Spambots Ahoy!

Last I week I wrote about the hijacking of my e-mail domain by spammers. I happened to mention that the messages that were rejected by other e-mail recipients had been purportedly sent from the address The "gobbledegook" that appeared in italics was meant to signify a random alphabet soup that followed the oddball "qqx" prefix.

Lo and behold, I received an e-mail this very morning addressed to a certain It contained an offer of cheap replica diamonds and Rolexes.

Well that didn't take long.

Obviously a spam harvester program -- or, spambot -- stumbled upon my posting and scooped up that address. Spambots are automated browsing programs that surf the web looking for anything resembling an e-mail address: this@that.theother. The addresses are collected and used to send enticements for the aforementioned ersatz diamonds, or other equally dubious products and services.

That's why it's never a good idea to publish your e-mail address on the web, at least in its unprotected form. Instead, websites that need to publish a contact address will use an image of the e-mail address, or a JavaScript-scrambled version, or a wacky spelled-out representation: for example, dave [strudel] whathesaid [full stop] ca. Eventually the spambots will grow smart enough to decipher those, but to date I haven't received any spam addressed to my "strudel" account.

Archived Comments

  1. Anthony on 20071102.Friday:
    Or you just use gmail (or some equally good spam filter). I figure I'm getting maximum 2-3 out of every 100 spam messages in my inbox. I don't get many e-mail messages a day, and it seems like I'm about 75% legitimate in my inbox, say six good ones and two bad ones on an average day. I've been freely posting my various e-mail addresses all over the web for years. I'm so fearless I'll even post it here: Nyah, nyah, come and get me! Regards, Anthony
  2. Dave on 20071102.Friday:
    Gmail does have a very good spam filter. Unfortunately, their servers are located in the US which opens them up to Patriot Act and future south-of-the-border legislative abuse. I have three layers of spam filtering on my accounts, but occasionally I peek into the rejected bin to look for false positives, and that's when I spotted the gobbledegook. But I don't get any spam to the whathesaid account. I believe that's because I don't advertise it. Isn't no spam always preferable to some spam?