Canadaemails.com - Providers of POP3, IMAP and SMTP EMail services
POP3 - SMTP Email Settings Help

Get behind the Trusted Email Open Standard (TEOS) and stop SPAM

Note: CanadaEmails.com OpenPGP Key Server is located at ldap://keyserver.canadaemails.com:11371 (or 389)

CanadaEmails Home

coping with your junk mail

[ Home | Blocked Spammer List | RFC2822 | Email Rules | Learn more about The Global SPAM Scene ]

©Copyright CanadaEmails.com 2002-2005

1. Introduction

This document describes CanadaEmails.com policy and methods for dealing with and reducing the amount of junk Email. The spam tolerance level of more and more individuals and network managers is rapidly decreasing. At the same time the volume of SPAM is increasing enormously.

2. Scope of this document

The document describes reasons for and technical issues of spam prevention.

3. Background

What is Spam?

An electronic message is "spam" IF: (1) the recipient's personal identity and context are irrelevant because the message is equally applicable to many other potential recipients; AND (2) the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent; AND (3) the transmission and reception of the message appears to the recipient to give a disproportionate benefit to the sender.

email spam is also called Unsolicited Bulk Email (UBE).

Unsolicited means that you lack affirmative consent from the recipient. If you found an address on a web page, on a mailing list, or on Usenet, you don't have consent. If you got an address in gift, sale or trade, you don't have consent. If someone gave you an address for a particular purpose (for example, a commercial transaction, information about your products, or after-sales support) you only have consent to use it for that particular purpose. Use for any other purpose requires a new consent.

What is the impact of spam?

It is high volume, i.e. people get a lot of such mail in their mailboxes.

It is completely "blind", i.e. there is no correlation between the receivers' areas of interest and the actual mail sent out (at least if one assumes that not everybody on the Internet is interested in porno pictures and spam programs...).

It costs real money for the receivers. Since many receivers pay for the time to transfer the mailbox from the (dialup) ISP to their computer they in reality pay real money for this.

It costs real money for service providers. Assume one 10 Kbytes message sent to 10 000 users with their mailboxes at one host; that means an unsolicited, unexpected, storage of 100 Mbytes. As a modest example, a 4 Gbyte raid array can take 40 such message floods before they are filled. It is almost impossible to plan ahead for such "storms".

Many of the senders of spam are dishonest, e.g. hide behind false return addresses, deliberately write messages to look like they were between two individuals so the spam recipient will think it was just misdelivered to them, say the message is "material you requested" when you never asked for it, and generally do everything they can without regard to honesty or ethics, to try to get a few more people to look at their message.

In fact some of the spam-programs take a pride in adding false info that will "make the ISPs scratch their heads".

It is usually the case that people who send protests (often according to the instructions in the mail) find their mail addresses added to more lists and sold to other parties.

It is quite common practice to make use of third party hosts as relays to get the spam mail sent out to the receivers. This theft o f service is illegal in most - if not all - countries ( in the US spammers have been successfully sued). However, with the original sender in the US, the (innocent) relay in Sweden and the list of receivers in Canada, the legal process of getting damages from the spammers becomes extremely difficult.

Junk Email has gained notoriety in recent years due to two factors:

increased use of Email as a common form of interpersonal and corporate communication
deliberate exploitation of weaknesses of the underlying protocol (SMTP).

The former means that more and more ordinary people (as opposed to computer experts) have access to and regularly use Email, making it a potentially very attractive advertising medium. The protocol has had assorted loopholes since the very beginning, but in the 'good old days' they were either left conscientiously unexploited or put to good use by Internet developers.

In particular in the days of restricted connectivity it was a common practice to pass on a 'difficult' message to a third party with better resources, more comprehensive routing tables etc. which would deliver it to the final destination. Network administrators used this trick to debug mail connectivity and to route around known mail problems.

Nowadays virtually the same technique is frowned upon as it is used almost exclusively to steal the third party's resources and conceal the identity of the real sender. The concealment is made even easier by the fact that SMTP, as originally designed, was assumed to be used between honest sites and users thus making no attempts at the verification of sender's identity or location. A key related issue is the exploitation of ADSL and broadband internet users whose machines are constantly connected to the internet.

The situation reached the point where it was considered desirable to issue an RFC document (RFC2505) describing the best current practice for Mail Transfer Agents (MTAs) to make them less vulnerable to spam attacks.

