Slashdot Mirror

← Back to Stories (view on slashdot.org)

Where Do Dummy Email Addresses Go?

Posted by CmdrTaco on from the but-what-does-it-mean-man dept.

ajain writes "Maybe a year and a half back or so, I started using someone@somewhere.com as a dummy email id in online blogs, guestboks, forums, and sundry pages. But then I started wondering what if someone actually tried to email me on that email address. I was sure that it would bounce because I assumed that there wouldn't be an actual email address like that. In any case, just for fun, I decided to google on someone@somewhere.com. And lo behold, there are some 4090 results! I have written a small article at my blog and a reader says NoOne@NoWhere.com is another contender. Do you use some common dummy email IDs too, to get around the privacy problem online? Isn't there a potential for malicious misuse of someone's email ID in this way?"

62 of 926 comments (clear)

  1. isn't it obvious? by Lord+Bitman · · Score: 5, Funny

    how many people fill out bill.g@microsoft.com (or something similar)
    the answer is "yes", move along.

    --
    -- 'The' Lord and Master Bitman On High, Master Of All
    1. Re:isn't it obvious? by Anonymous Coward · · Score: 4, Funny

      I have been using sjobs@apple.com for years.

    2. Re:isn't it obvious? by yobbo · · Score: 4, Funny

      Actually, my dummy email has always been support@microsoft.com .

    3. Re:isn't it obvious? by Cylix · · Score: 3, Funny

      I've been using spam@aol.com for years.

      I hope AOL appreciates my efforts ;)

      --
      "You should always go to other people's funerals; otherwise, they won't come to yours." -- Yogi Berra
    4. Re:isn't it obvious? by mdamaged · · Score: 3, Informative

      > Isn't there a potential for malicious misuse of someone's email ID in this way?

      Yup, it is called a joe-job...

      http://catb.org/~esr/jargon/html/J/joe-job.html

      --
      Someone asked me the difference between ignorance and apathy, I told them I don't know and I don't care.
    5. Re:isn't it obvious? by SatanicPuppy · · Score: 4, Funny

      My personal favorite is Bob@aol.com, mainly because it's so short. I pity the poor bastard who got that email address though...It seems like, with AOL, that address is bound to be in use.

      --
      ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
    6. Re:isn't it obvious? by operagost · · Score: 5, Informative

      No, example.com is valid (or invalid, as it were). Review RFC 2606.

      --

      Gamingmuseum.com: Give your 3D accelerator a rest.
    7. Re:isn't it obvious? by SiChemist · · Score: 5, Informative

      In RFC 2606, example.com, example.net and example.org are reserved for testing. Therefore, I always use [somename]@example.com for my fake e-mail needs.

      There's some good info here:

      http://www.oreillynet.com/pub/wlg/4051

      and here:

      http://www.faqs.org/rfcs/rfc2606.html

      --
      God is imaginary
    8. Re:isn't it obvious? by strobert · · Score: 3, Interesting

      Ah reminds me oh a time back in the day (was before spam in the early 90's).

      I was using a time sync script that used the daytime service instead of ntp (ntp clients for linux weren't as prevelent at that time).

      well in the script it listed (I think it was):
      system1.com
      system2.edu
      system3.net
      as servers to get daytime info from. Well that config worked. It didn't dawn on me when I was setting it up that those were just examples and should be changed. Mainly becuase it did work, I mean even back then responsible folks were shutting down "extra" services and or only allowing access from proper locations.

      Well the net admin who ran what system1.com pointed to got really irate at someone hitting that service on his machine. He contacted the ISP I was on (an old community based one called punk.net).

      And the guy was too much of an idiot to understand the explaination of what had happened. said things like 'what system1.com?'. Not only had he forgotten he had pointed it at his system (it was the same org by checking whois), but he didn't even know how to check what system1.com was aand where it pointed. To top it off he then threatened to drive up from LA and physically assault me and started port scanning my network. (and yes this was after I had pointed elsewhere for time updating). So I sent him a nice e-mail saying to go ahead and try and I would be contacting the police if he continued... never heard from him again...

      One of my first exposures to someone who was runnng a box on the Internet that didn't understand basics (like how to run a whois/hostname lookup).

      So my point is yeah example.com is now a IANA reserved, so you should use it. or point it at a spamtrap service you run or have permission to use. it is what I do, provides for some interesting data analysis.

    9. Re:isn't it obvious? by gessel · · Score: 3, Funny

      As a variation on my last name, when I was a student at MIT, I chose "guess@mit.edu" as my address on Athena. It was open... I was young...

      Athena was, at the time, marginally connected to Arpanet, the internet as such did not exist yet.

      Everyone was new to email; it was such an exciting new medium for flirting, a combination that led to some unfortunate experiments. A really surprising number of people seemed to think it was cute to cc "guess" as a joke when they were sending out their little love notes...

      For a while it was fun to reply to all and ask when we were getting together for whatever it was they were proposing to each other, or to respond with "I can't make it at 11:00, can we do it at 1:00 instead?" Nobody ever wrote back... or cc'd "guess" twice.

  2. asdf by fishrokka · · Score: 5, Informative

    I always use asdf@asdf.com

    seems I'm not alone:

    http://www.asdf.com/asdfemail.html

    http://www.asdf.com/whatisasdf.html

  3. Mail Somewhere by mfh · · Score: 4, Interesting

    Strangely enough, somewhere.com offers anti-spam services as well as other consulting things. Could it be that they have set up someone@somewhere.com as a black hole to track spammers? That sure would rock. There is always some misuse when you post your email address online. Don't do it. Simply code a form for contacting you via email and let PHP or whatever send it to you behind the scenes. This halts any kind of email harvesting, and results in the use of faked email addresses, or obvious ones, like admin@DOMAIN.com or whatever. If you have a catchall, you should disable it and let them all bounce. When enough email bounces, someone somewhere will figure out something to solve the problem of spam, or run of the mill spammers will just give up.

    --
    The dangers of knowledge trigger emotional distress in human beings.
  4. Mailinator by iCharles · · Score: 4, Informative

    I used to use the ones you describe, as well as "fatchance@nospam.com." Then, I discovered Mailinator. This is pretty handy. You make up an address @mailinator.com. Mail can go there, and the address is "created" on the fly. Later, if you are really interested (say, a registration for a newspaper site), you can pick up the mail. After a few hours, the account is deleted.

    1. Re:Mailinator by phildog · · Score: 4, Informative

      for a mailinator-like service with RSS feeds of each mailbox, try dodgeit.com

      --
      slashsearch.org - slashdot search. powered by google.
    2. Re:Mailinator by tanguyr · · Score: 4, Informative

      Those of you running firefox can download a search plugin for mailinator.com from mycroft, so you can check [whatever]@mailinator.com from your seach box.

      --
      #!/usr/bin/english
    3. Re:Mailinator by The_Unforgiven · · Score: 3, Informative

      If I remember correctly, when the account hasn't recieved any email for X hours, it's deleted, but for as long as it's getting email, it's there.

      So yeah, use something like jj342873402@mailinator.com, and you have better odds, I suppose.

      I think individual emails are deleted based on their time stamp as well, too, but then again, you could just read the page, since they explain this...

      --
      http://wsulug.org
  5. This is what example.com is for by Andy_R · · Score: 5, Informative

    The domain "example.com" is reserved for exactly this purpose.

    However, I find that for cases where you can be reasonably certain your address is NEVER going to be used for legitimate purposes (such as cases like this where the context implies the address is useless and it will only be treated as real by harvesters), you can skip the middle man by using uce@ftc.gov

    --
    A pizza of radius z and thickness a has a volume of pi z z a
    1. Re:This is what example.com is for by magarity · · Score: 5, Funny

      My favourite: president_gore@whitehouse.gov

      A much much more apropriate one in a that genre is bill_clinton@whitehouse.com.

    2. Re:This is what example.com is for by tignom · · Score: 5, Interesting

      uce@ftc.gov is my favorite when someone with no legitimate use for my email is requesting it. If that won't take, next in line are postmaster@site.com, webmaster@site.com and root@site.com - where site.com is whatever site is demanding my email. After that comes abuse@aol.com, abuse@hotmail.com and abuse@earthlink.net. I don't expect AOL or any of the other big ISPs to do anything, but on the off chance they do, it means a site that's trying to abuse my email will run afowl of someone who can cut them off from a large number of customer/victims.

