When I built our first web site about three years ago, I naively put our e-mail address at the bottom of the page in "mailto:" format. As a result, the address is now inundated by spam at the rate of some sixty or so messages a day, and I have been forced to abandon it in favour of my new address.

I expressed my views on the spam to the ISP in question, and the response was effectively "Its all your own fault, you should have kept your e-mail address secret" !!!

As the main object of my site is to endeavour to contact people interested in genealogy who might have family connections, it seemed rather pointless not to be able to give them an e-mail address, and to suggest that they contacted me by snail-mail.

As a result, I changed to my ISP to Tiscali, but even so, the very day that I joined, I got an item of Spam. They insist that this is because the Spam senders go through every possible combination of names in the hope of an occasional hit. In view of the rather obscure addresses of some of my friends, I am not convinced, and believe that ISPs should look towards their own internal security.

Recently, as I wanted a better broadband service that was on offer from Tiscali, I changed my ISP to PlusNet. They have e-mail spam filtering facilities, but at present they are marking too many items as spam. The filtering is not personally adjustable, and one person's circular from, say, a well known electronics company, is another person's spam. Time will tell whether I continue to use this facility.

I used to use MailWasher, which is a very useful tool as it only downloads the e-mail headers, and enables you to delete messages at the ISP's server. There is a free version which can be used for a single e-mail account, or a paid-for version for multiple accounts. However it has a "bounce" facility, and it may be my imagination, but I'm sure as soon as I started bouncing e-mails, the amount of spam increased. This is probably because the bounce is delayed as compared with one which would be generated by an ISP, and I feel that a delayed "simulated" bounce message can indicate that the account is active.

As a result I have taken some precautions with this new site. The e-mail address displayed on my home page is in fact a picture in .gif format. I originally thought that Spambots would not be able to read text in picture form, but it would seem that they have now developed OCR techniques. For that reason my "pictures" use the "Old English" font, which is perhaps appropriate for a genealogist.

In order to still provide the "mailto:" facility, the address has been asembled using JavaScript.

At first I used a JavaScript based encryption system, which produced a long string of meaningless numbers, which would be gobbledegook to the SpamBots. I'm not clever enough to write such code, but found several examples on the internet by searching using Google.

However, as I had the need to produce a list of e-mail address for a friend, I devised a system which I believe will be almost as secure, by breaking the addresses into their constituent parts, and then reassembling them using JavaScript.

I have split each address into four parts; person name, domain name, type of domain, and country. With a list of addresses split in this manner, there are a fair number of possible combinations. The main advantage is that there is nothing obvious to attract the SpamBot to the list, as the "mailto:" and"@" pointers are missing.

What can the individual do about spam? I don't regard filtering as a solution (unless it is done by the ISP). As far as I can see we have no option but to put up with it; I know it can be reported to SpamCop and similar organisations, but in most case MailWasher tells me that this has already been done.

One thing that I intend to do in due course is to list the e-mail addresses of all the spammers on a web page in "mailto" format. Not in the hope of naming and shaming, which seems to be fashionable, but more in the hope that they will be collected by the Spam Bots and thus make their lists less valuable. In the limit, the system could be filled with so many e-mails and bounce messages that the whole thing comes to a halt and the ISPs are forced to take action. (Although a friend suggests that the ISP would probably take action against me on the current British principle of punishing the victim who protects himself rather than the criminal!)

If anyone has any bright ideas as to how one might take more pro-active steps against the spammers, please send me an e-mail