Product Code Database
Disposable email addressing, also known as DEA or dark mail or "masked" email, refers to an approach which involves a unique email address being used for every contact, entity, or for a limited number of times or uses. The benefit is that if anyone compromises the address or utilizes it in connection with email abuse, the address owner can easily cancel (or "dispose" of) it without affecting any of their other contacts.
Disposable email addresses can be cancelled if someone starts to use the address in a manner that was not intended by the creator. Examples are the accidental release of an email to a email spam, or if the address was procured by spammers. Alternatively, the user may simply decide not to receive further correspondence from the sender. Whatever the cause, DEA allows the address owner to take Unilateralism action by simply cancelling the address in question. Later, the owner can determine whether to update the recipient or not.
Disposable email addresses typically forward to one or more real email mailboxes in which the owner receives and reads messages. The contact with whom a DEA is shared never learns the real email address of the user. If a database manages the DEA, it can also quickly identify the expected sender of each message by retrieving the associated contact name of each unique DEA. Used properly, DEA can also help identify which recipients handle email addresses in a careless or illegitimate manner. Moreover, it can serve as a tool for spotting counterfeit messages or phishing.
Additionally, because the access has been narrowed down to one contact, that entity then becomes the most likely point of compromise for any spam that account receives (see "filtering" below for exceptions). This allows users to determine first-hand the trustworthiness of the people with whom they share their DEAs. "Safe" DEAs that have not been abused can be forwarded to a real email account, while messages sent to "compromised" DEAs can be routed to a special folder, sent to the trash, held for spam filtering, or returned as undeliverable if the DEA is deleted outright.
Further, because DEAs serve as a layer of indirection between the sender and recipient, if the DEA user's actual email address changes, for instance because of moving from a university address to a local ISP, then the user need only update the DEA service provider about the change, and all outstanding DEAs will continue to function without updating.
If available, this feature can allow users to create their own disposable addresses.
Some services require additional time to set up forwarding, but others allow to create new addresses "on the fly" without registering them with the service in advance. However, this method allows storage and access of all emails from a single main account, although to manage forwarding for some services the user has to remember the password for each alias.
A variation is to use a catch-all address, then forward to the real mailbox using wildcards. Many mail servers allow the use of an asterisk (*), meaning "any number of characters". This makes the whitelist automatic and only requires the administrator to update the blacklist occasionally. In effect, the user has one address, but it contains wild cards, e.g., "me.*@my.domain'", which will match any incoming address that starts with "me." and ends with "@my.domain". This is very similar to the "+" notation, but it may be even less obvious, since the address appears to be completely normal.
|
|
