Wednesday, April 13, 2011

Ryan Pitylak Anti Spam Guidance 2011

It's pretty simple these days - just don't give out your email. If you need to give it out, sign up for a service like OtherInbox and use it to protect your real email. If you start to get spam, get a good spam protector, like Gmail's built in spam filter. Outlook's spam filter is a good choice as well.

Thursday, September 09, 2010

Sunday, May 16, 2010

Has the Anti-Spam Industry Matured? - By Ryan Pitylak

By Ryan Pitylak

Has the multibillion dollar industry of anti-spam finally started to mature? TechTarget has covered some research by Forrester that suggests that differentiation among anti-spam competitors is minimal. With 96%-98% detection levels among all vendors, it's pretty difficult to determine which one is the best (if there even is one that is the best).

I think this is good. This means the industry has finally reached a point where they have agreed upon a set of standards that work. Although the spam problem has not gone away, it has been seriously minimized in the past few years. Most people get spam because they have very minimal protection, such as the protection afforded by Outlook. Using the spam filtering technology used by major ISPs will resolve most of your issues.

- Ryan Pitylak

Monday, January 18, 2010

Cloudmark hits a billion subscribers by Ryan Pitylak

Infosecurity writes about how Cloudmark hit a billion subscribers. That's incredible.

I'm really happy that Cloudmark has reached this level of success. I have been recommending Cloudmark to friends and people who read by blog for years. I believe a community-based approach to stopping spam is necessary, and Cloudmark certainly is has been leading the way for years.

Thursday, December 31, 2009

BitDefender finds web 2.0 possible source of spam

BitDefender writes about how there is a potential problem with web 2.0 services. You do need to be careful when signing up for new services, as you'll never know what type of email will result from the sign up. I recommend my friend's company OtherInbox to deal with the problem.

Wednesday, December 16, 2009

Anti-spam in 2009 by Ryan Pitylak

This year has been an interesting year for spam. Yahoo came out with a big change to it's filters that made it a lot harder for people to send out spam. Companies and marketers, big and small, found that they had to comply by the rules or else get punished by their inability to send email. The blocking technology is finally catching up, which is great. For those of you stuck on a general internet email address (such as that provided by Godaddy or your company), then you might still be getting spam. But, that will also dwindle over time.

I still hate spam that has no unsubscribe. There's nothing more annoying than a solicitation to make my ... harder longer and then not having any way to remove myself from the list.

It's been a long time since I created my skycorpservices website in an effort to support the anti-spam community. I haven't updated it, or this blog, much, but I still think about how fighting spam is important to keep internet marketing continuing in the right direction.

Monday, December 08, 2008

Spam thoughts as we near the end of 2008 by Ryan Pitylak

An interesting thread circulating the internet over the past few months has been about how a significant chunk of spam stopped once a colo was shut down. What was also interesting, and equally predictable, was how the email started back up again over time.

The economics of spam is interesting. Spammers will move to the email delivery source that will provide them with the most profit, regardless of the "externalities" of this decision. So, it's not surprising that a cluster of spammers were spamming from one colo ("McColo").

Ultimately, shutting down a major spam friendly colo makes the costs to the spammers go up (at least in the short term) as they find less attractive solutions. The only way to truely stop spam (the truely unsolicited email) is to make the economics of it unattractive. A combination of really good spam filters, expensive delivery costs, and low user participation (the liklihood someone will click on the email) will cause this to happen. However, spam filters are pretty good these days, delivery costs are going up in the U.S., and user participation is not going to change that much over time. This ultimately pushes spammers offshore, which lowers deliverability, as email from outside the U.S. is trusted less by spam filters. All of these actions increase the costs to spam. This means that to equal things back out, other costs need to be lowered. Examples of this include sending out high volumes of email, without any focus on deliverability. By the sheer number of emails delivered, some will get through the filters. This creates an extremely "dirty" email, as it has no personalization. I don't know if you've noticed, but spam, which has largely been moved offshore, has gotten "dirtier" over time.

