[Mailman-Developers] Interesting study -- spam on postedaddresses...

Dale Newfield dale@newfield.org
Thu, 21 Feb 2002 01:25:48 -0500 (EST)

On Thu, 21 Feb 2002, John Morton wrote:
> Actually, the reason not to use it is that it can be used to spam anyone
> who's id mapping you can grab from the archive!

That's a separate issue and can have a separate solution.  Make the form
smart--for example, make it only accept 10 messages from a single IP
address in a single day.

If we want/expect Maimlan to succeed, then there will be enough incentive
for someone to break the obfuscation mechanism.  Are you suggesting we
restrict access to part of Mailman's source code?  Are you suggesting that
with the source I can't reverse-engineer every obfuscation (as opposed to
information removing) system you try?  Why add more points of failure into
a system if they don't gain you anything?

Basically it looks to me like there ultimately can be no successful
obfuscation technique.  Why not instead simply remove the information and
ONLY provide web-forms?  (Again, I'm talking only about archives--I think
at least some mailto: is required in case of systemic failures.)