The Best of ABA TECHSHOW®

Your Inbox Spilleth Over? E-Mail Management Strategies That Work

July 2006

SPAM

Everyone hates spam! How can we avoid it? To successfully battle spam, we must understand what it is, the source and motivation.

Spam is not the tasty meat found in a can, but it has given the company that makes Spam (Hormel) a bad name (but it hasn't hurt Hormel's sales¹ ). Spam e-mail is the unsolicited "junk" e-mail sent to large numbers of people to promote products or services. Sexually explicit unsolicited e-mail is called "porn spam." Spam also refers to inappropriate promotional or commercial postings to discussion groups or bulletin boards. Spam usually hits a large number of recipients, but it doesn't necessarily have to hit a large number of people to be considered spam. Spam generally has a negative connotation, but for the businesses sending spam, there are some definite benefits. For very little expense, spammers can reach millions of people with marketing information within seconds. Try that with direct mail!

By some counts, spam constitutes more than 50 percent of incoming e-mails. It is estimated that approximately 15-20 billion unsolicited e-mail messages are sent per day and the number doubles every 18 months. What is equally alarming is that it is estimated that almost all spam is sent by less than 200 violators. It is costing businesses billions of dollars in down-time, lobbying and software.

How is it Currently Being Controlled?

Internet Service Providers (ISPs) like AOL, MSN & Earthlink have spam "filters" that successfully block literally millions of spam e-mails per day.
Enterprise-level spam controlling software.
Spam software installed on individual computers.
State legislation (in nearly 40 states) that hasn't amounted to much of anything.
Federal legislation known as CAN-SPAM Act of 2003 Act (Controlling the Assault of Non-Solicited Pornography and Marketing Act) hasn't been very effective.

Why isn't Legislation effective in combating Spam?

Responsible e-mailers complied with CAN-SPAM and evil spammers simply moved offshore. The offshore spammers have proven extremely difficult to find and CAN-SPAM doesn't have any teeth when spammers operate overseas.

How do they get your E-mail Address?

There are lots of ways that spammers can get your e-mail addresses. Some of them are:

Website Harvesting

If you place your e-mail address in the content of a Website or in an article that is placed somewhere on the Web, spammers can grab that e-mail address using "Website harvesting" programs. Basically, these programs scan and scrape e-mail addresses and automatically put those e-mail addresses into a database that will later be used for spamming. A tip for your own Website – instead of your e-mail address being on your site in plain text, put a graphic of the text in the place of the actual text. You can still make it hyperlink to send you an e-mail, but the harvesters will not be able to ready your e-mail.

Chat Room Harvesting

A spammer can also scan and scrape e-mail addresses from open chat rooms. For this reason, Microsoft closed many of its chat rooms and switched them to a subscription basis only.

Guessed Names

Spammers target guessed names such as Susan, Robert, etc. If the spammers do not get a bounced e-mail, then they know they have hit a valid target. At that point, that e-mail address automatically enters a database that will later be used to spam again.

Businesses Sell your Address

When you shop online or you give a business your e-mail address to a retail store, they may do more than just spam you (which technically may not be spam, as you may have given them consent). They may also sell your e-mail address to others businesses so they can spam you.

Is There Anything That Can Be Done?

There appears to be little that can be done about the existence and prevalence of SPAM. The best defense is technology and user education.

HOW TO REDUCE THE SPAM IN YOUR INBOX

Things You Can Do:

Complain to the Sender's ISP

The easiest way to do this is to use a service like www.spamcop.net. You register (free) with spamcop.net and they send you an e-mail address to which you can forward spam you receive. Once they receive spam from you, spamcop processes it and notifies you via e-mail. In the e-mail, there is a link that takes you to spamcop's Web site where you can review their Web page to see if the spam processed. If it has processed, you just hit the send button to mail SpamCop's automated complaints directly to the spammer's ISP, e-mail provider, relay server etc.

Delete Without Reading

If you know it's spam, don't open it. Hold down on the Shift key on your keyboard and delete the spam e-mail. This will permanently delete the e-mail from your system (it won't just show up in the Deleted Items folder).