4. Steps Taken by CanadaEmails.com to prevent Spam

The electronic equivalent of junk paper mail is quite often referred to as 'spam', or more technically as 'UCE' (Unsolicited Commercial Email') or 'UBE' (Unsolicited Bulk Email). Strictly speaking, these terms are not really interchangeable, but in practice they are treated as synonymous. Some mass mailings advertise genuine products, but most spam messages, sent to thousands of random addresses, describe various 'get rich quick' (usually multi-level marketing) schemes, services of dubious taste and legality etc. There are various products on the market facilitating distribution of such messages, using addresses obtained without owners' knowledge or consent, these addresses being bought and sold in massive lists. Usually the mass-mailers use diverse tricks to hide the real identity of the sender.

CanadaEmails uses the strict implementation of the Sender Policy Framework (SPF) both for inbound and outbound mail.
CanadaEmails.com operates its own Real Time Black Hole (RBL) DNS servers as well as being a secondary server for numerous other RBLs. In this manner, new spammers are blocked as they are detected by any number of the thousands of reporting statins around the world.
CanadaEmails.com servers employ relay filtering; mail content filtering, sender checking, recipient filtering; and remote host authentication to maintain a high standard of security for our user accounts.
CanadaEmails.com publishes a list of detected spammers to the World Wide Web community, reports traced spammers to law enforcement authorities, and takes other disciplinary actions. This same list is blocked from access to CanadaEmails.com servers.
A strict set of content filters is applied to all incoming packets. This filtration includes virus patterns; foul language, and key strings that apply to known spam content. Any Email message containing such content is rejected and the connection is immediately terminated. (In some rare cases users may find that a sent Email is rejected on the basis of content. If this happens you will know immediately. Check your spelling and choice of words and then resend the message.
Attachment filtering is applied to all emails transmitted and received. If you need to be sending an attachment of a certain type and it is being blocked, prior approval can be arranged by contacting the postmaster at canadaemails.com.

Unfortunately, spam costs the sender very little - most of the charges are paid for by the recipient or the carrier rather than by the sender.

There is very little one can do to stop all spam reaching Email accounts. Our goals are therefore to:

create the best possible technology to provide a secure service;
educate users how to deal with spam;
educate users how to reduce proliferation of their Email addresses; and
prevent spammers from using legitimate mailing lists.

5. Anti-spamming policy

5.1. Unacceptable use

CanadaEmails.com users should be informed that the following actions are contrary to the acceptable use policy and will not be tolerated:

sending unsolicited advertising Email using their CanadaEmails.com account;
sending unsolicited bulk Email (including chain letters) using their CanadaEmails.com account;
attempting to conceal sender's identity or forge mail headers using their CanadaEmails.com account;
subscribing anyone to a mailing list without their permission;
sending to mailing lists material irrelevant to the purpose of the list;
setting the 'Reply-To:' field to somebody else's address at CanadaEmails.com; without their permission;
denial of service attacks, e.g. sending multiple very large Emails with the purpose of overloading CanadaEmails.com resources;
sending Email designed to damage the receiver's system (e.g. containing viruses);
sending Email with illegal content, as defined by relevant jurisdictional; statutes.

While some of these acts (particularly the last two) are not considered spamming in the strict meaning of the word, it makes sense to keep the list of prohibited activities together.

To underline the seriousness of these points it should be made clear that most of them are not only disciplinary offences, but are also unlawful and subject to criminal, civil and extra-legal action.

5.2. Dealing with incoming spam

CanadaEmails.com users should be advised,

that ignoring spam is the best policy in most cases;
that one cannot expect, on grounds of the cost-to-benefit ratio, to eliminate all unsolicited messages;
not to overreact: it takes only one keystroke or mouse click to delete an unwanted message;
not to reply to spam, even when a procedure for removal from a mailing list is given (spammers use this ruse to confirm that the address is still valid and active, making it more valuable in future mass mailings);
not to take any action implied in the spam message (e.g. distribute virus warning); and
report serious cases of spam attacks (e.g. deeply offensive or illegal contents, denial of service attacks) to CanadaEmails.com.

An address for reporting Email abuse has been set up for CanadaEmails.com in accordance with RFC2142.

