Join 3,512 readers in helping fund MetaFilter (Hide)


Fighting back:
August 26, 2002 11:11 AM   Subscribe

Fighting back: Spammers want e-mail addresses. Give them e-mail addresses. Tons of e-mail addresses. This handy PHP script will add as many fake e-mail addresses to your web site as you want. 20 is the default, with command and space delimited, just like this:

lebsda@fihnekyjvbj.de, tzckk@zcwgituizwjgy.eu, lzteth@gvxmzqphddvhsd.de, wspvnmpitk@adlruenmiupuglcqn.nl, toulr@cttzrgrb.it, gxgb@yqkeermxyxxozvfws.dk, ucldeo@lwytvqqq.nl, brddshal@qmyhquiqtbaeggpx.com, ovu@zzxlbismicnqsuiubkfl.de, txxewr@ogpzcomgrhkd.br, goluv@twcnkfeghsh.com, tfexbuous@heev.ar, zjgeaztzvm@rvonhfrd.de, nhsgikjvjb@stncbqtnyyclaflm.jp, svgfdh@zeynvdd.nl, hxqios@yrdlshpyscndoslt.de, fxglj@sfkdxgyadbqk.ca, mtskzv@carbd.de, pigm@vnkcalneewdulz.com, nqnjwldpfk@ecifc.edu

And each call to the web site will give the spam harvester 20 spanking new addresses. (Web site is german, but the script is in english)
posted by vowe (59 comments total)

 
Did we really need an example of what 20 random email addresses look like?
posted by Yelling At Nothing at 11:14 AM on August 26, 2002


Spam Trapping can certainly give you a nice warm feeling inside, but it's not going to stop spammers. Most are long gone by the time they hit the send button, leaving some poor sap to deal with all the bounces.
posted by alan at 11:19 AM on August 26, 2002


I don't understand how this would combat spam anyway. Do fake addresses lower the odds of them hitting real ones? Clog spammer's machines?
posted by gottabefunky at 11:21 AM on August 26, 2002


There have been programs like this for a while, but I personally haven't seen any reason to believe they make a difference. My inbox has more spam than ever.

One tactic I've been thinking about lately is to write a script that opens every URL I receive via e-mail in a browser window that is permanently minimized with scripting and other stuff turned off. If enough people did this, every site promoted in a spam would be subjected to a heavy Slashdot effect, which could cost spammers enough in bandwidth charges to ruin the cost-benefit ratio of their abuse.
posted by rcade at 11:22 AM on August 26, 2002


I don't know what you kids are doing for spam fighting, but I love cloudmark's spamnet. I'd like it a lot better if it were done at the server level instead of forcing me to download all the spam and then filter it, and it doesn't stop anyone from sending spam, but it filters out crap mail remarkably well.
posted by dogwelder at 11:25 AM on August 26, 2002


My server was recently a victim of a spam-sending orgy, and I spent almost a week fielding hundreds of bounce messages, as well as many angry emails from legit recipients. Many times spammers are illegally using other people's addresses in the 'from' field, leaving us poor victimized saps to clean up the mess. I don't think this particular fake address method will do anything other than hurt innocent people and cause spam spiders to hit your site about a gazillion times, wasting your bandwidth.
posted by evanizer at 11:28 AM on August 26, 2002


But without spam, how would I know how to enlarge my penis?
posted by spilon at 11:33 AM on August 26, 2002


Hey!!! wspvnmpitk@adlruenmiupuglcqn.nl is my email address!
posted by jozxyqk at 11:34 AM on August 26, 2002


If I reload the page often enough, will one of the email addresses eventually resemble Hamlet?
posted by krunk at 11:34 AM on August 26, 2002


Just do the two-email addy thing. One for personal messages, one for everything else. I only check my HotSpammail account once a week to make room for more spam. Saves me a hell of a lot of time playing with filters and such.
posted by spungfoo at 11:35 AM on August 26, 2002


WOn't this approach totally /. all the mail servers as they bounce crapped-out emails back?
posted by BentPenguin at 11:37 AM on August 26, 2002


Ok. Up[front: I have none, no, zip tech know-how. I use a filter and that gets lots of spam stopped before coming to me. But then there is this and that I write to and they in turn it seems sells my address (e-mail) and whoever buys it in turn sells it etc etc so that when I went away for some 10 days I was flooded with spam with my e-mail address. This is the spam that annoys me. I know that I can keep changing e-mail addresses from time to time and this will help. But heck, that is work for me because of the bad guys.
posted by Postroad at 11:49 AM on August 26, 2002


Somewhat O/T, but...

