mung : Java Glossary

mung

To mangle your publicly-posted email address sufficiently when you post it publicly that spammers cannot harvest it for bulk mailing lists, yet not so badly that legitimate senders cannot manually reconstruct it.

Munging is not for private emails. To mung there is both pointless and rude. You use the munging techniques for posting your email address on the web, in newsgroups or in blogs to slow down an avalanche of spam.

Why does my email address appear on my website only as an inconvenient non-clickable image? e.g. . Because I have such a high Internet profile, without that munging technique, I get thousands of spams a day. It is unfortunate to inconveniece my legitimate correspondents with munging. The alternative is to discard legitimate correspondence accidentally as spam.

Advantages	Email Graphic Icons
Disadvantages	SpamGourmet.com
Use of Invalid	Alternative Approaches
How To Mung	Links

Why You Should Mung Your Address

Munging avoids junk email.
Junk emailers harvest email addresses from Usenet newsgroup posts, both in the headers and text body, anything that remotely looks like an email address.
Munging is easy to do compared with other methods of avoiding spam.
Munging lowers the percentage of good addresses harvested by the address thieves.

Why You Should Not Mung Your Address

It breaks the automated 'reply by email' feature found in most newsreaders, forcing people to manually de-mung the address in order to email topical replies to your posts. People legitimately trying to contact you may not notice your address is munged, may refuse to take the effort to demung, or may demung incorrectly and their important messages may never get to you.
You will irritate people legitimately trying to contact you with your little mother-may-I games. You are saying to the world, my convenience in attempting to be free from spam is more important than your convenience to be able to contact me. I am more important than you are. So there! People write me all the time annoyed I have inconvenienced them and ask me to build more convenient mailto links. The general public don’t understand why I am making them jump through hoops to email me. They imagine I am doing it just to be obvoxious or to discourage people from writing.
If you use the same software for newsgroups and email, you will have to change the address back and forth, to avoid sending regular email with a munged address. It is both rude and inconsiderate to send personal email with a munged address. You are saying to your recipient, I want you to listen to me, but I have no interest in hearing back from you, and further I think you are likely to be careless with my address and let it fall in the hands of bulk email harvesters by posting it on the web or by selling it to them.
It violates RFC (Request For Comment) s, the rules upon which Usenet is built.
If you don’t use the proper munging @invalid suffix, every mail sent to a munged address leads to a bounce. A bounce is an automatically generated email sent to the sender of any email that can’t be delivered. Most spammers don’t use real FROM: email-addresses or use the real FROM: address of some unrelated third party. Spam-mails are sent via open mail-servers, that allow relaying of mail where neither FROM: and TO: addresses necessarily belong the server’s domain. With munged email-addresses you increase the amount of data being generated during a spam-attack because:
- A bounce will be generated on the receiving TO: side.
- Using a non-existing FROM: address, a second bounce will be generated on the sending side.
- Using an existing address, the innocent person receives thousands of these FROM: bounces.
Transporting all thse bounces must be payed by the FROM: and TO: ISPs (Internet Service Providers). The spammer has no additional costs, because he isn’t involved.
You can avoid these disadvantages by using the official invalid address xxx@invalid.

Use of Invalid

If you want no mail at all from anyone, use an id that ends in invalid, e.g. roedy@invalid. Don’t mention any domain anywhere. This is the official way to do it. If your newsreader won’t let you do that, then give it an address of the form xxx@invalid.invalid or failing that xxx@invalid.com

If you are munging, you should put .invalid as the TLD (Top Level Domain) on the end to warn that the address is munged, e. g. roedy@notthemoonbutthe.com.invalid.

How To Mung

Examples of pointless munging, too easy to defeat by automation.

george@nospam.aol.com.invalid
georgeREMOVE.THIS@aol.com.invalid
g e o r g e @ a o l d o t com.invalid
georgeSPLIN@TERaol.com.invalid

You don’t want to irritate your legitimate readers by requiring too many keystrokes to correct the address, e.g. g_e_o_r_g_e_@_a_o_l_d_o_t_com.invalid take many keystrokes to correct, but is easy to correct via automation.

