list archive updates
Dan Sanderson
lists at dansanderson.com
Tue Dec 31 01:57:09 PST 2002
I agree that if you use one email address for everything (purchases,
contests, Usenet, mailing lists, mailto: links), you'll eventually get
spam. When I switched to mail with a personal domain name, I started
using mail at mydomain for all purposes, and I was eventually overwhelmed
by spam.
So I routed mail@ to my Spam folder, replaced my mailto: links with a
web mail form, set up SpamAssassin, and assigned different addresses
under my domain to different purposes so I could track who is selling my
addresses. For the last 20 months, this has been almost 100%
successful, and my Spam folder has contained nothing but messages
addressed to mail@ or domain-based spam (such as webmaster@). So when a
message slips through, I want to trace it and try to plug the hole. I
use lists@ for three rather tight mailing lists, and this is the only
one that keeps archives. I asked Mike for email address obfuscation in
the archives when a morsel got through on this address.
Raw email addresses on web pages are a major source of exposure to spam,
and I try to keep all email addresses off web sites I control--
admittedly tricky on community sites where people want to share their
email address with other users. Common obfuscations are probably no
longer effective (if I were writing a spambot, I'd search for "x at y
dot z" right after "x at y.z"), but other methods, such as hiding emails
from anyone who isn't logged in to a site (for small-to-medium-sized
sites, anyway, where a user is unlikely to manually compile a mailing
list for resale) are worth doing, I think. Even an uncommon obfuscation
(JavaScript encoding, images for the @ and TLD-- not that I'm a fan of
either method) will be largely effective.
Not a big deal. I see spam as a privacy issue, so letting my addresses
into the wild and filtering spam as it comes in is not a complete
solution for me. If the group decides spambot exposure is not a good
enough reason to break the existing convenience of seeing unobscured
addresses in the archives, I'll probably change the address I use with
the list for tracking purposes. (Any chance I could have my old address
replaced in the archives? Or would that violate the sanctity of
historical record? :) I don't expect others to bend over backwards to
make my tracking easier, I just thought it'd be nice to keep our
addresses off the web.
-- Dan
On Mon, 2002-12-30 at 12:34, M. Hornung wrote:
> ...Personally my bias is toward no
> address changing whatsoever....
>
> People will get your address sooner or later, so pretending that you can
> hide it from spammers probably isn't the most honest outlook. Better to
> prepare for the spam (Spamassassin is working pretty well for me too, with
> some drawbacks) and not obscure your published address.
More information about the Linux
mailing list