Hello everyone,

I am not sure if I am in the right place for my question.

I realized in the last two days that one or two of my e-mails had been used to send an adult newsletter or a site in Germany under my e-mail as the sender. The way I find out is from all the return e-mail as undelivered as e-mail does not exists.

Is there anything that I need to do to protect my e-mails in the future?

Thank you

Joseph

Email spoofing is not uncommon, unfortunately. The moment you hit send on an email it is completely exposed. The contents, the To:, the From:, everything. PGP (http://www.pgp.com/) encryption is available but it has a draw back. Everyone you send email to has to have PGP encryption in order to read it.

IP Security (IPSEC (http://www.netbsd.org/Documentation/network/ipsec/)) Protocol allows you to set end-to-end security, but configuring IPSEC can be very complex and common networking techniques, such as Network Address Translation (NAT) with port overloading, can render IPSEC incapable of negotiation.

If all else fails, you can always check out iMail (http://searchfor.4t.com/iprivcom.html). It's news to me, but maybe someone else can throw in a few more answers. I'm still researching the subject :)

Please be VERY careful opening returned emails, this is a very common method of social engeneering to get you to open an infected email.
They may contain worms, or Browser highjacking script which executes as soon as you view the email, no other clicking required.

Please, use the right click context menu to look at the 'properties' of a highlighted (in the "in-bax" window) email.
Then find "message source" on the "details" tab. The resulting window/box shows the whole email, headers and the message, in text, and all data and messages can be safely read this way.
It is possible to gather info about the source of the email, often you see that it does not originate from a legitimate 'return daemon' and you can get return addresses safely from the real ones.
I have sent a couple of replies to these explaining that my email address was spoofed from someone with my address on their INFECTED machine.

It is the number one reason I have always hated chain letters, and has resulted in possible thousands of sources of our email identities exist all over the internet.

I have more info if you want..

Three good resources for 'tracking':


http://www.mailsbroadcast.com/email.broadcast.faq/46.email.spoofing.htm
Normally, tracking or finding the culprits is not that difficult, See: Deciphering Fake Email because every single Internet email message headers contains the following information: (1,2,3,4,5)

1. An origin (the machine that sent it)
2. Relay (the machine relaying it to another machine)
3. Final destination (the machine that receive it)
4. IP address
5. Domain name

By using tools like nslookup a DNS whois tool that perform forward and reverse DNS queries for the current domain address (to get an IP address of a hostname and hostname of the IP address).

See: Tracking Email - Can bulk or mass email marketers overcome the problem of mail server Port 25 blocking or mail servers spam filters by using faked or forged email headers, IP's or email domain with no MX Records?

See: My email was hijacked / spoofed and got blacklisted?


NetworkTools (http://network-tools.com/default.asp?host=204.95.98.253)
Express Lookup
Ping
Lookup
Trace
Xwhois
URL Unencode
URL Encode
HTTP Headers SSL
E-mail Validation

This site has been increasingly the target of DDoS attacks by spammers, and is sometimes slow, but it is 'The King' of anti internet crap..
SamSpade.org (http://www.samspade.org/)

Oh...This looks interesting. script (php/SQL) for webmasters:http://www.dudes.ch/spamtracker/

(Haha...I was looking for this lately but couldn't remember it, forgot the "-" lol)Good security downloads here (http://www.glocksoft.com/download.htm)AATools is a multithreaded network diagnostic tool. Its purpose is to accumulate data pertaining to network status and availability, using all of the latest development tools in network research. It is a 12-in-1 utility, including TCP/UDP Security Port Scanner, Proxy Analyzer, RBL Locator, Trace Route, Email Verifier, Links Analyzer, Whois, Network Monitor, Process Monitor, System Info, Resource Viewer, Registry Cleaner.

(This site used to be freeware...sigh...but the TDS was a nasty, nasty anti-trojan suite. Why nasty? It used to upload trojans to hackers that scanned your ports! It WAS a serious 'fight fire with fire' site before, but their software is top-notch, and they have good info here in their articles section: http://www.diamondcs.com.au/)

If you want something a little simpler, I can suggest something that works a fair amount of the time in my personal case. This is not a be-all and end-all solution, but it does help and takes very little time.

What you do is this: contact anyone that you know has your email address and ask if they have an up-to-date virus scanner. If they do, get them to run a scan on their system for any infections. A lot of the time, I've found that my client's machines are infected because they opened something they shouldn't have because it was a new variant of an existing virus and they didn't realize it.

This serves two purposes:

1) It makes people more aware of what they're doing when checking email (and a disturbingly large percentage, sadly, still aren't.)

2) It can isolate the source of a virus and let you know that there will be no indirect future mailings from the infected party.

Again, it doesn't always work, but I've found in about half the cases with my email address it does.

Note: you may also want to use my suggestion in concert with mikmik's. Determining the IP address, if static, can occasionally let you know who is infected if matched up with host headers from other emails by the same person. Then again, this is a lot more technically involved and generally requires the knowledge level of a geek with no life...you know, like me.

Nothing will protect you from email spoofing. The only way for this to stop is a change in the way we check email traffic to be sure it's coming from where it says it's coming from which would mean some serious changes to every email server software and unilateral adoption of strict policies. Right now, if you send email to anyone (or even just keep it in your own address book), even through secure means, you endanger your address as it can be harvested from your or other computer through many different ways.

Complain. Complain to anyone who will listen and those that won't because this could be fixed.

Complain. Complain to anyone who will listen and those that won't because this could be fixed.

Can I get an Amen and a Hallelujah from the choir on that though? Oh tes-ti-fyyyyyyyyy!

Seriously, this is a very good thing to do. I have a habit of forwarding on any emails not to abuse@email host, but by looking up the host header of the email and emailing abuse@(that host).

Actually, you should check out SPF. http://spf.pobox.com/ - it is an elegant solution to the problem of joe-job email.

Basically a domain owner specifies the hosts that are allowed to send mail for their domain. I expect it to be in widespread use by the end of the year. Already companies such as AOL and Earthlink are supporting SPF.

I am currently using SPF to whitelist email. If a message makes it through other checks, then it uses a FAIL response from an SPF check to determine delivery. If a message fails previous checks, then it uses SPF PASS as an override to allow delivery.

Here are some stats from a couple of domains I have had running email through an experimental SMTP server since Memorial Day: http://emkwebdesign.com/mailstats.php

Best Regards

Waitman Gobble

Nothing will protect you from email spoofing. The only way for this to stop is a change in the way we check email traffic to be sure it's coming from where it says it's coming from which would mean some serious changes to every email server software and unilateral adoption of strict policies. Right now, if you send email to anyone (or even just keep it in your own address book), even through secure means, you endanger your address as it can be harvested from your or other computer through many different ways.

Complain. Complain to anyone who will listen and those that won't because this could be fixed.

We do everything possible to secure our mailing list at least on the server side. Placing all of our addresses in a secure database our mail is sent using collaborative data object (CDO). We have tested our list using a variety of harvesting software packages and have not been able to harvest emails from our database, which is a good thing.

Aaron Block
NFN Travel International
http://www.nfntravel.com

It is highly probable that the releaser of the
newsletter simply added the email at your domain
only to the from field when sent the message.

If you get to have a copy of that newsletter with
full headers you can find the ip address used to
send the message and report it to the webhoster
or to antispam organisations.

Hi ladies and gents,
It may not be the right place to ask for this information, but you guys seem to be pretty much up to date on the subject.
I need to install an antivirus and spam filter on a mailserver/dedicated server, but I have no clue on which one to buy...
I've been told about Sophos, about GFI... Of course, Symantec, but veeeeery expensive...
Any one of you with information on this will be carefully listened to...
Thanks in advance
Alain
http://www.aventurevoyages.com

Please, use the right click context menu to look at the 'properties' of a highlighted (in the "in-bax" window) email.
Then find "message source" on the "details" tab. The resulting window/box shows the whole email, headers and the message, in text, and all data and messages can be safely read this way.


I've done this a number of times to bounced emails but was uncertain if it truly was safe. Is this method foolproof even if there is malicious code within the body or attachment of an email?

I Recieve numerous bounced emails daily as well as emails spoofed using my own email accounts in the from field yet NAV tells me again and again I'm not infected. It would be nice to be able to open returned emails without holding my breath.

uhnmedia

Hi ladies and gents,
Any one of you with information on this will be carefully listened to...


I have had good luck with Kaspersky, Spamassassin and MailScanner the past few years. F-Prot is good too.

I think a lot of people are using ClamAV http://www.clamav.net/ with luck these days.

Thanks a lot Waitman,
I'll give a look at these
Bye
Alain
http://www.aventurevoyages.com

Hi all

I use Presorium Frontgate MX as a Spam filter and find it pretty good. All of the usual virus suspects stick out like a sore thumb in the preview pane (I don't let it work in the background - I view all potential incoming stuff that way) and I just delete them with all Spam direct from my ISP's server without ever allowing them to touch my machine.

I assume that by doing it this way, as I'm not actually opening anything, I'm staying safe. Certainly seem to have so far.

Am I right?

Hello Everyone,

Thank you for everyone without naming every individual for your answer. SO I have a lot of reading to catch up here.

When your e-mail is spoofed and someone is sending mass mailing from it, is it going to affect us as considered a spam when people complained?

Have a great day!

Joseph

I would download a copy of Bazooka at http://www.kephyr.com/spywarescanner/ (free if you're willing to go into your registry and delete DLLs), Ad-Aware or Spybot Search and Destroy (I think Spybot is also free). Also, McAfee or Norton for virus scanning. McAfee also has anti-spam software, but I didn't buy it so I don't know if it's any good. Between Bazooka and McAfee, I cleaned up a lot of stuff. Of course, junk still arrives, but at least I can defend against it now.

uhnmedia asked (regarding viewing emails above)
I've done this a number of times to bounced emails but was uncertain if it truly was safe. Is this method foolproof even if there is malicious code within the body or attachment of an email?

Yes, in text mode, which is how the contents of the emails are displayed this way, there is no way for the code contained in the email to be executed. I have viewed the viruses this way, that show up as a block of solid 'random appearing' but unbroken line of thousands of ascii characters.

For code to run, I'm pretty sure that it must be display as a function call that is included in the document, or compiled as a dos executable like '.exe, .pif, .com, etc'.

It is analogous to writing our html code in notepad, it doesnt work until we save it as a '.html' file, in which case the rendering engine of Internet Explorer( or OE), for example, is used to display the once 'index.txt' but now 'index.html' document.
This provides the enviornment for the Browser hijacker code to run (it is usualy javascript, or visual basic, as far as I know).
Then, it will do it's work.

I imagine that viewing emails as "Text-only" will eliminate this problem.

Hope this helps, I am not really an expert, and there is always more resaerch to do, everything is so new these days with new methods and defenses being developed on a weekly, or even daily, basis :O)

Waitman, thanks for this, I will check it out.
Actually, you should check out SPF. http://spf.pobox.com/ - it is an elegant solution to the problem of joe-job email.

Basically a domain owner specifies the hosts that are allowed to send mail for their domain. I expect it to be in widespread use by the end of the year. Already companies such as AOL and Earthlink are supporting SPF.

I am currently using SPF to whitelist email. If a message makes it through other checks, then it uses a FAIL response from an SPF check to determine delivery. If a message fails previous checks, then it uses SPF PASS as an override to allow delivery.

Here are some stats from a couple of domains I have had running email through an experimental SMTP server since Memorial Day: http://emkwebdesign.com/mailstats.php

Best Regards

Waitman Gobble

Thanks, man!

(One more thing: I always recommend samspade.org as a starting point for spam problems.)

There are several ways to code email addresses to hide them from spybots, etc. Css coding comes to mind. Also easy and quick is a javascript code to hide your personals. You can also use html code swapping to thwart baddies (ie: using myname@mydomain.com instead of the @ sign. Thats how to do it on the cheap....

Hi Joseph,
Your question about the undeliverable message is answered at http://eMstamp.org Select the Questions and Answers link and then do a EDIT > "Find on this page" search for NDR (Non-Delivery Report).

This situation is partially addressed by the SPF (Sender Policy Framework) initiative. Brief info on SPF is available on the Q-A page as well. Search SPF. In depth and up to date info on the SPF initiative is available at http://spf.pobox.com/

Mel

It used to be that if someone emailed a virus to you, you emailed back and complained about their faulty virus software. Today you can't do that. The Klez virus (among others) has been wreaking chaos around the world by spoofing the email addresses it sends itself from. Rather than mail itself out using the address of the person infected, it takes a random name from the infected person's address book and mails itself out as that person. That makes it nearly impossible to figure out which infected person's machine sent that email to you.

If you are using Outlook (Or Outlook Express) as your emailer of choice, you may want to consider something else. (Pegasus (http://www.pmail.com/) is completely free and Eudora (http://eudora.com/) has a free version) 98% of the viruses out there are written to run through Outlooks address book. Are we saying that Outlook is a bad program? Absolutely not (Even though we've never used it). It's just that since most people use it, it's a logical target for spammers and hackers to attack.

Compounding the problem, it's not always a virus that causes you to receive an email from someone who didn't actually send it. There are plenty of people with far too much time on their hands sending emails out to people and spoofing the return address. Why do they do this you ask? Well, aside from the obvious viagra, etc. peddlers, there are many possible reasons. Some of them are simply trying to cause trouble. Some people would like to discredit the person being spoofed by sending some truly vile message to the recipient, an insult to the boss perhaps. It's the same mentality you see in people who knock on your front door and then run before you can answer it.

Zone Alarm (http://www.zonelabs.com/store/content/home.jsp) is the most recommended firewall by people I trust. Another good firewall according to friends is Sygate. (http://www.uant.net/firewall/sygateguide.html)

Otherwise, you have tons of virus options here's just a few:

Virus Lists and Libraries:

http://www.viruslist.com/eng/
http://virusall.com/downrem.html
http://www.cexx.org/
http://us.mcafee.com/default.asp


Virus Tracking and/or scanning programs:

http://securityresponse.symantec.com/
http://isc-sans.org/
http://www.cexx.org/
http://www.cert.org/
http://us.mcafee.com/default.asp
http://www.spamvirushelp.com/
http://www.dslreports.com/overview?v=p
http://virusall.com/downrem.html
http://www.trojanscan.com/
http://vil.nai.com/villib/alpha.asp
http://www.datafellows.com/virus-info/virus-news/
http://www.symantec.com/avcenter/index.html


Virus Removal Web sites:

http://securityresponse.symantec.com/avcenter/tools.list.html
http://virusall.com/downrem.html
http://www.cert.org/
http://us.mcafee.com/default.asp
http://www.spamvirushelp.com/

LOL Wen...I was going to post about that very thing, because NO ONE else even posted anything about what it likely was:

Many networks use network scanners to scan email. If it finds an infected email, some of them will send an email BACK to the sender letting them know it was rejected. The problem with this is as Wen said, there are worms and viruses out there that harvest names from the machine theyve infected, and use THOSE as the address in the FROM: field. This makes it look like the email came from you, when in fact it didnt.

Actually, that's what I said but from a slightly different angle, alienzhavelanded. That's why I recommended contacting others who you know have your email address, since it is possibly one of them that is infected. Also, wenwilder mentioned it directly right in the beginning with her first post, so it really didn't bear repeating.

A few others seemed to offer solutions based on this root implication as well.

I'm not sure how any of these answers, except changing the structure, will help and stop spammers from just faking emails from randomname@randomdomains.com My domains have started to get hit from this and it sucks. I'll probably have to delete my email catchall to avoid the 100's of bouncebacks coming in.

thanks for the info, useful info for me, my email was going through the same phase.

From what you are describing, I think you are experiencing a worm or virus. Not necessarily on your computer. Many times this is a legitimate message from your auto-responder.

The worm or virus has hijacked another's e-mail and has sent out copies of itself in the form of attachments to listings in the host's address book. If it has sent to an e-mail address that has an auto-resonder, the auto-responder will reply. As the phony e-mail probably has a phony "from" address, your e-mail client is simply reporting that an address to which it is trying to send has a problem.

"Spoofing" is usually to obtain information by assuming another's ID or to make the recipient think that the e-mail is from someone else.

There is a setting in Outlook Express: Tools/Options/Security - Warn me when other applications try to send mail as me

Also, when I send mail with attatchments to people, I put a number, in brackets, in the 'Subject' box.
They know that I had to add this manually, and is therefore really from me.

I am thinking of doing this with all emails. It is a code that has to be entered manually, and it can be anything just as simple, just that people will recognize, after you tell them!

I'll probably have to delete my email catchall to avoid the 100's of bouncebacks coming in.

I had to delete my catchall after the spammers sent lots of email from imaginary addressed on one of my domains (which I knew because I go the bounces) but then either the adresses were harvested (or the spammers were really dumb) and I started to get hundreds of spams to those imaginary addresses.

When your e-mail is spoofed and someone is sending mass mailing from it, is it going to affect us as considered a spam when people complained?

If you mean, will you get blacklisted in some way because of this spam, the answer is no. Anyone, like Spamcop, who is able to create a black list, knows how to check where the spam really came from.

One problem I did have, and this was about 7 years ago, I think - someone sent a load of spam using my email address, and I got nearly 20,000 complaints and bounces! My ISP at the time (demon.co.uk) were no help, they just offered me a different domain, which would have meant sending emails out to hundreds of people telling them about the change. I ended up writing a program to delete all these bounced emails without reading them, but I shouldn't have had to do it.

The spammers and spoofers first landing point is your address book and hijack every single mail address you store.

Though I get around ten returned E-mail which I really not sent out, I just simply delete it without even checking the headers and footers. Just ignore. That's all one can do to save their computers.

Also do not use your address book for saving the E-mail addresses; you can save it in a different folder or file in your local hard disc it will certainly help spreading the spam further. Actually, all the spammers first try to steal all the available E-mail addresses that you save in your address book, then to send mail to them in your own name with your usual subject line. Though this is not not to stop the e-mail sent in your name, it will certainly avoid spreading further.

What you do is this: contact anyone that you know has your email address and ask if they have an up-to-date virus scanner. If they do, get them to run a scan on their system for any infections. A lot of the time, I've found that my client's machines are infected because they opened something they shouldn't have because it was a new variant of an existing virus and they didn't realize it.

As you said, that's not a be-all-and-end-all answer. But in a lot of cases, it's unfortunately not even *any* answer.

I have lost count of how many people I have talked to who were positive they had an up-to-date virus scanner and were wrong...REALLY wrong :-(

And, of course, the virus doesn't have to be on the computer of anyone you know who has your email address. You could have sent an email to someone who forwarded it to a ton of people they know and you don't, and your email address is out there for viruses to find. Or someone could have saved a copy of an article you wrote that has your email address on it. Voila. Fair game for viruses. Viruses don't just look at address books anymore. They scan entire hard drives looking for addresses.

So I just treat those 'bounced messages' like I do any other junk mail. I filter for it and delete them. (By the way, I've been using Mailwasher and really like it.)

Kendall

The spammers and spoofers first landing point is your address book and hijack every single mail address you store.

They won't hijack every single mail address that I store - I don't use outlook...

Hello everyone,

Thank you everyone for provide me with lots of information on this subject. I am getting less bounce back and it seems most of the e-mails that were sent under my e-mail address were targeting three 3 websites for all their e-mails with three different domain addresses. All text are in Germain.

One of the e-mail had as "Message ID" as coming from my e-mail as sender but on the bottom I have "sender identity" with an AOL e-mail address which is not mine.

Thank you all for a good learning experience and enlightenment you provide me in this forum.

Be well!

Joseph

Adam said: Actually, that's what I said but from a slightly different angle, alienzhavelanded. That's why I recommended contacting others who you know have your email address, since it is possibly one of them that is infected. Also, wenwilder mentioned it directly right in the beginning with her first post, so it really didn't bear repeating.

Wen's first post talked about PGP, IPSEC, and Imail, your post dicussed spoofing, and so did the others up till Wen's second post, people should read threads before they post.

I wouldn't say you couldn't get blacklisted. I did get blacklisted last year by one of the earthlink routers and my orders and emails dropped to nothing for about 5 days. Not knowing I was blacklisted, I contacted my host to see what the problem was and they contacted earthlink for me and all was corrected.

