Online Advertising

Address munging

From Wikipedia the free encyclopedia, by MultiMedia

Back | Home | Up

Address munging is the practise of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organisations who send unsolicited bulk e-mail.

Intent

When an undisguised e-mail address (e.g. "no-one@example.com") is posted in public it is easily recognised and collected by computer software. A collected address will then become a target for unsolicited bulk e-mail. Address munging can be used to prevent the use of software recognition for large-scale harvesting of addresses, while giving enough clues for a human reader to easily reconstruct the correct address and contact the author.

Any e-mail address posted in public is subject to scanning and collection, including those posted on webpages or onto Usenet. Private e-mail sent between individuals is unlikely to be scanned and address munging is unnecessary in this case. However, e-mail sent to a mailing list, which is then archived and made available via the web or passed onto a Usenet news server and made public, may eventually be scanned.

Examples

A common method of disguising an address is to replace the "@" symbol with the word "at", and any "." with "(dot)" giving a result that does not look like an e-mail address at all:

no-one at example (dot) com

There are many other methods for disguising the address:

Disguised address	How to recover the original address
no-one at example dot org	Replace "at" with "@", and "dot" with "."
no-one@elpmaxe.co.uk.invalid	Reverse domain name example remove .invalid
ten.elpmaxe@eno-on	Reverse the entire address
no-one@exampleREMOVEME.com.invalid	Instructions in the address itself; remove .invalid
no-one@exampleARCHIMEDES.com.invalid	Remove the mathematician; remove .invalid
no-one@example.com.invalid; s/example/no-where/	Substitute no-where for example; remove .invalid;

Some of these methods still result in a recognisable e-mail address, but an incorrect one. This is less satisfactory as anything resembling an e-mail address will be collected and used for spam. The following points are important when using address munging:

Ensure the disguised version is not someone else's e-mail address. This can be done by appending the reserved top level domain .invalid to the end.
If you are disguising an address by adding text to it, then add it to the right-hand side of the "@" not the left. This prevents your internet service provider's mail server from having to handle undeliverable mail.

Disadvantages

Disguising addresses makes it more difficult for people to send e-mail to each other and is, at best, a workaround for the problem of spam. When posting to usenet it should also be noted that disguising an e-mail address is, in the strictest terms, a violation of RFC 1036. This RFC describes the format of usenet messages and requires a valid e-mail address in the From: field of the post. In practise, few people follow this so strictly.

Some people (especially Internet and Usenet oldtimers who were around prior to the commercialization of the Internet) oppose on principle any attempt to intentionally obscure information, seeing it as an affront to the traditions of openness and straightforwardness of the network. Also, some of the address obfuscation techniques may impair the accessibility of the address to some users, as when images or scripting languages are required. Some munging techniques may produce results that some people find unaesthetic or annoying.

"Transparent" techniques as an alternative to address munging

As an alternative to address munging, several "transparent" techniques allow people to post a valid e-mail address that really will reach them (and not accidentally get sent to anyone else), but make it difficult for spam to get through. These techniques include

Use "transparent name mangling" by replacing characters in the address by equivalent HTML references from the list of XML and HTML character entity references. (When a real person copies-and-pastes that e-mail address, or clicks on the "mailto:", it works fine).
Including a plus sign (+) after the username along with a tag (joeuser+wikipedia@example.com). All mail would be sent to joeuser's email address, but the tag (wikipedia) can be used to filter email. This technique requires that plussed addressing is supported by the sender (or sender's ISP).
Posting an e-mail address as an image (copy-and-paste doesn't work).
disposable e-mail addresses
Hashcash or some other e-mail hurdle [1]
Building the link by client-side scripting, e.g. <SCRIPT LANGUAGE=JavaScript>document.write("<A HREF="mai"+"lto:some"+"body@ex"+"ample.com")</SCRIPT>. Spambots apparently do not execute scripts.

Even the very simplest "transparent name mangling" of e-mail addresses seemed to work as of 2003, according to the "Why Am I Getting All This Spam? Unsolicited Commercial E-mail Research Six Month Report" March 2003. The same report indicated that even simple address munging was absolutely effective. However, spammers' capabilities to overcome such obfuscation may have greatly improved since the study was conducted.

External links

Address Munging Frequently Asked Questions
Article discussing why address munging is wrong
RFC 1036 — covers the format of Usenet posts
http://hiddenmail.org/ Service to "encrypt" an e-mail-address into an image and hidden forwarder, which can be "decrypted" by solving an optional image or audio Captcha
http://address-protector.com/ Service to "encrypt" an e-mail-address, which can be "decrypted" by solving an image or audio Captcha

Home | Up | Botnet | Spambot | Address munging

Online Advertising, made by MultiMedia | Free content and software

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

Web Traffic Propulsion is a trademark of Relationships Unlimited, LLC.
All other trademarks are the property of their respective owners.
* Testimonials are from a site with the same technology.