Unfortunately, it appears that the problem of spam is here to stay. As if that thought’s not bad enough, the volume and the offensive nature of this questionable practice seems to be increasing at an exponential rate. We receive a lot of questions about this problem and its solution. The short answer is that there probably is no 100% fool-proof solution, but implementing the suggestions that appear below can help to reduce it.
- Never publish your e-mail address on your web site
The primary way that spammers obtain your e-mail address is through the use of spambots, or spiders, that scour the web searching for the @ sign — the telltale indicator of an e-mail address. These spiders search the source code of your page and harvest everything that looks like it might be an e-mail address. The only way to avoid having your address harvested in this way is not to publish it there in the first place.
Of course, you probably do want potential customers and other visitors to be able to contact you. At first glance, the suggestion not to publish your e-mail address might seem self-defeating, but there is an alternative …
- Use Mail Forms Instead of Mailto Links to Provide a Contact Method
CGIEmail is a powerful, yet easy-to-use mail form processor that’s installed free on all of our accounts. In addition to thwarting the spambots, CGIEmail allows you to require certain information from your correspondents and it provides formatting options for incoming e-mail.
Instructions for configuring and using CGIEmail are available in the Hosting Manual at https://www.hostingmanual.net/cgi/cgiemail.shtml
- Disable catch-all mail forwarding
Spammers often send their junk to random addresses at your domain. With catch-all aliasing enabled, all of this spam is delivered to your default catch-all account. If you disable the catch-all feature, spam addressed to random, non-active e-mail addresses will simply be deleted before it reaches your account. If you do choose to disable catch-all forwarding, be sure that you have created an e-mail user account or e-mail forward for all of the addresses that you do want to receive incoming e-mail.
- Never follow the “unsubscribe instructions” contained in a spam e-mail.
… unless you specifically recognize that you voluntarily subscribed to the list in the first place. Spammers often use bogus “unsubscribe instructions” to verify that your e-mail address is working. Following these bogus instructions will most likely result in your e-mail address being added to even more spam lists.
- Don’t forward chain-letters, virus warnings, etc.
Most chain letters and virus warnings that you receive by e-mail are either hoaxes, or they are initiated by spam houses for the intent of getting every email address you know. Chain letters spread like wildfire and always tend to end up right back at the spam house, with the email address of everyone it was sent to. Before you take any action regarding an unsolicited virus warning, check the validity of the warning at http://www.sarc.com/. We’ve never received a virus warning by e-mail that didn’t turn out to be a hoax; and many of these hoaxes advise you to delete key system files that will end up damaging your computer (and the computers of all your friends that you forwarded the bogus warning to.)
- Use POP E-mail Accounts & E-Mail Fowarding Creatively
Another popular way of harvesting e-mail addresses is through your own correspondence. Every time you purchase something online or e-mail a company or organization, your e-mail address is available for addition to a mailing list. Don’t put too much faith in the privacy statements of web sites that you don’t have experience with. Spammers make their living by theft and deception — they’re certainly not beyond providing false information in their privacy statements.
All of our accounts come with free e-mail forwarding and free additional POP e-mail accounts. You can use these features to your advantage in your fight against spam:
First, create a new POP user just for the purpose of collecting spam. We named one of ours firstname.lastname@example.org, but you can call yours anything you want — you’re never going to use it for anything but collecting spam, anyway.
Now, take a look at the spam you’re receiving and notice the address it’s being sent to. In many cases, spammers grab your domain name and just make up addresses to attach to it. When you notice spam addressed to an e-mail address that you do not need for regular business or personal use, create an e-mail forward that redirects mail sent to that address to the spam-catching POP account you created in the preceding step.
The spammers often harvest addresses from the domain name WHOIS system, grabbing your administrative, billing, and technical contact e-mail addresses to add to their lists. Use a unique e-mail forward for your contact information, and when the spam begins to arrive at that address, change your domain name record to reflect a new forwarded address, and redirect the old address to the spam-catcher POP.
Whenever you order a product or service online, create a unique e-mail forward for the company you’re ordering from. For example, if you’re ordering a CD from amazon.com, use email@example.com when you register with them (don’t forget to replace yourdomainname.com with your actual domain name; and don’t forget to create an e-mail forward to deliver mail to a valid POP account.) This approach provides two benefits: 1) it allows you to redirect that address to your spam-catcher if you start receiving spam; and 2) it will let you know who’s selling your personal information to spammers — you can then decide whether those companies are deserving of your trust and future business.
[NOTE: Eventually, your spam-catcher POP account will fill up and exceed its 10 MB quota. When this happens, e-mail that’s sent to that POP account will begin “bouncing back” with an error message to the sender. Don’t worry about that — it won’t hurt anything. If the spammers actually provide a valid return address (which almost none do), the bounce will serve as notice that you’re not accepting their mail.]
- Use Spam-Filtering Software
Your Domain Host accounts include free SpamAssassin spam-filtering software, which can be configured by individual users through the webmail interface (www.yourdomainname.com/webmail/).
- Use an External Spam-Filtering Service
Several services are now available that will filter your e-mail for you (for a fee). Most of them allow you to set up a “whitelist” of all addresses that you want delivered automatically. Senders that do not appear on your “whitelist” are sent an automatic response informing them that they have to log in at the service’s web site and “prove” that they’re a human and not a spambot. If the sender complies, the mail is delivered (and you then have the opportunity to add the sender to a blacklist if you no longer want to receive mail from that sender.
These services are very effective at blocking spam. The downside is that it does result in some inconvenience to your correspondents.
The most popular spam-filtering service is: Spamassassin.apache.org