How to Reduce Spam – as a web designer (or working with a web designer)

  • Never put an email address in it’s plain text form anywhere on a web page, anywhere! This includes within the front end text, and within the html source code (including online forms, and ‘mailto’ tags).
    There is now a huge bunch of web based ‘robots’ who very quickly scan the text and source codes of websites around the world, finding anything that resembles an email address. Most commonly, they look out for the @ symbol, and then will pull of the few words either side of it, store this in a massive database, and sell it on to anyone who’s willing to pay a pittance for it. From experience, the various Nigerian email scams were one of the first to start pulling off email address in this way around 10 years ago. Of course now it’s hugely popular by many many more (particularly those trying to sell various pharmaceutical drugs, or ‘share option’ warnings / recommendations.

    I once had an email address I’d given to a popular business group, appear (without my initial permission) on their ‘database of members’ directory. It was only up for about 2 weeks before I’d realised, and had it taken down. Unfortunately, due to the nature of that particular email address I couldn’t block it entirely, close it down, or reject all email sent to it.. However, I never replied to any email address sent to it, nor even read them after the first couple of weeks of it appearing.
    The number of spam emails started small enough at about 1-2 per day, within a week this was up to 5-6 per day (which was when I completely stopped using it). However, around a year on, I decided to have a quick look at how many spam emails were waiting for me, so cleared my inbox for the onslaught. Amazingly, despite never having replied to any email, nor even read them.. over the course of the year, there were over 10,000 emails waiting, and I was receiving on average (from the email history), around 300 spam emails every single day as that particular email address propagated itself through various spam list databases!

    I’ve personally be using this particular technique of email encryption on websites for around the past 10 years. Only once has any email address used in this way, ever been picked up by some sending spam emails (this was when someone manually went through a website I manage, and manually pulled off all the email addresses listed. Who then used it to send unsolicited emails from two UK companies to the individuals listed. The companies were immediately reported to the information commissioners and further action was taken against them! Those email addresses have never been spammed again!.

  • Never put an email address in it’s plain text form anywhere on a web page, anywhere!
    • There are a huge bunch of web based ‘robots’ who very quickly scan the text and source codes of websites around the world, finding anything that resembles an email address.
      Most commonly, they look out for the @ symbol, and then will pull of the few words either side of it, store this in a massive database, and sell it on to anyone who’s willing to pay a pittance for it.
    • Be very carefully where any digital versions of your client’s brochures or posters may appear on the web, as pdf documents for example, which show the full email address as plain text, within the readable document (so do edit any pdf documents to hide the email address, before you upload it to any website).
    • If for whatever reason, you don’t want to use the method above for encrypting the email address in ASCII code, the easiest way around the common problem of the at symbol, is for any publicity with which you want to digitalise and put on the web, always swap the @ symbol for the word at, ‘at’, (at) or similar. For example emails(at)ourcompanydomain.co.uk.
      Most human users will quickly recognise what to swap around for themselves, although as the (at) technique seems the most common, I don’t expect it will be long until a robot is designed to pick this up too.
    • Adding extra characters in a different colour, just before your domain name, with instructions beneath the email address, is a pretty effective way. For example emails@SPAMourcompanydomainname.co.uk with instructions for humans to remove the SPAM, is also pretty effective.
  • If you’re managing the emails of a largely publicised company receiving a lot of unsolicited enquiries to various key staff members, and you have a list of staff (with their first name and surname listed somewhere on your website), try not use the classic firstname.surname@ourcompanydomain.com as these will often be tried by unsolicited callers trying to get in contact.

