A lot of people use fake, or altered, email addresses on comments threads, presumably because they want to avoid being flooded with spam. But it turns out that these are actually not that vulnerable to spammers harvesting.
Ever since Crooked Timber started I’ve been using my crookedtimber email address as my email address on all comments boards. And as far as I can tell I’ve never got a single piece of spam sent to that address. So just using a real address does not mean you’ll automatically get spammed.
To be sure, I also always leave a website address, usually “Crooked Timber”:https://www.crookedtimber.org, so the email address doesn’t show up on default settings. And maybe if I didn’t do that I’d be getting spam because of it. So all I can say with any confidence is that leaving real email addresses on MT comments boards, plus leaving a web address, doesn’t seem to lead to spam.
{ 8 trackbacks }
{ 27 comments }
Paranoid 04.16.04 at 6:50 am
Interesting, but no thanks. I don’t give my address at public meetings, why should I do so here?
keef 04.16.04 at 7:33 am
If they haven’t gotten your email address from this page, don’t worry — they will.
And then you’ll get a few, then a torrent, of spam spam spam spam.
I use a bogus address here for precisely that reason.
K
mon 04.16.04 at 8:48 am
I used to post a valid email address in forums or discussion threads, and I had to close each of those email addresses I’ve used on the web because they were flooded with spam in the space of a few weeks.
So, no way I’m ever going to do that again. Now I’m completely spam-free on both work and personal accounts and intend it to remain that way.
What is happening to you is indeed because your email does not actually show up on the page, as the web url takes over. What’s the point of adding a valid email if it doesn’t show up? People won’t be able to see it, they’ll only see the URL, and if that URL does not reference an email, you’re basically achieving the same effect as posting an invalid email – people cannot contact you, _and_ spammers cannot harvest your email.
Anything with a @ gets harvested. You can’t avoid that. It’s impossible. If you have your email displayed anywhere on your website, you’d better use email-cloaking tools, or even better, have a contact form instead, where the email is hidden in the script itself, not displayed. That’s not possible to do in comments, so, fake addresses are the only solution.
mon 04.16.04 at 8:49 am
I used to post a valid email address in forums or discussion threads, and I had to close each of those email addresses I’ve used on the web because they were flooded with spam in the space of a few weeks.
So, no way I’m ever going to do that again. Now I’m completely spam-free on both work and personal accounts and intend it to remain that way.
What is happening to you is indeed because your email does not actually show up on the page, as the web url takes over. What’s the point of adding a valid email if it doesn’t show up? People won’t be able to see it, they’ll only see the URL, and if that URL does not reference an email, you’re basically achieving the same effect as posting an invalid email – people cannot contact you, _and_ spammers cannot harvest your email.
Anything with a @ gets harvested. You can’t avoid that. It’s impossible. If you have your email displayed anywhere on your website, you’d better use email-cloaking tools, or even better, have a contact form instead, where the email is hidden in the script itself, not displayed. That’s not possible to do in comments, so, fake addresses are the only solution.
splitred 04.16.04 at 9:15 am
I’ve gotten a number of spam messages whose subjects named Maxspeak messages on which I commented. Don’t know why they choose to pick on him.
Keith M Ellis 04.16.04 at 10:08 am
A bit off-topic, but I’ll say that I, too, hate spam. But I hate the lack of personal accountability on the Internet even more. I will continue as I have for ten years and not obfuscate my identity in any way.
That said, it occurs to me that for a while now I’ve been using my blog’s URL here and elsewhere, along with the email address associated with the blog. At the blog I don’t believe my full name or another address appears—I’ll need to correct that. It’s a group blog with one other person who is not as keen on this matter as I am and when I put it together I only included our first names.
But a Google on Keith M Ellis will reveal a great deal of information about me. (Note that I’m in the process of moving my personal website to kmellis.com, so some of those pages will be 404.)
Factory 04.16.04 at 10:19 am
The problem is that once an email address is spam bound it tends to stay that way, and chaging email addresses is something I do not like to do often.
