Newsgroups and Spam

   There are over 30,000 discussion groups, covering almost every imaginable topic. If you are receiving junk e-mail, see the section on junk e-mail and spam for direct action you can take against e-mail spam, and instructions on how to filter e-mail. If you post to a newsgroup, however, chances are that a spammer will pick up your e-mail address from the post and send you unwanted e-mail. Some techniques for preventing this are mentioned below.

• Netiquette and Basic Information
• Your Posts are Archived
• Usenet Newsgroups Dealing With Spam
• Hide Your E-mail Address
• Spam bait
• See the section on junk e-mail and spam, including Anti-spam Legislation. Support Smith's anti-spam legislation, not Murkowski's.
• And you gotta check out SubGenius Police, Usenet Tactical Unit (Mobile).

Netiquette and Basic Information

• NewbieNet presents good basic information on spam.
• IU's Usenet Newsgroups Resources information, covering everything from "what's a newsgroup" to more advanced topics.
• The Net Abuse FAQ contains the official definition of SPAM and lots of good information about how to deal with it.
• Also see Netmiser for information and links on netiquette.

• A good Newsgroup Information site contains information and links you can use to find out more about specific newsgroups. This site also has a mirror site.
• These FTP sites provide lists of: Major Newsgroup, and Alt Newsgroup hierarchies.
• The Usenet Info Center contains browsable lists of newsgroups and other information.

• For information on specific newsgroups, see Searchable Newsgroup FAQs
• If you are new to newsgroups, check out good "how-to" information collected by Netscape, and
• Jon Bell's Newsgroup Information for Beginners.
• And be sure you understand Netiquette (Net etiqiette) before you post to a newsgroup! Also see documentation on E-Mail Etiquette. In general, don't respond to spam, and watch out for "trolls", which are posts designed to generate an emotional response.
• BTW, here's an online guide to smiles and e-mail acronyms  :=)

Your Posts are Archived

Deja News and Alta Vista both provide mechanisms to search postings to newsgroups. If you do not want Alta Vista to archive your newsgroup posts, add "x-no-archive: Yes" to the header, or as the first body line. In reality, though, you should consider anything you post as public, permanent, and searchable.

When you post to a newsgroup, there is a very good chance that your e-mail address will be automatically picked up by junkmail spammers, resulting in junk e-mail being sent to you. Some spammers also pick up e-mail addresses from web search engines such as Yahoo.

Usenet Newsgroups Dealing With Spam

• news.admin.announce - Usenet announcements, moderated
• news.admin.net-abuse.sightings - post new spams in full here for archival, no discussion
• news.admin.net-abuse.email - discussion of e-mail abuse: UCE, forgery, etc
• news.admin.net-abuse.usenet - discussion of newsgroup abuse: EMP/ECP etc
• news.admin.net-abuse.policy - Terms Of Service, legal, and legislative issues, moderated
• news.admin.net-abuse.misc - abuse topics not covered elsewhere
• news.admin.net-abuse.bulletins - cancellations, sites bounced, etc.; moderated
• news.admin.net-abuse.announce - defunct as of Jan 13, 1997; replaced by news.admin.announce

Additional newsgroups of interest:

• alt.privacy - discussions on privacy - check it out!
• alt.current-events.net-abuse - superseded by the above newsgroups
• alt.spam - alternative spam discussion group (low traffic)
• alt.stop.spam - discusses stopping spam

Hide Your E-mail Address

Newsgroups are routinely scanned for e-mail addresses by spammers. This is done by software which examines posted articles and looks in header fields such as From and Reply to for e-mail addresses to add to their lists. This software may try to pick up anything that resembles an e-mail address anywhere in the body of the article -- including the signature line.

You can adapt a few techniques to prevent spammers from automatically picking up your address. First, don't give your real e-mail address to anyone you don't know, such as a to request on a web page, or correspondence (e-mail or snail mail) to companies. When posting to newsgroups, you can alter your e-mail address so that it is still discernible to real people, but confusing to bots, which take the address in its entirety. For example, if your e-mail address is "yourname@your.com" you might use an e-mail address like one of the following:

    DELETE_CAPS_TO_REPLY_yourname@your.com
    yourname@DONTSPAMyour.com
            delete DONTSPAM to reply
    yourname@##your.com
            * delete ## to reply
    yourname@your.com*
            * delete the trailing asterisk to send back a reply
    yourname at your dot com
            replace "at" with @ and "dot" with . to reply

    yourname@yourXX.com
            delete XX's to send back a reply
    yourname@yourxyz.com
            delete xyz to send back a reply
    yourname@your.org
            replace org with com to reply
    yourname@yourjoke.com 
            delete "joke" in the return address to reply

Be creative! With the help of twisted minds, spambots are becoming more clever. Many can decipher simple techniques of hiding your e-mail address. Thus, you are better off using techniques like the last three in the above example, which change the domain name to appear "real" to spambots.

Avoid using the special characters < > or () or "" as these delimiters will be ignored, resulting in spam in your inbox. Be sure to instruct people as to how to respond to you -- include instructions in your signature line as to how to respond. Don't include your real e-mail address there - spammers' robots will find it.

