Now that we've taken a look at getting a handle on our email spam, it's important to try and figure out how to really get on top of it. Sure, we can manage the spam process, and try to make sure that it doesn't get the better of us, but to make the most of it, it is important that we understand how email works to get the most out of the process. Since I use pair Networks, this will naturally look at it from that angle, but much of this can apply to any service.
First, of course, you have to be aware of the spam that you are receiving. We have already talked about that. But then you have to make sure to do everything in your power to keep from receiving more of it. While I know there are lots of people who swear by GMail for it's effectiveness in fighting spam, I have to say that I really don't find it any better than any other tool. You just have to find what works best for you. That doesn't mean that GMail is bad - it just means that is isn't going to be the best because someone says that it is the best.
Over the last few months while I've been watching my spam mail, the most important thing that I've noticed is that surprisingly, very little of it actually comes from sources that I have given my email address. This is interesting because I used to spend a good amount of effort setting up vanity addresses, such as domain at example dot com, so that I could determine the source of the spam. In the end, however, only rarely does one of these actually trigger any significant amount of spam.
Easily the winner in the spam-generation department are those addresses that are found online. In other words, don't post your email address where it can be spidered. You might think that this goes without saying, but it's really a simple truth. I still receive email from addresses that haven't been available online for years. So don't post them online. It is really as simple as that. Once you have eliminated that source, there is a good chance that your email spam will go down dramatically (well, it won't go up - once you're on the list, you'll likely never come off).
The second most common source is related to this method, and that is by taking the address and removing a letter. So in the example above, you might see omain at example dot com. When that stops working, the email is sent to main, then ain, then in, and finally just n. I have seen the spammers add letters too, but it isn't as common a practice as removing them.
Of course, this method requires a "catch-all" address - where undeliverable email is routed to an actual mailbox, so if you can, turn it off and you'll be handsomely rewarded. If you can't do that for some reason - say if you like to set up vanity addresses like I do - then you'll have to start blocking those email addresses as they become popular targets. When you do this, it's generally best to do so at the mail server if possible. On a pair server, you'll want to use a discard recipe, because it's the most efficient. While you can use a procmail recipe, it's more complex to set up and maintain, and it actually causes more headache for the server (I asked).
While bayesian filters such as SpamAssassin do work to weed out email that's addressed to valid destinations, your best course of action is to try to prevent the mail from being delivered in the first place. For this reason, you may want to switch addresses periodically. I've recently adopted a practice involving the year - so this year's address has 2008 in it, for instance. I don't ye t know how this is working out, but I'll keep you posted.
I'd be intersted to hear about your own results in the war against spam. Let me know!