Douglas on 17 Oct 2003 17:28:03 -0400 |
As someone that puts together software that extracts information from websites for a living I'd have to say that if the prize is big enough It any bit of any website (list archives included) is extracable. If a particular anti-munging solution is working it is simply because it isn't widely used enough yet. For the record the data that I extract is pricing information of a clients competition. I would be interested to hear what the list thinks of the moral and legal aspects of what I am doing as admins and entrepanuers? None of the information I am getting is available otherwise and I implement caching and time delays (2 or 3 seconds usually) for requests. Just wondering. -Douglas -----Original Message----- From: plug-admin@lists.phillylinux.org [mailto:plug-admin@lists.phillylinux.org] On Behalf Of Bradley Molnar Sent: Thursday, October 16, 2003 11:05 PM To: plug@lists.phillylinux.org speaking of obfuscating the address, this is what livejournal (www.livejournal.com) does to mangle the e-mail address. Mine has been online for about 3 months now and has recieved no spam at all (well, yet). Here is how they do it. <table cellpadding='0' cellspacing='0'><tr><td>me</td><td align='center'><i>@</i></td><td>example.com</td></tr></table> for the e-mail 'me@example.com'. Want to see it in action? http://www.livejournal.com/userinfo.bml?user=llanos is my livejournal page (if anyone cares). -b -----Original Message----- From: plug-admin@lists.phillylinux.org [mailto:plug-admin@lists.phillylinux.org]On Behalf Of Kevin Brosius Sent: Thursday, October 16, 2003 7:51 PM To: PLUG Subject: Re: [PLUG] OT: Spam gr wrote: > On Thu, Oct 16, 2003 at 08:13:23AM -0400, Kevin Brosius wrote: > > One study suggested that munging cut ~80% of spam on new email > > addresses. I'll see if I can locate a reference. > > Please do, because I'd like to read it. > http://www.cdt.org/speech/spam/030319spamreport.shtml is the one I found most interesting. Six month study. Properly munged addresses posted on web sites received no spam. Of course, these may be the examples that were used to generate the PERL code you mention below. > For the record, I object to munging mostly on principal. Here are > my reasons, in order of importance (to me): > > 1. The idea that we would break our historical record in fear of > petty abusers of the Internet is offensive. Spammers won't stop > spamming because they don't get your address, they probably won't > even stop spamming you (because there are plenty of other channels > for them to get your address). They will stop spamming precisely > when it becomes financially contraindicated. So filter their mail. > Get you friends and family who don't know better reading mail > through your mail server, and filter it for them too. And support > GOOD (and there's plenty of bad been proposed, so watch out) > legislation to make the process illegal without informed consent. > Well, I'm somewhat more flexible. I think munging should remain human readable. I like how MARC does it. They're one of the biggest mail archives. I respect their opinion. Filtering is great... more power to you. > 2. It really does break the historical record. PGP signatures don't > work (they don't anyway in the Mailman web interface, but they still > do in the mbox versions). And keeping the real email addresses > acessible really is necessary even outside of that. Twenty years > from know, the PLUG mail archive will probably still be around > somewhere, though many of us may not still be on the mailing list. > A lot of very good information goes through PLUG all the time. It'd > be a disservice to the future to make it difficult for someone down > the line to follow up on something mentioned here. > Well, I think you'll find most of those email addresses aren't valid in 20 years. For two or three reasons I can name off the top of my head... PGP... Well, I don't personally use it. If you get email from me, that is questionable in content and would pose you serious financial risk, or other damage... I'd expect you to call me on a phone before acting on it. > 3. Email address munging doesn't work anyway. It *might* make the > exponential curve of the amount of spam you're going to receive rise > a little bit more slowly. But it won't stop that rise. Only proper > spam filtering will stop that rise. The suggesting that email > munging stops spam is a red herring that I really wish smart people > would quit supporting already. > Well, sounds like opinion to me. I won't debate who the smart people here are with you. :) > > The general consensus seems to be that email harvestors aren't bothering > > to de-munge addresses (yet). Whether that will continue or not is > > anyone's guess. > > I know that's untrue, because I've seen the Perl code to do it. In > point of fact, I think it's in CPAN. Yeah. Boo! > Bummer. Your turn to post a link. Plus, your knowing it's true doesn't prove to me that spammers are using it. It's a short leap, I admit. More importantly, each person can munge their address however they like. As can each archive site. Gives the harvesters something to keep them up at night, trying to harvest better. > > I posted this same comment here about 2-3 years ago after I had changed > > jobs, received a new email address at work, subscribed to plug, and > > started receiving a lot of spam shortly thereafter. I might have blamed > > it on friends with infected windows PC's outside the company, but I > > don't have many of them :) > > Blaming anyone but the spammers for sending you spam is migrating > blame unfairly. Blaming anyone but yourself (or your ISP, in the > case that you're doing IMAP or POP across a dialup) for actually > receiving that spam is also placing blame unfairly. Filter your > email. It's really just not that hard, and it's a reality we need to > all just shut the hell up and accept. > Hmm, I suppose you don't lock your doors either? But seriously. Maybe I shouldn't have said 'blame'. But that's not the real point here. I'll make every attempt to break the chain of my email getting into other's databases easily. Easily crawl-able web archives are just to simple a target. I don't buy the argument that all the addresses have to be shown verbatim. I think simple munging will prevent a good deal of harvesting. And I've got one study, fairly recent even, that backs me up. Let's see some evidence on your side. -- Kevin ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|