If you use Google Apps to handle your email using your own domain name, there may have been times that friends or colleagues you’ve sent email to have failed to receive them.

This is because their anti-spam system may have flagged that email as spam and since people rarely visit their spam folder that email you’ve sent has been deleted without them knowing.

Worse, spammers can forge the ‘From‘ address on mail messages so that spam may look like it came from a legitimate source. And if your PC has been compromised by malware or your email address has been harvested online, there’s a higher chance that you’re domain has been spoofed and used by spammers to trick your friends and contacts that the spam they sent really came from your domain.

Google Apps now supports a feature to prevent such email header spoofing which is the DomainKeys Identified Mail protocol or DKIM. This basically adds a digital “signature” to the header of mail messages you send from your domain.

This digital “signature” can then be verified by recipients to make sure that the mail message really came from your domain.

To add DKIM signature on your outgoing mail using Google Apps, follow these steps:

Log-in to your Google Apps Dashboard

Go to Advanced Tools section

Click on Setup email authentication (DKIM)

Select the domain for which you want to generate a domain key

Click Generate new record

The information needed for the creation of the TXT record in the DNS records of your domain.

It is safer to coordinate with your domain name registrar or web host to accomplish this without any trouble.

Wait up to 48 hours for the DNS changes to fully propagate then you can go back to the Set up email authentication (DKIM) section of your Google Apps Dashboard and click on the ‘Start authentication’ button to activate DKIM authentication to your outgoing mail.

To confirm that the DKIM signing is active, you can send an email to someone and ask them to review the message and check that the ‘signed by‘ line is present and it shows your domain name.

With DKIM signing, your outgoing mail now have a lesser chance of being dumped into the spam folder of your recipient’s email account nor will spammers be able to successfully spoof your domain.

• Send Email Using @facebook.com from Gmail (2)
• An open letter to human spammers (2)
• Finally, Being Able to Chat to all Contacts on Ubuntu Linux (0)
• Would you give Facebook apps your email? (3)
• E-mail hoax: Telamonia dimidiata spiders are not deadly (6)

First of all, I’d like to give you a big round of applause. Bravo! Bravo! For a few days now, you have been patient enough to drill into this blog’s archives, look for the popular posts and leave your nicely written, natural-sounding comments.

I must say, hat’s off to all of you. To actually sit in front of your PCs, go blog-hopping and take some time to read the posts and leave comments designed to do one thing: promote the shady site you were paid to. I don’t know what’s the running rate per spam comment these days but I have a feeling the recession continues to be cruel to you.

The only reason why you’re comments are not being immediately published is that being first time commenters, it would be flagged for my moderation first. Meaning, I have to give it my approval before being published on my blog.

Unfortunately, that is where it will end for all of your efforts. As the most powerful anti-spam technology is me, the blogger, experienced enough to know which comment is legitimate and which one is just plain spammy no wonder how targeted to the blog post’s topic and how natural-sounding your comment may be. And no, kissing up to us won’t cut it either.

The reason why your comments still end up being flagged as spam? It’s because we bloggers know that a comment from the same user, from the same IP address and submitted in succession within a short period of time is either flaming or spamming. But you cannot be blamed right? Because you probably have some quota for a day and there’s just so little time get it done.

Second, which really screws it up for you and makes our job of moderating your comments very easy, are the keywords you use as your comment author’s name. Only someone with an IQ of 14 would believe that someone named Zona Casuat, Worker, Pornokontact and Philippine Lotto Community is a real reader who enjoyed the blog post so much he/she was motivated to add his/her two cents’ to it.

Third, the link you provide in the URI field is another dead giveaway. We don’t even need to click on the link to see if it’s just a landing page jammed with more links leading to the main site to which you have been hired or sub-contracted to do a link-building campaign for. A glance on the URI is all it takes for your comment to be flagged as spam.

My suggestion is to get yourself a better job or get your own blog since you have some skill in writing. Why put it to waste spamming blogs? Anti-spam technology is getting better and bloggers are getting smarter, so it would be best if you quit now and do something better with your time and skills. The whole world would be a better place for it.

Yours truly,
Jhay

• How to authenticate email with domain key in Google Apps (7)
• Globe Broadband IP addresses blacklisted by Spamhaus Project (4)
• Spam killer plugins I used this 2006 (10)

One of the most frustrating events a blogger or commenter could face on the net is being blocked or their comments being eaten by some anti-spam system employed by the blogs that they visit.

I for one had many of this incidents before. The latest was just a few minutes ago when I posted a comment on Aja Lapus’ blog post about Schools still teaching deprecated HTML. Aja’s blog is protected by Bad Behavior, an anti-spam plugin that is indeed powerful and effective. Yet it has received its fair share of complaints from bloggers because in some instances, it has blocked or eaten the comments by non-spammers or “false positives” even comments by the blog owners themselves.

Of course, I vouch that my laptop is spam and malware free so it’s a bit frustrating to know that I’m being blocked as a spammer. It’s a good thing that Bad Behavior displays a web page pointing to the Spamhaus Project explaining why my comment as blocked, because some anti-spam plugins simply swallow your comment and dumps it in the spam comments list.

Going back, I followed the links to the Spamhaus project and it turns out that it was my IP or Internet Protocol address that was blocked. Here below is the entirety of the explanation:

Ref: SBL63950
222.127.223.0/24 is listed on the Spamhaus Block List (SBL)
23-Mar-2008 10:14 GMT | SR01

Proxy Hijacker

Spammer operating from 222.127.223.72, hijacking PCs in other networks for spamming.

