Spam took over one of my email addresses

[Paddy]

Jane, it was NOT the search for the summer dresses. Nobody can just grab your email address when you do a web search. All that can be seen on the other end is your IP address - not your email address. YOUR email address is available (and has been for years) on the Nevil Shute site, and it has been picked up by spam bots and is now listed on that other email list download site I linked to. It's no doubt also on some lists that get bought/sold/traded by spammers.

Kimmer, simply Google your own email address - if it shows up on that site in the searches, you'll have the page it's on, and from there you can search the actual page using Safari.

My primary email address is nowhere to be found when I Google. (GOOD!!) My secondary ones show up here and there because they've been used for domain registrations which aren't private. No biggie - they're GMail addresses and the spam filtering works very well.

[jcarter]

Its totally out there everywhere,
http://www.google.com/search?client=safari...-8&oe=UTF-8

this is just from Google a moment ago.
Machighway, TS, everything I ever had used that email address on.
So there is absolutely no way to narrow down and find out out where/who got it, and how the spammers got it.
But the Nevil Shute one is one blatant culprit.

So guess I better toss this one in the trash and get a new one. Take your advice very soon.

Probably will switch to my Gmail, or my old earthlink one which never gets compromised and its my mostly used email.
Also have some others which have never been grabbed either. Just this particular one.

These spammers sure make a mess of things, too bad we cant ***** them.

[Xairbusdriver]

I don't even know who/what "Nevil" something is but it's not the cause of your email address being harvested. It makes absolutely no difference where you put/host your HTML, if you include your address in that file, it can be harvested. That's exactly what the 'bots' built to look/search for. Anyone, including you, can look at the HTML file of any site. I'm sure you've done that yourself. It's super simple. Whatever you put in your HTML is simply text; anyone can copy that text and paste it into another document. That's exactly what a bot does. A 'bot' is simply a small program that looks at all the text files of any site. Remember, there's nothing magical about a file with an 'html' suffix, it is still just a plain text file. That's why we are saying not to put your address in your HTML as plain text. As long as you do that, your address will be harvested. Period.

[jcarter]

So that site is not the cause of it being harvested? Wont make any difference?

Yes, I know that html code is plain text, thats how I write it in TextEdit anyway.
And I know how to look at source of any page.
I hope that my new pages dont have any of my email stuff in them.

If youve never heard of Nevil Shute books, you should grab one, he wrote 'Town like Alice' and many more. We have all his books. They are very old, but worth reading.
Wish we lived close, I could lend mine to you.
http://en.wikipedia.org/wiki/Nevil_Shute
I just know that you would like his books.
My elderly aunt had met him ages ago, and my collection of his books were given to me by her just before she passed away.

[Xairbusdriver]

QUOTE

I hope that my new pages dont have any of my email stuff in them.

how do you think anything gets put in your HTML? You are the one writing it. Saying you "hope" your address doesn't get put into your text is like saying you hope the mailman doesn't take the letter you put in the mailbox. If you don't want your addy to be harvested in your HTML! then don't put it in there as text. Simple. That's the whole point of us telling you your addy is in your HTML as plain text.

BTW, "plain text" simply means there is no proprietary formatting in the document like what Word or even RTF from TextEdit would have. Absolutely all a browser uses is plain text. It may tell the browser to get something from the server that is javascript or PHP or Flash or audio or almost anything else but the source (what you can see with 'View source or some other command) is just simple, plain text. So is CSS. So is javascript. So is PHP. And, unfortunately, in your site, so is your email address. Don't do that.

[jcarter]

Its not that I dont know what is in my stuff, its just that I have so many old ones, that I cant remember what is in them. It would take me a ton of time to do this, and I really really dont want to bother.
Too much fun stuff going on this summer, to delve into such a time consuming project.
 So I will probably just follow Paddy's instructions and go with a new addy.
Take a look at whats in here from the screenshot, its about 170 separate pages.

I just looked at some of the old puppy picture pages, yea there are tons of them, and all the email info in them is to my gmail address and no problem with it, so far.

[Paddy]

QUOTE(jcarter @ Aug 9 2014, 11:13 AM) <{POST_SNAPBACK}>

Its not that I dont know what is in my stuff, its just that I have so many old ones, that I cant remember what is in them. It would take me a ton of time to do this, and I really really dont want to bother.
Too much fun stuff going on this summer, to delve into such a time consuming project.
 So I will probably just follow Paddy's instructions and go with a new addy.
Take a look at whats in here from the screenshot, its about 170 separate pages.

I just looked at some of the old puppy picture pages, yea there are tons of them, and all the email info in them is to my gmail address and no problem with it, so far.

Ok - let's clarify a few things. When you did that Google search, Jane, it pulled up a number of hits, but if you look at the results a bit more closely, you'll see that almost all of them have your web site address (the jcdouglass.net part) in them, but NOT your email address. The instances of your email address being out there clearly visible are relatively rare; the Nevil Shute site, the capecode site (which I'd forgotten about) and that email list site. Any one of those could be the source of the issue with the spam. All it takes is one bot, putting you on one well-circulated list...which likely results in it getting on more lists...and you start getting spam. Sometimes you can't tell where it's coming from. Sometimes you sign up for something/into a trusted site and they aren't actually quite so trustworthy after all and/or an employee sells the info on the side. You cannot always track things down. And in the end, it's actually not going to help anything as you can't stop the spammers on that address.

All you can do really is make sure that you're careful going forward with the new address, and get another new address that you use just for the less-trusted sites etc. I do get the odd bit of spam on my primary address - a couple a week at the very most. I have absolutely no idea where they came from, as I never use that email addy anywhere that I'd be suspicious about. It's not an issue though - it's hardly the flood you're experiencing.

Any time you put your email address online anywhere in either the text that is displayed, or in the HTML (a link) the spam bots can get it. There are rare ones that apparently will decode the ASCII code for the "@" too, according to what I've read, though I've yet to have that happen in real life on the few sites I still have up that use that masking tool. For the most part, spambots are lazy (or the coders are) and they just look for the "@" in the code and the displayed text, because they do just fine gathering lots of working email addresses that way. That is why you should use a contact form that doesn't contain the email address. There are lots of them out there and you don't have to pay for one that works. See: http://ftutorials.com/responsive-html5-and-php-contact-form/ for instance.

Also be aware that spammers will send spam to commonly used email addresses at domains whether those addresses exist or not; "info@yourdomain.com", "webmaster@..." - you get the picture. It's a scattershot approach which probably isn't terribly effective, but they still use it.

[jcarter]

Hi Paddy,
Thank you for explaining this so well, its all a mystery to me!
Now I understand it a bit better.

Except for the few courses in web stuff that Ive taken, Im mostly self-taught, thats why there are HUGE gaps in my knowledge, and thank god for TS, you all sure have filled in some of my gaps, and I dont do anything with my computers without consulting you all first! I have learned so much here!

I too have a primary Earthlink addy which I shop with, but I usually stick w. Amazon, LLBean, and the ones like this which I trust......(no more summer dress links!)
I dont plan to use a contact form, but I am saving that link, as I took a beginners course in HTML5/CSS3 last fall, and hope to take the next level up this winter.
So if I need a contact form, or if the instructor calls for one for us to learn, I can use it.

I notice that my Gmail address gets only a couple of spams a day, and my Earthlink one gets almost no spam. And my other one which is my other web site address, gets zero spam. Same with my several Mac ones, almost zero.

This family one sure got compromised.
Guess Ive been very lucky over the years.