  6. Re:example.com? by magefile · · Score: 5, Insightful

    If you go to example.com (or .org, .net) it'll tell you that it was set up as a dummy domain in some RFC for the express purpose of being used as an example: "so then you point your browser to example.com" that wouldn't be abusable. So go right ahead and use example.[com|org|net].

  7. The winner is foo@bar.com by DeadSea · · Score: 4, Interesting
    1. foo@bar.com - 15,800
    2. someone@somewhere.com - 4,170
    3. nobody@nowhere.com - 2,900
    4. root@localhost.localdomainm - 2,860
    5. mickey@mouse.com - 2,470
    6. somebody@somewhere.com - 2,240
    7. john@doe.com - 2,120
    8. billgates@microsoft.com - 1,790
    9. me@mine.com - 1,400
    10. noone@nowhere.com - 975
    11. fake@fake.com - 710
    12. jane@doe.com - 423
    1. Re:The winner is foo@bar.com by linzeal · · Score: 4, Funny
      Mine is pretty low on the list, but I like it.

      fuckyou@fuckyou.com

      --
      An Education is the Font of All Liberty
    2. Re:The winner is foo@bar.com by arvindn · · Score: 4, Informative
      You missed the most obvious one:

      user@domain.com - 17,100.

    3. Re:The winner is foo@bar.com by Crispin+Cowan · · Score: 3, Informative
      The winner is the RFC standard @example.com with 1M links on google.

      Crispin

  8. Plenty of open alternatives by Neophytus · · Score: 5, Informative

    There are plenty of places you can safely point to. It's fair to assume that mailboxes at example.{com|net|org} are unmonitored. There's also me@privacy.net which bounces email with a polite notice that you don't want email from the sender. Spamcop provides the conspicuous nobody@devnull.spamcop.net, originally provided for users of their newsgroups but open to all and of course you can just use fake tlds like nobody@fake.invalid which will always be rejected before the email even leaves the spammer's servers.

    If you do want to recieve email but only, say, once from a company then you'll be looking at SpamGourmet which provides simple, free, fowarding addresses that expire after X hits.

  9. That reminds me... by photonic · · Score: 4, Funny

    ... i still have to ask a guy named Donald working for Disney and a guy named Dubya working at the whitehouse, if they ever received any mail for me.

    --
    karma police: arrest this man, he talks in maths; he buzzes like a fridge, he's like a detuned radio. [radiohead]
  10. o/~ Don't dump your muck in my dustbin... by YankeeInExile · · Score: 5, Interesting

    Once Upon A Time, a friend of mine had a domain that spelled a major ISPs name backwards (he registered it on purpose, and joked that he was the "anti-big vendor" and gave shell accounts to friends, friends of friends, etc.

    Then, someone started posting to usenet a lot, who was a customer of Big Vendor , and he 'spam-proofed' his address by ever so cleverly spelling it backwards.

    Suddenly dozens if not hundreds of undeliverable messages started landing on Mike's server for some clown over at ReallyBigISP.

    So, like any good sysadmin, he corrected this oversight, adding a sendmail rule to deliver mail for jrluser@psigib.com to jrluser@bigisp.com.

    The moral of the story: Do not create harm for some innocent third party with your spam evasion techniques. It may come back to haunt you.

    --
    How does the Slashdot Effect happen given that no slashdotters ever RTFA?
    1. Re:o/~ Don't dump your muck in my dustbin... by AsimovBesterClarke · · Score: 3, Funny

      > adding a sendmail rule to deliver mail for jrluser@psigib.com to jrluser@bigisp.com.

      Only problem is his real email is resulrj@bigisp.com....

      --
      Ads are broken.
  11. Re:AOL by Zoko+Siman · · Score: 3, Funny

    Right, posting about your mail bombing exploits to innocent AOL customers is the perfect way to get respct and karma around here. Let alone you did it in VB.

