Why do I get so much spam?

So just exactly where does all that spam come from? One of the things that most people who use the Internet, web, e-mail or other communications services on-line may not understand is that e-mail is a phenomenally low technology way to communicate. Sending an e-mail is not all that different from requesting a web page, or uploading a file through a file transfer protocol to another server. In fact, sending an e-mail happens with a list of instructions written in, you guessed it, plain text.

With such a low threshold for sending an e-mail, it stands to reason that it wouldn't be terrifically difficult to figure out a way, given the speed with which most computers operate now, to send a large amount of e-mail in a very short amount of time, and by using many computers, find a way to send a really large amount of e-mail in an even shorter amount of time.

E-mail is relayed around the Internet by something called the Simple Mail Transfer Protocol, or SMTP. SMTP operates on TCP/IP port 25, and listens to the other machines on the Internet, waiting for a signal that another machine would like to forward a message or a group of messages to be distributed to other users on that machine. The reason SMTP is simple is because as all engineers know, simple works and simple is more difficult to break.

E-mail really is nothing more than a specially formatted block of text that an SMTP server reads to determine what to do with. Is this message for a user on my machine, or should it be sent somewhere else? Since all e-mail messages have a domain name as part of the address, any SMTP server has an easy way to figure out the answer to that question.

But a spam message doesn't necessarily care whether this is the correct machine, or even if this is the correct user. All spam wants is to be read.

So how does spam end up in a particular user's e-mail box? Well, first, that user's e-mail address has to be known in order for that spam message to be routed by an SMTP server into their e-mail box. It is possible for a sending machine to broadcast a message into every e-mail box at a given SMTP server, but very very few e-mail systems are set up to route e-mail this way, and if they are, they probably shouldn't be.

How does a given spam e-mailing machine get a particular user's e-mail address? Well, if an e-mail address shows up on a web page somewhere in plain text, a spam server can find that address just as easily as a search engine can find a particular keyword. Again, spam doesn't care who reads it as long as they read it. Spam machines can spider the web looking for e-mail addresses 24 hours a day and build mailing lists of tens of thousands of addresses in a matter of minutes. How do you keep your e-mail address off that list? Simple.

Don't publish your e-mail address in plain text on the web for any reason.

But what if your address is sold to a spam directory? Now what? Well, the next step is to filter spam at the inbox. Almost all e-mail clients now have filtering technology that allows users to flag messages they believe are spam. As the filter is used more and more often, it becomes more effective at recognizing spam messages based on the links, domain names, keywords and subject lines that appear in them. After a moderate amount of time, users will find that the vast majority of spam e-mail will begin to show up in the filtered e-mail box first, without them ever having seen it.

But for some people, even one or two spam messages is too much. The next level of filtering involves the use of two kinds of lists. One is called a "whitelist" and the other is called a "blacklist." Of the two, the whitelist is the more restrictive, so we'll talk about blacklists first.

A blacklist consists of servers or e-mail addresses that a given e-mail client refuses to accept e-mail from. Since an empty blacklist by definition accepts all incoming e-mail, using a blacklist is more likely to result in at least a few spam e-mails getting through. Once those addresses or servers are added to the blacklist, however, they will no longer be accepted.

A whitelist is by far the most restrictive possible filtering system. A whitelist consists of servers or e-mail addresses that a given e-mail client will accept e-mail from. An empty whitelist by definition accepts no e-mail at all, because all servers start out blacklisted and only those added to the whitelist will have their messages accepted.

The combination of not publishing an e-mail address, installing filtering technology at both the server and client level and the optional use of either blacklists or whitelists is currently the most efficient and functional way to avoid e-mail spam as often as possible.