Chris Lightfoot 04.16.04 at 12:30 pm
It’s probably not worth bothering with trying to hide your address. In the end the spammers will get it by dictionary attacks, or buying it from an e-commerce site or a dodgy ISP, or writing a virus to collect addresses from hapless Microsoft Windows users or whatever. My address has been on the web for years, completely unobscured, and I’m not at all troubled by spam.
That’s not to say that people don’t spam me, of course; over the past few days, I’ve got on average about one spam every three minutes (plus even more collateral spam). But spam filtering is pretty good now, and I probably only actually see one spam a day. Anyone who isn’t already using a spam filter like Spam Assassin or one of its derivatives should look into installing one. Doing that is a far better countermeasure than trying to keep your address out of the public domain
teep 04.16.04 at 12:54 pm
I give out my real email address and my real web page on message boards and blog comments. I don’t *think* my real name is associated with those, but I haven’t made a special effort to keep them apart.
If I am handing out my $.02, the recipient of same should be able to reach me so that he or she can call me a big, fat dodo stupidhead or (less frequently) compliment my style and *then* call me a big, fat dodo stupidhead.
Do I get spam? Yep. The filter gets most of it, and I delete the rest. It doesn’t even raise my blood pressure anymore.
Abiola Lapite 04.16.04 at 2:20 pm
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
“But I hate the lack of personal accountability on the Internet even more.”
Then you ought to love PGP-signing of comments. If the Timberites were to follow the advice on here, no one would be forced to view the ugly gibberish surrounding this particular comment of mine, but you’d still have the benefit of being relatively sure that I’m who I claim to be – or, at least, that it’s always the same person going under my name.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.2.4 (MingW32) – GPGshell v3.10
Comment: My Public Key is at the following URL:
Comment: http://www.alapite.net/pgp/AbiolaLapite.txt
iD8DBQFAf914OgWD1ZKzuwkRAiZZAJwK/COOnhRr/RPSSpIGc0WfrPibgQCgjFrB
tgsAVBKxczXMIaheG+TZ4lQ=
=ic3S
—–END PGP SIGNATURE—–
Brian Weatherson 04.16.04 at 3:09 pm
…have a contact form instead, where the email is hidden in the script itself, not displayed. That’s not possible to do in comments, so, fake addresses are the only solution.
Actually it’s really easy to do in comments. Just leave a web address as well, and no email address is displayed. Any web address will do.
Of course, anyone who wants to run this experiment themselves can easily set up a yahoo account and watch. If you just use the address on comments boards and always leave a web address, I bet it won’t end up with any spam.
As for the PGP signing, it could be a good idea but I’ll leave it to the technical wizards here.
Matt Weiner 04.16.04 at 4:20 pm
I frequently leave an unadorned e-mail address on comment boards–since I run a mostly non-political blog (and can get pissy in arguments), I don’t usually link back to it when I’m making political comments. That address, after eight months or so, is not completely spam-ridden. I get maybe two or three urgent requests for assistance a day–but I get more delete-without-reading e-mails from the university administration!
It is conceivable that there is a spam filter on the e-mail, though.
Keith M Ellis 04.16.04 at 4:23 pm
About the PGP signing thing…
I’d be happy if everything had PGP functionality built into it. But, anyway, regarding Movable Type, this will soon not be necessary as MT 3.0 will go to a validated central-server userid comment system which will solve the spam problem. Although I know some people aren’t thrilled about it. As I’m sure CT does, I use MT-Blacklist; but the last I heard he’s not going to continue to maintain it because of MT 3.0.
mm 04.16.04 at 6:02 pm
I usually use a false address, partly because one of my e-mail addresses is associated with my employer, who (a) might wish that I be working, not wasting time like this and (b) might not share my political views. I realize that for a left/liberal academic or journalist (a category that includes many bloggers), that latter problem is literally inconceivable. My home e-mail address is also associated with my name, so again, my employer, my clients etc. may not find my political views congenial. Or at least, why should I take the chance that they won’t?
