Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    5 Star Lounger
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    1,070
    Thanks
    42
    Thanked 132 Times in 86 Posts

    How to protect yourself from spammers




    ON SECURITY

    How to protect yourself from spammers

    By Nathan Segal

    If you've been on the Web for any length of time and set up one or more email accounts, you've undoubted received unsolicited mail aka spam. Here's how spam seems to magically appear on every new email account and how email users might be unwittingly contributing to the problem.

    The full text of this column is posted at WindowsSecrets.com/on-security/how-to-protect-yourself-from-spammers/ (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    New Lounger
    Join Date
    Dec 2009
    Location
    Ivy, VA
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts
    (sorry, didn't see this initially)

    With regard to today's On Security column, "How to protect yourself from spammers". Another option I've used on my websites is the free XInbox site(http://xinbox.com/elaine is mine--try it!) Yes, it's a website, but if you post this as your "click here to send me email" link and enter your message to me, it will immediately and with no additional gyrations on the part of the sender, send your email to my [secret] real address, but the sender will never see it, nor will it show up to the screen scrapers. Very simple but very slick!

    Elaine Pack
    Ivy, VA

  3. #3
    3 Star Lounger Backspacer's Avatar
    Join Date
    Sep 2002
    Location
    Scappoose
    Posts
    332
    Thanks
    20
    Thanked 12 Times in 11 Posts
    So what does one do about excessive spam protection? I use the Thunderbird email client and it has an option to trust SpamAssassin results, which I have checked for every email account. Unfortunately there are three regular emails that are very important to me (invoices from my suppliers!) which always go to spam. I have gone to the SpamAssassin website and they say roughly "don't come whining to us if we are marking legitimate emails as spam". Is it possible to get an email source whitelisted so they will quit labeling my messages as spam? If not I may have to quit using SpamAssassin entirely.

  4. #4
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Courtenay, BC
    Posts
    244
    Thanks
    9
    Thanked 16 Times in 15 Posts
    I use a distinct email address for newsletters, forums and such. It gets lots of spam but Google usually handles that well. Googling the address, I found today that someone is using the front part of the address on a bunch of explicit porn sites. The days of using an obscure name spelling for a unique handle are gone.

    I'd strongly recommend using Contact forms on web sites. Contact Form 7 is the standard for WordPress. I'd also be a little careful about using reCaptcha. It's the big one and has been hacked before. These days, I use SweetCaptcha because it's a little fun, easy for visitors, and can be used on registration, contact, login, and other such forms as required.

    If you do post email addresses on your site, I'd recommend something better than hex conversion. Thats standard web use and easy for spammers to add to their code. Email Address Encoder does a blanket job of masking site email addresses but is prone to bog the site as it checks all pages before they load. Best I've seen is Hivelogic's EnKoder if you must. It uses encoded javascript. http://hivelogic.com/enkoder/
    A form is easier and allows you to capture custom info like type of query.

  5. #5
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Courtenay, BC
    Posts
    244
    Thanks
    9
    Thanked 16 Times in 15 Posts
    If you Google SpamAssassin Whitelist, you'll get instructions. I also use Thunderbird.

    I much prefer just using Gmails spam protection. If email is showing up in spam, you just add the senders email address to Contacts. That usually takes care of it unless the sender is sending highly spammy email content.

    You can have Gmail collect your email, then forward it to your accounts. No need to change email addresses to get automated protection. I used to use a long list of custom rules for my antispam tool. None of that hassle anymore. Just check spam occasionally because some dweebs have occasionally marked a newsletter as spam rather than unsubscribing or similar.

  6. #6
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Courtenay, BC
    Posts
    244
    Thanks
    9
    Thanked 16 Times in 15 Posts
    If you use a free Wordpress blog or related web site that doesn't have Contact forms available, you can use Contactify. They give you a unique URL which you link from your site (as in "Contact Us"). That takes you to a short Contact form with captcha. The results are forwarded to you.
    http://www.contactify.com/

    Its very simple and fast to set up.

    If you need something more customizable (colours, fields, other languages, etc) to capture street addresses, take emailed orders, etc, try Foxyforms
    http://www.foxyform.com/

    Both are free services.

  7. #7
    3 Star Lounger
    Join Date
    Jul 2002
    Location
    Rockledge, FL
    Posts
    329
    Thanks
    23
    Thanked 11 Times in 11 Posts
    One option that I use (when using Outlook client PC software) is MailWasher Pro. I have used this for 10 years plus now.

    Well worth it in my opinion.