——–

Removal Procedure
To have record SBL63950 (222.127.223.0/24) removed from the SBL, the Abuse/Security representative of globenet.com.ph (or the Internet Service Provider responsible for connectivity to 222.127.223.0/24) needs to contact the SBL Team to explain how the spam problem has been terminated. If the spam problem that caused this listing has been terminated we will normally remove the listing from the SBL.

So, a spammer using the same ISP as I do has been using the network or the set of IP addresses which the one I’m currently using right now to spread spam over the internet. Damn it!

There’s little I could for now because the problem, or rather the solution itself rests on my ISP, Globe Broadband to contact the SBL Team and work out a solution so that the IP range in question be cleaned and removed from the block list. Question now is, will Globe Broadband do something about it? Are they even aware of this issue?

Last month, I recall receiving a phone call from a Globe Broadband representative asking my if I was aware of anti-spamming techniques to protect my computer from attacks. This was part of their effort in ‘cleaning up’ their network to provide a ‘better broadband internet service to their customers’.

It seems that they either missed a spot or they need to clean up their networks again. This may be an issue isolated to blogs being protected by Bad Behavior because Akismet-protected blogs are not flagging my comments, as far as I can tell. I wonder if other Globe Broadband users are having the same or similar problems. I suppose it’s time to give them a wake up call once more.

• Spam killer plugins I used this 2006 (10)
• New Year wish: Improved Globe Broadband services (2)
• Updated: Globe Broadband denies capping P2P traffic (0)
• Globe doubles Internet Bandwidth – Have connections improved? (8)
• The Four-eyed Journal mobilized by MoFuse (4)

With the end of 2006, begins my second year of passionate blogging, problogging is still a few years away for me and right now there’s no sense rushing things. I’m just enjoying things as they are and right now, I’m even going to look back on some aspects of what blogging has been like for me this past 2006.

Spam! Spam! More spam! In less than a few weeks of starting this new blog of mine spammers have been feastiong on my comments form particularly the one for my now defunct guestbook – which was just a static WP page with the comments turned on.

Every single day I had the constant and routine, call it mundane task of moderating the comments flagged as spam in my blog. Rescuing the legitimate ones and then deleting the rest of it all which was nearly 98% of the daily total. Frustrating indeed.

In my resolve to banish spam from my blog, I resorted to various anti-spam plugins that has been blogged about as effective, easy-to-use and one that does not cause to much strain on the server.

This 2006, I went through to using three different anti-spam plugins. It would be four since I actually used Akismet in combination with another spam killer plugins of which I’m going to review in this post which is also my contribution to the ‘Reviews and Predictions‘ group writing project by Darren Rowse.

Spam Karma 2 was the very first anti-spam plugin I used asides from Akismet, which many bloggers would consider as an in-house anti-spam measure since it’s included in every version of WordPress. I thought SK2-Akismet tandem was the ultimate spam killing system that would protect my blog.

SK2 was good, even great. However, came June of 2006, when I moved my blog to this new .com.ph domain, I dropped Spam Karma 2 and settled for Akismet as my lone spam defense since SK2 started to show weakspots as a comment spam or two were eventually successfully posted. Legitimate comments from readers and friends were being flagged as spam, it even caused heavy strains on the server. Not to mention the amount of SQL database space it was eating up. I did not come to hate Spam Karma 2, I simply got tired of it, and it was a good run altogether.

With Spam Karma 2 decommissioned from my blog, I slugged it out against spammers with just Akismet doing the hard work. I even resigned to religously emptying the caught spam every single day. That’s from June up to late November of 2006 when I finally decided that it’s time to get a new anti-spam plugin to work along side Aksimet and finally free my blog from the scurge that is spam.

Peter’s Custom Anti-spam plugin came into servicing my blog during the blog reboot I had last week in which The Four-eyed Journal was re-born. I chose this spam preventing plugin because it prevents spam from being posted to begin with instead of just eating it up until I manually delete it. It’s based on a Captcha-like visual confirmation setup in which commenters are required to enter some text from a graphic that only humans could read. Results were excellent, my blog was virtually spam-less overnight.

However, I had some concerns with this plugin. Since it uses a Captcha-like method, it would require the server I’m hosted on to work extra hard to generate those images and then store them in a cache, meaning another CHMOD 777 folder in my account that’s just sitting there waiting to be exploited by hackers. More importantly, I started recieving complaints from readers that sometimes, it’s really hard to understand the word generated in the graphic. So I went on the prowl again for a replacement anti-spam plugin. One that would still use the prevent-spam-from-being-posted-to-begin-with method but without the need for a publicly writable folder or generating graphics that are too hard to understand.

It was Jaypee who gave me the lead to this anti-spam plugin I’m currently using; Matriphe’s KeyCode plugin. It generates a human friendly plain-text keycode instead of a jumbled or distorted word in a graphic to validate a commenter to be a real human instead of those blasted spammers.

It works as effectively as Spam Karma 2 and Peter’s Custom Anti-spam plugins in keeping comment spams at bay, but without the server added server strain, human incoveniecne and opening up the server to possible hack attacks. Plus, you could completely customize the keycodes to better suit your site’s theme, the your style and personality. I now see this plugin being used by a number of blogs on my blogroll. Further proof that this plugin, along with Akismet are powerful and effective tools against spam comments. Thanks to these plugins, I’m saying goodbye to a spammed 2006 and looking forward to a spam-free 2007.

• WP 2.7 and compatible plugins I use (7)
• Globe Broadband IP addresses blacklisted by Spamhaus Project (4)
• Friendster Blogs 2.0 – now powered by WordPress (5)
• Now powered by WordPress 2.6 Tyner (3)
• Now powered by WordPress 2.5 (9)