Combating Spam

Unsolicited commercial e-mail (UCE) is filling up my inbox at an alarming rate on a daily basis. One day last year, I decided to embark on an experiment. For six months, I replied to every single piece of UCE that I received.

By Erik J. Heels

First published 9/1/2002; Law Practice Management magazine, “nothing.but.net” column; American Bar Association

Start at the Very Beginning

Those who send unsolicited commercial e-mail (UCE) (commonly called spam) acquire e-mail addresses from a variety of sources. If you have ever purchased anything from an online vendor, the e-mail address that you used is stored somewhere by the online vendor and is sometimes sold to direct marketing companies. If you have ever registered a domain name, the e-mail address that you used to register the domain name is stored in your domain name registrar’s database such as Verisign’s Whois database (http://www.netsol.com/cgi-bin/whois/whois). And if you have ever published any web page with your e-mail address in it (like this article) or posted any message to Usenet, the e-mail address that you used may be found by various robots programs that crawl the web in search of e-mail addresses. In short, any time you give out your e-mail address, you run the risk of having your e-mail address end up in the hands of spammers.

Spamming the Spammers

My strategy was to reply to every piece of UCE with a polite “no thanks” and a short description of the services that I offer. Maybe, just maybe, some of the purveyors of UCE need patent, trademark, or copyright assistance. And maybe, just maybe, my polite response would stand out in a crowd of the angry e-mails that I’m guessing the UCE senders are used to receiving.

Since I didn’t want to make my spam problem worse, I first created a temporary e-mail address for use in my anti-spam campaign. Many of the spammers use descriptive e-mail addresses such as “refinance-your-mortgage” or “build-a-better-web-site.” So I created “patent-trademark-copyright@clocktowerlaw.com” as a temporary e-mail address that pretty much describes what I do for a living. Using Eudora’s stationery feature, I then created an e-mail message template for my reply message. This way, any time I received a piece of UCE, I could simply reply with my spam template, which automatically sets the “from” address to the temporary e-mail address I just created.

I should point out that I did not set up my temporary e-mail address as an auto-responder, which would automatically reply to all UCE. This is because it is not possible to identify incoming spam as such 100% of the time. Using a series of e-mail filters (rules for transferring e-mail addresses to various mailboxes), I can identify most of the incoming spam, but not all of it. As such, the process was only semi automated. I first had to gather up the day’s spam and then had to reply to those messages with my standard anti-spam message. Here’s how the final anti-spam message looked:

From: patent-trademark-copyright-at-heels-dot-com
Subject: thanks - need patent help?

Greetings,

Thanks for your e-mail.  Let me know if you need any intellectual 
property (patent, trademark, copyright) assistance.  All the best.

Regards,
Erik

The message also included my standard e-mail signature file, which includes my name, address, phone number, a blurb about my newsletter, and a standard attorney-client disclaimer.

The ROI

For six months, I replied to every single piece of UCE that I received. I replied to 7771 pieces of spam, which is about 43 pieces of UCE per day. Of those replies, 63% (4894) bounced back to me, usually because the e-mail address was invalid or the sending e-mail account was full. This means that 37% (2877) of my messages were delivered somewhere and may have actually been read by somebody. I received 13 responses from real people. Unfortunately, four of the responses were from friends who had sent our newsletters and whose messages were wrongly labeled by my e-mail filters as spam (sorry Dave, Hollie, Ross, and Joanne). The remaining nine people thanked me for my e-mail and indicated that they would keep my information on file, and one actually requested a proposal. So out of 7771 e-mail messages that I sent, I generated nine replies (about one tenth of one percent), one prospect, and zero sales.

So the ROI on this campaign was terrible, especially compared to traditional direct mail, which nearly always generates direct response rates in the 0.5-1.0% range as well as actual sales. All I can conclude is that the ROI for the spammers must be positive, otherwise they would not send out spam in the first place. In fact, I considered one of the offers that I received. I didn’t buy the service, but I’m guessing that somebody else did.

Minimizing Spam

Having concluded that responding to spam is a waste of time, I then turned my attention to minimizing the amount of spam that I receive.

First, I deleted my temporary anti-spam e-mail address.

Second, since some spammers get domain names from domain name databases, I consolidated all of my domain names into one account with an OpenSRS (http://www.opensrs.org/) registrar and used a separate e-mail address just for domain name registrations. Incidentally, OpenSRS is a domain name wholesaler set up by Tucows (http://www.tucows.com/), and once you have registered a domain name with an OpenSRS reseller, you can quickly and easily switch to another OpenSRS reseller. Anyone who has wrestled with Verisign’s (http://www.verisign.com/) ridiculously complicated procedures for transferring a domain name from one party to another will appreciate just how wonderful OpenSRS is. Incidentally, I now used DomainDirect (http://www.domaindirect.com/), which is Tucows’ own OpenSRS registrar.

Third, I logged on to the web sites for the various online vendors that I use and changed my e-mail address in my profile to info-at-heels-dot-com. I use info-at-heels-dot-com on all of my public-facing materials (including this column). I have a “real” e-mail address that I use for personal correspondence, but publishing that address is what started the spam problem in the first place.

Fourth, when incoming UCE messages included a simple way to be removed from their mailing list, I used that method to remove myself from their list. I now only try to opt-out of mailings when I can do so from a web site. When I had to remove myself by sending an e-mail message, more often than not, the “unsubscribe” message that I sent ended up bouncing back to me.

As a result of these efforts, I was able to reduce the amount of spam I receive from 43 pieces/day to about 12 pieces/day. Interestingly, I get about 12 pieces of legitimate e-mail per day, so spam was outnumbering legitimate e-mail by more than 3-to-1 before I started actively combating it, and now the ratio closer to 1-to-1.

Putting Spam in Context

You can take real steps to minimize the amount of spam that you receive, but after that, the best way to deal with spam is to ignore it. I continue to update my e-mail filters so that legitimate e-mail that I want is not tagged as spam. A few years ago, I would have been shocked to find 12 pieces of spam in my inbox each day. Now I’m just mildly annoyed. Maybe real anti-spam laws will be passed someday to combat the growing problem of spam. Until then, treat unwanted UCE that sneaks by your initial defenses as you would unwanted direct mail – file it in the circular file.

Leave a Reply

Your email address will not be published. Required fields are marked *