How to Stop ALL Spam... No, Really!

I want to talk to you about Spam, and then I want to ask WHY email users are not doing the obvious, most simple, most effective thing to prevent it.

Security newsletters go on, and on, endlessly, about the spam problem. And it's not helping. Companies are making a lot of money creating and selling anti-spam software, and it's not helping. What good is catching 98% of incoming spam? To me, that's like an OCR program that is 98% accurate... one still has to read the whole damn scan to find the mistakes. And with spam, one pretty much has to scan the "spambox" of collected junk mails to ensure that there are no false positives.

On top of that, the spam-masters just keep getting better at getting past the spam-filters. Let's face it; the only way you can block out the 10,000 different spelling variations of "viagra" is to include every word that has the letters v, i, a, g, and r in it. This stuff is always going to get through, to a greater or lesser extent.

I get NO spam. None. Zip, zero, nada. And I use my email client extensively, day and night. (I use ThunderBird as my POP3 client, but that is beside the point... I pretty much ignore the Junk message filter system that this particular client offers.) It isn't a question of which client has the best filters or plug-ins. Nope.

Here is how I have kept my Inbox literally free of spam for over a year now.

1. I changed my email address to one nobody had ever seen before, and eventually phased out my old address.
2. I do not post my email address on any websites; not even my own. Instead, I use text-only or a special HTML tool to hide the real address.
3. I use my email address only with my friends, and never with casual acquaintances (at one point earlier in 2004, I corresponded with a guy who needed to advertise in my magazine... and that was promptly followed up with him sending me a joke email, which contained a list of at least 50 of his "friends" in the header... and to no one's surprise, the next day I got a joke email from one of those friends, thereby beginning the cycle of junk-mail-from-"friends" hell. I hastily informed both of these people never to do that to me again, under any circumstances. I got lucky: none of them appear to have been hit with a mail-out virus.)
4. Anytime I subscribe to a website for anything at all (newsletters, purchases, trial downloads), I make sure I never give them my email address.
5. Even though I own several domain names, I use a special service that hides my real email addresses from bots and others that scan the WHOIS libraries (all registered domains must provide email contact addresses; it is very easy for spybots and even casual readers to access these addresses, which are usually true addresses.) Services such as myprivacy.ca prevent this from happening. This makes a huge difference.

BUT YOU SAY: "OK, fine, anyone can just stop using their email. And by the way, pal, you can't subscribe to an email newsletter without giving up your address."

Wrong. What I do instead is use an email anonymizer, or ghoster. In my particular case, although there are a number of these services out there, I use Sneakemail (www.sneakemail.com). This is a FREE service (although you can buy a monthly subscription and receive extra tools) that generates a unique email return address for every message I write that needs one. For example, it has created the return address that I used for this email, and to subscribe to Windows Secrets. My REAL email address is never seen by anyone or anything, outside of the Sneakemail servers. And they are pretty damn secure.

BUT YOU SAY: "Hmmm, interesting... but how do you know which address you used; there must be hundreds of them. And more to the point: how does this stop you getting spam? Surely you just get spam at all those addresses."

Wrong again. For each unique address, I can add a little note that tells me who the address was for... even the date I created it. And I attach a little bit of a header that says "This might be spam..." for every address, so that I instantly know, when someone responds to that address, that it is from a place that has received my Sneakemail address... and therefore I am alerted that, well, "this might be spam".  Better yet, Sneakemail even creates a SECOND blind email address that the recipient sees... they never even actually see the REAL fake email address. Still with me?

If I ever get a piece of spam, thanks to the Sneakemail header, I know instantly which unscrupulous, lousy, stinking, rotten, lowlife company provided my email address to some entity outside of their domain. I know they either sold it or gave it away, or worse, unbeknownst to them someone in their own company is selling their mailing list off.
Because each address is unique, I always know exactly who sold my name. This lets me do two things:

1. I immediately contact the company that originally sold (or otherwise dispursed) my Sneakemail address. And I give 'em a potential blast of nastiness, couched in polite inquiries into their potential knowledge of the crime. That is, I give them a chance to tell me they were not aware, or to point out that somewhere along the line I missed the part in their Privacy Policy that said they could actually do this.

2. If I don't hear from them in a few days, I simply scrap the address. Here is the cool part: because each address is unique and applies to only one site or company, I never get any more junk mail... no matter how many junk mailers get sold that address. And I don't cancel my subscription to whatever it was, thereby allowing the offender to burden their mail servers with useless mailings to me, mailings that I will never see or even know about. On top of that, any spammer that is using that address is paying money for nothing, and weighing down their servers, too. Isnt' that fantastic?

A few caveats here: this is not particularly a push for Sneakemail; they just happen to be the anonymizer I chose. They are simple, effective, free, and offer many, many other benefits (for example, letting me c.c. any Sneakemail mail to my real address, so I have an extra record of any dealings). As well, I must point out that since I have been using Sneakemail, I have actually only received a very, very few pieces of spam to any of the unique addresses, which means to me that there are far more responsible companies out there on the Web than there are bad ones (either that  or I have been exceedingly lucky in my choices). And finally, just this week I received two pieces of unwanted junk mail trying to sell me some Men's Club party facilities, complete with pictures of comely babes in Bunny costumes... and both Sneakemail addresses pointed out that the originators (the guys who sold my name) are a pair of partners in very respectable newsletter businesses, whose names I won't mention here). The mails came from two different servers, but arrived within seconds of each other, and apart from the return addresses, were identical. Man, what a waste of everyone's time and money.

In conclusion, I urge everyone around the world to kill the Spam problem immediately. You don't ever have to give out your real email address; always use an anonymizer, and you will never be bothered again. Wouldn't you like to hook up to your messages in the morning and not have to worry about skimming through all the crap, wasting all that time deleting the stuff that gets through your well-intentioned but hopeless filters? And for God's sake, don't post your address anywhere.

If we all did this, wow, what a wonderful world this would be. Now if only the solution were as simple in the fight against crapware...

... Mike Riley

--------------------------------------
Protect yourself from spam,
use http://sneakemail.com