This is a short but pithy CERT Security Tip, which you may want to consider forwarding to your end-users, or friends and relatives to complain that they don't know what to do about their spam problem. It is a collection of common-sense best practices for reducing the volume of spam clogging up your computers and network, from a user standpoint. . . .

Reducing Spam
 Spam is a common, and often frustrating, side effect to having an
 email account. Although you will probably not be able to eliminate it,
 there are ways to reduce it.
What is spam?
 Spam is the electronic version of "junk mail." The term spam refers to
 unsolicited, often unwanted, email messages. Spam does not necessarily
 contain  viruses--valid  messages  from  legitimate sources could fall
 into this category.
How can you reduce the amount of spam?
 There  are  some steps you can take to significantly reduce the amount
 of spam you receive:
 * Don't  give  your  email address out arbitrarily - Email addresses
 have  become  so common that a space for them is often included on
 any  form  that  asks  for  your  address--even  comment  cards at
 restaurants.  It  seems harmless, so many people write them in the
 space  provided  without  realizing  what  could  happen  to  that
 information. For example, companies often enter the addresses into
 a  database so that they can keep track of their customers and the
 customers'  preferences.  Sometimes  these  lists  are  sold to or
 shared  with other companies, and suddenly you are receiving email
 that you didn't request.
 * Check  privacy  policies  -  Before  submitting your email address
 online,  look for a privacy policy. Most reputable sites will have
 a link to their privacy policy from any form where you're asked to
 submit personal data.  You  should  read  this  policy  before
 submitting your email address or any other personal information so
 that  you  know  what  the  owners of the site plan to do with the
 information.
 * Be  aware  of  options  selected by default - When you sign up for
 some  online  accounts  or  services,  there may be a section that
 provides you with the option to receive email about other products
 and  services. Sometimes there are options selected by default, so
 if you do not deselect them, you could begin to receive email from
 lists those lists as well.
 * Use  filters  -  Many  email programs offer filtering capabilities
 that  allow  you to block certain addresses or to only allow email
 from  addresses  on  your  contact  list.  Some  ISPs  offer  spam
 "tagging" or filtering services, but  legitimate  messages
 misclassified as spam might be dropped before reaching your inbox.
 However,  many  ISPs  that  offer  filtering services also provide
 options  for  tagging  suspected spam messages so the end user can
 more  easily identify them. This can be useful in conjunction with
 filtering capabilities provided by many email programs.
 * Don't  follow  links  in  spam  messages  -  Some  spam  relies on
 generators  that  try  variations  of  email  addresses at certain
 domains. If you click a link within an email message or reply to a
 certain  address,  you are just confirming that your email address
 is valid. Unwanted messages that offer an "unsubscribe" option are
 particularly  tempting,  but  this  is  often  just  a  method for
 collecting valid addresses that are then sent other spam.
 * Disable  the automatic downloading of graphics in HTML mail - Many
 spammers  send  HTML  mail with a linked graphic file that is then
 used  to  track  who opens the mail message--when your mail client
 downloads  the  graphic  from  their  web server, they know you've
 opened  the  message.  Disabling  HTML  mail  entirely and viewing
 messages in plain text also prevents this problem.
 * Consider  opening an additional email account - Many domains offer
 free  email  accounts. If you frequently submit your email address
 (for  online shopping, signing up for services, or including it on
 something  like  a comment card), you may want to have a secondary
 email  account to protect your primary email account from any spam
 that  could  be generated. You should also use a secondary account
 when posting to online bulletin boards, chat rooms, public mailing
 lists, or USENET so that you can get rid of when it starts filling
 up with spam.
 * Don't  spam  other people - Be a responsible and considerate user.
 Some  people  consider  email  forwards  a  type  of  spam,  so be
 selective  with the messages you redistribute. Don't forward every
 message to everyone in your address book, and if someone asks that
 you not forward messages to them, respect their request.
 _________________________________________________________________
 Both  the National Cyber Security Alliance and US-CERT have identified
 this topic as one of the top ten for home users.
 _________________________________________________________________
 Authors: Mindi McDowell, Allen Householder
 _________________________________________________________________
 Copyright 2004 Carnegie Mellon University. 
 Terms of use:
  
 This document can also be found online at
 	/news-events/news/reducing-spam