mung : Java Glossary

Munging is not for private emails. To mung there is both pointless and rude. You use the munging techniques for posting your email address on the web, in newsgroups or in blogs to slow down an avalanche of spam.

Why does my email address appear on my website only as an inconvenient non-clickable image? e.g. . Because I have such a high Internet profile, without that munging technique, I get thousands of spams a day. It is unfortunate to inconveniece my legitimate correspondents with munging. The alternative is to discard legitimate correspondence accidentally as spam.

Why You Should Mung Your Address

• Munging avoids junk email.
• Junk emailers harvest email addresses from Usenet newsgroup posts, both in the headers and text body, anything that remotely looks like an email address.
• Munging is easy to do compared with other methods of avoiding spam.
• Munging lowers the percentage of good addresses harvested by the address thieves.

Why You Should Not Mung Your Address

• It breaks the automated 'reply by email' feature found in most newsreaders, forcing people to manually de-mung the address in order to email topical replies to your posts. People legitimately trying to contact you may not notice your address is munged, may refuse to take the effort to demung, or may demung incorrectly and their important messages may never get to you.
• You will irritate people legitimately trying to contact you with your little mother-may-I games. You are saying to the world, my convenience in attempting to be free from spam is more important than your convenience to be able to contact me. I am more important than you are. So there! People write me all the time annoyed I have inconvenienced them and ask me to build more convenient mailto links. The general public don’t understand why I am making them jump through hoops to email me. They imagine I am doing it just to be obvoxious or to discourage people from writing.
• If you use the same software for newsgroups and email, you will have to change the address back and forth, to avoid sending regular email with a munged address. It is both rude and inconsiderate to send personal email with a munged address. You are saying to your recipient, I want you to listen to me, but I have no interest in hearing back from you, and further I think you are likely to be careless with my address and let it fall in the hands of bulk email harvesters by posting it on the web or by selling it to them.
• It violates RFCs, the rules upon which Usenet is built.
• If you don’t use the proper munging @invalid suffix, every mail sent to a munged address leads to a bounce. A bounce is an automatically generated email sent to the sender of any email that can’t be delivered. Most spammers don’t use real FROM: email-addresses or use the real FROM: address of some unrelated third party. Spam-mails are sent via open mail-servers, that allow relaying of mail where neither FROM: and TO: addresses necessarily belong the server’s domain. With munged email-addresses you increase the amount of data being generated during a spam-attack because:
  • A bounce will be generated on the receiving TO: side.
  • Using a non-existing FROM: address, a second bounce will be generated on the sending side.
  • Using an existing address, the innocent person receives thousands of these FROM: bounces.
  Transporting all thse bounces must be payed by the FROM: and TO: ISPs. The spammer has no additional costs, because he isn’t involved.

  You can avoid these disadvantages by using the official invalid address xxx@invalid.

Use of Invalid

If you are munging, you should put .invalid as the TLD on the end to warn that the address is munged, e. g. roedy@notthemoonbutthe.com.invalid.

How To Mung

• george@nospam.aol.com.invalid
• georgeREMOVE.THIS@aol.com.invalid
• g e o r g e @ a o l d o t com.invalid
• georgeSPLIN@TERaol.com.invalid

To mung, you must be creative and original. You have to defeat two classes of demungers:

1. algorithms that demung common patterns, willing to test several variant demungings.
2. ladies in their housecoats working from home willing to test several variant demungings.

1. roedy@HIGHKELVINmail.com.invalid. It still may go sailing over the heads of people you want to decode it to hotmail.com.
2. roedy@bluemindprod.com.no.invalid (leave out the references to Norway)
3. When you post any email address on the web in two parts separated by a graphic @ sign, with a deceptive alt tag. like this: dumbo circus.com.
4. Change your email address to a word not found in the dictionary or in Names for Baby. Spammers will try sending to every possible word, given name and surname on a given email host and remember what gets delivered for future mailings. If you have a common name for your email address e.g. jimmy@hotmail.com, even perfect munging to camouflage it won’t save you.

On the other hand, if you are too subtle, your legitimate callers won’t notice the mung, or won’t be able to correctly remove it on the first try.

 The Graphics Email Icon Approach :  ⇐ png graphic icon, not text

SpamGourmet.com

Alternative Approaches

One approach is to change your public email address from time to time, and discard the old one when it becomes too spam saturated. Keep a private one for personal communication you never post.

Eventually some Mafioso is going get ticked by spam and take some spectacular revenge which may discourage people entering the profession.

• mung FAQ The techniques he recommends for munging I believe are far too easy to defeat by automation. I base this opinion based this on my experience writing a legitimate email address harvester and de-munger I use to send the location of the FAQs to first time posters in comp.lang.java.help .
• spam
• I propose an email system based on digital ids and digitally signed documents. See mailreader/newsreader student project. If this were implemented spam as we know it would disappear. The Internet currently provides a free lunch to spammers. We can hardly expect good capitalists to do anything but leap into the feeding frenzy.