a question about unadvertised lists and spam
![](https://secure.gravatar.com/avatar/c17188e52d93b436753e0a4ded0e429e.jpg?s=120&d=mm&r=g)
We have a site: http://eaachat.org/
with several mailing lists. We have some lists advertised on a non-default public list info page that we "branded" (thank you Mark for your help!) here: http://eaachat.org/maillist.html
and shows only the publicly accessible pages.
These pages have a mailto: owner@eaachat.org which is forwarded to list@eaachat.org. We all have various filters set in our MUA to cope with this. We check the moderator pages of the public lists frequently for legitimate help requests, in other words the admins are the spam filters for the domain.
The default mailman list info page is here: http://lists.eaachat.org/mailman/listinfo
All lists are closed to non member posts and the subscribe policy is confirm and approve.
My question is - are spamers able to pick up lists from the default (but not easily accessible) default mailman listinfo page and start bombarding us with spam on all lists? Or should I set the "Advertise this list" option to "no" for the lists on the default listinfo page?
Thank you,
Dennis
![](https://secure.gravatar.com/avatar/746f7519ba02fb0d815e59f305c53fa2.jpg?s=120&d=mm&r=g)
Dennis Morgan wrote:
My opinion, based on only anecdotal observation is that it doesn't matter. The spammers will get your list addresses from spyware on your list member's computers (it only takes one).
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/7bdecdef03708b218939094eb05e8b35.jpg?s=120&d=mm&r=g)
On 5/29/07, Dennis Morgan wrote:
Yes.
Or should I set the "Advertise
this list" option to "no" for the lists on the default listinfo page?
That would be your choice. But anything that is publicly accessible is game for being snarfed by spammers.
There are tools that use this fact to their advantage against spammers, by creating bogus e-mail addresses as part of a "honeypot" campaign, where they know that each address they generate is unique and they know all the details of which IP address was scanning their system at what time when they generated that address, and if anyone ever tries to send anything to that address not only are they automatically blacklisted but so is the IP address that did the original scan, and so on.
However, this doesn't help you if you're just trying to run some mailing lists for your customers or your community.
-- Brad Knowles <brad@shub-internet.org>, Consultant & Author LinkedIn Profile: <http://tinyurl.com/y8kpxu> Slides from Invited Talks: <http://tinyurl.com/tj6q4>
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
![](https://secure.gravatar.com/avatar/746f7519ba02fb0d815e59f305c53fa2.jpg?s=120&d=mm&r=g)
Dennis Morgan wrote:
My opinion, based on only anecdotal observation is that it doesn't matter. The spammers will get your list addresses from spyware on your list member's computers (it only takes one).
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/7bdecdef03708b218939094eb05e8b35.jpg?s=120&d=mm&r=g)
On 5/29/07, Dennis Morgan wrote:
Yes.
Or should I set the "Advertise
this list" option to "no" for the lists on the default listinfo page?
That would be your choice. But anything that is publicly accessible is game for being snarfed by spammers.
There are tools that use this fact to their advantage against spammers, by creating bogus e-mail addresses as part of a "honeypot" campaign, where they know that each address they generate is unique and they know all the details of which IP address was scanning their system at what time when they generated that address, and if anyone ever tries to send anything to that address not only are they automatically blacklisted but so is the IP address that did the original scan, and so on.
However, this doesn't help you if you're just trying to run some mailing lists for your customers or your community.
-- Brad Knowles <brad@shub-internet.org>, Consultant & Author LinkedIn Profile: <http://tinyurl.com/y8kpxu> Slides from Invited Talks: <http://tinyurl.com/tj6q4>
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
participants (3)
-
Brad Knowles
-
Dennis Morgan
-
Mark Sapiro