One solution many have turned to is "opt-in" spam. Effectively, email marketers get people to sign up for their emails. However, in my opinion, permission to send me email doesn't mean you can send me several emails a day about whatever you want. In some cases, I've seen marketers (in this case, I'll go so far as to say spammers) send out ten's of emails a day. That really adds up. This loophole in the CANSPAM law is a bit of a problem, but closing it creates problems for big business, which is bad. Some additional thought around legislation should be considered.

Ryan Pitylak is an anti-spam activist.

Wednesday, July 02, 2008

Using Disposable Email Addresses

I wrote a post at OtherInbox about how using disposable email addresses can help you to protect yourself from spam. It's a great concept, because you actually have the power to finally stop spam, for the first time ever. It works like this:

When I sign up for an email address at amazon, I use If amazon ever starts to send me spam, I know exactly where it came from. This obviously becomes really useful if you sign up for a free ipod offer. You may receive email about a 1,000 other offers unrelated to the free ipod; now you'll know which companies you shared your email addresses with are sharing your email address.

Novel idea, huh? Well, this is definitely a great approach to stopping spam.

Friday, June 13, 2008

Ryan Pitylak Marketing Blog: Bluetooth + Cellphone + Popcorn ?= Viral

Ryan Pitylak Marketing Blog: Bluetooth + Cellphone + Popcorn ?= Viral

Viral Marketing is turning interesting. A recent post on my marketing blog explains how bluetooth maker created a popcorn ad that hit upon the fears of cellphone users. Are you telling me you've never been afraid of your brain frying from cellphone usage? Well, if it can fry popcorn, it can surely fry your brain. Or, at least that's the message the ad is trying to convey. It's a great stunt to catch the attention of the consumer, and considering the spread of the video, it worked really well.

Ryan performs writes about marketing for consumer companies.

Monday, June 02, 2008

700,000 Mobile Phone "Do Not Spam" Registrations by Ryan Pitylak

Monsters and Commerce wrote about how 700,000 mobile phone users in Hong Kong have signed up for a "do not spam" mobile phone registrar. That's definitely an interesting idea, because it's seemed to work pretty well here in the United States.

"Since then 3,064 people in the city of 6.9 million have registered complaints with the Office of Telecommunications Authority about unsolicited calls. Of those, 2,091 related to faxes, 439 emails and the rest were SMS and pre-recorded messages, and others."

What's interesting to me is this: do the 439 emails that people complained about fall under this "do not spam" regulation? If so, companies who are sending out emails to members, assuming they're not restricted to any "do not spam" mobile phone registrar, might run into trouble if they did not realize the email messages were being delivered to the mobile phone device.

As email permeates into many different devices, a way to comply with all of the relevant laws will need to be addressed. A third-party service that specializes in email delivery would probably be the best way to stay compliant.

Ryan Pitylak is an anti-spam activist.

Monday, March 31, 2008

Consumer perception of spam,

MarketingSherpa and Q Interactive worked together to learn more about how consumers perceive spam. They wanted to know what people thought about spam and what people considered spam.

56% of e-mail users regard marketing e-mails as spam. If they just don't find the messages interesting, they mark it as spam. This is a strikingly high number when you think about it.

The example used in the industry is Victoria Secret. They have a brand that will only send you email if you've provided them with permission to send it to you (we would hope). However, many people mark their emails as spam for a variety of reasons. Firstly, you may order a nice gift for your loved one, and later find yourself on the Victoria Secret mailing list. We've all been in this position with one company or another. So, is it spam? I didn't really want it, and it's not really what I want to see on a Tuesday at 10AM. But, according to their policy, which I did accept, they have permission to send me email.

So, it's not surprising when so much legitimate email marketing is marked as spam. It's also not surprising that some of these people actually feel like this is spam, and that the company sending the email should have penalties for sending them the email they previously requested.

I personally think that a move we need to make is to ensure that companies are up-front about their intentions of sending them emails after the order is placed. A simple "accept my privacy policy" check box can be placed on the order form.

Ryan Pitylak can help you think through these issues if you'd like.

Sunday, July 02, 2006

Tips for stopping spam,

The Ann Arbor News highlighted some of my three main tips for stopping spam. I hope that people will embrace this advice, because I truly believe that these tips can help make a big difference in the amount of spam that you will receive to your personal email box.

