Q. How does spamgourmet stop spam?
A. Simple. We delete all of our users' email.
Q. Do you really delete all the mail?
A. OK, there are a couple of exceptions. See below.
Q. Is it free?
A. Yes. All we want is your spam. Your copious spam! (for statistics - the spam is deleted)
Q. Are you going to send me any email?
A. No. That is, unless you email us, in which case somebody will probably reply. Seriously - you can expect a confirmation message when you sign up, a password changing message if you need to recover your password, and that's it (we don't, for instance, send a message saying that your password was changed successfully). We will never send you a message with an attachment!!! There are a lot of viruses running around impersonating email system adminstrators, including us. If you get a message you weren't expecting, it's almost certainly not from us. If it has an attachment, don't open it
Q. I don't trust you enough to create an account with you using my email address.
A. That's not really a question, but here are some things you could consider: a) Go away -- if you change your mind, come back; b) Consider our track record -- we've been running for over 10 years (since late 2000), have never sent even one message to our user list (and no one else has access to it), and have tens of thousands of happy users; c) If you have time, create a free webmail account somewhere and use that to try us out -- be sure to use a really long username with that account, so that you don't get dictionary spam and think it came from us; d) use a disposable email service that doesn't require you to supply a forwarding address. There are several of them out there, and one of them might be just what you want -- people like'em. Actually, there are a whole lot of disposable email address services that look pretty good. Also, if you really like the spamgourmet functionality, but can't get comfortable signing up here, grab the code on source forge and set up your own server - we'll help you do it if you want.
Q. Really, how does this site make money?
A. It doesn't. This is a non-commercial service created by folks who've been driven rabid by spam. If you're really concerned, donate, buy a t-shirt, or a mug, or something. Or don't. It really doesn't matter because the service actually costs very little to run, and there are plenty of people lined up to take over paying the tiny hosting fee, if the need ever arises. Nobody has money tied up in the service -- nobody is expecting a return on investment from the service. If you'd like to discuss this, visit this thread
Q. Will spamgourmet stop spam from coming straight to my email address?
A. No. Spamgourmet only gets involved when the sender uses a disposable address that you've given out. When this happens, the message first comes to spamgourmet, then (maybe) to you. If someone sends a message straight to your real email address, spamgourmet isn't involved at all.
Q. How do I create a disposable email address?
A. The quick answer is that you don't -- they get created automatically. Here's the long answer: First, set up an account here, if you haven't already, and save your real email address in the space provided (don't skip this important step!). Remember your username. Later, when you need a disposable email address, just think of a word (any combination of letters and numbers (20 characters max), provided you haven't used it before), and decide how many messages you want to receive at the new address. Then, put the word, the number, and your spamgourmet username together with dots to form the disposable address. For instance, if your Username is "spamcowboy", then you could make a disposable address like so:
Then, you can use the address to sign up for your favorite spam-prone website, get a confirmation message, get your password in the second (and final) message, then smile and consider for a moment that no one, no-how is going to send you email with that address again.
So, you really don't do anything to "create" the address - you just make it up on the spot. The address will be created automatically in our system the first time it gets used.
Note: As of January 3, 2002, you can use a word instead of a number -- the system will look at the first letter of the word and use its position in the English alphabet as the number (the words 'sender' and 'domain' are exceptions - see below). The limit of 20 still applies, so letters after 'T' will still count as 20. So, now: email@example.com
will be good for one message - 'a' being the first letter of the English alphabet, and
will be good for twenty messages -- 'y' is the 25th letter of the English alphabet, but since that exceeds 20, it will be set to 20.
Note: As of sometime later, you can omit the number altogether, and the "default number" (which is 3, unless you've changed it in advanced mode) will be used., e.g.:
would be good for 3 messages (or more, or less, if the default number was different).
Q. I signed up and gave out some disposable addresses, but I'm not getting any mail through the system. What's wrong?
A. Check and make sure you can receive mail at the forwarding address you supplied - this is the one that's displayed near the middle of the screen when you sign up or log in, and this is where your forwarded spamgourmet mail is going. If it's not correct, fix it and click save. Another possibility is that the folks you gave disposable addresses to haven't used them yet. You can test your setup by sending a message from your email program to an address like
Another frequent cause of this is spam filtering software working on your forwarding address -- that is, messages get through spamgourmet, but then get caught by some other spam protection before they make it to your inbox. If this is the case, you may get some help from your email service provider. Hotmail users frequently complain that the hotmail service prevents spamgourmet forwarded email from reaching their accounts. We're working to solve this problem, but we don't have any control over what hotmail does with the forwarded mail, of course.
