Hotmail Launches Accounts You Can Throw Away

suraj.sun writes with this excerpt from CNET: "Today, Hotmail is getting a new feature aimed at 'e-mail enthusiasts,' which lets anyone create multiple e-mail accounts that can be read, replied to, and managed from their everyday e-mail inbox. These additional e-mail addresses can be had in the same manner as signing up for new accounts, but they require no extra log-ins or upkeep. ... The idea is to give users a safe way to provide third parties with an e-mail address, without giving up the address they've provided to family and friends, which, if compromised, can end the usefulness of that particular account. Each user will be able to create up to five aliases, any of which can be deleted and replaced with another at any time. Over time, Microsoft will increase that limit to 15 aliases per account, making it so that the true heavy users won't need to juggle between two or more Hotmail accounts."

Cool idea

[trollertron3000]

I've used it elsewhere but integrated into a client like hotmail is a good idea. Besides, I already use hotmail for my spam address. Now Google, steal this please.

Here.

[MrEricSir]

http://mail.google.com/support/bin/answer.py?hl=en&answer=69570 [google.com]

Re:Here.

[Anonymous Coward]

Interesting but not quite the same thing. If an account gets really jacked up then you would have to make another gmail account, remove the old one, then add the new one. Kind of a pain in the ass.

With the Hotmail feature you simply delete the old one and make a new one right there. It's much more straightforward and quick.

Re:

[TheLink]

These throwaway hotmail accounts are too little too late for me.

I get so much spam on my hotmail account that it's kind of my throwaway account already. Nowadays I only bother to check it once every few months :).

In contrast my yahoo and gmail accounts don't get even the same magnitude of spam passing the spam filters.

Re:

[Z00L00K]

Wouldn't this be great for spammers too that needs to provide a verification email account?

I'm just waiting for sites that sets up rule that verification can't be done through hotmail and that that you need to provide another email account.

Those huge sites like hotmail and gmail are great catch-alls for spammers too.

Re:

[TheLink]

You say you've had the hotmail account longer than the Yahoo and Gmail accounts

Where did I say that?

FWIW, none of those email accounts are my primary email account either. My primary has tons of spam, but since my spam filters are tolerable (not great) I'm sticking to it.

Re:

[blackest_k]

the main problem is you need a new gmail account to be allowed to import from hotmail but you can get round this by dumping to an intermediate gmail account. And just set a forward to the one you really want to use.

I have a number of email accounts which i label in gmail so i know where it came from. The only thing i get stuck with is friends with compromised accounts which send porn and viagra links

Another useful thing i found is you can sync contacts from winmobile / outlook to a gmail account.
very ha

Re:Here.

[Anonymous Coward]

I have a DynDns subdomain (free) for which I registered a Google Labs account (free) and set up Gmail (free). I get up to 50 Gmail accounts @ my DynDns subdomain. Adding or removing them is easy, and with multiple sign-in, switching between them is easy. Plus I can set them to forward messages to my main e-mail address.

Re:

[omglolbah]

I have a domain that forwards *@example.com to my gmail address.

I sign up using the site name as the account-name whenever I have to provide one.

When spam arrives from an email in annoying quantities I add a specific rule to send that email address into a dead account.

Re:

[mcvos]

With the Hotmail feature you simply delete the old one and make a new one right there. It's much more straightforward and quick.

It is, but my email provider (xs4all.nl) has had that feature since forever. At least 10 years, I think. I have a simple list of all my email aliases, and can add and delete them as I like. It's still not anything new.

Re:

[Captain Hook]

The problem with the gmail approach is that your real address is still part of the address, it's not hard for spammers to take that address and strip +whatever off the username section of the email address.

Even worse, although + is a legal character in email address, a hell of a lot of sites and services don't accept it. For example, I don't think facebook allows email addresses with a + character in the name section.

Googles multiple email address into a single account approach is more of a tracking s

Re:

[Rary]

That's not an alias, as the link you provided specifically says "Gmail doesn't offer traditional aliases". It is a handy feature, but it's not an alias. For one thing, you can't "throw it away", although you can filter it out. Additionally, although it's useful for automated systems, if you give the email address out to a real person, that person then knows your real email address as well.

Aliases are entirely different, and would be a welcome enhancement to Gmail.

Re:

[Rary]

Like I said, it is a handy feature (and I do use it, myself), but simply adding alias functionality would be trivial to implement, and would add much value.

I wouldn't at all be surprised if spammers start stripping the "+..." from harvested email addresses. Actually, I'd be quite surprised if none of them have done this already.

Re:

[kiddygrinder]

i believe stuff going to something#youremail@gmail.com will still get to you, so if you make up your own addresses for each site you can move all emails from that address to the bin if it gets spammy.

Re:

[rtfa-troll]

Much better is spamgourmet [slashdot.org]. There are several things which are key and are missing from the hotmail implementation.

1. there is no master address; every address has a code.
2. addresses are unilmited. This means you can use a separate email address for every correspondent. This means you can work out exactly which correspondent gave away your email address
3. addresses last by default for 20 mails; enough for a simple correspondence, but not enough to fill your mailbox before you realise and delete the address

Re:

[lul_wat]

HTML line break

Re:

[maxwell demon]

Options -> Comment post mode: Plain Old Text.
Contrary to what its name suggests, it actually interprets the supported html tags, but it keeps line breaks.

Re:Cool idea

[Abstrackt]

While not exactly an implementation of a throwaway address, you can use plus sign addressing (subaddressing, i.e. name+slashdot@gmail.com) with Google. I use it for every site I sign up on so I can see who gives out my email address so I can filter everything from that alias into the trash.

Re:Cool idea

[Manfre]

I've encountered several sites that do not allow a + in the email address, or come even remotely close to implementing the RFC.

This is a worthwhile read and the regex was fun to implement. http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx [haacked.com]

Re:

[farnsworth]

This is a worthwhile read and the regex was fun to implement. http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx [haacked.com]

This is the regex that Mail::RFC2822::Address uses, which seems to be the most comprehensive: http://ex-parrot.com/~pdw/Mail-RFC822-Address.html [ex-parrot.com]

I have no idea how that was authored...

In any case, probably the only 100% way to validate an email address is to accept any string and try to send an email with an "is-valid" link in it.

Re:

[asdfghjklqwertyuiop]

There's very little point validating an email address anyway. What are you trying to do?

Prevent SMTP header injection, possibly: user@example.com\nX-Some-Header: blah or injection in the message body (user@example.com\n\nBlah).

Personally, I usually just check that there's something@something.something and call it done (somethings can include @s and .s).

Also technically wrong. The right hand side doesn't necessarily need to contain a dot (for example, root@localhost).

Re:

[mysidia]

I've encountered several sites that do not allow a + in the email address, or come even remotely close to implementing the RFC.

Those (several) sites then are clearly broken; clear violation of the robustness principal as well.

Basically, (anything)@example.com

Is valid; providing the contents of (Anything) are recognized by (example.com) SMTP servers.

There may be some quoting of special characters such as spaces required in (anything), required when using the e-mail address over SMTP; h

Re:Cool idea

[shutdown -p now]

Unfortunately, it still exposes your primary address. Whereas it seems that the reasoning behind this Hotmail feature is primarily privacy.

Re:

[shutdown -p now]

I don't want an email address with "+".

Re:

[garcia]

I worked for a college and coded around those filters to get at the real address. I'm sure any intelligent marketer would too.

Re:Cool idea

[Patoski]

While not exactly an implementation of a throwaway address, you can use plus sign addressing (subaddressing, i.e. name+slashdot@gmail.com) with Google. I use it for every site I sign up on so I can see who gives out my email address so I can filter everything from that alias into the trash.

Additionally you can also place a period anywhere in the user portion of your email address and gmail will route it to your address.

For instance, if your email address is "bufordpusser@gmail.com", you can also give out "buford.pusser@gmail.com", "b.u.ford.pusser@gmail.com", etc. and all of them will route to your original address.

Re:

[1u3hr]

I'm just curious, who have you discovered giving out your personal information? You can skip the porn sites.

