43 Folders

Back to Work

Merlin’s weekly podcast with Dan Benjamin. We talk about creativity, independence, and making things you love.

Join us via RSS, iTunes, or at 5by5.tv.

”What’s 43 Folders?”
43Folders.com is Merlin Mann’s website about finding the time and attention to do your best creative work.

Open thread: Favorite spam blocker service?

I've been relatively fortunate with filtering spam over the past couple years (knock on wood). But despite a kickass three-tiered system that includes the world-beating server-side Sieve, plus Mail.app's pretty good client filtering, it's inevitable that even my best-loved private email addresses would find their way into the wrong hands (it's why I recently created "ThanksNo.com" -- an experiment in social re-engineering that you are free to use as well).

So, now that the spelling-impaired Lords of The Dark Side have such renewed interest in my investment options and genital proportions, I'm considering joining a service like Spam Arrest or the apparently deceased Knowspam. I mostly plan to run this on the addresses I use for strictly personal stuff, so I'm satisfied I can start with a "whitelist" to ensure I don't generate loops or dead ends for the "good" senders. But, you tell me...

Apart from running smart filters on your server and in your mail client, what's the best way to protect a mydomain.com-type email address from becoming compromised and punked-out? What are the dangers and cons of using a challenge/response service like Spam Arrest? Apart from abandoning it wholesale, what's the most effective and non-annoying way to rehabilitate a compromised address?

TOPICS: Email, Vox Populi
Eric's picture

I've got quite a few...

I've got quite a few email addresses. I use my gmail account for anything that I think would risk getting sold or distributed somehow, and as their spam filter is great it's not a problem. I was geting some false positives for a while - notices to moderate posts on my blog (the posts themselves being spam; I've since blacklisted a couple words and it's far less of a problem) since I got about fifty in one day and gmail assumed it was spam. I just marked the address as not spam and it hasn't been a problem since.

My "main" email is given out only to people directly, and doesn't ever touch textboxes on websites for registration or whatever, and I'm inclined to think it was someone with a generator that just got lucky, rather than actually being on a list. Basically, I keep it hidden. In about a year of using that account, I've received no more than three spam messages. I believe my host also runs SpamAssassin, but regardless it hasn't been a problem. I also use Thunderbird (by Mozilla) as my mail client, and it's spam filtering is superb even though I get almost nothing heading towards it (my old domain was fairly heavily spammed, TB got at least 99.5% of the spam tagged accurately and dealt with).

Just don't give your address out more than you have to, and if you get spam then do nothing to acknowledge it. Prior to registering with one site (I believe it was Vistaprint, a business card company), my old domain got nothing, but it went downhill from there. NEVER use the unsubscribe link (unless it's a legit newsletter) because that puts the address on ten more lists. I tried the "myemail DELETETHIS @ domain.com" approach on pages so robots wouldn't snag it, but most of the people I've dealt with seemed too stupid to catch on as well, and in the end accomplished nothing. Next time I need to post my address online, I'm going to just use a randomly named image that's a screencap of the address - I've seen a couple sites do this and I'd imagine it's decently effective.




An Oblique Strategy:
Honor thy error as a hidden intention


Subscribe with Google Reader

Subscribe on Netvibes

Add to Technorati Favorites

Subscribe on Pageflakes

Add RSS feed

The Podcast Feed


Merlin used to crank. He’s not cranking any more.

This is an essay about family, priorities, and Shakey’s Pizza, and it’s probably the best thing he’s written. »

Scared Shitless

Merlin’s scared. You’re scared. Everybody is scared.

This is the video of Merlin’s keynote at Webstock 2011. The one where he cried. You should watch it. »