Friday, June 30, 2006

Anti-Spam solutions,

A lot of people lately have been asking me what steps they should take to resolve their spam problems. Two client-side programs come to mind:

1) Cloudmark
2) Spamcop

These do a great job of stopping mail because people become part of a community.

Your large ISPs now offer a similiar service if they have a "report spam" button. Ultimately, people are, on average, a good read about what is spam, and what is not. Some major ISPs, such as,,, and have these features built-in.

Wednesday, June 07, 2006


The news of the Texas Attorney General lawsuit has been released.

I am pleased to announce that I am now a part of the anti-spam community, having started an internet security company – Pitylak Security – that offers my clients advice on systems to protect against spam.

Over time I have come to see how I was wrong to think of spam as just a game of cat and mouse with corporate email administrators. I now understand why so much effort is put into stopping it.

The settlements with Microsoft and the Attorney General’s office have been a serious reality check: harsh, but good, and in the public’s best interest.

I’m now working earnestly to help other entrepreneurs avoid the traps that deceived me and led me to make questionable business choices.

As a recent graduate from the University of Texas with honors degrees in economics and philosophy, it's my goal to apply what I've learned and use my entrepreneurial talents to help others.

- Ryan Pitylak

Monday, June 05, 2006

Response to news coverage

Please visit to read my responses to some of the news coverage about the Microsoft settlement.

After receiving some great comments in this posting, I'm revising it to explain to my visitors that there is some valuable content in this comments section. Some people have been asking me questions about spam and how they can get around some specific problems related to their spam. Herein I'm explaining my advice on how to resolve these issues.

Please post any spam-related problems you are having and and allow me to comment on them.

Sunday, April 30, 2006

Ryan Pitylak's community outreach

I know several people on the internet are following this site, and I'd really like to hear from you. Post any question you have in the comments section of this post and I'll answer them. The spam industry is talked about by people on the anti-spamming side, but this is the first place I know where people can talk to someone who used to be on the side that sent the email. I look forward to your comments. :) Please utilize this anti-spam blog.

Monday, April 24, 2006

Spamming Trends - April 2006

I recently posted this on securence and thought that it might be helpful to my readers:

Unfortunately, spam should be on the rise for the distant future. As technology gets cheaper to send spam, people will send more of it. Eventually, the returns to sending spam will decrease as filters get better, but that'll only create incentives for spammers to send out more emails, because whatever few pieces of email get delivered will be very valuable. You will continue to see a trend towards off-shore emails that are hard to track, and therefore hard to immediately isolate as problematic. On-shore email blasts will continue to become more legitimate looking, and some of these companies will try to break into the opt-in email business. Unfortunately, most spammers won't handle opt-in email with care, and those lists will slowly be handled in the same way that email lists that are not opt-in are handled.

Get more information about spam blocking and the spam business here at the anti spam blog.

Spam Message April 24th, 2006

So, unlike most people, I receive very little spam. I am careful about where my email address is listed, and therefore receive virtually no spam. However, I received a spam email today. Let's talk about it. See comments in red.

Header Information:

Return-Path: <> Tall tell sign that this is spam. A hotmail account is a perfect way to mask your true identity, and therefore counts negatively towards the spam score.
Delivered-To: ryan@27196.27732
Received: (qmail 24192 invoked by uid 78); 24 Apr 2006 09:45:32 -0000
Received: from unknown (HELO ( by with SMTP; 24 Apr 2006 09:45:32 -0000
Received: from ( []) by (8.13.6/8.13.6) with ESMTP id k3O9jWLk008495 for <--------->; Mon, 24 Apr 2006 05:45:32 -0400
Received: from mail pickup service by with Microsoft SMTPSVC; Mon, 24 Apr 2006 02:45:00 -0700Message-ID: <BAY23-F104315454E70A409B46FB9B0BE0@phx.gbl>
Received: from by with HTTP; Mon, 24 Apr 2006 09:44:48 GMT But wait, could it be? Is this a hotmail server?
X-Originating-IP: []
X-Originating-Email: []
From: "willico willi" <>
Subject: urgent plea for assistance It sounds urgent! Most people don't urgently plea, but we'll let that slide.
Date: Mon, 24 Apr 2006 09:44:48 +0000
Mime-Version: 1.0Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 24 Apr 2006 09:45:00.0737 (UTC) FILETIME=[C1426B10:01C66783]
... This is starting to look like every other piece of Nigerian spam I've received.

