2009-01-20:we had what amounted to an outage over the last couple of days - - our service provider dropped the reverse lookup address for our main IP address, and other servers started rejecting connections from it, which led to a big queue backup and slowdown. They've put it back, and the queue has just been cleared. discuss

2008-10-09:I just got a phishing email:

Dear SPAMGOURMET Email Account Owner,
This message is from SPAMGOURMET MAIL MANAGEMENT messaging
center to all email account owners. We are currently
upgrading our data base and e-mail
account center.We are deleting all unused  email account to
create more  space for new accounts.

To prevent your account from closing you will have to update
it below so that we will know that it's a present used
account.
CONFIRM YOUR EMAIL IDENTITY BELOW

Email Username : .......... .....
EMAIL Password : ................
Date of Birth : .................
Alternative Email : ..........

Warning!!! Account owner that refuses to update his or her
account within Seven days of receiving this warning will
lose his or her account permanently.
Thank you for your understanding
SPAMGOURMET Email Managemen

2008-09-30: No news for a while -- and no news is generally good news here :) -- I'm considering implementing SPF on the spamgourmet domains, in order to cut back on the abuses of spammers who send a bunch of email using one of our addresses -- I'm still not sure why they're doing it, but SPF would help tag their messages as fake. The downside is that if you're a spamgourmet user who has been sending messages "from" your spamgourmet addresses without using reply address masking, you'll have a hard time continuing to do that. I think pretty much everyone's using reply address masking these days anyway, so it shouldn't be a big problem. I'm going to start with some of the less frequently used domains to test, and if all's good, I'll sweep the lot of them. After that, I'll publish instructions for other owners of spamgourmet domains to follow suit if they like. discuss

2008-01-28: We had what amounted to a denial of service attack during the latter part of last week. Reports are that it was not hostilely motivated, but the effect was the same for a while. After we recovered from that, this weekend, our ISP reports that it experienced routing issues that we believe would have rendered our server inaccessible to a bunch of cable subscribers (likely improving performance for everyone else :) ). All better now. discuss

2007-12-14: Perhaps ironically, for seven years I've been accepting mail at "info at spamgourmet.com" without the protection of spamgourmet, and as you can imagine, the address gets slammed. The last few months, I've been edging toward the ability to stop using the address, and now I've disabled it. The address is replaced by the normal spamgourmet account 'sginfo', and I'm not using prefix/watchwords, so you can make up an address and use it or visit the contact link on the page to get one made for you (using the SGMailto code). Talk to you soon through spamgourmet! discuss

2007-12-10: Analyzing the causes of recent mail delays, we notice that our queues tend to build up with messages destined to spamgourmet users whose mail servers have "graylisted" our server, and this creates delays for other spamgourmet users. For this reason, I've changed the terms and conditions to prohibit the use of a server that's graylisting us, and there will be times when we have to disable such an account and clear the queue of backed up messages.

2007-10-08: Did some *releases* today! It's been about 5 years since we did a release for the spamgourmet code, but the current version has always been in the code repository (previously CVS, now subversion) at sourceforge. Anyway, the latest is currently also available via the download page, and we're calling it v 2.0.3. I also put up a release for SgMailto, and I'm in the process of shutting off the info at spamgourmet dot com address in favor of this script -- it's already implemented here on the website, but I haven't actually shut off the address yet. But... I did notice that taking the AddressScrambler-protected mailto link off the main page here seemed to result in a huge drop in spam, and so that can only mean that the harvesters are indeed now using javascript, and so AddressScrambler's useful days are behind us -- I deprecated it on the download page, but it's still there.discuss

2007-10-02: The issue with the spam reports is now resolved -- spamcop stepped in quickly and explained things, and the ISP closely reviewed the situation and agreed that it won't be concerned about reports of messages merely passing through. Whew! Now's the time to remember how good it is that we have spam reporting, and that ISPs pay attention to it :) discuss

2007-09-28: Not the best news I've had -- we had a flurry of false spamcop reports from a particular spamgourmet user based on messages that came through our server -- I tried sternly warning the user (and shortly afterward, my gmail account was mysteriously disabled -- they've turned it back on, but won't tell me why, other than to say that they'd received reports of unsolicited mail from my gmail account (?)), but the reports continued, and our service provider is now threatening to shut us down. I'm communicating with the service provider, I have disabled the user account, and I'm also communicating with spamcop -- just wanted to put up the warning in case we go dark. Reminder -- don't file false reports!!! discuss

2007-08-13: Here are some new domains! The first two come courtesy of Wolfgang Droescher: mycleaninbox.net and inboxclean.org -- thanks Wolfgang! Also, the domains 0wnd.net and 0wnd.org are up (those are zeroes) discuss

2007-08-03: I'm releasing some javascript that you can put on your webpage that will generate a unique spamgourmet address for each visitor, along with the "sender" directive, so that someone who visits your site can communicate with you indefinitely as the "exclusive sender" for his/her very own spamgourmet address. I added the .js file to the sourceforge subversion repository, and here is a zip file with the .js file and an example html file. I've seen stuff that's similar to this but most of it has been back end code (like PHP) - this code will work on a static web page. discuss

2007-04-30: We had a slowdown caused by a DNS server configuration issue. Things are back to normal and the queues are pretty much cleared now. discuss

2007-03-10: In honor and anticipation of the unusual timezone switch in the USA that happens tomorrow (or is it the next day?), we've decided to do something that we should have done long ago - shift the server time to UTC and start expressing date/times that way on the website. This switch was done at 00:39 UTC on March 10 (which was 4:39 PM PST right before that). We have *not* gone through and adjusted existing database records to reflect the shift, so records before this time might be 8 hours off. Not sure. Since we were looking at the possibility of weirdness anyway, we figured this would be a good time to take the UTC plunge. If this causes an issue for you, contact us, and we can prolly help. discuss

2007-03-06: The ISP optonline (http://www.optonline.net) is blocking mail coming from our server, and not being very responsive to inquiries. If you are one of the many spamgourmet users who have a forwarding address with them, this explains why you're not getting email through spamgourmet. They may fix the problem, but as I mentioned, haven't responded much so far. If this affects you, you can a) contact optonline and see what's going on, b) change your forwarding address to be somewhere else, or c) live with it, I guess. discuss