If you're still having trouble, send an email to the contact on the front page.
1. Go to your Hotmail account.
2. Near the top-right-hand side of the Hotmail window is the 'Options' link - click on it
3. Once the next screen loads, select the item titled: 'Junk E-Mail Protection'
4. Once the next screen loads, select the item titled: 'Safe List'
5. Once the next screen loads, type the following (no quotation marks): 'spamgourmet.com'
6. Now click the 'Add' button
Any mail arriving at your Hotmail account from Spamgourmet should now actually arrive in your inbox. (Thanks Peter!!!)
Q. I'm using a Gmail account as my protected (forwarding) address. Nothing happens when I send a test message from my Gmail account to a disposable address -- that is, I see the message I sent, but I don't get anything back via the disposable address. What's going on?
A. Gmail does receive the message from the disposable address, but when it compares it to the message that you sent, it sees that they're the same, and so it only shows you the one you sent. To really test things, try sending a test message from somewhere else -- even another Gmail account will work.
Q. I can't stay logged in! When I switch from no-brainer to advanced mode or try to do anything, the system says I'm not logged in even though I just did! What gives?
A. Check your cookie settings -- spamgourmet uses a "session cookie" (the kind that is *not* stored on your computer) to track your log-in state. Make sure that the spamgourmet site is allowed to set a session cookie in your browser. Some newer browsers (IE?) appear to disallow this by default. Another possibility is that you are behind a caching proxy that is preventing your login from taking place. One way to get around this problem is to switch to "secure" mode.
Q. I hate spam, and so I report it to places like spamcop so that they can put the spammers' servers on blocklists. Can I do that with messages that are forwarded to me by spamgourmet?
A. Don't do this unless you're sure you know what you're doing. Many well-meaning spamgourmet users report spam in a way that implicates the spamgourmet servers as the source of the spam! When this happens, it jeopardizes the entire service (because many users won't receive their mail if the spamgourmet servers wind up on a blocklist). Also, it consumes a lot of our time trying to get the issues cleared up. This has actually (and ironically) turned into one of our biggest problems, and so we've added a clause to our terms of service that prohibits the reporting of forwarded messages in a way that implicates our servers as the source of spam (unless they really were the source, but it'll be a cold day in...). If it looks like your reporting is jeopardizing our service, we won't hesitate to disable your account -- don't take it personally.
Q. When I register a new user, your web site wants me to read a word in an image. Are you just trying to be sadistic?
A. We reserve our sadism for spammers. As of January 2004, we require every user to be human. That rules out spammers. Not because they are subhumans, but because they generally use scripts to register multiple IDs on web sites. Scripts can't do the word-in-an-image reading. Human beings, on another hand, should have no trouble.
Q. I am human but I am vision-impaired. I cannot see the darn word in the image. Help!
A. Contact us and we'll open an account for you. Email from this page
Q. How do you delete disposable addresses? My address list is getting cluttered.
A. You don't -- rather, you "hide" them from your list by choosing the "hidden" checkbox on the address edit screen and updating the address. If you actually deleted them, they'd be created (with a full set of messages) the next time they were used.
Q. This would be perfect for signing up for online sweepstakes and coupon offers, etc.
A. It is! Keep this in mind though: do use a spamgourmet address to sign up instead of using your regular address, it'll save you from getting spammed to death later - don't write a script that repeatedly signs up using different spamgourmet addresses (or any other email addresses, for that matter) - this may be considered fraud, and is squarely contrary to the spamgourmet terms of service.
Q. Couldn't you make the whole thing a lot easier to understand by redesigning your site and providing instructions in a more clear way?
