Making contact survivable
July 2nd, 2008 5:50:26 pm pst by 
Sterling Camden
For years, I bravely posted my email addresses on the web with a “mailto:” link — trusting my email spam filters to keep the annoyance within manageable limits. And that worked, for many years. I’ve had my address posted on the web for all spammers to scrape since 1997. But lately things have gotten a lot worse. I get so much spam that not only do I not have time to inspect it for false positives, I can’t even get into my spam filter at all because it takes too long to load. Fine, I’ll trust that there aren’t any good emails getting spam-bucketed and just let them expire.
But what finally broke the Inbox’s back was some spammer’s escalation of the practice of spoofing my account as the sender of spam to others. They must be sending out thousands of messages a day pretending to be me, because the number that bounce back is in the hundreds. Fortunately, all of these that I’ve looked at so far aren’t using my real account, but rather aliases that I’ve published on the web that forward to my real account. So, I’ve decided to take down those forwarders and to replace every published bare address with a contact form instead (or a link to one).
Now that I have all three of my sites on WordPress, I decided to look for a WordPress plugin that presents a spam-safe contact form — or write one if I couldn’t find one. The Great Google led me to my old blogbuddy Doug Karr, who has adapted an existing plugin to create the WordPress Contact Form with Spam Protection plugin. The “Spam Protection” part is achieved via a challenge question of your choosing. The plugin is highly customizable, and secured against cross-site scripting vulnerabilities.
I placed one of these forms on the Contact page for each of my blogs. The only thing that required more than two minutes was to think of an appropriate challenge question for each one. Here’s what I came up with:
| Blog | Question | Answer (not case-sensitive) |
| Camden Software Consulting | What is my company’s middle name? | software |
| Chip’s Quips | Say the magic word, please | please |
| Chip’s Tips for Developers | What is F(7) in the Fibonacci sequence? | 13 |
Appropriate, don’t you think?
OK, I did go back and add a hint to the last one.
Posted in Get a Grip | 
8 Comments » RSS 2.0 | Sphere it!
Subscribe by Email
I don’t use mailto but just show the addy as a .gif
This is slowly deteriorating of course as legitimate users thereof type in the addy and store it in e.g. Outlook whence the spambots scrape it.
I think I’ll have to change the addy on an annual basis:-(
So far I’ve been lucky with that — I give out my real email address to friends and relatives, and that one hasn’t been hit too hard yet. Nor have I seen much leakage from online services that require an email address. But nowadays if you put one out on the web in clear text, they’ll snag it faster than you can say SMTP.
Greetings Earthling, Hallo from Germany.
I don’t know if this will help, but there’s a very strange fellow, (don’t tell him I said that) presently in Japan (he’s not Japaneese) who goes by the Nic of Dr. Dave at this site: [ http://unknowngenius.com/blog/ ] He wrote an anti-spam plug in for Word Press some time ago. It seems to work ok and several Bloggers do use it. He gives it out freely. (But it would be better for you to check it out your-self, as I’m sure you will.) The link for the Software, and it’s info is here: [ http://unknowngenius.com/blog/wordpress/spam-karma/ ] Anyway I hope it helps, if so pass it on. On the Spam, well I can only say I feel for you. -dawgit
Thanks for the link, dawgit — I’ll check it out. For WordPress comment spam, Akismet is working for me pretty well. It’s the email spam — in particular kicked-back spoofs — that’s been driving me crazy lately.
I pulled down my alias forwarders yesterday, and I haven’t received a single one of those since. Keeping my fingers crossed while knocking on wood.
Have you considered setting up a teergrube? When I was self-hosting I had one set up. I got very little spam.
I don’t even know what a teergrube is. Oh wait, here it is. Ha! Cool idea. I’ll have to think about it.
Thanks for the mention, Chip!
My pleasure, Doug! Thanks for saving me the time of writing something like this.