No More Damn Spam


No More Damn Spam
By Don McKenzie

Go Top | Go Bottom | Go Back | Go Forward

I felt it was about time to remind people what I did about Spam in 2002. After many years of putting up with Spam, and trying many methods of preventing Spam, including programs such as Mailwasher, I finally declared war on Spam, and have never looked back. Basically I don't get Spam, and my method is no secret. Most people I have tried to educate, think I am some sort of a nutter. So I gave up trying. Sorry, your loss.

Here I am running a business, and have zapped Spam virtually completely. In the 9 years since I have been running this system, I would doubt that I have had 25 Spams total. And when I get one, I use a simple system to make sure I never get one from the same source again.

What is the cost?
$500?
$200?
$100?
$50?
$25?
Special price today only $0 If you own a domain and have a bit of web space, the cost is zero. Don't believe me?


Don's Free Guide To Spam Reduction

The full rundown. How to get rid of spam: We can't figure out why people spend so much time and money attempting to get rid of spam, when the answer is so simple. We have used this system successfully since 2002, and we are running an on line internet business. Individuals will find it extremely simple to put into operation.


Special Note *** Have a look at the newsgroup http://groups.google.com/group/alt.spam/topics or news:alt.spam I have been visiting there for years. You will see the same good guys in white hats, fighting some old, and many new bad guys in black hats. I don't understand most of the local techo lingo, and even the guys in white hats have many disagreements amongst themselves. But they do go about trying to make things better for genuine internet users, and I would never want to discourage them from doing so. Helping out anyone who asks in a civil fashion, reporting spam, and offering advise on spam reporting and prevention, however they seem to spend a fair percentage of their lives trying to combat spam. But, please keep up the good work guys. I could start to name you, but it would be very unfair if I missed anyone.


Go Top | Go Bottom | Go Back | Go Forward

You must start from the ground floor, and sweep with a clean broom:

To combat Spam today, you must have an Email system that is squeaky clean, and leave no cracks or crevices that Spam can crawl through. If it does, you need a means of blocking it very quickly.

You don't need to use filters.
You don't need to bounce email.
You don't need to sort or delete any email.
You don't need to use black and white lists.
You don't need to buy sophisticated software.
You don't need to block IP's, countries, or domains.
You don't need to have Challenge-Response systems.
You don't need to spend hours maintaining a spam-less inbox.
You don't need to mistakenly erase email from customers or friends.
You don't need to use any bandwidth, as all spam is rejected. (Read on)
You do need to use a little common sense, and be able take on some good advice. 

The total cost of this spam prevention system annually, is the price of a web host at around $50 to $70USD, and a domain name at around $8 to $12USD.

This can be for one individual user, or hundreds if you join into a group, or syndicate. 

Do you own a domain? You don't have to, but it helps if you do. You can reduce spam by 98% to 100%, no fees, no drama.

This is a simple low cost method of getting rid of most of the spam that is being delivered to email in-boxes today. Most of what we propose isn't new. It is the combination of all of these rules that make the system successful, and we have been using this system since 2002.

1-Jan-2004 Ash Roll – Digitalnemesis.com Hi Don 🙂 Yep – thanks for the info on your web site – works a treat. I still have to change over my sales account at PayPal yet and organise all that side of things, but I've gone from 200+ SPAM a day to about 10 a week!

Domain name registrations are cheap. Web hosts are cheap. Small groups of people should consider joining ranks and setting up these Spam prevention techniques. After all, 20 users could throw in $5USD each, and you could run your own domain for a year, and still have change. Elect a webmaster to manage your email addresses using a single domain name. OK, 20 of your closest friends may be a bit of a nightmare, how about 10 at $10USD each? That's very workable.

This tutorial was written with a business in mind, but the same rules apply for individuals.

The simplest way to stop spam and viruses is to keep your email address hidden from spammers, but not from contacts and associates. Of course, you must have an email address in order to operate a web site, or be contactable by email. We protect the email addresses we give out, and we organize them in such a way that they can be altered without losing any business or personal contacts. On January 1st every year, the email addresses are updated so that any potential spam is dropped off.

Basic Requirements.
OK, How do we go about it?

Auto-Responder
Protecting your email addresses from spammers

Your ISP may be generating Spam on your behalf
Spam Through Yahoo Mailing List

Spam Through Paypal Email addresses

Spam Through Your Domain Registration Details.
Your Web Host Billing Email address.

The required HTML Code 

Go Top | Go Bottom | Go Back | Go Forward

http://www.youtube.com/watch?v=uqcSWI6Ppks

Go Top | Go Bottom | Go Back | Go Forward

Basic Requirements:

As you can get a suitable basic web host for around $4USD per month, we would suggest that even private users take advantage of this. Isn't it worth it?

