Recent estimates tell us that 90% of all emails in the world are spam; in that sense, junk mail will unavoidably reach your email account, regardless of precautions you take. But modern email programs come with "junk mail filters" - the mail client "detects" if a message is legitimate or not based on a number of criteria, and places suspicious emails in your junk mail folder. Most email providers also run their spam filters before emails even reach your account, which effectively doubles your protection (this explains why 90% of your emails are not spam: most junk messages never get to your account, let alone your inbox). But what can you do (or not do!) to avoid spam for your email address in particular? You'll also learn why some email addresses are destined to be spammed to death, whatever measures you take to shield it from unwanted attention.
Steps to protect your email address
Never reply to a junk message asking the sender to stop sending you spam! If anything, this will let the spammer know that your email address is valid and active; but it could also reach an innocent bystander whose email account has been hijacked.
Never post your email address online, in public forums or guestbooks; in fact, avoid entering your main email address in any form you find online - not only is it difficult to ascertain whether the site owners will respect your privacy, but websites are regularly hacked throughout the world (if your email address is listed, the hacker will typically see it - email addresses are typically not stored in "encrypted" (hidden) format). Tip: don't use your email address as username in these forums either, since it appears publicly whenever you post something.
Make sure that your email address is not publicly visible on Facebook, Twitter, or other social networking site you use. In fact, it is a good idea to use a separate email account for various types of sites (how to change contact email address on Facebook).
When buying a domain name, don't provide your own email address for the public contact or administrator fields: if possible, use a separate email account that you monitor now and then. (But use your real email address when registering the domain).
Keep the default security settings for your webmail provider (Hotmail, Yahoo Mail, Gmail, etc.) or email program (Microsoft Outlook, Windows Live Mail, Mac Mail, etc.) These programs / providers all hide images found "linked" inside messages because they can be used to determine if your account is active (a godsend for spammers who know they are reaching you!) Also, never click on any links (fake unsubscribe or others) inside spam messages - those could install spyware on your PC or at least confirm to spammers that your email account is active.
Try keeping the default spam filtering level: increasing your spam filters may seem like a good idea, but you may end up spending more time sifting through your junk mail folder to "mark as safe" legitimate messages that were mistakenly filtered as spam: those "exclusive filters" (that, for example, only let through to your inbox messages from contacts) are especially unsuitable for email addresses you use to conduct business, since you can't know in advance from where your prospects will email you!
In addition, or instead of, using multiple email addresses, consider using "disposable email addresses" (or "alias"), a feature offered for example by Hotmail and Yahoo Mail, which lets you setup a temporary account. In our experience, using different addresses for different purposes is an easier-to-manage approach.
Always run an up-to-date antivirus software or malware protection on your computer (like the free Microsoft Security Essentials suite) to avoid becoming infected, particularly by "mailers" who use your computer as spam sender or relay.
Make sure you understand websites' privacy policies when you send them an email: some support requests will automatically be posted online, including not only your email address, but your name and any other information you included in the message!
Things you may not be able to avoid (but to keep in mind!)
Not everything is under your control, but knowing this information may help you avoid some problems, or at the very least explain why your email address gets so much spam!
If at all possible, avoid using common "usernames" (the part of an email account that comes before the "@" symbol), since these are automatically spammed - that includes "sales@...", "webmaster@...", "contact@...", "questions@...", etc. Tip: the counter argument is that an address like firstname.lastname@example.org is such an expected and easy-to-remember email address that you should use it despite the amount of spam it will surely receive.
If you are lucky enough to have your first name as username (something like "email@example.com"), you will be spammed to death - even something less likely, like firstname.lastname@example.org, will receive high volumes of junk mail (numbers after first names are the most common way of getting an otherwise unavailable username).
Email links: it is convenient for users to have a clickable email link (in addition to a contact form) for small business websites: but expect that email account to receive lots of spam - choose carefully which address to list on that page!
If one of your contacts' email account was hacked, and your email address was in their address book, you may well start receiving more spam, appearing as coming from that unsuspecting person's account, or other addresses.