Spam proof your website and email address

-->

Fighting Spam on the Net

From the webmistress of VirtuallyIgnorant.com: I've had an email address with my ISP since 1984. As you may guess, it gets more than its share of spam/UCE. Unsolicited, commercial email is annoying at least, offending at worst, and a huge waste of internet resourses. This waste costs each and every single one of us webmasters and internet users, since our hosts and ISP's have to increase resources just to handle the bandwidth of junk mail. Ick.

The spam at my ISP email address got so bad that I resorted to rerouting it to my favorite spam filter service Spamcop.net. Spamcop cleans up my email with all the filters I choose, plus any custom filters I want to add. I occasionally log in and delete all the held mail, and it's been rare that SpamCop has been wrong. In case of a mistaken spam address, I add it to my custom "whitelist".

Another option is MailWasher, which includes the ability to "bounce" your messages as if the email address is wrong. Personally, I don't want any of the spam on my system, that's why I like Spamcop, but you may prefer Mailwasher.

Below is a reprint of an excellent article on Spam-Proofing your Website. I wish I'd read this when I was starting VirtuallyIgnorant.com!

Spam-Proofing Your Website
By Dan Thies
Anyone who operates their own website knows that you need to provide a way for visitors to contact you by email. The big challenge is providing easy email access to your visitors, without letting junk mail (SPAM) flood your email inbox. The techniques described in this article have enabled me to dramatically reduce the amount of junk mail I receive on all of my websites.

Preparing and Pre-Empting
You need a couple things before you can really take effective action against SPAM. Your email software must be capable of filtering incoming email. All of the major email applications (such as Eudora, Outlook, and Pegasus) support filtering. We will use multiple email addresses to allow us to filter out SPAM and identify the source - you can't combat SPAM effectively without them.

You need to use a website hosting provider that allows unlimited email aliases or addresses, and/or a catch-all email address. An "alias" is an email address that forwards to some other address (for example, webmaster@domain.com forwarding to your real email address). A "catch-all" email address will forward any emails sent to unknown addresses in your domain. I just use the catch-all, so that every message goes to my real email address. If you have more than a one-person operation, however, multiple accounts and aliases are pretty much a necessity.

Fighting Back
The first step in fighting back against the spammers is understanding where they get your email address. You must diligently protect your email address, if you ever hope to stop them. Once your email address gets into the wrong hands, it will be sold on CD-ROM (via junk mail, of course) to thousands of spammers. Once that happens, you've lost the fight.

Spam Source #1: Domain Name Registrations
When you register a domain name, you must provide a contact email address. If you give them your real email address, you've just given it to everyone, including the spammers. Instead, use a portable email address (like Hotmail) to set up your domain. If you have multiple domains, you can also use an alias (domains@yourdomain.com) on your primary domain for all registrations. With an alias, you can use your email software to filter out and save any emails that come to that address from your registrar's domain.

Spam Source #2: Web Forms & Email Newsletters
If you give your real email address on any web form, or use it to subscribe to an email newsletter, you are asking for trouble. Instead, create a unique email address for each website or newsletter. I just use the website's domain name for this. For example, if you subscribe to VirtuallyIgnorant's GetWebSmart Newsletter as "getwebsmart@yourdomain.com" and let your catch-all address route it to you, you will always know where the email came from. If that address ever starts receiving junk mail, you can filter it out using your email software. If you submit to search engines or free-for-all links pages (FFA's), use a unique email address.

Spam Source #3: Your Website
The biggest source of email addresses used by spammers is your website. Most websites list multiple contact addresses, etc. Any time an email address appears on your website in plain text, even if it's hidden in a JavaScript or form field, you're opening yourself up to having that email address captured.

The Big Battle: Securing Your Website From Spambots
Almost every website operator wants search engine spiders to visit. After all, search engines are the best source of free traffic on the web. In the event that you don't want them to visit, they are easily kept at bay with a properly formatted "robots.txt" file.

Unfortunately, there's another group of spiders out there crawling the web, with an entirely different purpose. These are the spiders that visit site after site, collecting email addresses. You may know them as spambots, email harvesters, or any number of unpublishable names.

When it comes to controlling these rogue spiders, a robots.txt file simply won't get the job done. In fact, most spam robots ignore robots.txt. That doesn't mean you have to give up, and just let them have their way. The following techniques will stop these spiders in their tracks.

Technique #1: Use JavaScript To Mask Email Addresses
One of the weaknesses that spiders of all kinds suffer from is an inability to process scripts. Adding a small snippet of JavaScript in place of an email address effectively renders the address invisible to spiders, while leaving it accessible to your visitors with all but the most primitive web browsers.

In the three examples below, simply substitute your username (the first half of your email address, everything before the @ symbol) and your hostname (everything after the @ symbol). To use the scripts, just insert them into your page's HTML wherever you need them to be displayed.

