[Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3

[Julian Mehnle]

Bob Puff wrote:

> You are presuming too much on spammers as a whole.  I've dealt with a
> couple spammers, and they just used some tools they got online that
> search for username at domain.something.  Everything else is ignored.
>
> I don't for a minute doubt that the advanced spammers will snag
> anything and everything no matter how strange it is obfusticated (sp?).
>  But there are a LOT of low-tech spammers still out there, and there is
> enough "low hanging fruit" for them that this little bit we are
> discussing can be over their head.

It's not.  Spammers usually don't do address harvesting themselves 
nowadays, but outsource it to botnets (just like they outsource the 
spamming itself to botnets) that are running kind of "off the shelf" 
software tailored to the task.  Today, as a spammer you go out and buy 
those services in online shops, paying by credit card.  And parsing
"localpart at domain" is among the most trivial things current harvester 
modules do.

Any wanna-be spammers who still run their garage business with self 
written tools are pretty much meaningless in terms of magnitude.

If anything, this kind of obfuscation is an inconvenience to legitimate 
users, but certainly not to spammers.

-Julian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20090825/b3c2c873/attachment-0001.pgp>