Home

Send this document link to a colleague

Terms of Use
The following applies to this domain and all virtual domains hosted by CanadaEmails.com. Customers are heartily welcomed to take advantage of all web and mail resources, obtain all reasonable benefit, and full private enjoyment of all resources offered them by CanadaEmails.com for as long as that use is within "acceptable use policies" and compliant with this site's legal notice. Customers are encouraged to report problems freely. Customers will use their entitled resources and privileges with respect and courtesy to all Internet users. Customers are encouraged to report and block UCE (SPAM) on their mailbox at the server level by using the forms presented on this web site. ( Users may block any email address from their mailbox, at the server level, no matter what their private reason. No justification is required. ) The majority of our users are courteous, law-abiding, cognitive of the rights of others and their common-law responsibilites. Such users are not contemplated in the context of the following terms. -- UNSOLICITED COMMERCIAL E-MAIL -- - - Remedy Has No Restriction - - The minimum remedy allowed CanadaEmails.com against local spammers shall be forfeiture of all client rights and fees-paid plus the minimum cost of $65.00 per abuse-desk complaint. - - Abuse Complaints - - The fact of a users complaint shall, in the event, be deemed acceptable proof that the CanadaEmails.com client did not request the subject Commercial Email message nor assign consent to its sender. - - Protective Measures - - CanadaEmails.com operates its own Real Time Black Hole (RBL) DNS servers as well as being a secondary server for numerous other RBLs. In this manner, new spammers are blocked as they are detected by any number of the thousands of reporting stations around the world. CanadaEmails.com servers employ relay filtering; mail content filtering, sender checking, recipient filtering; and remote host authentication to maintain a high standard of security for our user accounts. Only authenticated POP3/IMAP users may relay. A strict set of content filters is applied to all incoming packets. This filtration includes virus patterns; foul language, and key strings that apply to known spam content. Any Email message containing such content is rejected and the connection is immediately terminated. (In some rare cases users may find that a sent Email is rejected on the basis of content. If this happens you will know immediately. Check your spelling and choice of words and then resend the message. Attachment filtering is applied to all emails transmitted and received. If you need to be sending an attachment of a certain type and it is being blocked, prior approval can be arranged by contacting the postmaster at canadaemails.com. - - Abuse Defined - - 1) All users are prohibited from misusing CanadaEmail resources. Spamming is prohibited. Sending unsolicited mass or commercial email for any purpose via CanadaEmails.com is expressly forbidden. 2) Permitting third parties to issue commercial emails on any client's account is forbidden. (If your account has been 'hijacked', please report this information to security at CanadaEmails.com or use the support link at this site.) 3) Using CanadaEmails.com resources as drop-boxes to receive replies from unsolicited emails (SPAM) or for any improper, unsavoury or unlawful purpose is expressly forbidden and shall be treated as criminal trespass and abuse. -- UNACCEPTABLE USE -- All users are prohibited from misusing CanadaEmail resources. Spamming is prohibited. Sending unsolicited mass or commercial email for any purpose via CanadaEMails.com is expressly forbidden. Permitting third parties to issue commercial emails on any client's account is forbidden. Using CanadaEmails.com resources as drop-boxes to receive replies from unsolicited emails (SPAM) or for any improper, unsavoury or unlawful purpose is expressly forbidden. -- OTHER UNACCEPTABLE USE -- Illegality in any form, including but not limited to activities such as unauthorized distribution or copying of copyrighted software, violation of export restrictions, harassment, fraud, trafficking in obscene material, drug dealing, and other illegal activities including communication for the purpose of any of the above. -- OTHER UNACCEPTABLE USE -- Tortious conduct, including but not limited to posting of defamatory, scandalous, or private information about a person without their consent, intentionally inflicting emotional distress, or violating trademarks, copyrights, or other intellectual property rights. -- DISPUTE RESOLUTION -- Any single validated complaint shall be sufficient cause for punitive and remedial action. CanadaEmails.com and it's Host server administrators for www.CanadaEmails.com reserves the right to determine what constitutes net abuse and what if any punitive and remedial action shall be sought and applied to offenders. Assuredly, forfeiture of all rights and fees-paid shall comprise the minimum remedy allowed CanadaEmails.com. -- SECURITY -- Use of secured computer and network facilities requires prior authorization. Unauthorized access is prohibited. Usage may be subject to security testing and monitoring. Abuse is subject to criminal, civil, and extra-legal prosecution. CanadaEmails.com