Well, without investigating further about whether hotmail pick ups you ip address when sending out email from their network, I can't comment about whether the email went through hotmail's servers, or whether the email was sent by forging headers.

The IP address does not appear to be a hotmail IP, so if hotmail doesn't pickup the sender's ip address, then this definetly forged.

However, if hotmail does pickup the ip address of the sender, then the sender could be some guy in South Africa sending out email through hotmail.

Regardless of what happens, this emphasizes the importance of having the technology in place to detect these guys before this spam gets into the inbox. Also, reactive technology that can detect this crap and then delete all of the previously sent out email from this spammer would be helpful. Something that I think is great about the new landsapce of email is that emails do not need to be detected as spam right away. It's hard to determine if some emails are spam immediately, so taking some reactive measures after the spammer has been identified would mitigate this problem.

Of course, some email programs are real-time, and therefore making reactive decisions will not work, but ISPs where the email is stored at the same location as the anti-spam software(i.e. Aol, Hotmail, Yahoo, Gmail, etc), this will eventually be possible. This could help in the fight against spam, and only server-side email hosting solutions will be able to provide this service (unless an email add-on is created for outlook/etc).

This is probably a very arduous request however because of the sheer volume of email that large email servers receive. I think there is a middle ground somewhere. We'll just have to think, as an anti-spam community, about where that middle ground lies technologically. Maybe alternative approaches would be effective? I'd be interested to hear anyone's comments on this important issue.

body here....

Monday, April 03, 2006

Stop spam from getting into your inbox

It’s surprising easy to protect yourself from spam. Protecting yourself from getting spam has to become a mentality. There are many costs when having to deal with spam. There is the lack of employee time, which lowers employee productivity levels. Furthermore, business email that is incorrectly categorized as spam creates even larger problems then small levels of productivity loss. Email is becoming one of the main avenues for business communication, but incorrectly categorized business emails can slow down important business deals, or worse.

Several major internet service providers, such as America Online, Microsoft, and Earthlink all use Brightmail’s anti-spam technology as a part of their technological arsenal used to fight against spam. Brightmail is not the only service available, but server-side anti-spam technology ultimately works better than client-side anti-spam technology. Server-side technology consists of anti-spam software that is managed by the internet service provider. Client-side technology consists of anti-spam software that is managed by the consumer on their computer.

Also, you have to be very careful where you submit your email address. If you’re submitting your email address to any service that you don’t trust implicitly, then you should setup an alternative email account that is used specially for these transactions. That way, if spam starts to become a problem on that temporary account, you can cancel the account and setup a new username.

Do not put your email address on your website. Email spiders look across all websites looking for email addresses that can be used to spam. These are considered very good email addresses to send emails to by the spammers that are not very successful. These spammers are more likely to use spamming techniques that gets email delivered by breaking criminal law.

If you do start getting emails, unsubscribe yourself from those emails as soon as you get those emails. Very few spammers sink so low as to email their unsubscribes on a regular basis. Spammers understand that these are people who do not want to get email, and that they are vocal about it, and can therefore spammers do not typically want to email these people. By emailing these people, the spammers risk getting their internet service shut down, which is a major problem for a spammer. Ultimately, if you get into a position of getting spammed, you need to try to remove yourself from these emails. This does not always work, as some spammers will email you more after you unsubscribe, but this is not typical.

If a spammer is being persistent, then you can report the spammer to its ISP. This starts to get technical, but you can determine who are hosting the spammers by running this command in msdos (cmd.exe): tracert The last few lines will be the spammers internet service provider. Complain to those businesses by going to their website and finding their abuse section at the internet service provider’s Contact Us section. There are tools that automate this process. SpamCop offers an excellent product that allows a user to easily report spam. This is by far the most effective way to combat spam.