Avoiding Spam Email

Home Page > Fun Stuff > 2003 > Avoiding Spam Email

Avoiding Spam Email

There are few things about the Internet more annoying than "spam": junk email. I have a few ideas on how to avoid getting these junk emails.

People who send junk email can get your email address only in the following ways:

Here are my rules for keeping your address out of the hands of internet marketers:

Don't Give Out Your Main Address

Don't ever type in your address anywhere on the internet. In other words, don't sign up for anything online.  Most online merchants will keep to their word to not give away your address, but it only takes one, and your address will be on a list, and it's hard to get it off.

I recommend using a "junk mail" address. Sign up for a free email (see blue sidebar, below), and use that address when you're signing up for things on the internet. Then use your "real" address only for family and friends.  Eventually, your "junk mail" address will start getting more and more spam.  When it does, just cancel the account, and sign up for another one.

Rules for Keeping Your
Email Address Safe

1) Don't give out your main address online
2) Keep your address off web pages
3) Use a good ISP (I recommend Yahoo!)

For example, if your email address is bob@abc.com, give out that address to your friends, your family, print it on your business cards, etc.  But, don't give it to Target.com, your online banking site, or any other online merchant.  Instead, sign up for something like bobsjunk2003@yahoo.com and use that one.

Keep Your Address Off Web Pages

Web robots or "spiders" regularly crawl the internet, automatically reading thousands of pages per hour. Search engines use these robots to index content. However, some mass marketers also do this, looking for email addresses published on web pages.

To avoid this, don't put your address on a web page. Or, if you need it to be published, at least hide it from the robots.

To hide a web page from well-behaved robots, follow the guidelines published at http://www.robotstxt.org/wc/exclusion.html, and see what Google.com has to say about it at: http://www.google.com/webmasters/faq.html#nocrawl. Basically, these web pages say you can put
in your web page, and that should keep these robots from recording your email address.

That may be good enough.  However, you're depending on the robots to follow the standard. A more dependable way to make sure they can't read your address is to make an image of your address. That way, humans can read your address, but the robots can't.  For example, you could put this on your page:

Write to me at my email address, at:   

Notice that you can't copy & paste the address above. That's because it's a picture, not text. This means that robots will not be able to record your address. However, it's still available for anyone who needs to write you. This technique has the disadvantage of being a little less convenient, because people have to type in your address. I don't recommend that businesses do this. Do this just for your personal email address.

Choose a Good Email Domain

By "Email Domain", I mean the part after the @ sign. You may be using an address from work or from school as your primary email address. That's usually okay, but you may want to think about what will happen if you quit your job or graduate from school. You will probably want a more permanent address.  The ideal solution is to buy your own domain name. Then you will have complete control over your email.  However, a simpler, cheaper solution is to use a free online email account.

Speaking only from anecdotal experience, it seems to me that AOL and Hotmail users get more junk mail than others. Over a year ago, I signed up for a Hotmail account and for a Yahoo! account, and then didn't tell anyone the address. The Hotmail account got 5 or 6 junk emails a month. The Yahoo! account didn't get any. Ever. I don't know how the mass marketers got my Hotmail account address. Either Hotmail gave it to them, or they randomly guessed it.  To be fair, the Yahoo! account name was a little more obscure. Also, I'm sure Hotmail's popularity makes it a bigger target for random email address guessing.

Therefore, I recommend Yahoo!.  Go to mail.yahoo.com to sign up.

Choosing A Free
Email Address

Choose an account name that will be harder to guess randomly, maybe by putting some numbers or non-words in there.

Choose a less-popular Email Domain, which could be less of a target for mass marketers

For your "junk" account, get a new one every year. For example, bobsjunk2003 one year, then bobsjunk2004 the next, etc.  A human reader will probably be able to guess your new address if they have an old one.


Keeping your email address out of the hands of mass marketers involves finding a good balance between making your address hard to find for them, while not making it too hard to find or remember for your friends and family. Using these techniques of having several addresses, hiding it from web pages, and being careful where you give out your address should significantly reduce the amount of junk email you get.

Eric Wolfram has a good article about avoiding spam: Stop Spam Junk Email.

