Russ Harvey Consulting - Computer and Internet Services

Spam: Unsolicited Emails

You Pay for Spam | Legislation | Dealing with Spam | Email Headers

Spam not wanted here!

What is Spam?

Spam is the unwelcome junk messages that pile into your in-box daily.

Spam is unwanted or unsolicited bulk email, postings, contact requests, SMS (text messages), instant messages, or similar electronic communications.
— Microsoft

Learn to Recognize Spam

When it comes to spam, individuals and businesses need to know how to protect themselves. That means recognizing a legitimate email versus spam.

Test your knowledge with this short quiz.

How'd you do?

Spam Terminology

Simply put, spam is electronic junk mail.

More precisely, spam is the spreading of a single message to a large number of email addresses, posting on an inappropriate newsgroup, or cross-posting a message to (typically) more than three newsgroups.

Other terms for spam are Unsolicited Commercial Email (UCE) and bulk email. Phishing is fraudulent spam (i.e., emails aiming to con you into providing personal information for identity theft).

Spam is Email Without Consent

Spam is an issue about consent, not content. Whether the UBE message is an advert, a scam, porn, a begging letter or an offer of a free lunch, the content is irrelevant — if the message was sent unsolicited and in bulk then the message is spam.

In most cases, there is also an unethical nature to the emails, usually involving some sort of scam.

I suggest you never do business with a company that contacts you in an inappropriate manner.

What makes you think they'll be there for you when you need support or if the product they sell is defective?

Use Ethical E-Commerce

Ethical Net commerce allows you to get your message out to those that are interested without endangering your organization's reputation.

Don't Be Part of the Problem

Anyone offering to "target market" for you is offering to send spam on your behalf.

Dealing with Spam

On this page the following sections, we'll deal with the following aspects of spam:

You'll also want to avoid avoid opt-out tactics like pre-selected checkboxes. Not only is this illegal in Canada, it is unethical. The legal alternative is opt-in.

Return to top

Anti-Spam Legislation

The consequences of spamming can be severe, particularly in locations where legislation has been passed.

  • Antispam legislation in California can find you liable for thousands of dollars in damages if even one of your emails sent to a location within California (or any other location with similar legislation) is determined to be spam.
  • Canada's anti-spam legislation (CASL) became law effective July 1, 2014.
  • The penalties can be severe (an administrative monetary penalty of $75,000, to Scott William Brewer for sending commercial electronic messages without the consent of the recipients).

Not all legislation is this effective, but you could still ruin the reputation of your company even if penalties don't apply.

The U.S. CAN-SPAM Act is one example of poorly conceived and executed legislation. It did little to protect consumers. Ironically, checking for references to the CAN-SPAM legislation in email messages can be an effective way to identify spam.

Canada's Anti-Spam Legislation

If you're located in Canada (or doing business in Canada) you'll need to follow the requirements of Canada's Anti-Spam Legislation (CASL) which requires a minimum of implied consent.

CASL regulates ‘commercial electronic messages’ (CEM) which are defined broadly and includes any electronic message that has as its purpose, or as one of its purposes, the encouragement of participation in a commercial activity. An electronic message would include e-mail, text messages, and social media messaging and text, sound, voice, or image messages. Even if the electronic message itself is not related to a commercial activity, it may still be a CEM, having regard to the hyperlinks to other content or websites or the contact information contained in the message.
Violet A. French, Business Law Today

*This period ends immediately if/when recipients indicate that they no longer consent to receiving your commercial electronic messages.

3 Things to Think About When Sending Messages

When you're about to send an email message, you'll want to consider your relationship with the recipient(s), the content of the message and what you must include to ensure it meets legislated (and moral) requirements.

The CASL provides the following suggestions:

  1. Think about who you are sending messages to
    • Did they give consent? Do you have a record of this consent?
    • Do you have an existing business or non-business relationship?
  2. Think about the type of messages you're sending
    • Is it sent to an electronic address?
    • Is is commercial or promotional?
    • Ensure no part of your message is false or misleading.
  3. Think about what you must include
    • Identify your name and business accurately.
    • Include details on how to unsubscribe in each message.

This is just an outline; be sure to read the infographic. Review Canada's Anti-Spam Legislation for complete understanding of the law.

The Privacy Commissioner of Canada has additional resources.

More About Legislation

The following sites will help you to learn more about legislation in various countries:

A Note to Legislators

I've experienced spam coming more frequently from certain locations (including from within Canada and the U.S.). Apparently some governments permit businesses and individuals within their jurisdiction to continue to propagate spam (opt-out rather than opt-in).

Spam legislation has minimal effect on legitimate businesses or jobs.

Canada's Anti-Spam Legislation is one example. There may be an inconvenience, but that is surely offset by reduced illegitimate activity faced by those same businesses.

I strongly encourage you to pursue international agreements to allow for the enforcement of such legislation just as you currently enforce regulations against dumping knock-off material goods.