2007-02-22: I wanted to announce another domain that's available -- has been for a while, but hasn't been announced: mamber.net. This one comes with its own fictitious website (a sinister multinational corporation headed by my cat) at www.mamber.net - that way, if anyone goes to look at where your email address comes from, that's what they'll see. Some of you have noticed websites that correspond to some of the other domains, and we're going to try and keep rolling with that. Maybe we can come up with some sort of secret symbol that could be displayed on the websites to let spamgourmet users know they can use the domain - working on that one. discuss

2007-02-10: We were down on Feb 9, and a little on Feb 10 due to a misconfiguration (my fault) of some of our new DDOS protection software. We're back up now and catching up on the backlog of mail -- I estimate that service will be normal by Feb 11. discuss

2006-11-15: our service provider had a power issue this morning that rebooted all the servers, including ours. This caused some mail buildup, and the website was down for a couple of hours -- the mail service really wasn't affected, other than the delay. The discussion group has more details: discuss

2006-10-29: Spamgourmet has been subjected to attacks of all sorts for almost as long as it's been around, but most have been inconsequential. For the last couple of months, we've seen the obvious evidence of a distributed denial of service attack in the mail server logs -- hundreds/thousands (or more - hard to tell) of computers are connecting, tying up connections, and at times trying to burn up CPU. In the last few weeks, the attack has intensified significantly in numbers and varied in strategy to become more effective on a per-attack basis. This is resulting in delayed mail. We're working on this one. discuss

2006-08-30: Another blacklisting problem -- this time at "senderbase" (technically not a blacklist, I suppose, but the problem is the same). See for yourself: senderbase.org link -- I don't believe there's anything we can do about this (except get really frustrated -- I'm choosing to relax) - if this is a problem for you, 1) stop using senderbase, or get your provider to, 2) get senderbase to fix the problem (if you can do that), or 3) live with it. To all you well-meaning spam reporting spamgourmet users out there -- you're killing us!!!! The bouncing and greylisting puts an extra load on our server (on top of the constant attacks from the *bad* guys) and you're fouling up the service for other users. The new IP address of our server is 216.75.35.164 - stop the reports!!!!!! This has gotten so bad that I will summarily (no warning, no recourse) disable any account that falsely reports our server (if I know about it). This may be the only thing I *can* do about it. discuss

2006-08-29: 3 things: 1) I should mention that spamcop took action to make sure that the spamgourmet server doesn't get improperly listed in the future -- thanks! That'll hopefully make life easier for the many, many spamgourmet users who also avail themselves of spamcop services; 2) the report I made earlier about the problems with our SSL certificate seems to have been a mistake on my part -- I was indeed getting the spooky popups, but I believe that was caused by a temporarily broken DNS/web configuration; 3) we've pretty much cleared the big queue that built up, and things are humming along -- the botnet attack is still active, but so far we're holding up. Please remember this story -- we're a free service intended for safe delivery of not-very-important messages, and we're more or less on the front lines -- we overwhelm our hardware, we get a attacked, we go down, we do what we can to get back up -- if you have really critical email requirements, you may be lulled into a sense of security by a very long stretch of perfect results from spamgourmet (months, years), but the time will likely come again when your service gets interrupted, and so you might should do some research to find a more stable alternative (if there is one :) ) for your critical stuff. discuss

2006-08-27: Two things: 1) we changed the bbs to require a spamgourmet.com address to sign up (the alt domains won't work) - this is to try and cut down on forum spam; 2) the service is working pretty well again (better than it has in a long time, and we're working to clear out a big queue of mail that built up during and soon after the move. Chances are good that you'll receive email that's been sitting in the queue for awhile. The botnet is apparently still attacking, but hopefully we can continue to tune our way out of it. discuss

2006-08-25: With the new server in place, we have enough horsepower to see more of what's going with our service. Two big problems we've identified are 1) a prolonged attack from one or more botnets that eat up a lot of connections and other resources, and 2) continued abuse by spamgourmet users writing scripts that create hundreds (or many more) spamgourmet addresses for whatever reason, in violation of the TOS. We're continuing to try and find automated solutions to these problems. If you've previously written a script like that, you may see that your account has been disabled as our tools attempt to identify abuse. Ultimately, dealing with problems like these remains the biggest technical (and labor) challenge in running the service, which is a shame. discuss

2006-08-13: Two issues with the move - neither is directly related. 1) We got our own SSL certificate from godaddy - it was working fine earlier today, but now seems to be coming back as some generic, self-signed localhost.localdomain cert - it was cheap - you get what you pay for, I suppose. The secure site is still secure, but you'll get these unnerving warnings - we'll try and get a better cert. 2) The old server is still up, trying to clear its queue. Because the domain name has moved to another box, but the reverse lookup is still the same (and maybe other highly obscure reasons), some spamgourmet users [automatically?] reported the old box to spamcop as a source of spam, and it got blacklisted -- this means that if you are a spamgourmet user, and your mail server uses the spamcop blacklist, and you were waiting on a message, *you will probably never get it* - don't use blacklists, because they always do crazy stuff like this. It's depressing when your deadliest threat is friendly fire - we really need to stop doing this, folks. discuss

2006-08-12: We're now totally up on the new servers (moved the bbs, too). discuss

2006-08-07: We have leased a new and much more powerful server, and are currently working on prepping it to move the service. This will take some time, and I would like to give you a timeline, but there are several unknowns (and the *known* that we are all volunteers :) ). We'll keep everyone posted as we progress, and do everything we can to make the move a smooth one. discuss

2006-08-03: We had some downtime, and we had to repair the database -- back up now. The service has backed up as a result, and so there will be delays in mail delivery. discuss

2006-05-17: A spamgourmet user came up with a *nifty* and elegant approach to email address obfuscation for web pages - check it out at www.spamspan.com. Like email address services, the more of these there are, the better. discuss

2006-05-16: Reading the news today, it has been announced that the U.S. doesn't spy on ordinary Americans. Not sure if it will help, but we thought it would be a good idea to get the domain ordinaryamerican.net for spamgourmet. This is probably a good time to remind everyone that spamgourmet is not an anonymizer, but, we hope you'll agree, does a great job of keeping your email address out of the hands of spammers (no promises about the NSA). discuss

2006-04-25: We received notice from Google about "frauduent clicks" on our adsense ads -- don't know what's behind that (if you are - stop it!), but we're facing a shut down of our adsense account, which provides a good portion of the $ that covers hosting fees (donations cover the rest, or at least some of it).