If Investments Are Involved in the Spam, Report to Securities and Exchange Commission

The Securities and Exchange Commission has an e-mail address setup to receive spam that relates to investments and stocks. You can read about it at http://www.sec.gov/complaint.shtml and the e-mail address to which you can forward investment spam is enforcement@sec.gov.

If It Looks Like a Scam, Report to Federal Trade Commission

This would include chain letters² , Ponzi schemes³ , any kind of "work at home" or "get rich quick" offer. You can forward such e-mails to the FTC at spam@uce.gov. To read more about the FTC's attempts to combat spam and catch spammers, see http://www.ftc.gov/spam.

Only Share Your E-mail with People You Know

Setup a Free E-mail Address for Web Transactions

Get a free e-mail account (Hotmail, Juno, Yahoo, Gmail, MSN, etc.), make it a mix of numbers and letters (d2c9fos67@gmail.com), and use it for all Web transactions. Check it periodically to clean it out of any spam that got through.

Disguise Your E-mail Address

When you post it to a newsgroup, chat room, bulletin board, or other public Web page (including your own Web page), disguise it. For example, using the e-mail address above: d2c9fos77 AT gmail DOT com. Someone reading the address can interpret it correctly but the "bots" harvesting e-mail addresses from Web pages cannot.

Watch Out for Little Checkboxes When Buying or Registering Online

Anyone who has purchased something online or registered with a Web site has probably seen the little checkboxes which are often pre-checked and say something like "please send me lots of unwanted e-mails about stuff you want to sell me." That's only a slight exaggeration. The point is, you might get a lot unexpected e-mail if you don't read the little check boxes carefully and check or clear them as appropriate.

Be Suspicious

Don't fall for phishing scams. Phishing is a form of spam, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an e-mail or an instant message. The term phishing arises from the use of increasingly sophisticated lures to "fish" for users' financial information and passwords. Here are some dead give away phrases which would indicate phishing scams:

Verify your account
If you don't respond in 48 hours, your account will be closed
Dear valued customer (no name)
Click the link below to gain access to your account

Another red flag is a typo in the URL mentioned in the e-mail like www.micosoft.com.

Those most sincere, heart wrenching ones…

…are typically false. Even though they give you goose bumps, make you worry for yourself and for your family, make you forward things even though you are NOT a forwarder…they are likely not true. For example…

NOBODY woke up in a bathtub of ice with their kidneys missing
NOTHING will happen to you if you do not forward an e-mail to at least 10 friends, including the one who sent the message to you
There is no gang initiation plot to murder any motorist who flashes headlights at another car driving at night without lights.
Craig Shergold (or Sherwood, or Sherman, etc.) in England is not dying of cancer or anything else at this time and would like everyone to stop sending him their business cards.
Neiman Marcus doesn't really sell a $200 cookie recipe
There is NO man from Africa that has millions or billions of dollars, but no way to access it unless he can deposit it into your checking account (while letting your keep a percentage of it for your trouble).
There is no such thing as a free lunch and big companies don't do business via chain letters. Bill Gates is not giving you $1000, and Disney is not giving you a free vacation– you will not get a free Swifer Dust Mop, a Barnes & Noble GiftCard, or any other thing that is promised if you forward the message to 50 of your closest friends
Don't delete files from your computer. Ever.

Develop Internal Policies

Establish a policy and rules for outgoing e-mail to ensure that your company will not be considered as a "spammer" when sending e-mails to customers.
Restrict the use of office e-mail address by staff members in personal activities, such as participating in newsgroups or chat rooms.
Use a Web-based contact form that your Web site visitors can use to contact your company instead of posting your company's e-mail addresses to your Website.

Things You Should NEVER Do:

Never Complain To The "Return" Address or Respond At All

In almost all cases, the return address is bogus. If it says it's from "Yahoo" or "Hotmail" or "AOL" it probably isn't. Anyway, even if those accounts were real, the spammers expect to lose them, too. Furthermore, replying simply verifies that you're a valid address and that will only cause more spam to be sent your way.

Never Follow The Instructions For Getting Removed From The List.

This won't get you removed from the list; but it will confirm to the spammer that your e-mail address is a live one.

