Stopping Spam

 

Spam is unsolicited commercial email. Spam is a major problem for any Internet user today. Not only is it time-consuming to identify and delete, it also can carry trojans, viruses, and hidden programs into your system.

Your primary strategy for stopping spam is a strong defense. You should have a strong spam filter at your hosting system as well as on your personal computer and each computer in your business or home. You should have anti-virus software installed and updated frequently, and both a hardware and software firewall installed. Also you should be using spyware frequently to check for hidden software that gets by your antivirus and firewalls. This is cheap insurance compared to what it costs to rebuild your entire operating system after a trojan hits.

Now let's look at a few strategies to eliminate your spam.

No Addresses on Your Web Page

First, if you have a web site NEVER put your email address in an unencrypted form on any of your web pages. Spammers use bots to scan and check for any addresses on web pages. This means you need to encrypt your address. There are several ways to do this:

1. Use JavaScript. For some free scripts for this, see http://www.needscripts.com/JavaScript/Scripts_and_Programs/Email_Scripts/index.html.

2. Unicode your address. This converts your email address to unicode. For more information and a free program for doing this see:
http://fantomaster.com/fafree0.html

3. Use a form. This allows you to get more than just the email address and have more control over the user's input. Remember, you will never see most of your visitors again. Design your site to get information from your visitors so you can build a relationship. A word of caution here, however. Forms require a hidden variable sent from your web page to the form processing program on your host. This variable defines the destination of the form's contents. In the default mode, this is your email address. Although this isn't displayed on the web page, it is there in the source code of your web page. For the sites we design, we use a special form processing program (cgi) with a configuration program that converts the hidden email address in the HTML code to a real address. In other words, the spammer's scanning bot gets only a virtual address that doesn't work. This is our favorite method of protecting our address but is only available to our own clients if they use our hosting service.

Never Let Anyone Else Display Your Address

You may write articles to publish on the Internet and permit other sites to use the articles if they provide a link to your site. The article should only show your web site address (URL) - never including an email address.

Do a search using the engines to be sure your email address isn't out there in cyberland. If you find it, request the user remove it. Never give your email address for any online web page.

Protect Your Email Box on Your Host

Assume your domain is mydomain.com with a mailing address fido@mydomain.com. In a default mode if somebody sends mail to nobody@mydomain.com it will fall through to your default mailbox. Tell your host to turn this off. You only want mail specifically addressed to you to fall through to your inbox; that is, only the mail to fido@mydomain.com.

Cloak Your Domain Register

When you register your domain, you give them your administrative and technical email address. Anyone who queries the whois register can find it. Try going to http://www.samspade.org/ and enter your own domain name. Watch your email address pop up. This is another easy way a spammer can get your address.

To block this, get a free email address (such as from hotmail) and use it with the register. You can also set up a second temporary email address on your host and use it in the same way. When the spam starts, drop this address and set up another.

You can use this same web site to find who is spamming you. An email may refer you to a web site to purchase a service or product. Entering the domain name to this web site will return the postal address and email of the spamming site. Sometimes, however, a spammer may choose a blind domain and you won't be able to find the address. In this case, you will have to file the IP with the Federal Trade Commission and let them trace it.

You can set your own domain up as a blind domain for about $8 a year if you are hosting with us. If you do this, spammers can't get your email address from the domain register.

Watch Your Sending Email Address

Every email address you are using to receive mail is also a sending address. When you send using this address, you recipient can trap this as a valid address. Every piece of email you send has the potential of providing a spammer with your address. Also, if you send an email and the recipient forwards it, there goes your email address to another party.

To solve this, send using your temporary address (whether on hotmail or your own host) and change this when the spammers find it.

In the same way, when responding to contests or other online requests for your email use the temporary email address that you change often. Keep your primary email address closely guarded and use only for business purposes to known recipients.

Go on the Offensive

Our own web sites are no-spam web sites. What this means is that if you spam us and it gets through our filters, you lose. We put the IPs of known spammers in an online public database for hackers to use for virus development, trojans, and denial of service attacks. In essence, we network with others using blogs to kill the spamming hosts. Moreover, this kills the hosting site for the spamming IP as well, exposing the spammer to liabilities to their host. In addition, if the spammer is selling the email address he (or she) is exposed to liabilities from anyone else using the address. Normal users emailing our site do not need to worry. We are talking about spammers who deliberately violate the CAN-SPAM act or are involved in fraud. Our black list database is online at http://www.creatingnewworlds.org/stopspam.cfm. At the request of the FTC, we generally do not notify spammers or spamming hosts when they are put on this list. The FTC wants to find them before they change to another IP. In the case of fraud or phishing, we notify the respective company such as eBay or PayPal.

Our no-spam list is periodically sent to the Federal Communications Commission and to my senators. I expect my senators to put stronger laws down for spam, such as Germany's $65,000/per spam fine. So far they haven't, so I look for someone to run who will stand up in Congress and stop this when I vote in 2008. I also get the mailing addresses of the spammers and send the information to the state attorney generals from where the spammer operates. This offense if financed by charging any spammer if they wish to be removed from the database.

If more people maintained their own black lists in this way the spamming IPs would be destroyed. Many companies are already doi this. It does take a little technical skill to set it up, but managing it doesn't take much time. Sending the letters is, however, time consuming. This also kills IPs, however, leaving fewer IPs that aren't killed. What does work, however, is posting a link to my black list of spamming hosts on hundreds of blogs. The hosts don't like this at all; but it is legal and we have free press.

Let us Help You with Your Web Site Design or Analyze Your Current Web Site...

Let us Help You Get a Great Position in the Search Engines...


Do Your Own Search Engine Positioning and Save!....

Portland web design



All Rights Reserved
Copyright 2007, Oregon Professional Microsystems
Located in the Portland, Oregon Metro area
(503) 697-4773

 



Improved search engine positioning

Get the
e-Book and
Sky-Rocket
Your Traffic!