If you own a Mac, the bundled Mail app in OS X.2 has amazing spam filtering. I threw a few thousand messages at it and its success rate (without any of the "training" it claims to need) was damn close to 100%.
posted by mkultra at 11:50 AM on August 26, 2002


Yeah, a friend of mine told me about wpoison which sounds like the same thing, but the addresses seem more real which makes me feel that it'll probably generate a real address.
posted by RubiX^3 at 11:50 AM on August 26, 2002


I say we take off and nuke all the spammers from orbit... it's the only way to be sure :).
posted by freakystyley at 11:53 AM on August 26, 2002


This is just pissing against the wind.

I hate spam, every day I get about 40 items of spam in one of my hotmail accounts, sometimes more. I never open them, that is a fatal mistake as it can show that your e-mail address is still active.

Yes hotmail - my first mistake - often my three hotmail accounts receive the same item of spam even though they are totally unlinked. I have complained to hotmail but to no avail.

I have even had spam returned to me, some sicko was using my e-mail address to send pornography to people .

But what can I do, just avoid hotmail in future, and keep a low profile with my e-mail address.

I just wish I could take a shot at the perverts with an anti tank missile.
posted by boffer at 11:54 AM on August 26, 2002


Mailwasher is a nice tool, allowing you to preview (and delete) messages stored on your pop account before downloading them. Lots of programs do this, but this one allows you to bounce back e-mails, making it look like the address isn't valid. Not sure if it works, but I would like to think that it did. At least I don't have to download the junk anymore.
posted by adampsyche at 11:57 AM on August 26, 2002


Seems to me that the small amount of people trying to bloat spammers' email address lists would do little with the large amount of resources available to them (the spammers). Assuming a substantial portion are large enough corporations, there's not much you can do by launching a barrage of fake addresses. What we need is an army. And MeFites will rule in the new world order, of course.
posted by caustic at 12:00 PM on August 26, 2002


A script that would filter out emails to nonexistant domains would be trivial to write and basically free to run.

In other words this idea will do nothing but clog legitimate mail servers with bounces. This makes the problem worse. And in my opinion the suggestion that people use this is very very bad.

This post should be deleted.
posted by y6y6y6 at 12:06 PM on August 26, 2002


Spamgourmet!
posted by ac at 12:15 PM on August 26, 2002


Why not use VisualRoute? A graphical traceroute program that analyzes net connectivity. Plug in the spammers's IP address into the application, find the spammers ISP and it's location, forward the email to their abuse depatment. But there may be some down falls, like spoofing the IP address in the headers.
posted by dilok at 12:30 PM on August 26, 2002


Another option besides creating a Hotmail account just for non-personal e-mail is to use an e-mail address that ends with example.com. example.com is a reserved domain name that can't be registered by anybody. It was put aside to be used as an, um, example domain. It just don't exist. Most sites that ask for an e-mail address don't filter it as an unacceptable e-mail address and so you won't be flooding the asdkeinaksdk.nl domain's mail servers with spam.
posted by hootch at 12:36 PM on August 26, 2002


dilok: Good suggestion. Spammers only get shut down once their ISPs receive complaints. A more-automated approach would be to use Spamcop — forward your spam to the spam reporter and let them do the heavy lifting of finding the correct abuse addresses, etc.
posted by dsandl at 12:41 PM on August 26, 2002


I started using SpamCop a few months ago. Interestingly enough, the amount of spam I receive has at least quadrupled in the past few months.

I still think that SpamCop is a legit effort, but it's possible someone is mis-using the information they pass along.
posted by o2b at 12:51 PM on August 26, 2002


adampsyche i absolutley adore mailwasher. at the isp i work for we advise all of our customers to use it and the ones who've adopted it love the living crap out of it. in fact, the next revision of our new user cd will have it available to install for anyone who'd so like.
posted by boogah at 12:52 PM on August 26, 2002


A few years ago I put up this fake email generator off my domains top level page.

It uses a standard Unix dictionary of proper names, as well as a static list of seven or so TLDs to generate an infinite number of fake but quite convincing email addresses.

It was entertaining for a short time looking at the logs and watching the various 'bots suck it down, but they all must be coded to check level since I never saw one loop indefinitely.

I pulled it because I couldn't be totally sure some of the email addresses were not real. I did add code to try to verify the email addresses but the checks just slowed down the thing so much it was essentially worthless.

My primary email account (hosted off panix.com ) is pretty heavily procmail'ed anyway, so I don't get bothered too much.

