[Mailman-Developers] Interesting study -- spam on posted addresses...

John W Baxter jwblist@olympus.net
Wed, 20 Feb 2002 12:26:39 -0800

At 10:15 -0800 2/20/2002, Chuq Von Rospach wrote:
>That, basically, allows us to stuff mailtos somewhere pointing to an address
>you can mail to to report site failures. I'll even go farther and say that
>address can simply be on a web page, not linked to a Mailto, and if you
>really, reallly want, obscure it further as a JPG or something. But I think
>that's all overkill, given that spammers now automatically spam
>root/postmaster/etc on domains anyway.

Which (as the reader of many of those, and as the person who adds content
filters) I find amusing:  they deliberately attract the attention of the
one most likely to do something.  I guess it makes sense when they think
about individual's machines sitting there accepting mail; it doesn't make
sense when then send to a server which serves lots of users.

It reminds me of the punt returner signalling for a fair catch when the
ball will come down near the goal line.  What that says to the onrushing
troops is "ignore me and my teammates:  we can't hurt you anyhow...go after
the ball and keep it this side of the line."  Exactly what the troops'
coach wants them to be told.

>So I recommend this:
>You no longer advertise admin's real addresses. Instead, you advertise a
>feedback  that sends messages to the admin, to discourage mailing directly.
>A year ago, I probably would have insisted on SOME kind of email contact
>point, but frankly -- the percentage of users who can't use a web page is
>pretty much zero now.

[Good justification snipped.]

I think you're on to something, Chuq.

It also helps those admins who prefer to use a role address rather than a
personal one, as things stand now.  Saves inventing yet another of those
which isn't specially handled by the MTA/Mailman combination.


John Baxter   jwblist@olympus.net      Port Ludlow, WA, USA