Question from the comments

On yesterday’s post there is a question in the comments that I think needs a bit more discussion.

I guess the real question as a recipient is if you are getting so much spam that you cannot spot the good from the chaff, what did you do to start with to get your address syndicated on so many bad lists?

There are a lot of ways spammers get addresses. Some of them rely on users to submit email addresses to various web forms. Many of them don’t.

1. Having an email address for a long time. The address I’ve had for 15+ years (and stopped actively using for any mail in mid 2003) gets a lot of spam.
2. Have an email address in any sort of public place. The two email addresses I have on webpages get lots of spam. One of those addresses is actually the contact address for Word to the Wise sales and receives perhaps 3 or 400 spams a day.
3. Send email to someone who subsequently gets infected with a virus. Viruses are scraping computers and sending lists of email addresses back to the mother ship.
4. Send email to any public mailing list.
5. Sign up with a trustworthy company that subsequently gets hacked and their list stolen. My addresses have leaked from such giant companies as Intuit and Sony.
6. Just have an email address, even if you never use it or never give it to anyone. There is a lot of very bad spamware out there that will create email addresses. I get lots of spam to laura-infodd@ and laura-infonn@ addresses. These are not tagged addresses I’ve ever used anywhere, but they’re getting spam (hundreds a day).

Not every bit of spam is a result of what the recipient has done. Having the same email address for more than a year or 18 months means that it is out there and the spammers find it, even if the recipient is very careful with where they give the address. For instance, one of my email addresses has never been used to sign up for any commercial email, but received almost 300 spams yesterday.
Spammers will find you, even if you closely protect your email address.