 10. Webmasters should ‘hide’ e-mails Webmasters (website managers) often need to display e-mail contacts, yet (as per the above warnings) this can make those addresses vulnerable. The best thing to do is hide the address using 'character entity evasion' or a similar method of public encryption in your MAILTO command. A free online 'generator' for such addresses can be found here: http://www.mways.co.uk/prog/hidemail.php 11. Webmasters should create a junk e-mails file This is a large publicly accessible .txt or .html file on your site with as many ‘incorrect’ addresses listed inside as possible. This doesn’t so much cut down on SPAM as cause an additional headache for the automated systems that hunt for publicly accessible addresses. 12. Use client-side anti-SPAM software If and ONLY if the SPAM you receive is at an unmanageable level, then consider a client-side solution. Most integrate directly with popular e-mail software, such as Eudora and MS Outlook; filtering junk in a method that you choose and control. Unfortunately, much like server-side solutions, these systems are far from perfect and will often remove legitimate messages. However, you can usually specify that messages identified as SPAM be moved to a different folder, thus cutting down on your e-mail management time and allowing you to vet what is and isn’t junk. A number of client-side solutions can be found listed here: It's worth pointing out that some clients, such as Mozilla's excellent Thunderbird package, include rudimentary anti-SPAM filtering as standard. This is well worth considering instead of the rubbish Microsoft usually manages to bundle with its operating software (Outlook Express etc.). 13. Changing e-mail & proper use of the "Address Book" feature Shockingly most people never even touch the “Address Book” feature of their e-mail software, which would be a mistake. It’s usually wise to keep at least one list of important contacts (family, friends, work etc.) in your address book. This allows you to quickly and easily send a message to multiple people at once, speeding up the process of communicating any address changes you may need to make. This is far easier than waiting until a later date and having to trawl through years of past messages to pick out those of relevance. Sooner or later you may need to take the big step and setup a new address rather than remain with a SPAM deluged one. This is difficult enough, but the above tip could save hours of hassle. 14. Keep your PC secure and up to date SPAM isn’t just distributed by unscrupulous individuals, it can also be sent on mass following infection by malicious software (Trojans, viruses etc.). Typically all computers on the Internet are vulnerable and thus any infection of your system is likely to harm others as the malicious code often utilizes the user’s computer to spread to others through e-mail. Hence it is essential that everybody use anti-virus software and stay up to date with the latest security patches. Automated update methods are built into most modern software, but you must make sure they are enabled. 15. Custom legitimate messages filter (submitted by John). Spam filters frequently misidentify legitimate messages as spam, placing them in the bulk folder where they are either overlooked or found only after a time-consuming trawl. This technique, which I call Recipient Header Verification, reduces the incidence of these false positives, and can be used by anyone using an anti-spam system permitting user-defined filters. It works by checking that the To or CC header in the message contains an appropriate phrase, such as the display name (sometimes in quotation marks). This is distinct from the email address itself, which is often enclosed in angle brackets. Message headers are formatted automatically thus by most email software, e.g. Fred Smith <fsmith@some.isp.com> Spammers often harvest email addresses, but not the display names. They either omit the display name, guess one from the email address, or just make something up e.g. To: <fsmith@some.isp.com> However, in legitimate messages, the display names (if present) are usually valid. By means of a filter on the display name in the TO or CC line, these messages can bypass the normal spam checks, e.g. If... TO/CC contains "Fred Smith" (case sensitive) Then... Move message to Inbox folder (N.B. The above filter should work whether or not the name in the header is included in quotation marks) Ideally, the display name should include a character string which is not in the email address, to make it harder for the spammer to guess correctly. This display name should be included in the FROM header of all messages sent by the user, as this will be included in the entry in recipients' address books, and hence in return messages. Note: Messages from AOL may still be misidentified, as address headers in AOL messages do not seem to contain display names. There may be others too. -------------------------------- None of the above tips are complete solutions; they’re merely designed to give you an idea of how to avoid the bulk of junk e-mails. Remember, even if you don’t get any SPAM, that doesn’t mean to say you won’t in the future. Following this guide could save you a lot of trouble later on.
Have something to say? Check out the ISP Review Forum -->
http://www.ispreview.co.uk/talk |