Dealing with Spam | Email Headers | Legislation
All trademarks, company names or logos are the property of their respective owners.
Spam is the unwelcome junk messages that pile into your in-box daily.
Spam is unwanted or unsolicited bulk email, postings, contact requests, SMS (text messages), instant messages, or similar electronic communications.
— Microsoft
Simply put, spam is electronic junk mail.
More precisely, spam is the spreading of a single message to a large number of email addresses, posting on an inappropriate newsgroup, or cross-posting a message to (typically) more than three newsgroups.
Other terms for spam are Unsolicited Commercial Email (UCE) and bulk email.
Spam is an issue about consent, not content. Whether the UBE message is an advert, a scam, porn, a begging letter or an offer of a free lunch, the content is irrelevant — if the message was sent unsolicited and in bulk then the message is spam.
— Spamhaus
In most cases, there is also an unethical nature to the emails, usually involving some sort of scam.
I suggest you never do business with a company that contacts you in an inappropriate manner. What makes you think they'll be there for you when you need support or if the product they sell is defective?
The next time someone suggests that spam is no big deal, remember this statistic:
In 2011, roughly 82 percent of all email traffic was spam. It is estimated that scam and phishing messages make up 19 percent of spam, meaning it is essential to be able to spot and avoid email scams.
— Check Point blog
The cost of spam is borne by the recipient, not the spammer, both in terms of the financial cost but also in the amount of time you waste dealing with unwanted emails.
It costs much more to advertise in a newspaper than it does to purchase it. Some newspapers are free to the reader, completely paid for by the advertiser.
The opposite is true with spam:
It is extremely cheap for the spammer to send millions of messages out. If even one person responds to this junkmail, the spammer will recoup his costs.
What happens if you buy something advertised via spam? This graphic shows the flow of Internet traffic and money following a purchase of Viagra from a spam email.
— Technology Review
When it comes to spam, individuals and businesses need to know how to protect themselves. That means recognizing a legitimate email versus spam.
— CASL
One thing to watch for is emails that come from a company but come from Gmail, Hotmail or similar free email addresses. Corporations purchase and use their own domains for marketing emails.
Never "opt-out" of something you didn't opt-in to.
Responding to spam will only expose you to the thousands of spammers that do not reveal their identity or will simply pass your removal request onto their “sales” department — resulting in even more spam.
With the exploding use of small devices like cell phones and tablets (both in addition to and in replacement of computers), spam is an important issue there as well.
If you're dealing with a business, you need to ensure that business is ethical.
Ethical e-commerce allows a business or an organization to get their message out to those that are interested without endangering the organization's reputation.
Anyone offering to "target market" for you is offering to send spam on your behalf.
Avoid avoid opt-out tactics like pre-selected checkboxes. Not only is this illegal in Canada, it is unethical. The legal alternative is opt-in.
These sites can help you deal with spam:
During the process of getting help dealing with spam (or other email issues) you'll often be asked for a copy of the original email with the full headers.
The headers include tracking information that tells where the email originated and include the various servers involved in delivering the message.
If someone requests “the headers” they are looking for the tracking information contained within the email, but hidden by most email programs until you request that information (show headers, view source, etc.).
Email headers include information similar to the following:
From: <[email protected]>
Return-path: <[email protected]>
To: <[email protected]>
Received: pender.islandhosting.com
Wed, 08 Jun 2022 11:03:04 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.10.0
Language: en-US
Information and layout varies between hosting services and email programs.
Try right-clicking on the email listing in your email program for “view source” or similar wording.
Usually folks only see the “short” headers:
From: <[email protected]>
To: <[email protected]>
Subject: Cat video updates
To: and CC: are often included in the short headers, but BCC: addresses are only visible to the sender (and may appear as a To: address for the recipient).
Be sure you understand how to use To:, CC: & BCC: correctly.
Emails coming from a listserv (a subscription service) often include a list-info entry in the short headers.
Clicking on the list-info reveals the listserv information including the list owner and how to subscribe or unsubscribe.
Full headers refers to the complete information about an email. This varies by email program and mail provider, but usually including a message ID, user-agent (the software generating the email), tracking information, delivery date and more.
Have you ever wondered how spam can continue to exist? How can something this disruptive be allowed to continue. Can't governments or companies stop it?
There are three aspects to this:
Perhaps you've wondered, like I have, how spammers can process stolen and scammed credit card information? This would seem to be relatively easy given the numbers quoted in a recent Information Week article:
95% of spam-advertised products are monetized using merchant services from just a handful of banks, suggesting payment handling is the weak link in the global spam value chain.
All told, they saw 13 banks handling 95% of the 76 orders for which they received transaction information. (Only one U.S. bank was seen settling spam transactions: Wells Fargo.)
But just three banks handled the majority of transactions: Azerigazbank in Azerbaijan, DnB NOR in Latvia (although the bank is headquartered in Norway), and St. Kitts-Nevis-Anguilla National Bank in the Caribbean.
The article quotes one potential reason:
We have to remember that spam is actually very profitable for the banks and credit card companies that move the money. That might affect how likely they are to actually do something about this.
— Mikko Hypponen, chief research officer at F-Secure
See the related article, Anatomy of a Spam Viagra Purchase.
The consequences of spamming can be severe, particularly in locations where legislation has been passed.
Not all legislation is this effective, but you could still ruin the reputation of your company even if penalties don't apply.
If you're located in Canada (or doing business in Canada) you'll need to follow the requirements of Canada's Anti-Spam Legislation (CASL) which requires a minimum of implied consent.
CASL regulates ‘commercial electronic messages’ (CEM) which are defined broadly and includes any electronic message that has as its purpose, or as one of its purposes, the encouragement of participation in a commercial activity.Even if the electronic message itself is not related to a commercial activity, it may still be a CEM, having regard to the hyperlinks to other content or websites or the contact information contained in the message.
— Violet A. French, Business Law Today
*This period ends immediately if/when recipients indicate that they no longer consent to receiving your commercial electronic messages.
The U.S. CAN-SPAM Act is one example of poorly conceived and executed legislation. It did little to protect consumers.
The U.S. CAN-SPAM Act merely outlaws the sending of spam with false or misleading sender information (and other specified conditions). That in no way makes the sending of "non-forged" spam OK.
— Spamhaus
In fact, this legislation is so useless in protecting unwilling recipients of spam it is nicknamed the "You CAN Spam Act."
Ironically, checking for references to the CAN-SPAM legislation in email messages can be an effective way to identify spam.
When you're about to send an email message, you'll want to consider your relationship with the recipient(s), the content of the message and what you must include to ensure it meets legislated (and moral) requirements.
The CASL provides the following suggestions:
- Think about who you are sending messages to
- Think about the type of messages you're sending
- Think about what you must include
Review Canada's Anti-Spam Legislation for complete understanding of the law.
The Privacy Commissioner of Canada has additional resources.
Legal action against spam is more difficult than you might think.
However, it is not impossible. It is merely a lack of commitment.
The following sites will help you to learn more about legislation in various countries:
On this site:
Return to top
RussHarvey.bc.ca/resources/spam.html
Updated: December 20, 2023