Securing Your Website Against Spammers
The other major source, and by far the biggest source of email addresses for spammers is of course the mailto links on your own website. Email address harvesting or extraction software as it’s known is cheap, easy to use, and readily available … and it’s very effective. That means there are a lot of spammers out there with easy access to your email address.
Chances are hundreds or even thousands of spammers using such software have already harvested your address. And what can you do about this You need to provide a way for your customers to reach you by email, or youll lose business. There are steps you can take to prevent your email address from being harvested and used by spammers though, while still providing legitimate visitors to your site with a way to email you.
One solution is to make all the mailto links on your site point to a form instead, which will still provide a means for people to send you email. Provided you use a CGI script that doesn’t require the address to be embedded within the form itself, you can shield your address from email address extractors.
If you don’t want to require people to fill out a form to email you from your website, then you can get a little more creative. It is possible to put a mailto link on your site that when clicked will still launch the sender’s email program, and start a new message with your address in the To field … but without having to embed your email address in the mailto link where spam software can snatch it. Click below to see an example of how it works.
It looks like a normal URL, and theres clearly no email address anywhere in the link, but when clicked, instead of loading a web page in your browser as you may have expected, your email program opens up.
How’s that possible you might ask Simple. A little magic with CGI using Perl or PHP will do the trick. A free copy of a script that does this is bundled with Postmaster Pro, available at http://www.postmasterpro.com which is discussed below.
What About Spammers Who Already Have My Address
So far we’ve discussed a few fairly simple techniques designed to prevent spammers from obtaining your email address in the first place. But, how do you deal with the spam you’re already getting Your address is already out there. The solution is to either block or filter.
For either, youll need software. For blocking, I recommend Postmaster Pro. If you prefer to filter then Spam Assassin is highly recommended. Both run on the server, so there is no need to download spam before filtering it out. Thats a huge time saver if youre not yet on a high-speed connection. It also makes it a bit less likely youll end up downloading a virus since email from untrusted senders, i.e. spammers will be significantly reduced.
Spam Blocking Software
Postmaster Pro which is available at http://www.postmasterpro.com takes a novel approach to blocking spam. It only allows email to be delivered after people who’ve sent you email have been placed on an approved sender list. But the interesting thing is that people who send you email can put themselves on your approved list. This is done simply by clicking a link in an email that automatically gets sent to them the first time they send email to you, which is perfect for those of us who don’t know in advance whom we should put on the approved list, i.e. if you’re running a business online. It also makes building and maintaining such a list very simple.
Given the fact that spammers normally use invalid return addresses, and those who do use valid return addresses seldom read email thats sent there, let alone respond to it they receive thousands of failed delivery notifications, complaints, remove requests, and autoresponder messages every time they do a mailing … it’s a very effective technique with no chance of blocking legitimate email, as is the case with filtering.
Spam Filtering Software
For those who would prefer to filter ... Spam Assassin is perhaps the best option. It is available at http://www.spamassassin.org. Once you have Spam Assassin installed, it will provide you with very powerful and flexible filtering tools. Spam Assassin is a mature product, having been around for quite some time. If you’re going to filter, Spam Assassin is about as good as it gets.
As with any filter though, you do run the risk of missing legitimate email from time to time. There really isnt a good way to tell how often this is happening unless you want to read all the email that gets filtered out, which negates the whole point of filtering. If you set your filters permissively enough though, you should be reasonably safe. For the first month or so after installing any filter, you should continue to read every single email in order to make sure it isnt set too restrictively to allow legitimate email through.
By using the techniques mentioned in this article, you can take back your
mailbox, and dramatically reduce, if not eliminate spam.
Sean Proske is the CEO and founding partner of thewebhostcompany.com which has provided reliable and affordable hosting since 1996.