Return to top

You Pay for Spam!

The cost of spam is borne by the recipient, not the spammer.

The Print, Radio & TV Advertiser Pays

The costs for tradition forms of advertising are paid for by the advertiser.

It costs much more to advertise in a newspaper than it does to purchase it. Some newspapers are free to the reader, completely paid for by the advertiser.

Spam is Different

The opposite is true with spam. The recipient pays the bulk of the costs!

It is extremely cheap for the spammer to send millions of messages out. If even one person responds to this junkmail, the spammer will recoup his costs.

The reader subsidizes the advertiser — the reverse of the traditional cost/benefit ratio.

Subverting Affiliate Programs

The following illustration shows how affiliate programs can be subverted by greedy advertisers:

  • The problem of spam is illustrated in this scenario: "Anatomy of a Spam Viagra Purchase".
  • The off-shore pharmacies let unethical spammers do their work for them using an affiliate program.
  • Of course, the manufacturer will protect themselves from having to clean up their own mess.

How Affiliate Programs Normally Work

There is nothing intrinsically wrong with an affiliate program. Affiliate programs provide an incentive for websites to promote products (just as traditional advertisers pay newspapers, radio and TV to promote their products).

Unethical Advertisers and Questionable Products

The problem arises when the affiliate program is subverted by unethical advertisers using spam and other invasive tactics to promote questionable products (gambling, discounted drugs, pornography, etc.).

Return to top

Spam is Out of Control

Spam is Like a 80% Internet Tax

AOL (America On-Line) once estimated that the proportion of spam at 30% of the total volume of emails received by their servers. How times have changed:

We estimate that at least 80% of all e-mail sent to our servers is junk mail and/or viruses, and that amounts to a lot of wasted resources that cost real money! —

The next time someone suggests that spam is no big deal, remember that you are either paying 80% more for your Internet service or getting 80% less performance. Ouch!

In 2011, roughly 82 percent of all email traffic was spam. It is estimated that scam and phishing messages make up 19 percent of spam, meaning it is essential to be able to spot and avoid email scams. Use this guide to help you dodge the bait.
Check Point blog

That's nearly 20% that is aimed at stealing your identity or your money.

Return to top

Dealing with Spam

Don't "Opt-out"

Never "opt-out" of something you didn't opt-in for in the first place.

Responding to spam will only expose you to the thousands of spammers that do not reveal their identity or will simply pass your removal request onto their “sales” department — resulting is even more spam.

Few people have the time or resources to determine if the sender is legitimate or not.

Your Devices Need Protection Too

With the exploding use of small devices like cell phones and tablets (both in addition to and in replacement of computers), spam is an important issue there as well.

Keep Spam Out of Your Inbox Recommended

I strongly recommend Islandhosting. Spam is not permitted by their terms of service.

Hosting includes excellent spam management tools and friendly help.

This site hosted by
Check out
Islandhosting is owned/operated by Islandnet

Getting Help Dealing with Spam

During the process of getting help dealing with spam (or other email issues) you'll often be asked for a copy of the original email with the full headers.

The headers include tracking information that tells where the email originated and include the various servers involved in delivering the message. See email headers for more.

These sites can help you deal with spam:

Getting Help Dealing with Investment Fraud

Not all investment fraud is generated by spam, but the warning signs are usually the same. If it sounds too good to be true, it probably is. Nowhere is this truer than when shown investment proposals.

InvestRight is a BC Securities Commission program to help investors know the difference between legitimate and fraudulent investments by identifying the warning signs.

Return to top

Ever Wonder Why Spam is Allowed to Continue?

Have you ever wondered how spam can continue to exist? How can something this disruptive be allowed to continue. Can't governments or companies stop it?

There are three aspects to this:

  1. Spam is profitable.
  2. Legislators don't understand the problem.
  3. Corporate interests often are at odds with effectively dealing with spam.

The Profit Motive

Perhaps you've wondered, like I have, how spammers can process stolen and scammed credit card information? This would seem to be relatively easy given the numbers quoted in a recent Information Week article:

95% of spam-advertised products are monetized using merchant services from just a handful of banks, suggesting payment handling is the weak link in the global spam value chain.

All told, they saw 13 banks handling 95% of the 76 orders for which they received transaction information. (Only one U.S. bank was seen settling spam transactions: Wells Fargo.)

But just three banks handled the majority of transactions: Azerigazbank in Azerbaijan, DnB NOR in Latvia (although the bank is headquartered in Norway), and St. Kitts-Nevis-Anguilla National Bank in the Caribbean.

The article quotes one potential reason:

We have to remember that spam is actually very profitable for the banks and credit card companies that move the money. That might affect how likely they are to actually do something about this.
Mikko Hypponen, chief research officer at F-Secure

See the related article, Anatomy of a Spam Viagra Purchase.