PS - Advanced Techniques

Here are some advanced techniques that most of you can probably skip.

If you own your own domain, as I do, there are a few more things you can do to combat junk email.  You can make up a new email address for every merchant that requires an email address every time you sign up for something online.  For example, if our fictitious friend Bob owned the abc.com domain name, he could leave the address amazon_junk@abc.com when he signs up for an Amazon account, maybe citibank_junk@abc.com at CitiBank.com, target_junk@abc.com at Target.com, etc. That way, if one of those merchants does sell his address, he will know which one did it.  This technique also allows for easier filtering.  Most email client programs let you filter email into different in boxes.  Bob could filter anything that has "_junk@abc.com" in the header into a special in box.

Fight Back with Fake "Bounce" messages. If you can figure out how, most email client programs will also let you pick an arbitrary "From" address. If Bob does start getting junk mail addressed to bob@abc.com, he can reply to each by composing a message from "Postmaster@abc.com" saying that the mail bounced. To make it look real, include the entire spam message with full headers, then put the following text at the top of the message, with the subject Mail System Error - Returned Mail:

This Message was undeliverable due to the following reason:

Each of the following recipients was rejected by a remote mail server.
The reasons given by the server are included to help you determine why
each recipient was rejected.

Recipient: <bob@abc.com>
Reason: Requested action not taken:user account not found

Please reply to Postmaster@abc.com
if you feel this message to be in error.

Truthfully, I'm not sure how effective this is, but I think that a good number of mass marketers try to purge their lists of old addresses, and receiving a message like this might automatically remove you from their list.

Also, many junk emails say something like "Click Here to Unsubscribe". I'm a little wary of such promises. By clicking there, you're confirming that you did in fact get and read the message, signaling that your address is legitimate. I don't trust most mass marketers to throw away that valuable tidbit of information. They may follow the letter of their promise... by removing you from that one specific list, but I'd suspect they would add you to another list. So, I generally advise people to never click on those "Unsubscribe" links.

Fight back by posting fake addresses. This web site: http://members.hostedscripts.com/antispam.html dynamically generates random email addresses every time the page is loaded. The idea is to fill up the spammers' address lists with so many fake addresses that the lists will become useless. So, if you are good at scripting, you can do your part by making a page like this yourself.  In an ideal world, this could work. If every single real address on a web page was also accompanied by 20 fake addresses (appropriately labeled as such for the human readers), then robots looking for good addresses would have a success rate of only 5%, and that would probably stop mass marketers from getting their lists in this way.

Again, I'm not sure how effective this technique is, but, like sending fake bounce messages, it may help you feel better, like you're doing something to combat the problem.

Random Acts of Unkindness. Finally, a delightfully revengeful story about someone who got back at a spam perpetrator. This was featured in Wired magazine.  A woman got an email asking for help to get $100 million out of Nigeria. She pretended to fall for the scam, and eventually convinced the perpetrators to fly to Amsterdam and wait around for her in front of a web cam.  It's a great story.  Read about it at "The Adventures of Wendy Wilcox and her dog Willis", http://www.wendywillcox.50megs.com/

Oh, and apologies to bob@abc.com, if that is a real address.  I was just using it as an example in this article.

Now if I can only get those telephone marketers to stop calling....

(Update Jan. 2004: I put myself on the National Do Not Call Registry, at it works! No more telemarketing calls. See http://www.donotcall.gov/)

(Update June 2004: A friend (Colin Fahey) of an old work friend (Greg Moulton) made a great web page about SPAM: http://www.colinfahey2.com/spam_topics/spam_the_phenomenon.htm it has all kinds of statistics, sociological commentary, sample messages, descriptions of spammers' tricks, and a proposed solution)


PS -- Having said that you shouldn't leave your email address in web forms, I see that this very page has a place for your email address. Well, I promise not to put your email address on any list if you do send me a message below. So if you're writing, your decision of whether to leave your address depends on if you trust me.  I'm just recommending not trusting large company web sites.

From: (your name or email address, or anonymous)

Your message to Matthew:

Created and maintained by Matthew Weathers. Last updated Apr 20, 2006.