I use Sneakemail which gives me an unlimited number of alias emails. So I create one for every forum or site that requires an email confirmation. If I get spam, I know exactly who leaked it. I've actually had very few. spams though. Just started to get spam from opensubtitles.org, so I just deleted that address. I have very few porn sites that I register with, but but none of them have spammed me.

Re:

[Cinder6]

Gmail does have it, but you have to be using a custom domain to get the feature. I use it; it's nice. I'm not sure why it hasn't been integrated into the Gmail proper; usually, feature lag goes the other direction.

Re:Cool idea

[Anonymous Coward]

Do you mean the catchall? If so, yeah I do it too and love it.

You get *@yourdomain forwarded to your inbox. Then you just make one rule in your filters. In the "has the words" box for filter creation, you put deliveredto:({[one],[two],[three],[four]})

One, two, three, and four being @yourdomain "accounts" that are abandoned due to spam. Just tell gmail to send those directly to the trash, which keeps your spambox empty.

It doesn't get any better than that. No need to create new email addresses, they all already exist. Just filter out the ones that start causing you trouble.

Re:

[catmistake]

bah... no mod points... loaning you my karma is all,
thx for posting

Re:

[catmistake]

Ha! I do that all the time (post AC, then mod parent up... doesn't work if you mod before you post).
;-)

Re:Cool idea

[Graff]

I've used it elsewhere but integrated into a client like hotmail is a good idea. Besides, I already use hotmail for my spam address. Now Google, steal this please.

Gmail already has had this feature for a long time. it's called plus-addressing [lifehacker.com]. You take your e-mail address, put a plus sign at the end of it and then add a phrase. For example:

foobar@google.com
foobar+slashdot@google.com
foobar+amazon@google.com

All of these will get sent to foobar@google.com and you can create a filter on each term (eg: filter on +slashdot) to send them into their own mailbox.

Re:

[shutdown -p now]

And as soon as I see your email in this format, I strip away the "+" part and have your original address which I can merrily spam.

Re:Cool idea

[Graff]

And as soon as I see your email in this format, I strip away the "+" part and have your original address which I can merrily spam.

Spam away on it, the original, no "+" address is to a spam mailbox.

Only addresses with the "+" part go to actual mailboxes that I read. I never hand out the bare address to anyone.

Re:

[shutdown -p now]

A neat trick for sure. But now your "real" address (i.e. the one you give out to actual people) has a plus in it, making it slightly less readable, and possibly confusing people (or badly written apps that they use to email you).

Re:Cool idea

[Graff]

I didn't say it was perfect, just that GMail had a version of throwaway email for a while now!

If Hotmail one-ups Google then that's all the better for the users because that's how services get better, through competition.

Re:

[icebike]

Spam away on it, the original, no "+" address is to a spam mailbox.

Only addresses with the "+" part go to actual mailboxes that I read. I never hand out the bare address to anyone.

Spam on Gmail?
I get virtually NO spam on Gmail that is not automatically detected and routed to the spam box.
It is astoundingly accurate, and false positives are so vanishingly small I never bother to check the spam mailbox.

I don't need to reserve the root name for a spam catch.

Re:

[Graff]

I get virtually NO spam on Gmail that is not automatically detected and routed to the spam box.

Oh sure, this is just overboard paranoia-type stuff. I only do this on my "commercial" e-mail account. I have a separate e-mail account that is for friends and family where I don't bother with any of these kinds of tricks.

Re:

[icebike]

Actually Plus Addressing seems intermittently broken on Gmail of late.

It seems if you access your Gmail from IMAP all bets are off with regard to the message actually ending up in any folder other than the inbox. Even message sent via gmail to gmail seem to fail the Plus Addressing for me.

Re:

[sxeraverx]

Except spammers are too lazy to implement this (for now). Any email address can be found and spammed, unless it's completely unused. The only way to prevent spam is to exploit spammers' laziness. As long as the majority of email addresses they buy don't use the '+' exploit, they won't notice, and even if they do, it will be cost-ineffective for them to strip out the '+' addresses.

This is not a method to safeguard your privacy. It's a method to reduce your spam.

