Slashdot Mirror

I agree, go to the source of the problem, companies that violate your trust by giving or selling your email address, use something like Sneakemail so they can be caught in the act. The blame can be shifted away from the untouchable offshore spammers and the tedious open relay wack-a-mole and shame those who secretly put the process in motion.

Sigh... freaking morons.

The previous company I worked at did this as well. Pissed the hell out of me, since I could no longer get to my email and I prefer to not give out my work email out over the net to avoid the spam.

The really idiotic think is that they blocked sites like Sneakemail too, which is just a redirector service.

I can understand the need to block webmail sites, since there are too many idiots out there, but at least be intelligent about what gets blocked.

SHUT UP ASS

Sneakemail has been running for over 2 years and is doing great. We're almost ready to release version 1.5, soon after 2.0.

I see no reason why somebody would think that asking for donations is a sign of impending doom. We obviously dont make money from advertising if you look at all the ads we run.

We've been running through private donations for quite a while and we've gotten good at running cheap, now with the users donations, and soon premium paying accounts, we're rock solid and the future looks even better.

Here's the link to Sneakemail

For those of us without the resources to run an mail server and create our own email addresses through it, sneakemail is a great resource to limit the amount of spam you get. If any of you haven't heard about sneakemail yet, it's a service that autogenerates email addresses for you (like asdoifu9832@sneakemail.com) which you can give to registration forms or list as a contact email and have forwarded to your real account. If it turns out that the registration form results in spam, you can get rid of that email address, and you also know which registration form it was which resulted in the spam. I really recommend sneakemail to anybody who hasn't tried it yet.

Ive been using sneakemail.com.

It is pretty good. You can create a fake e-mail address like osifj823494@sneakemail.com and allows unlimited number of e-mails forwarded to your real email address.

You can easiliy detect if you are receiving spam from the fake e-mail address you created and easily realize which website sold your e-mail address to spammers. You can later delete that fake e-mail address and stop the spam.

Maybe they're smart enough to cull these out of their database, but unless that's so, the site doesn't seem to be used for massive email harvesting.

Have you looked at sneakemail? It generates permanent random mail addresses that forward back to your "real" address. You can configure the name that gets inserted into the name when it forwards (i.e. "Spanish Cypercafe One") as well as the name people see when you reply ("Mr. Fly").

It saves a lot of tedious filling out of Hotmail accounts and attracts a surprisingly small amount of spam. (And you get to find out who spammed you...)

It is basically the same thing with a web interface.
I've been using it for a while and it's great. Only downside is that because you get hashval looking addresses, it's impossible to remember them (it can be annoying to have to look them up to login to a site).

Dude, this is what Sneakemail for...

I'm surprised that no one mentioned sneakemail. I've been using it for almost a year now, and I've gotten only two spam messages, at addresses I used posting to usenet. I simply deleted those email addresses; no more spam.

Didn't slashdot have a story a while back about a study on how to get on SPAM mailing lists? I believe they found that posting on usenet was the worst.

Sneakemail is still free, but they are now asking for donations.

See http://www.sneakemail.com

I thought of that and sent him mail using my Sneakmail account.

I highly recommend everyone check out Sneakmail. You create an account, then for every time you must give out an email address to an untrusted source, generate a new sneakmail alias which forwards to your real email address. There's a unique lahel assigned to every address so you can track spam back if you do end up getting spam that way.

Introducing Sneakemail - when you absolutely, posititively have to send an email, but you don't feel like being spammed for your efforts. There's also Spam Gourmet, which actually looks more appropriate in this case, but I've not signed up there yet.

they are probably keeping the option open of doing no good. If you want to track this, sign up using a disposable email address from Sneakemail.com, you can put your password in it too if you ever forget. If they eventually get around to spamming or selling this address you'll know where it came from

I also have my own domain name but I'm limited to 5 forwarded email addresses. I wanted to do what you suggested a while ago but couldn't. Then I stumbled across Sneakemail and it basically did everything I had intended anyway.

In a nutshell, you sign up for an account, giving only a contact email address (I use spam AT threewordslong DOTTY com). Once logged in you can create a new, randomized email address for each new web service that needs an email address. If one of these services spams or sells your sneakemail address you: a) know exactly who did it and cease further business with them and b) can filter on that specific email address.

It's a great service and no, I don't work for them...

Check out sneakemail.com - it does basically this, but at their domain name, and you can set filters of particular addresses, or just delete them. Very useful idea, I'd definitely be willing to pay for it though...

