But one area where I could especially use more ideas is the kind of
simple munging often done on Usenet. For example:
myn...@domain.REMoVETHiSzz
myX...@domaiX.zz (replace X's with N's)
myname@domain.X, where X=zz
zz.niamod@emanym (reverse letters)
Can anyone think of any other clever examples of this?
Thanks in advance for any help.
Greg
It's a courtesy when setting followups to mention it at the top of the
message. My newsreader alerts me when my followup is being directed out
of the group I'm reading, but that isn't true of all newsreaders.
Greg Boettcher <WRITET...@gregboettcher.com> wrote:
> I am preparing a research project in which I will be posting a bunch
> of email addresses to the Internet to see how much spam they draw. The
> addresses will be disguised in various ways, and the project should
> help provide data on the effectiveness of those address-disguising
> methods. The methods will be as diverse as using JavaScript to
> scramble addresses, using CSS positioning to scramble addresses, etc.
>
> But one area where I could especially use more ideas is the kind of
> simple munging often done on Usenet. For example:
>
> myn...@domain.REMoVETHiSzz
> myX...@domaiX.zz (replace X's with N's)
> myname@domain.X, where X=zz
When posting a munged address, you should ALWAYS end the munged address
with ".invalid," which is a TLD (Top Level Domain name) that has been
reserved and will never be assigned to anyone. One reason for this is
so that if you've accidentally used a munge that creates an address that
is valid (but for someone else) no mail (spam or otherwise) will be sent
to that address. Also, many mail clients and newsreaders will then
recognize the address as invalid and refuse to try to send a response to
those addresses--and if they do try, the mail server will refuse to
accept the message.
That would make the addresses above into:
myn...@domain.REMoVETHiSzz.invalid
myX...@domaiX.zz.invalid (replace X's with N's)
myn...@domain.X.invalid, where X=zz
> zz.niamod@emanym (reverse letters)
No decent Usenet client would accept this because it does not have the
format of an email address as required by RFC's. I suspect that even if
you use a sufficiently broken newsreader that it would accept the
malformed "address," the news server probably would not. You could
however make it into something acceptable to software by adding the
".invalid" at the end.
zz.n...@emanym.invalid (reverse letters and take out the invalid)
> Can anyone think of any other clever examples of this?
Sorry, no. In fact, I usually can't figure out how to unmunge the
addresses people post with. "Take out the obvious to send me email"
doesn't work for me, because I usually can't figure out what the obvious
is. One that I've seen that wasn't too bad, except that it was missing
the ".invalid," was "myn...@domain.TRASH.com" and instructions to take
out the trash.
--
Kathy
In addition to the above, I add:
1) The ".invalid" TLD should not be used in the optional "Reply-To"
header, especially when the "From" header already specifies it. "Reply-To"
is meant only for valid mailboxes. "Reply-To" should only appear when
differing from "From", and when "From" is already invalid, an invalid
"Reply-To" breaks this tennant, even if it textually specifies a different,
invalid mailbox.
2) Some users on Usenet have resorted to using other reserved domains and
name elements (e.g. "example", "test", "localhost", etc) for their invalid
addresses. This is also a misuse of these things. Note: The combination
"example.invalid" is considered reserved due to "example" being reserved as
a 2LD. RFC 2606 only reserves "example" as a 2LD for three TLDs, but it is
reserved via ICANN contracts for the other gTLDs.
There are news servers that automatically filter OUT articles containing
RFC-2606 abuses and other stupidity (like syntax errors - e.g. two "@"s in
the same mailbox specification), so watch out for any over-aggressiveness
in your design. Generally, these filters specifically permit ".invalid" to
appear in the "From:" and "Sender:" headers
"Trash.com" - a POOR choice. It is registered and resolves:
trash.com. 1800 IN SOA dns1.name-services.com. info.name-services.com.
2002050701 10001 1801 604801 181
Domain Name: TRASH.COM
Registrar: TUCOWS INC.
...
Updated Date: 20-dec-2009
Creation Date: 20-jul-1995
Expiration Date: 19-jul-2018
Therefore, using it violates the tennant of creating a bogus mailbox that
resolves to someone else's domain.
But it's not a valid domain name because the name of the company is
First Place Internet, not Trash. They should register something like
firstplace.com instead.