Never Forward Chain E-mail Messages

Never Go To a Web Site Listed in Spam, Buy Anything Mentioned in a Spam or Give to a Charity Mentioned in a Spam

Don't ever click on any links in a spam e-mail and don't visit their listed Web sites, no matter what. All that does is validate your e-mail address and encourage them to keep spamming. Furthermore, they can learn things about you if you visit their Web site, maybe even your e-mail address. At the end of the day, if spammers didn't make money spamming, they wouldn't do it. If you buy anything from a spam, you simply encourage them to continue. Buying something you read about in a spam e-mail or patronizing them in any way is the worst possible thing you could do.

Never Believe Anything You Read in SPAM

They're all lies. If you think it might be legitimate, call to verify.

Never Provide Personal Information via E-mail

No legitimate entity will ever ask you to submit personal and/or confidential information via e-mail or an instant message. No banks will ever have your verify routing numbers, account numbers or social security numbers, EVER. Even though the link they will ask you to click on appears to be a legitimate Web address, if you hold your mouse pointer over the link, you will find the link is pointing to some other Website, the Website that is looking for your personal information.

Don't Download Pictures

Pictures in e-mail messages (also called "Web beacons") can be adapted to secretly send a message back to the sender. Spammers rely on information returned by these images to locate active e-mail addresses. Images can also contain harmful code embedded inside them and be used to deliver a spammer's message in spite of the filters. The best defense against Web beacons is to stop pictures from downloading until you've had a chance to review the message. Most e-mail applications have the ability to prevent automatic download of links and photos in your e-mail. In Outlook 2003, for example, click Tools>Options>Security tab, then click the Change Automatic Download Settings button. In that dialog, you'll have the following options (all of which should be checked):

When you use this feature, you will be able to selectively turn pictures on when you receive an e-mail where you want to display the pictures

Use Spam Filtering Software

Software for your Desktop Computer

Cloudmark Desktop - $39.95, $39.95/yr. thereafter (PC Magazine Editor's Choice winner)
iHateSpam 4.0 by Sunbelt Software - $20, $20/yr. thereafter
MailFrontier Desktop - $30, $15/yr. thereafter (PC Magazine Editor's Choice winner)
Norton Anti-Spam 2005 by Symantec - $40, $15/yr. thereafter
OnlyMyE-mail Personal - $3/month (PC Magazine Editor's Choice winner)
Qurb 3.0 - $29.95/yr. (PC Magazine Editor's Choice winner)
Spam Monitor 2.5 by PC Tools - $30, $10/yr. thereafter
Spam Sleuth 4 by Blue Squirrel - $30, $30/yr. thereafter
SpamCatcher 4 by Allume Systems - $30, $10/yr. thereafter (ranked #1 by Consumer Reports magazine, Sept. 2005)
SpamKiller 2005 by McAfee - $30, $30/yr. thereafter
SpamSubtract Pro by InterMute - $20, $20/yr. thereafter

Spam Screening Services

With these types of services, your e-mail is routed through them first, filtered and then forwarded to your inbox. The danger in these services is that they are bound to catch good e-mail too. You still must look through the filtered messages, and then choose to have any legit ones forwarded on to your e-mail.

Postini— $3/month per mailbox but this is only available if you host your own e-mail using Exchange Server or GroupWise.

ClearMyMail— your e-mail flows through clearmymail first, is cleaned and only valid e-mail comes to you. Only $2.70/month.

FrontBridge— roughly $250/month flat fee for up to 20 users which would include spam filtering, virus filtering, disaster recovery (if your mail server crashes), e-mail archiving, policy, content and key word filtering. For more information, contact Mike at 310.754.3755.

Use Tools in Microsoft Outlook 2003

Turn on Outlook's Junk Mail Filter

In Outlook, click Tools>Options>Preferences tab, then click the Junk E-mail button. From here, you can choose a level of filtering (it sends suspect e-mail to the Junk E-Mail folder which already exists in Outlook. You can also designate e-mail addresses that always get through (Safe Senders tab), addresses that will never get through (Blocked Senders tab), and set other options as well.

Use Rules and Alerts

Outlook and Outlook Express (to a lesser extent) have a feature whereby you can create rules that look for certain things in e-mail you receive (like the word Viagra in the subject line) and automatically does something (like deletes it). To set one up, follow these steps:

Click Tools>Rules and Alerts

Click the button.

Click "Start from a blank rule," then the Next button at the bottom.

