To mangle your publicly-posted email address sufficiently when you post it publicly that spammers cannot harvest
it for bulk mailing lists, yet not so badly that legitimate senders cannot manually reconstruct it.
Munging is not for private emails. To mung there is both pointless and rude. You use the munging
techniques for posting your email address on the web, in newsgroups or in blogs to slow down an avalanche of
Why does my email address appear on my website only as an inconvenient non-clickable image? e.g.
. Because I have such a high Internet
profile, without that munging technique, I get thousands of spams a day. It is unfortunate to inconveniece my
legitimate correspondents with munging. The alternative is to discard legitimate correspondence accidentally as
Why You Should Mung Your Address
- Munging avoids junk email.
- Junk emailers harvest email addresses from Usenet newsgroup posts, both in the headers and text body,
anything that remotely looks like an email address.
- Munging is easy to do compared with other methods of avoiding spam.
- Munging lowers the percentage of good addresses harvested by the address thieves.
Why You Should Not Mung Your Address
Use of Invalid
If you want no mail at all from anyone, use an id that ends in invalid, e.g.
roedy@invalid. Don’t mention any domain anywhere. This is the official way to do
it. If your newsreader won’t let you do that, then give it an address of the form firstname.lastname@example.org or failing that email@example.com
If you are munging, you should put .invalid as the TLD (Top Level Domain) on the end to warn that the
address is munged, e. g. firstname.lastname@example.org.
How To Mung
Examples of pointless munging, too easy to defeat by automation.
You don’t want to irritate your legitimate readers by requiring too many keystrokes to correct the address,
e.g. g_e_o_r_g_e_@_a_o_l_d_o_t_com.invalid take many keystrokes to correct, but is
easy to correct via automation.
- g e o r g e @ a o l d o t com.invalid
To mung, you must be creative and original. You have to defeat two classes of demungers:
The trick to fooling (1) is to use a new pattern. The trick to fooling (2) is to require specific knowledge an
unskilled person would not have, e. g.
- algorithms that demung common patterns, willing to test several variant demungings.
- ladies in their housecoats working from home willing to test several variant demungings.
Unfortunately, if you leave hints about how to remove your mung, little ladies in their housecoats working for
$0.06 an hour in China can read them just aswell.
- roedy@HIGHKELVINmail.com.invalid. It still may go sailing over the heads of
people you want to decode it to hotmail.com.
- email@example.com (leave out the references to Norway)
- When you post any email address on the web in two parts separated by a graphic @ sign, with a deceptive
alt tag. like this: dumbo
- Change your email address to a word not found in the dictionary or in Names for Baby. Spammers
will try sending to every possible word, given name and surname on a given email host and remember what gets
delivered for future mailings. If you have a common name for your email address e.g. firstname.lastname@example.org, even
perfect munging to camouflage it won’t save you.
On the other hand, if you are too subtle, your legitimate callers won’t notice the mung, or won’t
be able to correctly remove it on the first try.
The Graphics Email Icon Approach :
⇐ png graphic icon, not text
I tell people to look on my website at the top of any page or more particularly at http://mindprod.com/image/mailto/roedy.png. The image gives my true email
address, but it would be difficult for a machine to read it, though a lady working in a housecoat for
$0.06 an hour in China could. I used an odd font and made it slightly blurry to
deter OCR (Optical Character Recognition). You can generate similar graphics email icon with Masker.
SpamGourmet.com will give you valid email address.
However, all mail directed there is just thrown away. This avoids the problem of bounced messages being
generated. You will of course lose legitimate mail as well from people who don’t know that spamgourmet does
You may find that many companies now are hiding their email addresses. To send them email you must go to their
website and send them a message by filling in a form. They have had it up to the teeth with spam.
One approach is to change your public email address from time to time, and discard the old one when it becomes
too spam saturated. Keep a private one for personal communication you never post.
Eventually some Mafioso is going get ticked by spam and take some spectacular revenge which may discourage
people entering the profession.
- mung FAQ The techniques he
recommends for munging I believe are far too easy to defeat by automation. I base this opinion based this on my
experience writing a legitimate email address harvester and de-munger I use to send the location of the FAQs (Frequently Asked Questions)
first time posters in comp.lang.java.help .
- I propose an email system based on digital ids and digitally signed documents. See mailreader/newsreader student project. If this were
implemented spam as we know it would disappear. The Internet currently provides a free lunch to spammers. We
can hardly expect good capitalists to do anything but leap into the feeding frenzy.