Crushed Spam

First and foremost, I want to say that I like SPAM. I don't want to talk bad about it, and I'm appalled that it's undeservedly gotten such a negative connotation. I'm not sure how it got such a bad rep. SPAMwiches, SPAMburgers, fried SPAM, et al. All great for camping trips. If the RIAA owned the trademark to SPAM, we'd all be sued.

Now, for the actual topic at hand, spam, without the caps. According to Bill Gates, it should have been eliminated by 2006. I honestly agree with this assertion, because it should have been. The problem was that no one would agree to turn the email world upside down. As is the norm in the tech world, baby steps.

In the current state of spam blocking, most users rely on their email provider to do the heavy lifting. This usually consists of a Bayesian spam filter that learns what spam is over time. There's the community aspect of some filters where if enough people flag it as such, the whole system will label it as spam and remove it. In their current state, these types of filters are actually working quite well for me, but as always, I like to take an active approach on my own.

Every day, people are becoming more paranoid about what information they divulge. It's always fun when I'm out shopping, and the sales clerk asks for a phone number or area code. I make the situation immediately awkward by simple asking "why?". All they need to know is if my money (or plastic) is green or not. Anything else is just fluff they want to use to track you. Lately, some companies have been wanting an email address. I don't think so. I'm always very careful to whom I give my email address, and I used to keep a junk account for the sole purpose of signing up for web services or order confirmations. The problem with that is that you still have to check that junk account. Seems it would be less of a bother just to give them your real account and just delete the spam you get. To solve the problem of my being lazy, yet wanting to defeat spam, I used brain instead of brawn.

The system I use will work for pretty much anyone who has control over their own mail domain. It will also sort of work for any normal gmail user. About a year ago I started using Google Apps for my domain. Let's call my domain example.com. I created the email address, naturally, joe@example.com to be my primary email address. I give this address to almost no one. I also created an address that will catch all emails sent to my domain, but don't have email addresses created for that specific user. I called this email address catch-all@example.com. Try not to be overwhelmed by my creativity. Any email that gets sent to obscure addresses that do not exist on my domain, such as hunnybunny@example.com, will be stored at catch-all@example.com. You can log in and see all of the weird garbage this address will get. On this account, I set up a filter that will match "joe" and "@example.com" in the "To:" field and told it to automatically forward that mail to joe@example.com. What good does this do? Now I can create any email address I want, on the fly, and still receive it in my normal inbox. For instance, if I'm going to sign up for a Flickr account, I would use the address joe.flickr@example.com. I could even name it wiefjammasdkjoeaiefal@example.com and it would still get there. If Flickr ever went crazy and started spamming me, or selling email addresses, I could easily send all email sent to this address directly to the trash bin.

I've been using this system for quite a while now, and so far I have found one problem. You can't send an email address to someone from the fake address. This is only a problem in two cases. When unsubscribing from a newsletter, etc., you can't simply "Reply with REMOVE in the subject line" to be removed from their list, as some services request that you do. The reason is because you would be replying with the joe@example.com address, not the address you created, and they wouldn't know the correct address to stop sending email to. Again, you can always send all mail for that address directly to the trash, and most reputable services give you a way to opt out simply by clicking on a link. The other case I've found is pretty much the same. Any time you send an email to someone, they have your actual email address. Others aren't nearly as careful with your email address as they are with their own. If there were only a way to send an email and make it look like it was "From: joe.flickr@example.com". Maybe there is indeed a way? Let me know in the comments if someone knows how.

As I stated earlier, gmail actually has the fairly well documented capability to do something similar. You can add a plus sign and any letters or numbers after your username to create a junk address. joe+flickr@gmail.com would get there just the same. The problem with this is that the plus sign is actually not a valid character for email, so some systems will reject the address you give them if it contains one. Even worse, it wouldn't be hard for spammers to just take off everything after the plus sign and spam you directly. That doesn't mean you can't try, though.

With the system I'm currently using, they are all valid characters and can't be distinguished from any other valid email address. Alphanumeric characters, a period, and an underscore are the only allowable characters. When only legal characters are used, it can't be distinguished from a legit email address. If I were to actually create the joe.flickr@example.com email address on my Google Apps domain account, this user could receive mail directly and it would no longer go to the catch all.

This will work on any system where you can create filters on a catch all type of address, and forward it to a user's inbox. Hopefully it will be helpful to someone. Keep in mind, though, the one and only way to crush spam once and for all is to stop buying the products they peddle! If spamming is no longer profitable for a company, they'll stop paying spammers to spam. If spammers are no longer getting paid, they'll stop spamming. Quit opening the email, and most importantly, quit giving them money. The product or service is a lie anyway. Trust me, it won't work. If it did, it wouldn't need marketing. Logic is an amazing concept. Use it.