Dealing with Unsolicited Commercial Email (UCE, "email spam")

Unsolicited mass email has become an enormous problem on the Internet, affecting users and ISPs alike. Users who are unable to check and purge their mailboxes on a frequent basis can find their disk quotas filling fast; providers are dedicating resources disporportionately to processing the volume of unwanted email and to helping users cope with it.

Please do not "bounce" spam with a fake "user unknown" header.
It's not just futile, it's harmful. Spammers forge addresses into the headers of their spam. Your script will almost certainly try to bounce the spam to an address that wasn't involved in sending it. If the address is valid, some innocent person gets the bounce and has to deal with it. If it's not valid, Panix's mail servers waste resources trying to deliver it. Either way, there's a cost but no benefit.
It's wisest not to send "remove" requests.
Some spam is dressed up to look like legitimate mass mail, offering to remove your address if you click a link or send a request via email to have yourself removed. Often, this simply serves to confirm to the spammer that they have reached a valid email address. Of course, bona fide mailing lists also include removal instructions. If you think you may have signed up to receive mail from a list that you no longer want to receive, it's probably safe to follow removal instructions. Otherwise, it's best to ignore them.
How to complain
There are some mistakes the people commonly make in complaining that means they're part of the problem rather than part of the solution. We have some tips on complaining that will help you make your point effectively-- and to the right people.
Anti-Spam measures at Panix
Panix provides several different approaches to fighting spam.

A note about Panix's old "shared filters": Years ago, when spam first started to become a problem, Panix set up filters that users could invoke via procmail. There were several sets of these. They became ineffective and we disabled them. You will need to discontinue their use in favor of SpamAssassin.

Spam blocking
You can use the Advanced Anti-Spam Options from the Options page of webmail to block certain kinds of messages at the server, (that is, before they are delivered to your account). Senders of those messages are notified that their mail was not deliverable, and why. If they are legitimate correspondents, they will contact you by other means or ask Panix why their mail bounced, and we (or you!) can explain and perhaps take corrective action. For more information about specific measures, please see our SpamBlock web page.
Filtering out spam with SpamAssassin
SpamAssassin is third-party software that examines each message to see whether it matches a list of characteristics. Each characteristic carries a point value, and the message gets a score that is the sum of the points of its characteristics. If the score is above a preset threshold, the message is considered spam. You can control the threshold, the point value for any of the characteristics, and what happens to messages with scores above the threshold. It also permits whitelisting and blacklisting specific addresses or domains, and filtering messages with foreign character sets.
More detailed information is available on our SpamAssassin help page.
SpamAssassin can also be invoked from Procmail. (Be careful: You should not invoke SpamAssassin from both webmail and from procmail, but you can run procmail for other purposes and use webmail's SpamAssassin without any problem.)
Other Options
In addition to SpamAssassin, Unix-savvy users have other anti-spam options that they can run from procmail. (Note that anything run from procmail will be run after SpamAssassin runs from webmail.) Detailed instructions for these are beyond the scope of the help desk, but information on bogofilter and spambayes are available from SourceForge.

Additional Resources

Last Modified:Wednesday, 30-Jan-2013 12:14:13 EST
© Copyright 2006-2011 Public Access Networks Corporation