RSS
Twitter
Smart Email Addresses Could Slice Spam
from the the-next-step dept
In the past, the question of single-use email address systems like Sneakemail have been discussed here. Now, a researcher at AT&T is trying to take that system even further to prevent spam. His idea is to not only have multiple single-use emails, but also to encode in the email address the rules under which people could use it. Whereas most current single-use emails are designed to be deleted if mis-used, this plan would designate that a certain email address can only be used if emails are sent by a certain company. Of course, there are some problems with this system (as mentioned in the article). You would still need a general purpose email - and if that got out, then you'd get plenty of spam. Also, if someone doesn't realize the email address you've used with them is specific to certain circumstances they may try to contact you later only to have their messages bounce - and not understand why.
Reader Comments
(Flattened / Threaded)
No Subject Given
My experience over the past 2 years of using SpamCop to track/filter/kill spam is taht 99% of my spam is associated with an old bigfoot address, 1% with my ISP, 0% targets addresses on my domain. Now that I killed bigfoot, I get 3 pieces of spam a week, all sent to my ISP account.
Spammers found my bigfoot address by chance, and my ISP account by chance. Use all the re-directors you want (and Mike knows I use a lot), but they'll ultimately find your ISP.
So, the only way this won't let spam through that backdoor is if you have a whitelist.
If you have a whitelist, will building these "new" features into e-mail offer you any more protection.
(reply to this comment) (link to this comment)
No Subject Given
Some people simply write their email addresses like this:
me at you dot com
most humans understand the meaning, but virtually no email harvesters do.
(reply to this comment) (link to this comment)
Re: No Subject Given
You wish - not exactly hard to write a harvester that dealt with that and most other pointless tricks. Just because at the moment they may not have done it doesn't mean they won't.
(reply to this comment) (link to this comment)
Re: No Subject Given
Maybe you COULD write a rule in the harvester to harvest THAT "pointless" trick...but there are plenty of other variations like...
me(atsymbol)myisp.fuckoffspammers.com
or takethisout.me@removethistoo.myisp.com
and so on...
And at this point, you (as a spammer) will now have to keep adding/programming new rules and now the spammer is playing catchup with the spammee...rather than as it is now where the spammee is playing catchup with spam by writing new filters everytime something else gets thru.
(reply to this comment) (link to this comment)
Slashdot offers this
one of the preferences in Slashdot is to use "random spam armoring" it changes weekly, right now my email address on postings is:
"mrmultimedia@yahCOMMAoo.com minus punct"
Yes harverstors can be written to pull out the real address, but it's difficult to do on a large scale, and changes weekly so as you said they're always playing catch up. Plus the current one seems especially good to me because the code to pick the real info out has to be pretty smart--it either has to know that the word "COMMA" or whatever else they use is actually a form of punctuation--or the person has to actually think of all the words that might be used "period" "questionmark", etc which is a whole lot of time to spend.
(reply to this comment) (link to this comment)
Add Your Comment