[Freedombox-discuss] SPAM

Subject: [Freedombox-discuss] SPAM
From: fbox-discuss20120313.neophyte_rep at ordinaryamerican.net (fbox-discuss20120313.neophyte_rep@ordinaryamerican.net)
Date: Tue, 13 Mar 2012 13:37:48 -0700
Message-id: <[🔎] CA+aQ9utDpjEKt3swvKHdGbxBwJ4wzgRGG=ey_-Y0754u3nyAxA@mail.gmail.com>
In-reply-to: <[🔎] 20120313201837.GS14681@jones.dk>
References: <[🔎] CA+aQ9uu=653wAKt6McZdevwAfz=rxQf-eH7pLkSt36u7i40OhQ@mail.gmail.com> <[🔎] 20120313201837.GS14681@jones.dk>

On Tue, Mar 13, 2012 at 1:18 PM, Jonas Smedegaard - dr at jones.dk  wrote:
> On 12-03-13 at 12:00pm,
> fbox-discuss20120313.neophyte_rep at ordinaryamerican.net wrote:
>> I have received a solicitation to help transfer a large sum of money
>> to the U.S. from our troops in Iraq. ?I already understand this is a
>> phishing SPAM message. ?The only reason I post this is the address
>> used was only available in the archives of
>> freedombox-discuss at lists.alioth.debian.org, because I use a whitelist
>> relay for all my email which allows me to use a unique address for all
>> my correspondence.
>>
>> Perhaps the list archive could have better obfuscation of the
>> addresses than the form "user at domain.tld"? ?Surely that is just as
>> easy to scan for as "user at domain.tld". ?I've seen other obfuscations
>> such as "user at doma..." on other lists. ?Perhaps someone could
>> implement such an obfuscation here?
>
> Please don't obfuscate - that hurts users but less so spammers: Schemes
> easy for users to figure out are easy for spammers to figure out too.

If one is concerned about privacy, why would one want ANY reader of
the archive to be able to deduce one's address?  I believe a minimal
hurdle to obtaining my address from my use of the list should be
participation in the list.  I do wish to communicate with those
working on this project;  I just don't see the need to communicate
with lurkers or worse.

> I let you be certain the leakage happened via this mailinglist.

Thank you.

> But why certain the leakage happened via the its web archive?

I thought about this after I sent my posting.  It IS possible that
other sources could have been used.  I apologize for my mistaken
analysis.  I am still improving my understanding of this technology.

> Not some other archive somewhere?

Some other archive would most likely be a copy of the archive
maintained by the list server.  Thus an obfuscation at the server will
be an obfuscation of any copy.  It is possible for a bot to subscribe,
but that is a higher cost approach.

> Not some virus infected mail client?

Yes, this is possible.  So, let this serve as a warning to everyone
that they may have been compromised.

> ?- Jonas
>
> --
> ?* Jonas Smedegaard - idealist & Internet-arkitekt

Reply to:

Follow-Ups:
- [Freedombox-discuss] SPAM
  - From: dr@jones.dk (Jonas Smedegaard)

References:
- [Freedombox-discuss] SPAM
  - From: fbox-discuss20120313.neophyte_rep at ordinaryamerican.net (fbox-discuss20120313.neophyte_rep@ordinaryamerican.net)
- [Freedombox-discuss] SPAM
  - From: dr@jones.dk (Jonas Smedegaard)

Prev by Date: [Freedombox-discuss] SPAM
Next by Date: [Freedombox-discuss] School intimidates girl to give up Facebook password
Previous by thread: [Freedombox-discuss] SPAM
Next by thread: [Freedombox-discuss] SPAM
Index(es):
- Date
- Thread