Anno-nymous 04.16.04 at 6:15 pm
I just thought I’d take the opportunity to point out that my linked address is, in fact, a real email account. It’s not my main one, and I don’t check it very often, but I’m darn proud of having registered the account.
Nat Whilk 04.16.04 at 6:18 pm
If I am handing out my $.02, the recipient of same should be able to reach me so that he or she can call me a big, fat dodo stupidhead
The problem is when they start calling you on your home phone at 3 a.m. to tell you that. That’s no fun.
teep 04.16.04 at 6:53 pm
nat whilk wrote: The problem is when they start calling you on your home phone at 3 a.m. to tell you that. That’s no fun.
That, to me, would be beyond the bounds of propriety. I would be mortally offended if someone escalated an internet disagreement, no matter how heated, to any sort of physical world confrontation. (I realize some people do behave that way, but I figure anyone who does can’t claim to be civilized.)
Unfortunately, I do not have a good civilized response to this sort of uncivilized behavior. I am open to suggestions…
Keith M Ellis 04.16.04 at 7:16 pm
I have never had anything remotely like that happen to me. Even though my physical address and phone number have been easily discovered.
Once, though, I did invite some tough-talking (violence talking) guy to come visit me. I felt bad about it afterwards, though, because although I wasn’t particularly worried about my own safety, at the time I lived with an SO (female) and a good friend (male) that I was putting in harm’s way without having consulted them first. It was irresponsible of me.
…and that is a real consideration. I have a personal sense of responsibility and accountability that demands that I be directly responsible for everything I say in the public sphere—including being accountable to friends, family, employers, etc. But regarding the people that actually live with me…should they be at risk because I said something that some nut case took badly and our address is easily obtainable? Well, no, not without their consent. I have another roomate currently (actually my closest friend), and we haven’t discussed this. We ought to.
MDtoMN 04.16.04 at 8:39 pm
I started posting at Conservative sites, and I mostly didn’t want to have to continue debates past a certain point. It’s great to debate on a message board, but I don’t want to have to sift through tons of “you’re an anti-semite because you’re a Democrat” or “you’re an idiot for believing in global warming” types of e-mail to see what my sister or folks want to e-mail me (particularly since their e-mails largely consist of uplifting things, like bull dogs on skate boards).
Matt Weiner 04.16.04 at 8:50 pm
I realize that for a left/liberal academic or journalist (a category that includes many bloggers), that latter problem is literally inconceivable.
Ha ha. I actually do worry that someone on a search committee will see some of my blog comments and decide I’m a jerk. That’s why I try to keep my own blog almost politics-free. I do worry that it was unwise of me to start commenting using my own name (though it may be better than having “Matthew Weiner dies suddenly” as the #1 Google hit).
mon 04.16.04 at 10:36 pm
I don’t believe it’s a matter of ‘personal accountability’ when it comes to making a comment, writing your opinions, even keeping a web site or weblog. Anonymity is a right. Especially when voicing opinions. You’re still responsible for what you write. Obviously. But I don’t think the choice of preserving your privacy above all should be so disparaged.
You can write letters to the editor of a newspaper, they’ll publish it if it’s interesting, and bin it if it’s not – but they won’t publish your home address and telephone number unless you ask them to specifically, for whatever reason. So I don’t see why it should be different on the net.
Besides, even when you’re posting anonymously, if someone wants a way to contact you, they can just ask in the thread and you can give a simple spam-proof instruction.
So, no need to turn internet privacy into some kind of irresponsibility. It’s a very precious thing. No better reminder of that than when it’s abused. I suppose it’s all a matter of personal experiences, but I’d rather not risk having nastier ones than those I’ve already had.
Keith M Ellis 04.16.04 at 10:44 pm
Yes, well, this expectation of a public privacy seems to me to be an accident of history, an aberration that people have for some bizarre reasons come to think of as a “right”. Newspapers don’t publish addresses but almost all refuse to publish anonymous letters. It doesn’t take much effort to track someone down if you know their name and where they live. And the fact that my address and phone number have been easily obtainable has more to do with my resume being on the web than anything else. The key anti-anonymity point I was making was that my real world identity is not hidden or obfuscated and thus what I say here reflects on me in my real life. As it should.
