Return to -
Return to -UpdateIconReturn to -
Return to -
Return to -Return to -Return to -Return to -

Spam Protected Email Addresses (SPEA)

Volker Grassmann, DF5AI

December 23, 2003

Introduction

Operating your web site in the internet, you will sooner or later receive tons of unwanted email messages, i.e. spam mail. The email software on my computer is smart enough to learn which emails I would consider spam mail. The software isn't perfect though and a certain amount of spam mail still appeared in my mailbox. By introducing a very simple authorization identifier, all spam mail is now perfectly rejected by the same email software. The following method cannot prevent spam mail being downloaded by your email client but it can identify those messages quite accurately, i.e. spam mail shows up in your mailbox never again. You may use the same method on your computer without contacting your internet/email provider and it is very easy to implement. See how it works...

The SPEA identifier

On your webpage, you generally provide an email address allowing users to send you a message, spammers may use the same email address, unfortunately. All what we need to do is providing an additional information which is available to the users but not available to the spammers. This information is called the SPEA identifier which you may publish on your webpage together with your email address, see figure 1.

SPEABox
Figure 1. Infobox providing your email address (in this example: "myaddress@provider.com") to be used by your customers. The SPEA identifier (in this example: "1234") is the key code which unlocks your inbox, i.e. emails not providing that identifier in its subject line will be rejected.

Note that spammers may consider your email address but they cannot consider mandatory key words in the email's subject line. Thus, receiving an email with the identifier missing, your email software may reject that email without mercy. On the other hand, the users of your web site may consider that identifier in the subject line, i.e. their messages will pass without any problem, see figure 2.

SPEAconfig
Figure 2. Three examples of emails using the subject title "Dx information". Top: the SPEA identifier is missing, i.e. this email is considered spam mail. Center and bottom: subject lines providing the SPEA identifier, i.e. this emails will be considered user messages to be transfered into your mailbox.

Configuring your email software

Without contacting your email provider, you may implement that method very easily - just by adding a filter rule to your email software. That filter reads the email's subject line and, if the SPEA identifier is missing, your email software may kick that message into the nirvana, see figure 3.

SPEAconfig1
Figure 3. Adding a new filter to your email software which rejects all email messages not providing the SPEA identifier in its subject line.

Recommendation to change your email address

Evidently, you do not need to change your email address to make it a Spam Protected Email Address. However, I recommend to change your email address by adding the term "-SPEA" to your email name. For example:

myaddress@provider.com

would change into

myaddress-SPEA@provider.com

Imagine the SPEA concept would be used by many people, spammers will realize that it isn't worth to target email names with "-SPEA" in it. Being a spammer, would you send junk messages to thousands of email addresses which will never ever generate any awareness because all your messages will be blocked even by very simple email programs? Therefore, I think it is wise to demonstrate SPEA in the email name.

Questions & answers

Q: My customers will probably dislike this SPEA identifiers - this appears an inconvenient method in practice.
A: I see what you mean. However, the SPEA method applies only once, i.e. when your customer wants to establish initial contact. My web site, for example, communicates the "feedback-SPEA" email address but I will answer incoming emails by using another email address, i.e. an ordinary one without using any identifier. The user may store this second address in his address book and may use the same address in future correspondence. That email address is never communicated in the internet, of course. For this reason you may change the actual SPEA identifier on your webpage even every day - it doesn't cause any inconveniences to existing customers.
 
Q: I guess spammers may continue sending junk messages even to Spam Protected Email Addresses by considering those identifiers in their lists.
A: Just change the actual value of the SPEA identifier to block them again.
 
Q: May I use this SPEA infobox (see figure 1) on my web site?
A: Sure, except you wish to use that infobox for commercial purposes. In this case, written permission of the author is required. However, you may not change or modify the design and the copyright must remain as it is. Press the button to download an empty infobox in which you may place your email address and your personal SPEA identifier: SpecialTopics1b2. There is
no need, by the way, to change the graphics manually when placing your email address in it or when changing the SPEA identifier: in your web editor, place frames on top of the graphics in which you may enter the email address and the identifier, respectively. Finally, convert this frames into GIF format - your web editor combines the infobox graphics and the frames into only one graphical element. Thus, do not change the infobox graphic file, let your web editor do this job for you.
 
Q: What type of SPEA identifier do you recommend, i.e. numbers only or characters or what else?
A: I prefer four digit alphanumerical codes but you may freely decide on the format, i.e. explicit rules actually do not exist.
 
Q: Replying on emails might become a problem because the subject line will change, right?
A: No, this is no problem at all because the SPEA identifier remains available in reply messages, its string position has changed though. For example: the original subject line "1234 dx information" would now read "Re: 1234 dx information". The email program's filter does not care about the identifier's actual position within the subject line. Please refer to the first Q&A to view an alternative method to reply on emails arriving at Spam Protected Email Addresses.

Email addresses in web appearances

You may reduce the amount of spam mails by considering some basic rules in the internet, i.e. on your web site and elsewhere.

Rule 1: Do not use HTML to communicate your email address on your web site, never ever. HTML links such as

myaddress@provider.com

will place the so-called mailto command in the source code which spammers may scan quite easily. Thus, it is wise to include your email address by using graphics, for example:

myaddress@provider.com

There is one disadvantage though, i.e. users cannot click that address to launch their email client software. However, I never met a user complaining about this procedure because they all accept the procedure.

Rule 2: Apply the same rule when communicating your email address in publications, articles, documents and papers accessible on your web site or somewhre else in the internet.

Rule 3: Do not use your "official" email address in email forums, chat rooms and similiar services, i.e. implement an extra email address for this purposes which doesn't harm you even when this address is being bombarded by spam mails.

top

From: http://www.df5ai.net

Copyright (C) of Volker Grassmann. All rights reserved. The material, or parts thereof, may not be reproduced in any form without prior written permission of the author.