Re: anonymous email address

[darren sanborn]

wow! didn't know it was so easy! Although I think this is the right
group. IE privacy

On Mon, 11 Aug 2003 23:58:04 GMT, darren sanborn
<sandmansdream4u@insightbb.com> wrote:

>OK I am a newbie, so clue me in. How do you get one of those e-mail
>address all you guys use?

[Jay T. Blocksom]

On Tue, 12 Aug 2003 01:55:14 GMT, in <alt.privacy.spyware>, darren sanborn
<sandmansdream4u@insightbb.com> wrote:
>
> wow! didn't know it was so easy!
[snip]

Presuming that what you're talking about is address-munging, as opposed to
anonymous posting/mailing (which, as I and others have pointed out, is a
different animal entirely -- and essentially impossible), it's not
particularly difficult. But unfortunately, the "finer points" of
address-munging are not well understood by many people; and as a result of
that, most of the advice you've been given so far is wrong, in at least some
way. I suggest you download and carefully review:

<http://www.faqs.org/faqs/net-abuse-faq/munging-address/>

especially sections 3b. and 4d.

> Although I think this is the right
> group.
[snip]

Well... There's probably a few "better" ones (<news.answers> comes to mind,
for example); but this question is not so far off-topic here that anyone
should be upset by it.

> IE privacy
>
[snip]

*That* is an oxymoron of galactic proportions.

--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Jbob]

>
> "They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety."
> -- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
> NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to
mail.
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
> Unsolicited advertising sent to this E-Mail address is expressly
prohibited
> under USC Title 47, Section 227. Violators are subject to charge of up to
> $1,500 per incident or treble actual costs, whichever is greater.
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-

Jay

I've have also read the posting for AOL users however that was written
several years ago. I question the technique of using INVALID in place of
the domain. In the very same section it mentions not using something that
is too "Standard". If everyone is using .INVALID then wouldn't that make it
easy for the bots/harvesters to just strip out the INVALID and then all the
Spammers need to do is add either .com or .net and then get a users valid
email address? Seems like bad advice to me. Besides you didn't use
invalid in your munge :-)
My $.02 worth.

[Randall Bart]

'Twas Fri, 15 Aug 2003 16:32:20 -0400 when all alt.privacy.spyware stood
in awe as "Jbob" <jbob1957@NoHotmail1.com> uttered:

>I've have also read the posting for AOL users however that was written
>several years ago. I question the technique of using INVALID in place of
>the domain. In the very same section it mentions not using something that
>is too "Standard".

The only munging available in AOL software is tacking extra characters on
the end. You can say user@aol.com.invalid or user@aol.comedy or
user@aol.comeupandseemesometime, but it's trivial for a harvester to find
the address. I guess they think the point is that you're frustrating a
large fraction of the address harvesters, but then you get on a list and
then you get on a hundred lists.

More than half of all email traffic is spam now.
--
RB |\ © Randall Bart
aa |/ admin@RandallBart.spam.com Barticus@att.spam.net
nr |\ Please reply without spam I LOVE YOU 1-917-715-0831
dt ||\ http://RandallBart.com/ Ånåheim Ångels 2002 World Chåmps!
a |/ Multiple sclerosis: http://www.cbc.ca/webone/alison/
l |\ DOT-HS-808-065 The Church Of The Unauthorized Truth:
l |/ MS^7=6/28/107 http://yg.cotut.com mailto:s@cotut.com

[Igor Gutman]

Jbob wrote:
>
> >
> > "They that can give up essential liberty to obtain a little temporary
> > safety deserve neither liberty nor safety."
> > -- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
> >
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> -
> > NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to
> mail.
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> -
> > Unsolicited advertising sent to this E-Mail address is expressly
> prohibited
> > under USC Title 47, Section 227. Violators are subject to charge of up to
> > $1,500 per incident or treble actual costs, whichever is greater.
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> -
>
> Jay
>
> I've have also read the posting for AOL users however that was written
> several years ago. I question the technique of using INVALID in place of
> the domain. In the very same section it mentions not using something that
> is too "Standard". If everyone is using .INVALID then wouldn't that make it
> easy for the bots/harvesters to just strip out the INVALID and then all the
> Spammers need to do is add either .com or .net and then get a users valid
> email address? Seems like bad advice to me. Besides you didn't use
> invalid in your munge :-)
> My $.02 worth.

ah!.. but even here you can you the "munging" - munging inside munging )
like for example .1NVAL1D

just be creative improvize

[Jay T. Blocksom]

On Fri, 15 Aug 2003 16:32:20 -0400, in <alt.privacy.spyware>, "Jbob"
<jbob1957@NoHotmail1.com> wrote:
>
[snip]
>
> I've have also read the posting for AOL users however that was written
> several years ago. I question the technique of using INVALID in place of
> the domain.
[snip]

Not "in place of"; but "appended to" (so that ".invalid" effectively becomes
the TLD) -- at least presuming that you want to leave a human-decipherable
address in that field.

> In the very same section it mentions not using something that
> is too "Standard". If everyone is using .INVALID then wouldn't that make
> it easy for the bots/harvesters to just strip out the INVALID and then
> all the Spammers need to do is add either .com or .net and then get a
> users valid email address?
[snip]

But that is not the only "correct" way to MUNGe, just one of the
possibilities (someone else mentioned that it grew out of the limitations
imposed by AOHell's lame mail system). And further, nothing says that the
address you use, when the trailing ".invalid" is stripped off, must be valid
(or even point to a valid domain). The key point is that the trailing
".invalid" flags the address as... well... "invalid" -- so a (properly
functioning) sending server just stops trying to deal with it and moves on.

I agree that some 'bots attempt to de-MUNGe the addresses they harvest; but
most of them do an INCREDIBLY bad job, so even this simplistic approach is
remarkably effective. Another valid approach is to use <example.com>, which
by definition does not go anywhere; and yet another is to use a
whitelisted/auto-responder address at a domain you control.

> Seems like bad advice to me. Besides you didn't use
> invalid in your munge :-)
[snip]

What "munge"? I don't MUNGe my "From:" address, I *tag* it with a
date-sensitive "plus tag" -- that's a different technique entirely; and one
of the reasons I use it can be found in the phrase... "Give 'em enough rope
to hang themselves."

The "Reply-To: string doesn't use a valid TLD, so it won't resolve or route.
Hence, no wasted traffic (tho' admittedly, the sending server would still
have to do a trivial amount of tap-dancing to determine that, if anyone were
dumb enough to try sending mail to <address@signature.blk>).

Finally, the address in my .sig *is* (lightly) MUNGed; but still uses one of
my own domains -- so any misdirections based on a bad de-MUNGing job would
presumably not be inflicted on others.

--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -