Just before Memorial Day in the US, I attended SpamCon 2001, a first-of-its-kind conference focusing exclusively on what can be done to combat spam. It was there that I realised just how thin a line divides spammers from virus writers.

Both target your email inbox with unwanted junk. Both can tie up corporate email servers with excessive traffic. And both entice you to click some attachment or link you'd otherwise not bother with. The big difference between the two is that writing a virus is illegal in this country and in several others, while writing and sending spam is not.

Legislation currently before Congress would make some aspects of spamming criminal. For example, spammers could be penalised for using misleading IP addresses in the headers and false information in the subject and body text. The legislation would also require senders to allow for the reader to decline or "opt-out" of any future solicitations. Penalties against the sender would be harsh, up to $11,000 per occurrence. However, the burden of proof would fall on the Federal Trade Commission, which would have to prove the sender had a "knowledge standard" for the violation. Therefore, neither bill--S. 630 or H.R. 718--is considered to be a major weapon in the current war on spam.

An Internet document, RFC 3098, reads: "How to advertise responsibly using email and newsgroups, or how not to make enemies fast!" and outlines what a vendor can and can not do in terms of e-commerce. The reality is that most spammers won't bother to read RFC 3098 or its subsequent iterations. So, unfortunately, the ultimate burden falls on consumers.

What can you do to combat spam? First, set your email program to filter incoming messages by subject line. Just as you filter out the ILOVEYOU and Anna viruses by blocking their respective subject lines, you can block subject lines with keywords like HOME LOAN and EARN $$.

However, the trouble with filtering on content is the likelihood of blocking legitimate email from friends. Take, for example, common phrases like "Hey!" or "Look at this!" One solution is to move all filtered content to a special folder, which you can periodically review for any "real" email trapped by your filters.

If you still receive spam after setting up filters, another tactic is to forward the entire document and header information to the sender's ISP abuse desk. Most ISPs have abuse desks, and in most cases, sending unsolicited mail to thousands of addresses is against the ISP's Acceptable Use Policy (AUP). If you forward spam to the sender's abuse desk, chances are the ISP will be able to terminate the sender's account. Of course the sender could always create an alias and open another account, but that's another issue.

Where do you find the spammer's header information? In the early days, all email arrived with a long history of which server passed it to which server, ad nauseam. Nowadays, you don't get the history; you just get the message. If you use Eudora, look for the BlahBlahBlah button to reveal header info. To track down header information using Outlook and other programs, see SpamCop for program-specific instructions. For more information on deciphering email headers once you have them, see the article Stop spam in its tracks.

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.