About the biggest hassle is running a perl script agains the spam trap once a day or so, to check FROM, TO and SUBJ headers to make sure I'm really tossing what should be tossed.
posted by Mutant at 12:52 PM on August 26, 2002


One suggestion I have is to refuse HTML email. As a web developer, I can think of at least two simple ways to track not just which recipients click on the link in my spam, but also the recipients who even open the spam.
posted by o2b at 12:55 PM on August 26, 2002


I don't know what you people do to attract so much spam. I have 3 filters running, because I'm somehow subscribe to a mailing list with no opt-out. As such, I get 5 spam a day (from that list) and they go right to my trash can.
posted by Dark Messiah at 12:57 PM on August 26, 2002


According to our Postini reports, yesterday there were 28,075 attempted e-mails, of which 78.6%(22,077) were filtered as spam before they were even delivered to our servers.

Our users love Postini, and openly mock their friends whose ISP's don't use it.
posted by dglynn at 1:05 PM on August 26, 2002


I don't know what you people do to attract so much spam.

I work at a large public university that does nothing (or possibly less than nothing) to protect its directory of email addresses.
posted by Darth Vader at 1:07 PM on August 26, 2002


for those of you who want to have your email address on your website - which generally leads to being spammed - you can use this great little tool to obfuscate it... email harvesters won't be able to read and scoop it and your visitors will still be able to click on and use your email link.

i also <3 mailwasher, i've been using it for a year and find it extremely valuable for heading off viruses at the server before they reach my inbox.
posted by t r a c y at 2:07 PM on August 26, 2002


spungfo: i agree this is the best method. Its not foolproof but its very easy and gets rid of most. Same thing can be done with 2 phone numbers and distinctive ring at home to avoid telemarketers, 2nd line goes to voice-mail, check once a week - telemarketers never leave voicemail.
posted by stbalbach at 2:25 PM on August 26, 2002


t r a c y - That email obfuscator will work only for the crappiest of harvesters. Any harvester that canonicalizes the input (converting character entities, stripping comments, etc.) won't be fooled.

In general, address poisioning is somewhere between great and benign given the current state-of-the-art in spamware. (That is, assuming the addresses and domains you generate aren't valid. Feeding out valid addresses or domains is highly evil.)

Part of the problem is that modern spamware tools are multi-threaded. In days past, you could bring a spammer to a grinding halt with a slew of bogus addresses. These days, you tie up a thread or two, while the program merrily launches a dozen more to crawl/spam other sites.

Nonetheless, I still run my own spam bait page. I'm not convinced it does a whole heck of a lot of good, but it makes me feel all warm and tingly inside.
posted by chipr at 2:27 PM on August 26, 2002


Plug in the spammers's IP address into the application, find the spammers ISP and it's location, forward the email to their abuse depatment.

dilok, this is an excellent suggestion, however i speak from experience when i say that the vast majority of users who receive spam will have no idea what this means.

Trying to explain to someone who is just barely competent enough to get mail how to parse the headers to obtain the originating IP, then plug it into a whois to ascertain the abuse department's address can be an exercise in frustration.

In most cases spamcop is a better choice for the novice.
posted by quin at 3:28 PM on August 26, 2002


Except when Spamcop misinterprets the header information, sends off automatic complaint emails to webhost providers, and gets innocent webmaster's websites shut down like this.
posted by crunchland at 4:13 PM on August 26, 2002


Other than the impossibility of collecting, why not put a blazing mailto link on your site to a unique email address with a note on the page declaring it to be a contact point for a reading contract, any main sent to it will be read as a service for a rate of $500/hour for a 2 hours minimum, payable in 30 days, else fines accrue, etc. Follow it with a real contact point, not in a mailto.
posted by plinth at 4:28 PM on August 26, 2002


If you're going to fake email adresses which are picked up by Spam Bots, can I suggest that you pick email addresses which end in .gov, .gov.uk, .mil, etc. Find the email addresses of people in government, and make sure you quote them on usenet, etc. That way at least, the people who make the decisions about how illegal spam is are guarenteed to know how annoying it is.
posted by seanyboy at 4:40 PM on August 26, 2002


rcade: One tactic I've been thinking about lately is to write a script that opens every URL I receive via e-mail

This seems like it would be a viable distributed computing project. Especially if it used some of the Spam blacklists. Dangerous as all hell, but an interesting thought.
posted by joemaller at 5:02 PM on August 26, 2002


One of the things that annoys me most about spam is the wondering who gave my address to the first spammer...so, I have an entire domain which I use purely for email-reply addresses. I've set it up so that all mail that isn't sent to the 2 "real" accounts on the domain, goes into a holding trash bin. When a website/e-list/whatever wants an email address, I use requesting _company_name@mymaildomain.cc. Now, whenever I get spam, I know exactly who to blame, and I never have to read it =)

Once a week, I go thru the junk, forwarding anything even remotely illegal to uce@ftc.gov (the federal spam-reporting address), and another copy to the washington-state anti-spam group.

