Protect your email address from the email harvesting Spambots

Protect your email address from the Spambots
by Mike Banks Valentine

There have been a flurry of anxious discussions among email list and newsletter owners recently about spammers stealing their email identity by spoofing the "from" field of spam mailings. They know they are being spoofed because they are suddenly getting an avalanche of bounce notices returned to their email when they didn't send the email that bounced! Those webmasters and list owners that have their email identity stolen in this way are most often those that have the most to lose if their business is reported for spamming.

List owners whose income is dependent on advertising that runs in their newsletter or ezine cannot afford to be shut down by a host that responds to spam complaints without any serious investigation. Automated reporting systems often list the domain, or worse, sometimes entire IP blocks, of accused spammers - whether or not those accusations have any merit.

SPAMMERS DISLIKE ANTI-SPAM ADVOCATES

I've been the victim of these faked addresses for a couple of years because I have an anti-spam tutorial at Website101 and it must attract spammers looking for something. It's pretty well ranked in the search engines for several spam terms and gets a lot of traffic for Website101. They lift my email address and use it in their spam campaigns.

http://website101.com/SpamFilter/

When I started getting those bounced emails from sources I hadn't sent to, I was so alarmed at the implications for the integrity of my online businesses that I quickly sent a copy of the bounces to my host to let them know that it *WAS NOT ME* sending those emails that were creating the bounces. They took a look at the headers and could see that it was spoofed and not really from me, since they host my site, I guess they can tell easily. I was relieved, but continued to send those bounces to them whenever I got them to let them know I was not the source of the spam causing those bounces and that they may get spam complaints about them.

Eventually, one of my host "abuse" techs sent me an email letting me know that they could tell I wasn't doing it and that I needn't be concerned about being shut down since I had pointed out my anti-spam tutorial and my own articles about the issue in my tutorial.

LIST OWNERS AND WEBMASTERS ARE SPAM SPOOF TARGETS

If you suddenly start receiving multiple bounce notices with quoted spam emails bearing your email "from" address, send them, including headers, to your host "abuse" address and proactively protect yourself from false claims. I've even had email discussion with anti-spam Gestapos about the problem and made certain they know my stance on spam and that I am not the source of those bounces when they got complaints through their reporting & automated blacklisting system.

A NEW SOLUTION TO SPAM HARVESTING BOTS

Many of us have heard about William Bontrager's CGI Script, SpamBot Buster and what it can do to help you protect your email address from harvesters. I encourage webmasters and list owners to read about it, then download a free copy of the script here.

Install it and follow directions to post email links that cannot be harvested on your site. The script will also generate a web URL that allows you to post in discussion lists where spambots regularly trawl for participant emails.

The URL sends a command to your server and seems magically to open your email program and offers up a preaddressed email window for use in your ezine, in articles and in postings to forums when you need to post an email address in any public online places accessible to spambot crawlers.

BAD NEWS FOR OLD PREVENTATIVE TECHNIQUES

Those of you that have heard of the so-called email address cloaking tools that display characters in "unicode" to help prevent email harvesting by the spambots may be dismayed to discover that it no longer works all of the time. The bad boys of spam are fully aware that many of this use that, now old, technique and have written new software to harvest those addresses displayed in unicode characters. If you haven't yet seen this technique used, I invite you to read another article on the unicode email address cloaking method.

http://website101.com/SpamFilter/spambot_unicode.html

An additional recommendation for hiding email addresses has been to use a form on your site for public contact instead of posting a mailto: link. Once again, bad boy spammers have worked out this technique too, and adapted harvesting software to gather the address from the form field in your contact form. The same is true of the old javascript email link technique.

The dramatic and secure feature of this new technique of hiding your email is that the address doesn't reside anywhere in the code on the page, in javascript or in form fields in your contact form. When it's not on the page or anywhere in the code, the spambots can't get your email.

This new technique will, by no means, solve the spam problem but does go a long way toward reducing the sometimes almost maddening hide-and-seek game we all play with spammers. That anti spam tutorial is the first place I'll implement this new technique.

Here's my new unharvestable email link :-)
http://privacynotes.com/cgi-bin/M/msb.cgi?3
------------------------------------------------------------
This article may be reproduced freely if the following
information is included and links made live when used online
------------------------------------------------------------
Mike Banks Valentine is a personal privacy advocate.
Learn about TIA, GLB, HIPAA, COPPA, RFID, Identity Theft,
Surveillance, Auto Black-boxes, Spyware, Do Not Call Lists
Privacy News and protecting your personal privacy online.
http://privacynotes.com
------------------------------------------------------------


Privacy Notes Has A Spam Solution For WebMasters
PrivacyNotes SpamBot Buster - Free Download

Click Here To See How This Amazing Script Works!

You can get a FREE copy of the Privacy Notes Spambot Buster program immediately here.