Fight spam with disposable email addresses

Interlude

There’s spam on the Internet, alright. Lots of it. You receive spam when spammers get hold of your email address. How do they do this?

  1. A friend of yours got himself infected with a virus/worm/trojan horse. This virus reads your friend’s address book and sends all email addresses in it to a spam server.
  2. Spammers try to guess common email addresses, like sales@mydomain.com or mail@mydomain.com.
  3. A lot of websites require you to give them your email address.

    • These websites can (potentially) be hacked and the hackers can download your email address (among all others) from the website.
    • The website puts your email address in plain text somewhere where it can (easily) be found by email harvesting programs.

You can’t really do anything about point 1. You can kick your friend’s butt for not having an anti-virus program running on his computer or for surfing on suspicious websites. But then (in most cases) it may not be his fault altogether.

You can avoid the problems of point 2 by not using so commonly used email addresses (but this may not be possible for everyone).

What this article is about is point 3.

Before we get started, here’s some good advice (not really related to what’s following):

If you have a website of your own don’t ever put your email address in plain text on your website. Use a contact form, JavaScript obfuscation, or even an image but don’t put it there in plain text.

The Concept

How do you cope with point 3? Easy:

You provide a different email address for each website that requires an email address.

Doing this has several advantages:

  • If you receive spam over such a special email address, you immediately know which website is the culprit.
  • If you receive spam, you simply delete the email address. No more spam. You can’t do this if you provided the website with your main email address (obviously).

Although this concept is nice, there’s one big requirement for it:

Creating and deleting email addresses must be extremely easy/fast. Otherwise you won’t do it, trust me.

Implementation

So, how do we do this? We use a so called catch-all email address.

Email flow chart

This requires that you have the ability to create such an email address. Your best chance is if you have your own domain and your domain provider allows it.

Then:

  1. Create a sub domain for these email addresses. (Don’t use your TLD if you can because a sub domain is not that easy to guess.) For example, create spam.mydomain.com.
  2. Create a catch-all email address for this sub domain. This can either be a mailbox or a forwarding.

That’s it.

Now, when register at a website called “my-fancy-shop”, use my-fancy-shop@spam.mydomain.com as email address. “Creating” a new email address couldn’t be easier, could it?

If you want to delete/block an email address, simply create a forwarding to a non-existing email address (like reject@mydomain.com). Then this email address won’t be caught by the catch-all email address but instead use its forwarding address.

Babelfish-Extrem

Man achte mal auf die Beschriftung des (ersten) Tabs:

software-herunterladung

Da hat wohl jemand den Babelfish bequemt

Virus bei Apple

Hat mal einer auf apple.com im Suchfeld das Wort “Virus” eingegeben?

apple-suche-virus

Sebastian KrysmanskiInternetno tags

Google mag mich nicht

Hab eben eine Google-Suche über Firefox gestartet und bekam folgende Seite zu sehen:

google-sorry

Irgendwas stimmt hier nicht

Update: Hab auf einer Google Hilfeseite die folgende Erklärung für das Problem gefunden:

The page you’re referring to is served by Google when we experience a quick spike in traffic on Google.com. If the error page displays a squiggly word with a box below it (which is known as a CAPTCHA), just type the squiggly word into the box to continue using Google. A CAPTCHA helps us determine whether traffic is coming from automated robot software or from individual users, since most robots aren’t smart enough to read the squiggly text.

Sebastian KrysmanskiInternetno tags

Hype, Hype,…

Ich weiß, schon ein alter Hut, aber trotzdem sehr cool: Google Wave. So sähe – zumindest lt. Google – die Email aus, wenn sie heute erfunden werden würde. Kann’s kaum noch erwarten, bis das endlich public wird.

Wer nicht weiß, was Google Wave ist – hier ist ein Video, in dem Google Wave vorgestellt wird. Für alle Nicht-Programmierer reichen sicherlich die ersten 50 Minuten. Dafür sind die aber gut gefüllt.

PS: Google ist natürlich der einzige, der 90 Minuten Videos auf YouTube einstellen darf