Thread: List online archives and spam
Dear fellow listers, due to the online availability of this mailing list's archives I am now flooded with spam. Are there any plans to implement a protection of the email addresses in the online archives? If not, how do you handle this annoyance? Christoph Dalitz
the same thing happened to me also. Gabi ----- Original Message ----- From: "Christoph Dalitz" <christoph.dalitz@hs-niederrhein.de> To: "PG Mailing List" <pgsql-general@postgresql.org> Sent: Monday, February 03, 2003 12:03 AM Subject: [GENERAL] List online archives and spam > Dear fellow listers, > > due to the online availability of this mailing list's archives I am now > flooded with spam. > > Are there any plans to implement a protection of the email addresses > in the online archives? > > If not, how do you handle this annoyance? > > Christoph Dalitz > > ---------------------------(end of broadcast)--------------------------- > TIP 5: Have you checked our extensive FAQ? > > http://www.postgresql.org/users-lounge/docs/faq.html
If you can run procmail then that's your best bet. Take a look at spamassasin, seems to do a proper job.. B. -----Oorspronkelijk bericht----- Van: pgsql-general-owner@postgresql.org [mailto:pgsql-general-owner@postgresql.org]Namens Christoph Dalitz Verzonden: maandag 3 februari 2003 9:04 Aan: PG Mailing List Onderwerp: [GENERAL] List online archives and spam Dear fellow listers, due to the online availability of this mailing list's archives I am now flooded with spam. Are there any plans to implement a protection of the email addresses in the online archives? If not, how do you handle this annoyance? Christoph Dalitz ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html
On Mon, Feb 03, 2003 at 09:33:51AM +0100, B. van Ouwerkerk wrote:
> If you can run procmail then that's your best bet. Take a look at
> spamassasin, seems to do a proper job..
X-Spam-Status: No, hits=0.3 required=5.0
tests=IN_REP_TO,RCVD_IN_UNCONFIRMED_DSBL,SPAM_PHRASE_01_02,
SUBJECT_IS_LIST,USER_AGENT_OUTLOOK
version=2.44
this is what spamassassin adds to your incoming email. makes it
very easy to spot spam. and has very few false positives.
when it's a really bonafide suspect (much higher score) you can
see lots more tests plus it changes the subject so yuo can tell
at a glance that it's spam.
the above sample status is from the very message i'm replying
to.
so, you use outlook? eesh! :)
--
There are 10 kinds of people:
ones that get binary, and ones that don't.
will@serensoft.com
http://sourceforge.net/projects/newbiedoc -- we need your brain!
http://www.dontUthink.com/ -- your brain needs us!
Looking for a firewall? Do you think smoothwall sucks? You're
probably right... Try the folks at http://clarkconnect.org/ !
Great.
Lookout isn't a problem, users are. More specific stupid users who click on
almost everything, and use the preview pane because it's easier to be able
to read a message as soon as it arrives..
How much I dislike Lookout, it's about the only mailclient which runs
properly on XP.
B.
-----Oorspronkelijk bericht-----
Van: pgsql-general-owner@postgresql.org
[mailto:pgsql-general-owner@postgresql.org]Namens will trillich
Verzonden: maandag 3 februari 2003 11:36
Aan: PG Mailing List
Onderwerp: Re: [GENERAL] List online archives and spam
On Mon, Feb 03, 2003 at 09:33:51AM +0100, B. van Ouwerkerk wrote:
> If you can run procmail then that's your best bet. Take a look at
> spamassasin, seems to do a proper job..
X-Spam-Status: No, hits=0.3 required=5.0
tests=IN_REP_TO,RCVD_IN_UNCONFIRMED_DSBL,SPAM_PHRASE_01_02,
SUBJECT_IS_LIST,USER_AGENT_OUTLOOK
version=2.44
this is what spamassassin adds to your incoming email. makes it
very easy to spot spam. and has very few false positives.
when it's a really bonafide suspect (much higher score) you can
see lots more tests plus it changes the subject so yuo can tell
at a glance that it's spam.
the above sample status is from the very message i'm replying
to.
so, you use outlook? eesh! :)
--
There are 10 kinds of people:
ones that get binary, and ones that don't.
will@serensoft.com
http://sourceforge.net/projects/newbiedoc -- we need your brain!
http://www.dontUthink.com/ -- your brain needs us!
Looking for a firewall? Do you think smoothwall sucks? You're
probably right... Try the folks at http://clarkconnect.org/ !