    Kevin

  8. #8
    Lounger
    Join Date
    Feb 2010
    Location
    Boston, Massachusetts, USA
    Posts
    44
    Thanks
    1
    Thanked 4 Times in 2 Posts
    You advise us to "...avoid word and number combinations found in dictionaries. This includes foreign dictionaries." So if I follow your advice I'm supposed to avoid words from Tagalog, Urdu, Finnish, Russian and other languages using the Cyrillic alphabet, Bantu, and every other dictionary on Earth. Seriously? That isn't even possible, let alone practical. For example, I decide to use the letter combination "blwydd." Better not. It's a Welsh word. Or "gwrt." Oops, not that either; it's part of another Welsh word. And so on.

    Rather than impossible advice, which could make people too casual about long and complex passwords, the best advice about non-English words would be to avoid the common words that either have made it into English - e.g., kibbitz, merci, dosvadanya, ciao, etc.

    As long as I'm on the subject, avoiding all letter combinations that are in English dictionaries needs qualification. You can't assume "common sense" by either users or sites needing passwords, email or otherwise. Almost any two-letter combination can be found in English dictionaries. Avoiding them isn't practical, even if theoretically possible. A lot of three-letter combinations can also be found. Even non-obvious ones can often be found in the middle of words (I've been stung by sites that found them and wouldn't let me use them), making avoiding three-letter non-word combinations difficult. Avoiding four-letter combinations can probably be practical. So good advice would be to avoid words of three letters and letter combinations of four or more letters that can be found in English dictionaries.

  9. #9
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,732
    Thanks
    95
    Thanked 128 Times in 125 Posts
    epack, ok, I send you email via that web site, you send me email from what? If your email addy looks too "funky," I will probably filter it
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

  10. #10
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,751
    Thanks
    171
    Thanked 650 Times in 573 Posts
    Crpto*Loker (intentionally misspelled;
    Why?

  11. #11
    WS Lounge VIP Coochin's Avatar
    Join Date
    Jun 2014
    Location
    Queensland, Australia
    Posts
    2,154
    Thanks
    31
    Thanked 307 Times in 267 Posts
    Quote Originally Posted by BruceR View Post
    Why?
    Why "Why?"
    Computer Consultant/Technician since 1998 (first PC was Atari 1040STE in 1988).
    Most common computing error is EBKAC: Error Between Keyboard And Chairback
    AMD FX8120 (8-core @ 3.1GHz) CPU, Gigabyte GA-990FXA-D3 motherboard, 8GB (2x4GB) DDR3 1866MHz RAM, ATI-AMD Radeon HD6770 PCI-E VGA, 480GB Kingston SSD, 2TB Seagate SATA3.0 HDD, ASUS DVD/RW.

  12. #12
    Silver Lounger RolandJS's Avatar
    Join Date
    Dec 2009
    Location
    Austin metro area TX USA
    Posts
    1,732
    Thanks
    95
    Thanked 128 Times in 125 Posts
    "...Crpto*Loker (intentionally misspelled;..." I'm wondering if somebody has over-assertively set anti-malware filtering.
    "Take care of thy backups and thy restores shall take care of thee." Ben Franklin revisited.
    http://collegecafe.fr.yuku.com/forum...-Technologies/

  13. #13
    4 Star Lounger
    Join Date
    Jun 2011
    Location
    Hampshire (the old one)
    Posts
    525
    Thanks
    21
    Thanked 72 Times in 62 Posts
    A couple of posters have mentioned Thunderbird - I find TB's built-in learning feature very good. In fact, just about the only false positive I've had is some excellent emails from someone called Windows Secrets, whoever that is...

    A few clicks on "Not Junk", and TB gets the message.

  14. #14
    3 Star Lounger
    Join Date
    Jul 2002
    Location
    Rockledge, FL
    Posts
    329
    Thanks
    23
    Thanked 11 Times in 11 Posts
    So, OK as per usual...everyone has their own ideas about passwords. This is to be expected. All of this fails if some company website (where you have an "account") gets hacked and the passwords get stolen. That wouldn't happen right....oops how about HomeDepot, Staples etc ad nauseum.

    K

    Quote Originally Posted by tonyl View Post
    A couple of posters have mentioned Thunderbird - I find TB's built-in learning feature very good. In fact, just about the only false positive I've had is some excellent emails from someone called Windows Secrets, whoever that is...

    A few clicks on "Not Junk", and TB gets the message.

  15. #15
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,751
    Thanks
    171
    Thanked 650 Times in 573 Posts
    Quote Originally Posted by Coochin View Post
    Why "Why?"
    You don't know an answer then?


    Quote Originally Posted by RolandJS View Post
    "...Crpto*Loker (intentionally misspelled;..." I'm wondering if somebody has over-assertively set anti-malware filtering.
    Does any anti-malware scan words within the text of emails, or block access to a web page which contains the name of a virus?
    Last edited by BruceR; 2014-12-23 at 11:51.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •