Jim Holmes blogged about spam a little bit. And I started to post a comment on his blog with how I stay spam-free. The comment quickly turned into a long post, so I've posted it here. I'll comment on his blog providing a link to my success story.
About a year ago, I started a new routine for emails that has helped me attain a 100% spam-free mailbox.
I have a server running Merak Mail, but I think most mail servers can support this setup, so long as you have some control over the server.
- Dedicate an entire domain name to yourself - no one else will use this domain for email
- Create a main email address that you will send email from, but you won't be giving this address out to anyone, and I mean anyone. Mine is firstname.lastname@example.org.
- Create a secondary email address for spam; mine is email@example.com. You will never check or use this mailbox... explained below.
- Configure the email domain so that any unrecognized email address for the domain is delivered to your main email account, the one that you use.
- When giving out an email address to someone new, or to a website, make up a new email address on the spot. For instance, when I made a purchase at www.jcp.com, I provided the site with firstname.lastname@example.org. Be extremely specific and never give 2 people the same email address. This is the key... everyone that emails you uses a different address from everyone else. Be extremely liberal with the addresses, or else this process will fail.
- Configure your email client to check and send email with your main mailbox only. All undefined addresses fall into your main mailbox, so you still get everything you want. Avoid replying to automated messages, but it should be safe to reply to individuals. When you reply, you are providing the recipient with your true email address.
- When you start to receive spam from someone, you can immediately tell who generated the spam, because you can see which email address the message was sent to. When this happens and you want to stop that source, you need to block email into this specific email address (not email from the sender, but rather email TO this address). I do this by adding the specific email address into the list of aliases for the spam box. So, anything sent to that address misses my main account and is delivered to the spam account.
- There are a couple of options for what to do with the spam mailbox. For awhile, I was letting mail accumuate in there, and checking it on occasion through the webmail client. But I found there wasn't anything going in there that I wanted to see. So, the option I've now gone with, is to configure the spam mailbox to reject all email sent to it. I've achieved this by setting the mailbox to have a 1K size limit. The mailbox is always "full" so email always gets rejected and bounced back to the sender. I think this stops some automated systems from even trying to send to that address again.
Like I said, I've been using this practice for about a year. And my email account is 100% spam free. (Keep in mind, this is my personal email account, and not my work account). At some point in time, I will end up retiring the other personal email addresses I have, which still get spam. I've also been fortunate to avoid getting spam at work, since I have NEVER given my work email address to any website or sales team or anything. Only the people that I actually WORK with use my work email address. Even if I am investigating a component or product that I would use for work, I still give them an address that will go into my personal mailbox.
I now swear by this approach, and I've started a domain for my wife to do the same thing. She loves it as well. She doesn't have access to block incoming email, so when she needs an address blocked, she just tells me, and it takes me about 15 seconds to do it.