So, we're starting to look around for a cheaper hosting alternative. We're currently paying about $325/month. The service with our current host is really good, and it's a non-trivial service they're providing, and so we have to be careful. If you have any ideas about where to go, please discuss. I'll add more specifics about what we need in the discussion thread. discuss

2006-04-04: spamgourmet user Stewart (probably not his user id) donated the domain inboxclean.com, and it's now active -- thanks Stewart!!!discuss

2006-03-23: Looks like someone set up a spamgourmet clone site (with a different look, and apparently in German only) at http://www.meinspamschutz.de -- the best part is that I think they did it without having to contact us they did it with very little help from us (even helping us clean up the code in places), and it appears fully functional. Hats off!!! discuss

2006-01-02: crazycomputers kicked off a project called Sharkbait (sharkbait.sourceforge.net) that tracks email address harvesters and facilitates reporting. Works with spamgourmet (and other services that let you generate email addresses) -- pretty cool! discuss

2005-11-29: I noticed that Singapore has the top-level domain "sg", which would open up some interesting possibilities for spamgourmet domains. I see that .sg domain registrations require a local administrative contact. Any Singapore-resident spamgourmet users willing to be the contact? If so, let me know. discuss

2005-11-18: moving the bbs from one server to another... everything should keep working discuss (if you can ;) )

2005-11-01: The website was down for much of today, but the mail service was unaffected. We're researching the cause of the site outage -- it's back up now, of course. discuss

2005-09-21: Some of you may have put it together that I'm in Houston, TX -- there is a large hurricane approaching, and I'm probably going to leave with my wife and kids. This may take me offline for a little while, but the service, which is hosted in California, should experience no problems.discuss

2005-05-18: We had a critical hard drive fail (right as I was getting on a plane for a 5 hour flight *#*(!). We're back up now, but we need to find some better hardware... discuss

2005-05-02: I just got bounceback emails from several servers regarding a forged message claiming to be from info at spamgourmet.com. The messages have an attachment with instructions to open it. If you get one of these, DON'T OPEN IT. Just delete the message. Not sure where it came from, or why someone would be be interested in targeting spamgourmet users, but there you go...discuss

2005-05-01: First -- I meant to post this 6 months ago -- Alan Iwi has come up with a spam harvester trap with teeth, using spamgourmet for the transport. Check out http://home.badc.rl.ac.uk/iwi/cgi-bin/harvest/trap. This is an example of auto-address creation that's not only not contrary to the spamgourmet terms and conditions, but is pretty sweet!

The new code seems stable after a few days, which is good - had to tweak it a bit to handle the load, but no big problems. We got some new domains -- two *three* character ones: 0sg.net and 9ox.net (that's a zero in the first one, and an 'o' in the second one), a four character one, a-bc.net, and, if you want to let your counterparty know exactly what you're up to, you can use disposableaddress.com.discuss

2005-04-29: Just moved the beta code out of beta and into production. Consider the date-expiring addresses to still be an experimental feature, though, since we haven't done much testing, and there's no way to properly manipulate such addresses through the front end. This new code is mostly about fixing some very subtle bugs that probably never affected most people, but greatly worried others. The code underwent *quite a few* changes, but went through testing very well. discuss

2005-04-28: We had an outage last night -- sendmail blew up and took down the main server with it. We're back up and looking into it. discuss

2005-04-21: We've done quite a bit of work on fixing a few problems (with multiple To: and CC: addresses) and adding a feature (date-expiring addresses with the format word.YYYY-MM-DD.user@spamgourmet.com). The new code is installed for the domains beta.spamgourmet.net, beta.antichef.net, beta.recursor.net, and beta.xoxy.net. If you'd like to help by being a beta tester, use these domains for testing the new features and fixes -- try to make the new code trip up, etc. The more testing, the better, obviously, but realize that we'll probably retire these domains after beta-testing, and the test addresses won't work anymore after that. Thanks in advance! Please post comments on the bbs. discuss

2005-04-05: We added three new domains: spamcowboy.com, spamcowboy.net, and spamcowboy.org for your spam blocking convenience. discuss

2005-03-31: We just added a way to turn on and off a new feature that allows you to hide the subject tagline (e.g., (word - message 4 of 4) or (someone - trusted sender for your account)). If the feature is activated, the same information will be placed in an X-header (X-Spamgourmet) in the messages you receive. You can access this feature in advanced mode. discuss

2005-01-19: We're stable again, which is great. I'd like to bring everyone's attention to what may be one of the biggest threats to our survival -- that is when spamgourmet users file spam complaints against the spamgourmet server! These complaints are usually made to spamcop. What happens is that spamcop notifies our service provider, who sends me a nasty automated email saying I have to respond within 48 hours or face the consequences. I respond, and the spamgourmet user - realizing what he or she has done - hopefully retracts the complaint as regards our server.

So, to be clear here, what's happening is: 1) some spammer sends email to an unexpired spamgourmet address, 2) the spamgourmet user reports the spam to spamcop, specifying the spamgourmet server as being responsible for sending the spam, 3) spamcop automatically muscles our service provider who, 4) automatically muscles us. We didn't send the spam, we just forwarded it as part of our free spam-fighting service, but we (along with our service provider) are getting blamed.

