Fighting Spam on your website

Most of us deal with SPAM on a daily basis. It's mostly seen as a nuisance, to be dealt with by the end user. However, if you run a website, spammers and scammers may be eroding your e-reputation! Forget about the automated spam-bots of the old days. People sending unsolicited emails can paste their message methodically, one by one, into forms on your site. For instance, if you host forums or classifieds, list companies, or members, etc., you might be setting up your users or clients for nuisance emails. Worse, since the email comes through your site, your company name is associated with it. This may lead to lost membership, forum activity, or business.

Scoping the problem

How do you know if you have a problem at all? The only real way to guage the problem is to monitor or log emails being sent through your site. Some of the programs you use may have logging functionality, or you may need to add that in. If you site is heavily trafficked, it might get tedious to review all emails, but you might be surprised what percentage is junk!

Fighting back

Ok, so by now you realize there's a problem. Here are some ways to combat the problem. Note: These are general, since the specific solution depends on the software you have installed on your site.

• Filters / Traps: Modify your software to look at a list of banned phrases, email addresses, ip addresses, etc. that you can maintain based on the logs. As you notice a spammer hitting your users, you edit the list, and block them.
• Form delays: One simple but effective method is to modify scripts sending email is to add a delay in the send function. This "sleep" time may not be significant to your normal users sending an email, but to someone trying to send out 25-50 an hour, it would get annoying. Although it doesn't stop them in any way, it might discourage them.
• Speed limits: This can get more complicated, but tracking recent emails, and limiting each IP address to, say 1 email per minute, or something like that. Perhaps anyone trying to go faster, gets a longer sleep time, as mentioned in the prior idea.

Advanced methods

A more advanced system of combatting website spam would be something like this.

• Consolidate: All site emails should be funneled through a single point on your site. This would allow for holistic analysis of the email from one spot.
• Analyze: An analysis script would process all emails, looking for banned email addresses, phrases, and speed limit violations
• Defer and Delete: Emails looking suspicious should be deferred for manual review, while good emails are sent out immediately.
• Ban Liberally: Even legitimate businesses may decide to use your customer list to market their products. You do not need to let them! Ban any email address that seems to be sending out unsolicited emails.

Conclusion

There's no easy way to protect your website users and customers. If you do not take steps to prevent spam, however, it reflects directly on your business. Start by looking at your email logs. Once you know how big the problem is, you can decide the efforts required to stem it.