You can help stop spam by reporting it to platforms. Besides being actively mostly encouraged by networks themselves, it’s satisfying to try and I recommend it.
Spam. You have a few options for dealing with it.
- You could try “unsubscribing” but that may alert the spammer that your address is actively monitored, leading to more spam.
- You can move it to your spam folder.
- You can block the contact.
- You can try and shut off the source.
Mark as spam
Easiest way is to move it to your junk folder or mark as spam. Your email provider might (or might not) send abuse complaints to the platform that sent it.
Find a responsible adult
You can also try reporting it yourself. Next time a spam lands in your inbox, view full headers. If you’re lucky, included somewhere is a part that reads
X-Report-Abuse-To: abuse@example[.]network
and in that case you can forward the email to that abuse@example[.]network
address. Copy the full headers and paste them in the email. If you don’t copy the full headers, there probably won’t be enough detail to figure out who sent it / from where.
If you’re confused about why you’d want to send this email, please note that the person listed as the abuse contact did not spam you. That abuse contact is listed on every email that is sent from their system because they’re a person who has responsibility for keeping their network secure. They’re there to help people like you. In all likelihood they hate spam even more than you do. If that last part didn’t make sense, stop and consider before emailing.
If there’s no abuse contact listed, you can look for a part that goes
Received: from blahblah.evilspammer.example[.]network ...
Find the URL looking part and copy it. Or, in some cases it’s an IP address like 10.234.567.89
Either case, copy that URL looking part or IP and use it to do a Whois search. How: there are lots of sites for that if you search around. Or, you can open your terminal app and search for the domain, in this case:
whois blahblah.evilspammer.example[.]network
You’ll get a bunch of information back about the domain. Somewhere should be an abuse contact or “network operations center” (NOC) email address. Forward your spam and headers there.
If there’s no abuse contact listed, you can try the host
command:
host blahblah.evilspammer.example[.]network
Which should then give you the IP address:
blahblah.evilspammer.example[.]network has address 10.234.567.89
Then do a whois search for the IP address:
whois 10.234.567.89
You may be more likely to find an abuse contact from the IP than from the host name. If neither worked, you still have options. Check out the dig
terminal command and reverse lookup.
In any case, this can work because whois keeps track of who owns what domain and who specifically should get reports of people doing evil nonsense on any given network.*
gmail and outlook
Spammers commonly use gmail/apps addresses; if’s that’s your situation there’s a contact form just for that:
https://support.google.com/mail/contact/abuse
Outlook/365? Hmm, that’s less clear. Try these, maybe?
- https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/submissions-report-messages-files-to-microsoft?view=o365-worldwide
- [email protected] ?
- “For a phishing email, address your message to [email protected]
- “For a junk email, address it to [email protected]
- “For a legitimate email falsely flagged as spam, address it to [email protected]
Edit: Since posting this, Microsoft Online Safety confirmed:
Hi,
Based on the information you provided, it appears to have originated from an Office 365 or Exchange Online tenant account.
To report junk mail from Office 365 tenants, send an email to [email protected] and include the junk mail as an attachment.
This link provides further junk mail education Report spam, non-spam, phishing, suspicious emails and files to Microsoft – Office 365 | Microsoft Docs.
Kindly,
Microsoft Online Safety
Unspam the earth
Once you know the basics, unmasking anonymous spammers / threat actors and hopefully getting them shut down is the right thing to do, because you, the newly empowered user, can. And regardless, trying it feels pretty great.
So what… happens now
The follow through can vary widely. Network operations contacts are actual people, thus their behavior varies widely. Possible responses:
– “Gosh, thanks! We effing hate spam too. Gotta go squash these dumbbells.”
Typical response from a legit ESP (email sending provider). The very instant spam starts spewing out of their systems, inbox providers start looking sideways at the ESP’s mail traffic. Spam = lost legit customers.
– “Huh? What spam? You probably forgot you subscribed. Are you 100% sure you didn’t sign up for this shady loan financing list, and ~15 others like it?”
Typical response from a non-legit ESP that doesn’t really know or care what others are doing on their service; it seems these are companies where being a decent ESP is secondary to some other service they’re selling. Running mail servers is hard work. It’s only a matter of time before they stop all this “send yarr emails from arr servers” stuff.
– “We get a lot of these. We might not do something about it. This might be the last you hear from us. We’ll forward it to our paying customer and assume they’ll do the right thing.”
Spammers are lazy, but possibly cable internet providers (who also rent servers?) are lazier.
– “I dunno, how do you know it’s from us? I don’t see your email address on our list… Huh? Oh, you mean, someone else is sending email from our stuff? Sure, I guess I could go ask if we own that IP, but what’s the point really?”
This is rare in my experience. I’m thinking I got the wrong person who just doesn’t know how to handle this situation. Or, a more disturbing thought, maybe I got the right person, but they’re evil?… Which brings me to:
– “We just don’t know or care what people do on our network. I guess we could unplug the server, but you should probably just ask the owner to be nice, because that would be ideal. But anyway, here’s a link to our abuse notification form where earnest hopes go to die.”
Hey, yo. Not sure what to do about this kind of reply. Write a blog post, if nothing else. Please contact me with suggestions. †
—
* There are several (regional) organizations that keep track of who owns what address:
† Interesting subject: compliance obligations of network operators, varying by jurisdiction, particularly with regard to balancing privacy. Some strictly evil networks try very hard to look like legit providers.