Category Archives: Problem and Installation FAQ

Common problems and suggested solutions. Installation information.

Avoiding SPAM

This document is written for Sailmail members with some advice on avoiding spam.

Spam (junk email) is a continuing problem, especially for Sailmail members and other folks with low-speed connections. The best way to avoid spam is to keep your address private, and out of the hands of the spammers.

The majority of spam is sent to addresses which are collected from web pages, using automated programs (“spam-bots”) which crawl the web looking for email addresses. Some is also collected from newsgroups, “whois” domain listings, and other public lists. And increasingly, addresses are also collected by viruses and “worms” from infected computers and used to send spam. This latter is particularly troubling because your address can become a spam-target even if you are careful, if one of your friends (with your address in their computer) gets a virus.

These addresses are then collected into long lists, sorted alphabetically, and sold to other spammers. (It is common to see multiple recipients on the same message, this is a result of the sorting and allows more spam to be sent faster).

Remember that before you started using your Sailmail address, it had never received spam. (Addresses based on common names such as “harry@sailmail.com” get spammed all the time, but not an address like “wxy1234”). It is up to you to keep your address free of spam.

The best way to avoid spam is to keep your address private. Do not post your address to a website, and make sure that your friends keep your address private. Don’t allow folks to add your address to long lists of bad jokes, it is too easy for that to get posted somewhere. Don’t use your Sailmail address when making on-line purchases, or filling out forms (except your Sailmail renewal of course)- not everything is legit. Keep a hotmail account for folks that you do not trust.

And, and very important, also remind your friends and associates to keep their virus software up-to-date, if their computer gets infected then you may get spammed as a result.

Spam is very difficult to filter without also deleting legitimate email (which is not acceptable). The problem is that spammers are trying very hard to make spam look like legitimate email, and they are not stupid. Sailmail uses the best spam-filter that we can find, but it is not perfect. It is professionally managed and may take a couple of days to adjust to a new spam pattern, but if there is doubt, then the message is passed through rather than deleted. This is the only acceptable choice.

Some services use a “closed gateway” approach which requires would-be senders to go to a website and “register” in order to be able to send email. If you’ve ever received a message back from an earthlink or mindspring user via Sailmail asking you to go to a website, you realize how frustrating this can be. The other problem is that many folks (and especially businesses) reply from a different address, their reply won’t go through and most folks won’t jump through hoops just to answer your query. And worse, much of the virus-generated spam comes from legit addresses (stolen from the infected computer) which would sail right through. Sailmail does not plan to support this approach.

If you want to put your address on a website, then do it like this:
“WXY1234 -at-sign- sailmail.com” or “WXY1234 (at) sailmail.com”
Folks will understand what you mean, but the “spam-robots” won’t recognize it.
Alternately do a Google-search for “Email address obfuscator” (without quotes)
The following page also has a good discussion and includes methods of hiding your address:
http://www.u.arizona.edu/~trw/spam/

If you do have problems with spam, then we can assign a new mailbox by adding an “a” or “1” suffix to your callsign (and email address). You will need to notify your (desired) correspondents of your new address, and be sure to remind them to keep their anti-virus software current. Your current address will stay active for a month to allow an orderly transition. It is a nuisance, but the spam will be gone, and will stay gone, as long as you keep the new address private. If you want to do this, send a note us at sysop@sailmail.com.

Computer Security

Most of us are well aware of the need to protect our computers from the hazards lurking on the internet, but it is less clear exactly what is needed. The danger is viruses or “worms” or “trojans”, different types of malicious programs that can infect your computer. (We’ll call them all “viruses” for simplicity). As long as the computer stays on the boat and only connects through Sailmail then it is safe. Viruses cannot get through the server- incoming mail is scanned but more importantly Sailmail does not forward file-attachments (except for certain files which are inherently safe) so there is no way to send a virus via Sailmail. (The same is not true for Winlink, malicious programs can be sent as file-attachments and a brand-new virus will always get past a scanner).

Think of your computer as a fortress surrounded by hordes of bad guys (e.g. the battle for Helms Deep in “Lord of the Rings: The Two Towers”). At sea, you have the world’s largest moat with a slender well-fortified bridge (Sailmail). If you connect your computer directly to the internet then you need both strong bastion walls and solders on the inside (firewalls and anti-virus software, respectively). The connections we are concerned about include wireless connections in a marina, a dial-up connection via a cell-phone, or taking the computer ashore and connecting it to a phone line or network connection. These all expose your computer to potential threats. The threats can come from a virus attached to email, or as part of a malicious website, or by a direct connection to your computer (think of ladders over the walls).

