Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If you run your own email, you can catch the moderately motivated spammer: use a character other than + as the segmenter, and a honeypot +.

  <me+some-thing@example.com>
  <me+some-other@example.com>
Here, ‘-’ is the segment character, <me+some@example.com> is the actual delivery address, and <me@example.com> triggers an immediate block.


> <me@example.com> triggers an immediate block.

This doesn't work. I've seen legitimate companies just strip everything from the + onwards.


Well, "legitimate". There's no legitimate reason for a company to remove anything from user-provided e-mail address.


Legitimate reason != legitimate company


Doing something like this is extra work, implying the company in question has either some malicious intent (e.g. spamming, or sharing data with third parties behind users' backs), misguided (e.g. thinking this is a proper way of dealing with user account spam), or just don't give a damn. Either one of these cases reflects badly on such company.


You can reflect it however badly you want, I'm just saying these weren't companies most people would consider shady or cutoff business with over this issue.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: