SECURE-IT | Address-on-the-Fly™ (AOTF)

AOTFs are formed by adding a suffix to the right hand side of the root of your standard email address. For example, for the email address, an AOTF would take the format of Any suffix will work, including one with special characters.


A common approach is to select a suffix that relates to the context of the disclosure. For example, if Jane is registering on, she might disclose the address; or if she is buying concert tickets at, she might use the address She could also use any other suffix that she wished. (NOTE: if the format of the email address is, she would simply add another period to the email: for instance,


The new address needn’t be formally created, as the system automatically recognizes an incoming email with the recipient’s primary address in AOTF format, and hence knows the inbox to which it should be delivered. The first time EYES sees a new AOTF, it automatically captures that address (which is a new “To:” address), as well as the address of the sender (the “From:” address), and adds that To-From address pair to a special allow list, sometimes called a white list.

Because the addresses are temporary, AOTF messages bypass spam filtering, passing directly to virus filtering. Whitelisting the address pair assures that further communication using that address pair will arrive in the recipient’s inbox — not wind up in a quarantine folder or blocked as spam.

Because the system records each To-From address pair, it can easily recognize when an address disclosed to one party gets used by another. Using our prior Ticketmaster example, suppose the address gets used by a third party called XYZTicket. There are only three ways that this can happen: first, Jane Doe may have disclosed the Ticketmaster address to XYZTicket (although depending upon her standard practice, this may be unlikely); second, Ticketmaster may have shared the address with XYZTicket; or third, Ticketmaster’s address book may have been hacked and the addresses provided to XYZTicket. When the system detects a case in which an AOTF is used by a third party, it brings this to the user’s attention by including a message in the control panel, stating that “The address initially disclosed to Ticketmaster is now in use by another party and may have been compromised.”

If an address has been “shared” with a third party, and the user no longer wishes to communicate with that party, he or she has several options. First, the user may add the new sender to the Block List. Second, the user can limit the use of the address solely to senders at the domain to which it was originally disclosed; in this case – only to users at the Ticketmaster domain. Third, the user can disable the address altogether, in which case all subsequent email sent to the address will only be counted and then vaporized.

While AOTF provides some neat capabilities, it also has very powerful advantages for email users.

  • First, AOTF guarantees that email from desired senders will arrive in your inbox and not get caught in a spam filter or quarantine folder, thereby eliminating annoying false positives, which is a very common problem for certain kinds of mail.
  • Second, AOTFs provide an insulating layer of protection for your primary address. You no longer need to be fearful of giving out your primary address, with the risk that one ill-advised disclosure will overwhelm your inbox with spam. If an AOTF starts to attract spam, you can, as a last resort, disable the address and eliminate all of that spam without any impact whatsoever on your primary address.
  • Third, the combination of our AOTF and control panel features makes it much easier to detect phishing attacks. For example, if you’ve disclosed an AOTF to your bank and then receive an email on that address that uses your bank’s display address, but the control panel reveals that it’s from some other party, you can be assured that the email is a fraud. This is extremely helpful in discerning ever more tailored and deceptive phishing attacks.
  • Fourth, AOTFs enable you to identify parties that may be sharing or selling your email address, or whose address book may have been compromised. When all email arrives on a single address, the user really can’t discern the source of the spam that they receive. With AOTFs, they can.
  • Fifth, disabling an AOTF provides a very safe and convenient way of “unsubscribing” from a sender’s future communications. Some users are reluctant to use formal “unsubscribe” links for fear that they may contain a payload or confirm their existence. While AOTF is not a true unsubscribe, it safely accomplishes the purpose from the user’s point of view.
  • Finally, AOTFs enable you to personalize your communications with another party; for example, by adding a client’s name as the suffix or by adding an amusing tagline to the address that you disclose to a new friend.

“Address-on-the-Fly” is a registered trademark of Sophos Limited or one of its affiliates. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.