I guess for most people this isn't an option but it works for me

It's a great idea. If you don't want to do it yourself, use Sneakemail instead. See my email address? I don't want the spambots to get my real one. :)

Gmanske.

If you are the master of your own domain (ahem...), don't hesitate to create a new e-mai alias for each account you create with another Web site. (e.g. yahoo@yourdomain.com, amazon@yourdomain.com, etc.) That way, you at least can track who's selling e-mail addresses, and spread the word.

Rather than filtering incoming mails and taking the legal route with the spammers, I'd like to remind you 2 excellent services that can be used to avoid getiing your email address on spammers' list in the first place: www.spammotel.com and sneakemail.com

If you run your own mail server you can do this stuff yourself - I mean "one-time acounts" and so on. But sneakemail is just too convenient (or I'm too lazy and tired by the time I get home...)

You could always use Sneakemail - gets you a (virtually unlimited) number of e-mail adresses in the format of [random letters/digits]@sneakemail.com. See my e-mail as an example. Sneakemail is free, and the addresses all redirect into one account. You can specify filtering for each addy, and remove/replace one if the spam load gets annoying despite the filters. More info on their homepage.

(And no, I just work for them. But I do think the service rocks.)

You could always use Sneakemail - gets you a (virtually unlimited) number of e-mail adresses in the format of [random letters/digits]@sneakemail.com. See my e-mail as an example. Sneakemail is free, and the addresses all redirect into one account. You can specify filtering for each addy, and remove/replace one if the spam load gets annoying despite the filters. More info on their homepage.

(And no, I just work for them. But I do think the service rocks.)

It does exactly what you are talking about, only you dont need to run your own mail server. They forward to your real address. You can set each alias to allow all, deny all, allow all except specifically blocked (per sender), or block all except specifically allowed (per sender).

So basically I have a slashdot alias, but slashdot@slashdot.org is the only person who can send mail to that alias ;-) All the other emails are put into a "mail-dam" that I periodically check for anything of real value. You can also set it to instantly trash mail from senders you dont allow.

I run ORDB on my mail server as well, and I will soon be blocking all of APNIC, I go several days now with no spam while receiving tons of legitimate email.

On the off chance I get a spam, I immediately report it to spamcop.net

You need to attack spam on many many levels for it to be effective ;-)

try out sneakemail.com, free service for dealing with this sort of thing.

I use thier perl command line client, so all I need to do when I buy something is type './sneakemail.pl -v -na company' and thiv them the produced address. If they spam it, I tell sneakemail to bounce stuff to that address.

The Ad-Zapper for squid works also fine, and if you're what the slashdot users usually pretend to be, you should run squid, not junkbuster. ;)

Also, for spam in general, or rather against it, SpamMotel and especially SneakEmail work like a charm; SneakEmail even lets you reply to (suspected) spammers without revealing your real address.

Of course, if you have your own domain/MX and mail server, you can generate these "one-time" email addresses yourself - but using sneakemail is just too easy and convenient.

also known as Sneakemail.

Sneakemail -- Disposable email address service

I use these guys and I never get spam, the rare ocasion I do, I know who leaked it/sold it... or where it was harvested from.

1. The mail claims to be From someone I have pre-approved.
2. It's from a mailing list I've registered with.
4. The email contains a special approval code to bypass the checking.

The way you describe it make's sense. It's almost like a stateful firewal for email. Block all incoming, with certain exceptions. Allow all outgoing. Allow the responses to those back in.

Hmm. Perhaps my SMTP server should keep track of who I send email to, so it can automatically accept the replies and block the others. There'd be problems with that of course, since replies don't always come from the same address. But it's an idea to play with.

http://www.sneakemail.com

I am VERY satisfied user.

Oh, and for some annoyances http://www.spamcop.net do the job really well.

That's exactly why I use sneakemail. It gives you a random email address like asjglkjg176489@sneakemail.com. When an email is sent there, it goes to your inbox. You can have as many aliases as you want (They suggest 1 per site you sign up with). If you receive spam on one of them, you can just disable that alias. It's really great.

For those that are unaware of how Sneakemail works it's related to one time email addresses, and routing the mail to your 'real' address.

Admitedlly a hassle, but if you use a unique alias for each web registration, etc... it is quite simple to determine which one was responsible for the UCE and delete the alias.

I use several Yahoo accounts and my spam rate has been non-existent since I started using it. it seems to work well.

This is a wee bit offtopic.
Sorry to hear that you have that much problems with shareware programs. Anyway, you said that your email identity was changed and you couldn't prove that you bought the software. Well, why not register using a free email account or something like Sneakemail.

Looking at your arguments, I generally don't agree. However, interestingly enough, I agree with your conclusions. :-)

1) It adds little or no value.

I'm just now using HTML coding to emphasize what I'm quoting and what's new text (mine). Agreed, this could be done using quote marks in mail, but the usage of <I> and <B&gt makes me able to add readability value. More if we start using lists and their markup instead of ASCII. I'm sure you've seen what quoted lists look like after a few generations.

You know, I'm not talking about using <H1><FLASH> here. Just the kind of editing you'd find in a book.

2) It wastes bandwidth

I just looked at one of my mails here. The headers were 1634 bytes; the mail body was 1000. Ergo, header information in short mails make up a larger portion, relatively speaking. Also, note that I'm not talking about posting MsWord documents in HTML - those are bulky. I'm talking about bold and italic tags, the occasional HR, and embedding a sig in FONT SIZE 1.

Everything consumes bandwidth. You're putting personal opinions here as to which bandwidth is "wasted" and which is not. At some point, this needs a drilldown as to how much bandwidth feature X uses vs. its extra value for the communication; at this point, when looking at manually composed mails, we're talking about 5% maximum size increase. I really don't think that is worth crying murder over; energy is better spent elsewhere (such as reducing those damn headers).

3) Not all mail readers cope with HTML properly

This was what the entire discussion was about, and I think is a valid point. However, if you were to stop using a standard every time a new client emerged which did not support it, you'd have a hard time using any standards at all. You have to make blind assumptions about the capability of your recipient vs. the message you want to convey. This happens every day. For example, you typically assume that a person you address for the first time understands English. Every now and then, this turns out to be not true. These occasions do not and should not stop you from using English.

4) HTML spam is much worse than plain text spam.

Agree wholeheartedly. However, mostly I find this to be due to overformatting and making the mail an angry fruit salad. I've seen HTML spam with good HTML usage, too.

Regardless, you don't have to convince me spam is bad. I use SneakEmail to cope with this. Excellent service IMHO. And free. I never get spammed any more to my primary addresses.

5) I have a big, fast connection now, but I didn't two weeks ago. Until two weeks ago, i had a 33.6 dial up connection with 'phone charges per minute. HTML mails sucked then because they're bigger, and they almost invariably come with img tags

Ok, so now you're talking about HTML mail in general, and not the ones I send. Like I said, my markup generally adds a max of 100 bytes to an e-mail message, and again, I believe this to be a good tradeoff for the increased formatting.

At the company where I work, people always use HTML or rich text messages. It didn't take long before I started to dislike plaintext, which I'd used 15 years before that - mostly in FidoNet, actually.

That said, I do think that everyone should feel free to send mail in whatever format they want. Of course, everyone also has the right to request that people communicate with them in a different format. Kind of like if I started speaking Japanese to you - I'd expect you to ask me to speak English.

Hm. You know what? It actually looks like we've been in agreement most of the time. :-)

Crystal Falcon

Their website is here.

At sites where I am buying something, I have tried using the site name in the second line of the address, but they never seem to use it. I need to come up with a way to put something like:

attn: p09869jpiuy

in there so they will use it and I can cross reference to figure out who sells my meatspace info. Everything I have tried so far seems to get ignored or dropped

I get my phone bill via the USPS, without an address, I doubt the mail carrier would be able to deliver it :)

But the point is that none of this information is necessary.

Agreed, they shouldn't information beyond the phone number. If they want more than that for verification, they should at least secure the page.

undoubtedly so that they can send you spam

I created an email address specifically for filling out this web form, I can't wait to see what kind of spam starts rolling in to that account. Sneakemail is great for this. I highly recommend it.

Someone else mentioned in a comment that a recent Colorado Supreme Court decision that ruled that the information gathered for provisioning of a service is owned by the person not the company. As a Colorado resident, I will be researching this further in hopes of filing a lawsuit against Qworst.

Or just use sneakemail

tljkagjdlkhkjrf@123.45.67.89

Or go to Sneamemail

The Sneakemail service is my favorite spam-fighting tool.

Log in to Sneakemail every time a website asks for your email address. They give you a unique address (@sneakemail.com) which you then give to the website. At the Sneakemail site, you can configure it to either forward, hold, or trash your mail.

For instance, you can tell it to trash mail sent to your "RealAudio" address and hold mail sent to your "Google" address. Each time someone sends mail to any of those addresses, it sets up a new filter rule, which you can later change: mail from CmdrTaco to your "Slashdot" address can go through, but j12h31j2hjh@hotmail.com mail to "Slashdot" can be trashed.

Certainly you can do this yourself if you run your own mailserver, but this is easiest for me.

Spamcop, at its core, is an automated spam processing system. It comes in a free and a pay flavor. Basically, you either cut and paste your spam into a form on their website, headers included, or you forward it as an attachment to your submission address. It slices and dices, looks for links, parses headers, records statistics, and sends notices to appropriate parties, be they ARIN contacts for IPs or abuse.net contacts for domains. There's all sorts of nifty stuff for making sure that your real email address doesn't end up in spammers' hands, instead creating a ReportID@spamcop.net address for each report (my most recent one is in the 4.75 million range). Still though, it's not perfect. Sometimes it's fooled by the mta chain, sometimes it does let an identifying bit of information slip through, and it DOES NOT parse reply-to addresses (grumble). Still though, it does do a pretty good job overall, and lets me send out reports about spam in a fraction of the time it would take to manually parse them.

For spamcop vs. @home, @home bounces anything with an @spamcop.net address, whether it's an automated report or whether it is someone using their @spamcop.net address (each paying member gets an email account that is spam-filtered, which can be used for everyday usage). Myself, I prefer Sneakemail for my mail management. Anyway, not only do they block spamcop reports, but they generally ignore even manual reports from non spamcop.net addresses. Just today, they started sending an auto-acknowledgement with a case ID of something like 1001 for every case (non-incrementing), indicating that they simply don't care anymore.

All in all, SpamCop, despite its problems, is an incredible service. It's open source too, with the code being available on SourceForge. You can use it for free, or pay $36/yr or $1/mb of mail for a lot of advanced features, such as the filtered email address, IMAP/POP3 access, black/whitelists, et al.

I like to use sneakemail for hiding my true email address from the multitude of lists and webpages I sometimes use.

A while ago I got an account at neopets.com (using a disposable email address) making sure to select the "don't send me any email" box, and after I was disgusted at thier birbery for clicking ads forgot about it. Then they spamed me. I sent them an email telling them they'd be billed for any further spam. Here's what they sent me (personal details deleted):

To Mr. [censored]:

The Legal Department is in receipt of your message regarding an
advertisement you allegedly received from NeoPets. We take all user
concerns-especially those in connection with member privacy and safety-very
seriously, and in this regard monitor the website around the clock for
inappropriate content.

To begin with, NeoPets unequivocally rejects your "purported" contract and
refuses to enter into any agreement with you. Your demands are neither
reasonable nor are they acceptable under any circumstance. As such, this
message should not be construed as an admission of liability or acquiescence
to your demands, but asv a complete rejection of your offer. Likewise, any
transmission you may receive from NeoPets is not an acceptance of your
agreement and may not be construed as an acceptance under any condition.

Moreover, by registering on the NeoPets.com website, you expressly agreed to
NeoPets' Terms and Conditions, which states that NeoPets may send
notifications and announcements to its users' e-mail addresses. Neither
NeoPets nor its sponsors send unsolicited e-mails and will only send e-mails
to users who have expressly requested, or consented to receive, such
correspondence and have provided an e-mail address destination. As such,
immediately upon the Legal Department's receipt of your message, we had
0rnrsegu001@sneakemail.com blocked from our system to ensure that you do not
receive any more unwanted e-mails. Additionally, we researched your e-mail
address in the NeoPets database and located the account "yottabyte," which
we immediately froze to prevent you from receiving any further unwanted
e-mail communications.

Unfortunately, we have no control over the sponsors our users register with,
and this is a matter that must be taken up with each sponsor that sends you
e-mails. As a practical matter, our sponsors are very responsive to
"unsubscribing" users who wish to be removed from e-mail databases. As a
courtesy, we will try to help remove your e-mail address from our sponsors'
systems, although we can make no guarantees as to the effectiveness of
preventing future unwanted e-mails. To do this, however, I will need you to
send a list of the sponsors from whom you are receiving unwanted e-mails.
Because NeoPets.com does not pass along user information to anyone, we do
not know where your e-mail address was registered and thus have no way to
automatically unsubscribe it.

Please contact us directly at legalDepartment@NeoPets.com if you have any
further questions or if this problem persists. We hope the foregoing has
addressed your concerns.

Sincerely,

The NeoPets Legal Team

Now for some commentary.

Moreover, by registering on the NeoPets.com website, you expressly agreed to
NeoPets' Terms and Conditions, which states that NeoPets may send
notifications and announcements to its users' e-mail addresses. Neither
NeoPets nor its sponsors send unsolicited e-mails and will only send e-mails
to users who have expressly requested, or consented to receive, such
correspondence and have provided an e-mail address destination.

