Determine how spammers got your address
Tags: spam, e-mail.
By lucb1e on 2011-11-10 22:59:43 +0100
I saw someone use a very smart way of managing e-mail. The only requirement is having a domain exclusively to yourself.
Say I want to sign up at example.com and I need a valid e-mail address. What I do is sign up with firstname.lastname@example.org. If I some day receive spam, I can see the recipient is email@example.com and I know that example.com has either shared my e-mail address with 3rd parties or made it public some way.
Even better, I can block any e-mail addressed to firstname.lastname@example.org! If there is one breach, which is likely concidering the many websites you need to sign up for, you can simply patch it.
How do you do this?
I configured an own mailserver, it might or might not be possible on other hosts. What it does is deliver every mail directed at [anything]@lucb1e.com to my main e-mail address, but exceptions are still possible (so I can block for example email@example.com).
The only problem is that you will often have one e-mail address which you need to post in public, like firstname.lastname@example.org, and you will need a good spamfilter on that one. You can use images to hide it from easy gathering by spambots, or put something like first.lastnameREMOVECAPS@yourdomain.com. Neither is perfect though. I will remain searching...
Update: Actually I wonder how much spam I'll receive at email@example.com after my website goes public lol. Or maybe not a lot because it contains the word 'example'. Like my address firstname.lastname@example.org, it might get filtered out. Maybe if I created send.me.much.@gmail.com I'd get more spam than on the previously mentioned address, simply because some users do something like "their.name.SPAM@domain dot com (remove .SPAM)". Spammers might have automated that.