Re:Cool idea

[Anonymusing]

There is actually a patent on something like this. AT&T developed it a long time ago, sat on it for a decade, then sold the patent to Zoemail (a now-defunct Internet startup) in the early 2000s, which then sold the patent to someone else. The advantage of the Zoemail/AT&T approach was that the "keyed" addresses would be created to each recipient you sent to, and they would know you by that keyed e-mail, but you could turn those off whenever you wanted. Or give them expiration dates. The keyed address would be listed in your address book with each recipient.

It was a beautiful concept, frankly, but could have been implemented better.

Re:

[msauve]

There is actually a patent on something like this. AT&T developed it a long time ago, sat on it for a decade, then sold the patent to Zoemail (a now-defunct Internet startup) in the early 2000s, which then sold the patent to someone else.

Then, there's no patent on it, or won't be very soon. Patent terms from that period were 17 years. "Early 2000s" should mean 2004 or before, so that's at least 10+7 (minus some number of month?) = expired.

Re:

[vux984]

All of these will get sent to foobar@google.com and you can create a filter on each term (eg: filter on +slashdot) to send them into their own mailbox.

Yes, I'm sure no one would ever think to actually strip out the +component out to get the real address, especially since its a documented feature.

The hotmail alias system is more useful, because the real address can't be harvested trivially from address you give out.

Re:

[Obfuscant]

Yes, I'm sure no one would ever think to actually strip out the +component out to get the real address, especially since its a documented feature.

And I'm sure that no one would ever think to use a +-form address as his main one and bit-bucket anything that doesn't have the + in it? Spam away at foo@example.com, my filter accepts email only to foo+something@example.com.

The hotmail alias system is more useful, because the real address can't be harvested trivially from address you give out.

I have no idea why this new hotmail thing is important, since I've never had any trouble creating throw-away hotmail addresses when I want them. They are so completely throw-away that I simply walk away from one when I no longer want it. I never see it again.

Re:

[icebraining]

Many websites don't accept the plus in the email address field.

Personally, I used to use mailinator, now I have a catch-all in my domain.

Re:

[Obfuscant]

Many websites don't accept the plus in the email address field.

At which point I determine if my dealing with that website is valuable enough TO ME to open up my unplussed address for the short period of time it takes to deal with whatever email they are sending, or valuable enough to them that a complaint about their defective website will get around that error (if you call customer service, many times they can bypass the web nazi).

Most of the stupid ones I deal with are demanding an email address so they an verify my registration, after which any email from them tru

Re:

[vux984]

And I'm sure that no one would ever think to use a +-form address as his main one

Oh I'm sure someone thought of it, and then promptly got frustrated at all the places it didn't work and/or got rejected.

(Also, have you looked at the hassles involved in sending from a gmail plus address...)

Re:

[Magic5Ball]

Then would you say that you are nonplussed about this feature?

Re:

[timeOday]

To make it work, you have to give a different email address to every website, every friend, every family member, so you could cut any of them off individually.

I used separate throw-away (though functional) addresses for each website, but a single "real" one for all friends and family. Eventually, a friend's hotmail account was compromised, his address list scanned, and my "real" address was open to spam forevermore.

Re:

[Graff]

I used separate throw-away (though functional) addresses for each website, but a single "real" one for all friends and family. Eventually, a friend's hotmail account was compromised, his address list scanned, and my "real" address was open to spam forevermore.

Yeah, you basically need to choose a balance between complete security and ease-of-use. I generally create categories of addresses and take the risk that one of the categories might get compromised. If that happens then I deal with it as best as possible by creating a new address for that category or just living with spam filtering on the old one.

Seems like the credit card number aliases

[perpenso]

This seems like the credit card number aliases that many banks offer, a temporary number that locks to the first merchant to use it. Hopefully it works out as well.

Wow just like Mac mail

[goombah99]

snore.

the've had it for years

[Snaller]

Besides , I thought it was Microsoft who stole ideas

Re:

[kiddygrinder]

i believe you can use a hash in your gmail to categorise the email, ie you can sign up to something with say ign#myemail@gmail.com and if it ever gets spammy just move email from that address to the bin

Re:

[Imrik]

And any emails received without dots go directly to the trash.

I guess...

[msauve]

this is the first time I've seen a Microsoft focused article after the /. redesign. Bill as Borg doesn't seem right - he's not even in charge any more. Where's Ballmer with a chair (and not sitting on it)?