Out of curiousity, last month, I made a page on my website, with a bunch of fake names, but a valid snail-mail address...I'm waiting to see how much junk-mail each name will get...if any =p

posted by nomisxid at 5:21 PM on August 26, 2002


chipr - what about escrambler...? i use this and the obfuscator for the 2 pop3 accts i use for contacts on my various domains, and they're the only 2 addies of mine that don't get spammed... possibly only the crappy harvesters have been visiting me the last 7 years...? if so, i sure hope it stays that way...!

i think your spambait page is great, even if it may not be much use outside feeding the need to take a tiny bit of revenge 8-) i may make my own.
posted by t r a c y at 5:23 PM on August 26, 2002


crunchland, It would appear from your link that the account was shut down due to a complaint from an opt-in user, not a SpamCop misinterpretation.

In either event, the responsibility for closing an account has little to do with SpamCop and everything to do with the ISP's abuse department. SpamCop simply provides the evidence it has received, in many cases it sends a copy to everyone involved, this includes the originating IP's abuse department, the host of any linked URL's, and the admins at almost every hop it took to get there. It is up to the abuse department to determine if their customer violated their TOS/ AUP.
posted by quin at 5:29 PM on August 26, 2002


I have procmail check my incoming mail against an accept-list, to which real first-time senders can add themselves easily. It works perfectly. Here's my page about it.
posted by nicwolff at 5:47 PM on August 26, 2002


quin : here, here and here. Admittedly, I'm predjudiced. My site got shut down by a trigger-happy abuse center. In light of the evidence that there are plenty of other trigger-happy abuse centers, I think you really shouldn't be recommending spamcop, especially to computer novices.
posted by crunchland at 6:03 PM on August 26, 2002


...just another vote here for MailWasher. My spam quotient has definitely improved since using it.
posted by normy at 6:22 PM on August 26, 2002


crunchland: i hate to say it, but i am prejudiced as well, i work for an abuse desk and we check all of our evidence really closely before we terminate a user. i mean, we don't want to shut off a paying customer for no reason, right? ;) However i have dealt with other department that are run less than ideally and things do happen. The best move is usually to contact them immediately and see what is going on. Most spammers will not contact the ISP as it's easier to just sign up another account somewhere else. Talking with a human goes a long way towards proving that you are not doing anything wrong.

That said, to my knowledge we have never shut off a customer inappropriately. When in doubt, we contact the user and ask them to explain themselves, if they have an opt in list they can always prove that their mail was not unsolicited.

Formmail, on the other hand, can be a bitch. If it's not perfectly configured, it can be _so_ easily exploited by spammers. But just the same, it sounds like your ISP jumped the gun.

As a side note, a good friend of mine came up with a wonderful way of preventing spam. He got a domain and whenever he signs up for anything on the web he uses the site name as his e-mail address, (here would be something like mefi@domainname.com). He then uses procmail to block any spam he doesn't want. The benefit of setting up the domain is that whenever he gets a new piece of spam, he can see which site it was that sold his address to a spammer and block the entire address. He can then also contact the site and complain about their horrible business practices.

i've used this system religiously since i heard about it, and i can say from first hand experience, it's very fulfilling to be able to go after a site who has done you wrong.
posted by quin at 6:45 PM on August 26, 2002


I have been using MailWasher for about six months and it makes a difference. My spam has gone down about 30%. Plus the feeling of vengence against those morons feels nice too. Then again, there is nothing worse then seeing your own e-mail address being used to send out spam and then getting the bounced messages back from guys like yourself who use MailWasher (doh)
posted by Coop at 8:06 PM on August 26, 2002


quin: If your mailserver is running qmail you can accomplish the same thing without having your own domain name. qmail allows you to add text after your user name by using a dash followed by the text. For example, if example.com was using qmail and you were joe@example.com, other valid addresses for you are joe-mefi@example.com or joe-anything@example.com. qmail automatically sends mail to any of these addresses to 'joe' and he can filter accordinly. It's nice if you don't have your own domain to use.
posted by stoic at 8:07 PM on August 26, 2002


Then again, there is nothing worse then seeing your own e-mail address being used to send out spam and then getting the bounced messages back from guys like yourself who use MailWasher (doh)

this is why i don't use the "bounce back" feature of mailwasher... too many spammers use innocent people's addie in the return field and i don't want to run the risk of causing nice people like us even more spam related frustration.
posted by t r a c y at 8:53 PM on August 26, 2002


I don't know what you people do to attract so much spam

My work e-mail address is listed on our Web sites (English, Japanese and Korean) and on various other sites that promote our business. It is interesting that I get lots of spam in English, almost none in Japanese and massive amounts in Korean. In total, I get around 40-50 spam messages per day out of a total of around 60-70 messages per day.