To avoid this, if you report spam, be on the look out for spamgourmet hosts -- generally with an IP address of 216.218.230.146,147,148,149,150 or 216.218.159.210 or 66.160.138.245 and *don't report them*!!!! This has gotten so bad that we'll be modifying our terms of service to specifically mention it as a no-no. discuss

2005-01-06: One thing we noticed that contributed to our recent difficulties was an increase of spamgourmet users causing great numbers of spamgourmet addresses to be created (apparently via scripts) -- this is in contradiction to the terms of service: "(o) in a way that consumes resources in a manner grossly disproportionate to that of other users of the service, including, but not limited to the use of scripting or other automated means to create large numbers of accounts or addresses over a short period of time." Don't do this!!! It jeopardizes the service. So far, we've dealt with these problems manually, but it's getting to the point where we'll probably need to code in some protection against this. discuss

2005-01-05: As many of you know, we had some major trouble in December that resulted in an outage, and a huge backlog in the mail queue. To restore service, we moved the queue offline. So far, we've been taking requests to retrieve specific messages from that queue, but today, we're making some wholesale efforts to clear it altogether. For this reason, you may be getting some messages from mid-december (better late than never :)). This may continue over the next few days. discuss

2004-12-22: On the non-flaming-disaster side of things, David Chien (the guy who's working on the new spamgourmet look & feel) has a site up called spamgraffiti where he turns incoming spam into art. Not bad at all :) I donated the stream from my old school account, and when we're back on our feet here, we might find ways to send over some of the [considerable] payload we have here. BTW, without trying to jynx things, we've been up and stable for awhile now. I've got a *huge* mail queue offline now (turns out that was the main thing that was hurting us), so if you're missing any mail, let me know and I might be able to fish it out for you. discuss

2004-12-21: This has not been our week... Most recently there appears to have been a hardware problem on our main server. The service provider is looking into it. Currently, the system is up and performing very well, so perhaps they've resolved it. discuss

2004-12-13: We went down again -- this time a disk related problem. It appears to have been resolved. discuss

2004-12-12: The affected server is currently down and will be rebuilt soon by our service provider. After that, I'll get the service running again. This is some significant downtime, but hopefully won't result in lost mail, just delayed mail. I've moved the support bbs over to another of our boxes so that it can stay up during this time. I'll post updates here and answer questions there... discuss

2004-12-11: One of our servers looks like it may have a virus, so to be on the safe side we'll be reinstalling it -- this will bring the service down for some time this weekend. Sorry about this -- it's definitely going to hurt me worse than it hurts you :(

2004-12-07: A few spamgourmet users have been violating the terms of service by using the service "in a way that consumes resources in a manner grossly disproportionate to that of other users of the service, including, but not limited to the use of scripting or other automated means to create large numbers of accounts or addresses over a short period of time." This has caused some performance problems as the servers struggle to keep up. I'm going through and finding the patterns that indicate this condition, and disabling the relevant accounts and clearing the queues. This helps some, but we'll have to find a better long term solution. discuss

2004-11-16: Cleber Matos is most of the way done with a Portuguese translation -- thanks Cleber! discuss

2004-11-12: We had an outage this morning -- A big surge in traffic resulted in the disk volume that stores mail server logs getting full. It's been resolved. This should only result in a delay for email (it's up to the sending mail server how often to retry -- most do after 4 hours or so, but it could be more or less time). discuss

2004-11-04: I was spacing off, but some time in the recent past we passed 1 million spamgourmet email addresses! Not bad for a free service running on tinker-toy hardware.... discuss

2004-11-04: JF Boyer completed the Herculean task of translating the spamgourmet FAQ into French! discuss

2004-10-25: I just changed the terminology a bit: instead of a "forwarding address", we now have a "protected address". This may make things clearer or not -- unfortunately, the real reason for the change is that for some reason google has been showing email forwarding related ads instead of spam related ads, and the revenue from the ads has gone way down (yes, below the cost of the service, but there's no financial crisis!!!). Anyway, hopefully this change will bring back the happy spam ads and all will return to normal. Such is the strange and brave new world we inhabit... On the subject of the ads, please *don't* click on them merely out of a desire make money for sg -- please only do so if you're genuinely interested in the advertisement. Any crazy clicking tends to get a site shut down :( discuss

2004-09-29: I just started working on a spam legislation drafting committee. I'm getting up to speed with it, and I thought I'd ask you all for thoughts on the subject, so I started a discussion thread. Please pop in if you have time. Also, we're temporarily back to the old website config -- I still have work to do :(

2004-09-21: I'm going to experiment with moving the non-ssl website over to another box to see if it works and if it improves bandwidth costs. There's a possibility that things could get flaky during this time, but as soon as I know about that, I'll revert. If you're a translator, template updates aren't going to work for you during this period. discuss

2004-09-08: It's been awhile since we added a new domain -- we just went live with 'wronghead.com' -- you can use this domain for spamgourmet addresses, as you would use spamgourmet.com. discuss

2004-08-25: Check out sg'er Michael H.'s new site candleserver.com -- it's a place where you can light a virtual candle. discuss

2004-08-18: I temporarily unlinked the graphs page -- we've got to rethink the way we're getting the data for it, because currently it hits the [now fairly large] database directly and tanks it a little too hard. The graphs page will go back up when we arrive at a more polite (and probably less real-time) way to snarf the data.

2004-08-06: Well, that was a little bumpier than anticipated, but it looks like we're fully back up.

2004-08-06: The upgrade has been performed - we're running on the new box. One thing that wasn't clear from our earlier discussions is that several of our IP addresses will remain unaccessible for about 4 hours -- unfortunately, this means the alternate domains aren't functioning (ours, anyway), and the image server is down, so you won't be able to sign up for a new account during this period.

2004-08-06: Apparently the server upgrade was delayed -- it's now scheduled for 6:30PM PDT today 2004-08-06 (which is 01:30AM UTC on 2004-08-07)

2004-08-04: The server upgrade is on for 6:30PM PDT tomorrow, 2004-08-05 (which is 01:30AM UTC on 2004-08-06). We're looking at about a half hour of down time to get everything back up. Trust me, it's going to hurt me more than it hurts you :)

2004-08-03: We added a new feature that allows you to set the default number for your account (this is the number that's used when spamgourmet can't figure out what you meant when it sees a new spamgourmet address). You can set the number in advanced mode. It's currently set to 3 for you, unless you've changed it. So, you can make up addresses without using a number at all, for instance, someword.user@spamgourmet.com or saddlesore~spamcowboy@xoxy.net, and the system will use the default number as the number of messages. Note that this much has been true for awhile -- it's just that the number was always 3. Now, you can change it to any number from 1 to 20.