Re:I guess...

[catmistake]

Also in Microsoft's court, Exchange has no true equal and Active-Directory still rules, and, by reverse proxy I guess, the Bill and Melinda Gates Foundation is amazing. On the otherhand, their flagship OS is still a rotting, broken piece of shit and a security nightmare, and their rabid fanbois equal mac zealots in the uninformed denial of this. (Sure... any OS can be broken or insecure... it's just infinitely easier with Windows.)

Hrmmm

[WiglyWorm]

Isn't that what people do with their hotmail account anyway? Throw it away?

You thought it was hard to name an account before

[Anonymous Coward]

Now we're going to be emailing grandmacatherineandgrandpajohn1320924delta@hotmail.com

Own domain

[Dan East]

I've been doing a similar thing with my own domain / webserver for the last decade. I'll make up email addresses right on the spot, usually like "slashdot.org@mydomain.com" or "sprint@mydomain.com", etc. I have a catch all account that receives all emails to non-existent accounts, and I can split any of the addresses off into an actual account whenever needed (or disable it if it becomes inundated with spam). That was always one of the big perks of owning your own domain.

Re:Own domain

[SydShamino]

Yup, I do exactly this for about the same length of time. The only difficulty is when I have to give an address to someone verbally, and they think I'm giving them a fake one since it's yourcompany@mydomain.com. I usually get around this by giving those people randomthreedigits@mydomain.com or similar. As it happens I've only ever lost one address this way to spam, but it was obvious right away who sold my address.

Re:

[sstamps]

Yep.. been doing this for a long time now. It actually made my email use enjoyable again. I simply don't get spammed anymore. If I start seeing spam come in on an address, I "cycle" it and give the person/company it was assigned to a warning. If they do it again, I don't give them another address.

Re:

[dch24]

You can configure your SMTP server to reject the email when it is an unknown address -- reject it before closing the connection so there is no chance for a "backscatter attack."

Spammers quickly stop using addresses that either:
1. Hang for a while before responding with a failure and closing the connection -- but that opens you to a huge DDoS problem.
2. Reject and quickly close the connection. No DDoS problem, and the spammer got nothing for the (admittedly miniscule) effort they expended to hit up your

Re:

[tlhIngan]

Yeah, I seem to get a bunch of random addresses as well - the best one yet was a bunch of russian-sounding usernames with russian emails.

The oddest ones I've gotten are emails with letters truncated off - that I don't know. E.g., I used to have afpcclog @ mydomain, and I started getting emails of fpcclog, with the missing 'a'.

Quite wierd, really.

Re:

[sstamps]

I don't think he means domain default addressing. i.e. @hisdomain.com is not accepted. Only accounts he has created and given out will work.

What I think he means (at least the way I do it) is that all the myriad individually-assigned email addresses he's given out all have a common "catch-all" inbox.

Re:

[sstamps]

That should read <anything>@hisdomain.com. Silly /.

Beaten to it?

[Firehed]

This seems pretty similar to Gmail's aliasing - append anything after a plus sign to your email address (ex firehed+slashdot@gmail.com) and it goes to your main inbox. If that address is compromised, just filter anything addressed to that account.

Microsoft seems to have a few advantages here, though. First, it's a lot more seamless. Second, there are tons of websites that incorrectly validate email addresses and treat + as an illegal character, which it is not (hell, you can go directly to an IP address instead of a domain, although nobody ever would), so by extension it's harder to use as a throw-away address. And third, it's pretty obvious you've done it, and websites can just s/\+[A-z0-9.-]+@gmail.com/@gmail.com/g it into oblivion.

Of course, in order to get this functionality, you need to use hotmail. Aren't those already throw-away accounts by definition?

Re:

[WiglyWorm]

That is nice, but I've had experiences with websites that won't allow the + sign as part of an email address. Unfortunately, emails are one of the hardest things to validate with regex, and most implementations get it wrong.

Re:

[adamofgreyskull]

From the comment you replied to:

Second, there are tons of websites that incorrectly validate email addresses and treat + as an illegal character, which it is not (...)

