Click here to Skip to main content
15,901,001 members
Search within:


Implementing Craiglist or Gumtree kind of email cloaking with C-sharp
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
C#
ASP.NET
Hello, please does anyone have an idea how to implement the craiglist kind of email cloaking techniques that generates temporary email addresses for the buyers and sellers to use for communicating only if the post is still active. I intend to use a shared host to carry out this task. The users should not access the message through the website, messages will be forwarded to their real email addresses via an address mapping table.

Any help would be appreciated. thanks.
Posted
Add a Solution
Comments
joshrduncan2012 11-Jan-13 9:13am    
What have you done to accomplish this task so far? We can't help you unless we see any attempt on your part first.
jaspadee 11-Jan-13 9:46am    
I have created a table message with columns: Id, PostId, RealBuyerEmail, FakeBuyerEmail, RealSellerEmail, FakeSellerEmail, Subject, Body, Date.
I use GUID to generate the fake emails. for example a buyer email will be like "b." + GUID (the generated GUID) + "@mydomainname.com"
I just want a real help/insight about using a pop3/imap to fetch from my catch all email inbox to the tables and distribute with a stored procedure (with cursor) effectively without delays and provision for error handling and recovery.
In addition to my post, the real emails of the buyers and sellers are collected during reply or post respectively. I map the fake emails to their real emails in order to redirect the email to their real email addresses.

1 solution

By doing what you do may face some major hassles with this e-mails. I would advise you to do something completely different.

Let your customers to register with their own e-mail addresses and change those addresses by themselves. Now, the critical point: you should guarantee that you never expose those e-mail addresses to anyone and never use any of those e-mail addresses outside your site, no matter what happens. In your site, develop a site-wide messaging system, based on member authentication, with private and public messages, whatever you want. As to the "real" e-mail addresses your members should trust you, use them for just one purpose: to send your customers the notifications. That will resolve all your problems.

—SA
 
Share this answer
 
Posted
Comments
Sergey Alexandrovich Kryukov 11-Jan-13 14:23pm    
I do understand your concern, but the strategy I described is most widely accepted and is considered safe enough; the potentially customers easily accept it and follow.
I suggest you still consider it, to stay out of trouble. What you want and describe is not necessarily what you should be doing.

But of course, you finally decide. Anyway, what prevents you from implementing your strategy?

—SA
jaspadee 11-Jan-13 15:59pm    
You are talking about opt-in and opt-out privacy laws and I am asking for possible solution to solve a technical problem. We are going 2 different ways and even wasting more time. If read my posts serially and the comments, you will see that I have even taken the users privacy into consideration and that is why I need to implement a system that hides their email even when communicating with other people. rather they use my temporarily provided email to communicate for the purpose of my service only. What is so difficult to understand.
Please lets make every post on codeproject and every other forum meaningful and not just posts.
Sergey Alexandrovich Kryukov 11-Jan-13 17:29pm    
No, absolutely not. You misread my idea completely!

You should try to see what I'm actually saying, and not what you think I should be saying! Do you see the difference?

And naturally, the rest of your comment is addressing anything, but not the idea I tried to conduct; it looks like you are arguing with some imaginary opponent. This is not me. I don't know even how can I continue the dialog. I can only advise that you read it again from my text and not from your imagination. What I say have nothing to do with opt-in/opt-out, whatsoever. In this design, you never need to hide any e-mail address just because you never expose them in first place, you don't even use them for communication between the members! How can you possible fail to see that?

—SA
Sergey Alexandrovich Kryukov 11-Jan-13 18:05pm    
Thank you very much for understanding the issue. This is the problem: you are preoccupied with the idea of dominant use of e-mail.

When you list your chores to be done, you already confine yourself in this concept. I can tell you what's wrong in it: e-mails are not designed to be safe in first place. Can you see it? Not safe at all, no matter what you do with this. My idea is: restrict the use of mail messages: they are either never used, or used for one and only one purpose: auto-generated message for notification purposes. By the way, it can be optional.

Right, lets consider this first: no e-mail at all. Isn't it logical? The only really safe things on the Web is the access of the messages via HTTPS (not even HTTP which can be eavesdropped) and authentication on the HTTPS page. Come from this point, and you will see that this is the right thing.

Let's see your items:

1. Create a catchall mail box on my smtp server.
No e-mail, no SMTP (SMTP is not safe, isn't it obvious?).

2. Catch all emails and save in that inbox.
No e-mail, members messages area instead of inbox, totally safe.

3 I want to fetch the unread ones as the hit the inbox into the ms-sql message table that maps the message to the ideal recipient and still withholds the identity of the sender too
Same as above

4. If sending failure occurs, queues up for resend trial.
Messages are stored on server, can be retrieved on member request, deleted, etc. No e-mail.

5. Run these procedures automatically as messages hits my catch all smtp inbox.
No e-mail, no SMTP, no need in those procedures.

And, only on top of this all, optional e-mail messages are possible, only for notifications.

Better now? :-)

—SA
Sergey Alexandrovich Kryukov 11-Jan-13 18:46pm    
By "safe" I mean, in particular, the possible leak of the e-mail addresses you seemingly do care about.

Make no attempt to make you change? Sure, if you say so.
Go straight to the point? No thank you, because I don't think this is a right point. You did not convince me so far, and I never do anything I consider as wrong. Look, I can see much more ill-posed problems than the problems difficult to solve.

"Let's work on solution"? No, thank you. You should clearly understand that this is only you who think that you need to be "satisfied" this way. I honestly trying to offer you decent help, but if you don't accept it, you are on your own. If you convinced me, I would keep trying to help.

—SA
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Email Verification in asp.net
paramaterized query in C-Sharp windows forms
Requirment of Source Code of C-Sharp Windows Application for Billing
How to add images to Button programmatically in c-sharp?
interface with C-Sharp
Cheque Scanning Implementation,Scanner
email component for server implementation
Outlook email implementation in our portal!
Export to pdf in C-Sharp
Email validation to implement in jQuery

Advertise
Privacy
Cookies
Terms of Use
Last Updated 11 Jan 2013
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web01 2.8:2024-05-14:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900