[Mailman-Users] Users worried about spammers getting their email address

Heath Raftery hraftery at myrealbox.com
Wed Aug 27 01:51:49 CEST 2003 

Hi list,

I know this has been discussed in various forms in the past, but I 
wanted to bring it up again with a few fresh angles.

I have a user who is on a campaign to remove his email address from any 
web site. He was worried the lists I run have his address available to 
spammers. After I let him know that you have to be a member of the list 
to see the email address, and that any appearance of his address in the 
(open) archives would be name at domain and mailto:the list, he was 
somewhat relieved.

However, I did point out that the archives are still downloadable in raw 
mbox format, complete with email addresses. In the archives of this list 
I found suggestions about changing your web server's settings to send an 
'unreachable' page for any requests for txt/mbox/etc files. Any other 
suggestions, perhaps which are local to Mailman and don't require 
modifying the web server?

This particular user goes on to write:
> I suspect that before long they  will parse not just @ but also
> resolve 'at' with any combination of  spaces either side.  I may be
> excessively pessimistic but the ingenuity  of our fellow man is
> significant. These days I only feel comfortable  with discussion
> lists where the person's email address is not disclosed  in any
> fashion, not even the 'user at domain' method. One common technique
> is to get the user to nominate a 'list name' or alias ie frodo or
> flash544. Both their email address and real name is concealed even
> from other listmembers behind this alias and cannot be discovered
> (unless someone hacks the database behind the list server cgi). The
> only way to email a colleague on the list is to click on a special
> link with their alias name on it. Zero disclosure. Using this
> technique, anyone on the list can email anyone else using their 'list
> name', threads can be followed etc, and any public archive of the
> list (which is helpful for people outside the list) can't disclose a
> person's email (and usually won't disclose their name) unless they
> want it disclosed.

A good example of this that comes to my mind, is the way eBay handles 
communication between bidder and seller. Any ideas about the possibility 
of something like this in Mailman?

Heath

More information about the Mailman-Users mailing list