Anatoly 04.17.04 at 12:26 am
anno-nymous: nice address! I’ve only seen one address which impressed me even more than yours does — this guy.
mon 04.17.04 at 7:38 am
Keith: sorry but what other kinds of privacy apart from ‘public privacy’ are there? Privacy is all you preserve from the public area. There’s nothing bizarre at all in considering it a right because it simply is. By all definitions, legal included.
I don’t understand why you seem to believe that in order to comment or write anywhere on the internet, people have to know your full name and address. Does that alone make what you write more interesting or valid or reliable? I don’t think so. I don’t care who you are and what you do in ‘real’ life and if I can look your name up in a telephone directory or not. I’m only reading your opinions on a specific forum. I’m not interested in the rest, whether you think it’s relevant or not. I’m a real person too living a real life as well, the fact you don’t know my name and surname from the net does not make any difference because you don’t know me in person anyway.
This whole notion that you have to ID yourself as to the police only to post an opinion on a discussion board is what sounds truly bizarre to me.
In letters to newspaper editors, you can actually only write your first name and they will publish it all the same. They are bound to respect your anonymity. I don’t know any paper who violates a a request not to publish one’s name and address.
But even if your details appear in a newspaper, there are still next to no risks of being spammed and abused. On the internet, there are tons because your details are forever there and searchable, by bots or individuals. If privacy is not a right, then what, spamming and stalking are?
Keith M Ellis 04.17.04 at 11:30 am
Privacy hasn’t traditionally been a “right” in the sense that other rights have been recognized.
And what I mean by “public privacy” is what I think you’re misleadingly calling “privacy”: anonymity or semi-anonymity in public. Real privacy is…privacy. That acts that occur in private are private.
But there’s no reason in the world that I have a “right” to get up on a soapbox in the public square yet hide behind a curtain. Well, okay, traditionally there is some value seen in anonymous political speech (and related), but in that traditional world such anonymity was the exception, not the rule. One had to go to some trouble to be an anonymous public figure. Today, everyone can be and many are.
This has turned the equation on its head. Before, there was too much personal accountability for one’s speech in the context of asserting unpopular political or religious ideas and anonymity served a necessary purpose. Now, there’s too little personal accountability—this anonymity in public is being misused far, far more than it is being socially useful.
That you ask: “does that alone make what you write more interesting or valid or reliable?” indicates that you don’t get where I’m coming from at all. It’s not about making my writing more appealing to you, or more credible, or whatever—it’s making me be accountable for what I write. People say outrageious things on the net that they’d never, ever say in real life simply because they can get away with it. I refuse to allow myself that unaccountability.
This language of “rights” really bothers me because, firstly, I don’t believe in “natural rights” anyway; and, secondly, even if I did, I don’t see how there could be a “natural right” to being anonymous in public. Yeah, I can come up with a utilitarian argument for it…maybe…but that this is automatically cast in the language of assumed inalienable “rights” just drives me crazy.
teep 04.17.04 at 1:16 pm
keith m ellis wrote: Now, there’s too little personal accountability—this anonymity in public is being misused far, far more than it is being socially useful.
This may be a valid complaint about the internet. However, there are two factors that complicate “public life” on the internet a bit beyond what we are used to in regular, real-world public life. First, a lot of the internet is permanent or semi-permanent. In real life, there’s a reasonably-permanent paper trail, but it isn’t a continuous thing… there are dinner bills and charge card receipts and rental cars and airline tickets and so forth, but there is no data about what happens *outside* of the paper trail AND the paper trail takes some effort to amass. Joe Average would have to do some serious legwork to get a real-world paper trail together. On the internet, due to the nature of the interactions, a whole lot more of them are logged. It’d be one big paper trail if the internet used paper, which it does not. In addition, most of the logged transactions are instantly, easily searchable by anyone with the sense to crank up google or whatever.
