Disposable email address

Disposable email addressing (DEA) refers to an alternative way of sharing and managing email addressing. DEA aims to set up a new, unique email address for every contact or entity, making a point-to-point connection between the sender and the recipient. Subsequently, if anyone compromises the address or utilises it in connection with any email abuse, the address-owner can easily cancel (or "dispose" of) it without affecting any other contact. Following the cancellation or replacement of a disposable email address, the (ex-)owner need notify no more than one person/contact of the change.

Uses

Disposable email addressing, in essence, sets up a different, unique DEA for every sender/recipient combination. It operates most usefully in situations where someone may sell or release an email address to spam lists or to other unscrupulous entities. The most common situations of this type involve online registrations for things such as discussion groups, bulletin boards, chat rooms, online shopping, and file hosting services. In a time when email spam has become an everyday nuisance, and when identity theft threatens, DEAs can serve as a convenient tool for keeping network users safe and sane.^[1]

Most likely, but not always, cancellation of a disposable email address takes place because someone starts to use the address in an illegitimate manner. This may occur through the accidental release of an email to a spam list, or because the original recipient unscrupulously and deliberately obtained it deceptively. Alternatively, the user may simply decide not to receive further correspondence from that company. Whatever the cause, DEA allows the address owner to take unilateral action by simply cancelling the address in question. Later, the owner can determine whether to update the recipient or not.

For the sake of convenience, disposable email addresses typically forward to one or more real email mailboxes where the owner receives and reads messages. The contact with whom a DEA is shared never needs to know the real email address of the user. If a database manages the DEA, it can also quickly identify the expected sender of each message by retrieving the associated contact name of each unique DEA. Used properly, DEA can also help identify which recipients handle email addresses in a careless or illegitimate manner. Moreover, it can serve as an effective tool for spotting counterfeit messages, or phishers.

Advantages over traditional email

Ideally, owners share a DEA once with each contact/entity. Thus, if the DEA should ever change, only one entity needs to be updated. By comparison, the traditional practice of giving the same email address to multiple recipients means that if that address subsequently changes, many legitimate recipients will need to receive notification of the change and to update their records – a potentially tedious process.

Additionally, because access has been narrowed down to one contact, that entity then becomes the most likely point of compromise for any spam that account receives (see "filtering" below for exceptions). This allows users to determine firsthand the trustworthiness of the people they share their DEAs with. "Safe" DEAs that have not been abused can be forwarded to a real email account, while messages sent to "compromised" DEAs can be routed to a special folder, sent to the trash, held for spam filtering, or returned undeliverable if the DEA is deleted outright.

Further, because DEAs serve as a layer of indirection between the sender and recipient, if the DEA user's actual email address changes, for instance moving from a university address to a local ISP, then the user need only update the DEA service provider of the change, and all outstanding DEAs will continue to function without updating.

Security and filtering

It is possible for spammers to "guess" commonly used DEAs by trying addresses in the form of <[email protected] erviceProvider.com> or other widely used formats. This is especially likely if a user's subdomain (The "RandomName" part) has already been posted publicly somewhere. To combat this, users can make their email addresses more obscure through using random names, checksums, a mutated form of a name, or some combination of the above. A harder-to-guess example might be <[email protected] EAServiceProvider.com> or <RandomTextCompanyNameRandomText@YourDomain.DEAServiceProvider.com> ;. There is an obvious tradeoff in that the more obscure an address is, the harder it will be for users to remember and quickly type it. Mentally computed checksums may help with this.^{[citation needed]}

"Poor man's DEA"

The sub-addressing technique allows users to create DEAs using an existing email address without the need for a DEA service provider. (This does not rule out using this technique with a DEA service provider, so long as plus addressing is supported.) All that is required is for the email server to support plus addressing. A checkstring, which is optional, allows the mail transfer agent (MTA) to block attempts by spammers to bypass the DEA filtering. As an example, a static string or checksum that can be computed in one's head (or by a MTA with sieve or procmail) can be used as a checkstring that can be added to a DEA to evade spammers. As an example, <User+CompanyName.CheckString@Emai lServiceProvider.com> can function as a hard-to-compromise "poor man's DEA". It is possible for a human (or a program) to extract the real email address just by removing everything after the plus; however it is considered unlikely that a program would bother going to this effort, since the vast majority of email addresses do not use this technique.^[2]

An example of a webmail service that supports this style of addressing is gmail. The following email addresses will all be delivered to [email protected]: [email protected], [email protected] and [email protected].

Multiple email aliases

Another approach is to register one main and many auxiliary email addresses which will forward all mail to the main address i.e. being used as aliases to the main address. The advantage of this approach is that the user can easily detect which auxiliary email is 'leaking' with spam and block or dispose it. It requires additional time to set up forwarding. However, this method allows storage and access of all emails from a single main account, although to manage forwarding the user has to remember the password for each alias.^{[citation needed]}

A variation on this is to use a catch-all address then forward to the real mailbox using wildcards. A lot of mail servers allow the use of '*' meaning 'any number of characters'. This makes the whitelist automatic and only requires the administrator to update the blacklist occasionally. In effect the user has one address but it contains wild cards e.g.; 'me.*@my.domain' which will match any incoming address that starts with 'me.' and ends with '@my.domain'. This is very similar to the '+' notation but may be even less obvious since the address appears completely normal.

