between accounts, if that's the objective. You can search your Blur account easily to locate and identify your email addresses and passwords. I have no affiliation with any of this, just passing along what I've found to be a useful tool.

I'm still using the same personal email address I've used for many years, although I use Blur addresses almost exclusively nowadays. Being a trusting sort by nature, and admittedly, sometimes a bit slow on the uptake, it took me a while to comprehend what was obviously being done with it. Clearly, bought and sold many times over, that address attracts spam from all over the world now, and to eliminate it, I have a killer, "challenge-based" email filter called Choicemail, which acts as an intermediary between the internet and my email client, Thunderbird.

Any email not from one of my "whitelist" contacts gets an automatic "challenge" email from Choicemail, transparent to me, asking the sender to "register" to send me email - a one-time process that takes seconds. Since spammers won't do that, all those messages are quietly and summarily deleted after the period of time I specify in the software. Legitimate "unknown" senders who DO register are immediately "approved" by Choicemail and their email appears in my email client, Thunderbird. I can also approve them manually to save them the trouble if I recognize their email pending in Choicemail.

Choicemail can do many other useful things - you can block specific IP addresses or ranges of IP addresses, you can block specific internet domain names, and also specific email addresses (blacklist), and other things. It's quite effective, and very slick. My spam count is virtually nil.

[Larry Carlson]

I use a program called Mail Washer.
I have a list of about 8 people I will accept emails from.
The rest I receive get automatically marked as spam, deleted and bumped back to
the sender making it appear that my email address is a bad one.
I don't even see the emails, they just bounce back.
After about 3 months of use I stopped receiving any spam emails.
It is free, it works for me. That's about it.

[Wiz Feinberg]

I use a program called Mail Washer.
I have a list of about 8 people I will accept emails from.
The rest I receive get automatically marked as spam, deleted and bumped back to
the sender making it appear that my email address is a bad one.
I don't even see the emails, they just bounce back.
After about 3 months of use I stopped receiving any spam emails.
It is free, it works for me. That's about it. :)

I'm glad to know that you are also a MailWasher user Larry. Did you know that not only do I use the program and represent Firetrust as an affiliate, I also write MailWasher spam filters for the program? They are free to use, singly, or in total.

I am also a member of the MailWasher Pro Beta team.

[Larry Carlson]

I'm glad to know that you are also a MailWasher user Larry. Did you know that not only do I use the program and represent Firetrust as an affiliate, I also write MailWasher spam filters for the program? They are free to use, singly, or in total.

I am also a member of the MailWasher Pro Beta team.

Well sir I thank you for your work and contributions to the program.
It's a great little program and has relieved me of the headache of all those idiotic spammers out there piling on in my inbox.
Been using it for a couple of years now..........love it.

[Dave Potter]

I use a program called Mail Washer. I have a list of about 8 people I will accept emails from. The rest I receive get automatically marked as spam, deleted and bumped back to the sender making it appear that my email address is a bad one. I don't even see the emails, they just bounce back.

I don't think that sort of arrangement would work for me at all. I need to have an opportunity to receive emails from senders for whom I have no way to know beforehand what their email address is.

For example, I live in a rural area, and do a lot of internet shopping. Receiving order confirmation emails is a critical part of that process, and since I'm expecting them, when Choicemail stores them, pending a challenge reply, I see it and wave it on through manually. Any process that would just delete them before I see them would be a total disaster, for me, at least. That's only one example of how I find it useful to know what I'm receiving before they get arbitrarily marked as spam, since some are not.

[Wiz Feinberg]

In effect, Larry is using a whitelisting approach to spam filtering. This only works for a limited number of people, or on specific e-mail accounts.

I prefer using custom conditions and actions, which is what my spam filters do. I also have a Friends list that allows known contacts through the filter blockade, by getting processed first. MailWasher processes Friends List, Blacklist, then any custom filters. The filters themselves are processed from the top down.

[Dave Potter]

In effect, Larry is using a whitelisting approach to spam filtering. This only works for a limited number of people, or on specific e-mail accounts.....I prefer using custom conditions and actions, which is what my spam filters do.

Sure. And any decent anti-spam software catches email containing the buzzwords - drugs, viagra, cialis, sexual language, etc. Choicemail comes with a bunch of "Rules" (filters) built-in, some written as Regex expressions, to handle the common problems, and users can add their own as well - using Regex is not required.

But it's also common for legitimate unknown senders, who have a bona fide reason for contacting us, to attempt to do so. I cited the example of online order confirmations above. There's just no way to add an unknown email address to a whitelist. Both that type of email and spam come from senders the software doesn't recognize. How do you write a filter that can distinguish between them?

That's the issue a challenge-based system addresses handily. Legit unknown senders are provided an opportunity to respond to the simple challenge email, and when they do, they're automatically added to the whitelist. Spammers won't respond, and are deleted - to the junk folder, where they can be reviewed, or permanently, depending on user preferences. It's a valid exploit of human nature. It's a beautiful thing.