In real life, my dad can’t pull up an archive on my college years and discover how much semi-anonymous sex I had on his nickle while I was allegedly getting an education. (Good thing, too.) On the internet, throwaway posts I wrote to message boards five years ago still exist. They’re easily searchable. I honestly feel that these sorts of archives, unexpectedly permanent and unexpectedly easy to riffle through, will eventually wind up biting someone in the butt. Probably several someones.
He also wrote: People say outrageious things on the net that they’d never, ever say in real life simply because they can get away with it. I refuse to allow myself that unaccountability.
This is your perogative. However, I will not be joining you at that table. I do not wish to make it clear, obvious, and easy for anyone with my real name (like, say, my grandmother) to be able to pull up my web pages on yaoi bondage manga. I don’t think yaoi bondage manga is wrong, particularly, but I don’t see any reason to make it super-easy for my grandma to find out I read* the stuff. [*for values of ‘read’ that include a dictionary and a handbook of Japanese grammar]
Because of the volume of the paper trail on the internet, because of its unexpected permanence, and because of the ease with which it may be searched, I see no harm in keeping my real-world identity somewhat apart from my internet identity.
mon 04.17.04 at 3:36 pm
keith – ok, anonymity is not the same thing as privacy, but on the internet, for people who, unlike you, chose to not use their real full name, anonymity is a means to preserve privacy. Whatever reasons they may have to choose that option, I simply object to it being reduced to a lack of responsibility. It does depend on the actual _content_ of what one writes.
If you were here trolling and posting objectionable stuff and insults and racist comments and so on, you’d be a moron with no sense of responsibility anyway, whether you used your real name or not.
Choosing anonymity does not automatically mean you’re abusing an internet forum. You can’t lump in together anonymous trolls and anonymous commenters just because they both happen to not display their real names. You know? There might a lot of good reasons not to use your real name, aside from avoiding spam itself.
Everyone chooses what they feel comfortable with. I find this attribution of “cowardice” to anonymous posters quite pretentious to be honest.
No? Why not? It is everyone’s right to choose what they prefer, anonymity or real name. Actually, the way you’re putting it here, seems to me you’re the one getting on the high horse of “I use my real name therefore I am more responsible than you”. What kind of higher accountability does that give you? I see none. What matters in the context of a discussion on the net is simply what you’re writing in that particular discussion. Nothing else.
I don’t know what you’re referring to, honestly. Seems to me anonymity and/or privacy are becoming more and more of an issue, in terms of legislation as well. So seems to me it’s actually considered a right.
Even voting is private _and_ anonymous. Yes, you do need to ID yourself to vote but _no one will know who and what you voted for_.
So the most relevant form of public (as it does have a public outcome) expression of one’s political views is envisaged to grant you the highest anonymity.
If privacy wasn’t a right, I guess we’d all be forced by law to declare our vote and have it attached to our social security or ID card or something like that.
So I don’t see what’s so odd about considering it a right to keep one’s views anonymous in the context of a discussion on the internet. I’ve signed petitions with my real name and address, I’ve sent non-anonymous letters to editors, or to political parties or media, etc. But the internet is different. For the reasons *teep* explained above, among others.
Besides, when I’m writing to a paper or tv network, I know they have editors and they have to respect laws as well as professional codes of conduct in matters of privacy and everything else. I cannot always assume or demand the same standards from an internet forum or a website, no matter how much I may consider it reliable and trustworthy. Web sites are not subject to the same requirements as printed publications; which is fine, as that allows more people to speak their minds, but it means it’s a completely unregulated context and therefore I’ll have to be responsible for protecting my own privacy myself.
I’m not going to let anyone, whatever reasons they may have, collect information about me that they may use in ways I may not particularly care for, from spamming to abuse to stalking to harassment to slander; but I still like to take advantage of the opportunity to contribute to a discussion, if the owner of that site accepts and welcomes comments. I don’t understand what’s so despicable about that.
Comments on this entry are closed.