2004-08-03: We'll be undergoing a server upgrade (and a bandwidth upgrade - our usage is increasing, and the ISP made a good offer) in the near future -- I'm not sure when. This will result in some small amount of downtime for the service and website. Mail will ultimately be delivered, but delayed during this period.

2004-07-24: I just exposed the feature that lets you turn off "eaten message logging" for addresses that you've set to be "hidden". You can set it right under the place where you turn EML on and off. If EML is off, it will have no effect. This feature was suggested in the BBS and implemented on the back-end some time ago. It sure helps the log provide better info (I mean, who really cares if Alan Ralsky sent you 20 messages in the last hour -- especially if they're crowding out ones you wanted to see... So, if you're an EML watcher, turn this feature on, then when you see an address appear in the log that you don't care about, click on the word to edit it, then set it to hidden and it'll stop getting logged.

2004-07-22: Somebody set up the spamgourmet service on their very own server, including the website, with very little help from me!!! (He's still testing, and I think he's going to run it privately). It can be done -- don't give up hope!! This may not be the first time it's happened, but it's the first I know about.

2004-06-05: I forgot to mention -- David Chien a superb artist and early spamgourmet adopter, is working on redesigning the spamgourmet website! Finally we can put my amateurish web design skills behind us. He has no deadline (good things take time), but at some point, we'll see a dramatically different-looking spamgourmet.com -- in the meantime, to all of you who lament the appearance of the site, well, just you wait!

2004-06-05: I've decided not to go forward with the upgrade. Testing on a similar server [many thanks to the testers -- you might know who you are :) ] revealed that the network connection between the new server and the main server wasn't up to snuff. Instead, I've reverted to the original plan of using the newer host for image files, in order to cut down on bandwidth usage on the main web box. You may have seen images appearing and disappearing this morning - that's what was going on. I should mention that none of this represents any effect on the mail service, which runs in a completely separate environment.

2004-05-31: I got some very short notice travel plans, so I decided to put off the upgrade. I've forwarded some of the other domains to the other temporary site (images.spamgourmet.com) so that it can be tested more. We'll probably go for next weekend for the upgrade.

2004-05-28: I'll be "upgrading" the website this weekend. This will probably mean some downtime on the main site. During that time, you can get to the site at http://images.spamgourmet.com. I'll post again right before the upgrade.

2004-05-19: Once again, one or more viruses are on the loose, sending email messages that appear to be from spamgourmet and instructing the recipient to open an attachment that contains the virus. If you get such a message, delete it immediately -- it's not from us.

2004-05-18: We'll likely be moving the website from one server to another in the next few days -- this will reduce bandwidth charges, since the deal offered on the new server is better than on the old (same provider). Hopefully there won't be any downtime, but there's a chance the website will be down for a little bit. I'll post again when we've got a time established for the switch. The new server is operational -- you can check it out here -- it does seem faster, too. I'll keep you posted.

2004-05-14: Regarding the mailing list problem mentioned below, it's really looking like we'll need to maintain a list of domains that are forwarded through spamgourmet (we don't need to make it public, of course). If you're currently forwarding your domain through spamgourmet and you aren't sure whether we know about it or not, please send an email to let us know ("info" contact), so we can set it up in the local configuration. At some point, when the change goes in, any domain that hasn't been set up in this way will stop working.

2004-05-11: We picked up the domain spamcannon.com (we already had spamcannon.net), so you can start using it, too.

2004-05-06: Piotr Pikula did a Polish translation!

2004-04-27: *Humblest apologies* -- the upgrade and re-config of the DNS server left things in a broken state. We're back up now.

2004-04-26: We had a DNS server flake out on us today, which resulted in a temporary outage on new accounts (because you couldn't get the word in the image to confirm) and a slowdown with mail -- it's all back up now.

2004-04-21: We're working to resolve a problem with sg receiving messages addressed to multiple sg recipients. If you're signed up for a mailing list and not receiving any of the messages, this could be why. If you are receiving messages on the lists you're subscribed to, then you probably aren't affected by the problem.

2004-03-15: William Watson has provided his domain spameater.org for use as a spamgourmet domain -- it's now working like the others. Thanks Bill!

2004-03-11: NetEndeavors.net has given us a test server. This will be a tremendous help for trying out new features and debugging weird cases. Thanks guys!

2004-03-02: If you receive a message claiming to be from the spamgourmet team and accusing you of sending viruses, get rid of it -- it's not from us, and it probably has a virus attached to it...

2004-02-16: I changed the link "show my addresses" to be a search box -- that way, you can enter the maintenance area with a search if you like, rather than displaying all addresses (many users have so many addresses that it was starting to put a load on the server). If you want to see all addresses, just hit the "search addresses" button with no search terms.

2004-02-09: After much brainstorming, hand-wringing, and many months of preparation (mostly in the area of abuse prevention), we've turned on the feature that allows you to send the first message to someone in a way that substitutes your real email address for one of your spamgourmet addresses. This will be useful for making contacts off webpages that only provide a contact email address (rather than a form you could type a spamgourmet address into) as well as some mailing lists. To access the feature, log in and you'll see a new link in advanced mode that takes you to a page that lets you pick one of your spamgourmet addresses (or create a new one), and input a recipient address. When you submit, the system will give you one of those address like you see when you have reply address masking turned on. When you send a message to this address, it'll work just like when you reply to a message that was sent to you through reply address masking. Along with this feature, we did some fairly major code refactoring, gunning for a new release. We also added a "remember me" feature for those people who don't want to log in every time they come to the site (it's best to use this in secure mode only), and trimmed down the front page a bit in an effort to reduce bandwidth costs.

2004-02-08: Belatedly, I should mention that our own Syskoll has overhauled the French translation (and we're starting to get French speaking users!) and is also working on the English :) Also, David Ricardo Ramírez has been steadily undoing the damage I did with my initial Spanish translation (lo siento...)

