|
The reason … a website doesn’t
do you much good if you don’t give potential customers a way to contact you, and
that normally means posting an email address on your website, where it is
vulnerable to email address harvesting tools used by spammers. Domain
registration records are also a common source used by spammers.
In order to conduct business
online you now need to sift through the endless barrage of offers for herbal
viagra, pornography, pyramid schemes, and so on.
With such a large volume of
spam to contend with, it’s likely you’ve lost sales due to missing important
emails that simply floated away in this sea of spam. And there's no way to
really calculate the cost of that lost business. If you've missed email then how
can you ever know how much business you've lost?
If you want to solve the
problem, you need to be proactive because the sad reality is that if you do
nothing, it will only get worse until finally it reaches the point where your
email account has become totally and completely unmanageable. Fortunately there
are a few options available to you.
Securing Your
Domain Registration Against Spammers
First let's address the whois
database, which is a publicly accessible database in which your domain
registration record is listed … and that includes your email address. It's not
uncommon now for people to be spammed at a brand new email address within hours
of registering a new domain.
Go Daddy http://www.godaddy.com
is a domain registrar that now offers private domain registrations. At the time
of writing this article, they are the only registrar who currently offers this
service. Hopefully in time, other registrars will pick up on this idea and offer
the service too.
With a private domain
registration, which costs only a few dollars more than a regular registration,
your contact information including your email address will not be publicly
accessible in the whois database.
That’s guaranteed to cut down
on spam quite significantly as this very important source of addresses that
spammers use, will no longer provide your address to them.
If you don’t wish to obtain a
private domain registration, then there is another option that will be equally
effective. Set up a new email address that you use only for the purpose of
providing registration information for your domain name. You can easily scan
email sent to that address for messages from your registrar, and delete the rest
without having to read it.
Securing Your
Website Against Spammers
The other major source, and by
far the biggest source of email addresses for spammers is of course the mailto
links on your own website. Email address harvesting or extraction software as
it’s known is cheap, easy to use, and readily available … and it’s very
effective. That means there are a lot of spammers out there with easy access to
your email address.
Chances are hundreds or even
thousands of spammers using such software have already harvested your address.
And what can you do about this? You need to provide a way for your customers to
reach you by email, or you'll lose business. There are steps you can take to
prevent your email address from being harvested and used by spammers though,
while still providing legitimate visitors to your site with a way to email you.
One solution is to make all the
mailto links on your site point to a form instead, which will still provide a
means for people to send you email. Provided you use a CGI script that doesn’t
require the address to be embedded within the form itself, you can shield your
address from email address extractors.
If you don’t want to require
people to fill out a form to email you from your website, then you can get a
little more creative. It is possible to put a mailto link on your site that when
clicked will still launch the sender’s email program, and start a new message
with your address in the To field … but without having to embed your email
address in the mailto link where spam software can snatch it.
It looks like a normal URL, and
there's clearly no email address anywhere in the link, but when clicked, instead
of loading a web page in your browser as you may have expected, your email
program opens up.
How’s that possible you might
ask? Simple. A little magic with CGI using Perl or PHP will do the trick. A free
copy of a script that does this is bundled with Postmaster Pro.
What About
Spammers Who Already Have My Address?
So far we’ve discussed a few
fairly simple techniques designed to prevent spammers from obtaining your email
address in the first place. But, how do you deal with the spam you’re already
getting? Your address is already out there. The solution is to either block or
filter.
For either, you'll need
software. For blocking, I recommend Postmaster Pro. If you prefer to filter then
Spam Assassin is highly recommended. Both run on the server, so there is no need
to download spam before filtering it out. That's a huge time saver if you're not
yet on a high-speed connection. It also makes it a bit less likely you'll end up
downloading a virus since email from untrusted senders, i.e. spammers will be
significantly reduced.
Spam Blocking
Software
Postmaster Pro which is
available at http://www.postmasterpro.com takes a novel approach to blocking
spam. It only allows email to be delivered after people who’ve sent you email
have been placed on an approved sender list. But the interesting thing is that
people who send you email can put themselves on your approved list. This is done
simply by clicking a link in an email that automatically gets sent to them the
first time they send email to you, which is perfect for those of us who don’t
know in advance whom we should put on the approved list, i.e. if you’re running
a business online. It also makes building and maintaining such a list very
simple.
Given the fact that spammers
normally use invalid return addresses, and those who do use valid return
addresses seldom read email that's sent there, let alone respond to it (they
receive thousands of failed delivery notifications, complaints, remove requests,
and autoresponder messages every time they do a mailing) … it’s a very effective
technique with no chance of blocking legitimate email, as is the case with
filtering.
Spam
Filtering Software
As with any filter though, you
do run the risk of missing legitimate email from time to time. There really
isn't a good way to tell how often this is happening unless you want to read all
the email that gets filtered out, which negates the whole point of filtering. If
you set your filters permissively enough though, you should be reasonably safe.
For the first month or so after installing any filter, you should continue to
read every single email in order to make sure it isn't set too restrictively to
allow legitimate email through.
By using the techniques
mentioned in this article, you can take back your mailbox, and dramatically
reduce, if not eliminate spam.
|
