Sunday, August 19, 2007

Protect Your Mail-to-Blogger Address - It Is The Password To Your Blog

Sal X (name changed to protect) writes
I have to continually delete spam posts from my blog. Help!

Sal,

The public does not, generally, have the ability to post to your blog. There is one known way for unknown parties to post to your blog, and that is using a Mail-to-Blogger Address, when you set one up. The Mail-to-Blogger Address is a protected email address that you (and your friends) can use to post to your blog by using email. The address has 2 components - public and private.
  • The public component, that you can't change, is based upon your (if you are the original blog owner) email address.
  • The private component, that you can change, is based upon a secret, that only you (and your friends) should know.

If an unknown party finds out your email address, and can guess the private component, they can easily email posts to your blog. If your email address is at all known, and you want to use Mail-to-Blogger for posting, you better make the private component pretty hard to guess, unless you like spam.

The private component is the password to your blog, when you use Mail-to-Blogger. Give it a non-trivial value; the more complex the better. If a spammer can guess it, he will. Make guessing impossible, if you want to keep spam posts out of your blog.

If you have 2 (or more) blogs that you're using Mail-to-Blogger on, use different private component values for each blog, to keep the posts separate. If you setup Mail-to-Blogger so your friends can post to your blogs, and if you don't totally trust any individual who you disclose a private value to, make sure that knowing the value of one won't provide a clue to the other. If you have a cat and a dog, don't make one equal the name of the cat, and the other equal the name of the dog.

And here's one more detail. If you are using Mail-to-Blogger to let unregistered friends post to the blog, remember to only share the private component with those who you trust. And note that when anybody uses Mail-to-Blogger to post, there's no identification of that person, provided by Blogger - all posts are anonymous, and only based upon the Mail-to-Blogger public and private portions of the address used. You'll have to setup an agreement with all of your friends, and have everybody include their name in the content, if you want the posts to identify anybody.

>> Top

3 comments:

Holly said...

Is there anyway to change the mail2blogger.secretword@blogger.com?

When I first set up my blog, I used one Email, now I have a different Email I would prefer to use (especially since it appears to be linked to my picture & profile(.

If I can't change it - is it possible to set up a new account that looks like I am a second person being given full rights to the blog and set up the mail2blogger to the preferred account that way?

Thank you for your help.

Chuck said...

Holly,

Off hand, I can think of 2 or 3 possible solutions to your problem, based upon details that I would be asking you in Blogger Help Forum: How Do I?.

Dr Vineet Marwaha MBBS MD (Radiodiagnosis) said...

ur method helped me. thanks man