I don't know about others, but that's what I do to attract so much spam.
posted by dg at 9:34 PM on August 26, 2002


If you're willing to spend $35 a year to almost never get spam again, here's the simple two-pronged solution:

Go to Yahoo Domains or any other domain registry joint which will give you a POP mailbox and unlimited e-mail forwards. Yahoo costs me $35. I then use this fresh POP mailbox (registered to a domain name which is likely to be waythehell under the radar of spammers who carpet-bomb every conceivable yahoo.com and hotmail.com address) as my primary address, which I do not give to anyone I don't know. For registering with websites which I know I will need a valid e-mail address, I use something akin to quin's friend's strategy: every site gets their own address, all of which initially forward to my own personal account, but once they start spamming me, the spigot gets shut off quickly. The one time this has actually happened was when I foolishly started a petition at PetitionOnline.com (which just as an aside is one of the blatant frauds on the Internet) and started receiving mail describing fabulous Nigerian investment strategies at po@sexualchocolate.org. After about a week of this, I made a minor change to my account, and now po@sexualchocolate.org forwards mail to abuse@petitiononline.com, which nicely cuts out the middleman.

As for websites that ask for an e-mail address even if they'll never use the information again, I use a fabulous resource called SpamHole, which gives you an e-mail address which is valid for anywhere from 1 to 48 hours, but no more--perfect for sites which ask you to "register" but have no legit reason for wanting your e-mail address.

Over the last year, I can count the number of spam e-mails I've received on two hands.
posted by sexualchocolate at 11:28 PM on August 26, 2002


You guys got it all wrong. Why target the spam when you can target the spammer. (Warning: self-link)
posted by timyang at 12:22 AM on August 27, 2002


It's interesting to come across this thread after a weekend spent wading through a couple of thousand bounced messages from just such an attack.

Some clown has sent out some viagra related spam faking an address at my domain, and because of the way the system is set up, there is no catch-all email address, and the mail is getting forwarded to the contact address I use for the ISP - so a real address that I use is filling up with these damned bounces.

It's the first time I've been on the wrong end of this, and I'm just hoping that I don't wind up with my account trashed as a result.

So far I'm just deleting with crossed fingers - I don't really know what else to do.
posted by pixeldiva at 4:55 AM on August 27, 2002


If you're using POP mail and a client such as Outlook you might want to check out Matador from Mailfrontier. They have just raised 5 million to address the problem. Client beta download is free.
posted by grahamwell at 6:50 AM on August 27, 2002


Why are all these programmers (Matador, Spamnet) focussing on Outlook and not Outlook Express? Is it that it's a more robust program, or is it because the people who use Outlook paid money for it, and they're more apt to pay for an anti-spam service?
posted by crunchland at 6:54 AM on August 27, 2002


It's that Outlook is an enterprise product, and businesses are far easier to sell on the concept of an anti-spam product (especially if it also has anti-virus features, which is easy to add) than millions of individual consumers. That said, it seems odd that it's not a server-side product in that case.

Here's another interesting spam-fighting idea: A Plan for Spam.
posted by kindall at 7:27 AM on August 27, 2002


Anyone have any experience with Cloudmark? They seem to have the right idea: a P2P database of spammers, updated constantly by the combined effort of about 50 k users (and counting): the more users, the more powerful the tool gets.

Outlook Express functionality should be available soon, according to their website.

Any downsides to this that the non-techies among us don't see?
posted by NekulturnY at 10:06 AM on August 27, 2002


BTW kindall: fascinating article there about the statistical approach.
posted by NekulturnY at 10:59 AM on August 27, 2002


I just want to say that this is a lovely idea until you're on the return end of one of these spamtraps. For instance, this page includes a bunch of addresses set up so that they'll all get spam. Unfortunately, I own one of the domains that is mentioned on the page, so I get all the spam.

Don't do this, unless you know for sure that the email addresses you're using will never, ever be used for legitimate email.

And btw, I love Spamfire, from Matterform Media.
posted by Dori at 3:46 PM on August 27, 2002


more anti-spamcop commentary.
posted by crunchland at 9:26 PM on September 1, 2002


« Older The son of a rock god interviews a rock genius......  |  "In the war on terrorism, alli... Newer »


This thread has been archived and is closed to new comments