Re:

[Obfuscant]

Plus there is at least one turnkey spam-filtering mail server system that has no clue what a + address is. It simply bounces everything that is not a literal match to a valid username.

People who do not understand the RFCs for email should NOT be selling mail servers.

Re:

[LO0G]

Mod parent up +1 Funny. After all, if the parent had actually *read* the RFC, they would know that the RFC explicitly states [ietf.org] that:

"Consequently, and due to a long history of problems when intermediate hosts have attempted to optimize transport by modifying them, the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address."

That means that the spam filter is following the RFC. The + address is a convention of a number of email systems but Foo+Bar@do

Re:

[Obfuscant]

What you quote from the RFC has to do with INTERMEDIATE hosts modifying or interpreting the local parts of addresses, not the use of + addresses themselves.

Unless you are maybe arguing that "MUST be interpreted and assigned semantics only by the host specified in the domain part of the address" really means that the "domain part host" is allowed to freely ignore any interpretation assigned by any RFC, since that host would be the only thing that can assign any. That would be a ridiculous interpretation, es

Re:

[Obfuscant]

That means that the spam filter is following the RFC. The + address is a convention of a number of email systems but Foo+Bar@domain.com and Foo@domain.com are unrelated email addresses according to RFC2822.

BUSTED! The text you claim appears in 3.4.1 of RFC2822 does not appear therein, nor does it appear in RFC 5322. RFC5322 says:

Note: A liberal syntax for the domain portion of addr-spec is given here. However, the domain portion contains addressing information specified by and used in other protocols (e.g., [RFC1034], [RFC1035], [RFC1123], [RFC5321]). It is therefore incumbent upon implementations to conform to the syntax of addresses for the context in which they are used.

What you quoted comes from RFC5321 (SMTP protocol) para. 2.3.11, and is preceded by the following sentence:

The standard mailbox naming convention is defined to be "local-part@domain"; contemporary usage permits a much broader set of applications than simple "user names".

In other words, RFC5321 explicitly says that mailboxes (the local part of the email address) are much broader in scope than simple "user names" in contemporary usage. RFC5233 documents the use of + addressing and thus makes it an RFC (proposed) standard item. And none of the R

Re:

[LO0G]

Ok, I'l bite. Where in 5233 does it document the + addressing?

The only text I could find about local-part has:

The local-part portion is a domain-dependent string. In addresses, it is simply interpreted on the particular host as a name of a particular mailbox.

There is text in 5231 about local-part:

"local-part@domain"; contemporary usage permits a much broader set of applications than simple "user names". Consequently, and due to a long history of problems when intermediate hosts have attempted to

Re:

[artor3]

Those "few advantages" are the only valuable aspects. Plus addressing is borderline worthless, because it requires you to reveal your real address.

Re:

[dudpixel]

but any human could see that if you remove everything after the +, you get the person's real email address. How long before spammers set up automated servers to do the same?

hotmail's approach uses completely different email addresses, which is much better.

I want this in gmail :)

Re:

[Anubis IV]

To get around some of those issues you mention, I actually have two accounts set up: my main one, and my dummy one that I use with the + trick.

The way I have it rigged, I give out my dummy one with a +whatever appended to any site that asks for an address. I have that account configured to forward everything with a +whatever to my main account, while holding indefinitely in limbo anything that lacks the +whatever. That way, if the sites ever do decide to just remove the +whatever and spam me, it'll all go i

Re:

[Shikaku]

Or: %s/+.*@/@/

Always innovating

[gmuslera]

Always Microsoft realizing last the good internet ideas. Probably they are the last ones left on the world that didnt throwed away their hotmail account yet.

BSD

[MrKaos]

I wonder if they are still using the BSD backend that Hotmail originally used?

Yahoo

[godIsaDJ]

God, Yahoo had this for years! This is quite lame :S

I for one...

[diskofish]

I for one, welcome our new throw-away email overlords.

Yeah, only we do it correctly.

[dskoll]

(Blatant plug) Our product [roaringpenguin.com] has had this for years, only we do it properly. Our feature is called "Locked Addresses" and it works like this:

• The system generates a random email address using a strong random-number generator. The address is unlikely to be guessed.
• Initially, the address is in the "unlocked" state.
• The very first time the system receives a message for the address, it locks to the sending address or domain (your choice.)
• If anyone else tries to use the address (ie, someone other than the loc

That's nothing.

