|Question:||How can I control the effects of Email address harvesters and the resulting spam they create?|
Email address harvesters are programs that search web pages collecting Email addressses to send spam to.
The affects of these harvesters can be controlled in a number of ways:
- Make Email address links on your web pages less decipherable to these harvesters by using HTML characters:
Once rendered this looks like:firstname.lastname@example.org and should behave like a normal link.
- Filter for repeatedly spammed addresses that are no longer in use. You can check your logs to get these addresses using the following Terminal command:
grep -B1 UnknownAccounts /var/spool/post.office/log/post.office.log (There may be a lot of them.) Configure an SMTP Filter with some of those addresses in the "Dest Addr" field, making sure that they are OR'd together. Now, any Emails to these addresses will immediately get deleted. The real benefit occurs when spam is addressed to both a bogus and a real address - the real user does not receive the spam, and you don't have a "User Unknown" bounce sent out by your server to the spammer.
- If you do not find any of these bogus addresses in your logs, you can plant one on your website yourself, making sure to disguise it so normal users won't click on it. Some software companies refer to this as a "poison address", but it acts more like a flag to help filter spam.
- Although Post.Office uses filters to eliminate spam, some software products will actually attempt to crash or corrupt the address database by using a "poison pill" or "teergrube". These products use CGI or PHP to generate numerous bogus addresses for harvesters to choke on, but may cause more problems than they solve, and should be used with care.
|last updated 01.02.2003|