A. Probably. Frankly, we're trying to build a user base of people like you, who probably have some familiarity with the way email works and who are willing to read FAQ's. This is to keep our support burden to a minimum (this is a non-commercial service). So far, the approach has worked well -- just about all our users hit the ground running with no need for support, and it's our belief that those users who would require support generally don't sign up in the first place, perhaps because of the geeky presentation of the site. That's not to say we don't provide support where it's needed -- after skimming this FAQ, please don't hesitate to write if you have a question or believe there's a bug.
Q. How come the number in the disposable email address doesn't go down as I receive emails?
A. Well, that would make a different email address, wouldn't it? We record the number the first time we see the disposable address, then count down internally to zero. The truth is, after we've created a disposable address, the number really doesn't matter anymore, and another one could be used. The person (or thing) you gave the address to will still have the original number as part of the address, though. ed. - confession: this is not a frequently asked question. No one has ever asked this question
Q. What is the maximum number of email messages I can receive at a disposable address?
A. 20. If you specify a number higher than 20, our internal counter will be set to 20. You wouldn't really want more than 20 messages on a disposable address, would you? Note that with trusted/exclusive senders, and refilling, you can extend the number way past 20 -- indefinitely, really.
Note: as of June 8, 2001, you can add more messages to ('refill'?) an existing disposable address by going to advanced mode, clicking the search addresses button, locating the address (they're sorted by age, newest to oldest), clicking the 'word' of the address, then increasing the number of remaining messages and clicking the update button. Each address still has a max of 20 messages at a given time.
Q. So I can answer 'yes' when they ask if I'd like to receive notices of special offers and exciting products from trusted affiliates?
A. Yes! Yes you can!
Q. Wait, doesn't this mean that anyone can make up a word, specify a number, and then send me email at my spamgourmet address?
A. You, who are obviously using your brain, should look past the no-brainer mode page and peruse the advanced mode page. But let's first consider the likelihood of that happening and also whether you'd consider such email to be spam (that is, let's consider whether it's worth it to use your brain. for this. you know what I mean.). Remember that most spammers use automated programs to send email to thousands or millions of recipients from lists of hopefully real emails that they compile or acquire. Currently, we are not aware that any of these programs make up complicated email addresses in the hopes that they'll work. If someone singles out you, yes, you, [your name here], and sends a message to you this way, then we can't really say it's a bulk email. If you're still freaked out, go to advanced mode and specify a prefix word (or, better yet, one or more "watchwords"), then come back and change it (them) every once in a while.
Prefix (the old way): Disposable addresses will need to contain your current prefix word in order to be created, like so:
So the prefix works like a password that a sender must have before the sender can create an address on your account.
Watchwords (the new way) are similar except that they must be contained in the word for the new address to be created. They use regular expression matching (if you know what that is) so you can come up with all sorts of interesting approaches. For a simple example, if you have rope and soap as watchwords, these addresses would work:
but this would not:
But really, stop freaking and try no-brainer mode for awhile (or, at least, advanced mode without using a prefix or watchwords). It's easier, and it'll take quite some time before your username gets around, anyhow. (ed: josh - spamgourmet user #1, active since mid-2000, does not use watchwords or a prefix, and has never (in over 10 years) noticed someone making up addresses on his account (10 glorious spam-free maintenance-free years that you skeptics from the year 2000 could have been enjoying - hah! :)))
Q. Can I specify a trusted sender or domain who will be allowed to send me email at my spamgourmet account?
A. Yes, in advanced mode, just list senders' email addresses or domain names in your setup and these senders will be allowed to send you email using any of your disposables without advancing the count. Of course, if you really trusted a sender, you could just provide your real email address. So here, we're talking about folks you trust to send you email, but don't trust to keep your email address to themselves. This probably includes anyone who uses an email client that is highly susceptible to virus infections, which is, unfortunately, a lot of people.
Q. So I can sign up for a service with a disposable address, then, if I decide I'd like to keep receiving email from the service, I can come here and add their address as a trusted sender and keep getting email from them?
A. Yes. Just look at the "from" address on one of the emails you received and add it as a trusted sender. (or, if you're subscribed to a mailing list that is always sent "to:" the same address, you can put that address as the "exclusive sender" for your disposable address -- that'll work even if the messages are "from:" a bunch of different people).
Q. Is there a way to give an address that allows the initial sender to send an unlimited number of messages, but eats mail from anyone else ('exclusive sender')?
