i386/62382: Web access to PRs enables harvest email addresses
for spamming.
Simon L. Nielsen
simon at FreeBSD.org
Sun Feb 15 03:00:56 PST 2004
On 2004.02.15 21:11:07 +1100, Murray Baker wrote:
> See PR ``i386/62382''.
> http://www.freebsd.org/cgi/query-pr.cgi?pr=62382
>
> Within days of submitting the update to ''i386/62382'', which has been
> appended to the original PR with my unmodified email address exposed, I
> have my first ever spams to this email address. Is this a coincidence?
Probably not, but was it spam or the regular worm for the day virus
mail? The worm mails are probably from windows users on the FreeBSD
mailing lists with worms infested computers.
> I know that this is a real pain, but I suggest that if email addresses
> are to be visible on web, they should be rendered into 'gif' or 'png'
> and the html then reference the bitmap. Bitmaps should use different
> fonts, colors, backgrounds to discourage ocr software.
As said several times before the GNATS database is mirrored around on
all FreeBSD mirrors and all the PR's sent to public mailing lists, so
hiding the email addresse on the web probably doesn't change much. If
it's obscufated everywhere it will make it harder for the people who
need to contact a PR submitter (which very likely will mean people just
won't bother contacting a submitter if it's to much trouble).
> My only defense against spam is to change email addresses frequently.
Have you considered installing anti spam software like spamassasin? It
catches almost all my spam (and I probably get a few hundred spam mails
per day, and one or two a week get through the filters).
Yes spam sucks, but personally I don't belive hiding/obfuscating works.
I won't object if somebody changes the gnats webinterface to obfuscate
email address, but I'm not going to do it myself, since I just don't
belive it work.
--
Simon L. Nielsen
FreeBSD Documentation Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-bugbusters/attachments/20040215/74bd58c4/attachment.bin
More information about the freebsd-bugbusters
mailing list