[Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3

C Nulk CNulk at scu.edu
Mon Aug 31 19:15:43 CEST 2009

I am pretty sure allowing the raw email addresses to be available is
going to go over like a lead balloon here.  Anything (however minor) to
help protect the users/clients email addresses is helpful despite what
others think.  It is fine if someone considers the obfuscation that
Mailman uses is trivial, however, anything I can do to make it harder or
more computationally time-invested to get the email address is better
than giving it away.  Sure bots are out there but if what I do helps
slow down someones system to make them look at it (and hopefully get rid
of the bot), then great.   But at least give me the choice to be able to
do it.

I happened to like Barry's (?) earlier comment about the "send me this
message" link.  Or maybe "send my message to the original poster" link
where you can click on the link, compose your message, and send it
through Mailman all without the original sender's address.  Mailman or
whatever process can figure out the original sender and pass on the your
message.  Yes, I know it is more work that is why we have computers :)

As for using robots.txt, hmm, it is not the legitimate search engines I
care about, it is the search engines/crawlers that do not respect my
robots.txt file that I care about.  If I had an effective way to
consistently identify those non-legitimate crawlers, I would add what I
needed to drop them into my firewall as I recognized them.


Julian Mehnle wrote:
> Bob Puff wrote:
>> That's the logical progression of that argument, and is the good reason
>> why obfuscation or even removal of parts is not only a good idea, its a
>> necessity. Exposing raw email addresses in their normal form is real
>> low-hanging fruit.
>> Regardless of what I think, my clients will cry bloody murder if emails
>> leak out.  I had one person recently google their email address, and
>> found a link to an archive file that should have been private.  I had
>> removed all links to the archives, but somehow Google found it, indexed
>> it, and the guy threatened me with bloody murder if I didn't take it
>> down.  Sheesh.
> There's robots.txt, you know?  If this is just about user outcry, then 
> robots.txt will fix it (since all legitimate search engines honor it).
> -Julian
> ------------------------------------------------------------------------
> _______________________________________________
> Mailman-Developers mailing list
> Mailman-Developers at python.org
> http://mail.python.org/mailman/listinfo/mailman-developers
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/
> Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/cnulk%40scu.edu
> Security Policy: http://wiki.list.org/x/QIA9

More information about the Mailman-Developers mailing list