[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please help me, I am receiving large amounts of spam as a result of my posting.

Josip Rodin wrote:
> Santiago Vila wrote:
> > But we do not help to fight spam if we keep email addresses in the archives.
> > We can keep archives without keeping email addresses.
> Like Alfie said, addresses are useful as well.

No, they are only useful to send unsolicited messages (spam or not).

> > I think they would be equally useful if they would not contain private
> > email addresses.
> I think not. Being able to contact the posters directly is a perfectly valid
> feature we use via SMTP, and I see no reason not to use it via HTTP other
> than to confuse spambots.

Only subscribers should be able to contact the posters directly.
We should consider such thing a privilege subscribers have, not something
that should be given to everybody on a public web page.

> Besides, they can subscribe a spam harvesting bot to the lists, it's
> perfectly automatable...

Yes, they can, but it would be *much* more work for them.
Frankly, it is very unlikely that they do that.

When Bruce was DPL there was no spam at all in the debian lists.
We could use a similar trick to force the subscriber to pay a great
sum if we discover they subscribed with that purpose.

> > > Besides, the spam problem doesn't go away with removing messages
> > > from the archive -- both because spammers have probably already
> > > hardvested the address, and because there are several other archives
> > > on the web and elsewhere where they have probably also have
> > > harvested it already.
> >
> > I've heard this argument before and it's bogus.
> >
> > This is like saying: "National laws against spam will not solve the
> > spam problem because spammers will always be able to spam from another
> > country". It's bogus because if every country had laws against spam
> > then there would not be other countries to spam from. So, national
> > laws against spam will actually *help* to fight spam in the long run.
> >
> > What we should not do is "since doing such and such will not solve
> > the spam problem, we will do nothing at all".
> >
> > It's sad that we are not aware enough of how much we help spammers.
> Conversely, don't we cave in to them by disabling features?
> One by one, feature removals could reduce the archive into a state where
> it's quite suboptimal: first the addresses go, then the names, then random
> posts people don't want up there because of whatever reason they have, ...

No, spam works by finding email addresses, so addresses are the only
thing that need to be removed from *our* archives in order to fight spam.

Your "first this, then that, then that" argument does not apply here.

While we are at it, it would be good not to publicise our maintainer
addresses so widely in the web pages too. We already have the bug system
and dselect tells every Debian user the address of every package maintainer.
Also, there is the general <packagename>@packages.debian.org alias.

There is absolutely no need to repeat every email address of every
developer hundreds of times in the web pages, in the bug system, etc.

Reply to: