It’s difficult to define exactly what constitutes email spam. What might be a useful newsletter to one person could be unwanted advertising to another, and a welcome business opportunity will be ill-received if sent to the wrong recipient.
In most cases, however, a spam email is one that we did not solicit, that we can’t unsubscribe from, and that is sent to thousands of recipients at the same time.
Email spam has dramatically evolved, but so have the tools to detect it. Spammers spend millions of dollars outsmarting Big Tech, but for most people, the days of hundreds of unwanted emails for restricted medical supplies and golden investment opportunities are over. Today, it is once again safe to publish your email address. Here are some techniques that spam filters and email providers use to keep your inbox clean.
[Learn about everyday technology. Sign up for the ExpressVPN blog newsletter.]
1. Unsubscribe assistance
A big portion of the spam email that arrives in our inbox is marketing emails and newsletters that we might not even have subscribed to. If sent from a source that does not have the intention to annoy you, it likely contains an unsubscribe link at the bottom or in the body text. Helping you find this button, by highlighting it or automatically triggering it, is one way your email provider can help you stay at inbox zero.
2. Sender reputation
Spam providers often use a newly set up domain to serve emails from a previously unseen IP address.
Email providers usually assign a poor reputation score to such new senders, resulting in the mail going straight to the spam folder. Unfortunately, this also means that if you set up a mail server with a new domain, you will also likely have difficulties getting your email delivered. Only when your contacts add you to their address book or pull your email out of the spam folder, will your reputation increase.
Once in a while a domain or email sender might be taken over maliciously. This can then be used to send out spam, especially of the phishing kind. The reputation of the domain can then quickly drop to the point that even after the original owner has regained control, their emails will still be headed to the Spam box for a while.
3. Text recognition
While spammers might send their advertisements from hijacked or newly set up servers, they will likely include a similar message to millions of recipients. This makes it possible to match words and sentences with those appearing in messages previously marked as spam.
Spam filters used to be vulnerable to “spam poetry,” random words put at the end of a spam email that made each email appear unique. Today’s spam filters are far more sophisticated and will know if an email does not make sense.
4. User feedback
Especially if they have a large user base, email services can let its clients do the work of deciding which email is spam and which isn’t.
By showing only a small subset of users an email, the provider can decide whether the email is legitimate or spam.
This technique is very similar to A/B testing, in which a small sub-group is used to determine the effectiveness of a change or feature. In this case, the sub-group is used to determine whether an email is wanted or unwanted.
5. Domain Name System-based Blackhole List (DNSBL)
DNSBL is a mechanism by which email providers can check whether a sender has been caught sending spam in the past.
The mechanism by which these lists are maintained differ widely. Some use honeypots to lure and identify spam email, while others are moderated. In general, emails are placed on whitelists and greylists. The greylists are noteworthy as they will reject suspicious emails at first, but will allow it to pass when it is delivered the second time. The assumption is that a “legitimate” email server will make more of an effort delivering mail than a pure spam server. Such greylists can also be used together with user feedback as explained above.
6. DomainKeys Identified Mail (DKIM)
DKIM is a mechanism to make it difficult to spoof a sender’s email address by recording which keys are allowed to send mail.
The nature of email allows anybody to send an email from any address, making phishing more dangerous, while also allowing spammers to imitate a reputable source. With DKIM, every email is digitally signed with a key. The recipient can verify this signature and, in addition, look up whether the key is permitted to send the message in the DNS records.
7. Sender Policy Framework (SPF)
In addition to DKIM, SPF allows the recipient to verify that the sender is permitted to send an email for a domain using a specific IP address. SPF can also be used to delegate the sending of emails to a reputable third party, without triggering anti-spam mechanisms.
8. Domain-based Message Authentication, Reporting, and Conformance (DMARC)
DMARC is a mechanism that allows a company to publish an email policy.
Together with DKIM and SPF, it provides a powerful framework for making phishing and spam in your name very difficult. By publishing a DMARC policy, a sender can effectively tell the recipient not to accept any non-conform email.
Bonus: 2 better ways to get rid of spam email
These proposed ideas could stop spam emails but have yet to take off
Before the creator of Bitcoin pioneered the idea of cryptocurrency mining, others were already fantasizing about using “proof of work” to stop email spam. The 1997 Hashcash proposal by Adam Back, for example, suggested that the sender of an email could spend a few seconds of arbitrary computer calculations to approve each email, similar to a stamp.
For a casual sender of email this would not be noticeable, but the time involved for anyone trying to send out millions of mail would incur a cost higher than the potential advertising reward. Alas, such systems were never deployed on a significant scale.
What if you got a small payment each time you received an email? Similar to the hashcash proposal, this would incur a small cost for each sent email, negligible for the casual sender.
If you send about as many emails as you receive, you will come out even. However, there currently is no payment network that could easily handle millions of payments per second without charging a substantial fee, and even open-source alternatives like the Lightning Network are still far from mass adoption.
To keep your inbox clean, unsubscribe from unwanted marketing emails, and don’t hesitate to click the “report spam” button. You can opt out of receiving alerts and notifications from services you use by logging in to their websites and apps. You might be able to regulate the sensitivity of your spam filter, though once in a while, it might be advisable to check if you missed something important!
Read more: How to improve your email security