Hostgator (Above) is just one of many. This will provide you with the ability to run one domain using the Hatchling Plan account. If you purchase the Baby Plan, you can have an unlimited number of domains.

Hostgator also has Cpanel pre-installed at the same price, however domain names cost a little more than some others. The few extra dollars to have it all with one company, may well be worth not having any hassles. I much prefer a host with Cpanel, as I have been using it for years, and have explained this tutorial using it.

But you mileage may vary. If you are more comfortable with something else, then fine.

CPanel Tutorials


You must also register at least one domain. Make it a US dot com domain, as these are cheap. Around $11USD

Godaddy (Above) seems to have a cheap rate on US Domain Registrations, and hosting packages, however Cpanel is not included at the same price, and is an extra.


My personal choice has been to get a Hostgator Baby plan with Cpanel included in the price, and a Godaddy Domain Registration. I do have many Domains registered, so it is a considerable saving when you do the maths, but for a single Domain, Hostgator is fine.


Example of typical email addresses and domains that can be registered for groups of people.

bill_gates2011@billionaires-club.com
bill_clinton2011@presidents-retirement-group.com
bill_clinton2011@secretary-of-state-partners-chat-group.com

We were getting 200+ spams to our web based business every day. We would imagine it would be 2000+ today.

Did we mention Viruses? Get rid of the Spam and the Viruses vanish also.

As this spam reduction system limits the number of times our current email address appears in customers and friends address books, viruses will also be limited. Before continuing, check your prospective service provider to make sure their domain isn't hosted by a spam friendly and thus widely blocked ISP

Go Top | Go Bottom | Go Back | Go Forward

OK, How do we go about it?

Web Host Requirements:

Our thanks to Alan Hackett of Perth West Australia for originally putting us onto the Web Page Contact operation.

You must have a web host (Preferably with a CPanel interface.) that has:

Several email address forwarders.
Several Auto-responders.

Set Up Your Email Addresses: Set up only the email addresses that you wish to use for your business, or personal email system. We use basically only two addresses for the main operation of our web site.

sales2011@yourdomain.com
support2011@yourdomain.com

The "2011" is the current year, and is incremented every year.
 

Spammed Email Addresses:

Spammers will send email to any address that they feel will reach you. This can be any address at your domain. Bouncing spam email is simply using up bandwidth, as spammers don't use their own email address, and you may well be bouncing these emails to genuine users.

You will no doubt have an old email address that is picking up most of the spam. Let's call this old-email@yourdomain.com All email sent to old-email@yourdomain.com is directed to spambounce@yourdomain.com which is an Auto-responder. This will send an email to the sender with a text message generated by you. Picture below shows the settings to get your "spambounce@yourdomain.com" Auto-Responder working.

 

 

Setting the interval to zero hours, allows you to test your Auto Responder continuously.

If it is set to the default setting of 8, this means it will only respond to the same IP address once in every 8 hours. I suggest after testing it that you set it back to 8.

1-Jan-Each Year:
Make up your new2011@yourdomain.com addresses, and get them working.

Make sure your reply to address in your email program uses these new addresses. Delete all the old previous years (old2010@yourdomain.com), so that they are no longer directed to spambounce@yourdomain.com.

1-Feb Each Year:
Direct all the old2010@yourdomain.com addresses to your spam bounce message from your auto-responder. And bounce these old2010@yourdomain.com addresses with your auto-responder for about a year until your friends/customers become familiar with your new email address, then delete them. This really means they will bounce for about 11 months, then vanish.

The Picture below shows the forwarding, or redirection of all email sent to old-email@yourdomain.com being directed to spambounce@yourdomain.com which is an Auto-responder.

 

And if many people are using this disposable email address method, and the spammers eventually catch on, you simply change the rules of the yearly increment. 🙂

sales2011@yourdomain.com change to:
2011sales@yourdomain.com
11sales@yourdomain.com
sales11@yourdomain.com
sales_2011@yourdomain.com
2011_sales@yourdomain.com
11_sales@yourdomain.com
sales_11@yourdomain.com
sales-2011@yourdomain.com

You can add any special characters, such as: !#$%^&* The sky is the limit, whatever you can think up.

Special Addresses for companies you deal with: You may wish to use admin@yourdomain.com or similar, for those special domain registrations etc., that you don't wish to change the email address every year.

If you are on a yahoo group, it would pay to use say: groupname2011@yourdomain.com If it starts to generate spam, then you only need to worry about one address.

Other Examples:
taxoffice@yourdomain.com
amazon@yourdomain.com
paypal@yourdomain.com

 

are some examples of what you may need to set up. If you get spam, then you can throw the year in after the name if you wish, or some other simple method of changing it. Get the idea?

