Please note, this is not about spam filtering. Filtering is like shutting the barn
door after the horse has bolted. Having said that, it is often necessary, but luckily can be
done when it is.
This document is about protecting your email address so that it does not get into the hands
of those who would abuse it. Now that is easier said than done. Consider all of these things
that you may do on the internet:
- Post to a publically viewable forum, mailing list or usenet group
- Sign up for a “special offer”
- Register for access to a site
- Put your contact details on a web page
- etc, etc …
Each of these things (and no doubt many more that I haven’t thought of) put your email
address within reach of friendly spammers. Once they have it, it has a tendency to multiply
as those helpful people share their information with each other!
… So prevention is much better than cure …
How to do it?
Only one option:
Never. Give. Your. Email. Address. To. Anyone.
That’s it, problem solved, no more spam.
What? You want to get email?Then why are you reading this?
Oh, you want email from friends?Well, that’s different!
OK, you can’t not give your email address, but you can be careful who you give it to. My
advice is this:
- Never put your true email address on posts to mailing lists or forums.
- Never give a company your true email address.
- Never put your true email address anywhere on the web where it can be freely read.
- Be very careful which people you give the address to. Are they likely to send
pointless messages to everyone in their address book, which then get forwarded on and on
and on, with the entire history of to: and cc: there for the whole world to see. Unfortunately,
you may be related to such people and have no choice, but just think about it.
Notice I said TRUE email address. The alternative is to use an address that is not true. What do I mean?
- Wherever possible you could just make up an address, but
we are assuming that you want to receive at least some mail from this person or group (even
if it is just a confirmation to your registration). This option is obviously limited.
- For web pages etc, you could always do something like this: myusername at bigpond dot com.
Spammers use “robots” that scan web pages for text in the format of email@example.com. This avoids
that, but the spammers and their bots are getting smarter, so this way wouldn’t work for
- Use an unimportant webmail address (hotmail, yahoo, gmail etc) for spam-attracting stuff. This
could lead to problems later, but you could always delete it and start again.
- I consider the best option to be …
Disposable Email Addresses
. This is basically what this document is about. I personally use a combination of two systems,
which I will outline here.
Address Guard by Yahoo!
This method requires that you have a Yahoo! account and have activated your web mail with them. If you don’t want to give Yahoo your true email address, go to the following section first then come back here.
From the main yahoomail page, click on “Mail Options”, then click on “Address Guard”.
I suggest you take the time to go through the “tour”.
First of all, you will need to create a “base name”. This forms (as you would expect) the “base” of your disposable email addresses. Make it different to your Yahoo! ID.
Then you can create a disposable email address as you want one, just follow the prompts. The addresses take the form of:
where BASENAME is your base name and AFFIX is whatever characters you want
(make it something related to what you are using it for so that you can recognise it later!)
A few points:
- It is possible to use the addresses so created to send mail from (using Yahoo mail) if you
set them up to allow that.
- It is possible to filter the email so that all the messages to the DEA go to a certain folder
(again, this is set up when you first create the address, but you can go back and edit these settings later.
- If you start getting spam to that address, simply delete the address (It’s disposable, remember!) And as an added bonus, you also know who is responsible for selling your address (you only gave this address out to one person/organisation right?)
The disadvantage to this system is that each disposable email address must be set up manually first.
To counter that problem, see the next section!
Spam Gourmet (www.spamgourmet.com) is the ultimate in on-the-fly disposable email addresses. The name comes from its creators desire to “eat” as much spam as possible! Its use is somewhat complicated at first, so listen carefully…
First, go to www.spamgourmet.com and create an account. Standard fare, nothing to see here folks. Just two quick points though:
- They do ask for an email address. This is important as they forward the “real” mail that
comes through their system to it. So don’t make one up!
- Try to make your username as small as possible (ie with as few letters/numbers as possible). This just makes your disposable email addresses shorter. Handy, but not essential
That’s basically it. You do not need to create your addresses first like you do with Address Guard, they are literally created “on-the-fly”.
The addresses have the following format:
- EMAILNAME = the name you give the address. This could be anything. For example, if you are signing up for an amazon account, you could make it “amazon”
- NUMBER = How many message do you want to receive to this address before they start getting “eaten”. This can be any number (but the most you can set it to is 20, any higher number will still only allow 20 through) or any letter or word. If alpha is included instead of numberic, then the point at which the first letter of the word appears in the alphabet is the number allowed (a=1, b=2 etc). NB: It is possible to “reset” this number on the spamgourmet page, but I won’t go into that here.
- USERNAME = your spamgourmet username
- @ spamgourmet.com – there are other alternatives (all the domains registered by the spamgourmet folks). I personally use xoxy.net because it is the shortest.
So when you sign up to amazon, put your address at firstname.lastname@example.org and you will get up to 10 messages from them (or whichever spammers they have shared your address with) and then all further messages will be “eaten”.
A few points:
- You can add “trusted senders” (or domains) so that all messages from that address will get
delivered and not advance the number of messages. You can add any number or senders to your account (which will work for any of your addresses) and/or each individual address can have one trusted sender.
- If you reply to a message that comes through the spamgourmet system, it goes back via
spamgourmet and looks to the recipient as if it had come from your disposable email address.
- You can (using a form on the spamgourmet page) generate an address to send a message to so
that it will appear as if it has come from one of your email addresses (this works in the same way as the reply trick above)
- The home page has heaps of added features for managing your addresses. Please explore
further (though I am happy to help if I can, email me at email@example.com
- If you start to get lots of unwanted messages from an address you can always drop the number of messages remaining down to zero and hide it and not use it any more. You do not delete these addresses, because if you did, it would just get regenerated the first time someone emailed it again!
OK, this is a real hack of a document, but it’s a start.
Bottom line is: prevention is better than cure. Watch who you give your unprotected address
to and where you put it where it can be seen!