Re: Spam and using a real email address

On Sun, 11 Jun 20060, in the Usenet newsgroup news.software.readers, in article
<87fyibx13i.fsf@xxxxxxxxxxxxxxxx>, Neil Woods wrote:

I figured at the time (rather naively in retrospect) that if I munged
my email address then the spammers had already won.

I don't know if they won or not - but they certainly killed that goose.
Several years ago, there was Rob Clark's "winmodem web page" (look in
the Hardware-HOWTO, Linmodem-HOWTO, or Modem-HOWTO) that was a treasure
for Linux users - this page listed working and non-working modems, and
for the working listings, there was a link that allowed you to mail
the person who had reported on individual modems. I was listed as a
contact for six modems, and used to receive several mails each week
asking for help on setting up those modems (to the extent that I had
nine canned response mails to answer most requests). Spammers found the
page, and started flooding those addresses with the usual crap. As a
result, the page is now history, and we've lost a useful tool.

There is one thing you have to remember about email. It is not, and never
was considered a reliable medium of communication. Things get lost, or
run into spam filters, or firewalls - it's a "best effort" mechanism
and nothing more than that. If it works, great - but you'd better not
base your business, security, or sanity on the email getting through,
because there is absolutely NO guarantee - implied or otherwise - that
it's going to work.

I've considered using a .invalid one for some time, but have resisted.
After all, this address is already "out there" - changing it to an
invalid one will not stop spam being delivered to this address, and
anyway the anti-spam measures I use are pretty effective.

I think most of us have had to resort to using rather extensive filtering
on incoming mail. Years ago, while still using dialup, the spam/ham was
getting over 20:1 (and we look back at that as being the "good days"),
some of the spam (and all of the windoze viruses) were large files of
totally useless bandwidth. I originally would just press 'd' on the
mail tool, and finally started saving the headers and first few lines
of the body for later analysis. That allowed me to create a dumb tool
to look at the headers on the POP server, and filter on that. Looking
at the log for the two public addresses I still use, I see that the
tool is deleting ~350 messages for every _one_ that it passes, and I'm
still seeing maybe one in twenty that get past the filter being spam.

But if I was to start from scratch again, I probably would use a
.invalid address.

I have three ISPs, two of which allow me to use up to five mail alias
addresses; the account AND aliases were all generated using a random
character generator ('head -2 /dev/random | mimencode' and select a 12
char string from that output) to avoid dictionary/phonebook attacks. It
used to be that we only used that command to generate initial passwords
for new users - now I'm using it for that AND usernames???

All good reasons to use XNA. Also useful for repetitively posted FAQ's,
and the odd test posting (unless said test posting NG has an
auto-responder).

I really haven't paid attention - does google not follow the 'Supersedes:'
header on FAQs? I know two of the news servers I use follow that header,
and one ignores it.

Old guy
.

Relevant Pages

  • Re: Junk Email - Obvious SPAM being overlooked
    ... The RFCs do not define what constitutes SPAM. ... The actual routing of the email is indeed included in the message headers. ... Now, while it is true that I am a single recipient of the email, I own my ... filter them out, and certainly *not* harmful. ...
    (microsoft.public.outlook)
  • Re: Offtopic PHP mail problems with MSN
    ... But with msn it is neither bounced, ... Microsoft uses two filters on their sites, first a filter that make a a first ... line detection of spam, everything caught here are piped to /dev/null, on the ... your php script, don't send a mail without additional headers, but don't try ...
    (alt.html)
  • FAQ: Canonical list of questions Beavis refuses to answer (V1.50) (was Re: Email Forwarding, is that
    ... His response, if any, usually consists of replying to the parent post with a loud proclamation that his Usenet-reading software runs a magical filter that automatically identifies anyone who's making fun of him, and hides those offensive posts. ... If your Challenge-Response spam filter works so well, why are you munging your address, when posting to Usenet? ... If spammers avoid forging real E-mail addresses on spam, then where do all these bounces everyone reports getting come from? ... Since your headers indicate that you use slrn and, as far as anyone knows, the stock slrn doesn't work that way, is this interesting patch to slrn available for download anywhere? ...
    (comp.mail.misc)
  • Re: how can antiSPAM miss this one ?...
    ... > It might not be spam. ... > message body as well as the IMF that will scan the headers (which the ... as OL2K3 as the ability to filter SPAM even without E2K3+IMF, ... if it filter only on headers, do I need to activate it when IMF is running? ...
    (microsoft.public.exchange2000.admin)
  • Re: how can antiSPAM miss this one ?...
    ... > It might not be spam. ... > message body as well as the IMF that will scan the headers (which the ... as OL2K3 as the ability to filter SPAM even without E2K3+IMF, ... if it filter only on headers, do I need to activate it when IMF is running? ...
    (microsoft.public.outlook.general)
Loading