To mung, you must be creative and original. You have to defeat two classes of demungers:

algorithms that demung common patterns, willing to test several variant demungings.
ladies in their housecoats working from home willing to test several variant demungings.

The trick to fooling (1) is to use a new pattern. The trick to fooling (2) is to require specific knowledge an unskilled person would not have, e. g.

roedy@HIGHKELVINmail.com.invalid. It still may go sailing over the heads of people you want to decode it to hotmail.com.
roedy@bluemindprod.com.no.invalid (leave out the references to Norway)
When you post any email address on the web in two parts separated by a graphic @ sign, with a deceptive alt tag. like this: dumbo circus.com.
Change your email address to a word not found in the dictionary or in Names for Baby. Spammers will try sending to every possible word, given name and surname on a given email host and remember what gets delivered for future mailings. If you have a common name for your email address e.g. jimmy@hotmail.com, even perfect munging to camouflage it won’t save you.

Unfortunately, if you leave hints about how to remove your mung, little ladies in their housecoats working for $0.06 an hour in China can read them just aswell.

On the other hand, if you are too subtle, your legitimate callers won’t notice the mung, or won’t be able to correctly remove it on the first try.

The Graphics Email Icon Approach : ⇐ png graphic icon, not text

I tell people to look on my website at the top of any page or more particularly at http://mindprod.com/image/mailto/roedy.png. The image gives my true email address, but it would be difficult for a machine to read it, though a lady working in a housecoat for $0.06 an hour in China could. I used an odd font and made it slightly blurry to deter OCR (Optical Character Recognition). You can generate similar graphics email icon with Masker.

SpamGourmet.com

SpamGourmet.com will give you valid email address. However, all mail directed there is just thrown away. This avoids the problem of bounced messages being generated. You will of course lose legitimate mail as well from people who don’t know that spamgourmet does this.

Alternative Approaches

You may find that many companies now are hiding their email addresses. To send them email you must go to their website and send them a message by filling in a form. They have had it up to the teeth with spam.

One approach is to change your public email address from time to time, and discard the old one when it becomes too spam saturated. Keep a private one for personal communication you never post.

Eventually some Mafioso is going get ticked by spam and take some spectacular revenge which may discourage people entering the profession.

mung FAQ The techniques he recommends for munging I believe are far too easy to defeat by automation. I base this opinion based this on my experience writing a legitimate email address harvester and de-munger I use to send the location of the FAQs (Frequently Asked Questions) to first time posters in comp.lang.java.help .
spam
I propose an email system based on digital ids and digitally signed documents. See mailreader/newsreader student project. If this were implemented spam as we know it would disappear. The Internet currently provides a free lunch to spammers. We can hardly expect good capitalists to do anything but leap into the feeding frenzy.

FingerLakes Email Munger
Masker
mung FAQ
spam

	available on the web at:	http://mindprod.com/jgloss/mung.html
	optional Replicator mirror of mindprod.com on local hard disk J:	J:\mindprod\jgloss\mung.html
	Please email your feedback for publication, letters to the editor, errors, omissions, typos, formatting errors, ambiguities, unclear wording, broken/redirected link reports, suggestions to improve this page or comments to Roedy Green : . If you want your message, your name or email kept confidential, not considered for public posting, please explicitly specify that. Unless you state otherwise, I will treat your message as a letter to the editor that I may or may not publish in the feedback section. After that, it will be too late to retract it. If you disagree with something I said, especially when sending an ad-hominem attack, a rant composed mainly of obscenities or a death threat, please quote the offending passage and cite the web page where you found it, tell me why you think it is wrong, and, if possible, provide some supporting evidence. I can’t very well fix erroneous or ambiguous text if I can’t find it.
Blog	Canadian Mind Products IP:[65.110.21.43] Your face IP:[107.21.156.140]
Feedback	You are visitor number 17,095.