The Final Solution (to Spam)

I used to receive 400-500 spam emails per day. At first, I just deleted the spam manually. When this overwhelmed me, I looked at various solutions.

I tried an anti-spam challenge-response program. This is software you put between your email client and your mail server. It constantly checks your mail server and sends challenges to senders that are not in its white-list. Major disadvantages: legitimate senders often won't bother to prove they are human; many legitimate senders are in fact automated; and finally, sending the challenge emails themselves gets you listed as a spammer, so outgoing email that you send gets lost.

So I quit the anti-spam challenge-response system, and tried an email program with a Bayesian filter. This didn't work quite so well either. Most of the spam got sorted correctly, but an unacceptable amount of legitimate email got classified as spam. I had to download all of the spam emails, and then I still had to browse through all of them sporadically to fish out any false positives. This didn't really reduce the burden.

So eventually I shelled out for an email server of my own, which I configured like this:
  • Instead of having a address format, my address format is
  • Whenever I need to give someone an email address, I first create a new keyword alias on the mail server, giving out a customized email address.
  • As soon as spam starts arriving on any of the aliases, I remove them. Subsequent messages to the removed aliases are denied by the mail server on delivery.
  • All messages to active aliases are routed to a single and private account that never gets disclosed.
  • If someone wants to know the address where they can email me, they can go to my private web page where a working alias is always made public. I take measures to prevent spammers from harvesting that address from my website, but when they do, I can always replace it with another one on demand.
Using this approach, I have been able to keep the amount of spam in my mailbox at virtually zero, reduced from hundreds per day that I had before. Best of all, my loss of legitimate emails is also at virtually zero.

I think everyone with a spam problem could solve it with a system like this. All anti-spam approaches that are based on filtering create an arms race and can have a very significant hidden cost when important emails get lost. The keyword-based system gets rid of spam with less maintenance, more durably and much more reliably.


Popular posts from this blog

"Unreachable" beauty standards

Is the internet ready for DMARC with p=reject?

When monospace fonts aren't: The Unicode character width nightmare