SPAM Email - Best Practices to reduce inflows
Below are some ideas shared in a security forum this morning. Please remember that there are no magic formulas to eliminate spam. Spam represents about 70-90% of all email traffic on the Internet.
- Be careful online and safeguard your privacy (e.g., don't reveal your email address except when you have to and only then to a trusted site)
- Ensure your system is malware-free. It is always important to ensure no viruses, spyware, or other malware is present that could transmit these addresses to spammers.
- Don't post email addresses in online forums, social networking websites, or untrusted web forms. For example, if you directly share an email address within a public post, there are "robotic spiders" which randomly read webpages and may harvest them. You're okay registering to forum, as ADMINS lock down and hide email registration addresses
- Never reply to spam to opt out links at the bottom of the messages. Spammers know they've got a "good address" and these rascals aren't ethical enough to remove you either. Finally the spam opt-out URL may also be malicious as well
- Use bcc (blind carbon copy) or group name techniques when sending email to others (so spammers don't hit the jackpot). Educate and encourage friends and family to do like-wise
- If you get overloaded on an email account with spam, change to a brand new email account to start the process all over again.
- Technical safeguards like spam filtering within an email product (e.g., Outlook, Thunderbird), or even a separately purchased spam filtering package may help. These work well, although some validate email messages may be caught in the spam filters and thus they should be reviewed prior to emptying and deleting all contents.
- Web filtering + AV + Content filtering software in the DMZ or firewall are highly recommended (e.g., Corporate version of Baracuda; multiple AVs, etc)
- MIME compliancy testing - This standard can be used in the DMZ to filter out non-compliant messages
- Security Awareness - Teach spam avoidance concepts to your user community