For seven years I received no spam. Well, maybe not zero spam, but it was so little as to be utterly insignificant, and as soon as I received one I quickly eliminated the threat entirely.
Allow me to explain.
Back in 2004 when I decided to do this, I was utterly inundated by spam. For years my e-mail address had been posted on websites as a way of contacting me, and as a result, every webcrawling bot in the known universe had collected my address and sold it in the dingy back alley black markets where one trades in such things. After a few attempts that met with only minor success, I determined the only way to truly, 100% deal with this problem was going to be the complete and total eradication of spam from my life once and for all. So I thought it through, and came up with my Ultimate Spam Fighting Solution.
Step 1 was to register a brand new domain name that had no direct connection to any dictionary term. This domain would never appear in any search engines, would never host any web pages, and would be completely registered by proxy so that nobody would ever connect it to me. I wanted a domain that would be snappy and easy to remember, so I chose the charmingly eccentric domain “Atomicsupermonkey.com.” I still love that name.
Step 2 was to create my login name, a separate log-in that would only exist for me. Nobody in public or private would ever have this, and it was my real e-mail address, the only actual account at that domain. I specifically turned off all of the default addresses to the domain (webmaster, postmaster, etc.) as they are simply spam bait.
Step 3 was to create a billion e-mail aliases, one for every use. For Amazon.com, I created firstname.lastname@example.org. For eBay, I used email@example.com. For Twitter I used firstname.lastname@example.org and so on.
The final step was to make a way for people who actually wanted to reach me to get in touch with me (this was before Facebook and Twitter…it seems awfully quaint now). I created a php form that I could post publically. You can find an archived version of it here. Filling out that form sent an e-mail tagged MAILER that included a text file with the user’s IP address and every other bit of information I could scrape off of their computer (nothing too bad, just browser, OS and so on…it was useful for identifying bots). I only really reported a couple of people for abuse, and that was before I added a CAPTCHA to weed out automated bots. Once the CAPTCHA went in I had no problems (just a few misguided, but at least human, people looking to take out ads on my worthless web sites). I generally found that when people have to manually input information, they won’t bother. And that’s sort of the thing about phishing and spam in general…it’s all about bulk. Take yourself out of the pile and you won’t exist to them.
After that I just sat back and watched. And you know what? It worked. Perfectly. I mean really, perfectly.
Because I created so many aliases (over 250 when I shut down the domain) I can point to what retailers are nice and respect their privacy policies, and which ones are absolutely evil and will never receive my business again. Don’t worry, the overwhelming majority were great. But Busted Tees? They suck. I don’t know if they accidentally had their e-mail list compromised and never informed users, or they intentionally sold their list or what, but I will never, ever give them personal information again, and neither should you. Also evil: MacMall. MacMall was cheap back then, so even knowing that they were evil spam-selling bastards I created a second alias which I intentionally deleted shortly after the order arrived. But guess what arrived first? Spam sent to email@example.com. Yep, those guys suck. Fortunately thanks to better retailers, I’ll never have to deal with them again either.
So that was it. And for seven years I lived with virtually no spam, no phishing attacks, nothing except the e-mail I actually wanted to receive. And it was good.
But a couple of funny things have happened in the last few years. When I started this, I did a lot of freelance work, and my personal e-mail was my e-mail. But that’s not the case anymore, and I barely use personal e-mail at all these days. I still use it for e-commerce and communicating with a couple of people, but for the most part, my personal communication has all moved to Facebook and Twitter. And the other thing is that Gmail has gotten really good at eliminating spam, largely because its userbase has gotten pretty large and with each user, their algorithms become more accurate (that’s the Google way, after all).
So I slowly transitioned myself over to Gmail a couple of months ago, turning off aliases here and there and moving everything over to the single, unified Gmail account. And you know what? Aside from one or two exceptions, Gmail’s been a pretty much spam-free experience. And hey, it’s free to boot. Go fig.
Spam is still a problem, let’s not kid ourselves. If you go around posting your e-mail address on a website, you’re just asking for trouble. But it’s nice to see that the last decade has seen a pretty dramatic improvement in spam detection. At the very least, it’s good enough for me.