How to Reduce Spam – as a business

  • Never send bulk emails to your clients using the To: or Cc: field. This then displays everyone’s email address to everyone else in the list. Firstly that’s like sending a photocopy of your entire client list to everyone else in it, every time you do it.
    Secondly, once an email address is listed in this way on someone else’s computer, when their computer gets infected by a particular type of virus, it will scan the entire computer for anything that resembles anything like an email address (whether there’s been direct communication between the two people or not), and then store all these email addresses on a big database, to be sold on for fractions of a pence each, many times in the future.
    Whenever you send bulk emails, use the Bcc: field instead (Blind Carbon Copy), as this will only show to that recipient, the address of the sender, those in the Cc: field, but no-one else in the Bcc: field (it actually gets sent in such a way, the big list of email addresses for your bulk mailout usually don’t even appear in the source code of the email.
    All email programs have the Bcc field, although sometimes it’s hidden by default. A quick search on the web will tell you how to show it again.
  • Train your staff on how they can personally help to minimise spam (directing them to the page above if you like, or you can access a host of books and educational matter on the subject on the web, or at your local bookshop).
  • When first getting your new business domain, never use the email addresses info@ mail@ sales@ webmaster@
    As soon as your domain name is listed in various search engines and domain name lists (which are of course good for your search engine rankings), spam groups will automatically send junk emails to those email addresses.
    Try to be slightly more creative and use things like ‘enquiries’ ‘information’ etc.
  • Never put an email address in it’s plain text form anywhere on a web page, anywhere!
    There is now a huge bunch of web based ‘robots’ who very quickly scan the text and source codes of websites around the world, finding anything that resembles an email address.
    Most commonly, they look out for the @ symbol, and then will pull of the few words either side of it, store this in a massive database, and sell it on to anyone who’s willing to pay a pittance for it.
    Similarly be very carefully where any digital versions of your brochures or posters may appear, as pdf documents for example, which show your full email address. The easiest way around this, is for any publicity with which you want to digitalise and put on the web, always swap the @ symbol for the word at, ‘at’, (at), *at* or similar. For example emails(at)ourcompanydomain.co.uk.
    Most human users will quickly recognise what to swap around for themselves, although as the (at) technique seems the most common, I don’t expect it will be long until a robot is designed to pick this up too.
    Adding extra characters in a different colour, just before your domain name, with instructions beneath the email address, is a pretty effective way. For example emails@SPAMourcompanydomainname.co.uk with instructions for humans to remove the SPAM, is also pretty effective.
  • If you’re a largely publicised company receiving a lot of unsolicited enquiries to various key staff members, and you have a list of staff (with their first name and surname listed somewhere on your website), try not use the classic firstname.surname@ourcompanydomain.com as these will often be tried by unsolicited callers trying to get in contact.

How to Reduce Spam – as an individual

  • Get yourself a number of email addresses that you can use for different purposes, thus is it can be easier to delete one email address, without needing to tell your entire address book that you’ve changed.
    For Example:

    • Use one email address for your very close friends and family, that you never give out to strangers, and never put into any online contact forms, etc
    • Use a unique email address for signing up to online newsletters etc
    • Never use the ‘unsubscribe’ option of unsolicited emails (this will only make the email address more valuable as it shows you read the email all the way through). Only ever use the unsubscribe option of opt-in email newsletters and similar, you’ve actually requested getting initially, and know precisely who that person/company is.

    One of the easiest ways to get lots and lots of email addresses, you can change at will, is to actually buy yourself a .co.uk domain name or similar from somewhere like 123-reg where for around £7 for two years, you can have your own personal domain name, and all the email addresses associated with it.
    You can then get virtually as many email address as you like, forwarding through to any other email address you like (ie so you can have jason@mynewdomain.co.uk forwarding through to the email address provided by your internet service provider, that way, when you change internet providers (ie from BT to NTL or similar), you don’t need to go through your entire address book to tell everyone).
    To describe any part of the above in more detail, please do contact us.

