Who wants to spend their days sorting through hundreds of spam messages in their mailbox? Who wants to risk receiving viruses, phishing or intimidation?
Don't you? Then here are 6 ways to protect yourself from this waste of time. It's been 5 years since I implemented all these tips and I don't receive any spam. So here's what you can do to avoid receiving spam.
1) Never post your address publicly on the Internet.
It can be tempting to display your email address on your website or networks to facilitate contact.
But pirate robots are on the lookout for publicly displayed email addresses. They collect them and resell them on the black market to spammers and other malicious parties.
For your information, a list of 100,000 addresses sells for just $15. Use the solution in point 2) instead.
2) Use protected contact forms.
Since you won't be displaying your e-mail address on your site, you'll set up a contact form that will send messages to your e-mail address. But a robot is perfectly capable of filling in a contact form, sending you spam here too.
All contact forms must therefore be protected with an anti-bots system (Captcha).
Some robots manage to bypass them (and sometimes humans will send ads via your form), but you should receive few enough to focus on useful e-mails.
3) Never trust your e-mail address: Use e-mail aliases.
There's no such thing as 100% security, and over a sufficiently long period of time, any site on which you're registered with your email address will theoretically be hacked. Whether it's a government site, an institutional site or a major corporation, almost all of them have had their data leaked, especially the big ones. Also, your contacts can be hacked individually, and their address books recovered.
So it's not a question of "if" but "when" your e-mail address falls into the wrong hands.
You can check if your email address has been leaked in a data breach here : https://haveibeenpwned.com/
The only way to avoid giving out your real e-mail address is to use aliases. An e-mail alias is an alternative e-mail address that you can set up with your e-mail provider, and whose mails also fall into your main mailbox. So if you have a problem with an alias address, all you have to do is delete the alias. But how do you go about it?
First, choose a service provider who, like LRob lets you create unlimited e-mail aliases. And not aliases derived from your real address, like Gmail, because these would allow you to find your main mailbox. You need real, independent aliases. For example, you'll create an alias for each service provider on which you'll set up an account. An account on laposte.fr: give them the email "laposte@mondomaine.tld". Mails sent to this address will go straight into your main mailbox.
So if one day you notice spam on an alias, you'll automatically know which provider has leaked your address. All you have to do is create a new alias for that provider, change the e-mail address on your account, and delete the old alias. And remember, put an alias on your business card too, and only reply with your "real" address if you trust it. If the worst happens, you can always rename your mailbox and use the old one as an alias (see point 6).
4) Check the redirections to your mailbox.
In time, you may have created mailbox redirects to your own. While this may be practical for a transitional period, it's not a viable long-term solution. Not least because any spam received by the original mailbox will then be forwarded to its name, making it a spammer...
So don't keep a redirect forever, but consider it as a transitional solution.
5) Choose a trusted email service provider.
Some incorrectly sent spam should never see the color of an inbox. They should be filtered out by the email provider before they even reach the spam filter, just because they are sent in an insufficiently authenticated way. I'm not going to name names, but some providers, especially free and French ones, don't check email authenticity properly and let aberrations through.
MX, rDNS, HELO, SPF, DKIM, DMARC: all need to be checked. More details on LRob documentation on email security and standards.
This is, of course, standard on my hosting packages. On LRob mail servers, when a mail comes from a server not authorized by SPF, even if the SPF rule is not strict, the mail will be rejected with an explicit message to help the sender correct his configuration in case the error was made in good faith.
6) Don't hesitate 1000 years to change your address.
When you receive dozens of spam messages a day, your address is probably already circulating on spammers' networks.
Perhaps your address was leaked in a data breach or posted publicly.
There's no turning back, and anti-spam filters won't work miracles, or they'll do so at the cost of expensive, time-consuming procedures, or numerous false positives (legitimate e-mails going to spam).
It's probably time to change your e-mail address. But you probably have many associated accounts and want to keep it.
If your provider supports aliases (like LRob!), you can alias your old address to the new one and continue to receive your e-mails for as long as it takes; and you can even automate moving them to another folder so as not to pollute your view on a daily basis. Once the transition is complete, apply all the rules in this article and delete the alias in the old box. You're now spam-free!
Are you looking for standard, open-source, secure and flexible email hosting, with unlimited aliases and spam filter control?
My web hosting packages include unlimited e-mail addresses and aliases! Click here for details: https://www.lrob.fr/services/hebergement-web/
Leave a Reply