(510) 843-6389   1700 Martin Luther King Jr. Way Berkeley, CA 94709 support@lmi.net

Tips on Reducing Spam

Anyone that uses email is bound to get spam (unsolicited bulk email) at some point. But you can keep spam to a minimum with these tips about how to protect your email address from spammers.

Email addresses on Web sites

Spammers are eager to find out everyone’s email address. So don’t give your address out too freely. Only give it to family, friends, and business associates that really need it. And be especially careful about posting your email address on the Internet. Spammers have software programs that do nothing but scan the entire Internet for email addresses.

You might want to post your email address on your Web site so that people can contact you. One way to avoid that is to put a form on your Web page that people fill out and it emails you their inquiry. But it never reveals your email address to the sender. Once you receive the form, you can then decide if the sender is legitimately needing your services.

If you do want to post your email address on a Web site, there are tricks you can use to fool the spammer’s software programs, so that the email address is readable by a human, but not by a software program. One trick is to have a graphic of your email address instead of having the address written on the page. An example of this is here:

http://users.lmi.net/scotdrum

You can see the email address where it says “Submissions, corrections, suggestions:” but that’s a picture of the email address, and will not be collected by spammer’s programs.

Another thing you can do is to add some characters to your email address that signals to humans what your address really is, but will fool spammers’ programs. Something like:

johnREMOVETHIS@smith.com

People will see that they need to remove the characters “REMOVETHIS” and then will know your correct email address, but software programs will take it at face value.

One thing that the spammers’ programs are looking for is called a “mailto:” link on your Web page. This is code that is often used with an email address. It looks like this:

<a href="mailto:someone@yoursite.com">Email Us</A>

What this does is that when someone clicks on the words “Email Us” on your Web site, it will automatically launch their email program, create a new email message, and put your email address as the recipient. This makes it convenient for the sender, so they don’t have to do this manually. But this “mailto” code is exactly what spammers are looking for with their software programs, so try to avoid using it.

Email addresses on forums and Usenet

If you participate in a Web forum, make sure they are not posting your email address publicly. If you post to Usenet, don’t configure your email address in your Usenet client. If you want to let people know your email address, you can modify it, as described above, so that humans can read it but not spammers’ robot programs. But post at your own risk. Usenet is a major source of email addresses for spammers.

If your submit your address on a Web fom, check the site’s privacy policy. They may have verbiage that says they will send your email address to their affiliates. There is usually a way to opt out of this. Note that most of the time the checkbox for “it’s OK to send my email address to third parties” or “it’s OK to deluge me with marketing emails” is checked by default, and you have to uncheck it to opt out.

Don’t do the “Send This To A Friend” thing

When you are reading an article on the Internet, sometimes you will see a “Send This To A Friend” link. Don’t do it! You are giving your friend’s email address to that Web site. You have no idea what they are going to do with it. They will probably ask for your email address, too. Don’t take the chance. Just copy the article’s URL, and send it in an email message to your friend. They will appreciate you protecting your address.

Don’t reply to spammers

Never reply to a spammer asking that you be removed from their list. This only helps spammers because they can take your originating email address and verify that there is a human behind it. If they give you a URL, never enter your email address into a form for the same reason. (It’s important to keep track of which mailing lists you have signed up for, so that if you do not want to receive mail for that list any longer, you can opt-out in the proper manner.)

Don’t use default addresses for your domain name

When you get a custom domain name for yourself or your business, and you use that domain name as part of your email address (i.e. “you@yourcompany.com”) it’s important that when you first create email addresses for that domain name, that you do not create a “catch-all”. A “catch-all” means that any email address that you do not specify is still a valid email address and you will receive that mail. For example, let’s say you get a custom domain name for your family, and there are three people: blanche@thesmithfamily.com, phil@thesmithfamily, and tony@thesmithfamily.com. So far, those are the only valid email addresses for your domain. But if you create a catch-all, you are saying that “@thesmithfamily.com” is a valid email address. People will sometimes set up a catch-all if they are afraid that people will make a typo when mailing them and they want to make sure they still receive the mail. But if someone makes a typo on your email address, they will get a notice back saying that it is not a valid email address, and then they will notice their mistake, fix the email address in their address book, and re-send the mail. A catch-all address allows spammers to make up any email address they want, and the mail will still be delivered to you. Don’t give spammers that kind of ammunition! Define specific email addresses for your domain and anything else should be invalid and rejected.