A. Yes... but be careful, since the first sender may not be the one you had in mind. If you give an address like this:
the system will record the first sender on the address, allow all mail to that address from that sender, and eat all mail to that address from all others, unless they're on your main list of trusted senders. More broadly, if you give an address like this:
the system will record the domain of the first sender and accept mail at that address from any sender in that domain, eating mail from all others, unless they're on your main list of trusted senders.
Really, be careful with this one. One of our crew used this method to sign up for some semi-critical service, and then, what do you know, the first message came from an 'opt-in' spammer and he missed the important messages that followed. After that, guess who was allowed to keep sending messages indefinitely... Because of the potential for trouble, we haven't documented this feature on the main page.
Also note that, as of June 8, 2001, you can add/edit/remove exclusive senders from any of your disposables by clicking on the view/edit link in advanced mode. This will let you send a normal disposable, then 'lock in' the sender at any point you like -- similar to adding a 'trusted sender' for your account, but specific to the particular address. Also, if it's the "to" address that is unique for a particular mailing list you want to use, that will work just as well here (just don't put the disposable address itself here, of course, since that would have the effect of allowing an unlimited number of messages from anyone).
Q. Are there any differences between trusted and exclusive senders other than the fact that trusted senders can send indefinitely to any address on the account, and exclusive senders can only send indefinitely to a particular address (and match on the To: address as well as the From:)?
Yes. The system uses "domain style" matching for trusted senders, that is, 'example.com' would match addresses like 'firstname.lastname@example.org' and also 'email@example.com', but 'other.example.com' would only match the second of those two; and exclusive senders use "regular expression" matching. Look it up. The reason for this is based on performance and historical accident, but it works, so we're sticking with it.
Q. Why do I have to confirm my forwarding email address? I didn't have to do that before December 10, 2001.
A. As one 'lj' put it in the new features suggestions discussion:
mmmm...perhaps add a confirmation of some kind when a forwarding address is changed? I could sign up for a hundred mailing lists in digest mode to go to one SG address. I could then reply to each opt-in confirmation forwarded to me to verify the address. Then I could go back to spamgourmet and change the forwarding address to someone else's email. I would only have to reply to the confirmations for digest mode, while the victim would get all the big emails once I changed the forwarding address. ljNot that lj would do that, of course... but starting December 10, 2001, users will need to confirm new or changed forwarding addresses by clicking on (or pasting into their browsers) a special URL that is emailed to the address. Existing forwarding addresses will continue to work without confirmation.
Q. I want to put my email address in a public place in the hopes that
real people I don't know will email me, but I don't want to get picked up by spambots. Can you help?
A. You could provide a disposable address with a high number (like 20) -- that should give real people enough tries at reaching you before the spambots catch up, and you can reply to the people with your real address, or add their addresses as trusted senders. If you want to receive an indefinite number of messages from unknown real people off your publicly disclosed address, we can't really help (not really true any more -- see sgmailto below). [note: as of June 9, 2001, you could 'refill' your address with more messages in advanced mode if it ran out - that's true for all addresses, even if they're older] However, one method we've seen used is to use your real email address with extra characters that make it invalid (like '_nospam_'). Then, in your message, instruct real people to remove the characters if they want to send you email. Spambots are getting smarter all the time, but this one should stump them for awhile yet. We've seen some spamgourmet users do effectively the same thing using a bare spamgourmet address and putting the prefix in the body of the message -- that's supposed to work pretty well, too, but [the person writing this right now doesn't fully understand how that works and...]
If you run a website and want to display email addresses on the site while protecting them from harvesters, use an obfuscation technique, such as AddressScrambler, which is available for free on the downloads section of the front page of spamgourmet. Note: AddressScrambler is now deprecated, and instead we're recommending sgmailto, which is available from the same place - it works pretty well.
Q. How long can my username be?
A. 20 characters. No dots! (and no tildes! ( the ~ character) )
Q. How long can my word and prefix be?
A. 20 characters, each. No dots or tildes here, either.
Q. Will a future version let me have a dot in my username?
A. No. You will never be allowed to have a dot in your username. But note that it would be fairly trivial to use a character other than a dot if you wanted to host the service yourself. You can download the code off the front page -- write the contact on the front page if you need help setting it up (and if you can do it without help, please write the contact anyway -- it'll make him feel better about the whole thing). Note that you can now (2004-01-28) use a tilde (~) to form addresses the same way you use a dot -- so you can't have a tilde in your username, either. Actually, there are a lot of characters that you can't have in your username, because they would make an invalid email address -- / slashes and @ signs and things like that. We try to stop you from putting them in when you sign up, but we're not always successful. If you're in doubt, just stick with letters and numbers and you'll be OK.
Q. I forgot my password. Can you give it to me?
A. No. As a security measure, and because we really have no business knowing your password, we use one-way encryption to store all passwords. This means we don't have a clue what your password is, either. You can either a) use the new auto-password reset system (yay!), b) create a new account, or c) email the contact on the front page. If you convince the contact on the front page of your earnestness, we may be able to reset your password (to something new) for you. If you've also forgotten your username, you can [create a new account! or] email the contact on the front page with your 'forwarding' email address, and we may be able to help.
Q. Is there a way I can view a list of all my disposable addresses?
A. There's a search form in the middle of the advanced mode page that will show you a list of your disposables - if you leave the search box blank, all them will will show (except the hidden ones). Note that, in late February, 2001, we began recording the entire email address, rather than just the word and number.
Q. Can I use spamgourmet as my mail server for incoming or outgoing mail?
A. No. Try to put this thought out of your mind.
Q. Can mail that is eaten be recovered?
A. No. It is never even written to disk. For this reason, if it wasn't already obvious, we recommend you only use spamgourmet for non-essential purposes. We vaporize the mail because a) it keeps our cost down and your service free, and, more importantly, b) if we saved it for you, you'd probably come look at it every once in awhile, and then you'd see spam, which is exactly what we're trying to avoid. If this still bugs you, try to think of spamgourmet as not really email, but something like email that is appropriate to use when dealing with entities who refuse to use real email appropriately.
Q. What if I accidentally use a word that I've already used when I'm making a disposable address?
A. There can be only one disposable address for you for each word. If you make up one with the same word (regardless of the number) as a previous address, its messages will count toward the number that was set the first time you used the word (in the previous address). If all the messages of the original have been used, you won't get any mail with your new address.
Q. I think they're on to me - are there any other domains I can use besides spamgourmet.com?
A. Yes - you can use spamgourmet.net, spamgourmet.org, spamcannon.net, antichef.com, antichef.net, neverbox.com, recursor.net, dfgh.net, spameater.org, and xoxy.net just as if they were spamgourmet.com. Best to pick one and stick with it, since that will make it easier to remember your disposable addresses if you have to. There are other domains you can use, as well (search around the site and BBS, and the web, too). We don't list them all in one place, because some webmasters configure their sites to reject our addresses, and it seems like they come here to see which domains to reject. (If you *are* one of these people, why do you do this? What good does it really do for you, and don't you have better things to do?
Note: and, as of January 3, 2002, you can use a word instead of a number -- the system will use the English alphabetical position of the first letter of the word for the number (see above for details). If do this and use another domain, the addresses get pretty hard to recognize.
Q. Wow, I have an idle domain I'd like to use for spamgourmet addresses. How can I do that?
A. The preferred method would be to get your ISP to forward all mail for the domain to the recipient user @ spamgourmet.com. For instance, with sendmail, your ISP could add a line like:
@youridledomain.com %firstname.lastname@example.org the virtusertable file. The less preferred method is to forward all mail for your domain to the address email@example.com. Think hard before you do this though, because if your domain winds up in countless spam lists and then, one day, you decide to bring it back into normal service, your mail hoster may be unpleasantly surprised. Note: for the longest time, it was not necessary to even let us know about doing this. An upgrade is imminent that will require that we know about all such domains in order for them to keep functioning (necessary to resolve another problem). So, if you're setting up your domain, please send an email and let us know so we can add it to the configuration. If you currently have a domain set up, please let us know so we can add it to the configuration.
Q. I just noticed that I can send out messages through spamgourmet that appear to come from my disposable email addresses -- can I use this feature to distribute my newsletter to my millions of fans?
