[PD-ot] pd list used to get addresses to spam to?

Frank Barknecht fbar at footils.org
Sat Jan 13 10:37:44 CET 2007


Hallo,
Christian Klippel hat gesagt: // Christian Klippel wrote:

> i just noticed something:
> 
> until my first post to pd-list today with my new mail @mamalala.net, i only 
> got spam attempts to send to @mamalala.de ....
> 
> but an hour after my post, i start to get spam attempts to @mamalala.net !
> 
> so, in case that the list archive is misused to grab mail addresses, would it 
> be possible to completely supress the "at some.domain"? probably the spammers 
> know hot to make that into a real address...

pd-list is also archived on gmane.org. Quoting
http://gmane.org/faq.php

  Q: I figured out how to crack the address obfuscation in the web
  interface! You just replace "<at>" with "@"! You guys are obviously
  not 3l33+!
  
  A: Er, yes. However, current accepted wisdom in the anti-spam community
  is that spam harvesting bots do not do even trivial unobfuscation, so
  nothing more than this trivial scheme is necessary. If that changes,
  the obfuscation scheme will change, too.

I'm not sure how valid this is.

> another chance that i see is that someone on the list has an infected machine 
> where the addresses might be harvested from (besides using it as spam 
> zombie). probably the owner doesnt even know ...

Or maybe the owner *does* know and in fact only subscribed to the list
to harvest addresses? How to fight that?

I've given up trying to hide my email address from websites. In the
long run it just doesn't seem to work. 

Ciao
-- 
 Frank Barknecht                 _ ______footils.org_ __goto10.org__



More information about the PD-ot mailing list