Don’t reply to suspicious people on Craig’s List

When you post something on Craig’s List, there is an option for Craig’s List to create a special temporary address for you. That way your actual email address is not posted directly on Craig’s List. When someone sends email to the special temporary address, Craig’s List forwards it on to you. Therefore, only Craig’s List knows your actual address. But there are spammers that collect the special email addresses posted on Craig’s List, mail to them, and try to get a reply. The moment they get that reply, the real address behind the special temp address is revealed. Watch for emails that seem very generic and do not mention the substance of your post. For example, if you post for a chair for sale, and you get an email saying “can you tell me how much it is” or “will you ship this out of state?” without any mention of a chair, this could be a spammer emailing to you. If you know how to read email headers [LINK TO “How to read headers” HERE] then you can look the headers of suspicious emails, and if they are coming from Nigeria or something, your suspicions are confirmed!

Use a free throwaway email address for some of your email transactions

You can sign up for a free email address with Gmail, or Yahoo, or another freemail provider, and use that email address for Craig’s List transactions and such. Then only give your personal/business address to friends, family, and trusted colleagues.

Use SpamAssassin or SpamGauntlet

There are tools that you can use to filter out spam from your Inbox. LMi.net offers two spam-filtering services: SpamAssassin and SpamGauntlet. SpamAssassin filters out (or tags) spam in individual mailboxes. SpamGauntlet can filter spam for an entire domain name (which covers all the email addresses that use that domain).

Don’t buy anything from spammers!

The only reason why spam is still with us is because of the people that give spammers their business. Because sending hundreds, thousands, even millions of spam messages can virtually be cost-free for spammers, their technique is to blanket the Internet with spam, and the few people that actually buy their products make it worthwhile for the spammers.

Practice safe computing

Many viruses that infect computers are for the purposes of collecting email addresses for spammers, or for using a machine for sending spam messages without the owner’s knowledge. Some spam virus programs can view your email address and collect the addresses of your contacts. Make sure to run a virus scanner regularly, especially if you have a Windows PC (they are by far the most vulnerable), and keep your system clean. Also, use the firewall on your computer. A firewall can be software (generally part of the operating system) that acts as a gatekeeper for Internet traffic to and from your computer, and can help protect you from viruses, hackers, and spammers. Even better than a software firewall is a hardware firewall. This is a device that is set up on a computer network that protects all the computers on the network. Ask your IT Administrator if you are not sure if there is a firewall on your network.

You should also not open spam emails, because just the act of opening a spam email can be risky. Spammers can put Web links into an email message, and if your email program is configured to load these links automatically, your computer can be sent to a Web page that tries to infect your computer with a virus. Sometimes spammers put fake “unsubscribe” links in their emails and if you click on it, it does not unsubscribe you from their list, instead it confirms that your email address is valid and that you viewed the spam email.

NEVER, EVER open an attachment from a spammer, no matter what the name of the file is. Spammers are very clever and have tricked many people into opening seemingly innocuous attachments that turnde out to be a virus. They take advantage of the fact that Windows PCs do not show the extension of a file name by default. So if you see a file called “MyPicture.jpg”, you may think the file is a picture, but really the file name is “MyPicture.jpg.exe”. You are just not seeing the “.exe” extension because it’s hidden from you. To display file names in Windows XP open your My Documents window, go to the Tools menu and choose Folder Options. Click on the View tab and locate the part that says “Hide extensions for known file types”. Uncheck the box and click OK. Now you will be able to see the full names of your files, including the file extension. Note that the “.exe” file extension means that it’s an “executable” file. This is a program that could alter your computer, and you should never click on .exe files without being completely sure they are safe.

Don’t fall for scams sent via email. The most notorious and obvious one is the “Nigerian 419” scam, where someone from a foreign country (they usually claim they are a relative of an assassinated king or some such nonsense) offers you a percentage of a ridiculous amount of money. More difficult to detect is called a “phishing scam”. This is an email that looks like it’s from your bank or credit card company asking you to input your personal info to “confirm it”. Banks and other financial institutions do not do this! They never send you email asking you to input your private sensitive bank info. Phishing scammers are very good at faking bank Web sites, so even if the link in the email leads to a site that looks just like your bank’s Web site don’t fall for it!

Finally, never give your login details, especially your password, to anyone. Passwords should not be easily guessable and be kept secret! If a spammer gets ahold of your email password, they can take control of your email account to not only send spam, but also do other things that compromise your privacy. And the spam will be blamed on you because it’s coming from your address!

If you follow these steps to protect your email address, and practice safe computing, the chances of receiving spam will probably be significantly reduced, and you can enjoy a clean Inbox.