[Mailman-Developers] Interesting study -- spam on postedaddresses...
Jay R. Ashworth
Thu, 21 Feb 2002 17:02:49 -0500
On Thu, Feb 21, 2002 at 09:23:51AM -0800, Chuq Von Rospach wrote:
> This hits another aspect of my design philosophy. Don't sweat making one
> part of the system more secure than the other parts.
And very well phrased.
> In this case, you hit a nail on the head. If a spammer really, really wants
> your subscribers, we can't stop him. They can simply subscribe to a list and
> harvest it as it comes across. Unless you choose to anonymize every bloody
> message -- a spammer will win if they're motivated enough, and a smart
> spammer will do so in a way you'll never find. Like setting up a hotmail
> address for each list, so you can't see that all 30 lists have the same
> address in common, and simply reading messages as they come by.
> And since, inherently, you can't stop THAT, it makes no sense to make
> archives more secure than that. Any spammer smart enough to be willing to
> subscribe to a list to do their harvesting, you're going to have a very
> tough time stopping. Basically, you have to get lucky or hope they make a
> mistake or some sort.
My problem is with your characterization of that as "smart". I don't
think that requires a whole helluva lot of brains, myself.
> Yes, I am an agent of Satan, but my duties
> are largely ceremonial.
Are you the guy who goes in the convenience store to get him
Jay R. Ashworth firstname.lastname@example.org
Member of the Technical Staff Baylink RFC 2100
The Suncoast Freenet The Things I Think
Tampa Bay, Florida http://baylink.pitas.com +1 727 647 1274
"If you don't have a dream; how're you gonna have a dream come true?"
-- Captain Sensible, The Damned (from South Pacific's "Happy Talk")