Spam We all hate it

It’s always a good day when one step further is taken to combat spam. This is when browsing the BBC’s website I came across the following article  – Backing for tool to battle spam

Lets hope that ISPs and Companies can offer a common element like this so that we can prevent these unwelcomed emails.

In many cases it’s due to insecure mail servers that have “relay email” enabled, virus/trojan infection, spammers using applications that has it’s own email engine or even abusing there own ISP’s email server.

Not a day goes by without my old freeserve account being spammed. 60ish emails caught in the spam filter offering me anything from Viagra to $100 casino deposit.  This is where I thought will simple variations of my email address be safe on my website, and the answer is NO.

If you search the web for tools that crawl sites looking for “mailto:” tags and harvesting the contents you would be quite surprised how many tools there are.  They range from simple grab and store to wildcards that can be set up to remove or manipulate any “email address” found.  For example some people use the following PersonsEmail@nospamdomain.com or PersonsEmail [at] domain.com to deter these nasty crawlers but unfortunately the programs get more and more advanced at every release. 

I downloaded one of the basic programs I came across and ran it over a mock up site and the results were astounding:

spam email

As you can see this program has picked 23 email addresses on a single sweep lasting 9 minutes.  Looking further into the advanced settings it’s possible to setup the depth of the crawl and even add login credentials. Most forum software hides users “signatures”/profile details to annonymous users so the fact that you could login before commencing this crawl could open up a big can of worms. 

So we know that software exists out there to hunt our email addresses down so what can we do to protect ourselves?  There have been numerous good articles outlining different techniques to protect our email addresses being harvested that can be found below:

JunkBusters guide to staying off Junk email lists

http://www.junkbusters.com/ht/en/harvesting.html

Hivelogic: Enkoder Web Form(Protects email addresses by converting them into encrypted javascript code)

http://hivelogic.com/enkoder/form

Preventing Spam: Bulletproof Solutions

http://www.smashingmagazine.com/2006/12/14/preventing-spam-bulletproof-solution/

Most ISP’s, free email providers have filters in place and while the majority capture 8/10 it’s still possible for a new message variation to get through the filters.

There are many ways to protect your email address from being “crawled”. This however won’t stop spam totally.   Spam is an on going problem and well hopefully one day the government will get its finger out and do something about it.

Other Resources:

http://www.bbc.co.uk/webwise/askbruce/articles/email/spam_1.shtml

http://www.sitepoint.com/article/stop-comment-spam

http://www.sitepoint.com/article/toughen-forms-security-image