The first step is finding out who to complain to. This can be a little bit complicated, as spammers will commonly use a few mechanisms to hide their tracks. Unfortunately, replying to an email or complaining to the person who is listed as the contact for the email will not often result in anything other than a waste of your time. You should thus complain directly to the internet service provider of the spam's originator, unless you think that the sender is actually ignorant, rather than disobedient, of email practices, whereupon you might try complaining to the sender directly.

Finding out who to complain to can be broken down into several steps. The first one is determining the domain name the spammers are using. One good place to look is the body of the message if it includes an email address to reply to or a web page to look at. This will often be via a different provider than the one used to send the spam, but many providers forbid either use of their services by spammers.

To find out where the spam originates, tell your mail program to display all the headers and look at the "Received" lines. Different mail programs use different mechanisms to view the source of an email.

• If you are using Microsoft Outlook, then you'll need to double-click the email in question, then click on VIEW and OPTIONS in the new window that opened.
• If you are using Outlook Express, you'll need to right-click the message in the message list, and click PROPERTIES.
• If you are using Netscape Messenger, click on View, then HEADERS, and ALL.

You will then be presented with either the full message headers and content in the main viewer, or a small window that has a lot of text in it. Copy and paste all this new text into a new email. If you can't figure out how to view the source of an email in your program, you should probably look up the word 'headers' or 'source' in the help file for your program.

If you do not include the full headers of the message you are complaining about, it is unlikely that the provider will be able to take any action. Like any justice system, one needs evidence to prosecute. Without the headers (and message content), the abuse department that you're complaining to won't be able to do anything.

Once you've copied and pasted the content into a new message, you'll want to look at all of the Received: lines. These lines will tell you what servers were used to pass the email from the sender to the recipient. The last Received: line will be the one that you want to focus on. On this line, there will be an IP address like 10.25.122.46, and possibly a name like mail.example.com - where example.com would be the originating domain name of the server that was used.

There are a few things that you can do to verify this information like using the "dig" and "nslookup" tools if you want to take more technical steps (and are familiar with how to do so). If you don't know what this means, don't worry, and keep reading.

Once you have a suspect domain name, try to find out what kind of organization has that name. You can begin by opening a web browser and typing http://www.example.com (where you would replace example.com with the domain name in question). If they have a spam policy and reporting mechanism, then you're all set. Just send them the source of the spam message.

Be polite. This is very important -- you catch more flies with honey than vinegar. A good generic wording is "This is unsolicited, undesired email. Please take appropriate actions to stop it, or see spam.abuse.net for how/why you should" or take a look at a sample complaint letter. You might want to tailor your message if you have more knowledge of the provider's position on spam. Keep in mind that the people who read the abuse complaints are not there to be abused, they're there to stop the abuse.

After you send your complaint you probably won't get any response. But this doesn't necessarily mean that the provider has taken no action; often when there is a spammer at their site they are overwhelmed with complaints and find it difficult to acknowledge each one.

If you do get a response (such as "this would appear to violate our terms of service and we're looking into it" or "we have terminated the account of the spammer"), either send back a thank you or not, at your option. There is something to be said for letting the providers know that we appreciate their actions, but on the other hand these people get a lot of e-mail about spam complaints and it might be preferable not to increase the volume.