Address munging

From Free net encyclopedia

(Difference between revisions)
Revision as of 15:19, 21 April 2006
Motor (Talk | contribs)
remove re-added ext link - third time now. There are already two of these links, the article does not need another.
Next diff →

Current revision

Address munging is the practise of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organisations who send unsolicited bulk e-mail.

Contents

[edit]

Intent

When an undisguised e-mail address (e.g. "no-one@example.com") is posted in public it is easily recognised and collected by computer software. A collected address will then become a target for unsolicited bulk e-mail. Address munging can be used to prevent the use of software recognition for large-scale harvesting of addresses, while giving enough clues for a human reader to easily reconstruct the correct address and contact the author.

Any e-mail address posted in public is subject to scanning and collection, including those posted on webpages or onto Usenet. Private e-mail sent between individuals is unlikely to be scanned and address munging is unnecessary in this case. However, e-mail sent to a mailing list, which is then archived and made available via the web or passed onto a Usenet news server and made public, may eventually be scanned.

[edit]

Examples

A common method of disguising an address is to replace the "@" symbol with the word "at", and any "." with "(dot)" giving a result that does not look like an e-mail address at all:

no-one at example (dot) com

There are many other methods for disguising the address:

Disguised address How to recover the original address
no-one at example dot orgReplace "at" with "@", and "dot" with "."
no-one@elpmaxe.co.uk.invalidReverse domain name example
remove .invalid
ten.elpmaxe@eno-onReverse the entire address
no-one@exampleREMOVEME.com.invalidInstructions in the address itself;
remove .invalid
no-one@exampleARCHIMEDES.com.invalidRemove the mathematician;
remove .invalid
no-one@example.com.invalid;
s/example/no-where/		Substitute no-where for example;
remove .invalid;
See Sed for a description of the s// syntax

Some of these methods still result in a recognisable e-mail address, but an incorrect one. This is less satisfactory as anything resembling an e-mail address will be collected and used for spam. The following points are important when using address munging:

  • Ensure the disguised version is not someone else's e-mail address. This can be done by appending the reserved top level domain .invalid to the end.
  • If you are disguising an address by adding text to it, then add it to the right-hand side of the "@" not the left. This prevents your internet service provider's mail server from having to handle undeliverable mail.
[edit]

Disadvantages

Disguising addresses makes it more difficult for people to send e-mail to each other and is, at best, a workaround for the problem of spam. When posting to usenet it should also be noted that disguising an e-mail address is, in the strictest terms, a violation of RFC 1036. This RFC describes the format of usenet messages and requires a valid e-mail address in the From: field of the post. In practise, few people follow this so strictly.

Some people (especially Internet and Usenet oldtimers who were around prior to the commercialization of the Internet) oppose on principle any attempt to intentionally obscure information, seeing it as an affront to the traditions of openness and straightforwardness of the network. Also, some of the address obfuscation techniques may impair the accessibility of the address to some users, as when images or scripting languages are required. Some munging techniques may produce results that some people find unaesthetic or annoying.

[edit]

"Transparent" techniques as an alternative to address munging

As an alternative to address munging, several "transparent" techniques allow people to post a valid e-mail address that really will reach them (and not accidentally get sent to anyone else), but make it difficult for spam to get through. These techniques include

  • Use "transparent name mangling" by replacing characters in the address by equivalent HTML references from the list of XML and HTML character entity references. (When a real person copies-and-pastes that e-mail address, or clicks on the "mailto:", it works fine).
  • Including a plus sign (+) after the username along with a tag (joeuser+wikipedia@example.com). All mail would be sent to joeuser's email address, but the tag (wikipedia) can be used to filter email. This technique requires that plussed addressing is supported by the sender (or sender's ISP).
  • Posting an e-mail address as an image (copy-and-paste doesn't work).
  • disposable e-mail addresses
  • Hashcash or some other e-mail hurdle [1]
  • Building the link by client-side scripting, e.g. <SCRIPT LANGUAGE=JavaScript>document.write("<A HREF="mai"+"lto:some"+"body@ex"+"ample.com")</SCRIPT>. Spambots apparently do not execute scripts.Template:Fact

Even the very simplest "transparent name mangling" of e-mail addresses seemed to work as of 2003, according to the "Why Am I Getting All This Spam? Unsolicited Commercial E-mail Research Six Month Report" March 2003. The same report indicated that even simple address munging was absolutely effective. However, spammers' capabilities to overcome such obfuscation may have greatly improved since the study was conducted.

[edit]

See also

[edit]

External links

This article is part of the Spamming series.
E-mail spam DNSBL | Spamhaus | Stopping e-mail abuse | Spambot
Address munging | E-mail authentication
Spamdexing
& S.E.O. 		Google bomb | Keyword stuffing | Cloaking | Link farm
Web ring | Blog spam | Spam blog | Sping | Referer spam
Telemarketing Autodialer | Mobile phone spam | VoIP spam (spit)
Scams Phishing | Advance fee fraud | Lottery scam | Make money fast
Misc. Messaging spam (spim) | Newsgroup spam | Flyposting
History of spamming
Template:-
Retrieved from "http://www.netipedia.com/index.php/Address_munging"