[Mailman-Developers] Interesting study -- spam on posted
John W Baxter
Wed, 20 Feb 2002 12:26:39 -0800
At 10:15 -0800 2/20/2002, Chuq Von Rospach wrote:
>That, basically, allows us to stuff mailtos somewhere pointing to an address
>you can mail to to report site failures. I'll even go farther and say that
>address can simply be on a web page, not linked to a Mailto, and if you
>really, reallly want, obscure it further as a JPG or something. But I think
>that's all overkill, given that spammers now automatically spam
>root/postmaster/etc on domains anyway.
Which (as the reader of many of those, and as the person who adds content
filters) I find amusing: they deliberately attract the attention of the
one most likely to do something. I guess it makes sense when they think
about individual's machines sitting there accepting mail; it doesn't make
sense when then send to a server which serves lots of users.
It reminds me of the punt returner signalling for a fair catch when the
ball will come down near the goal line. What that says to the onrushing
troops is "ignore me and my teammates: we can't hurt you anyhow...go after
the ball and keep it this side of the line." Exactly what the troops'
coach wants them to be told.
>So I recommend this:
>You no longer advertise admin's real addresses. Instead, you advertise a
>feedback that sends messages to the admin, to discourage mailing directly.
>A year ago, I probably would have insisted on SOME kind of email contact
>point, but frankly -- the percentage of users who can't use a web page is
>pretty much zero now.
[Good justification snipped.]
I think you're on to something, Chuq.
It also helps those admins who prefer to use a role address rather than a
personal one, as things stand now. Saves inventing yet another of those
which isn't specially handled by the MTA/Mailman combination.
John Baxter email@example.com Port Ludlow, WA, USA