Ask HN: 6-char Gmail account flooded by "legit" bot signup spam. Can I retake control?
My first Ask HN! I've had this issue forever and I'm hoping someone here will have a brilliant solution. I created my Gmail account the day Gmail went into public beta, and I was never able to use it once. It's a short name; spam bots started submitting it into every signup form around, so I got/get about 100 "legitimate" emails a day (not including spam which is mostly caught by Gmail.) How can I get myself off the 50,000 or so mailing lists I'm on and make my address usable again? I'd like to bounce all messages for six months, then set up a whitelist afterward. Don't think I can bounce on Gmail, though. Other thoughts?
17 comments
[ 2.9 ms ] story [ 30.3 ms ] threadJust get yourself a domain, and set it up on Google Apps for your Domain. Result? You now have infinite email addresses.
So, if you're bob@yourdomain.com, you can create a catch-all so that anything@yourdomain.com comes to you. This is actually the most effective spam-fighting mechanism I've found yet.
The trick is to then sign up to things as bob.thing@yourdomain.com. For example, you might sign up to HN as bob.hackernews@yourdomain.com. Then, if you ever get a spam to that email address, you know exactly where it came from. Moreover, if one of those addresses gets sold off to some dodgy email resellers and flooded with semi-legitimate spam that just seems to get through GMail's filters (e.g. if you ever buy a ticket from the scummy spam-loving bastards at TicketMaster), you can just block that specific address while keeping everything else functional.
Been there done that :)
For example, I sign up to HN with the email address hn.rfg@<mydomain>. This gets forwarded to my real address because it's got the rfg string in it. If I start to get spam on that account, I can add a filter for hn.rfg on either my real or spam@<domain> account, depending on which is more convenient, and I know where it came from.
Blanket spam to <mydomain> rarely comes through to my email, since the to is unlikely to include the rfg string, and will probably get picked up by the spam filter on the spam@<mydomain> account. Backscatter spam with faked from headers rarely gets to my real account, since the faked address is unlikely to include the rfg string.
I'm sure you guessed what those six characters were-- it's partly a vanity thing, obviously. :)