The last several years have seen progressively increasing interest in and concerns about various rights of privacy. This has been fueled to some extent by the rapid growth and popularity of the Internet. An Internet user, such as a consumer who purchases products or services through the Internet, may be tracked or profiled in a way that the consumer does not intend or desire. For example, over a period of time, the consumer may make several different purchases through the Internet from a given seller. Since these orders will typically all originate from the same e-mail address, the seller can recognize that the orders are related, because of the common e-mail address. The seller can then use this linked information to build a profile, for example regarding the types of products purchased, brand preferences, quality preferences, buying patterns, frequency of orders, and so forth. The seller may even go so far as to use the profile to begin sending the consumer targeted advertisements that are unsolicited and unwanted. To the extent the consumer does not intend or desire that sellers engage in activity such as creating profiles or sending unsolicited advertisements, these types of activities raise privacy issues.
One technique for addressing these concerns is to use a privacy server as a “middleman” between the consumer and the seller. The privacy server generates one or more pseudo e-mail addresses for the consumer. When the consumer wants to communicate with the seller, the consumer sends an e-mail to the privacy server using the consumer's actual e-mail address, and the privacy server then sends that e-mail on to the seller using a pseudo e-mail address. When the seller then responds by sending an e-mail to the pseudo e-mail address, the e-mail is delivered to the pseudo address at the privacy server, and the privacy server then forwards the e-mail on to the actual e-mail address of the consumer.
If the seller sends unsolicited communications, the privacy server may subject them to filtering. For example, the consumer may ask that the privacy server forward only one unsolicited e-mail per week from any other given user. Similarly, when the purchase transaction between the consumer and seller has been completed, the pseudo e-mail address used for that transaction could be deactivated, such that the privacy server would reject or discard any and all communications sent to that pseudo e-mail address, including targeted advertisements. Thus, the consumer would never see these communications. Where the consumer is placing several successive orders with the same seller, the consumer could use a respective different pseudo e-mail address to place each of the orders. Since these orders would not share any common identifying information, it would appear to the seller that they originated from various different users. The seller would thus have no motivation or basis for recognizing that the orders are related or for attempting to develop a single profile based on the multiple orders.
A further consideration here is that there are computer “hackers” who attempt to obtain access to and interfere with computer-related activity of others. In some cases, a hacker engages in this activity simply for the pleasure of taking on the challenge of successfully perpetrating a disruption. In other cases, the hacker is unhappy with the entity operating the targeted computer system, and hopes that a disruption of that system's operation will result in dissatisfaction of the users of that system, and thus bad publicity and/or a reduction in business for that entity. Where the system is an e-mail server, one known approach for attempting disruption is to rapidly transmit a large number of false e-mails to the server, so that they overload the capabilities of the server and prevent it from handling valid e-mail traffic. This is commonly referred to in the industry as a Denial of Service (DoS) attack, because the goal of the hacker is to sufficiently disrupt the normal activity of the server so that other users are denied normal service.
With respect to the generation of pseudo e-mail addresses, there is a need to generate the pseudo addresses in a manner that avoids or at least reduces the likelihood and/or effectiveness of activity such as a DoS attack by a hacker.