This in principle is what is called Disposable Email Addresses, however in this case, you aren't asking third parties to have control of your Disposable Email Addresses, as you have full control, and you aren't paying extra for them.

Another nice feature with CPanel is the dual addressing feature. Example: taxoffice@yourdomain.com can be directed to user1@yourdomain.com and also taxoffice@yourdomain.com can be directed to user2@yourdomain.com We use this for our "Fax To Email" service to two different users. That is, the fax is received, and sent to two email addresses.

Go Top | Go Bottom | Go Back | Go Forward

Your Auto-responder text should look something like this:

yourdomain spambounce Auto-responder
================================================
Has the year changed since you last contacted us?
Then the address will simply be out of date.
Please read "Year Increment" below:
================================================
Read: http://www.yourdomain.com/email.html for a full explanation of our email system.
The email address you attempted to post to has been removed, and replaced with a new one, and your message has been ignored.
This has been done to prevent Spam and Viruses, and takes place every 12 months.

We apologize for this inconvenience.

To contact us, simply click on http://www.yourdomain/email.html and send us a message.
Your message will be answered ASAP and you will be returned a valid working email address that you can contact us on in future.

This working email address will only be valid for a maximum of one year, as the year in 'yyyy' format, will be part of the email address. We hope you can understand the need for us to go through this procedure, and allow our valued customers access to us without the need for spam filters potentially deleting your valued message to us.
 

"Year Increment" You can also calculate our address by simply incrementing it to the correct year, if you have our old email address. ==================================================
Note **** If we get spam on any new address, we may add an additional character, or re-arrange characters during the year.
In which case, you will need to send an email via our contact page to reach us.

Examples of the additional, or re-arranged characters: 2011user@ user2011a@
==================================================

Your Name Here E-mail: http://www.yourdomain.com/email.html
Home Page: http://www.yourdomain.com

==================================================

Go Top | Go Bottom | Go Back | Go Forward

Protecting your email addresses from spammers:

So, we are now allowing only the email addresses through that we have selected. All others get rejected, or bounced with an Auto-responder message.

The next trick is to tell only valid customers and associates what your email addresses are. This is done with a little HTML and java-script code.

This allows you to place your real forwarding email address on the web, and yet not display it to potential spammers. This is done with what is called an email contact page. If you examine email contact pages, you will see that the customer must first contact you via this page, then once he has made initial contact, and you respond, he/she will have your new email address.

This also prevents large email attachments from customers, without initial contact to you.

You can change the email address every year and get rid of any spammers that made it this far, and not lose your customer data base. Result is 95% to 100% reduction in spam.

We do have spammers actually filling out our email contact page, however I know when I see this, that they have reached the bottom of the barrel. If they generate scripts to do this task for them, you simply change the order of the information, so that an input error will occur. But not worth worrying about, we get about 1 every 3 to 6 months.

We also have instructions on our Email Contact Page, on how to calculate the current email address, so that genuine users can email us directly. We had product review pages, and Guest Books, and have had to close these because of spammers.

Go Top | Go Bottom | Go Back | Go Forward

Your ISP may be generating Spam on your behalf

We have been collecting spam from the same email address since 1995, and had to do something very aggressively about removing it.
 

If you have been running a business, you should know that your personal "real email address" should never be given out to anyone, as you should be using your domain email system.

If you are getting spam through your "real email address", then get your local ISP to change your account name. We have done this several times since 1995, however much of it has taken place because of moving to new ISPs as the internet has grown.
 

Never post a real email address to a newsgroup. We use something like "look@my.sig", and in the the sig of our message, we place the web contact page details, so we are readily contactable with a click of the mouse.

If you use a program like Thunderbird, it allows for special email ID's when posting to newsgroups. If you change your business email addresses every year to increment to the new year, and you change your local ISP account name if required, then spam should be down to a level that is very close to zero.

We found our Australian Optus ISP was actually generating a mountain of spam for us, as we were listed as:

username@optusnet.com.au (our actual domain name)
username@optushome.com.au
username@optus.net username@mpx.com.au
username@microplex.com.au

We got our primary account name changed, used one of four secondary addresses as our new contact address, and have never got an email of any description directed to any of the other domains since doing so. ISP's seem to want to generate and charge for additional bandwidth. Make sure you allow about a month overlap between 'yyyy' (year) increments. The previous 'yyyy' can always be sent to your "spambounce" feature for a month, then it can be sent to "All-Unrouted-Mail-Reject" by simply deleting the email address from your valid email addresses after 12 months.

