Nov 172009
 

Note: This post is actually an article I’ve had on a couple of websites for a number of years, originally written shortly after softrock.co.uk became the victim of a very deliberate use of email addresses at that domain in the headers of UCE (aka a “Joe Job”). Now that this blog is up and running, it’s the ideal place for such material – so one quick re-read, check and update later, here it is.

Introduction

Right at the start I should state that I am very strongly opposed to the use of munged email addresses, due to softrock.co.uk having been inundated with non-delivery reports and other annoyances since spammers used softrock.co.uk addresses in the From: line of their junk several years ago. I make no denial of that and do not try to defend the fact that my position is biased against munged addresses as a result of this.

However, please do not let that put you off reading this if you are a user of a munged address, or if you are considering using one. If anything, you should read on because there are some alternative suggestions towards the end of this article, just for you. Please consider using them, instead of your current or intended approach.

What are munged addresses?

Many people use munged email addresses for their posts to usenet. These are where the email address as used in the From: header has been modified to disguise the poster’s real address, mainly in order to avoid that address being picked up by spammers.

Simple examples might involve inserting the words “REMOVEME” somewhere into the address, for example myemail@example.REMOVEMEcom, so that the address is then no longer “real”, but actually contains the instruction needed for would be (genuine) correspondents to decode (fix!) it. Some people choose more complicated approaches, however, and some less obvious, with the instructions usually being in their .sig file – “to email me, change my address as follows…” The actual instructions might be to spell the domain backwards or to replace “this” with “that”, and so on.

The advantages of using munged addresses

The main “pro” is that, subject to various factors, it can work; if the email address harvesting software isn’t picking up the real email address, then the real email address isn’t going to receive any spam.

Are there any other pros? Any other advantages to using such an address? Well, there are none that I can think of. Feel free to let me know what other advantages they offer.

The disadvantages of using munged addresses

There are a number of disadvantages, as follows:

The munged address could deflect real mail.

When someone else chooses to send an email to the user of a munged address, that person (or that person’s software) has to recognise that it is a munged address, and that it must therefore be decoded. This doesn’t always happen, and if that person sends out an email as intended, at some stage he’ll receive it back wrapped up in a ‘non-delivery report’ – a “bounce”.

This is particularly annoying if the email was in response to a request for help, and that help was in the form of, for example, an attachment – “Help! I need clip art! Pictures of Christmas Trees!” would be an example of the sort of thing I’m thinking of. The non-delivery report often includes the original email – so sending someone an email with a large file attached means receiving that large attachment back.

And before you say it just doesn’t happen, I’ll say it bloody well does. Exactly that has happened to me – though it wasn’t Christmas Trees. (I hate Christmas – why would I have clip art of Christmas Trees?)

This problem can be alleviated by including a legitimate email address in the Reply-To: header, but the number of users of munged addresses who I’ve seen do that are in the minority, and the Reply-To: approach is only the solution to this particular disadvantage. (The Reply-To: header isn’t included in the header “overview” offered by usenet servers, and it’s this overview header spammers are most likely to use, rather than download the full usenet feed).

Note: It once seemed common to refer to munged email addresses as “spam traps” – and in the original versions of this article I did the same. However, the very nature of this problem shows that to be a complete misnomer; the address doesn’t “trap” the spam in any way; it merely deflects it from the user’s inbox. In fact, the term spam trap is more correctly used to describe email addresses that exist purely to receive spam – which is done to aid the fight against it.

The munged address could be someone else’s real address

The munged addresses are often themselves perfectly valid email addresses, which may or may not just happen to be unused at the time.

What this means is that, often, the user of a munged email address is in effect using an address that either belongs to someone else, or could belong to someone else at some point in the future. Their munged addresses, in all likelihood, will be picked up and used by spammers – so if and when that address is actually used, the unsuspecting person who uses it will already be ‘signed up’ to receive spam by the actions of the person who used it to deflect spam.

(In my first example above, I deliberately added the REMOVEME to the top level domain part of the address, so that I wasn’t committing the same sin myself in this post – but in “the real world” people will add that to whichever part of the address they think suits it best – and let’s not forget it might not be the words REMOVEME; it could be something more subtle – which means something more likely to be used as a real address.)

