How to Prevent 99% of Spam From Reaching You
Version 1.2

This article details the method I use to prevent most of my spam. It has proven to be working well so far. This works for any mail client, such as Outlook, Outlook Express, Windows Mail, ThunderBird or even GMail itself!

This requires technical understanding of terms like cPanel, email address forwarder, email account, catch-all, SMTP and possibly more. If these terms are new to you, we recommend you stick to your current regime as you may miss important emails if not configured properly. While there are other techniques such as plus addressing and spam filters, this is the best way I found found to reduce spam.

How Does It Work

By creating an e-mail alias for every entity you share your e-mail address with, you are able to deactivate compromised e-mail addresses at the source.

So, when you are signing up for a website newsletter e.g. Reddit, you will need to create a special forwarder email alias like reddit3dddv@example.com (with example.com being your personal domain) that forwards all mails to reddit3dddv@example.com to your real e-mail address.

Your real e-mail address should only be known to the hosting company to forward your mail. It should not be used anywhere else.

Benefits (Pros) and Disadvantages (Cons)

Pros

• Easily discover which company compromised your e-mail address
• Easily switch off e-mail aliases that has been compromised
• You can personalize your e-mail address for your senders
• Change your email provider easily with no worries on updating your e-mail address. The only place where you will need to update is at the hosting company.
• Frankly, the only big Pro here is 99% LESS SPAM

Cons

• Users will find it hard to add you to e-mail based social networks such as Facebook and Instagram as you do not have a unique e-mail address
• Requires more time to maintain e-mail addresses
• A slightly steep learning curve as you become accustomed to terms like DNS, Mail Alias and Catch-All.
• (NEW 2024) Not entirely related, but if your email server mistakenly hard bounces emails, some email service providers now silently suppress sending emails to you. See below for more information

How To Begin?

1. Get a personalized web domain address (if you don't have one yet)

First, register a web domain if you don't have one yet. I recommend Namecheap.com (about 15 USD per year) for affordable domain registration. It comes with 100 Free Email Forwarding so you don't need to apply for any hosting plans. 100 may be quite limited so you may want to take up Namecheap's Stellar (from US$1.50/mth when on sale) shared hosting plan which allows unlimited forwarders. What's more, it features easy to use cPanel.

When you think of the name to register, make it personal and remember that this domain is going to stick with you for a very long time, possibly your entire life.

For the rest of this article, the domain I am going to use as an example is www.example.com.

2. Create a new email account to receive emails

Create an email account at example.com's hosting server. For cPanel, here's a guide. Do not give this address to anyone. This is where you will receive all forwarded mails.

The e-mail address should not be common. Some spammers generate e-mail names from a domain so if you use something like john@example.com, you don't even have to post it online to get spammed as 'john' is a very common name. Something like gf4dfvdfdfd@example.com is good.

Add this email account to your mail client i.e. Outlook, Samsung Email, etc.

3. Create an email account for catch-all

Create another email account at example.com's hosting server to serve as a catch-all. Again, do not give this address to anyone. This is where you will receive all emails that do not have any forwarder set. Again, the e-mail address should not be easily guessed. Something like catchall9j29fjfm3@example.com is good.

Set this email address as the catch-all for your domain. For cPanel, here's a guide.

What's a catch-all? For example, if you meet Peter Smith, your old friend at a bar nearby and give your e-mail address as petersmith@example.com, you will need to remember to create the alias at cPanel. What if you forget? This is where the catch-all account comes in. When Peter sends you an e-mail to an alias that you have not yes created, it will direct to this catch-all email account. However, this also means that all spam emails sent to random email addresses at example.com will also land here. So when checking this account, you will need to be very very careful of scam, phishing and spam emails.

UPDATE: We no longer recommend creating a catch-all at GMail as this may bounce emails (for reasons such as spam, SPF / DKIM / DMARC fails) back to the sender and reveal your Gmail email address! Furthermore, many hosting services such as Dreamhost and Namecheap now forbid setting catch-all email addresses to an external email account as it may affect their sending IP address reputation.

We will need to use GMail for their spam filter for legitimate mails directed to you. The e-mail address you create here will be set as the catch-all alias for your domain. Take note though, if Gmail bounces a forwarded email due to spam, the sender of the email will know your GMail address. Regardless, it's just for a backup that you should check GMail once in a while for legitimate messages.