[dmomo]

I threw away my hotmail account 10 years ago.

Slow news day

[dogsbreath]

What am I missing here? Hotmail accounts are throw away in the first place but what's the big deal about email aliases? My ISP has had this forever.

Throwing forums under the spambus

[Dachannien]

Similar to the "put periods anywhere in your e-mail address" and "put a + followed by anything" features offered by Google, this Hotmail feature will soon be exploited by forum spammers to create a multitude of e-mail addresses without having to solve captchas.

One of the few weapons that forum maintainers have in their anti-spam arsenal is to be able to collaboratively blacklist e-mail addresses, IP addresses, and usernames. This feature would further hinder blacklisting by e-mail address, in a manner even

Mailinator

[istartedi]

Mailinator has been providing me this service for years. AFAICT they get by on a very unobtrusive banner at the top of their home page, donations, and perhaps some funding from their corporate parent which presumeably also finds the service useful. I guess it doesn't take too much money to run such a service. They're obviously dumping spams into the bitbucket after a timeout, and limiting the size of the messages (most spam is small anyway). The only problem I've had is that a few parties filter them;

What?

[okmijnuhb]

Hotmail IS my junk mail account!

Wow

[antifoidulus]

So they've invented a less useful spam gourmet? They have only been doing this for what, 7, 8 years now?

Spamgourmet

[gringer]

And spamgourmet [spamgourmet.com] has been doing something like this as well, but better and more anonymously:

1. If you haven't done it yet, create a spamgourmet account. Enter your user name and the email address you want to be protected. You will be asked to identify the word in a picture and pick a password.
2. Spamgourmet will forward to this address all the emails sent to your spamgourmet disposable addresses -- that way you don't have to tell anyone else what it is -- this is why it's called the protected address. Of course,

Old news

[devnull17]

Hotmail has had accounts you can throw away for years. Just ask every porn site I've ever signed up for.

Sneakemail

[RobinH]

I've been using Sneakemail [sneakemail.com] for years now. The concept is the same, and it really works well. I love being able to delete an email address that someone started spamming, after they got my address by making me sign up just to get a quote for some service I never ended up buying anyway.

I've done that already

[SpaghettiPattern]

I've done that already the minute Hotmail was bought by Redmond.

Wouldn't want to repeat it.

Sad state of affairs

[Provocateur]

We're not eliminating the root cause here, are we? It sounds like more places or new names for 'Trash bin'.

It's like the terrorists had won

Re:Great Idea.

[hawguy]

Gmail has something that's arguably better -- you can use a plus sign to append any string you like to your address, so you can have "myname@gmail.com' as your main account and give "myname+family@gmail.com" to your family. And when you sign up for a Hormel mailling list, you can use "myname+hormel@gmail.com" so you know when you're getting spammed by Hormel.

Re:

[_merlin]

How's that better? A machine can easily strip the part after the plus sign.

Re:

[hawguy]

It's better because you set "myname+family@gmail.com" to always bypass spam filters (and maybe apply a colorful tag to make it more noticeable.

Then you can treat "myname@gmail.com" as spam since you never give that address to anyone you care about.

So the machine can strip mynam+hormel@gmail.com down to myname@gmail.com, but you don't care since your family sends email to myname+family@gmail.com and your friends sent email to myname+friends@gmail.com.

Re:

[RoFLKOPTr]

What are hotmails?

The opposite of ComicCon attendees.

Re:

[artor3]

Have you used it in the past few years? Most sites refuse to take emails from any of Malinator's domains.

Re:

[Call Me Black Cloud]

Do you really think spammers a) are using webmail accounts to send spam and b) checking those webmail accounts to see what replies they've received? No wonder you posted anonymously.

Spammers use open relays (or spam-friendly hosts) to send e-mails with fake "from" addresses. The e-mails direct the potential victim to either a website or to reply to another e-mail address.

The ease at which new addresses can be created and disposed of in Hotmail is only a good thing.