The new promise I made to myself - Psychology, Philosophy, and Licenses

Users browsing this thread: 1 Guest(s)
venam
Administrators
Hello,
This thread is about me whining about spams I receive.

I recently started to receive some spams on my custom emails so I got mad and added them to the junk folder.
Then d9u/zygotb reminded that I shouldn't post my email directly in clear text on the internet. He proposed that I should obfuscate the email in a way similar to this:
patrick [at] unixhub [dot] net
Or any other way that is still understandable by the reader.
This is a good way to diminish the spams but it wasn't the end of the road for me.

I took the decision of replying to all of my spams.
I reply in a way that makes the *stupid* guy who sent it, and that is waiting for the one single person that will reply to his """Sir, I'm offering you one bazillion $""", feel awfully bad and down.
Most of the spams originate from Pakistan/India as of today:
http://nakedsecurity.sophos.com/2012/04/...cas-crown/

So, this is it, enjoy your spams.
Post here what you think of this new way of fighting the spams.
*Philosophically*, will it make any impact, On me, On the spammer?

EDIT: This really diminished the spams I receive.
bottomy
Registered
I don't really bother with trying to prevent spammers from getting my email as I just see it as a losing battle. Like besides having the actual email address posted somewhere online they can also get it if you have it mentioned in your cookies (would be pretty dumb for a site to do that but anyway), gain access to the email lists of a site you're registered to (or assume that the site doesn't share or sell their emails), hacking someone that knows your email, etc.

I also doubt that the [at][dot] would be good enough. You'll sometimes see people going as far as you represent their emails as code (i.e. you'll need to run it to get it).

Personally I think you're better off trying to filter the spam rather than worrying about the other stuff.
venam
Administrators
I will still filter my spams but I find rather satisfying replying to them.
I'm waiting for one of them to reply back to me.
Maybe it's because I don't do social networking that I find this enjoyable.
It's better than reading *trolls* at least.
venam
Administrators
(15-03-2013, 05:23 PM)NeoTerra Wrote:
(15-03-2013, 05:17 PM)venam Wrote: Maybe it's because I don't do social networking that I find this enjoyable.

Yeah that would make a lot of sense xD
And here is the philosophical quote!
venam
Administrators
z3bra
Grey Hair Nixers
That was reaaally fun!
venam
Administrators
Bumping with this (I just woke up to it):
https://www.google.com/recaptcha/admin#mailhide
robotchaos
Long time nixers
I also hate fighting spam. I used to have my main account and having several descriptive aliases. So all my video game accounts used games [at] domain [dot] com, shop [at] domain [dot] com, media [at] domain [dot] com, etc. What I found interesting through this system was I could tell when my email accounts were leaked. I used to use social [at] domain [dot] com for my social media accounts, and since this was an alias and I obviously wouldn't be likely to give it out as a means to contact me, I could tell when I started getting email from random places that weren't newsletters. I am talking full spam; buy this watch, have a bride or two, the usual.

And it's because of that reason that I have moved on to my new aliasing system. I now use the year in hexadecimal format x7e1 [at] domain [dot] com( for obfuscation, so vendors don't know its an alias using just the year ). Now, all of the accounts I actually care about, I will switch their email addresses at the start of the new year. And anyone who gets hold of that address, fine. It'll go away in time anyway. It's been working out so far.

Sorry for the rant.
stanislavjo
Members
(05-04-2017, 01:29 PM)robotchaos Wrote: I now use the year in hexadecimal format x7e1 [at] domain [dot] com( for obfuscation, so vendors don't know its an alias using just the year ). Now, all of the accounts I actually care about, I will switch their email addresses at the start of the new year.
Mind = blown
venam
Administrators
(05-04-2017, 01:29 PM)robotchaos Wrote: And it's because of that reason that I have moved on to my new aliasing system. I now use the year in hexadecimal format x7e1 [at] domain [dot] com( for obfuscation, so vendors don't know its an alias using just the year ). Now, all of the accounts I actually care about, I will switch their email addresses at the start of the new year. And anyone who gets hold of that address, fine. It'll go away in time anyway. It's been working out so far.
I love it! Is the idea yours?

I'll start implementing it right away.
A huge thanks for the tips.
robotchaos
Long time nixers
Yeah, I came up with it to help weed out spam and unnecessary accounts. Stale accounts seem to be just as dangerous ( in terms of spam ) as posting your address on the web. So I wanted an alias scheme that I could use to help battle both.

Glad you guys like it. It has helped me a lot. So I wanted to share.
robotchaos
Long time nixers
Thought of a modification as well. Combining both. I used to use the different aliases for different types of accounts: games for game accounts, media for media accounts, apps for buying/downloading apps, etc. This way I never had to remember an address, I could tell by the site/service I was attempting to use. For instance, if I forgot my netflix login, I could ask myself, which email would I have used for this? Duh -- media.

So in order to combine the yearly and keep the addresses separate, you substitute the x in the year alias, x7e1, for the initial or word for the account. g7e1 or games7e1 ( i prefer less typing ), m7e1 or media7e1, a7e1 or apps7e1.

I think I may very implement the initialed account-based alias idea instead of the generic x7e1.

