Coping with Spam

Protect your e-mail address

Some Internet sites are not genuine, so be cautious before letting sites have your e-mail address.
If you have any doubts at all, use a disposable address as explained below..
Never respond to Spam.
Do not buy from spammers.   If nobody bought, the problem would go away.  Should you really trust them with Credit Card details?
Do not click on Unsubscribe links.  This confirms the e-mail address is genuine and may well lead to more Spam.
Use an up to date e-mail reader.  Make sure that linked pictures are not automatically displayed; when pictures are displayed it tells the spammer his message has been received.  Once I encountered an e-mail which automatically sent my e-mail address back to the spammer confirming it was valid!  Modern software prevents this.  Luckily I was using Norton Internet Security and its Privacy Control picked this up.
Please, never bounce Spam back.  Most is sent from faked e-mail addresses, so all you do is clutter some poor innocent person's inbox with rubbish, wasting your bandwidth and his.

Encrypt your address on your website

Robots search the Internet looking for e-mail addresses in order to send them Spam.  So never write your e-mail address in plain text when designing a webpage.
It's very easy to encrypt the address.  I can't recommend a specific site to help you do this, as it some years since I used one.  Just enter "encrypt e-mail address" into a search engine and click on a suitable link.
The site will generate a JavaScript which when run will reveal the address, and is easy to insert into the webpage.  This prevents a robot from seeing it.  But it can prevent genuine visitors from seeing it if, for security, they have disabled Scripts.  So you should also add a message to the page advising visitors need to turn scripts on if they wish to e-mail you.  Ideally use the noscript html tag for this, so it only displays if Scripts are turned off.

Use a disposable address

Even if you encrypt your e-mail address some determined companies will find it and start spamming you.
Sometimes you have to send your e-mail address to suspect business.  However careful you are some Spam is bound to arrive.
So for your webpage and other risky tasks use a disposable address.  If you have your own domain it's easy enough to set up a newname@yourdomain for this purpose.  When it receives too much Spam simply change it and don't view e-mails to that name [see advice on filtering in the next section].  If you don't have a domain, you might want to set up a special account, for further information enter "disposable e-mail address" into a search engine.

Spam Filtering

There is a danger here.  Whenever you filter out e-mail so that you don't see them, you may lose genuine messages.  In my experience the greatest danger is messages from large companies sent to many addresses; luckily it is unusual to lose important messages from individuals.  In the end you must decide which is better: to lose perhaps 5% of messages by errors in filtering, or 100% because they get lost in the Spam.
Note this is generic advice.  Its application will depend on your e-mail host, and the software you use.  Seek further advice as necessary.

Domains, delete e-mails to addresses you never use

Your domain host should have a policy on what happens to e-mails which are sent to names@yourdomain which you never use.  I think it's wisest to delete without response all such messages.  This gets rid of a lot of Spam, and also bounced Spam which has been faked to look as though it came from your domain.
If you don't have your own domain this option is not available.  However if you find your e-mail address swamped with Spam consider changing it.

Filter Spam before you download it

Most hosts do have a Spam filter.  Use it.  If possible delete obvious Spam without downloading it - thus saving bandwidth.  Set the filtering so that only definite Spam is deleted.  You'll find the filter assigns each e-mail a value, which you can see in the e-mail header.  That will help you decide what value to set for the cutoff point.
To see the header in Outlook, right-click on the e-mail, and select Internet Options.
Most hosts also have a blacklist.  So if a company insists on sending you Spam which the filter fails to identify, you can always ensure they are blacklisted before being downloaded.  I normally only use this option if they insist on sending huge files at regular intervals.

Filter Spam in your E-mail Reader

Outlook 2007 has a built-in Spam filter.  Most antivirus programs include some form of filtering.  Again make sure you using the latest versions of programs as they will catch nearly all the Spam for you.  At first you need to check to ensure genuine messages are not being caught, but these filters respond to training and will improve with use.
And that's as far as we've ever needed to go!  Although our shop does receive masses of Spam, only one or two a day get through the filters.
However if after setting up all these steps Spam is still an issue for you, there are various additional filters available.  The best will cost money, but compared to the value of your time they come cheap.  As I've never used them I cannot give any advice on which is the best.

Use e-mail rules

If your host identifies spam, but you cannot stop it being downloaded, the spam will be identified in the header or subject line.  Write a rule which recognises the words inserted by the filter, and push it into a special spam folder, marking the mail as read.  Do check the folder at intervals, to ensure genuine e-mails are not being sent here.

Don't let spammers use your domain

If you have a domain you'll find that spammers fake your address to send their Spam.  They normally use a made up name at your domain.  And before you know it other spammers will start sending their Spam to that made up name!
That's one reason why I advise you to delete all mail to names you don't use.
However you can discourage spammers from faking your domain by using the
spf project.  This sets up rules and limits the places from which your e-mails originate.  It's easy for Spam filters to test those rules and identify fake users of your domain name.  I don't know in practice how effective this is, but there is some evidence that it can reduce the Spam sent from your domain, and will certainly help the poor recipients of Spam.
You'll note I've left this advice to the end.  Every other step I've listed here I found easy to implement.  But setting the spf record was a challenge, and I needed help to do this.
Do it if you can, and you may find it worthwhile.  But do test your e-mails afterwards, and make sure they reach you!  Even if the e-mail reaches you, do check the header, to ensure it doesn't show an issue with the spf rule.  It's too easy to write the record incorrectly, and then your genuine e-mails will be bounced.

Conclusion

We all have to live with Spam.  We have taken all the steps here, and now can use e-mails without wasting more than the occasional moment dealing with Spam.  On rare occasions a genuine message can be lost, but overall we believe we offer a better service and save time and money by keeping Spam from our desks.

Martin Rees, Jeweller and Pawnbroker Member of the National Association of Goldsmiths