So the basic rules are to keep your operating system updated, protect your internet connection, never open a questionable email or a suspicious website, and keep your anti-virus updated.

Operating system updates are important in order to make sure that your computer is secure against known vulnerabilities which have been fixed.

In order to protect your computer from a direct connection you need a “firewall” to block unauthorized connections. Windows includes an effective built-in firewall which should be left turned on, check Windows Security-center on the Windows control-panel. There are normally no programs which require that it be turned off.

There are other firewall software programs available, including various “internet security” packages. Many of these go overboard in terms of protection, adding no security but seriously interfering with normal use of the computer. Also, do not attempt to use more than one software firewall, this can tie things into knots. Our advice is to use Windows firewall (and disable any others).

Most local wired or wireless networks include an internet “router” which also acts as a firewall by blocking direct connections from the internet. But an internet router will not block a connection from a fellow user of the local network, who might themselves be infected. So continue to use your computer firewall.

It is also important to disable file-sharing unless you need this for a local connection. Windows-7 manages this as “private” versus “public” networks. File-sharing is disabled for public networks, be sure this is selected for any sort of internet-connected network, unless you are protected by your own hardware router.

For Windows-XP file-sharing is controlled as part of the TCP/IP properties for the each network connection- uncheck the “File and Printer Sharing” box to disable all file-sharing.

The final level of protection is a good anti-virus program which is kept up-to-date. Most new computers come with a “trial” version of some “all-in-one” internet security program, free for a while and then needs a paid subscription. There are two problems here: The “all-in-one” solutions aren’t as good– and a lot more intrusive– than Windows firewall plus a good stand-alone anti-virus program; and there are free versions of good programs (supported by their corporate customers) that there is no real advantage to a paid program.

Microsoft Security Essentials is a well-rated anti-virus program that works well without getting in the way, we use that here. AVG/free anti-virus is also good, and Kaspersky and FProt are also good but apparently no longer have free versions. Symantec and Norton anti-virus programs work well, but they tend to be packaged with firewall software as “Internet Security” packages which are overly complex and intrusive, and we have to recommend against them.

Google or any browser search engine can find these, be sure to include “free” in the search as all of these folks like to push the paid version (except Microsoft, they already got your money).

Some folks take the view “anything but Microsoft”, ten years ago that was reasonable but things change. Particularly after they got past Vista they seem to “get it” to a much higher degree.

And remember that any anti-virus software is only as good as its most recent update.

There’s another tool work considering, and that is an anti-malware program to periodically scan for spyware and other nasties that aren’t malicious enough to qualify as a virus or worm, but stuff you definitely don’t want it on your computer. MalwareBytes anti-malware free version is highly regarded, as are teh free versions of “Spybot Search & Destroy” and “Ad-Aware”.

For all of these (except Microsoft) read the websites carefully, some push paid versions, or “free” upgrades to the full version (only free for a limited time), or try to trick you into installing some other “clean your PC” crap. Read the info carefully.

But remember that anti-virus software only works if it can find the virus in its database. So there is always an opportunity for a new virus to sneak through before the company can update the definitions and you can download them. For this reason it is still necessary to use common sense and not open a file attachment from an unknown sender, and avoid visiting suspicious websites. There are relatively few malicious websites but if you get a note from an unknown person asking you to check out an interesting website then don’t.

And lastly, beware of the “phishing” expeditions. If your bank writes to you and asks that you go to a website to re-verify something, don’t. Contact the bank first- it may be a pirate website trying to hijack your login and password information.

A few links:
Microsoft Security Essentials: http://windows.microsoft.com/mse
AVG Anti-virus free: http://free.avg.com
MalwareBytes anti-malware: http://www.malwarebytes.org

Good sailing!
Jim
support@sailmail.com

updated 2012-01-08

Old SailMail Primer

Members may recall having seen information in the old SailMail Primer that was on the previous SailMail website. While we have tried to move all current information to this site, if members want to refer to the previous SailMail Primer, here it is:

old smprimer

Obviously there are broken links pointing to other parts of the old website.

Windows versions for AirMail

AirMail runs with Windows XP, Vista 7, 8, and 10.

Where people usually have problems is with off-brand or no-name USB to serial adapters. So if you use a USB to serial adapter, make sure there are drivers available for your operating system.