2004-02-06: Just got a call from an attorney accusing me of entering some sweepstakes repeatedly -- I don't have all the details yet, but I'm assuming that someone has written a script somewhere to sign up for the sweepstakes using a different spamgourmet address each time. This is against the spamgourmet terms of service in several ways (see 1.j,n, and o for starters), and may even be considered fraud. The usual admonitions apply -- I'll work with any interested competent authority or investigator, and in this case there appears to be one.

2004-02-06: Geir Thomas Nordskog did a Norwegian translation! Al Hunt continues to contribute new cool link buttons, as well. We're still in development on the new feature, but getting closer.

2004-02-02: We are currently in "alpha" with the feature that allows you to send the first message in a masked dialog. If you don't understand what I just said, well, that's why we're still in alpha :) -- the feature is working, and we're working toward a good, intuitive, non-confusing way to integrate it into the user interface.

2004-01-29: Many thanks to Al Hunt of Shouting into the Void for the cool new "badge" sized spamgourmet link button, and a smaller one, too. They're on the "link to us" popup page.

2004-01-28: Because it suddenly seemed so trivial to do, I added the tilde ~ (the squiggly line that's in the upper left of the keyboard) as an alternative delimiter -- you can now use a dot (.) or a tilde (~) to form addresses (or mix them). So frombigcorp~3~spamcowboy@spamgourmet.com now works, and so does frombigcorp~3.spamcowboy@spamgourmet.com -- if you're one of the 6 users who had a tilde in your username, I-I'm sorry. It didn't look like the accounts were being used, and, um, I would've asked first, but I promised not to email you in the FAQ ...

2004-01-27: We just put up captcha images to help protect ourselves from scripts -- we're using Syskolls excellent new captchaserv system. He posted it on sourceforge for your downloading enjoyment

2004-01-20: Andrei - Aka Capcaunu' did a Romanian translation! We'll have him up on the team page as soon as we get the info for it. On a less happy note, the spamgourmet server's IP address is on the SPEWS blacklist because it's in a block of IP addresses that they've decided to blacklist -- no one is saying that spam is coming from the spamgourmet server. I really don't have the time or energy to deal with those guys. If you're having a hard time receiving mail through spamgourmet, ask your provider if they use the SPEWS list, and if they do, get them to unblock the IP address 216.218.230.146

2004-01-06: Jamie Keulemans did a Dutch translation!

2003-11-11: Sinan Can Imamoglu, owner of the domain dfgh.net, has set it up for use at spamgourmet -- you can use it in spamgourmet addresses as you would "spamgourmet.com" -- thanks Sinan!!!! This makes two 4 letter domains available (that we know of), and this one is easier to type than xoxy.net

2003-10-16: As I understand it, we've been de-listed (which is a good thing, in this case) from spamcop, so normal delivery should resume for those users who are blocking messages using the spamcop rbl. Hearty thanks to spamcop personnel for intervening in the otherwise automated process.

2003-10-16: spamgourmet has been blacklisted at spamcop due to some spamfilters believing that spam messages originated at the spamgourmet server rather than merely passing through it via unexpired spamgourmet addresses. We're working to resolve this "friendly fire" problem. In the meantime, if you or your service provider use the spamcop blacklist, you should be aware that all messages coming through your spamgourmet addresses are likely being blocked.

2003-10-10: We had an outage last night - my bad, the database server wasn't storing logs where it should and we ran out of disk space. It'll take the server a while to catch back up...

2003-09-17: Due to a reported vulnerability in sendmail, I'll be upgrading the main sg mail server -- this may result in slowdowns today.

2003-08-22: We've turned back on the Eaten Message Log feature which will show the time, sender, and "word" of the last three eaten messages in advanced mode. One difference is that you, the user, must activate it for your account in advanced mode. I think this will help a lot, since the mail server will only trouble to keep the information for the users who want it, instead of for all of us. Also, we've got more horsepower than before thanks to the new server, so hopefully all will be well...

2003-08-21: Swedish is up! Thanks Anders! My father, Pete Hamilton, visited and finished the fine job started by Nicolas of overhauling my crappy French translation. We just got a memory replacement (and upgrade) for the new rental server, and it now appears that the memory related problems we've been having are gone. I'll feel more comfortable after a problem-free week, but it looks good for now. In other news, spammers continue to put spamgourmet addresses in the bodies of spam messages (that are sent using other mail servers) -- I've even received voicemail on my home answering machine threatening to sue me if I don't stop sending spam! Again, I won't play cat-and-mouse, but I will play "cooperate with competent law enforcement authorities".

2003-08-02: Beware the W32/Mimail Virus, which is running around impersonating admins -- if you get a message that says your account is expiring (which it isn't) - don't open the attachment. It's not from me...

2003-07-25.2: Google ads are up [wince] - let me know if there are any problems.

2003-07-25: Donations are up since we got the new server -- thanks! I'm probably going to be putting up Google "adsense" ads on the site soon to help cover the cost, too, provided they're not too loud (I don't think they are). I've also received a lot of complaints about someone using a spamgourmet address as a "remove me from your list" address recently (essentially a "Joe Job"). The spammer did not use the spamgourmet system to send the spam, so the normal procedures apply: I refuse to waste time and energy chasing people like that around, especially since I have no control over what people write in their email messages. I will however, cooperate to the fullest extent with any compentent law enforcement authority investigating the matter.

2003-07-17: There was a network problem last night that stranded the new mail server. It's back up now, and will probabaly take a little time to get caught up...

2003-07-01: The mail service has been moved over to a new server, and the website remains in place, at least for now. As long as the website's in place, passwords will continue to work -- so log in if you haven't already (that's all you have to do, the system will re-encrypt your password to a format that is compatible on both servers). We had a few bumps migrating the mail service, and this will probably result in some delayed message deliveries -- some servers will wait up to 24 hours before retrying, so be aware of that possiblity. I really need to put in another plug for Hurricane Electric. They've been wonderful through this -- doing the heavy lifting and keeping things going, as usual.

