Re: Modern best practice for putting a contact email on the web

To: debian-user@lists.debian.org
Subject: Re: Modern best practice for putting a contact email on the web
From: Celejar <celejar@gmail.com>
Date: Mon, 5 Apr 2021 16:10:05 -0400
Message-id: <[🔎] 20210405161005.a807b09f36d24256c6655689@gmail.com>
In-reply-to: <[🔎] 20210405203639.1d6a2d86@jresid.jretrading.com>
References: <[🔎] 20210405123402.135aeb462616905844095ec5@gmail.com> <[🔎] YGtS917wz47Eg4GR@randomstring.org> <[🔎] 20210405144915.36bd7ee84f08d58f21277fed@gmail.com> <[🔎] 20210405203639.1d6a2d86@jresid.jretrading.com>

On Mon, 5 Apr 2021 20:36:39 +0100
Joe <joe@jretrading.com> wrote:

> On Mon, 5 Apr 2021 14:49:15 -0400
> Celejar <celejar@gmail.com> wrote:
> 
> > On Mon, 5 Apr 2021 14:12:07 -0400
> > Dan Ritter <dsr@randomstring.org> wrote:
> > 
> > > Celejar wrote:   
> > > > Hi,
> > > > 
> > > > What's the recommended modern best practice for putting a contact
> > > > email address on the web while avoiding having it scraped by spam
> > > > / fraud bots?  
> > > 
> > > Assume that every address will be hit by spammers and scammers.
> > > Put in appropriate antispam and antimalware precautions.  
> > 
> > Okay, but why isn't trying to limit spammers getting hold of an
> > address a logical part of a defense in depth strategy?
> 
> It is, but if you are reachable then a human can enter your address on

Yes, but humans don't scale the way bots do ;)

> a list. Or, as you suggest, OCR will eventually find it.
> > 
> > > Train your people to recognize spam and scams.  
> > 
> > I'm talking about a small hobby project that I run in my spare time. I
> > just want to reduce spam to an address that I may put up to allow
> > people to reach me.
> > 
> >
> Unfortunately, there's nothing to beat running your own mail server,
> which is not particularly high-maintenance after setup. The address at
> the top of this email was created nearly 23 years ago, and has been used
> widely around the Net, including several Usenet groups. I get between
> one and four spams a day in my inbox. As it happens, I put a new CIDR
> group on my blacklist today, for the first time in perhaps a year.

I've certainly been tempted for a while. And I suppose that receiving
is less problematic then sending, where one apparently has to manage
reputation, worry about past users of an IP address, monitor
blacklists, etc.

> The next best method is a new free mailbox, with collection piped
> through the anti-spam software of your choice. But I tried spamassassin
> some years ago, and decided I couldn't spare the time that staying
> ahead in the arms race was costing me. Maybe the maintainers have made
> better algorithms since then.

Celejar

Reply to:

Follow-Ups:
- Re: Modern best practice for putting a contact email on the web
  - From: Joe <joe@jretrading.com>

References:
- Modern best practice for putting a contact email on the web
  - From: Celejar <celejar@gmail.com>
- Re: Modern best practice for putting a contact email on the web
  - From: Dan Ritter <dsr@randomstring.org>
- Re: Modern best practice for putting a contact email on the web
  - From: Celejar <celejar@gmail.com>
- Re: Modern best practice for putting a contact email on the web
  - From: Joe <joe@jretrading.com>

Prev by Date: Re: Dell R440 with Debian 10.7.0 Display Issues
Next by Date: Re: Modern best practice for putting a contact email on the web
Previous by thread: Re: Modern best practice for putting a contact email on the web
Next by thread: Re: Modern best practice for putting a contact email on the web
Index(es):
- Date
- Thread