[Mailman-Developers] bugtraq submission warning: email address harvesting exploit

Richard Barrett r.barrett at openinfo.co.uk
Sat Nov 29 02:12:45 EST 2003

On 29 Nov 2003, at 00:48, J C Lawrence wrote:

> On Fri, 28 Nov 2003 16:32:09 +0000
> Richard Barrett <r.barrett at openinfo.co.uk> wrote:
>> Prompted by this thread and taking on board some of the ideas
>> expressed in the discussion I have posted the following patch for MM
>> 2.1.3 on sourceforge:
>> [ 850805 ] Aggressive anti email address harvesting measure
> This patch appears to fail to distinguish between email addresses and
> Message IDs.

And ...

In the interest of simplicity it doesn't attempt to. But how important 
a matter is that?

This is a rendering filter which leaves the underlying archived 
material intact in the archive and handles both the archive's html 
pages and the downloadable text version of the period archives. It has 
no impact on any processing undertaken at the server end on the archive 
material, which might depend on the Message IDs, thread identification 
by the archiver for instance.

My mail reader will still identify threads in filtered, downloaded text 
archives when treated as an .mbox, although I grant that the chances of 
Message ID collisions must be increased by the filtering.

> -- 
> J C Lawrence
> ---------(*)                Satan, oscillate my metallic sonatas.
> claw at kanga.nu               He lived as a devil, eh?
> http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.
Richard Barrett                               http://www.openinfo.co.uk

More information about the Mailman-Developers mailing list