Subject: Re: SPAM Alert: Email Address Harvesting
To: NetBSD Current <current-users@NetBSD.org>
From: Chuck Yerkes <chuck+nbsd@Jan2004.snew.com>
Date: 01/03/2004 03:27:52
Quoting Conrad T. Pino (Conrad@Pino.com):
> When I subscribed to the "current-user" mailing list I
> created a new email address "firstname.lastname@example.org"
> for that purpose. I subscribed on 27-Dec-2003 and I
> received SPAM addressed to the new email address just
> now (2-Jan-2004).
> I realize there's no attempt to hide the sender's email
> address. It's visible in the NetBSD archives and maybe
> all the other archives also.
> Now there is no doubt either list itself or archives are
> being harvested by the SPAM ghouls. :(
> I would like to hear opinions on the benefits and effort
> involved to prevent NetBSD mailing lists from leaking the
> sender's email address. Any takers?
I'd not seen any spam. So I looked in my SpamAssassin
folder ( > 5.0 but < the reject threshold). Lo! There was a bunch
of spam (including, ironically, a bunch of "MS Security Patches").
Who I'm subscribed as != who I post as.
My subscription address doesn't look like it's been snorked.
Procmail looks and if the Sender: is the netbsd list's sender
and a couple other things match, it goes into my NetBSD folder.
Other things to that address get looked at with more suspicion.