On Mon, 5 Apr 2021 19:39:43 -0400 Dan Ritter <d...@randomstring.org> wrote:
> Celejar wrote: > > On Mon, 5 Apr 2021 15:51:28 -0400 > > Dan Ritter <d...@randomstring.org> wrote: > > > > > > Okay, but why isn't trying to limit spammers getting hold of an address > > > > a logical part of a defense in depth strategy? > > > > > > Because it doesn't work. If it worked as well as, say, moving > > > your SSH port*, I would encourage it. It does not. > > > > Source? Is this your personal experience, or do you have some other > > basis for this? Cloudflare, for example, asserts that: > > > > "Cloudflare Email Address Obfuscation helps in spam prevention by > > hiding email addresses appearing in your pages from email harvesters > > and other bots, while remaining visible to your site visitors." > > Source: experience from being actively involved in the Internet > for 25 years, including time on anti-spam initiatives at BBN and > Akamai, various mail anti-abuse working groups (now > https://www.m3aawg.org/ which I'm not currently involved with > particularly) and running personal and corporate mail servers > for most of that time. Sounds good to me :) > > > OK, use tagged addresses. Gmail has that feature for free. > > > > > > page and tell Gmail to spam-bin the old address. > > > > Worth considering, certainly. I try to avoid Gmail as much as possible > > (I know that I'm still using it for d-u), but I can check to see > > whether the other email providers I use support plus addressing. > > The good ones will. The best ones will also offer - addressing > on the same terms. Turns out that a bunch of idiots think that + > is not a valid mail left-hand-side character, but - is. I use some GMX accounts, and they apparently don't support plus addressing (I just tried, and the message was refused with "550 Requested action not taken: mailbox unavailable."). I suppose it would be nice if they did support it, but I can't really fault them for not supporting a non-standard Google invention. Celejar
