• Be care­ful of mail­to links

    Redi­rect any mail­to links on your web pages to a page explain­ing how to con­tact you with­out putting the email address in a for­mat that bots can scan and grab for lists. This tech­nique great­ly reduced the num­ber of UCEs I received when I was using it. It does make it more dif­fi­cult for those vis­it­ing your site to email you, so if you’re real­ly look­ing for a lot of email respons­es from vis­i­tors it may be unwise for you.

    Anoth­er alter­na­tive is to obscure the address using Javascript, but you need to remem­ber that some old­er browsers do not sup­port Javascript, and some peo­ple dis­able it in their browsers due to secu­ri­ty con­cerns.

    If you can use forms on your site, con­sid­er­ing doing so. There are many free CGI or PHP scripts avail­able, most of which can be changed slight­ly to con­ceal your address if they aren’t already designed to do so. I like PHP­For­m­Mail. There are plen­ty of con­tact form plu­g­ins for Word­Press, Dru­pal and oth­er con­tent man­age­ment sys­tems that will let you receive mes­sages while hid­ing your email address.

  • Expect spam from any address used in a domain reg­is­tra­tion
    It’s a giv­en, so don’t use an address that you don’t want to have spammed. In the past, I used an address that I had nev­er used any­where else or for any oth­er pur­pose, and sim­ply ignored most of the email that went to it. My cur­rent reg­is­trar, 1&1, allows me to reg­is­ter my domains pri­vate­ly, so my real address is nev­er exposed to strangers.
  • If you do own a domain, do NOT set it up so that mes­sages sent to absolute­ly any address at the domain reach you.
    That’s the default on some mail servers, and it is a spammer’s delight. Set up just the email address­es that you intend to use, and let any­thing sent to oth­er address­es bounce.