A Spamkiss Token extends an Email address by a user-defined set of signs. This set of signs is written in front of the @ sign and is divided from the name part by a special separator. To be able to send a first Email to a Spamkiss user you will need to know this Token.
Letís just imagine that you met John Doe yesterday at a business lunch. You had a good conversation, discovered you had common interests. And John gave you his e-mail address and also mentioned that his current token is "fiffi". Now you want to send him a mail, and write down his e-mail address - email@example.com - in your address book. You extend his address, however, by the token, but only for your first mail to him: you send your mail to firstname.lastname@example.org. The Spamkiss System recognizes that you have used a correct token and places your address automatically in John's Kisslist. You no longer need the token for any future e-mails.
What the User does with the Token
Because you need John's token only the first time, he can change this part of his e-mail address at any time. John receives mails only from senders who are listed in his Kisslist or who are using an up-dated token. Thus the alteration of part of the address closes the portal for the abuser, as if John had changed his entire address. That means John can, so to speak, change his e-mail address as need be - without affecting correspondence to or from his friends or business partners.
What the Spammer "Gains" from the Token
If, after all, a spammer goes to the effort of obtaining John's current token: Good Luck! Just when he's sent John the first spam, John will remove the spammer from the Kisslist and change his token. A direct hit - the spammer can now go back to square one. By the way, do you deal in CDís that contain e-mail addresses from 25 million Internet-intensive users? What a bummer - without a valid token, these are unfortunately absolutely worthless.