Certain Extent: Simple steps to help deal with spam

February 13, 2003

Simple steps to help deal with spam

Unsolicited email, or spam, is simply email that you don't want. It is becoming an increasing nuisance for most people, but you can take simple steps to avoid wasting too much time managing spam.

Basics

Spammers are marketing services that send out advertising emails to millions of people at once. Their customers are a wide variety of businesses that wish to sell their products to a wide variety of people. A spammer's business consists of having the technology to send bulk emails and a good list of addresses to send them to.

Email addresses are bought and sold between spammers, with some businesses specializing in the acquisition, or harvesting as it is frequently called, of email addresses. Email addresses are not all equal in this business, with some being out of date and others having people that have bought products from unsolicited email marketing in the past.

In many ways spammers are very similar to junk mailers. Traditional bulk mailers send out flyers to thousands of people at their physical addresses advertising some product or service. Since it is expensive to send out mail even at bulk third-class business rates junk mail is usually targeted to you in some way. A recent purchase of a car, home, or major appliance may lead to someone selling your address to marketers. I received mail advertising other magazines after subscribing to Newsweek. (I later found out that my address had actually been sold after I unsubscribed to Newsweek)

Junk mail is not sent unless there is money in it. For example, political candidates send out mail asking for money during a campaign to registered members of their political party only because they can justify the expense ("we spent $600,000 sending out those flyers but we made $700,000 in contributions and spread the word about our candidacy") If an advertisement cannot be justified in this way then junk mailers will not send it out because they will lose money.

Junk mailers have a very low 'hit rate', or the number of people who will respond (usually meaning buy something) in some way to the advertisement. Typical hit rates are 2 or 3 percent.

Spammers work the same way but on a much larger scale. Given that the cost of sending out a million emails and sending out three million is almost the same, bulk emailers can tolerate very, very low hit rates. This is why my wife receives email advertising male organ enlargement; their is no need for bulk marketers to spend money targeting advertisements when the cost of sending to bad candidates is so low.

So spamming will not go away until the hit rates get low enough that it simply isn't good business. Until then there are some simple steps that you can take to prevent being flooded with spam.

Don't let people have your email address

Don't kid yourself, your email address is very valuable. After all, you are a real live person with money attached to it. You should protect your email address and only give it out when you have to.

1. Don't give out your address to websites during registration.

The number one way that spammers get your email address is from companies that sell them after they receive them voluntarily from users. Many websites currently require you to register to download a program or use services. Before giving out your email address to anyone you should look around the website to see if it is really required and if they have a privacy policy.

Typically your email address is not really required unless they are going to use it immediately to send you a confirmation code or your initial password. For example, to download a popular program such as the Acrobat Reader plugin for Internet Explorer, the website asks for your email address but does not require it to download the software. Don't give it to them.

In fact, in some cases I will provide a false email address when I feel as if the site is being unfair with me. Many times I have felt that the site required my email address when I saw no need for them to have it to provide their services. This is why at most sites such as the New York Times that require registration to read a simple articles the user yeah@right.com is already taken.

When you do have to provide a working email address be careful with what you are signing up for. Many registration forms will have there default options set so that you are giving them permission to send you email. If you do not uncheck these options then you have asked for emails and the messages you will later receive on a regular basis are solicited and therefore not technically spam. To you they will be quite annoying and you will have to unsubscribe.

Which brings us to privacy policies. Although there is no regulation of privacy on the Internet at this time, most websites have adopted simple policies to prevent regulation. Read the privacy policies on websites. Don't assume that since a website has a privacy policy that this means that they are looking out for you like you would expect. I have read many privacy policies that say simply that they will sell your email address, web browsing history, preferences, etc. to the highest bidder at once, after you unsubscribe (similar to Newsweek's policy), or if you don't explicitly tell them not to.

2. Don't put your email on websites. (fake one or temp one)

Spammers are beginning to notice that there are a lot of email addresses on the web in mailing list archives, people's personal sites, company directories, etc. Given that it is suprisingly easy to write a program that simply reads webpages and searches for email addresses, many spammers are writing these 'bots' and sending them lose on the web. I have written one of these just to see how difficult it is and it simply isn't. While telling if something is an email address is hard, there are simple heuristics that you can use to get a lot of good ones very easily.

If you have a personal site or are active in a mailing list that archives its content on the web somewhere, you should make an effort to hide your email address from these programs. Simple examples:

david at domain.com
d a v i d [at] this domain dot com

There are even programs that will use JavaScript to write out your email address in a format that a web browser understands but at the same time makes it very hard to scrap it off a page. An example is Enkoder.

3. Don't ever respond to spam emails, even to unsubscribe.

Responding to spam is admitting that you are alive and check your email. This makes the value of your address go up and increases that amount of spam you get. Most spam even has an 'unsubscribe' link on it somewhere. These are false and are a way to trick you into admitting that you are a good email address. Don't fall for it.

4. Don't forward stuff. (Bcc)

Although that cute little story about the guy who walks into a bar is neat, don't foward four copies of it everyday to everyone you know. Not only will this annoy your friends at some point, you are giving them and everyone they forward it to your email address. Although I like forwards sometimes I have asked some of my friends to not forward me things or to Bcc me if they do. Bcc means 'Blind Carbon Copy' and is a term left over from the days of physical letters (remeber those?). It means that you send an email to many people but to each of them it looks like it is just to them.

February 13, 2003 01:38 PM