hi, it seems like web crawlers are sniffing emails from my webpages and sending viruses/spam/ads. this is really upsetting me.

i thought spamassassin is supposed to sniff this stuff out? is there a way i can keep crawlers from mining my email addresses? do i have to configure spamassassin somehow?

also, are there any virus scanners that i can get for my server?

i'm running redhat linux 9x.

tia.

Clam A/V for your server, it's open-source. The spambot question is trickier. Many people use [dot]com or dot com or some other variation like dot-com. Others use a word like REMOVE, and assume the viewer will know to remove that to get the valid address. I don't like those methods, they're too obvious. I like using a word like remove as part of my actual address. This way, the mailto: url still works for those who click on it. My email, *@bsc-delete-spam-at.msbx.net gets turned into something like *@bsc---@.msbx.net, or even *@bsc@.msbx.net, which gets rejected for not being an address. Not saying I don't get spammed at that address, but I can say it isn't harvested by any bots, and you can still click to email me. Spamassassin is only a filter, after the spam has been sent. The best way to configure it is to practice as it takes some getting used to.

Hey thanks, I just installed and configured clamav. Pretty awesome. Thanks again for the tips. And how do I train spamassassin? So far I've been downloading my mail via pop3 and just junking them.

I can't really help you much there, it's all trial and error dependent upon the particular spam you receive. I recommend just tagging incoming messages - you'll get (UCE) prefixed to the message title. After opening the message, you'll see how the spam scored. Once you're comfortable with this number, you use it as your 'threshhold' for filtering out spam. Now, some spams will get right through if they use a new technique unknown to SA. This is where 'Vipul's Razor' comes in. This is an open-source 'report spam' feature. Don't let every user access it willy-nilly (AOL-style) but instead limit who on your server gets to use it. This way, when new spams come in, your administrators can keep it out of users' boxes. I'm no expert on Razor, perhaps your next message should ask about it in the 'technical' forum, I think you'll find more knowledgeable help than me.

We use a little javascript to hide the e-mail address on some sites. Just put it where you would normally put the regular e-mail address. Change sales, mydomain.com and nameofaddress.

<script type="text/javascript">

emailname = "sales";

emailserver = "mydomain.com";

document.write("<a href='mailto:" + emailname + "@" + emailserver +"'>");

document.write("<font color=#ffffff><b>");

document.write("nameofaddress");

document.write("<\/b><\/font><\/a>");

</script>