On Mon, 5 Apr 2021 14:49:15 -0400 Celejar <cele...@gmail.com> wrote: > On Mon, 5 Apr 2021 14:12:07 -0400 > Dan Ritter <d...@randomstring.org> wrote: > > > Celejar wrote: > > > Hi, > > > > > > What's the recommended modern best practice for putting a contact > > > email address on the web while avoiding having it scraped by spam > > > / fraud bots? > > > > Assume that every address will be hit by spammers and scammers. > > Put in appropriate antispam and antimalware precautions. > > Okay, but why isn't trying to limit spammers getting hold of an > address a logical part of a defense in depth strategy?
It is, but if you are reachable then a human can enter your address on a list. Or, as you suggest, OCR will eventually find it. > > > Train your people to recognize spam and scams. > > I'm talking about a small hobby project that I run in my spare time. I > just want to reduce spam to an address that I may put up to allow > people to reach me. > > Unfortunately, there's nothing to beat running your own mail server, which is not particularly high-maintenance after setup. The address at the top of this email was created nearly 23 years ago, and has been used widely around the Net, including several Usenet groups. I get between one and four spams a day in my inbox. As it happens, I put a new CIDR group on my blacklist today, for the first time in perhaps a year. The next best method is a new free mailbox, with collection piped through the anti-spam software of your choice. But I tried spamassassin some years ago, and decided I couldn't spare the time that staying ahead in the arms race was costing me. Maybe the maintainers have made better algorithms since then. -- Joe
