Spam vermin

Ian Barley

Member
Messages
562
Some piece of spam vermin has, once again, used one of my business email addresses as a return address on the e-mails he is spawning. So far today I have deleted over 600 "delivery failure" notices. This waste of good DNA has picked up my address from a contact on my website which , sadly, needs to be visible in order to run my business.

Unfortunately, there are sufficient of these sadsacks still sucking air that this happens to me 4 or 5 times a year and I usually end up with a couple of thousand delivery failures each time. All the research that I have done to date about what I can do about this can be summarised into the two words "Tough luck". I just wanted to post the question here as to whether any of you erudite ladies and gentlemen have any knowledge of how to eliminate this spam (or the spammer:D).
 
Last edited:
The e-mail address that "needs to be visible in order to run my business" is it in text form?

Make it a clickable picture, like this.........



I know it will not stop the best of the mail spiders out there the gather up e-mail addresses, but it cut down on the number we get by a LOT when we did it (that is the e-mail for the L shop)

Just a thought.

Cheers!
 
Ian, I was having the exact same problem earlier on this year. I was getting literally hundreds of emails a day that bounced from dead email addresses. Every couple of weeks I would get as many as 1500 - 2000 in a 24 hour period! :eek: There is no way to prevent the scum from using your email as a return address spoof, but you can stop the flow.

What I did was contact my ISP and tell them that I did not want to accept ANY emails other than those addressed to bill or to ultradad. That eliminated about 99.9% of the trouble. Apparently when the domain was set up, they set the email to catch and deliver anything that was addressed to my domain. It sounds like yours might be set up the same way.

Good luck with getting it resolved.

Bill
 
I use filters on my email client (Thunderbird) as even our high dollar anti-spam appliances at the University can't get it all. Many clients have features that allow you to select the offending email and then 'wizard'-create a filter based on it or its characteristics.

There are too many variation of email clients for a bonehead like me t be any more specific but this may lead you in the right direction. Bill's solution is better yet, if available as it stops the stuff BEFORE it gets to your computer.
 
The e-mail address that "needs to be visible in order to run my business" is it in text form?...
I tend to get surges of "Return to Sender" messages as the result of someone spoofing their return address using my domain, not necessarily one of my e-mail addresses. In my case, they spoof the domain and use random e-mail addresses in front of it. I intentionally have my domain set up so that anything@mydomain comes to me, because it has other benefits. The downside is that I periodically have to endure waves of "Return to Sender" messages.
 
The best solution is to remove any trace of your email address from any public-facing web pages - images or not. It sounds harsh at first, but there are ways to allow legitimate users to still contact you when they wish.

Ideally, I'd set up a "contact us" form on your site that allows people to type in what they want to know and click "send" - never revealing your email address to anyone at all. A script on the server would be needed to send the contents of the form to your email - but most web hosts have something to help with that. This provides the most protection, by far. Some argue that the spam bots will spam YOU using that form. It's true, but I'll bet that more would spam your public-facing emial address than this form. Overall, a reduction should be seen.

A second alternative is to make it really hard for an automated script to see your address without making life too tough for your users. This can be done by using URL encoding as the simplest form - for example: mailto:joe@someunusualdomain.com would translate to mailto:joe%40someunusualdomain.com - that's a pretty basic one. If you really wanted to trip 'em up, you could encode every letter in there, too. So that'd turn your mailto into something like this:

mailto:%6A%6F%65%40%73%6F%6D%65%75%6E%75%73%75%61%6C%64%6F%6D%61%69%6E%2E%63%6F%6D

A handy utility for this is located here:

http://scriptasylum.com/tutorials/encdec/encode-decode.html

At the very bottom of the page - just put your email address in the left box (deleting everything else) and click the right-arrow.

It'll trip up quite a few script bots, but not all of 'em. Some are smart enough to catch that kind of thing.

Another option relies on javascript to write out the link code:

<script language="javascript">
<!--

name = "joe";
domain = "someunusualdomain";
tld = "com";

document.write("<a href='mail" + "to:" + name + "%40" + domain + "." + tld + "'>Email Me!!</a>");

// -->
</script>

That would break up your email address into chunks that would probably thwart most of the bots out there, i'll bet. The "mailto:" part was broken up so that script bots have to be a little smarter to figure out that you're even doing anything related to email.