Again, there is a solution to this particular problem. The TLD (or “top level domain”) .invalid exists specifically to prevent people inadvertently using addresses that either do now or could in the future belong to others – so in a munged email address, you should drop the .com or .co.uk (or whatever) and replace it with .invalid – for example myemail@exampleREMOVEME.invalid – but again, this approach is only the solution to this particular disadvantage.

Munged address still get spammed, and someone receives a “bounce”

Following on from item 2, munged email addresses, just like their real counterparts, do get harvested, and junk email does get sent to them. The user of such an address obviously won’t be receiving that spam, which on the face of it is the desired outcome – as has already been mentioned above as the single advantage.

But there is a consequence; what happens to that spam? If it can’t be delivered to a valid address, then somewhere down the line a server is going to “bounce” it – that is to say, it sends an email (which itself usually includes the original mail – which is why it’s commonly referred to as a “bounce”) to whoever it believes is the sender.

The problem, though, is that it ascertains that information from the headers – commonly the From: line of the email. Spammers don’t use their own addresses for such things – they “hijack” other people’s addresses, forging the headers of their junk as they need for their nefarious purposes. Which means it is the owners of the email addresses they use that receive the bounced emails. This, as described in the introduction, is what happened to me at my softrock.co.uk domain; spammers used addresses at that domain in their From: lines, and I became inundated with non delivery reports, and all sorts of other nonsense.

The easiest solution to this problem is not to use a munged email address at all – instead use a real one. And unlike the solutions to the other disadvantages given above, this one actually solves all three. The disadvantage of this, though, is that you are no longer using a munged address, and so become subject to all the spam.

All is not lost, however. There are other ways and means to dealing with spam, including slight variations on the munged address approach:

The real solutions

Have your mail filtered remotely

Using an email provider that provides a filtering service for your mail means that you can use your actual address on usenet, with no munging necessary – your email provider will filter out most (if not all) of the junk without you seeing it. These days, most ISPs should provide this as part of their service, alternatively some email providers have been set up with this role specifically in mind. Feathermail is one such example, though it isn’t free.

Have your mail filtered by software you run

You can use software which achieves the same goal, filtering out the junk from your mail as (or even before) you fetch it. Doing this means the same as above, except the software running on your computer is doing the filtering – and this potentially gives you more control over the process. Most email clients should provide some level of filtering as you download email, some better than others – but if not, or if your software just isn’t as good as it could be, then you can pre-filter it using additional software. Examples of such software for Windows include MailWasher and various others. Examples of such software for RISC OS include AntiSpam and MailScout.

Have a ‘usenet only’ email address

Method 1: Use a webmail service such as Hotmail or Yahoo to provide you with an address that you can use just for usenet.  That address, being used on usenet, will be harvested by spammers and therefore receive all your spam (and most of it will hopefully be filtered out – see suggestion one, above), leaving your ‘real’ address free of it.

If you do this, however, you absolutely must check that mailbox periodically – just quickly browse the list of mails before deleting it all to ensure there have been no genuine emails received. The reason you need to do this is twofold:

Firstly, to prevent the mailbox “filling up” – there will probably be a size limit on the mailbox, and once that limit is exceeded, the email will start bouncing again.

Secondly, to keep the mailbox active. Many webmail providers will, if the user doesn’t log in regularly, cancel the account – and the email will start bouncing again.

Method 2: If you own a domain name, set up a separate email address for usenet. This actually works in exactly the same way as using a webmail provider, and has the same rules – i.e. you must check it from time to time, for exactly the same reasons.

This, incidentally, is what I do. I use a particular address – spam@softrock.co.uk. That address is checked and downloaded from along with all my other addresses, but it’s heavily filtered. Legitimate email can be sent to it – and it should get through.

Conclusion

Munged email addresses, while convenient for their users by saving them the effort of deleting spam, can help inconvenience others. There are alternative methods for dealing with spam – better methods – and these methods should be adopted in preference.

  •  November 17, 2009
  •  Posted by at 9:18 pm
  •   Comments Off on Some thoughts on munged email addresses
  •   Netiquette
  •  Tagged with: ,

VinceH