«

(PeteCresswell) wrote:

> Now, of course, I'm getting spammed daily to the link's address.
>
> Are there any strategies for avoiding or mitigating this - short of the
> brute force approach of constantly changing the address?

Get some decent anti-spam software on your server, such as Spam Assassin or
Pure Message.

--
David Dorward <http://blog.dorward.me.uk/> <http://dorward.me.uk/>
Home is where the ~/.bashrc is

Interesting one that...

I'm sure there is some clever way to do it - cos i'd be interested too !!

I've cut down on my spam ten fold by not including it in my NG profile
though... don;t forget all these get put online too !!!

Domestos

"(PeteCresswell)" <> wrote in message
news:...
> I foolishly embedded a bunch of "MailTo" links in a high school class
reunion
> site.
>
> Now, of course, I'm getting spammed daily to the link's address.
>
> Are there any strategies for avoiding or mitigating this - short of the
brute
> force approach of constantly changing the address?
>
> Also, if changing the addr is the only option, is there a workaround for
the
> legitimate users who would use it in the future? i.e. some kind of
> forwarding/bounce scheme where the user gets a note telling them what the
> revised address is - but which wouldn't be read by a spam generator?
> --
> PeteCresswell

I foolishly embedded a bunch of "MailTo" links in a high school class reunion
site.

Now, of course, I'm getting spammed daily to the link's address.

Are there any strategies for avoiding or mitigating this - short of the brute
force approach of constantly changing the address?

Also, if changing the addr is the only option, is there a workaround for the
legitimate users who would use it in the future? i.e. some kind of
forwarding/bounce scheme where the user gets a note telling them what the
revised address is - but which wouldn't be read by a spam generator?
--
PeteCresswell

Per Domestos:
>I've cut down on my spam ten fold by not including it in my NG profile
>though... don;t forget all these get put online too !!!

As you can see by the return address on this message....

I learned that one the hard way too. Way back, I had unlimited addresses so I
thought I'd be cute and supply a NG-specific address on each post.

Now, however, I'd say that the dictionary attacks outweigh the spams from those
NG posts 10:1. But, since my domain gets 7,000-8,000 spams per day that's
still a significant number.

The other bit of advice I'd offer up is to not use your name, nickname, or
anything remotely resembling same. Instead use initials or, better yet,
meaningless combinations like "". That should thwart the
dictionary attacks.
--
PeteCresswell

(PeteCresswell) wrote:

> I foolishly embedded a bunch of "MailTo" links in a high school class
> reunion site.
>
> Now, of course, I'm getting spammed daily to the link's address.
>
> Are there any strategies for avoiding or mitigating this - short of the
> brute force approach of constantly changing the address?

1) The best solution is to avoid the disclosure of your address to begin
with, or having a hierarchy of mail boxes. Each box should have a different
set of rules applied, e.g. some will sit behind a boxtrapper, some will be
checked periodically yet only once a week, and some will have software like
SpamAssassin in place.

2) Since you already got 'filth' in one of your live boxes, create a new
one, forward all mail from the old one to the new one, but also flag
forwarded mail so that you know which message came from (to) where. Change
your reply-to address to ensure that all correspondents slowly begin to
write to the new address. At some stage, the old address (the flagged
messages) will contain nothing but spam so you can say farewell and refer
to point (1). Unfortunately, I learned this the hard way after some
unpleasant experiences.

> Also, if changing the addr is the only option, is there a workaround for
> the
> legitimate users who would use it in the future? i.e. some kind of
> forwarding/bounce scheme where the user gets a note telling them what the
> revised address is - but which wouldn't be read by a spam generator?

Add a 'Vacation message' to the old account. Everyone who writes to the old
account will know that you may check that address once a week. Clarify that
and do _not_ include your new E-mail address, or else spammers will receive
that too.

Here is my automatic reply for deprecated accounts:

---
*** THIS MESSAGE IS AUTOMATICALLY GENERATED ***

This E-mail account was closed due to the high volume of incoming bulk mail.
It may take me a while to read your message.

Apologies,
<Your Name>
---

Hope it helps,

Roy

--
Roy S. Schestowitz
http://Schestowitz.com

(PeteCresswell) wrote:

> I foolishly embedded a bunch of "MailTo" links in a high school class
> reunion site.

Crazy fool!

http://examples.tobyinkster.co.uk/email-hide

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact

>
>> I foolishly embedded a bunch of "MailTo" links in a high school class
>> reunion site.
>
> Crazy fool!
>
> http://examples.tobyinkster.co.uk/email-hide
>

I don't allow JavaScript so I would not be able to contact you.
..
And _if_ the spambot were interested it would not take too long to break
your code.
The get enough addresses without having to bother about breaking your
script, but if they wanted to they could.

Simon

"(PeteCresswell)" <> wrote in message
news:...
> I foolishly embedded a bunch of "MailTo" links in a high school class
reunion
> site.
>
> Now, of course, I'm getting spammed daily to the link's address.
>
> Are there any strategies for avoiding or mitigating this - short of the
brute
> force approach of constantly changing the address?
>
> Also, if changing the addr is the only option, is there a workaround for
the
> legitimate users who would use it in the future? i.e. some kind of
> forwarding/bounce scheme where the user gets a note telling them what the
> revised address is - but which wouldn't be read by a spam generator?
> --
> PeteCresswell

I use fudging eg mailto

.u.....k (please remove all 5 dots between the u and k for valid
email address)

as active HTML and visible text.

AFAIK anyone trying to email to that address as it stands will not even exit
their
email handler as 5 dots in a line is invalid structure, so no one left
thinking that it is a dead
email address after it bounces.
They know from the outset.
The fudge is on the correct side of the commercial at so
no wasted checks with valid company designations on right of the @.
I have used this structure for some years, loose a few people
with very poor use of English I suppose is the only down side

On Fri, 17 Jun 2005 11:35:59 +0200, Simon <> wrote:

>> http://examples.tobyinkster.co.uk/email-hide
>
> I don't allow JavaScript so I would not be able to contact you.

Sure you would. What you see is "you can mail me at user at example.com".

> And _if_ the spambot were interested it would not take too long to break
> your code. They get enough addresses without having to bother about
> breaking your
> script,
That's the whole point
Practicality beats purism...

> but if they wanted to they could.
Sure, we all know that. But they don't, they'll rather find another Pete
out there who is yet to start receiving spam.

Simon wrote:
> Toby wrote:
>
>> http://examples.tobyinkster.co.uk/email-hide
>
> I don't allow JavaScript so I would not be able to contact you.

Clearly you *do* allow Javascript.

I know this because if you actually *looked* at the site without
Javascript, you would notice that you would still be able to contact
me.

> And _if_ the spambot were interested it would not take too long to break
> your code.
> The get enough addresses without having to bother about breaking your
> script, but if they wanted to they could.

Yeah probably, but why would anyone bother when there are a million other
addresses out there to harvest with less effort?

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact