[Catalog-sig] The "Softpedia" spam

Noah Kantrowitz noah at coderanger.net
Fri May 7 09:22:53 CEST 2010


On May 6, 2010, at 9:28 PM, Terry Reedy wrote:

> On 5/6/2010 8:43 PM, Steven D'Aprano wrote:
>> On Fri, 7 May 2010 12:34:24 am Tarek Ziadé wrote:
>>> Hello,
>>> 
>>> The Softpedia website sends an email to everyone that register or
>>> uploads something at PyPI. This is clearly a spam and their website
>>> don't care about our projects.
>>> 
>>> I am not sure if they use the PubSubHubbub thing, but I was wondering
>>> how we could prevent these unsolicited mails.
>> 
>> I don't know that we should be responsible for trying to prevent every
>> bad use of PyPI. I'm not even convinced that the Softpedia emails are
>> spam in any legal or ethical sense.
>> 
>> It's not a mass broadcast of email: each email gets sent to *one*
>> recipient. Re-distributing the software on PyPI is legal under the
>> terms of the licences (possibly with a few exceptions). I think you
>> would fail to convince a judge that, legally, Softpedia is spamming or
>> engaged in any unreasonable action. You certainly fail to convince me.
> 
> I am not completely convinced either. It appears to be a legitimate site that people use to access FOSS software, with relatively subdued ads (except for the double-underscore popup boxes). I do notice that
> http://pypi.python.org/pypi/Distutils2/1.0a1
> shows 0 downloads at the moment whereas
> http://linux.softpedia.com/get/Programming/Libraries/Distutils2-56577.shtml
> shows 14. The python3.1.2 page shows nearly 10000. That much, if truthful, is good.
> 
> If one uploads often, I see how the 'curtesy' letter could be annoying.

I think most FOSS authors are aware that putting their email in a package is effectively putting it in the clear on the internet. I think we have come beyond the days of "noah (at) coderanger [dot] net" and all those silly tricks that were popular not too long ago. If an author is excessively concerned about spam, they shouldn't put their email in author_email. Is that field mandatory now or something? Softpedia is a little annoying with the emails, but I've found them useful personally (along with versiontracker) when looking for OS X software before. Freshmeat is a similar index of FOSS projects, and I've definitely used that before. Is there some reason we are objecting to including PyPI data in other software catalogs? If it makes it a tiny bit easier to find Python software, I'm all for it.

--Noah


More information about the Catalog-SIG mailing list