So for example, if you meet Peter Smith, your old friend at a bar nearby and give your e-mail address as petersmith@example.com, you will need to remember to create the alias when you return home. What if you forget to? This is where GMail's account will help. When Peter sends you an e-mail to an alias you have not created, it will direct to your catch-all alias, which goes to your GMail. GMail's spam filters have a high rate of discerning spam so you will still be able to receive Peter's mail in the end.

Once you have created the e-mail address at G-Mail, configure it for the catch-all alias at your domain.

Optional: You can also set GMail to forward received emails to your mailbox.

4. Create an email forwarder for every entity

This is the challenging part when you are starting off. For example, if you have 3 friends named Tom, Dick and Harry, you will need to create 3 forwarder aliases: tom@example.com, dick@example.com and harry@example.com. You will have to let them know your new e-mail address.

For cPanel, here's a guide.

Again, try to avoid easy-to-guess words like Tom, Dick and Harry in the e-mail alias.

5. Create an e-mail forwarder alias every time you need to submit your e-mail address to a website

Every time you need to submit your e-mail address, create an forwarder e-mail for the site. For example, if you sign up for a Reddit account, create an alias redditdfsd@example.com and use it to setup your account. For cPanel, it's the same guide.

This makes it easy to catch companies who are compromising your e-mail address to unauthorized third parties as well as to allow you to close the compromised e-mail address once you discover that it has been compromised.

6. Set your reply-to email address in your mail client to something like ask_me_for_my_email_1@example.com

When you discover spam coming through the reply-to address, change it to ask_me_for_my_email_2@example.com and remove the forwarder for ask_me_for_my_email_1 to redirect it to catch-all

Also, set your outgoing SMTP server to use your hosting server's SMTP, as a recipient's spam filters may discard your e-mail if they find that the domain you are sending from does not match the SMTP server you are using.

7. Create a reminder to check your catch-all email account regularly

As mentioned above, some legitimate emails may land on your catch-all email account. So you will need to check it regularly.

Once again, when checking this account, you will need to be very very careful of scam, phishing and spam emails.

8. (Advanced) Setup SPF, DKIM and DMARC DNS records

This increases email of emails you send from your domain. Here's a guide for cPanel users for setting up SPF and DKIM records. This would have already been done for you if your DNS is hosted at the same hosting server as the domain.

For SPF, by default, cPanel uses a "~all" flag. You may want to change it to "-all" to automatically reject all emails that are not sent by the web host.

For DMARC, here's a guide by cPanel.

I do not recommend usage of any spam filters for the email accounts created as they can block legitimate emails.

Update Sept 2024: Beware of "Suppression Lists"

For many years, this system has worked very well for me. However, one day, my email server got mis configured (not by me) and started hard bouncing all emails sent to my forwarders with a "550 Unrouteable address" error. I found this out when trying to obtain my Elder Scrolls Online access code only about 12 hours later and resolved it.

Fortunately it was the weekend and there were only a few emails I missed.

Unfortunately, for some of those few emails I missed (Elder Scrolls Online emails were one of them), the email service providers silently added my email address to a "suppression list".

What it means - When entity X uses email service provider Y to send an email to my email address Z that has been added to the Y's "suppression list", X is informed that the email to Z was sent successfully. But in reality, Y did not attempt any delivery because it was in its "suppression list". And there's very low chance that Z's owner to know that emails from X has been added to a "suppression list". And X thinks it has sent the email properly unless it has specifically added more code to check for this.

This problem is not specific to the system I am using, but may be a possible issue for anyone not using ultra reliable email servers from the big companies like GMail, Outlook.com, Yahoo, etc. There is no way for me to prevent this in future, not even with backup MX servers as emails are hard bounced (bounced with a error message).

Ideally such email service providers could retry the email delivery 24 - 48 hours later in case it was a temporary email server hiccup (as it was in mine) before adding it to their "suppression list" and prevent this issue. But to achieve the best IP address reputation possible, this is unfortunately not pursued.

Now I am left wondering what email addresses of mine has been added to a "suppression list".

For those clear ones where I was expecting an email such as Elder Scrolls Online access code, I attempted to email the customer service to take my email address off the "suppression list". It mostly ended up in me simply changing my email address instead as the customer service officers had no idea what a "suppression list" was and explaining to them got me to no end.

Questions, Errors and Queries?

Please post any queries you have in the Comments below.

This document is Copyright(©) 2006-2024 by G.Ganesh. Visit Bootstrike.Com (http://bootstrike.com).

Last Updated 13 Sept 2024.