Example 1: Creating A Spam-Proof Mailto Link
This snippet of JavaScript code creates a clickable link that launches the visitor's email application, assuming that their system is configured to work with "mailto:" hyperlinks. You can replace the link text with your own message, but see example 2 if you want to display your email address as the link text.

Example 2: A Spam-Proof Mailto Link With Your Email Address Showing
Some visitors won't be able to use a mailto link. This snippet shows your email address in the link so they can copy and paste, or type it by hand:

Example 3: Display Your Email Address Without A Mailto Link
Here's a snippet that displays your email address a clickable link:

***Station Identification Break***
Spam has reached epidemic levels -- so much so that ISPs have been forced to combat it with filtering software. Alas, much like the hapless dolphin that gets caught in the tuna nets, so too are legitimate marketers getting caught up and hurt, even though they are not the target.
E-mail is the lifeline that connects marketers to their customers, affiliates, and prospective clients. It is so vital, one really can't function effectively without it.
Enter SBI!'s new feature... SpamCheck.
STEP 1:You must put "TEST" (without the quotes, in UPPER CASE) at the beginning of the subject line of your e-mail, otherwise it will be treated as spam, and simply deleted. Example: TESTGetWebSmart Newsletter: Fighting Spam on the Internet.
Step 2: Copy and paste the the content of your newsletter as you plan on sending it.
Anyone can send a newsletter (or an e-mail of any sort, for that matter) to this specially formatted autoresponder, and receive SpamAssassin's report back in seconds, minutes if the volume is heavy.
So check out your newsletter before you send it at this great spam-checker. Make sure your email will get to its destination: send email to spamcheck-virtuallyignorant@sitesell.net
p.s. This newsletter scored 3.8 out of 10, largely because of the mention of the guest author's business at the bottom. Since that is still way under the filter levels, and credit is due to the man who wrote the article, I've left in the description.

Technique #2: Use A Contact Form
Sometimes, the sheer volume of legitimate email from real visitors can become a burden. In this case, a simple solution is to remove your email address from your site entirely, and use a contact form. There are dozens of free ASP, Perl, and PHP scripts available online that will allow your users to fill in a form, and send you an email. Most hosting providers now offer this service for free to their customers.

A contact form can enable you to deal with a higher volume of mail, by allowing you to pre-sort different types of message. This is easily accomplished by creating a drop-down menu with different options (e.g. customer service, billing, tech support, etc.) that will populate the subject line of the email message, and/or change the email address to which the form is sent.

Since many spambots simply read the entire HTML source of the page, looking for anything that looks like an email address, your contact form may not protect you, if you include your email address in the HTML for your contact form (for example, as a hidden field). You can use JavaScript, as in the example below, to mask the address, or if you have the skill, you can embed the email address in your form processing script, where nobody can find it.

Example 4: Masking The Email Address In A Form Field
Instead of simply listing your email address in a form field, use the snippet below to replace the form field that contains your email address.

Thanks for reading...
I hope that this tutorial has given you a clear understanding of how to protect your website, and your email address, from spammers and spambots. If you have any questions about this article, feel free to contact me through my website. The (spam-proof) email link can be found at the bottom of my home page.

About The Author
Dan Thies has been helping his clients (and friends) promote their websites since 1996. His latest book, Search Engine Optimization Fast Start , offers a simple, step by step plan to increase your website's search engine traffic.

RECOMMENDED LINKS

Make Your Site Sell 2002!

The BIBLE of Internet Marketing has been expanded and updated! For an investment that will pay for itself many times over, you'll want to own Make Your Site Sell 2002 by Ken Evoy.

Learn how to:

choose products that sell profitably
promote your site effectively
turn visitors into customers
avoid costly mistakes

You'll also learn how to make money with affiliate marketing. Thousands of online merchants pay commissions to other websites for hosting their links and sending customers. You can be one of them. (Hint: SiteSell itself has one of the web's best affiliate programs.)

Own your copy in minutes!

A gold mine of information and ideas, Make Your Site Sell 2002will pay for itself many times over. Even experienced marketers will pick up valuable new insights.

Check out SiteSell's great freebies ...

Sign up for SiteSell's free five-day email courses. Treat yourself to some top-notch marketing advice in your mail. They're delivered by autoresponder - just send a blank email to request one or all of these free courses: Affiliate Masters | Netwriting Masters | InfoProduct Masters | Pricing Masters

Take some time to explore the SiteSell site and check out ALL their excellent resources. If you're still reading, CLICK HERE!

Other Articles on this site:

Link Exchanging Your Way to the Top -- By Elizabeth Archambault

Paid Inclusion Tips

-- Is paid inclusion worth it? Guest article.

Getting Started on Your Own Website -- A-Z your VirtuallyIgnorant guide.