One of the spammer’s methods to find your email is to go through thousands of websites and collect any email addresses that he finds there. For this job he uses special softs named spam bots and spam harvesters.
It’s obvious that every company that has a website with an email address will become a victim.
Besides reporting the spam you can try to fight against it using these solutions.
1. Mail Address Obfuscation:
This is a method that hides you email from spam bots but it leaves it perfectly visible to site’s visitors.
Let’s say we have this email: mymail@server.com .
If it’s on a website page, usualy it is inserted as a link like : <A HREF= "mymail@server.com" >mymail@server.com < /A> because when a visitor clicks on it it will automatically open in his email program.
The problem is that the above email will be 100% collected by spammers’ software. A very good service to camouflate your emails is here: http://alicorna.com/obfuscator.html . Every letter in this address it’s replaced with an ASCII code, so the visitors will see your email exactly how they’re supposed to see it but the spam bots will not see your email (unless they are very sopfisticated).
An extreme protection is writing the address like a small image on your website (without a link). If your email is too long and complicated it’s better not to use this way, or the visitors could mistake when they write down it.
A much simpler way is to write the address as mymail at server dot com.
2. Spam poison
Using this way your site will have links to other webpages that contains lots of fake email, randomly generated. When a spam bot visites your website it will only collect lots of fake emails (only if your real address are camouflated using method 1).
A good sollution for spam poison webpages it’s that its to be generated with dynamic scripts. Here is an excellent CGI example implemented in perl: http://downlode.org/Code/Perl/spamtrap/ .
If you don’t have access to CGI webpages, you can use this PHP script: http://www.hotscripts.com/Detailed/39589.html .
Wpoison is another good method to use: http://www.monkeys.com/wpoison/ . You might dislike it because it puts a copyright banner with a skull.
Usually spam bots ignore the exclusion directions from robots.txt. It’s recommended that “poisoned webpages” to be listed with Disallow to avoid being scanned by crawlers from searching engines. This way the spam bots will search every webpage and link on the website, ignoring the restrictions, and its will fall in your trap.
Do spammers get fooled by fake addresses generated by poison? Not really, but they’ll have to make some efforts to process fake emails. More than that, they preffer to avoid this websites whom contains poison because time is precious for them and they won’t loose it searching for fake addresses.
Use spam poison only with number 1 method. The results will come in several months.
3. Honeypot
A honeypot it’s a trap that will record :
a) spam bots visit, their type and Ips
b) how long time does it take to start spamming and what’s it source
It’s clear that between spam bots and spamming sources is a connection, and a honeypot will make this connection obvious. After a spam bot visit, usualy your emails will begin to receive spam shortly.
How to install a honeypot on your website? Visit http://www.projecthoneypot.org and you’ll find anything you need. This project is free and you can one account for more sites.
An email address used by a honeypot will not be see by website visitors, but only by spam bots. So there’s no possibility that a visitor to send emails to a honeypot, those addresses are only for receiving spam.
Using a honeypot will make a part of received spam to be thrown to those addresses that will try to identify spam sources.
According to the statistics, USA it’s no.1 in collecting emails with spam bots, followe by China, Spain, Romania and Germany. :spam: http://www.projecthoneypot.org/statistics.php
It’s obvious that every company that has a website with an email address will become a victim.
Besides reporting the spam you can try to fight against it using these solutions.
1. Mail Address Obfuscation:
This is a method that hides you email from spam bots but it leaves it perfectly visible to site’s visitors.
Let’s say we have this email: mymail@server.com .
If it’s on a website page, usualy it is inserted as a link like : <A HREF= "mymail@server.com" >mymail@server.com < /A> because when a visitor clicks on it it will automatically open in his email program.
The problem is that the above email will be 100% collected by spammers’ software. A very good service to camouflate your emails is here: http://alicorna.com/obfuscator.html . Every letter in this address it’s replaced with an ASCII code, so the visitors will see your email exactly how they’re supposed to see it but the spam bots will not see your email (unless they are very sopfisticated).
An extreme protection is writing the address like a small image on your website (without a link). If your email is too long and complicated it’s better not to use this way, or the visitors could mistake when they write down it.
A much simpler way is to write the address as mymail at server dot com.
2. Spam poison
Using this way your site will have links to other webpages that contains lots of fake email, randomly generated. When a spam bot visites your website it will only collect lots of fake emails (only if your real address are camouflated using method 1).
A good sollution for spam poison webpages it’s that its to be generated with dynamic scripts. Here is an excellent CGI example implemented in perl: http://downlode.org/Code/Perl/spamtrap/ .
If you don’t have access to CGI webpages, you can use this PHP script: http://www.hotscripts.com/Detailed/39589.html .
Wpoison is another good method to use: http://www.monkeys.com/wpoison/ . You might dislike it because it puts a copyright banner with a skull.
Usually spam bots ignore the exclusion directions from robots.txt. It’s recommended that “poisoned webpages” to be listed with Disallow to avoid being scanned by crawlers from searching engines. This way the spam bots will search every webpage and link on the website, ignoring the restrictions, and its will fall in your trap.
Do spammers get fooled by fake addresses generated by poison? Not really, but they’ll have to make some efforts to process fake emails. More than that, they preffer to avoid this websites whom contains poison because time is precious for them and they won’t loose it searching for fake addresses.
Use spam poison only with number 1 method. The results will come in several months.
3. Honeypot
A honeypot it’s a trap that will record :
a) spam bots visit, their type and Ips
b) how long time does it take to start spamming and what’s it source
It’s clear that between spam bots and spamming sources is a connection, and a honeypot will make this connection obvious. After a spam bot visit, usualy your emails will begin to receive spam shortly.
How to install a honeypot on your website? Visit http://www.projecthoneypot.org and you’ll find anything you need. This project is free and you can one account for more sites.
An email address used by a honeypot will not be see by website visitors, but only by spam bots. So there’s no possibility that a visitor to send emails to a honeypot, those addresses are only for receiving spam.
Using a honeypot will make a part of received spam to be thrown to those addresses that will try to identify spam sources.
According to the statistics, USA it’s no.1 in collecting emails with spam bots, followe by China, Spain, Romania and Germany. :spam: http://www.projecthoneypot.org/statistics.php
