Subject Fields – A Way To Foil Spam?

What to put in the Subject field these days to avoid spam filters?

Clive of collision detection (who, incidentally, wrote a first class piece about European virus writers for the NYT) points out that the spam “battle has now claimed its first linguistic casualty. It occurred to me yesterday that you can no longer send an email to anyone with the sole word “hello” in the message header.” That’s because the recipient (and almost certainly any spam utility) would regard it as spam, and so chuck it out.

His conclusion: “If you want to appear human-like, put a human-like message header on your email. And that means you can’t say just “hello” or “hi,” because that no longer qualifies as a human-like message.”

True. Here’s my tuppence’ worth: What I’d like to see are some creative methods to communicate with each other. Here are some suggestions:

  • Members of the same family could use a code word in the subject field like [rabbit] which should get it past Bayesian spam filters, once those filters have been educated a bit.
  • Friends and colleagues communicate with one another by more elaborate subject fields: [Meeting] postponed, goof off until three pm or [Wedding] Er, it’s off. The idea is that the bit in parentheses stays the same, as an indicator, while the rest of the subject field changes.
  • Users can then set up filters which funnel emails containing those [] codes directly to certain folders.
  • The overriding principle is that the Header field should a) provide some seriously useful information about what’s in the email, and b) carry with it some sort of [category]. I’m no expert on Bayes, but I figure this would really help the filtering process.

The bottom line is this: Subject headers should be another line of defence against spam. If we used them better than ‘hi!’ or ‘hello’ we could frustrate spammers who would themselves have to put a lot more effort into generating credible headers. That just might make it uneconomic enough.


All opinions are my own, and not necessarily those of Thomson Reuters.



RSS loose wire blog