It's unfortunate that a small percentage of bad apples has such a rotten effect on the rest of the population. The email protocols are pretty old and were never meant to be used the way that they are nowdays. Trouble is that replacing it now would be a monumental task :(

Hopefully some of my geek babble has helped :)
 
I just wanted to post the question here as to whether any of you erudite ladies and gentlemen have any knowledge of how to eliminate this spam (or the spammer:D).

Ian,

While illegal in GB my opinion is that a .45 ACP is a great way to reduce the spammer population. The problem, obviously, is getting away with it.:rofl:
 
"The email protocols are pretty old and were never meant to be used the way that they are nowdays."

Jason,

You're sure right about that one! ;) And it's not just you and me who think so...

I went to hear Vint Cerf last year. One of the things he said was, essentially, 'Had we known what would happen, TCP/IP would be far different.' It's hard to blame them, it was 1974, and even the most utopian dreamer couldn't have imagined what's happened. Even Berners-Lee has spent a few years now trying to do a mulligan... ;)

Oh, well, email's way better than it used to be. I won't out them, but some people on this board have been around long enough to not only *know* what a bang path is, but even *how* to do one! ;) They probably even know why I still *star* things I want bolded! ;)


Thanks,

Bill


.
 
The best solution is to remove any trace of your email address from any public-facing web pages - images or not. It sounds harsh at first, but there are ways to allow legitimate users to still contact you when they wish...
In my case (and I suspect Ian's), it's not my e-mail address they are using. It's my domain name. Short of taking my sites down, there is no real way to hide my domain name...it's a matter of public record.

I receive very little spam sent to vaughn @ tg3k.com. I do, however, get a lot of "undeliverable" mail bounced back to me...mail that was sent from joeblow @ tg3k.com or bestdeals @ tg3k.com or any other xxxxxxx @ tg3k.com combination, then bounced by the recipient's spam filter.
 
All - thank you for responses. I actually realised that Vaughn is right and these "people" are actually using the domain and generating complete guff using it as part of the return address. So it is less about the public address than it is about the domain, which I'm not gonna change.

My concern is less about the volume of rubbish that this generates - most of it is dealt with by rules in outllook anyway. I guess that my main concern was that my domain, which is also my business, doesn't get tainted by appearing to be generating spam. I know that the return address is completely meaningless but suspect that many people don't. Oh well - maybe Cecil has the right idea.

Jason - thank you for taking the time to construct a very complete response. There are definitely some things I should do in there anyway to reduce the overall spam load.

My problem with tightening down too tight on spam controls is that I know that automatic filtering has nearly cost me some business in the past and I would rather get righteously indignant a couple of times a day than lose money. :)
 
In my case (and I suspect Ian's), it's not my e-mail address they are using. It's my domain name. Short of taking my sites down, there is no real way to hide my domain name...it's a matter of public record.

I receive very little spam sent to vaughn @ tg3k.com. I do, however, get a lot of "undeliverable" mail bounced back to me...mail that was sent from joeblow @ tg3k.com or bestdeals @ tg3k.com or any other xxxxxxx @ tg3k.com combination, then bounced by the recipient's spam filter.

All - thank you for responses. I actually realised that Vaughn is right and these "people" are actually using the domain and generating complete guff using it as part of the return address. So it is less about the public address than it is about the domain, which I'm not gonna change.


True enough - nothing I said will help this problem. To combat this issue, I have routed all email to any "unknown" address straight into oblivion (/dev/null for Mr. Lantry's enjoyment.) Just out of couriosity last month, I changed that to forward all unknowns to me for about a week - after 1500 bounces per day, I decided not to do that anymore! :rolleyes:

I take solace in the fact that most of the people who would get spam from someone purporting to be from my domain will already block the spam for what it is, hopefully.

One day, maybe we'll have legitimate From: headers. (I can dream, can't I?)
 
Ian, the simplest thing to do, and I had the same thing happen last week, is to go into you domain settings or have provider do it, and turn off the catch all. I had mine set like that in case someone mistyped my address I would still get the emails.

Well last week like you I got tons of bounced mail. I went it turned off the catch all. Now I don't get anything but what is addressed to me correctly. I will go back and turn it on in a week or two.
 
Top