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > due to the online availability of this mailing list's archives I am now > flooded with spam. > > Are there any plans to implement a protection of the email addresses > in the online archives? This question was asked a few days ago but never answered. Could someone from the web development group at least give a yes or no answer? Since the archive is already parsing the emails into mailto links, this seems like it would be a trivial fix. Thanks. - -- Greg Sabino Mullane greg@turnstep.com PGP Key: 0x14964AC8 200302061328 -----BEGIN PGP SIGNATURE----- Comment: http://www.turnstep.com/pgp.html iD8DBQE+QqttvJuQZxSWSsgRAkdCAKDx3heVP5q07PZzcqWN2RnE7UV7VgCfe/sF EHMFue6nlJEzxMWMaq8TZKw= =ORYL -----END PGP SIGNATURE-----
On Thu, Feb 06, 2003 at 06:34:38PM -0000, greg@turnstep.com wrote: > > due to the online availability of this mailing list's archives I am now > > flooded with spam. > > > > Are there any plans to implement a protection of the email addresses > > in the online archives? > > This question was asked a few days ago but never answered. Could > someone from the web development group at least give a yes or no > answer? Since the archive is already parsing the emails into mailto > links, this seems like it would be a trivial fix. > Thanks. Given the list is gatewayed to usenet, it would be a completely pointless 'fix', unfortunately. Cheers, Steve
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> This question was asked a few days ago but never answered. Could >> someone from the web development group at least give a yes or no >> answer? Since the archive is already parsing the emails into mailto >> links, this seems like it would be a trivial fix. >> Thanks. > Given the list is gatewayed to usenet, it would be a completely pointless > 'fix', unfortunately. Well, I would not say pointless - every little bit helps, and this was a fairly reasonable request, IMO. At the very least, it should have warranted at the least *some* response from the people responsible for the archive, unless they are not reading this list. - -- Greg Sabino Mullane greg@turnstep.com PGP Key: 0x14964AC8 200302061632 -----BEGIN PGP SIGNATURE----- Comment: http://www.turnstep.com/pgp.html iD8DBQE+QtSDvJuQZxSWSsgRArCkAJ9mWv03rHhp/9Doq9EkrVADUxQVeQCgsNJG Ln7UeBgDYMyp+NjWXR81gdE= =vZ3Q -----END PGP SIGNATURE-----
While not inserting myself into the question of should/will there be some changes to the web archives I have to ask what evidence there is that the direct cause of the spam is due specifically to PostgreSQL's online archives. Web crawling is one method but spammers can (and do) harvest addresses directly from mailing lists (1. sign pact with devil, 2. sign up for all the lists you can find, 3. collect unique email addresses from the arriving emails - trivial). Same goes for messages posted to usenet. Then there are Rumplestiltskin (sp?) attacks and plain first names (greg) are the easiest to collect using this method (connect to email servers and try batches of common names - add those that don't generate "invalid address" errors to your list - no publicly visible source of emails needed). So "fixing" the on-line archives might slightly delay the email addresses' entry to the spammers list it won't prevent it any more than locking one of the five doors on a house will keep the burglar out. Cheers, Steve On Thursday 06 February 2003 10:34 am, greg@turnstep.com wrote: > > due to the online availability of this mailing list's archives I am now > > flooded with spam. > > > > Are there any plans to implement a protection of the email addresses > > in the online archives? > > This question was asked a few days ago but never answered. Could > someone from the web development group at least give a yes or no > answer? Since the archive is already parsing the emails into mailto > links, this seems like it would be a trivial fix. > Thanks.
On Thu, 6 Feb 2003 greg@turnstep.com wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > >> This question was asked a few days ago but never answered. Could > >> someone from the web development group at least give a yes or no > >> answer? Since the archive is already parsing the emails into mailto > >> links, this seems like it would be a trivial fix. > >> Thanks. > > > Given the list is gatewayed to usenet, it would be a completely pointless > > 'fix', unfortunately. > > Well, I would not say pointless - every little bit helps, and this was a > fairly reasonable request, IMO. At the very least, it should have warranted > at the least *some* response from the people responsible for the archive, > unless they are not reading this list. Given the list is gatewayed to usenet, i would be a completely pointless 'fix', unfortunately :) The problem is that I've had ppl request that the mail'ng address be mailto:'d so that they can reply to someone's mail if they find it in a search of the archives ... ... now, that said, if someone knows what (if?) I can add to the mhonarc resource file in order to 'mask' the addresses, I'd be willing to make the change as well as regenerate the existing archives ...
On Thu, Feb 06, 2003 at 22:25:39 -0400, "Marc G. Fournier" <scrappy@hub.org> wrote: > > The problem is that I've had ppl request that the mail'ng address be > mailto:'d so that they can reply to someone's mail if they find it in a > search of the archives ... > > ... now, that said, if someone knows what (if?) I can add to the mhonarc > resource file in order to 'mask' the addresses, I'd be willing to make the > change as well as regenerate the existing archives ... It seems even more pointless to suppress the visible address, but add a mailto link. A possible option for people is to subscribe under a list specific address. A good mail filter and client could have this address used automatically when mailing the list and drop all messages to the address that didn't go through the list (and you could use reply-to to force responses back to the list).
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > The problem is that I've had ppl request that the mail'ng address be > mailto:'d so that they can reply to someone's mail if they find it in a > search of the archives ... Hmmm...I have little sympathy there. A simple cut-n-paste or even actually typing in the email address yourself does not seem like that high of a hurdle. > .... now, that said, if someone knows what (if?) I can add to the mhonarc > resource file in order to 'mask' the addresses, I'd be willing to make the > change as well as regenerate the existing archives ... Fair enough! This is what I came up with: http://www.oac.uci.edu/indiv/ehood/MHonArc/doc/resources/spammode.html and also: http://www.oac.uci.edu/indiv/ehood/MHonArc/doc/resources/mailtourl.html FWIW, [mostly for the Steves], I am well aware of how spambots work and the relative effectiveness of hiding email addresses. - -- Greg Sabino Mullane greg@turnstep.com PGP Key: 0x14964AC8 200302071000 -----BEGIN PGP SIGNATURE----- Comment: http://www.turnstep.com/pgp.html iD8DBQE+Q8q6vJuQZxSWSsgRAgqxAJ4oBDm9T8OmhYYxnPNE0IuCK8tiEwCgzb5J zdqESDyxKhIl41ZAMpQJPcA= =K9E4 -----END PGP SIGNATURE-----