Drop Shadow

About web spam

Web spam is when spam harvesters harvest web sites to create spam. There are three types of web spam that can affect your web site.

E-Mail Harvesters

The most common form of web spammers are e-mail harvesters. These computer programs search web pages looking for anything that looks like an e-mail address, and add those e-mail addresses to their database. More sophisticated harvesters will also keep track of the context in which they found the address so as to personalize the spam in hopes that it won’t get caught by spam filters and that it will be read by the recipient.

For this reason, you shouldn’t put other people’s e-mail addresses on your web pages. Whether you put your own e-mail address (or an alias for your group) on your web page is up to you. Be aware that if you do, you’ll receive more spam at that address than you otherwise would.

Comment spam

If your site contains web forms for comments, feedback, forums, or anything else that uses a form, your forms will eventually be found by comment spammers. What comment spammers are mostly looking for is a way to get links to their sites onto your site. So they fill out your form with URLs to their spam site in the hopes that your form will post it. They will do this whether or not your form actually does post submissions on your site, because posting is practically free.

If your form does post its submissions to your site, you will want to either put it behind a password or require approval for every posting that gets submitted. Otherwise, your site will eventually host links to porn, scam sites, and dodgy stock market tips. If we discover that your site has such links, we will contact your Authorized Contacts and request that you remove those links and further protect your submissions.

If your forms are for sending e-mail to your authorized contacts, our Email Form plug-in takes steps to block spam if you turn on the anti-spam functionality with in it, but it errs on the side of letting valid messages through.

E-mail relays

Spammers also look for forms that take submissions and send e-mails based on those submissions. They will try to trick these forms into sending e-mails to addresses that the spammer submits. You must never send e-mails to addresses pulled from an unprotected form handler! If you need to send e-mails to the person submitting the form, make sure that the form’s script is behind the USD single sign-on. If a form can be submitted by anyone, do not send e-mails to addresses submitted via the form.

We cannot have the USD web server turn into a spam relay. If we discover that you have a script or page on your site that can relay messages, your account will be locked and the script/page will be removed. After your account is locked and the script removed, we will contact your authorized contacts to let them know what we removed, and why.

Avoiding spammers

There are lots of ways of fooling spammers into not recognizing that they could harvest your site for their purposes, but unless you have a lot of time, I recommend against traveling that road. The nature of the web is that any service that is usable by anyone on the web is also usable by spam harvesters. It is easy to get caught up in the spam race, where you continually update your anti-spam tricks as spammers update their spam harvesters. In the end, all you’re really doing is making it harder for people to visit your site and make use of its services. And especially harder for people using alternative browsers, such as voice readers and portable devices.

If your readership is the USD community, the best way to avoid spam is to put your page behind the USD single sign-on. If your page is available to anyone, do not send mail to addresses from that form.