Note: only modify your domain name (to the right of the @ - your.com in the previous example). If you modify your username (yourname, above), it will cause unnecessary traffic on the Internet. By modifying your username, the spam will be sent to your server (your ISP). Your server won't find a user by that name, so it will return the spam back to the spammer's server. Since most spammers fake their "replyto:" address, the spam will most likely will go into a loop, bouncing back and forth between the two servers.

Problems with this approach include:

• It takes effort for someone to change your return address and reply to you. You may want to direct your newsreader to simply dummy up your from header, and leave the reply to header intact when you post, in order to confuse the bots. But keep in mind that many people routinely respond to newsgroup posts with an e-mail copy to the originator. If you post to a newsgroup with a fake reply to header, people sending replies to you can become very unhappy when their replies bounce back to them.
• Using a bogus domain name can result in an unsuspecting, but legitimate, domain being sent your email. Note that the domain nospam.com is now placed on hold because of the large amount of UCE that has been directed there.

Another approach that may fool spammer's automated e-mail address grabbers is to lookup your Internet Service Provider's POP server, and insert the numeric values as your return address. For example, if your ISP's pop server is 123.456.123.456, use the following as your e-mail from and reply-to address:

    yourname@[123.456.123.456]        (be sure to include brackets)

Here is more technical information on how so specify e-mail addresses. You can also check how secure your browser is.

Spam Bait

You can add some mailto tags to any web pages you maintain:

    < A HREF="mailto:abuse@[127.0.0.1]" > </A>
    < A HREF="mailto:postmaster@[127.0.0.1]" > </A>
    < A HREF="mailto:root@[127.0.0.1]" > </A>

     and perhaps:
    < A HREF="mailto:admin@[127.0.0.1]" > </A>    
    < A HREF="mailto:billing@[127.0.0.1]" > </A>

Spammers use spambot spiders to pick off e-mail addresses from web pages. With no descriptive text before the ending </A> tag, the preceeding mailtos will be invisible to anyone browsing your site, but spambots will pick them up. The [127.0.0.1] is a loopback address, which will cause spam to be sent to the spammer's originating domain! Note: the postmaster address, at least, is required of all ISPs.

Here's more info on spam bait and even a Perl script to automatically generate it! Or, simply include one of the following links on your web pages. Spam spiders will follow the links and pick up the bait, which might just cause them to send to bad e-mail addresses, spam themselves, etc.

    < A HREF="http://www.io.com/~johnbob/chaff1.cgi" > </A>
    < A HREF="http://www.io.com/~johnbob/chaff2.cgi" > </A>
    < A HREF="http://www.io.com/~johnbob/chaff3.cgi" > </A>
    < A HREF="http://www.io.com/~johnbob/chaff4.cgi" > </A>
    < A HREF="http://www.io.com/~johnbob/chaff5.cgi" > </A>

Wpoison is a free tool which can be used to help reduce the problem of bulk junk E-Mail on the Internet. Wpoison helps to combat the junk E-Mail problem by thwarting the efforts of junk E-Mailers who regularly scan web pages.

Yahoo has a multitude of spambot bait sites listed. Go to http://www.yahoo.com/Computers_and_Internet/, then select Communications_and_Networking, then select Electronic_Mail, then Junk_Email, and finally Bot_Bait. Have fun!

Probably the only way to truly eliminate spam is to get the attention of Congress and enact legislation similar to the US "junk fax" law, which makes it illegal for anyone to send you unsolicited faxes. With both fax spam and Internet spam, the recipient pays for the cost of the spam (including paper, connectivity charges, storage charges). The "junk fax" law came into being because congressional offices received just as many junk faxes as everyone else. If Senators and Representatives receive more and more spam as they use the Internet, they will begin to realize the consequences of unregulated spamming.

Most spammers use automated software to pick up e-mail addresses from newsgroup articles. Most of these robots pick up every e-mail addresses they can find, even addresses in the body of the article. Therefore, many people routinely add several lines to the bottom of their newsgroup posts as "spam bait". These lines simply contain the e-mail addresses (separated by commas) of the White House, and key Senators and Representatives. Spammers' robots pick up these addresses and send spam to them, along with everyone else. Simply add the e-mail addresses of your elected officials (or any public officials) somewhere near your signature lines, preceded by appropriate comments like Spambot bait - please ignore.

Here are e-mail addresses and information for:

• USA House Of Representatives members and how to contact them. Find out who your representative is and how to write them.
• US Senate and e-mail addresses.
• US White House. Send e-mail to the President and Vice-President.
  The actual e-mail addresses are: president@whitehouse.gov and vice.president@whitehouse.gov.

In actuality, spammers' software undoubtedly filters out government e-mail addresses (*.gov). Therefore, why not send a copy of spam you receive to your Senators and Representatives?

CAUCE is an organization dedicated to expanding the US "junk fax" law to cover e-mail spamming. Join their effort! Support anti-spam Legislation. Support Smith's anti-spam legislation, not Murkowski's.