AOL did the same to my domain about 2 weeks after Earthlink with the same results. I found out because an aol user called me to say that their email to me was returned because the domain was bad. I sent an email to AOL abuse department with headers and the story and it was cleared up in less than 2 days.

So yes, you can get blacklisted, but, I think once you've proven your case, the large routing portals aren't as quick to blacklist. I still receive about 70-80 emails per day from my own domain that are spoofs and laden with viruses.

computergenious wrote

They won't hijack every single mail address that I store - I don't use outlook...

Yes, and that is dangerous thinking, my friend. It is that type of 'it won't happen to me' that has 90% of email traffic being spam now.
Did you know that the last week the top 5 critical security warnings were for non windows OS's.
The top three were Linux? 1 Mac. and one Solaris?

Do you have an address book, or contacts list, anywhere on your hard drive?

Haha, so sad, because virus and worms do not look to see if it is a 'Product X' or 'Software Y' any more, they are far above such trivialities.

Frankly, I know you are not meaning to be cold, but this is a place of support and reaching out, we are all computer users, web developers, and WPW members, and I do find it distasteful to say look at me, I am better than you.

Those are famous last words, you better believe it these days.

You are a smart contributer, and I look forward to more of your otherwise excellent input, it is a pleasure to learn from you and I thank you for being here.

Everyone, this is a good feeling to help each other.
:o)))

We are happy to be on your team with you, jg33 ;)

I am getting less bounce back and it seems most of the e-mails that were sent under my e-mail address were targeting three 3 websites for all their e-mails with three different domain addresses. All text are in Germain.

One of the e-mail had as "Message ID" as coming from my e-mail as sender but on the bottom I have "sender identity" with an AOL e-mail address which is not mine.


That sounds like a series of spams which I am receiving, which, with my limited German, appear to be German nationalist hate mail, and, like the christian messages which I am receiving, are quite difficult (but not impossible) to identify. I don't mind receiving all this rubbish, as long as my software can automatically delete it, and I don't have to read it.

Just got this:
Free and Open Port 25 Use Is Doomed (http://www.eweek.com/article2/0,1759,1611876,00.asp?kc=EWRSS03129TX1K0000614)


It's hard to blame Comcast for beginning, as the Washington Post reported, to block port 25 on systems on their network that appear to be spammers. Everyone knows that a huge amount of spam is sent through broadband client systems that have been taken over—through backdoors—by spammers—zombied—and nobody has more broadband clients than Comcast.

Port 25 is used for SMTP (http://www.webopedia.com/TERM/S/SMTP.html)
Short for Simple Mail Transfer Protocol, a protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP or IMAP. In addition, SMTP is generally used to send messages from a mail client to a mail server. This is why you need to specify both the POP or IMAP server and the SMTP server when you configure your e-mail application.

Yes, and that is dangerous thinking, my friend. It is that type of 'it won't happen to me' that has 90% of email traffic being spam now.
Did you know that the last week the top 5 critical security warnings were for non windows OS's.
The top three were Linux? 1 Mac. and one Solaris?)

That is not the same thing. I could still get a virus, but it wouldn't find my addresses, so a simple "send a message" type virus, which is what we seemed to be talking about, would be toothless.


Do you have an address book, or contacts list, anywhere on your hard drive?


Yes, encoded, and I can't crack the code, and I know what is in there...


Haha, so sad, because virus and worms do not look to see if it is a 'Product X' or 'Software Y' any more, they are far above such trivialities.

They do if they are going to use the address list


Frankly, I know you are not meaning to be cold, but this is a place of support and reaching out, we are all computer users, web developers, and WPW members, and I do find it distasteful to say look at me, I am better than you.

Hey, that isn't what I was meaning - simply that if you use products with known security problems, then you know that you have a security problem - if you see what I mean...


You are a smart contributer, and I look forward to more of your otherwise excellent input, it is a pleasure to learn from you and I thank you for being here.

(:->

I simply put the thought forward - if we make it easy to get in, then we will get unwanted visitors.

Please, use the right click context menu to look at the 'properties' of a highlighted (in the "in-bax" window) email.
Then find "message source" on the "details" tab. The resulting window/box shows the whole email, headers and the message, in text, and all data and messages can be safely read this way.


