How can I get spammers to stop using an email address?
November 14, 2005 12:09 AM   Subscribe

This might sound like a stupid question, but I have heard of techniques that advanced users might use to foul up the spammers method of harvesting email addresses. It involves creating web pages and using bait or something, but I'm not sure how it works. And I can't concoct a google search that gets me the advice I am looking for. So webmins, how do you create a network of webpages that will have spammers getting so fed up with a specific email address that they will drop it from their list?
posted by a.blue to Technology (11 answers total)
 
I'll take these in the reverse order.

So webmins, how do you create a network of webpages that will have spammers getting so fed up with a specific email address that they will drop it from their list?

You can't. Once the spammer has your address, they won't drop it.

I have heard of techniques that advanced users might use to foul up the spammers method of harvesting email addresses. It involves creating web pages and using bait or something, but I'm not sure how it works.

This is called a tarpit. The basic idea is to feed the spammer a lot of fake addresses, generated randomly a server-side script, and to do it slowly enough that he keeps crawling that "site" for a long long time picking up bogus addresses instead of moving on to a real site and harvesting real addresses. This has two effects: it wastes a lot of his time and it makes his mailing list a lot less effective.

Sadly, spam is still economically feasible even when a spammer's mailing list is 99% bogus addresses.
posted by kindall at 12:16 AM on November 14, 2005


One way to stop email harvesting is to not post email addresses on static web pages. It can be much harder to impossible for harvesters to automatically collect email addresses from dynamically-generated pages. Another strategy is to post email addresses in unusual forms that require human parsing, like "me at this dot address dot com".

Yet another strategy is to make it "expensive" in network time to send spam. Network admins can run spam appliances that "slow down" connection attempts from mail domains that appear to be sending more spam than usual. Concentrators are frustrating for spammers, who rely on sending large volumes of junk email as quickly as possible.
posted by Rothko at 12:57 AM on November 14, 2005


There are also Honeypot projects, that attempt to lure in spammers with attractive e-mail addresses, but in reality are used to try to figure out what spammers are doing. The WikiPedia can tell you more.
posted by stovenator at 1:19 AM on November 14, 2005


Also, to answer what seems to be your issue. You aren't going to remove your e-mail address from spam lists. You're likely saddled with either getting a new email address, or using spam filtering software. I prefer DSPAM, but it's not easy to setup. A Bayesian filter such as SpamBayes, or using Thunderbird is much easier to use if you aren't really technically inclined.
posted by stovenator at 1:24 AM on November 14, 2005


Please don't give more fake addresses.

For the past two months, I've been getting 250 bounces/day because some asshole decided to use my domain as the "from" for his online watch and pharma venture.

Since I have a global collector (*@domain), all the bounces from old/fake addresses end up in my inbox. At least mail.app can be set up with a decent set of rules to whisk them swiftly into the trash. *sigh*

Anyhow, it's really really easy to get rid of the spam problem if you own your own domain. When I signed up with say, amazon.com ... amazon@domain.com becomes their exclusive address and it's forwarded to me.

Any business that sells my address instantly ends up on a list of "to addresses" that go straight to junk.

As such, I see maybe 5 spam in my inbox a week, and NO "oops, it accidently got sorted into my junk mail folder" problems.

Might try something like that out for yourself.
posted by mmdei at 1:56 AM on November 14, 2005


It appears from your question that the spammers already have the address you're asking about. If that's the case, then there's nothing you can do.

The whole point of spam is that it's incredibly cheap to send email, and the way they do it, they neither know nor care whether the email gets there.
posted by AmbroseChapel at 2:25 AM on November 14, 2005


The other thing you can do is scatter fake addresses around on a honeypot site, and then use ALL the mail arriving at those addresses to train your spam filter, as every single mail will be spam.
posted by wackybrit at 3:00 AM on November 14, 2005


I've had good luck using Spam Poison - and it's free.
posted by Serena at 3:57 AM on November 14, 2005


I recommend SpamGourmet - hassle-free disposable email addresses
posted by Sharcho at 5:56 AM on November 14, 2005


I'm under the impression that most spamming is done without lists these days - zombie computers are so easy to get that spammers just point a program at a domain and just dictionary-generate millions of addresses at that domain.

So part of the solution is to have some weird non-generatable word as your name in front of the @, and avoid things that are weird but still generatable like initial&surname.
posted by -harlequin- at 11:30 AM on November 14, 2005


Meanwhile, make sure that if you post an address, it's not readable by spambots. Username at domain.com is no good, even with no @, the spambot will read it. Try Username can be contacted at hotmail, and username should not be your primary account.
posted by theora55 at 4:18 PM on November 14, 2005


« Older I sure would love it if they'd stop throttling me.   |   UK Industry Information Newer »
This thread is closed to new comments.