Check "with specific words in the subject."

Now click " specific words" below in the Step 2 window on the same dialog and a Search Text dialog will appear. Enter the offending words, click the Add button after each one. When you're done, click OK.

Click Next at the bottom and check "move it to the specified folder" in the next dialog.

Click the word " specified" in the Step 2 window below and choose the Junk E-Mail folder. Now click Next.

Add any exceptions you want and click Next.

Call the rule Subject Line Junk and click Finish. Now click OK and you're ready to go!

Other Tips

Use Restraint When You Send E-mails

Some say that they get spammed from within their own firm. For example, an e-mail from an employee complaining about how someone left a dish in the sink. My biggest pet peeve is being copied on e-mails in which I have absolutely no interest. Although technically not spam, the e-mail is still unsolicited and certainly unnecessary. Basic e-mail etiquette can help reduce the number of e-mail messages in your inbox.

Consider a BlackBerry or Handspring Treo 650 for Mobile Users

For the lawyer on the road, returning to an overloaded inbox can be extremely stressful. These devices allow the mobile lawyer to receive e-mail on a small handheld device or phone as the e-mails are sent, so you can dispose of or respond to e-mail immediately. This solves the overloaded inbox problem. Moreover, it will improve response times and communication.

Use the Subject Line!

Subject lines are key to quickly managing e-mails. Use the subject line to enter a concise description of the topic. Most lawyers tend to accumulate e-mails even though most say that they try to eliminate them as they are received. By using a good subject line, we can quickly and easily dispose of e-mails or save them in a client folder or document management system (DMS).

Consider a DMS or Case Management to Save E-mail.

Document management systems (DMSs) like Worldox, iManage or Interwoven, Hummingbird, or even case management programs like Amicus Attorney or TimeMatters offer ways to quickly save e-mails into the appropriate matters instead of having 30 users store e-mails in their own individual inboxes. E-mail is correspondence. It is inappropriate for individuals to keep client letters in their desk drawers apart from the paper file … as it is inappropriate (and dangerous) to store e-mail in individual inboxes. It is a recipe for malpractice.

E-mail or Real Conversation.

You have to always ask yourself if you can dispose of an issue better and more efficiently with a phone call or face-to-face conversation rather than e-mail. This is as much a time management issue as an interpersonal communication issue.

Time management : Sometimes it is just plain more efficient to pick up the phone and talk to someone than sending and receiving and replying to e-mails. If so pick up the phone and dispose of the issue or task on your task list! Its that simple – just do it.

Interpersonal Communication : It may not be wise to use e-mail to conduct arguments, negotiations, or conversations invoking emotion. Conversations where tone and body language are important should not be done via e-mail. You may be smiling while you write an e-mail, but the recipient has no idea that you are smiling. Consequently, the recipient may completely misconstrue a word, phrase or sentence. It may come across as cold or rude. This potential mandates that you constantly keep yourself in check and review your messages several times before hitting that send button.

Front Page of the Newspaper Test.

It's plain and simple – don't put anything in an e-mail that you would get you in trouble if published on the front page of your local newspaper. You never know when and where your e-mail will show up … a lawsuit … your personnel records … who knows. Once you hit send, you have no control where it ends up. It may end up being forwarded to 100 people. It could end up around the world in hours.

1. SPAM canned meat is making a comeback from the 80s. Despite the negative connotation of the word "spam," Hormel has successfully and steadily increased sales and profits in recent years. Perhaps the word has reminded people that the canned meat is still around?

2. Chain letters that involve money or valuable items and promise big returns are illegal. Anyone who starts a chain e-mail or letter or sends one on, is breaking the law.

3. Ponzi Schemes typically emphasize how you would profit by simply recruiting others.

About the Author

Debbie Foster is the founder and President of InTouch Legal. InTouch provides technology and management consulting services to law firms and legal departments throughout the US and the Caribbean. She has been working with law firms and legal departments since 1995 helping to achieve greater practice efficiency. Debbie also serves on the American Bar Association Law Practice Management Section Techshow Board. InTouch also consults with law firms on management issues, compensation planning and building incentives.

Search LPT

Articles

Law Practice Today

Related Publication

The Electronic Evidence and Discovery Handbook: Forms, Checklists and Guidelines