> 1) The ".invalid" TLD should not be used in the optional "Reply-To"
> header, especially when the "From" header already specifies it. "Reply-To"
> is meant only for valid mailboxes.
Thank you for mentioning this, which I forgot in my post.
> "Reply-To" should only appear when
> differing from "From", and when "From" is already invalid, an invalid
> "Reply-To" breaks this tennant, even if it textually specifies a different,
> invalid mailbox.
Not to mention being really annoying!
--
Kathy
Sorry, I had failed to do my homework and observe that
news.newusers.questions was a moderated group. I would not have
crossposted to it otherwise, and in addition, I take your point too.
> When posting a munged address, you should ALWAYS end the munged address
> with ".invalid," which is a TLD (Top Level Domain name) that has been
> reserved and will never be assigned to anyone. One reason for this is
> so that if you've accidentally used a munge that creates an address that
> is valid (but for someone else) no mail (spam or otherwise) will be sent
> to that address. Also, many mail clients and newsreaders will then
> recognize the address as invalid and refuse to try to send a response to
> those addresses--and if they do try, the mail server will refuse to
> accept the message.
I've seen people recommend .invalid before, but I didn't realize that
it had actually been reserved and will never be used. Thanks for the
information.
> No decent Usenet client would accept this because it does not have the
> format of an email address as required by RFC's. I suspect that even if
> you use a sufficiently broken newsreader that it would accept the
> malformed "address," the news server probably would not. You could
> however make it into something acceptable to software by adding the
> ".invalid" at the end.
Thanks for the correction, as I had said "the type of munging done on
Usenet" -- not quite what I meant, as the addresses I munge will be
posted to the web, not Usenet. I hadn't thought nearly as much about
how to maintain security on Usenet, so those are good things for me to
think about.
First Place Internet registered trash.com so it is a valid domain
name.
I own a company with many registered domain names but the company
itself does not need a registered domain name. It has a registered
company name.
Steve
--
Neural Planner Software Ltd www.NPSL1.com
Neural network applications, help and support.
> > No decent Usenet client would accept this because it does not have the
> > format of an email address as required by RFC's. I suspect that even if
> > you use a sufficiently broken newsreader that it would accept the
> > malformed "address," the news server probably would not. You could
> > however make it into something acceptable to software by adding the
> > ".invalid" at the end.
>
> Thanks for the correction, as I had said "the type of munging done on
> Usenet" -- not quite what I meant, as the addresses I munge will be
> posted to the web, not Usenet. I hadn't thought nearly as much about
> how to maintain security on Usenet, so those are good things for me to
> think about.
Ah! Then the type of munge that I prefer is called obfuscation. When
displayed on the web page, it is a clickable mailto link that works, but
spam harvesters' web crawlers don't recognize it as a mail address.
There are a number of web sites that will obfuscate addresses for you;
do a web search for "mail obfuscator" or see for instance
<http://www.albionresearch.com/misc/obfuscator.php>
--
Kathy
> I am preparing a research project in which I will be posting a bunch
> of email addresses to the Internet to see how much spam they draw.
I trust that all related mailboxes will belong to you, and that you
won't forge any domains that exist now or may exist in future.
> The
> addresses will be disguised in various ways, and the project should
> help provide data on the effectiveness of those address-disguising
> methods. The methods will be as diverse as using JavaScript to
> scramble addresses, using CSS positioning to scramble addresses, etc.
>
> But one area where I could especially use more ideas is the kind of
> simple munging often done on Usenet. For example:
>
> myn...@domain.REMoVETHiSzz
> myX...@domaiX.zz (replace X's with N's)
> myname@domain.X, where X=zz
> zz.niamod@emanym (reverse letters)
All these examples are, strictly speaking, forgeries of potentially
valid domains. Please stop doing that.
> Can anyone think of any other clever examples of this?
"Munging" is arguably abusive, whether it's "clever" or not.
The problem with the techniques you want to research is that they're
unacceptable techniques.
--
PJR :-)
slrn newsreader v0.9.9p1: http://slrn.sourceforge.net/
extra slrn documentation: http://slrn-doc.sourceforge.net/
newsgroup name validator: http://pjr.lasnobberia.net/usenet/validator