I now get around 700 spams a day. 99% of which get filtered, but this still means I run the risk of missing an email.
I've had to practically abandon email as a means of communication.
anybody know of anything I can do to help punish spammers? I loved the idea of filters that fight back, did anyone write such a program? I need to send some bad karma their way...

I have a good ISP : I barely get any spam in my inbox, at all, and the 100 a week that does get through is 99% filtered to the Junkbox by mail.app (best email antivirus is using your cheap Mac laptop to read your mail ;)) : result, about one spam a week in my inbox :)
Better yet, I have access to all the spam directly online for 2 weeks after it's been sent, and that doesn't count against my account space (not that I keep email on the server). Not that I bother checking it anymore, unless I start to miss emails, then I go check for false positives.

That said, it does look that way : unless the backbone providers and big ISPs start really to act by systematically using at least two spam filters (my ISP uses Brightmail as their first filter, and SpamAssassin to get what the first lets through) on their servers, and that this action cascades down to smaller ISPs, I don't see an end to the problem in sight. I'm not sure a new protocol is the solution, as just locking down the current email systems would amount to the same as devising a new encrypted protocol, etc.

ie lock down anonymous SMTP sending of emails on all servers, etc.

Attacking a spammer back is just likely to get you into a whole lot of legal trouble. The source of a lot of spam is very well disguised. If you attempt to attack back to the e-mail you received it from, you will either be talking to a non-existant e-mail address, or to some poor unsuspecting victim whose e-mail address is being placed in the FROM header even though they have nothing to do with it. If you go by server that you received it from, you'll just be attacking an open-relay or some proxy somewhere.

Personally I don't have much of a spam problem because I'm very careful in separating which e-mail addresses are used for what. I only ever specify hotmail accounts on sign-up forms, and I am very careful when deciding which e-mails to specificy on my website and I never ever specify an e-mail address on any other publically viewable page (such as this forum) since spammers have bots that spider pages for e-mail valid e-mail addys.

I think the bigger devastating effect is the aggressive nature of spam blocking that has resulted from this. Lots of legitimate e-mail is being lost, and causes all sorts of problems. Customers with aggressive and/or misconfigured e-mail filtering can easily translate to huge misunderstandings and anger towards you because they aren't receiving the info that you sent them. I try to avoid using e-mail for critical customer communication, but it's just not possible to totally eliminate it.

I'm not sure how good this works, but I use this little free thing from bfndevelopment.com:

Fake mail list (http://www.bfndevelopment.com/cgi-bin/home/Members/fMail/Contacts/1213/List.html)

It's basically a list of useless mail-adresses. When a spam-bot searches your site for e-mails it would take all the fake adresses then move on to another page with more fake adresses and going on an infinite loop. That is suppose to ruin their entire list, because when they use it, they would get so many "undeliverable" back so they can't handle it.

As I said I don't know wheter it works but it seems like a logical idea, and if many people used it.. would almost be like flipping the situation. :)

It's basically a list of useless mail-adresses. When a spam-bot searches your site for e-mails it would take all the fake adresses then move on to another page with more fake adresses and going on an infinite loop. That is suppose to ruin their entire list, because when they use it, they would get so many "undeliverable" back so they can't handle it.

How does the anti-spam bot page work?

If I were to add this to my website, what is to make sure that the mailbot does not go to my actual contact page and find my email address there first before they find this page? Is there a way to make sure the mailbot finds this fake email page first?

As i said I have no way of knowing if this really works.. maybe some spam-bots are sophisticated enough to avoid this, but it should kill some of it at least :rolleyes:

The idea isn't to make the bot find this first, it just need to find it at all and the whole mail-list it's currently collecting will be ruined.. or that's the thought anyway.

I use it because it don't have any drawback, if it helps its good. If not, I've got an 1 pixel big image on my site without use... big deal.

"fighting back" just doesn't work. The sender address is fake, the machine who send it is fake, the whole chain is fake execept one host wich was used as entry point. But even that doesn't mean anything, there are millions of zombified (trojanized) PCs around, wich work as spam relays.

It's easy to get infected: use IE and visit a site wich isn't that trustworthy or get infected by an IRC worm (double clicking links is stupid if you use IE).

Well, another option to hide your address from spiders is using simple encryption and javascript. Just assembly a mailto link (to your address) with some lines JS and link an image in the noscript block. The spiders aren't smart enough to interpret the JS stuff (won't make much sense - too much effort for getting 0.00001% more email addresses).

I'm getting some too.
I've removed my email from all my sites now, and probably will change it. I can change the email address, instead of myemail@mydomain.it will be myemail1@mydomain.it.
The only problem is that I have to change it in all order notifications and send it to friends, but that could work... basically I change it every time I start seeing too much spam in it :)

Its hurt badly and close to ruined. I think a major revisiting to the email protocol is in order. The best suggestion I've seen so far is the microsoft one that forces a client sending to solve a puzzle (say factoring some number into primes) before sending.

I'm not an expert programmer so I don't know the way, but the solution IS : being able ALWAYS to track back the origins of the email.
Even if now this seems quite a difficult solution, with all those anonymous servers that let you send spamming email.
Anyway, now I've erased completely my old email, keeping only my official one :) this one has Spam Assassin installed and so far got no spam... let's hope it lasts ! :D

A friend at work (probably the smartest guy I know) recently recommended a program called "SpamBayes". It uses a bayesian anti-spam filter and my buddy swears by it. He says after you get it trained it almost never makes a mistake. I've only been using it for a few days so I can't verify that yet, but I'm liking it so far!

http://spambayes.sourceforge.net/ (open source)

TIPS:
- Don't put your email on your website, use input forms instead.
- Like other guys said use a yahoo/hotmail email or an easily deletable alias for any signups anywhere plus use that email on your site's whois.
- Extra paranoia... use an alias you can later easily delete when doing customer support as with enough support emails out there one customer's going to get a worm/spyware that will harvest your email from their outlook. Happened to me.

I forgot to add : having a sourceforge account just for the mail redirector, if well worth it imho.
I use it for my public address, and it redirects to my ISP's email address.
SF.net also uses spam filtering, etc.
Yeah, they've had bouts of flakyiness, but who on the Internet hasn't ? :)
This is a strong factor in the lack of SPAM in my inbox