  12. It was you!!! by jjh37997 · · Score: 4, Funny
    Untitled Document

    Maybe a year and a half back or so, I started using someone@somewhere.com as a dummy email id in online blogs, guestboks, forums, and sundry pages. But then I started wondering what if someone actually tried to email me on that email address.

    So.... you're the jackass who clogged up my mailbox with all this crap. Thanks alot, pal!

  13. Use a reserved domain name by LiamQ · · Score: 4, Informative

    RFC 2606 reserves domain names like example.com, so you can safely use those without hitting existing email addresses.

  14. using real address = pure evil!!! by kyknos.org · · Score: 5, Informative

    using another person as your dummy adress is pure EVIL. i was forced to abandon my main email adress because some moron used very extensivelly as a dummy address. and it was no coincidence, the address was too complex. before bayesian filtering, i had no other option than change my email and it is not an easy task if you have used for long time, you have printed ona various dead trees and so on

    --

    SHE does throw dice.
  15. Ex boss.. by sporty · · Score: 3, Funny

    I usually use the email of an ex-boss that I hate.

    --

    -
    ping -f 255.255.255.255 # if only

  16. No-risk, non-abusable by magefile · · Score: 5, Informative

    Use a domain less than 3 chars - can't exist, according to standards, so you won't be abusing anyone. If that's not allowed, use example.com (or .org, or .net), which was set up as a dummy domain to be used in examples.

    The best way I've found, though, is mailinator.com. Every @mailinator.com account "exists" (is created as needed), and other than (perhaps) root, abuse, etc., they aren't passworded. So you don't even have to set up a junk account, just make up the address on the fly. Be sure to delete any emails with passwords in 'em ASAP, of course.

    1. Re:No-risk, non-abusable by lousyd · · Score: 3, Informative
      Use a domain less than 3 chars - can't exist, according to standards

      They can exist, it's just that they were set aside early on. But not early enough to stop x.org, q.com, z.com, x.com, 3.dk and probably a number of other one letter domain registrations. And then we have the hundreds of two letter domains you can find here. You've never visited aa.com, the site for American Airlines? What about xe.com, to do currency conversion?

      And if you want to get really technical, every ccTLD is in an example of a domain less than three characters.

      --
      If aspiration is a virtue, achievement cannot be a vice.
  17. Re:fake email by pegr · · Score: 5, Interesting

    Even better, don't use a fake email. I use me@privacy.net. If you send mail there, you get an auto-reply that says the submitter likes their privacy and you generally suck for being an email harvester. Go ahead, send me@privacy.net an email and see what I mean...

  18. Itsnot@real.com by chrispl · · Score: 4, Interesting

    One I have used for years. I am sure Mr. Irvin Tsnot at Real Networks is wondering why he gets so much junk Email...

    --
    What post? The one you're carrying inside your rusty innards!
  19. Why are you causing spam? by Secrity · · Score: 3, Informative

    The somewhere.com domain is registered by Speakeasy. I checked and found that there is currently no mailserver associated with somewhere.com, so in this case you lucked out and didn't hurt anyone with your misguided efforts. People using random email addresses are very much like people randoming shooting guns. The example.com, example.org, and example.net domains are safe to use for this purpose, see RFC 2606, Section 3.

  20. Technically, its illegal by nurb432 · · Score: 4, Interesting

    1 - you are falsifying your identity with intent to deceive.

    2 - you are assuming the identity of someone else, again with intent.

    3 - improperly using others resources, or causing harm to others resources..

    Doubt anyone would ever be tried and convicted under the law, but in this day and age, when people are jailed just for speaking, and the government will monitor what books you read, anything is possible..

    --
    ---- Booth was a patriot ----
    1. Re:Technically, its illegal by syukton · · Score: 5, Interesting

      Funny, I didn't know "email address" was synonymous with "identity."

      When somebody asks for your email address, they're asking for a way to contact you--like a phone number. They're not asking for you to uniquely identify yourself as you would with a driver's license or passport, they're only asking how they can reach you.

      Email is not identity, and using a dummy email address is not illegal.

