Stock Spam Hell
Stock spam is the current blight on my inbox. The stuff is impossible to stop. In particular because the spammers are including the information as attached images. My normal fix for spam, aside from running Spam Assassin on my mail server has been to set up rules to filter messages that include predictable stuff. Unfortunately, there's nothing that predictable about these spams except that they have image attachments. Filtering based on that would knock out a bunch of legitimate client emails as well.
Spamnation.info has some advice:
3.3 Is there anything I can do?
The best thing is to try to filter the spam. Unfortunately, this isn't easy. Stock spammers try particularly hard to avoid spam filters. Recently, many of them have taken to sending their messages as embedded images accompanied by random 'hashbuster' text in order to get past filtering.
If your mail program or your mail server lets you write rules that 'score' incoming messages, you might want to give higher scores to messages with embedded images. Because stock spammers make heavy use of 'botnets' - networks of hijacked home and office PCs on dialup or broadband connections - you might also want to be suspicious of messages that originate from dialup/broadband hosts. Some ISPs or mail forwarding services can flag messages that were sent directly from such hosts.
Stock spammers like forging other people's addresses in the 'From:' lines of their messages. This makes them a candidate for filtering using SPF. If you manage your own mail server, you might want to consider rejecting or flagging mail that explicitly fails an SPF test.
Some stock spammers still send their spams as plain text. You may be able to filter for those by using strings that appear commonly in stock spam but are rare in legitimate messages: 'OTCBB', 'Symbol:', 'Symb0l', 'St0ck' and 'set to explode' are all commonly found in stock spam and rare in 'real' messages.
Read the full article on stock-related spam.
So there may be some relief in sight. On the plus side (if there really is one), I've been enjoying the random from addresses and subjectlines. Here are a few of my favorites:
From: Andrew Chappell
Subject: boldness lengthwise
Lengthwise? Really?
From: now
Subject: Slide Pins Impress friends
Silly me — all this time I had been practicing my plate-spinning techniques.
From: louanne lee
Subject: grasp, and
And?! And?! And what, Louanne?!
From: God
Subject: its easy creating
You know, I always suspected it was...
Phil Hertzler | 11.02.06 | 5 comment(s)
Reader Comments
Yeah, last time I used Thunderbird, there was still no integration with iCal and Address Book, which was a deal breaker for me. Have they bothered to change that yet? (My guess is, no)
Posted by Philip Hertzler from Richmond on 11.02.06 at 1:32
Can’t tell you, since I only use it on my PC at work, where the idea of integrated software is still a myth!
Posted by Aaron Kuzemchak from Richmond, VA on 11.02.06 at 8:49
got a filter for you to try out… add a new rule in mail.app that has the following settings:
1. sender is not in my address book
2. any attachment name contains .gif
should filter out the majority of the stuff.
Posted by Aaron Kuzemchak from Richmond, VA on 11.05.06 at 10:22
Yeah, that would work. It’s pretty rare that anyone sends me a legitimate .gif attachment. I guess if they do, I’ll just go look for it in the trash. Thanks!
Posted by Philip Hertzler from Richmond on 11.06.06 at 11:44
I’ve been having this problem a lot lately as well, and I’ve found that Mozilla Thunderbird does a great job of keeping these things out of my inbox, while Apple’s Mail.app falls way short. Too bad, since I like using Mail.app so much more.
Posted by Aaron Kuzemchak from Richmond, VA on 11.02.06 at 1:21