Go Top | Go Bottom | Go Back | Go Forward

Spam Through Yahoo Mailing List:

We were moderating a yahoo group mailing list for our business. We found 10 to 20 spams everyday being posted to the group moderator. It's a no win situation. If you moderate your membership, and leave your moderator email address valid, you get spam. If you block your moderator address, and allow anybody to join, everyone gets spam. We had to shut the group down. We now run it spam and ad free from our new web host at no additional charge. Sending support messages to Yahoo is about as useful as a milking bucket for a bull. Keep away from Yahoo Mailing lists if you can.

 

Spam Through Paypal Email Addresses:

You may also have to change your Paypal email accounts and get them squeaky clean also. We no longer advertise an email address for Paypal Payments, and we had to use http://www.tinyurl.com to link to our payment page. Our current shopping cart doesn't even need this, as it has a direct link into Paypal for simple payment.


Go Top | Go Bottom | Go Back | Go Forward

Spam Through Your Domain Registration Details.

Spammers are now going through these details to get your email address. We have several domains registered, however we have them all registered with the one company, so they all use a single email address.

We picked the domain we feel will always be there, our bread and butter domain, and used spam_domain_rego@yourdomain.com as the forwarding email address. We included the word spam in the hope that this may deter manual and automatic collection of data from using an address with spam in it, but there are no guarantees of course.

A big word of caution. If you use an address from one your domains, you must make sure that domain is always registered. We always extend the registation 12 months in advance, not when it is due. In fact, ours is registered 3 years in advance. If this address is spammed, then it is a simple matter to change one address that you have full control over. Just add "yyyy", or whatever is easy. It doesn't matter, as long as you enable it in your email forwards, and disable the old one. Just don't let the domain expire, else you will never get admin email to tell you it has expired.

Some registration companies offer I.D. protection, so that your registration details are never seen, however as this protection costs more than the yearly registration, forget it. Just use the simple and effective system we have outlined above.


Go Top | Go Bottom | Go Back | Go Forward

Your Web Host Billing Email address.

There should only ever be one single contact that has your real, local, email address, and that is your web host billing address and contact. If there is a problem with billing, or your web site goes down, then you need a channel for them to contact you that doesn't rely on a registered domain.

This email address should also be one that your local ISP can change if requested to do so for any reason. Our local ISP has given us a primary, and 4 disposable secondary email addresses. Never give the primary email address to anyone, and if for any reason, a secondary starts to get spam, then you can drop it, and start with another. The only contact that should have your local secondary ISP email address is your Domain Web Host.

If your domain fails for any reason, you may have to give out a local ISP email address in an emergency, but it should always be a disposable one anyway. So make sure you sign with a local company that has at least one disposable email address.


All comments and feed back very welcome. Don McKenzie 


Go Top | Go Bottom | Go Back | Go Forward

HTML Code:

Use HTML code and Java-script to create your web contact page, however it will disclose your email address when the link is clicked. As only humans, not robots, will need to do the clicking, so the chances of this email address joining the spam lists is very remote. And if it does, you can dispose of it, and get a new one.

Final result will look like this: "For Further Information Please Email Me" and when you click on the Email Me link, your default email program will be launched with the email address and subject line ready to go. 

Create the two files email.html and mailto.js as shown below:
user = "username2011";
site = "yourdomain.com";
subject = "Your Domain Email Contact Page";

set these above three parameters in the mailto.js file to suit the email address, and subject you wish to use. Upload the below two files to your domain root directory and test.

Contents of email.html

<p>For Further Information Please <script type="text/javascript" src="/mailto.js"></script></p>

Contents of mailto.js

user = "username2011"; site = "yourdomain.com"; subject = "Your Domain Email Contact Page"; document.write('<a href=\"mailto:' + user + '@' + site + '?subject=' + subject + '\">');document.write('Email Me'+'</a>');



I really hope you think about introducing this simple method of controlling spam. It is low cost, low maintenance, and after initial set up, runs itself. It has saved me many hours of time since 2002.

Good luck with it.

Cheers Don…

 

Go Top | Go Bottom | Go Back | Go Forward

This entry was posted in Spam Prevention. Bookmark the permalink.

5 Responses to No More Damn Spam

  1. harie godden says:

    LOL, logged on to Google this morning, found it is Robert Noyce`s birthday, and the Intel 8088 CPU. in 1986, I started as a user running the Zilog Z80, so went Google / trolling for info on Z80 CPU,
    a side link offered advice on P & O internet.
    we as a family, are cruising 1st week of march 2012, your advice was GOLD

    ah huh
    a link to stop spam, followed that, now i have GOLD and DIAMONDS

    hello Don, thanx

    reply if you have the time, but not necessary
    Harie Godden

  2. Godzilla says:

    sorry Harie 🙂

    Cheers Don…

Leave a Reply

Your email address will not be published. Required fields are marked *

*