[Mailman-Developers] Proposed: remove address-obfuscation code fromMailman 3

skip at pobox.com skip at pobox.com
Tue Aug 25 13:42:12 CEST 2009

    Ian> Quite right. Rich's argument is, essentially, that obfuscation
    Ian> isn't 100% effective so it shouldn't be used. Frankly, if it's 10%
    Ian> effective, then it's worth doing in my view.

I would be quite surprised if address obfuscation is anywhere close to 10%
effective.  Maybe 0.01%.

The problem I see with Barry's argument that users demand it so Mailman must
provide it is that position just propagates misinformation about the
ineffectiveness of the "feature".  I would vote for tossing it out, or at
the very least making it a per-list flag which admins could disable if they

The other thing about Mailman's obfuscation is that I sorta think that by
now the spammers have figured it out.  I mean, "skip at pobox.com"?  Come
on.  Even Barry stands a good chance of writing a regular expression that
can locate something like that, his self-deprecation about his r.e. prowess
notwithstanding.  :-) If nothing else, all an enterprising spammer would
have to do is steal Mailman's email address matcher and replace "@" with "
at ".  Oh, wait, it's open source.  They wouldn't even have to steal the

Skip Montanaro - skip at pobox.com - http://www.smontanaro.net/
    Getting old sucks, but it beats dying young

More information about the Mailman-Developers mailing list