      --
      Reinvent the wheel only at either a lower cost, greater effectiveness, or your own personal enrichment and satisfaction.
  21. Re:Who else? by MikShapi · · Score: 4, Funny

    Probbably half the /. crowd, myself among them, worked in support, YOU INSENSITIVE CLOD!

    Do some good - tell them about darl@sco.com

    And if you can add a sig with HTML, Feel free to throw this little charm in as well:
    <A HREF="http://www.thescogroup.com/">litigious bastards</A>

    --
    -
  22. The correct way by nsayer · · Score: 3, Informative

    is to use any LHS @example.com. This, by RFC, is guaranteed to belong to nobody.

  23. RFC 2606 by HughsOnFirst · · Score: 4, Informative

    example.com is set up for exactly thie purpose. See RFC 2606. .test .invalid .localhost are also mentioned in RFC 2606. .localhost may cause more fun when somone tries to mail spam to it.

    1. Re:RFC 2606 by menkhaura · · Score: 3, Interesting

      I've used root@127.0.0.1 here and there... This exists on all *nix machines, but is there a single address that means superuser at localhost on every platform?

      --
      Stupidity is an equal opportunity striker.
      Fellow slashdotter Bill Dog
  24. Re:fake email by samhalliday · · Score: 5, Insightful
    thats the stupidist idea i have ever heard of!

    the From: header can be easily forged and these privacy.net guys are just adding to the misuse of net traffic by replying.

    spam should go to one of 2 places... an authority who can fine the sender, or /dev/null (preferably the mail server will reject the spam before even collecting it, such as grey listing does)

  25. Re:poop@poop.com by Rick+Zeman · · Score: 3, Funny

    I always put 867-5309 for my phone #.

    Me, too! And if I have to put a (fake) name in, it'll be (First Name) Jenny (Last Name) Jenny.

  26. Begin the Google Fight! by TubeSteak · · Score: 4, Interesting
    I'm surprised no one has started this earlier

    someone@somewhere.com VS none@none.com
    4090 to 6660
    Round 1 goes to None@None.com

    --
    [Fuck Beta]
    o0t!
    1. Re:Begin the Google Fight! by WuphonsReach · · Score: 3, Informative

      If I'm posting to UseNet, I usually make up some alias to stick in front of @nowhere.com.

      I sorta pity whoever owns @nowhere.com

      (Actually, there is someone who owns @NoWhere.com, registered back in 1994 according to WhoIs. However, there are no NS, MX or SOA records so e-mail to that domain goes nowhere.)

      --
      Wolde you bothe eate your cake, and have your cake?
    2. Re:Begin the Google Fight! by alphaseven · · Score: 3, Funny
      Yeah there used to be a page up for nowhere.com, where they would complain about their old IPX receiving about 80'000 emails a month. You can see the old page at archive.org.

      http://web.archive.org/web/*/nowhere.com

  27. Re:a@b.com by The_Unforgiven · · Score: 5, Informative

    For this, Mailinator is perfect.

    --
    http://wsulug.org
  28. Network Solutions by TheLink · · Score: 5, Insightful

    Maybe an address at networksolutions.com or netsol.com would be more appropriate, after all they want to be the destination for traffic to nonexistent domain names with their sitefinder crap.

    --
  29. Re:fake email by redhat421 · · Score: 5, Informative
    I don't think that me@privacy.net is going to be sending any auto replys.

    $ host -t mx privacy.net
    privacy.net mail is handled by 10 mail.privacy.net.
    $ host mail.privacy.net
    mail.privacy.net has address 127.0.0.1
  30. Nonexistent domains by blorg · · Score: 4, Interesting

    Heh. I actually registered that to put up a parody/protest about sitefinder. The domain turns out to get a lot of spam; some stuff from people who obviously just typed it into a form, but also however from people who had their mail systems configured to divert their spam/bad mail to nonexistentuser@nonexistentdomain.com (or some variant). All were happy to stop when asked, but if you must configure your mail like this, possibly better use an *impossible* domain (I did get a fair bit of private email bounced on to me by badly configured mail systems).

    1. Re:Nonexistent domains by Waltre · · Score: 5, Interesting

      hmmmm...all this bandwidth being wasted.

