Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Fed up with spam


Avium

Recommended Posts

Hello all,

 

Recently, the amount of spam that I've been receiving has been increasing, and there are days when the spam mail exceeds the amount of order emails. This is causing me a lot of lost time deleting and reporting them to SpamCop (yes, I am anti-spam - I report all my spam to Spamcop).

 

I noticed thaat 95% of the spam comes in through my store email address, and since this email address I don't make available elsewhere, I assume that there must be someone spidering it directly from my website.

 

If I may ask, has anyone written any mods to block off these email harvesting bots? I've looked at the contribution 'SpamFighter', but somehow I can't get it to work.

 

My OSC version is V2.2, MS2.

 

Any advice or help will be appreciated!

Link to comment
Share on other sites

It's too late now to encrypt your email addresses, as they're already on some spammers database. And if you elect via the admin panel to 'block spiders' then that'll block google and dmoz also - not good! The best thing is to install something like Spam Assassin, so that the spam gets tagged on the way in. You can then either elect for Spam Assassin to delete everything it tags with (?Spam), or you can set your computers e-mail program to delete anything with that in the subject line.

 

Another alternative is to drop new .htaccess files into your web, and list all those good spiders that you do want to allow in, which, by default, will block all of the bad spiders you don't want to get in. But be careful, this will be a long list because you'll also have to include all search engines that you're happy to send people to you, which wil exclude any you don't list.

 

Vger

Link to comment
Share on other sites

There are a couple of things we've been doing to try to cut down on the spam we receive.

 

First, never, ever put your email address directly on your website, or anywhere else for that matter. Instead, always put a link to your contact us page.

 

Second, set up a special email address especially for outside your store use. And when the spam becomes unbearable, change it.

 

Third, always use an email address that would be impossible to guess. don't sue "sales@yourdomain" or "support@yourdomain" or "webmaster@yourdomain" as these email addresses are often randomly spammed.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

If I may ask, has anyone written any mods to block off these email harvesting bots? I've looked at the contribution 'SpamFighter', but somehow I can't get it to work.

Here's an easy to install contribution I added -> Email Encoder. It should prevent harvesting since they do not currently try to decode such strings.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

The simple thing I do is to replace @ in the address with & #64; (no space after the & - I can't get it to appear properly in this message.) This seems to stop the spam spiders cold. Sure, they COULD look for it, but they don't bother to, according to a study I read which compared various ways of hiding addresses.

Link to comment
Share on other sites

I've just become resigned to the spam. As much as you try to beat it these guys will come up with something else.

 

I just delete it now and I never use pop accounts, only webmail so I don't download all the junk.

 

I'm more bothered by the people who send spam using my domains for fake addresses. It comes and goes, they seem to work lists. They'll grab a domain name, use it for a while then go on to the next. In one case I'd hardly had a name registered for a week and I was getting bounce messages and I never even set up a mail account for the name, just a forwarder! In that case it hardly mattered to me, it was a hyphen version that I bought to stop anyone else from getting it. I did set up a "catch" page telling anyone who visited to blame the spammers, not me.

 

I do own some interesting domain names, I can see why they glom them. :P

 

I'm more worried that mail from my domains will end up on spam lists through no fault of my own.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

I'm more worried that mail from my domains will end up on spam lists through no fault of my own.

 

Exactly because then you'll be listed as a spammer and spam blocker programs will start catching what you send. I had a similar situation where I was getting bounced emails that I never sent.

Keith

 

 

What the hell was I thinkin'?

Link to comment
Share on other sites

First, never, ever put your email address directly on your website, or anywhere else for that matter. Instead, always put a link to your contact us page.

 

Second, set up a special email address especially for outside your store use. And when the spam becomes unbearable, change it.

 

Third, always use an email address that would be impossible to guess. don't sue "sales@yourdomain" or "support@yourdomain" or "webmaster@yourdomain" as these email addresses are often randomly spammed.

I don't list my email anywhere on the website, in fact, the only place where you can possibly find my email is through the 'contact us' page (and even then it's hidden - it's not visible on the page per se). I'm suspecting that the spiders got it from there because that is the only place where it can possibly be found.

 

I'm quite careful with giving out that email - it is a strictly store email, so it doesn't travel much in cyberspace because I don't even hand it out voluntarily. But I do use it on namecards, but I don't think this is an issue since I've been getting spam from the same guys even before I started handing them out.

 

What I find terribly annoying is the fact that I keep getting spam about the exact same thing - some stupid offer of predesigned logos. Each time I report it to Spamcop, it clears off for a while, then it starts back up again. It's plain awful. I don't really get new spam much - usually once I report them they are gone. Just a few that never seem to die off.

 

Jack - thanks for the link. I'm going to check out that mod right now!

Link to comment
Share on other sites

The contact us page can be improved with the following contribution:

 

http://www.oscommerce.com/community/contributions,859

 

It keeps track of email communication in the database, where a customer can start the initial communication through a web based form instead of directly via email (where an email address would normally be shown).

:heart:, osCommerce

Link to comment
Share on other sites

What I find terribly annoying is the fact that I keep getting spam about the exact same thing - some stupid offer of predesigned logos. Each time I report it to Spamcop, it clears off for a while, then it starts back up again. It's plain awful. I don't really get new spam much - usually once I report them they are gone. Just a few that never seem to die off.

I've gotten hundreds of those. I've probably got some waiting for deletion right now. I own 20+ names and any of them that I've set up email on forward to one general purpose email account. It's like a funnel for spam.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...