Lack of Prosecution


If you receive spam from the U.S. that claim to be legal, quoting the U.S. CAN-SPAM Act, they are wrong!

The U.S. CAN-SPAM Act merely outlaws the sending of spam with false or misleading sender information (and other specified conditions). That in no way makes the sending of "non-forged" spam OK.

In fact, this legislation is so useless in protecting unwilling recipients of spam it is nicknamed the "You CAN Spam Act."

Prosecution is Difficult

As well, the legal action that could stem the tide is more difficult than you might think.

  • Many operations originate overseas where prosecution under existing laws is difficult or impossible.
  • This is further exasperated by protection provided by the U.S. CAN-SPAM Act (lawmakers in most states other than California are reluctant to introduce legislation that makes it more difficult for legitimate businesses to use email for promotion and sales).
  • Hacking and the information gathered through spam is undoubtedly being used by nations as modern espionage. The June 2011 hacking of the IMF may have been triggered by malware when an employee clicked on a link in an email.

Commitment Lacking

However, it is not impossible. It is merely a lack of commitment.

Big media companies have deep pockets and are more effective at demanding effective legislation, quoting huge costs to their businesses. These “costs” is often based upon the ill-conceived assumption that all downloaders would pay full retail for all illegally-downloaded products if the illegal sources dried up. More likely, many either could not or would not pay.

Instead, they can make changes to their own business practices such as fairness of pricing, availability and freedom from DRM restraints such as locking the purchase to one device and profiting from changing media types (e.g., VHS, DVD, BluRay).

Services like Netflix are a great example. Rather than enforcing bandwidth caps designed to force users to purchase similar content via expensive cable subscription models, lower the price to compete with Netflix.

Concerns are more heavily weighted in ensuring that businesses aren't hampered. Imagine if only big corporations had protection from credit card fraud!

Corporation Interests Hamper Success

AOL, Google, Microsoft, and Yahoo are to Blame

In 2007 ZDNet examined in 2007 Why AOL, Google, Microsoft, and Yahoo are to blame for spam. It noted that they are the only ones large enough to agree on a global standard to deal with spam effectively and decisively.

It seems the problem is one of cooperation:

  • Microsoft killed one strategy by claiming their Sender ID is proprietary. They relented (but only after the others had already left the table).
  • Yahoo! and eBay cooperated on dealing with phishers going after users of eBay while PayPal cooperated only with Google about issues with Google Checkout. None of parties shared the information with the other major email services.

This is also hampered by the anonymity of these free email programs. This is beginning to change. These companies are now seriously investigating methods of authentication that can help avoid spamming.


Finding the Headers

If someone requests “the headers” they are looking for the tracking information contained within the email, but hidden by most email programs until you request that information (show headers, view source, etc.).

Email headers include information similar to the following:

From: <>
Return-path: <>
To: <>
Wed, 08 Jun 2022 11:03:04 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Language: en-US

Information and layout varies between hosting services and email programs.

Short Headers

Usually folks only see the “short” headers:

From: <>
To: <>
Subject: Cat video updates

To:, CC: & BCC:

To: and CC: are often included in the short headers, but BCC: addresses are only visible to the sender (and may appear as a To: address for the recipient).

Be sure you understand how to use To:, CC: & BCC: correctly.

List Info

Emails coming from a listserv (a subscription service) often include a list-info entry in the short headers.

Clicking on the list-info reveals the listserv information including the list owner and how to subscribe or unsubscribe.

Locating the “Full Headers”

Full headers refers to the complete information about an email. This varies by email program and mail provider, but usually including a message ID, user-agent (the software generating the email), tracking information, delivery date and more.

  • Who@ gives details on viewing the headers for a number of email programs.

Return to top

Unethical Businesses

Some businesses use unethical practices.

Do NOT do business with the Domain Registry of Canada

Domain Registry of Canada

One example is the Domain Registry of Canada (or the Domain Registry of America). Both are run by Brandon Gray Internet Services, Inc. as

Brown Envelope; Red Maple Leaf

Their “Domain Name Expiration Notice” comes in a brown envelope with a red maple leaf designed to make you think you're dealing with a government service.

Domain Slamming

These “notices” (known as “domain slamming”) show up significantly prior to expiration — long before you normally renew your domain and prior to any authentic renewal notice.

Their intent is to trick you into moving your domain from your current registrar. To move it back requires that you pre-pay yet another year (and some rules may prevent you from moving your domain back immediately).

“Voluntary” Payment

There is a very small notice at the bottom of the invoice that indicates that payment is voluntary.

Their pricing is exorbitant and they appear to be culling your domain's WHOIS information for unethical marketing purposes.

Both are unethical and this is not the sort of company that you want to do business with at any price!

Related Resources

Related resources on this site:

or check the resources index.

Buy Me A Coffee


Return to top
Updated: June 8, 2022