How do they get my address?
E-mail addresses are obtained in a variety of ways. Spammers search Web sites, newsgroups, mailing lists, and domain registrations. They forward chain letters, send bogus special offers, or promise to remove you from their “mailing lists.” Harvester programs scan chat rooms and other live Internet meeting areas. Your browser can even be tricked into revealing your e-mail address!

Users of AOL (America On-Line) and other large Internet service organizations (such as Hotmail) are prime targets. Often, their addresses can be guessed. AOL addresses are coveted because the AOL service appeals to new Internet users who are more likely respond to spam solicitations.

How can they use these addresses?
Once they have a list of addresses, they simply send lots of e-mail to the addresses on the list. All the spammer needs is an SMTP (mail) server that can handle a large quantity of mail and a way to hide his identity. This is supported by default in many bulk e-mail programs. Spammers can also buy programs that search the Internet for open relays, which are unprotected servers that will send e-mail from any source. The sender doesn't even have to identify himself in that case. There are sources where spammers can purchase a list of IP addresses from detected open relays they can then use to forward their mail.

Spammers can also setup their own desktop mail servers. However, ISPs target users of their network that take up too much bandwidth and are suspected of spamming. These users are quickly banned form the service.

To counter this limitation, some companies provide public bulk mail services on their own mail servers. This grants spammers IP addresses that can't be traced. Some even use e-mail server appliances, sending as many as a million e-mail messages an hour.

How do I stop spam?
At this point, spam can’t be totally stopped. It can, however, be limited.

Spam filtering software is becoming more and more popular. Limited blocking capabilities are even being incorporated directly into the latest e-mail clients from Microsoft and others. These filters block mail based on a variety of factors.

One common factor is to filter mail based on certain keywords, such as VIAGRA or other common terms. But spammers are quick learners, often changing their keywords in ways that allow them to go undetected by these filters. Advancements in filtering techniques allow for approximate pattern matching, blocking messages that contain near spellings of common terms. But no sooner does one side create a better filter then the other side discovers a way around it.

Another method incorporates blacklists, which identify e-mail servers associated with spammers. Mail will not be forwarded if it originates from these blacklisted domains. The problem with this technique is that legitimate mail can be blocked. If an ISP becomes blacklisted because of spam-friendly policies, or if one of its users had an open relay, other users of that service can be blocked from sending legitimate e-mail messages. Once your mail relay is on a blacklist, it can be a long process to be taken off.

Most spam blocking software uses a combination of these techniques to determine whether mail is blocked or not. Many are based on a scoring system, where triggering factors add to an overall point score. The user then defines which point levels equate to spam and which levels are allowed into the system. Of course, the varying sensitivity of this score can either allow too much spam in or even block real, desired messages.

Can I at least limit the amount of spam I get?
While you’ll most likely never be 100% spam free again, you can lessen your chances of being overwhelmed by following these tips:

• Be careful what newsletters and Web sites you give your e-mail address to.
• Never respond to spam, even to be taken off the mailing list, as this is often how spammers confirm an address is real.
• Don't post clear links to your e-mail address on your Web sites.
• Use alternate addresses in newsgroups and online chatting.
• Don't use guessable e-mail addresses.
• Set your web browser to a higher security level.
• Configure your firewall to block all unsolicited traffic.
• Install antivirus protection.
• Make sure your server (if applicable) isn't acting as an open relay.

I hope this helps in better understanding and combating the wave of spam that is upon us. Until next month, here’s hoping that the majority of your e-mail is junk free (or at least that the Viagra actually works out for you!)