2003-06-30: Server move is proceeding. Here's the bad news -- the new server has a different local encryption function, so the passwords won't survive the move... This won't affect email service. If you find yourself unable to log in to the website, use the auto password reset function, or, if that doesn't work email me. In the meantime, if you log in now (before the server is moved), you password will be saved in a platform independent encrypted form that won't have to be reset -- so log in!!!

2003-06-28: Still waiting on the new server. In the meantime, I added an auto-reset feature for passwords. If you forget yours, you can click the "problem with password?" link, where you'll enter your username. A special email message will be sent to your forwarding address that contains a link that will allow you to reset the password without knowing the old one.

2003-06-27: I'm going to be moving the server this weekend -- I don't plan any interruption of service, although I expect things will slow down a bit. I'll keep posting here as things develop.

2003-06-24: It appears that there was a denial of service attack on the service today, which is resulting in delay for messages getting through the system. We're looking into it...

2003-06-16: We now have Russian! Thanks to Eugeny Sattler. He's putting the finishing touches on the translation, but we went ahead and turned it on, anyway.

2003-03-03: There was an interruption of service for the alternative hostnames (not spamgourmet.com itself) last night and this morning. This was due to an upgrade of the sendmail software on the server that handles those domains (brought on by a report of a vulnerability in sendmail). I apologize for any inconvenience this may have caused.

2003-02-12: PC Magazine just rated spamgourmet along with several other email services. They gave it two out of five "circles" - the worst rating of any of the services they reviewed. If you feel differently (or even if you feel the same), please visit their site and provide your own review.

2002-11-23: In an effort to avoid 3 out of 4 support requests and emails I get (from users of MS Windows XP and MSIE) I finally caved in and modified the site to not use popups for the editing of spamgourmet addresses. I've tested it fairly well, but there may be a few oddities that'll get worked out over the next couple of days.

2002-11-06: Added two new columns to the list of addresses - the numbers of messages forwarded and deleted for each address. Note that this count started on late Nov. 4, so most of your existing addresses will likely have zero for both columns.

2002-10-07: Here's an update on the hosting situation. First, thanks a million to all who wrote to express support, who [gasp] donated, and especially to Scott at spamwolf.com for donating server space. Currently, spamgourmet has remained in place, and I've taken some steps to cut back on its CPU usage, including turning back off the embattled Eaten Message Log. The hosting provider informs me that CPU usage has fallen back to acceptable levels for now -- I'm currently working (at my real job) far in excess of normal hours, so I'll continue to do optimizations aimed at preserving the status quo for the time being. When I get more time, I'll work on moving the server to a better location. One thing I'm looking at soon is deleting all unconfirmed sg accounts that are older than a month and have received no messages -- speak now or ...

2002-10-01: My hosting provider contacted me to say that spamgourmet was using too much of the available server resources. I have to remedy the situation very quickly -- they suggested I look into a dedicated hosting package, which I will, but I doubt I'll be able to afford that. On the chance that I can scale back the software to be less rescource intensive, I'll be looking for opportunities in the next few days. This may mean a pull back of some features, (last eaten message log, for instance), a temporary moratorium on new users, and other things. I'll keep you posted. If you know of any alternatives, please let me know.

2002-09-20: Turned back on the eaten message log feature, this time with a more conservative implementation. I'll be watching it closely over the weekend. Hopefully, this one's a keeper.

2002-09-02: The domain xoxy.net is active for spamgourmet service. 4 letters!

2002-09-02: I had enough requests to donate and for SSL that I finally broke down and added a paypal donation section

2002-08-12: Someone has been using a spamgourmet address as a "from" address on several spam distributions recently, in contradiction to the spamgourmet terms of service. This puts an additional load on the server and leads to me receiving a bunch of angry messages at the abuse address for spamgourmet.com as if *I* were somehow responsible. I'm not going to bother analyzing and shutting down user accounts (a losing proposition and waste of my time, at best), but I *will* cooperate in any way necessary with compentent authorities who are trying to find the person responsible. If the problem gets bad enough, I may seek to obtain any available legal remedies I have against the perpetrator, including those related to violation of terms of service and those related to theft of services (and IAAL -- that is, I *am* a lawyer, after all).

2002-08-01: I turned off the eaten message log feature -- the server was unreachable for a couple of hours today, and I fear the extra load of the feature may have been too much.

2002-07-31: I added the list of info about the last five eaten messages to advanced mode. Hopefully also fixed the problem with MacOS 9 and IE5 by disabling the display of the graph for those browsers.

2002-06-19: I removed the "prefix" column from the list of spamgourmet addresses after a user comment made me realize it was redundant, in light of recent changes to the service.

2002-04-27: I have changed the function of the spamgourmet prefix so that it is only relevant for the *creation* of a new address, rather than for the forwarding of any message. I believe this will be more useful and intuitive, since it will work like a password for creating new addresses. It originally worked so that if you changed your prefix, you shut off all messages on existing addresses -- this was before you were able to go in and edit your existing addresses on the website and shut them off yourself, so it makes little sense now. Anyway, the prefix is now ideal if you think people other than you are thinking up new spamgourmet addresses for your account. You can stop them cold by adding/changing the prefix.

2002-04-18:You can now enable and disable reply address masking in advanced mode. It is disabled by default, for now. When it's enabled, the system modifies each forwarded message so that your reply will return to spamgourmet instead of going straight to the sender. The system then substitutes the particular spamgourmet address that was used for the your real return address.

2002-04-04: Added a Note field to each spamgourmet address record. You can use this to help you remember things about it.

March 23, 2002: We're seeking users who would like to test a new return address masking feature. The system modifies each forwarded message so that a user's reply will return to spamgourmet instead of going straight to the sender. The system then substitutes the particular spamgourmet address that was used for the user's real return address. If you are interested in helping to test, please send a message to with your username and forwarding address so that your account can be set up. Initial tests have been promising, but we need your help to identify problems.

March 7, 2002: You can now "hide" spamgourmet addresses from view in the search screen. This is nice if your list is getting large and has a lot of junk in it (like mine). If you need to view the "hidden" spamgourmet addresses, just check the "show hidden addresses" box next to the search button and do a search.