Thoughts?
z3bra
Grey Hair Nixers
I'm bumping this thread because this is the exact question I'm asking myself right now.
I just finished setting up my new email server because my provider dropped. It means I can have as many aliases I want, for whatever I want. I know that in order to fight spam, I'll use multiple email accounts, so when an address is leaked, I can simply know who leaked it, blacklist it, and switch the email from the original service

I'm stil undecided though, between the following ideas:

* One email for online account, one for mails: login@ / z3bra@
* One email per service name: amazon@, nixers@, suckless@
* One email per service type: shop@, forum@, news@
* The above, with +addressing: login+nixers || z3bra+amazon@ || z3bra+news, ...

The plus addressing is nice in that I don't have to use a "catchall" address for my domains, or setup new aliases each time I need one, as they all end up automatically in the z3bra@ mailbox.

The main problem I have with all the above, is that I'm affraid to forget which email I used for a service, and having to somehow manage a list of aliases I use.

What do you guys think?
venam
Administrators
(12-01-2019, 06:02 AM)z3bra Wrote: The main problem I have with all the above, is that I'm affraid to forget which email I used for a service, and having to somehow manage a list of aliases I use.

The advantage of owning your own server is that if you ever need to recreate an alias you can simply do so without any issue. As for remembering the aliases you can search through your inbox filtering by "to".
gaak
Members
(12-01-2019, 06:02 AM)z3bra Wrote: * One email for online account, one for mails: login@ / z3bra@
* One email per service name: amazon@, nixers@, suckless@
* One email per service type: shop@, forum@, news@
* The above, with +addressing: login+nixers || z3bra+amazon@ || z3bra+news, ...

Anti-spam does not seem like a good place for zero-config -- the less individuated the anti-spam measures, the more monoculture the overall system.

Procmail + catchall has lots of flexibility to:
* allow time-delimited emails as per robotchaos
* create non-brute-force-able emails, e.g. a hash
* enforce notification windows (too many emails, too few)

The more non-standard our mail systems, the better off we all are in this war against spam.
z3bra
Grey Hair Nixers
I finally decided to go with <service>@domain.tld.
In the end, I think that trying to receive zero spam is a lost cause, that can only be achieved by not having an email address.
In this case, if an email leak, I can know who leaked and fill a report against that website.

If I start receiving spam I can blacklist the domain if it's a single one, or train spamassassin by putting it in junk.

I'll also subscribe to a bunch of blacklist amd setup a BGP peering to retrieve a dynamic blacklist and block them with pf directly.

Finally, I added a spamtrap/honeypot on my website so I get spammers to send mails to that address first and greylist them right away, which has the added benefit to waste their resources (thank you spamd!)

Thanks everyone for your advices :)
venam
Administrators
An update on this.
I've been doing the aliasing per year idea for the past 3 years so far.
I've noticed that I do not receive random spam emails anymore, however I receive spams from services I explicitly know I've subscribed to and I can't find a solution to that as even if I change the alias I want those services to contact me for other things.

So this more or less is all about promotional emails from shopping websites. Kind of annoying but you get over it.
Anybody has a similar story?
z3bra
Grey Hair Nixers
I started using aliasing last year too. To be fair, I lost myself on the way…
At first I was creating a new alias for each service (think facebook@, tinder@, youporn@, …). It worked great until I started forgetting the alias name (was is "tom-tom-sport", "tomtom-sport", "tomtomsport", …?). After that I started using categories (shop@, porn@, …), which effectively blurred the line even more.

Add to that all the "real life" emails that are not really tied to a service (insurance-car@ or electricity-bills@), and you get the cluster fuck that my email system now is:

Code:
$ grep -hrE "Delivered-To: .*@${domain}"  ~/.cache/mail | sort | uniq | wc -l
38

Hopefully, I can still get an exhaustive list of my aliases by doing, and try to clean things up.

Over a year, none of the services I subscribed to leaked my address as I never received a spam on any of these aliases (which thus makes me totally reconsider the use of aliases as a spam protection…).
This however has the advantage of making it easy to sort emails, based on the To: address.

Regarding the spam themselves, they keep happening. All the "legitimate" spam (as in, offers from services like netflix) tend to include an unsubscribe link that I use whenever I receive such spam. Sometimes, they stop sending me offers :)
For "illegitimate" spam (grow your dick, ransoms for videos of me masturbating, …), spamassassin does a pretty good job at catching them, and move them to my "junk" folder. The fact I set up a spamtrap also helps blacklisting crawlers.

The thing I have the most difficulties with are "legitimate" emails addressed to the previous owner of the domain. As I use a catchall to redirect ALL mails to my main one, I regularly receive reminders that all beer orders must be passed before end of month, or stuff like that, sent to something like fjkldqjfmsd@domain.tld.
I tried to report it to the company (for which the website is ALL icelandic btw…), and never got an answer. I also receive offers from a supermarket in iceland, and I could not find the "unsubscribe" link in there.

So overall, I'd say using multiple aliases is not a great measure against spam, but can be a good organisation method for you if you can commit to it efficiently. Be aware that it requires a lot of discipline though.