[Mailman-Developers] Proposed: remove address-obfuscation code fromMailman 3
skip at pobox.com
skip at pobox.com
Tue Aug 25 13:42:12 CEST 2009
Ian> Quite right. Rich's argument is, essentially, that obfuscation
Ian> isn't 100% effective so it shouldn't be used. Frankly, if it's 10%
Ian> effective, then it's worth doing in my view.
I would be quite surprised if address obfuscation is anywhere close to 10%
effective. Maybe 0.01%.
The problem I see with Barry's argument that users demand it so Mailman must
provide it is that position just propagates misinformation about the
ineffectiveness of the "feature". I would vote for tossing it out, or at
the very least making it a per-list flag which admins could disable if they
wanted.
The other thing about Mailman's obfuscation is that I sorta think that by
now the spammers have figured it out. I mean, "skip at pobox.com"? Come
on. Even Barry stands a good chance of writing a regular expression that
can locate something like that, his self-deprecation about his r.e. prowess
notwithstanding. :-) If nothing else, all an enterprising spammer would
have to do is steal Mailman's email address matcher and replace "@" with "
at ". Oh, wait, it's open source. They wouldn't even have to steal the
code.
--
Skip Montanaro - skip at pobox.com - http://www.smontanaro.net/
Getting old sucks, but it beats dying young
More information about the Mailman-Developers
mailing list