      I feel it's my duty to the internet to point these clowns to h4wh4w@127.0.0.1.

      You'd be suprised how many sites will actually allow this, since the regular expressions that check them usually allow for identifier@sub.dns.com.country, with each allowing [a-zA-Z0-9].

  31. Revenge... by siesta+at+uni · · Score: 3, Funny

    sales@real.com :D

  32. Oh, The Irony... by mellon · · Score: 4, Informative

    Somewhere.com is a domain that was registered by a friend of mine long long ago back before spam and web sites and all that crap ruined the beauty that was the Old Internet. (I'm being ironic here, by the way). I think he registered it because he thought it was kind of funny, but unfortunately he pointed it at his mail server.

    It turns out that as the internet became more and more popular, more and more people started using someone@somewhere.com as the address they'd put into email when they didn't want the originator of the email to be known. For example, forwarded mail where you don't want the person who forwarded it to get mad at you for publishing their email address.

    So he started getting a lot of crank email to somewhere.com - people complaining that he shouldn't send them mail about Jesus' third coming in a UFO, and stuff like that. For a while he tried sending mail to these people to clue them in, but of course they were un-cluable.

    Eventially, it got to the point where he was mostly getting the kind of stuff you get when you've been joe-jobbed - angry replies to actual spam of the kind to which we've sadly become accustomed. It was then that he started analyzing the responses, and I'm pretty sure this is what inspired his anti-spam work.

    Messagefire, the anti-spam service he started, really rocks. It's too bad that they've stopped accepting new customers. Sigh. Because I know him, I got in on the ground floor, and am still using it to filter my spam. It's wildly successful, and I'm very grateful to him for setting it up. I hope at some point they start selling service again. :'}

  33. Re:a@b.com by aberant · · Score: 3, Interesting

    i use this alot.. but i mix it up by also putting abuse@(the domain asking for my email) and then i sign up for every newsletter they have... i figure it saves me alot of time by just letting them report the spam to themselves... 8)

  34. example.com handling has changed by billstewart · · Score: 4, Informative
    A couple of years ago, example.com handling changed - it now exists to give you warning messages. In the past, the name was reserved by IANA, and listed in whois as being reserved, but it didn't resolve to an IP address. There's now an IP address (192.0.34.166), which resolves as example.com and www.example.com, and it doesn't have an SMTP server, but does have a web server which tells you
    You have reached this web page by typing "example.com", "example.net", or "example.org" into your web browser.

    These domain names are reserved for use in documentation and are not available for registration. See RFC 2606, Section 3.
    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  35. I can just see this... by cjellibebi · · Score: 4, Funny
    > Actually, my dummy email has always been support@microsoft.com .

    Oh dear... I can see this already.



    Microsoft Knowledge Base Article - 555666

    Are we satisfied with the length of our penis?

    Symptoms: You are unsure if we at Microsoft Support are satisfied with the length of our collective penis.

    Resolution: To solve the problem:

    1. Repeat the following mantra to yourself over and over again: "Microsoft Support is satisfied with the length of it's penis. Everyone is satisfied with the length of their penises. If I don't stop asking people these questions, my own penis will shrivel up and fall off."...
    2. Fuck off.

    Status: Microsoft has confirmed that this is a problem in the internet e-mail system, which thanks to our insecure e-mail apps and OSses, has gotten a lot worse than it should. Also, stupid users are to blame.

    The information in this article applies to: Yourself you good for nothing spammer, Clippy.

  36. god@heaven.com by wganz · · Score: 4, Funny

    I use god@heaven.com in cc: lines for the corporate email responses when someone adds everybody remotely related to the 'issue' to an email. When anyone does a ReplyAll, they get back an undeliverable message from god@heaven.com. In other words, HE doesn't want to hear you whining. The humour is lost on a lot of people.

  37. So you're the one! by pyrrhonist · · Score: 4, Funny
    There isn't a no.com, so no one is getting my spam.

    When we find you, we will KICK YOUR ASS!!!!!

