The "Freeola Customer Forum" forum, which includes Retro Game Reviews, has been archived and is now read-only. You cannot post here or create a new thread or review on this forum.
If you used a unique email address for every site you registered with, then whenever you get spam from an unknown, you would know which website theoretically instigated it, and hence who to shout at.
Just a thought.
Neil
Just a thought.
Neil
Just to elaborate slightly, the way spammers verify your e-mail account is real is trying to use POP3 to verify you've read the e-mail (I know Thunderbird alerts you for definite before it sends a verification so it's not too much of a problem presuming other e-mail clients provide the same courtesy) and secondly they will include a small image with a unique identifier like:
<img src="http://spammer-server -example.com/tracker.gif?unique_id=01213851" />
Which would then be monitored from their web server. They can track the unique ID against the e-mail address it was sent to, to verify which e-mails have been read and thus which e-mail addresses are in current use.
Some e-mail clients, if not most, try and prevent this from working by not loading images by default. Once you give them an idea that your e-mail address is in use, you may see an increase in spam.
Research has been done (looking for a link now) however which shows how spam decreases over time if an e-mail address is not used or looks like it's not used. This tends to indicate spammers dedicate most of their time to the most likely targets rather than any target.
So TBH, by not having a really short e-mail address like [email protected] or generic e-mail alias like [email protected], and not advertising it online you should be able to keep your spam down.
Obviously as you first pointed out, if some unscrupulous company sells your details after you register with them, you wouldn't have a way of tracking this without unique e-mail addresses. But that is a lot of hassle.
You could always just use a throw away address, like a spare Freeola500 address to use for untrusted sites, and then only use your main address for the most important, trusted content.
<img src="http://spammer-server -example.com/tracker.gif?unique_id=01213851" />
Which would then be monitored from their web server. They can track the unique ID against the e-mail address it was sent to, to verify which e-mails have been read and thus which e-mail addresses are in current use.
Some e-mail clients, if not most, try and prevent this from working by not loading images by default. Once you give them an idea that your e-mail address is in use, you may see an increase in spam.
Research has been done (looking for a link now) however which shows how spam decreases over time if an e-mail address is not used or looks like it's not used. This tends to indicate spammers dedicate most of their time to the most likely targets rather than any target.
So TBH, by not having a really short e-mail address like [email protected] or generic e-mail alias like [email protected], and not advertising it online you should be able to keep your spam down.
Obviously as you first pointed out, if some unscrupulous company sells your details after you register with them, you wouldn't have a way of tracking this without unique e-mail addresses. But that is a lot of hassle.
You could always just use a throw away address, like a spare Freeola500 address to use for untrusted sites, and then only use your main address for the most important, trusted content.
Brute force is where the attacker just runs though all possible characters, for example A though Z, then AA, AB, AC, AD etc. rather then a dictionary attack running off of common usernames.
When you start getting into 18 characters, the attacker would have to have to send billions upon billions of emails to even have a chance of getting your email address correct, even then they have no way of verifying it if you're careful.
When you start getting into 18 characters, the attacker would have to have to send billions upon billions of emails to even have a chance of getting your email address correct, even then they have no way of verifying it if you're careful.
I've heard of dictionary attacks. Elaborate on brute force attacks - thats a new one on me.
EDIT: BTW I use Mailwasher Pro as anti-spam. I mark the mail whilst on the server but leave it there for manual processing just in case a genuine one slips through the net.
N.
EDIT: BTW I use Mailwasher Pro as anti-spam. I mark the mail whilst on the server but leave it there for manual processing just in case a genuine one slips through the net.
N.
It might work the way you suggested if you were to randomly generate an 18 character long string for the first part of your email address. For example.
Ebay
[email protected]
Google
[email protected]
This should prevent any dictionary or brute force attacks although it would probably be easier just to use anti-spam software or just have two email addresses, one for use with emailing people that you trust and one for signing up for accounts on the Internet such as Ebay.
Ebay
[email protected]
[email protected]
This should prevent any dictionary or brute force attacks although it would probably be easier just to use anti-spam software or just have two email addresses, one for use with emailing people that you trust and one for signing up for accounts on the Internet such as Ebay.
I would like to open this up as a general discussion topic.
It would be interesting to see peoples different ways of minimizing spam to their inboxes. Which methods appear to work, and which methods achieve nothing special, etc.
N.
It would be interesting to see peoples different ways of minimizing spam to their inboxes. Which methods appear to work, and which methods achieve nothing special, etc.
N.
Lots of spam is generated as part of a dictionary attack or just brute force, so this wouldn't help in these circumstances.
[s]Hmmm...[/s]
If you used a unique email address for every site you registered with, then whenever you get spam from an unknown, you would know which website theoretically instigated it, and hence who to shout at.
Just a thought.
Neil
Just a thought.
Neil