Anyone who’s visited this site with any frequency already knows my deep loathing for spam. So imagine my grousing when I heard some of the great people listed on blogs4God got spammed by a similar list. This was soon outdone by an audible growl when I began receiving e-mail from members asking if this message was from b4G or if we had resold the list.
But as we are instructed by the Apostle Paul in Romans 12:21, I will instead return such evil with good. In this case, a quick lesson on dealing with spam.
That said, I am not going to try and write a comprehensive compendium how to when there are already so many great ones out there including:
- The Coalition Against Unsolicited Commercial Email
- Fight Spam on the Internet!
- Notes on stopping Unsolicited Commercial Email
What I will do is tell you are some of the measures I use to keep a good deal of spam away from both myself, and my church.
First, the hosting company. Make sure the company, which hosts your site, has strong, enforceable anti-spam and anti-network policies. Make sure your host is not listed on various notorious spam blocking lists such as the MAPS Realtime Blackhole List. This is because a pro spam host will more than likely not have any sort of spam counter measures loaded at the network or server level. If your host is a good guy, then find out if they have or are willing to install various spam-fighting mechanisms. A popular one being SpamAssassin, though I would really like to see PerlMX. More schmoozing on my part.
Second, your web site and configuration. There are some of you who post e-mail addresses in plain view. DON’T DO THIS. There are these nasty little mechanisms out there called spambots that spider through the web harvesting email addresses. This is how I suspect some of you may have received a recent spam attack. Use an online form that does NOT use an email address as a ‘hidden’ input variable. And if you must use an address, then use the patented Mean Dean Anti-Spam Email Obfuscator.
Still on the web server, turn on various tools your hosting company offers – but do read the manual first. Also, when creating email addresses, make the “real” POP email account something hard to guess or automatically generate with a dictionary program. For example shep822@ … for your pastor. Then use an alias, or forwarding email address to give out to the public. Such as Pastor@.. or Bob@… It is very easy to change the direction of these aliases, kill them off and/or create new ones once these become spam saturated. Moreover, if/when a staff member leaves, the real address stays with you.
Now here is an area that gets some Christians mad, counter measures. You don’t see this when you visit Redland Baptist, but I’ve booby-trapped some of the pages with what are known as spam chaff generators. Essentially they toss out a bunch of non-existent email addresses and a never ending queue of links to similar pages. If the spammer uses them, then he floods himself with a bunch of rejections. Better yet, if his program is designed to spider through links, my program causes the spider to recurse itself into ethernet. If nothing else, his list is now contaminated list so it’s more difficult to sell. Expect such a mechanism up on blogs4God soon.
I also seed some non-chaffed pages with some addresses designed to get spammers in trouble. email@example.com being one of my favorites. Basically, this is a boomerang – as the address in the blocks causes the message to be sent to the spammer’s system, not mine. Unless he has a dedicated server … whoops! You should have seen the irate email some guy sent my pastor after stepping on this one. Of course, my reply and defense was, “the only way you can see and use that address is with a harvesting program …” no reply to date. My pastor is pretty cool about such things. Your mileage may vary. *
WARNING * Check first with both your church, and your local authorities before deploying counter measures.
WARNING 2 * Chaff generators will also snag search engines. Unless you know how to keep them safe using robot.txt and .htaccess, don’t do this!
** UPDATE (22-aug-02) ** - read my article “hot naked under-aged teen sex” before you consider taking such actions (don’t worry mom, it is p0rn free).
Also, put a strongly worded message up on your site that copyrights your data, and indicates that information on your site is NOT for commercial use, nor use for spam, etc. I’m not a lawyer, but I know a website of someone who is who can explain it a lot better than I.
Ok, now turning towards ourselves. I have a set of hotmail and yahoo email addresses I use for registrations. Nothing gets you spammed faster than registrations. I notice many of you signed up for blogs4God using such addresses. Good going! Also, tell some of your more rabid church friends to keep you off their “distributions.” You know, these are the well-intentioned individuals who send you the infamous “FCC Bans Religious Broadcasting” legend or various prayer chains under the auspice of doing ‘His’ work. spammers harvest these lists – and quite frankly, these messages do little or nothing to change things – talk being cheap and all.
Learn how to use the “rules” tools on your email client, such as Outlook Express or Eudora. Remember SpamAssassin? It marks up the subject line, so I can easily identify incoming spam, which my rules tools sees and throws into the trash as soon at it arrives. You can also use it to block certain people or subject lines.
Learn how to extract the message headers/source. If you do this, then you can use tools such SpamCop to complain. That said, never, ever, NEVER reply directly to a spammer. This merely indicates to them that they have a valid email address. The nice thing about a tool like SpamCop is that it also gives you opportunity to complain upstream. This is very useful if you get spammed from a dedicated server, like the one spam I mentioned at the beginning of this article. BTW, if you’re going to use the “free version” SpamCop, make sure you use one of those throw-away email addresses I talked about.
Finally, if you really need to know who’s bugging you, use tools like SamSpade.org. I use a combination of both his online and offline tools. Yes, I do get spammed, but not that often and when I do I make them pay dearly. Usually they go onto easier marks.
On a personal note, spam from Christians is inexcusable. Those who do are advertising on the backs of the people they burden. They consume bandwidth and disk space from people that they are not entitled or invited to consume. Meaning, they’re not only being a pain, but they are stealing. And while I have grace and forgiveness towards all, it doesn’t mean you can continue to abuse me and my systems. That my friends would be a dysfunctional disservice that would enable the errant to sin again.
If you’ve been around church for any length of time, you know what I mean by that.
- The Anti-Spam Home Page
- Anti-Spam Hotlinks
- Anti-Spam Tactics
- Beating the E-Mail Spammers
- CAUCE (Coalition Against Unsolicited Commercial Email)
- Elsop’s Anti-Spam Page
- Fight Spam on the Internet!
- Internet Scambusters
- Mail Abuse Prevention System
- SpamCon Foundation
- Spam Delenda Est
- The Spamhaus Project
- Spam Links
- UXN Spam Combat