Thanks for the tip neighbour.
I use Mozilla and it is "View", "Message Source". I suppose Print Preview will work too if you just want to see the message.

Allen Jones
Salmon Arm BC

There are several ways to code email addresses to hide them from spybots, etc. Css coding comes to mind. Also easy and quick is a javascript code to hide your personals. You can also use html code swapping to thwart baddies (ie: using myname@mydomain.com instead of the @ sign. Thats how to do it on the cheap....

i need to hide 2 email addresses on a website i'm updating to try and slow down the spam, viruses etc in future... but so the emails are still usable by genuine visitors to the site. will the javascript work for this, as i'm most familiar with it? & where do u find the javascript?

i've heard using email forms is another good option, but don't know if that's true or not. but i don't know how to build forms anyway.

This sends an email to 'admin{@}factor1.net', that's me!



<script language="javascript">
var first = 'ma';
var second = 'il';
var third = 'to:';

// example: motoreyes
var address = 'admin';

// example: hotmail
var domain = 'factor1';

// example: com
var ext = 'net';
document.write('<a href="');
document.write(first+second+third);
document.write(address);
document.write('@');
document.write(domain);
document.write('.');
document.write(ext);
document.write('>');
document.write('E-mail Us</a>');
</script>


Go to this page, don't laugh, and look at the top right navigation.

There is no difference in appearance between the email link, and the 'normal ones.

you can just replace your email info into the above.

thanks for the code mikmik. since your reply i've gained more info about spam-proofing email addresses on websites... and this looks even better than the javascript, which apparently can restrict some site visitors.

it's UNICODE... and i have the link to the article which leads to links for a unicode convertor! extremely handy for anyone who builds websites and are sick to death of their email addresses getting harvested off the net for spamming purposes.

http://www.outfront.net/tutorials_02/adv_tech/spam-proof.htm

I am getting the spoof problem.

Trying out SPF. Half of the way there in that my DNS records reflect the necessary info.

Thanks waitman for the link. And thank g*d that they have a wizard on the site so I could see how to do this.

Next part of this project is to get spf running on my own e-mail system.

I may submit a new picture, the one that shows me in the funny farm.

Seriously, this is something that we should all attempt. I understand that Microsoft is getting on board and some big players (AOL) already have. It's your domain name, so protect it.

I just wanted to add that email harvesting (there were a couple of threads that mentioned this) has nothing to with your address book or your mailing lists stored on servers. Email harvesting is a term that defines how email addresses are harvested from web pages. If you have a web site with a "Contact" or "Email" link, you are a prime target for "harvesting". If you look at the source code of your "email" link, in all likelihood you'll see something like this: mailto:joeblow@xyz.com. Harvesters scan web pages in the same way as search engine spiders but they look for this specifically. When they find it they have your email address - and by then, it's too late.

There are a number of ways to "hide" your email address, most of which use some form of javascript. The best way to keep your email address from harvesters is never to put it on your web page. Instead, provide an email form that uses a cgi script to send the data on the form to your email address. Since your email address is in the cgi script, it is unreadable by any harverster.

On another note, it seems to me that most of the "junk" I get has an email address that doesn't exist. It seems to me that it would be easy for the receiving (or sending) email server to test the senders email address before forwarding it on to the recipient. Just my opinion...

On another note, it seems to me that most of the "junk" I get has an email address that doesn't exist. It seems to me that it would be easy for the receiving (or sending) email server to test the senders email address before forwarding it on to the recipient. Just my opinion...

I have a server which can be set to either refuse mail to non-existent addresses, or forward it to a named catch-all email address. Unfortunately, it doesn't seem to work on all domains. That is one of my "one of these days" jobs. Do you have such a setting?

But by far the worst is Hotmail - I get a lot of mail from my Hotmail account (yes, I know, but...) which is not addressed to my address. Remember Hotmail? That's the company that is always writing about it's plans to stop spam, and it's the company that wants me to pay for their anti-spam setup.

Pete,

Take a look at spf.

It is supposed to do what you trying to do.

I heard spammers are some of the early adopters of SPF - it is so easy for them to register a domain name, setup SPF records and start sending spam.

Especially as they know that many servers will score it 'better' if the SPF records are correct! ;(