[Mailman-Developers] Interesting study -- spam on postedaddresses...

[Daniel J. Cody]

Speaking of tradeoffs, it's my opinion that hiding archives behind a 
password protection scheme for fear that the administrator, who probably 
deals with oodles of email anyways and is probably the *most* experienced 
person in regards to email filtering etc, is a poor one.

whew.

The archives for a list I run happen to get around 100K referers from 
google a month, and again IMO, blocking those people out just because I'm 
getting 5 spams a month doesn't seem like the best idea.. Mailing lists by 
their nature facilitate communitcation between people, and shutting people 
out of past or current communication to block out a small to moderate 
amount of crap goes against that.

Instead of just waxing poetic, one solution I've come up with is to block 
the spambots out from the archives, not the users. Using Apache to Stop 
Spambots: 
http://evolt.org/article/mmdev/18/15126/index.html

I've just finished the follow up to that article and it will hopefully get 
published today. It deals with some of the concerns people brought up 
regarding User-Agents..
If anyones interested, I'll fwd it on when its live.

As an aside, how many that run 'larger' lists get a lot of spam? Using the 
same email address for list-admin going on 3 years now, I can probably 
count on my fingers and toes how many spams I've gotten to that address.

At any rate, I know what you're saying Chuq, just wanted to offer the 
counter-point ;)

Dan

On Mon, 18 Feb 2002, Chuq Von Rospach wrote:
> > The second issue is to prevent the email addresses of list members from
> > being harvested from the archives.
> 
> Short answer; archives go behind a password. You authenticate access. Don't
> go over-fancy with images and scan/replace stuff. Right now, I have a
> hardwired password. Once 2.1 hits beta, I plan on working towards a solution
> that authenticates in apache to a mailman-subscribed address. I simply
> haven't had time yet.