Keeping One Step Ahead of the Spammers - dummies

Keeping One Step Ahead of the Spammers

By John R. Levine, Margaret Levine Young, Ray Everett-Church

If it’s just a matter of time before a spammer catches up to your e-mail address, is there any hope? Sure, you have some hope. But, truth be told, you can do little to completely avoid spam. What hope you have comes from taking a few basic actions to keep your e-mail address a little more low profile:

  • Know where your e-mail address can be found (white pages and Web pages, for example): Do you know who has your e-mail address? Do you participate in chat rooms? Message boards? Newsgroups? Do you have your e-mail address posted on your Web page?
    Try typing your e-mail address into a search engine and seeing what pops up. The answer to the age-old question of “How did those #*@%#$ get my e-mail address?” may be that you gave it to them!
  • Guard your primary e-mail address: When somebody asks for your e-mail address, think twice before giving it out. Or, shield yourself behind an e-mail alias. Many ISPs allow you to create multiple e-mail addresses, which can be used for creating “sacrificial” e-mail addresses you can give out to people you’re not sure you trust.
  • Use stand-alone e-mail software: Most Internet browsers come bundled with e-mail programs. The problem is that by bundling the two, you may be making it easy for hackers, spammers, and unscrupulous Webmasters to get your e-mail address from your browser. For that reason, consider using a stand-alone e-mail product, like Eudora or Pegasus.
  • Play hide-and-seek with your browser: Even if you’re using a stand-alone e-mail program, you may have at some time recorded your e-mail address somewhere within your browser, or your browser may have even grabbed it and given it away for you in an attempt to be helpful. Because the whole purpose of a browser is to share information between computers, it may be giving away that information about you to others whenever they know the right way to ask for it. If you think that your browser may be blowing the whistle on you, here’s how to shut down the little snitch:

In Netscape: Choose Edit –> Preferences from the menu bar atop the browser window. On the list along the left side of the Preferences dialog box, click the plus sign (+) next to the Mail & Newsgroups option. Then select Identity, which appears just below the plus sign. On the right side of the dialog box appears any of your personal information that the browser has stored. Erase all personal information you see there and click OK to accept the changes.

In Internet Explorer: Choose Tools –> Internet Options from the menu bar atop the browser window. In the Internet Options dialog box, select the Content tab and click the My Profile button. Erase all personal information that appears on this form. Click OK to accept the changes.

In Opera: Choose E-Mail –> Edit Active Account from the menu bar atop the browser window. Erase all personal information that appears in the right half of the dialog box.

  • Choose an ISP that actively blocks spam: Several large national ISPs — like AOL, EarthLink, and AT&T — have some spam-blocking features, so if your ISP has them, make sure that you use them. Although you’re likely to have more difficulty finding a local ISP that blocks spam, many are run by system administrators who are veterans of the spam wars and know how to offer spam protection that’s so vigorous it makes nuclear missile silos look poorly defended. It’s always worth asking around.
  • Find out how to filter your own e-mail: Some e-mail software programs have filtering features that, if you take the time to read the instructions, can be useful in helping you manage your mailbox in many ways, including helping you filter spam directly into the trash. Be ready to experiment with those settings, and don’t autodelete anything until you’re absolutely certain that your filters are working right. If your filter eats that e-mail from Aunt Ethel, you may get a cold reception (and dinner) when you head for her house next Thanksgiving.
  • Never, never click Reply: Most return addresses in spam are faked to deflect complaints. However, some spammers use real addresses because they really do want to hear from you — but not for the reason you may think. Why would they want to hear your angry diatribe? When you click Reply, you have just confirmed that your e-mail address is a live one, which is like waving a big red flag and screaming “This e-mail address is real! I really read this stuff! If you’re smart, you’ll send me more spam!”
  • Establish secondary screen names for chat rooms and message boards: Chat rooms and message boards are among the most appealing places for spammers to gather e-mail addresses. Protect your primary e-mail address by creating other, throwaway e-mail addresses for posting on message boards and for giving out to people and sites you’re not sure you can trust. Many ISPs — like AOL, AT&T, and others — allow you to create secondary screen names or additional e-mail addresses at little or no cost, or you can get free e-mail addresses from Yahoo!, Hotmail, and other free e-mail services. If spam comes flooding into those accounts, you can always delete them and make a new one, all the while shielding your primary address from the flood.
  • Give and use false e-mail addresses: This advice is quite controversial. Many people know that spammers troll through chat rooms and message boards looking for e-mail addresses, so they use fake or altered — sometimes called munged (rhymes with plunged) — e-mail addresses. For example, may give out his address as and then give written or verbal instructions to friends and associates to remove the I-hate-spam. part before sending him e-mail. This strategy tends to confound many spammers because they often use automated e-mail harvesting programs that gather anything with an @ sign in the middle; because the spammers are too lazy to sort the millions of addresses by hand, they usually end up sending their spam to the altered address.
    Why is munging controversial? Depending on how you munge the address, when the spammer sends the mail, it may still end up in somebody’s mailbox, most likely that of the already overworked and spam-flooded administrator of your ISP or free e-mail provider. The other reason is that many people use mail programs that don’t show the e-mail address of people they’re writing to, so they don’t notice the munge or may not even realize that it’s possible that the address isn’t real, and real mail gets lost. Please think twice before trying this one at home.
  • Use a unique e-mail account name not found in a dictionary: Pick an e-mail address like or so that spammers are less likely to pull your e-mail address out of a hat, thin air, or the dictionary.
  • Find out how and where to complain to get spammers shut down: The best defense is a good offense. When spammers are offending you, offend them right back by finding out how to get them booted off their ISPs.