Print This Post Print This Post

7th January 2008

Keeping On Top Of SPAM

posted in Strategies |

A client sent me an email today noticing an increase in the amount of spam they were getting, and wondered what they could do about it. Ahh… the eternal question! Here are some of my thoughts on dealing with spam!

To understand how to fight spam, you’ve got to know how they get your email address in the first place. There are several main ways spammers “get” your email address:

  1. By robots “harvesting” it from your web site

  2. By you giving your email address to somebody at a web site (and they use it unethically) or it is published on a public page which robots can access to harvest (See above)

  3. By friends using your email address to send you a “greeting” card (many of these sites can also be front ends for unethical operators)

  4. By “dictionary attack” where spammers send email to everywordinthedictionary@yourdomain.com and hope that a tiny percentage get through (and there’s not much you can really do to prevent this happening)

  5. By various worms etc which get onto other people’s computers/email programs and then send messages to everyone in their address book, and maybe even back to base!!!

What Can You Do About These?

  1. do NOT publish email addresses on your web site - or ONLY publish a throwaway address which is exclusively for your web site, and which can be easily changed to another one if too much spam starts coming in! Alternatively, if you MUST have your email address on your site, make it an IMAGE, or create it using javascript - both methods are pretty safe from spambots!

  2. If you must sign up for or subscribe to anything at a web site, do NOT use your main email address. Most web servers allow you to have aliases (preferably unlimited number of them) so that for each thing you sign up for, set up a specific alias for that service only, and then forward that alias to your main account. If you start getting spammed at that address, you know where it cames from and can kill the email address and the subscription.

    For example, if you signed up for our email Feeds… use the alias NMTB@yourdomain.com as the address when you sign up. That way, if Feedburner ever went troppo and started spamming people (unlikely) then you have an easy out!

    Some people suggest you use hotmail, yahoo or gmail accounts to sign up for things online… the trouble with that is that often they automatically filter out mail that is sent by a server - i.e. the confirmation email for the course you just signed up for - and you’ll never get it. That’s something to remember when you set up your own auto-responder service - use a facility that has a good reputation for email delivery otherwise you could get labeled as a spammer.

  3. Friends who send you “greeting” cards or forward joke emails can be a pain in the butt at times. Make sure you never give them your business email address. Always have a separate personal email address/alias which you can easily kill if things get messy.

  4. There’s not much you can do to avoid receiving emails that find their way into your inbox through a dictionary attack… unless your email address is made up of a word NOT in the dictionary… which could look a little strange in a business.

  5. Normal PC security measures will prevent your computer from being the source of such a problem - i.e. keeping your AVG Anti-virus and SpyBot UP TO DATE! And remember… don’t open emails and attachments from “friends” until you’ve checked they are legit (especially if you get it through Messenger)

How Else Can You Fight Spam?

Keep your main email address for clients ONLY… or set up a new email address for clients only. That way, their mail (which is more important) will not get buried under a pile of spam.

Configure Spam Assassin on your web server, and have it set to at least the default level of 5. Any higher than that (1-4) you run the risk of killing legitimate email. Spam Assassin will catch a significant portion of (but NOT all) the spam that gets to your domain (as this report attests).

If your email client allows it, manually mark any incoming spam received as “junk” mail. Eventually it will learn what to do and automatically move the junk to a spam folder. However you do need to check your junk folder every day still, in case a real message got caught.

Annoying case scenario… subscribe to a spam arrest service which makes the sender acknowledge by email that they are a “real” person before their email will be delivered to you - that is usually only a one-time approval needed - future emails from that person’s email address should get through.

Best/worst case scenario - kill the address completely and create a new one, being careful never to give it to anyone that doesn’t matter! Problem with this is that you need to keep the OLD one for a few months to make sure you manually notify the people who need to know, of the change - i.e. don’t use an auto-responder type notification as the new address will only end up on another spam database! And use aliases as described above for any new services/subscriptions you sign up for.

As far as blocking spam email, or “bouncing” it, or configuring “rules” to deal with it… it’s usually a waste of time, and can even crash your email client if you have too many emails/rules etc for it to cope with.

Blocking the sender is a waste of time as often the sender’s details are forged and change constantly. So all that is probably NOT worth even trying, especially if you receive a HUGE amount of email like I do with 400+ a day!!!!

Most of the time you just have to grin and bear it, because as soon as they get blocked by one technique, they’ll use another to get past the filters…

And problems with spam are one reason why I strongly recommend people NEVER put an email address on a business card or other official business stationery - because if you have to change it, there’s an added expense from reprinting your stationery.

Sorry, but that is all I can suggest for now. You have to remain vigilant… or it’ll drown ya!

Oh… by the way, here’s a report I did on the spam I received over the recent holiday break! It was quite interesting to see what I did actually get!

If you’ve got any innovative ways of dealing with spam, please let everyone know by commenting below!

Tags: 

Popularity: 53% [?]

This entry was posted on Monday, January 7th, 2008 at 2:22 pm and is filed under Strategies. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

There are currently 4 responses to “Keeping On Top Of SPAM”

Why not let us know what you think by adding your own comment! Your opinion is as valid as anyone elses, so come on... let us know what you think.

  1. 1 On February 3rd, 2008, Chris Ryan said:

    Hi I personally use a contact form on my site.
    All it says on the site is Contact Chris or
    something like that.

    I know that my web host warns me if I put my
    email address on the site because this way does
    lead to getting heaps of spam.

    I have never received any spam from my site and
    that’s great.

    If your web host does not give you forms for
    vistors who want to contact you then I suggest
    that you change web hosting programs.
    Regards Chris.

  2. 2 On February 17th, 2008, Max said:

    I still get 300 - 500 spam messages a day with Spam Assassin. What do I do now?

  3. 3 On February 17th, 2008, Stephen Spry said:

    Hi Max.

    Yeah - I’m still getting truckloads too! It looks like drastic measures are needed here.

    If you have multiple email addresses which are the source of the spam, can you determine which ones or the main culprits? Start with them!

    First up, create a new “public” email address. This will replace your current address wherever is published on web sites you own. Only this time, don’t make it clickable - use the web @ yourdomain.com or web [at] yourdomain.com format.

    A better alternative - set up ONE contact page with a form on it, and wherever your email address appears, link it to this new page with the new address.

    Next, create a new address for your main account.

    Use this for your outgoing email (reply-to address) on all new messages you send out. Tell only the important people on your address book about your new address.

    Over the next few months… if something really important comes into the old address, work out how to change it to your new one.

    Eventually, you’ll be able to kill off the old one.

    Good luck,
    Stephen

  4. 4 On March 28th, 2008, What’s Your Email Address Say About You? : Online Marketing Fundamentals said:

    […] are a couple of recent posts I made on the spam issue:lots of EXTRA hints for dealing with spam and a report on the spam I got over Christmas/New Year […]

Leave a Reply

  • Daily Digest

  • Enter your email address to get new posts sent daily:

Spread the Word
delicious
digg
technorati
reddit
magnolia
stumbleupon
yahoo
google

  • Advertising

    • rss posts