Spam busters

PostArmor is the new enemy of junk e-mail. It homes in on header clues and zaps the stuff before it even reaches you, says Charles Arthur
Click to follow
The Independent Online

If I had availed myself of all the offers I've had by e-mail, I'd have the world's firmest stomach and largest, er, manhood, itself fuelled by huge, cheap amounts of a certain sex-related blue pill. I'd be disgustingly rich on money siphoned from African banks, with a cheap cheap mortgage, and my eyes would be out on stalks as a result of all the pornographic pictures I'd followed invitations to watch – not all of them sounding biologically feasible.

If I had availed myself of all the offers I've had by e-mail, I'd have the world's firmest stomach and largest, er, manhood, itself fuelled by huge, cheap amounts of a certain sex-related blue pill. I'd be disgustingly rich on money siphoned from African banks, with a cheap cheap mortgage, and my eyes would be out on stalks as a result of all the pornographic pictures I'd followed invitations to watch – not all of them sounding biologically feasible.

Yes. I get a lot of spam. In fact, I get a lot of e-mail generally: about 200 pieces each day, and unlike most people I talk to, the vast majority comes from outside the organisation. And with my e-mail having long since gone "into the wild" on the internet, being sold by spammers to other would-be spammers, a significant share of those e-mails is pure junk. Doubtless you have the same problem, on a greater or lesser scale.

If you're new to the net and wondering how to avoid it, the important clues are: don't post on newsgroups or discussion boards giving your address, and don't put your e-mail in machine-readable form on a web page. Also, don't sign up for the best-known free webmail services – Hotmail is by far the worst in this respect, as spammers use programs that generate every possible combination of valid Hotmail addresses, and send their offerings to them.

Two other points: if you do get spam, never bother replying; the address will either be fake, or your reply will prove that you read through all that rubbish, which makes you an ideal receptacle. And second, in case you're wondering: I've been receiving spam for about seven years now, running into thousands, and I have never, ever seen one worth following up. Those millions in the Nigerian bank? They don't exist.

But how to deal with the flood? In the past, I've simply used the generic rule that once you've allowed for senders who regularly e-mail you by "blind copy" (Bcc), such as mailing lists (where your name doesn't appear in the address fields), then anything that doesn't have my address in the To: or Cc: fields is rubbish, and is junked. That kills about 95 per cent of the junk.

The flaw in this is that it kills the spam after it reaches your machine, and some of their (more offensive) associated downloads really do take up time: I've seen quite big image files accompanying spam. Equally, some send links to pornographic sites, which you really don't want your mail program to follow. And some spammers use programs sophisticated enough to e-mail you personally, though no more usefully.

What to do? The ideal is to filter out the spam while it's still at the other end of your telephone (or broadband) line – on the POP-mail server. There are programs that will show you what's in your POP mailbox, but you have manually to delete the things you don't want to download – rather a bore.

So I was delighted to discover a truly cross-platform program that you can teach to separate the spam from the real stuff, and which will kill it before it reaches your machine. Called PostArmor, it will run on Windows and Mac machines (all varieties) because it's written in Java.

Available from http://www.postarmor. com, the program is a straightforward install, although on Windows you'll have to check you have the correct Java libraries – Windows XP may lack them, as Microsoft doesn't like Sun or Java, so you may have to download that. Mac users pre-OS X may need to download Java's "Swing" software; the PostArmor website has the pointer. Once installed, you tell PostArmor where your POP or IMAP mailbox is, using the settings from your mail program, and let it review what's waiting for you.

PostArmor only inspects the "headers" of the your e-mails, because the mail server will send those over without the whole e-mail. Usually, the only headers you'll see in an e-mail are the subject and address fields; the rest are hidden. But they often contain clues to identify spam. Did the mail servers have trouble identifying who was sending it? Was it sent to you, or Bcc'd? Does the subject line contain lots of CAPITALS, or porn ("Horny!") or financial ("Cheap mortgages!") words? PostArmor assigns points to each set of headers based on a set of about 30 such rules. Its window then shows stuff below the spam threshold in green, possible spam in yellow, and total rule-breakers in red.

You can either go with the default values, or tweak them, turning them off or adding your own, new ones. I found this essential, because for some reason many PR people think the only way to get my attention with press releases is to entitle them in CAPITALS ALL THE WAY. (People: it's not.) And I get a lot of financially related e-mail. Experience tells that the only e-mail I get from China, Korea, Taiwan, Mexico, Russia, Argentina and Brazil is junk – so I've added a rule to detect headers containing ".cn ", ".kr ", ".tw ", ".mx ", ".ru ", ".ar " and ".br ". Note the spaces – just trapping ".ar" would spam-label anything sent to "c.arthur", which isn't the idea.

Messages that break a lot of high-value rules can be automatically deleted, and you can set the program to delete suspected spam after a number of days.

The best thing about PostArmor? If you're only using it to check a single mail account, it's free. If you've got more than one, it's $15 (£10) per computer, which I'd say is a good price for not having to deal with junk at all. You can purchase online.

The key step is to reconfigure your e-mail program to ask PostArmor, rather than your mail server, for the e-mail. (This is explained well in the documentation, which anticipates most questions.) Once you're happy (which can take up to a week if you get a lot of e-mails), you can set PostArmor simply to delete messages right away, and only look at it from time to time, to see all those spams squirming away, having utterly failed to reach you. Believe me, it's a very satisfying feeling.

PostArmor: http://www.postarmor.com/ Free for a single account. For Windows, Mac OS 9 & X (requires Java)

Comments