And yet they tried to get me to buy tickets to some event (I seem to recall it being some radio station held event of some sort)

Unfortunately, we have no control over the sponsors our users register with,
and this is a matter that must be taken up with each sponsor that sends you
e-mails.

I definatly did not register for any annoying ads.

I responded to this by telling them "whatever.... all further email to this address will bounce" then going to sneakemail.com and deactivating the address.

I'm sort of amused by this, I bet it cost them at least $100 to have thier lawyers tell me off.

I highly reccommend all people go out and use sneakemail link.

This is a great utility for stopping spam while not interfereing with your normal email.

It gives you unlimited disposable email addresses to give out whenever you need an email for a website.

If you dont want email from that address anymore, you can turn it off.

On the other hand : Spam is meant to market a good or service. Therefore there must be some way to get in contact with the spammer, otherwise their spam would be ineffective. a task force needs to be created which smacks spammers upside the head with fines, or just plain shuts them down.

Spam should be legal, as long as they include a valid return addy, and have a way to remove people (for real)

That's why you use sneakemail. This way you can have a unique email address (whichs forwards content to your actual address) for different things. Once you've got what you need, you just tell sneakemail to delete that address.

Sneakemail is an email anonymizing and anti spam service that is determined to outlive the competition.

So far so good.

Sneakemail.com

The first part is easy, and well-known. Generate a one-time email address (various means are available). Associate it with the site (e.g. by naming it something like fake-addy-ebay@mycomputer.com if you're registering with ebay, say) Give it to the sign-up form, purchase form or whatever. If you actually want to receive a limited kind of email from them, or want to know if/when they've broken their promise, ensure that this one-time email addy forwards to a real address of yours, or at least ensure that you'll be able to read mail sent to it.

There is already a site that provides this service: check out www.sneakemail.com. The e-mail addresses generated consist of random alphabet soup, rather than anything user-selectable (IMO this is a feature), and a decent Web interface is provided both for managing numerous aliases and configuring sender-filtering independently on each.

... I'll change my homepage from Sneakemail to PopUp Killer-- for those of us on Win32 who can't run Konquerer.

Sounds like the same solution http://www.sneakemail.com/ uses to spam-proof people. Someone mentioned that the last time /. had a spam discussion, and I tried it out, and it's abosolutely wonderful. Adam recommends.

- Adam

I use Sneak Email to direct my mail. Any time I need to enter my e-mail address, I create a new one. Worried about Amazon.com going bankrupt and selling your e-mail address? Worry no more. You can adjust the filters to block domains, all mail, or just delete the address from existence. Why bother configuring your own host to filter when you can use SneakEmail for free.

Of course it helps to spamproof your address when posting to message boards (see mine above).

Filling in a needless registration form? I started putting 'abuse@theirdomain.com' instead. If Real.com wants to spam me, they'll just spam themselves.

I use Outlook, every once in a while I hop on over to Windows Update and get the latest security patches. It's painless.

Guess what? I haven't been hit by SirCam or Code Red. I've gotten more than a few SirCam messages from people I don't even know (including one that was mailed to me by a stranger through my Slashdot sneakemail account).

An up-to-date and properly configured Outlook will not arbitrarily execute EXE/COM/BAT binaries. It won't even open HTML attachments without permission. Mine won't even let me see the attachment I was getting from SirCam victims. I had to ssh to my mail server, use Mutt to save the attachment and run "strings" on it to see what it was.

Not to mention, the really poor English in those SirCam messages is a dead giveaway.

--

http://mailshell.com

Will give you all the addresses you will ever need. Sneakemail is more difficult to use since you need to return to the site to generate an address, but mailshell allows you to generate them on the fly...

It's just easier, and more effective, to wear slippers than try and carpet the world.

Bye MAPS, it was unpleasant being blocked by you, forced to use my ISP smtp servers, disallowed from operating my own deliveries. John Gilmore is right.

If you dont trust somebody with your email address, DONT GIVE IT TO THEM, just use a disposable email service like Sneakemail.

Even if you're giving your address to an organization you trust not to spread your address dont trust their opt-out functionality, since it could very well be a temp using Excel to remove your address.

Since I've been using sneakemail (which lets you know without a doubt how somebody got your address) the most spam I get, BY FAR, is at g4hu5001@sneakemail.com, which is the address I only use only for slashdot.

So sure, spammers may or may not have rights, but if you have total control over their ability to spam you, the argument becomes mostly academic.