A. No, sorry. The sending feature (like the rest of the service) is intended for individual users communicating with single or very few recipients at a frequency that's reasonable for a single user doing that kind of thing. Think: one-to-one, not one-to-many. As an anti-spam service, if we ever get accused of letting our users use our service to spam people (even though you're not spamming anybody, jeez), well, we just can't go there - hope you understand. If you send messages out through the service in a pattern other than the one described above, your account will probably be automatically disabled, and you won't get notified and we won't necessarily get notified and it'll just kind of stay disabled and you'll stop getting any messages. Don't take it personally, that's the way it's gotta be.
Q. How do I report a bug/suggest a feature?
A. Go to the discussion forums (preferred) or send email to the contact on the front page with as many details as you can give. We won't eat your message, we swear.
Q. Will you notify me of new features?
A. Probably not. Sending email to the list of users is just about exactly antithetical to the spamgourmet code of ethics. If enough users demand it, we may implement an opt-in option to be notified, but you'll still have to come back and opt in (ughh, the mere mention of the possibility makes my skin crawl...).
Q. Can I have the source code?
A. You sure can! In fact, we have a project on sourceforge that provides free versions of the software that should be easy to deploy, install, and configure in a variety of email service provider environments (sadly, they are not that easy, yet). In the meantime, send an email to the contact on the main page. Hopefully, you'll want to get involved in the sourceforge project, as well. We need documenters and coders who can help with making our software easy for service providers to deploy, install, configure...
Q. What platform/database/language does the service use?
A. The current configuration uses: perl for the website and mail handler, mysql for the database, sendmail for the mail server, apache for the web server, and linux for the OS. None of these (except possibly perl for the mail handler) is really required, though, and our planned release versions should work on most platforms.
Q. How can I tell all my friends about this amazing service?
A. Copy the following text and email it to everyone in your address book three times. There are widely available scripts for the most popular email programs to help you do this.
-------start------- Hey sorry to hear about your dog. Hey I just gotta tell you about this amazing service I found! It's called spam gourmet, and you can go there by clicking on this link: http://www.spamgourmet.com. It's truly amazing! They provide disposable email addresses and spam filtering. You can 'set it and forget it' or come back once in a while and change your settings. And best of all, it's totally free! OK. I gotta run -- I have to tell others about this fantastic service I found at www.spamgourmet.com! -------stop--------
Q. Screw you guys! I'm going to delete my account, but, um, I don't know how. How?
A. When you run a free service, there are a bunch of things you don't have worry about, and one of them is talking people out of leaving -- so, adios! :) You can always come back later if you change your mind. You can *disable* the account by setting the protected address to be blank and saving -- all mail that comes to the account will be eaten. If you want to lock yourself out, change the password, but don't look at what you're doing when you type. You can't "delete" the account, because if you could, then someone else could sign up with the same username, and then mail that was coming to you would go to that person instead, and that would be weird. Hypothetically speaking, say you used a disposable address to sign up for Michael Bolton's site, and provided your real name and address. Later, you delete your spamgourmet account. Still later, someone signs up with the same username you used to have. Then, that person receives an email from Michael Bolton that shows or provides access to your real name and address -- *that can't happen*!!!
Q. Do you think Hormel Food Corporation will sue you for using the word 'spam' so profusely?
A. No, at least, hopefully not. Hormel took a very progressive position regarding the use of the word 'spam' to describe unsolicited bulk email and other related Internet phenomena (provided the letters are not capitalized, as we've taken care not to do). Click here to read it. If only other established companies would follow their lead...
Q. Will you sell your list of users and email addresses to spammers?
A. No, we're on the list, too.
Q. What if somebody sues you into nilspace, then dances away with your user and email list?
A. Jeez. OK, let's take a minute and consider the commercial value of our user list. We don't have your name, gender, ZIP code, age, citrus treat preference or anything like that. In fact, the only thing that can be said about you is that you really don't want to receive any unsolicited email.
Q. Maybe you're right about the commercial appeal of your user and email list. But what if some power-mad spam-dealing vendetta-fixated unsoliciteur sues your pants off, then uses the list to wreak unholy, spamtacular revenge on us shivering spamgourmet users?
A. Suppose you're out of luck, in that case.