************************************************************** * * * CYBERSPACE * * A biweekly column on net culture appearing * * in the Toronto Sunday Sun * * * * Copyright 1999 Karl Mamer * * Free for online distribution * * All Rights Reserved * * Direct comments and questions to: * * * * * ************************************************************** In the last few months, people using net.news have started noticing an inordinate amount of Unsolicited Commercial Email (UCE) filling their mail box. Anyone with a program called a Stripper Bot can search the news spool, build a data base of every email address found in news postings, and pump out 2 million emails extolling the virtues of a pyramid scam or a pen pal club! It's not uncommon to receive one or two UCEs a day. It's not going to stop there. Grab a look at how many spams a day get posted to dummy newsgroups in the alt hierarchy. Won't it be fun when twenty or thirty such messages hit your mailbox each day? Short of a UN security council ruling allowing a nuclear first strike against a spammer's nation, you've got to seek your own solutions. If your net provider gives you access to the Unix shell, set up a mail filter. There's a Unix program resident on many systems called "procmail" that will automatically match user-defined patterns in email headers and dump offending mail to the Unix equivalent of the Mac/Windows 95 trash can, a directory called /dev/null. Procmail won't eliminate all UCE but a well-honed pattern file set to trash everything from a dozen or so "rogue" domains can eliminate the vast majority. Procmail's downside is it's not very easy to set up. Unix, eh? If you're reasonably fearless around a command-line interface, the Mail Filtering FAQ at www.landfield.com/faqs/mail/filtering-faq/preamble.html gives you easy-to-follow procmail setup instructions. Not every ISP gives you access to Unix. If that's the case, get a SLIP/PPP email package that lets you filter email based on header patterns. The registered version of Eudora has this capability. You still have to waste time downloading the UCE but at least you can eliminate the clutter factor. You can also avoid getting on UCE lists altogether. Some users put threats in their sig line warning UCE constitutes an agreement to pay a sum of $500 for proof reading services. Most spammers, however, don't care about threats and bots don't read sig lines. Are you really going to waste time tracking down the officers of a company in a different country and take them to small claims court? The best way to beat spammers is by simply not entering a valid return address in your newsreader. Change your email address just enough so a human knows what to do with it but a stripper bot will be fooled. A script that simply grabs continuous blocks of text to the right and left of an @ symbol will dutifully mail off spam to an invalid address like NO_UCE_CUT_ME_kamamer@io.org. Make sure you vary the pattern. Bot programmers are like the Borg. They adapt. A simple line of code can get around predictable pattern like "NO_UCE."