EcommerceBytes-Update, Number 103 - September 21, 2003 - ISSN 1528-6703     5 of 9

The Online Sellers Guide to Stopping Spam, Part 2

By Yisroel (Izzy) Goodman

Email This Story to a Friend

Note: You can read part 1 of this series at:

How can you reduce the spam you receive? Prevent your ID from getting on spam lists.

Spammers get your email ID in several ways. The most common is when YOU give it to them. How? By posting on forums using your actual email ID. By filling out surveys or responding to "Free" offers. By posting your email ID on your own Web site. The first thing you should learn when you surf the Net is not to hand out your email ID to just anybody.

Create "Disposable" Email Addresses
There are several methods of protecting your email ID. You can create disposable email IDs in many ways. One way is to simply create a series of Yahoo or Hotmail IDs. Use the first one when you post on public forums. When you start seeing spam coming in to that ID, switch to the next one and never use the first one again. Keep your "real" email ID for real email, like your friends and associates.

There is a site called that has an interesting, free service. You can create IDs on-the-fly that are limited to no more than 20 emails. One drawback is that some sites simply won't accept an ID in the format and treat it as invalid.

If you have your own domain name, you can create all the emails you need without having to visit any site or do any management. When placing an order with, use the email ID Now when you receive email, you can identify where it came from, and you can block that email address from coming to you. You only need a domain name and some storage space for your email, which costs as low as $20 a year. There are probably a few places offering this service, I recommend

Trick the Spam Spiders
How do you protect your email address if you operate a Web site? After all, you must keep in contact with your customers, and you can't be changing and discarding email addresses. First, post your ID on your Web site in such a way that it is recognizable to your customers but not to spammers. Spammers use spider programs to crawl the Web looking for email IDs. If the email ID is wrong, the spider has no way of correcting it. So if you list your ID on the site as sales @ yourdomain. com (notice the spaces), visitors to your site will see it and understand, but spiders will retrieve the extra spaces, and spam sent to that ID may fail. Some people post and then instruct visitors to remove the NOSPAM before emailing.

By now, the spammers have gotten smart enough to remove the extra spaces and the letters NOSPAM from the IDs. Another method that probably works better is to encode the email ID. Every character that can be displayed has a numeric value. Instead of displaying your email as, you can substitute the numeric values and let HTML convert it when it is displayed. Spider programs just see the raw numbers in the file and will pass it by. I've created a program to encrypt email IDs at, since it's difficult to explain.

Filter the Spam Out of Your Mailbox
Blacklists are lists of senders whose email is marked as spam. Email that is identified as spam is either 1) sent to a special spam folder or 2) blocked from your email completely. The second method is dangerous because often, legitimate email is blocked. AOL once decided to block all mail from Earthlink accounts without even informing their customers. While spam is a problem, having someone else decide which of your mail they will allow you to see is an even bigger problem.

My Internet Service Provider, Earthlink, lets you set a spam blocking level. At the lowest setting, it puts only guaranteed spam into a spam folder, which is automatically deleted at regular intervals. You can also maintain your own blocked sender list to filter even more. It even filters spam forwarded from other IDs.

Whitelists are lists of approved senders. If you receive an email from a sender not on your list, it goes into the spam folder. While this method might work for the average person, a Web site owner can't use this method because any new customer inquiry would be marked as spam.

Challenge-response is when email is received from an unknown sender, the sender receives back an email asking for verification. Although I have seen some Web site owners use this method, I would not recommend it. When a customer makes an inquiry, he does not want to be challenged and added to a list. And some people won't ever respond to these because they are afraid their email address will be added to a spam list, even though this isn't true.

MailWasher is a program that checks and manages your emails before you download them. I use Mailwasher to retrieve my email. Mailwasher lets me to mark email as spam and create whitelists and blacklists, so spam comes up marked for deletion. Mailwasher has the added bonus of not retrieving attachments, so I will have time to delete any possible virus email without ever contracting the virus.

Spamihilator is a free program that sits in your system tray and acts as a sort of mail server. It silently preprocesses your email and places spam in its own tray. The rest it sends on to your regular email program. The only indication it gives that you have received spam is a tiny number on the icon. You can click the icon and review what it trapped. If it trapped a legitimate email, you can mark it as non spam, and Spamihilator sends it on to your email program. There is also a "training area" that shows all the messages you have received. You mark each message as spam or non spam and click the "Learn" button. Spamihilator becomes more effective as you train it. You can also create a whitelist and blacklist just by clicking the messages and adding the senders to one list or the other. Spamihilator is not an email program. It is a filter that works in conjunction with your email program.

Putting It All Together
I removed my email ID from my Web site and coded it. I unsubscribed from all the legitimate email lists and forums I was on and resubscribed under a "disposable" email ID of the site name plus my domain name. I forward all my email to my Earthlink account, which removes 20% of the spam. When Mailwasher checks my email, Spamihilator activates and prefilters the spam that Earthlink missed. Spamihilator catches about 40% of spam (and improving), and Mailwasher catches most of the rest.

I don't bother checking the Earthlink spam folder since it only traps what it knows to be 100% spam. Mailwasher shows me all the messages, with the spam pre-marked so I don't have to even look at it. Once in a while I will check Spamihilator's spam folder just to be sure that there are no legitimate messages there, and the more I train it, the fewer there are.

ISPs, software developers and government agencies are all working on methods to reduce the scourge of spam. Until they have a solution, there are still free and low-cost solutions to help keep it out of your mailbox.

About the author:

Yisroel (Izzy) Goodman owns Complete Computer Services Inc. and sells electronics and ink cartridges online. His Web site contains articles about creating web sites, using HTML and ASP, obtaining a merchant account, payment service ratings, and avoiding fraud. His informed opinions are based on his own experience and from reading about others' experiences with payment services as well as discussions with users, representatives of the services and experts in the field. (Note: He is not affiliated in any way, directly or indirectly, with any payment service.) He can be reached by email at

You may quote up to 50 words of any article on the condition that you attribute the article to and either link to the original article or to
All other use is prohibited.