  • For the types of emails you may want or need to publish somewhere on the web, use one of the free email service providers such as hotmail, GoogleMail, yahoo, etc. which tend to have free spam filters as part of the service (as without it, they’d be processing billions more emails everyday!)
  • Never send bulk emails to your friends using the To: or Cc: field. This then displays everyone’s email address to everyone else in the list. Firstly that’s like sending a photocopy of your little black book of addresses to everyone else in it, every time you do it. Secondly, once an email address is listed in this way on someone else’s computer, when their computer gets infected by a particular type of virus, it will scan the entire computer for anything that resembles anything like an email address (whether there’s been direct communication between the two people or not), and then store all these email addresses on a big database, to be sold on for fractions of a pence each, many times in the future.
    Whenever you send bulk emails, use the Bcc: field instead (Blind Carbon Copy), as this will only show to the recipient, the name and address of the sender, those in the To: or Cc: field, the actual recipient, but no-one else in the Bcc: field (it actually gets sent in such a way, the big list of email addresses don’t even appear in the source code of the email.
  • Never forward on chain emails.
    • Chain Email Petitions
      There is no such thing as valid email petitions (where everyone adds their name to the bottom of the list, and then forwards it through to another 10 people). The only petitions actually mean something are those completed in one central location, on a highly regarded website (such as http://petitions.pm.gov.uk/ ). Even if you do find yourself at the 100th person and are then supposed to forward this on to some listed email address, you will most definitely find that the email address listed is no longer valid (and the domain it’s associated with, is now probably swamped with email addresses that aren’t valid).
    • Email Tracking Software, to win a prize/gift
      There is no such thing as email tracking software that automatically monitors how many people you send an email onto, and then rewards you with some cash prize / vouchers from Disney, Microsoft, Marks & Spencer’s, etc.
      Yes it’s true that all emails can be monitored by the Internet Service Provider for their own legal responsibilities, the Government (looking out for key words within the content of emails, or monitoring the activities of certain individuals they consider terrorist suspects, etc.).
      However, just think about it.. How likely do you think some company will actually pay a lot of money to every single person that forwards on an email, with the huge number of other very cheap ways to market their business (at fractions of a pence per message view, rather than tens or thousands of pounds!)
    • Forward this email on to 10 people and good things will happen…
      These types of emails are normally interspersed with some ‘quotes’ from someone who forwarded it on, and great things happened to them.. or those who didn’t and bad things… The only way these types of emails will make a difference to what happens in your life, is what difference it makes to how you feel about life. If you think positively (being an optimist), positive things will happen around you. Think negatively (as a pessimist) and yes, negative things will happen. These types of emails may have some sort of moving poem or story apparently written by some 8 year old somewhere, who’s ‘dying wish… ‘. However, some of these emails (even if the original story may have in part been based on some sort of truth) have been doing the rounds for years and years and years!
    • The person who sent you this email loves you.. send it back, and to ten other people to show them you love them too
      If you want to share your good thoughts with a friend.. then contact them directly anyway, and give some specific complement about why you like them so much. Don’t just forward on something from someone else. Specific complements, such as “You’ve really inspired me by how much you give in your time and energy to the youth service you’ve been volunteering at for the past 10 years, I know everyone you’ve reached has been helped in a massive way, and their lives have all been changed for the better, as I was one of them...” is much more meaningful than forwarding on some sort of tacky poem you received from someone you hardly know!

    www.BreaktheChain.org has got a massive resource (far greater than anything I can list above) describing all about chain mails. It even has an ongoing resource of current emails doing the rounds.. so before you forward on anything that looks too good to be true (as it almost certainly will be untrue), then just paste some part of the email into any search engine and you’ll see a little of its history, or just check a website like the one above.

How to Reduce Spam – Introduction

How to Reduce Spam

What is Spam?

‘Spam’ is unsolicited bulk email. To be spam it needs to be both unsolicited (ie you haven’t directly requested it), and sent as part of a bulk email (although some spamming organisations are trying to get around this, by using a type of mailmerge to get around this particular point, despite it still being completely unsolicited.

In the UK, any UK business, targeting a UK individual with spam can be prosecuted and fined. Unfortunately business to business unsolicited email can’t be stopped very easily. Neither can spam generated and sent from outside the UK. If you have a complaint, you can make an official report through the Information Commissioner’s Website.