Concerns

Restrictions by site administrators

Many^{[citation needed]} forum and wiki administrators dislike DEAs because they obfuscate the identity of the members and make maintaining member control difficult. As an example, trolls, vandals and other users that may have been banned may use throwaway email addresses to get around attempts to ban them.^[3] Using a DEA provider only makes this easier; the same convenience with which a person may create a DEA to filter spam also applies to trolls. For this reason, most^{[citation needed]} forum programs have functionality to make it easier to ban DEAs.^[4] As a result, forum, wiki administrators, blog owners, and indeed any public site requiring user names may have a compelling reason to ban DEAs. Site operators that expect to generate revenue from the sales of gathered user email addresses may choose to ban DEAs as well due to the low market value of such addresses, in which case use of DEAs would serve its purpose, and the user would be well justified in using it.

Banning DEAs might not be as effective at deterring undesirable users as the administrators might hope – SPAMmers, vandals and trolls who routinely engage in such activities can easily generate brand new email addresses, even legitimate-looking ones, using throwaway domains or creating new accounts with free email services. This would be more of a problem for legitimate DEA users, for whom the concept of a "real" or "permanent" address may well not exist, and demands for one are strange, suspicious and inconvenient, and creating a differently structured alias or account may be varying degrees of hassle.

More effective techniques for controlling undesirables without inconveniences to legitimate DEA users might include: recognizing legitimate DEAs for what they are (they usually have a proper domain and a fixed prefix or suffix), distinguishing them from short-lived, random throwaway address patterns or domains used by undesirables, wildcard banning (e.g. if a real person Jonh Smith, using DEA, needs to be banned, he can be banned as john.smith*@(domain) or even *@(domain), based on their DEA pattern).

As with any kind of threat and defence measures, no attempts to use or thwart DEAs are fool-proof – any filtering method is bound to result in some false positives (legitimate users getting banned), and some false negatives (undesirables getting through, and legitimate users managing to come up with a DEA pattern getting around limitations imposed by site administrators). This is because the email address may be partly or fully defined by the user, made to appear as "permanent"-looking as needed, or made to avoid a particular pattern, defeating any filtering because for all intents and purposes it is not different from a permanent one, despite being limited to one purpose.

As a counterbalance to the risks of asking a user to give a "permanent" email address in a publicly accessible site, administrators have the option to prevent, or give the option for hiding, the publication of users' email addresses. An "e-mail this user" script can be used to allow communication with the user without the sender knowing their e-mail address.^[5] This provides some minimal protection of users from spam and allows them to use real email addresses, which may make a ban on DEAs easier for users to accept. The problem is when the website itself is hacked, and the real addresses and other personal information is stolen, or when the website changes owners and email policies changed without notice to the user, or if the website intended to spam the user from the beginning.

Caught in the crossfire between Internet undesirables and administrative and user attempts to deal with them, DEA providers have trouble presenting a total solution. A user may find it necessary to come up with a conventional-looking e-mail address (or create a separate mailbox in the worst case) to a public/commercial entity if required. There is always uncertainty about the trustworthiness and reputation of the site administrators, the availability of options to hide e-mail addresses, the existence/enforcement of an acceptable privacy policy and the chance that the site may one day be compromised or transferred to new owners. Even the largest and otherwise reputable companies have been compromised or resorted to sending SPAM or giving away emails to third parties. Human correspondent's computer or mailbox may get compromised by malware and have their address book stolen and sold to spammers.

DEA provider's continued operation

As with any email or other service, continued operation of the service provider is a concern, which is especially true in case of relatively novel types of service. If the service provider shuts down and stops forwarding emails, a user may have no means of retrieving forgotten passwords from the original site, or logging in and updating account details.

If the DEA email service provider discontinues the service, finding a similar or equivalent service might be a challenge.

However, on the plus side, it might be easier to transition to another service by updating the addresses because the sites and human correspondents where email addresses were involved can be identified from the receiving DEA addresses themselves.

Aesthetics and logistics concerns when handing out to real people

A DEA email address pattern might end up being longer and more complicated, cryptic-looking, more difficult to write down on paper or type in, especially in situations on the go, where speed and legibility may be a concern.

Where DEA checksums are involved, it may require online or offline access to generate one, or an option to bypass it.

Recipient might be more likely to make a mistake in a complicated email address when typing it in for subsequent use.

It might raise some questions with the recipient unfamiliar with DEA when they are given an email address that contains their name or company; however, an explanation that a separate email address is being used for each correspondent is usually sufficient.

For these reasons, it might be advisable to keep the domain and address pattern as short as simple as reasonably possible.

See also

• Mailinator
• Spamgourmet
• TrashMail
• Dispostable

References

1. ^ "Disposable e-mail addresses foil marketing plans". Network World. 2006-12-04. Retrieved 2007-02-02. 
2. ^ "Disposable E-mail Addresses". PC Magazine. 2004-03-22. Retrieved 2007-02-06. 
3. ^ "Successful Forum Tip #3 – Troll Prevention and Extermination". 2004-08-09. Retrieved 2007-02-02 (broken link as 2012-02-07). 
4. ^ "Add New Ban". SMF 1.1 Online Manual. Simple Machines LLC. Retrieved 2007-02-02. 
5. ^ "Email Options". vBulletin Manual. Jelsoft Enterprises Ltd. Retrieved 2007-02-02. 

External links

• Temporary Addresses at the Open Directory Project
• Protecting Your Script from Disposable Email Addresses using BDEA api, episode 278 at Category 5 Technology TV