    Sincerely,

    Registrant:
    CentralNic Ltd (NO202-DOM)
    64-66 Coleman Street
    London EC2R 5BX
    UK

    Domain Name: NO.COM

    Administrative Contact, Technical Contact:
    Department, Technical (23456529I) hostmaster@centralnic.net
    CentralNic Ltd
    64-66 Coleman Street
    London EC2R 5BX
    UK
    +44.2073843050 fax: +44.2077369253

    Record expires on 26-Oct-2010.
    Record created on 20-May-1997.
    Bulk whois optout: Y
    Database last updated on 11-Jul-2004 22:01:09 EDT.

    Domain servers in listed order:

    NS0.CENTRALNIC.NET 213.146.149.169
    NS1.CENTRALNIC.NET 213.146.149.134
    LON-NS-2.CENTRALNIC.NET 195.149.39.141
    --
    Show me on the doll where his noodly appendage touched you.
  38. Somewhere.Com - The Scoop by nazgul@somewhere.com · · Score: 5, Informative

    I registered somewhere.com in 1995 (hey, it was free :-). After I sold my first consulting company, I named the next one after the domain. Somewhere.Com, LLC.

    Spam didn't exist at the time. The first warning signs were when we'd occasionally get email bounces. Some versions of 'mail' on Unix, when unable to figure out who to return a bounce to, would send it to somewhere!name-of-the-user. Sendmail would helpfully turn that into somewhere.com, and we'd get the email.

    When spam started, we started getting bounce backs. Spammers were using it as a "fake" domain. In those days somewhere's mail system was a Mac 8500 on a cable modem. Life would get very interesting when all of AOL's mail servers started throwing bounces at me as fast as they could. I had originally been bouncing messages back with messages asking people to stop--that had to change to straight rejections.

    As a result of the time I was spending handling somewhere's email problems, I got into the anti-spam business. Initially writing tools to track spammers (http://www.spamwatcher.com/ is still up, although I don't know how well the spam analysis stuff is working). Later I co-founded Messagefire, an end-user anti-spam service.

    In the meantime somewhere's email flow continued to climb. It's doubled every year. Hoaxes like the one about "wormalert@somewhere.com" (put it in your address book, and the fact that it's fake will cause viruses to die) didn't help. Nor did Microsoft FrontPage shipping with webmaster@somewhere.com as the default address in its templates. Axis shipped an internet enabled video camera that that (if you turned on the email feature) defaulted to sending all your security pictures to somewhere.com. (They've fixed it, but there are still cameras out there sending us a picture every 5-10 seconds.). Viruses that picked up all the references to somewhere.com off of people's address book and web caches started to account for more than a third of the email. People signing up for things with "fake" addresses accounted for a lot as well. (Why anyone would use an email address at a domain and not check to see if the domain existed first, I have no clue. Neither, apparently, do a lot of people who enter fake email addresses.) By last year we were rejecting 100,000 messages a day, of which close to 40,000 were going to someone@somewhere.com. I upgraded my DSL line to 768k just to handle the flow, and I had to limit my mail server to 100 simultaneous connections at a time.

    This year we sold Messagefire to a Seattle company called MessageGate, and I now work for them. We use somewhere.com to stress test our enterprise anti-spam and compliance software. That happened only just in time; my router was starting to fail frequently under the load. Now the mail's on a high-bandwidth connection with multiple machines to handle the load--I just pick up the legitimate addresses after the spam has been filtered out.

    I haven't looked in on it in several months, but we did let the email run unthrottled once early this year. After a few hours we were looking at enough bandwidth saturate several T1's, and volume of at least one million messages a day.

    A couple things in summary.

    1. Don't use fake email addresses. If you don't trust the site you are giving your email address too, then why are you doing business with them? If you're afraid of spam because you're posting your address publicly; then buy some anti-spam software. If I can manage to use legitimate email accounts on somewhere.com and not worry about spam, then obviously there's some out there that works well. I've been posting on usenet and the web using nazgul@somewhere.com for the past 9 years. The spammers definitely have my address. So what?

    2. If you're going to make up a domain name, then *check* first to see if it's real! Better yet, don't. Just because it's not real now doesn't mean it won't be later. Use example.{com,net,org} if you must.

    3. I see a number of people here s