Thursday, March 19, 2009

Using Gmail to Find Mailing Lists That Sell or Give Your Email Address to Spammers

I was listening to the podcast the other day, and it mentioned a very interesting way to use Gmail to find mailing lists that sell or give away your email address to spammers. In short, if you add a '+' and additional characters after the user name (before the '@' sign), Gmail ignores that and will deliver the email to the normal address.

Why would this be useful to you? Let's say you need to sign up for many mailing lists using the same email address, and you want to be able to figure out which mailing list may have allowed your email address to fall into the hands of spammers. The solution is simple, sign into each mailing list with a unique identifier. For example, if you were to subscribe to the Speedbrake Publishing mailing list and you had the Gmail address, join the list using Email to that address will still come to address even though it was addressed to

Try it yourself. If you have a Gmail account (if not, get one set up for free at, and then join the Speedbrake Publishing mailing list at with '+speedbrake' inserted before the '@' sign. After you finish the signup process, you will get a confirmation email. By the way, this confirmation email gives you a link to a free copy of my book Parenting and the Internet, which is a useful guide for managing the online affairs of your child.

Do this for all of your new mailing lists, using of course a different identifier for each, and if you start getting unsolicited emails, you can easily identify who did you wrong and take appropriate action.


Anonymous said...

Couldn't a pro spammer simply use a script to strip the prefix?

Fichter said...

Great in theory - tricky in practice as alot of sign up forms won't accept odd characters like a plus sign in the email address field.