Spam Filters

Posted by Phil Weber on December 7, 2004

I'll never forget my first e-mail address. Back in 1986, I signed up for a CompuServe account; my address was 72451,3401. Several years later, I opened an account with a "real" ISP and started using my new e-mail address in newsgroups and on my Web site. It was then that I was introduced to the scourge of spam.

Three years ago, when I registered the and domains, I thought, "Here's my chance to retire an address that's on every spammer's list and get a fresh start!" I informed my friends and family of the new address and scrupulously avoided using it anywhere it might be seen by spammers. Or so I thought.

Then the spam starting trickling in. How had they found me? Turns out I had used my new address to register my domains! D'oh!

Rather than change addresses again, I began using spam-filtering tools, starting with Qurb, a PC Magazine Editor's Choice. Qurb works well enough, but it integrates with your e-mail client; if you check your mail on the Web or with a mobile device, you're out of luck.

To address this limitation, I've been using a server-side spam-filtering service, MailSift. I simply set my POP3 server to forward all messages to MailSift, then point my e-mail software at MailSift's server to retrieve my messages. (MailSift can also poll your mailbox if your ISP doesn't support forwarding.) The service works great, and at $2/month it's quite affordable. (My current stats reveal that since I signed up two months ago, I've received 767 spam messages, but only 247 legitimate e-mails.)

Another annoyance with which I've been dealing recently is comment spam. If you host a blog on Movable Type 2.x, I recommend MT Blacklist, a donationware plugin that blocks comment spam by comparing the commenter's URL against a list of regular expressions. It can also despam your comments if one of those parasites slips through your defenses.


Posted by Aaron on December 7, 2004:

Not sure if it’s still the case, but I’ve had a couple bad experiences in the past when an e-mail address at domain was used as the contact for registering domain - now I always use a third-party e-mail account for my domain contacts. The gist is that if’s registration gets hosed, you might need a valid e-mail account to fix it, and if is hosed, you’re screwed.

Leave a comment