[Mailman-Developers] Save the world from spam

Chuq Von Rospach chuqui@plaidworks.com
Thu, 21 Feb 2002 19:36:48 -0800

On 2/21/02 6:38 PM, "John Morton" <jwm@plain.co.nz> wrote:

>> Um, John? I've been doing that for months. It's a standard tactic I use to
>> test for archive harvests. No offense, but given I'd already thought of the
>> "subscribe and harvest" attack, wouldn't you think I also would have looked
>> for ways to detect it?
> Excellent. Would you mind publishing an analysis so we can start making some
> informed decisions as to what methods are effective?

Oh, that's easy. I haven't found evidence of any harvesting. I've also been
able to find evidence of harvesting from OTHER site's lists on at least
three occcasions where people complained to me my lists were being

> Wah! Spammers aren't the NSA/Red Menace/Grey Aliens.

Whatever. You do what you think is best, I'll do what I think is best.

> As a list admin, I'd like to inform my subscribers about their level of
> exposure, and empower them to decide whether there email address will appear
> in the archives, and how. I'd also like to keep the signal to noise ratio on
> the admin address in a tolerable state without running too great a risk of
> throwing the baby out with the bathwater by dropping too many legitimate crys
> for help along with the processed pig product.
> I'd like it if mailman would help me out with these things, but I don't want
> to _have_ to use ADA/text only browser busting jpeg addresses and reverse
> turing tests, and I don't want to have to use web form access to addresses in
> the archive as I won't trust that code until a lot of security geeks have
> looked it over.

Understood. But -- there are going to have to be some compromises and
tradeoffs made. The whole discussion was intended to look for them, because
I don't believe you can have all of that successfully. Something will have
to give.

>>> Obscurity is useful. In our case, it's the only prevention tool we have.
>> I'm not sure obscurity is the right word. Most of what we're talking about
>> is more of a cloaking effort.
> That's because email addresses aren't secrets. If you can think of a better
> method than address mangling or hiding behind web forms, do tell. Personally,
> I'm willing to consider those good enough for the time being.

You know, now that I think of it, there's another approach: you don't get
the admin's email address until you authenticate. Then you get it. If you're
a list subscriber, you authenticate to the same level as the list is
authenticated. If you're not, Mailman sends you an e-mail with the address
in it (or FROM the address, so you can merely reply to it). No valid email
address, no access to the admin. And if you do that, you can also set up a
blackhole for known abusive addresses, shutting out the trolls..


Chuq Von Rospach, Architech
chuqui@plaidworks.com -- http://www.chuqui.com/

Very funny, Scotty. Now beam my clothes down here, will you?