Don't use fake email addresses on Usenet!

A considerable number (but far from the majority) of Usenet posters are putting fake email addresses in the From: and/or the Reply-To: fields. They do this to avoid having their real email addresses collected by junk emailers.

Why shouldn't I use a fake address?

There are several reasons; I list them in the order of their importance to me:
It's rude to repliers
If you use a fake address, you indicate that you are not interested in the replies; if you were interested, you would not make it hard to reply.
"But it takes only 2 seconds to edit the email address."
Sorry, my thinking unit is fully utilized by the task of composing a good reply. If you want me to do any more thinking, I simply won't reply. If you want that, please write "Please don't send replies" in the main text of your posting (not in the sig). Or better, don't post in the first place.

To edit the email address, first I would have to notice that it is faked. Checking for that takes two seconds for every posting, 90% of which have working email addresses. So the checking alone would cost me 20 seconds per faked address.

If I notice the faked address, I usually don't reply or followup. Usually I add people with faked email addresses to my kill file, in order to avoid replying to address fakers in the future. I have already killfiled everyone who has spam or invalid in their From: address (unfortunately, my newsreader does not allow killing dependent on the Reply-To: field). So, if you insist on using a faked email address, please append .invalid.

The real trouble is when I don't notice the faked address. Then I take some time to compose the reply, only to get it back as undeliverable. And then I really get angry. If I still wanted to deliver the reply (which I don't), it would take me one minute or more: Call up elm, read the mail, find out the real address (which may not be apparent in the mail), forward the mail there, delete it, and leave elm.

It encourages posting stuff that is more appropriate for email
If replying is more work than following up, people will tend to follow up, even when it's not appropriate. Note that the presence of fake email addresses makes every reply more work (even to people with good email addresses), because I have to check the email address to make sure.
The fallout massively hits innocent systems
Junk emailers often use fake return addresses (e.g., 1000fast@aol.com) to protect themselves from the righteous anger of their victims; often these return addresses belong to real machines/organizations (e.g., aol.com), who have nothing to do with the junk emailer. If the junk mailer uses your faked email address, the junk mail bounces to the return address on the junk mail (e.g., 1000fast@aol.com), causing trouble to the administrators of that site (e.g., aol.com). The admins have to look at these mails, just in case it was caused by a problem in their system.

Worse, some people use faked addresses of machines that exist. E.g., one I tried to respond to used nospam@please.com; please.com exists. Others use somewhere.com. In this case the admins of both faked addresses (the address used by the junk emailer, and the address used by the poster) get the junk email.

It's against the law
Well, not any law enforced by the police, but against RFC 1036 on Usenet messages. It's also against the charter of some newsgroups (e.g., AFAIK the whole de.* hierarchy (German language newsgroups) outlaws postings with fake return addresses).
It does not work
It takes just one user doing a follup-up&reply to you, who includes the To: address in the posting (as my newsreader does), to have a posting with your valid email address; and from there it's a short way to the databases of the junk mailers.

So how do I defend against junk email?

What I am presently using is a filter based on procmail that filters out 70% of the junk email and leaves 100% of the legitimate mail alone. I am sure that it could be improved; however, since the resulting junk mail level is low enough, I have not invested the time to do this. A commercial filtering program is MailShield (I have not tried it). I have also read that gmx.net (a free email provider) has a good junk mail filter (a friend told me that it removes about three quarters of the junk mail); the junk mail filter of Dejanews is supposedly even better.

One idea I have to improve the effectivity of junk mail filtering is to use different, but working addresses in the From: and the Reply-To: fields, and to filter out everything I receive on both addresses (optionally add the Sender: field or the signature).

There are lots of other hints in various places. A good starting point for more advice is Get that Spammer.

If you are admin of an MX host, disable arbitrary relaying of email through your host if you have not already done so; if you don't, and junk emailers find your machine, you'll have a lot of trouble. If you want to do more, you can turn your host into a Teergrube (tar pit) for junk emailers. Or, more extremely, you can blackhole junk emailers and their relays.

Related pages

Anton Ertl