February 24, 2002: Over the next few days/weeks, non-English versions of the website will appear. As a language becomes ready, you will see it appear in the language list under the login form. Our initial goals include German, Spanish, Japanese, and Chinese. I am mostly using Babelfish to do the translations, then cleaning them up with the help of friends and hecklers. Special thanks to Jochen Schönfeld for doing the German translation.

If you speak English and Japanese ... *help*!

February 12, 2002: I've fallen way behind updating the page of links back to sites that have linked to spamgourmet. I accidently deleted a bunch of web access logs -- this is what I normally use to identify such sites, so if I miss yours, that's probably why, and I'll pick it up as soon as someone clicks through again. THANKS to everyone for the links.

January 3, 2002: Just added a feature that lets you use a word instead of a number in a spamgourmet address, if you like -- the system will take the [English] alphabetic postion of the first letter of the word, and use that for the number. Remember that the words 'sender' and 'domain' are special, though, and don't work this way. Anyway, now if you give the address:

Chunky.the.spamcowboy@spamgourmet.com

Stephen.F.Austin@spamgourmet.com

December 31, 2001: By the way, a few days back the spamgourmet project got approved for IBM's Linux Community Development System and got space on the big ZSeries. Yay!

December 30, 2001: v0.2 of AddressScrambler was released on SourceForge.net.

December 30, 2001: I got sick of getting my email address harvested off web pages (and even getting spam from folks who had harvested it, offering to solve the problem), and threw together some javascript that writes mailto: tags to the page using scrambled address text. This way, the harvester bots won't see an email address unless they have a javascript compiler... It's currently called AddressScrambler, and version 0.1 is available from the sourceforge project. I'm using it for all the info mailto tags (like this one: - view source on this page and see for yourself) , and on a couple of other websites. V 0.1 has no docs, so you might do well to wait for 0.2, at least. I'll also be providing at least a Perl server side component, and probably a custom JSP tag, too. Anyone who wants to write server side components for other environments (ASP, PHP), etc., please email me. Yes, I know this is kind of tangential to the main spamgourmet codebase, but it seemed related enough to be included in the project.

December 14, 2001: We're down to just a handful of users who remain affected by the confirmation bug. Again, if you're not receiving any mail, log in, input your forwarding address, save and confirm, and everything should work. Please send email to if you have any troubles.

December 13, 2001: IF YOU SIGNED UP BETWEEN DECEMBER 10TH AND 12TH, 2001, AND ARE NOT RECEIVING MAIL you may need to reconfirm your forwarding address -- my sincerest apologies for those of you with fairly long addresses -- a bug in the confirmation system (hastily installed on the 10th) may have truncated it when it was confirmed. The problem is fixed now, and a reconfirmation will remedy your situation if your address was truncated. I'm going through and fixing the obvious ones by matching the partial address by time and host with the confirmation click through -- but not too many are obvious... The confirmation code was totally separate from the core service code, which continues to function normally. Again, please accept my apologies and thanks for signing up. If you have any difficulties related to this, send mail to and I'll do whatever I can to help.

December 12, 2001: Fixed, hopefully, a bug that was preventing Netscape users from confirming their email addresses.

December 10, 2001: Well, it was only a matter of time before someone pointed out the potential for an ill-willed spamgourmet user to sign up for a bunch of lists, confirm, then change the forwarding address to someone else's (an unspeakable thing to do). This was 'lj' on the SourceForge discussion group. At lj's suggestion, I added a confirmation requirement for your spamgourmet forwarding address. That is, before a forwarding address will become active, you must click on the link that was emailed to it. Thanks a lot lj! -- of course, better to talk about it than to do it. And, yes, this is why I also registered the domain 'spamcannon.net' awhile back.

November 8, 2001: Fixed a reported bug that allowed some spam to get through . Also, added some new graphs that show average spam by weekday (Wednesday is the worst spam day as of this writing) and total cumulative users versus spam on Wednesdays. Both show six month trailing data.

October 5, 2001: Added some searching and sorting features to the list of addresses (available in advanced mode), and added a link to provide the list of addresses in XML format.

August 24, 2001: DNS host transfer has completed for the seven domains, and normal service has resumed. Again, sorry for the inconvenience.

August 22, 2001: The DNS hosting for spamgourmet.org, spamgourmet.net, spamcannon.net, antichef.com, antichef.net, neverbox.com, and recursor.net is currently in transition, which means these domains will be in limbo for a day or so. The old hoster somehow lost the forwarding rules, which meant the domains weren't working. Rather than take another shot with the old hoster, we moved the domains. Sorry for the inconvenience. Spamgourmet.com as a domain will continue to function normally during this period.

July 14, 2001: We're testing a new feature that lets you get your spam forwarded to an alternate email address, instead of it getting obliterated. Email info with comments or if you're interested in participating. Advantages: you don't lose any email. Disadvantages: you'll probably see spam, more load on server, potential for abuse (by using someone else's address, but who would do something so unspeakable?).

July 14, 2001: Various internal code improvements and documentation that bring the code closer to open source release -- let's face it: there's no better motivator for clean, commented code than the possibility that other people might look at it.

June 9, 2001: You can now edit your addresses to change the number of messages remaining (0 to 20) and add/edit/delete the 'exclusive sender' record for the address.

May 12, 2001: Added a popup in advanced mode for you to view all your addresses.

February 25, 2001: Began storing a complete copy of each new address, rather than simply storing the word, userid, number of messages, etc. This will be useful at some point when you want to go back and view all your addresses.

January 28, 2001: Added 'exclusive sender' functionality: you can now give an address in the form of 'word.+.username@spamgourmet.com' or 'word.sender.username@spamgourmet.com' and the first sender on that address will be allowed to use it indefinitely. Likewise, you can give an address in the form of 'word.*.username@spamgourmet.com' or 'word.domain.username@spamgourmet.com' and anyone from the first sender's domain will be allowed to use the address.

October 29, 2000: (I'm adding this retroactively -- this is the day spamgourmet became "open to the public")