Slashdot Mirror

← Back to Stories (view on slashdot.org)

Volunteering for OSS == Sign Up for Spam?

Posted by Cliff on from the drawbacks-for-web-accessible-mailinglist-archives dept.

bckspc asks: "I've been getting pounded by spam lately, so did a Google search on my email address to see where it might appear on the Web. To my horror, it turned up several times in an archive of a Gnome listserv for a project I briefly participated in. While the email address is visibly obscured on the Web pages, it is quite intact in the HTML code. I emailed the list admin about obscuring or removing my email address, but was curtly dismissed. I'm a relative newbie and the experience soured me on participating in other OSS projects. How to Slashdot users deal with this? Must I set up disposable email accounts for every list?"

7 of 94 comments (clear)

  1. Short on solutions bar list admins clueing up by ffub · · Score: 5, Informative

    Try using simply foss@domain for lists, and them filter ad filter and filter it. I do agree this is very annoying, and although some listservs do respect this and change the email addresses on list servers, this can't be relied apon. I can't choose my participation based on which projects are going to give my email away.

    The only solution that will effectively work (until we fix the spam problem all round) is for list admins to be more careful about munging email addresses to some degree.

    The default setting for programs such as pipermail should be one where email addresses are not explicitly displayed.

    The best solution I've found to solve problems with email addresses online is Jodrell's mailto php script which renders the address obfuscated but displays it correctly in the browser using JavaScript.

    http://jodrell.net/projects/mailto

  2. Yes by innerlimit · · Score: 4, Informative

    Set up an account to only receive mails from the lists you joined. Junk everything else.

    --
    The Awful Truth
  3. use multiple disposable email addresses by lanroth · · Score: 5, Informative
    Years ago I setup a Freeserve account which allows me to receive email to anything@myaccountname.freeserve.co.uk

    Whenever I need to put my email address somewhere public (i.e. mailing lists and websites) I make up a new email address of the form mailinglistname@myaccountname.freeserve.co.uk or websitename@myaccountname.freeserve.co.uk e.g. the email address I gave slashdot is slashdot.org@myaccountname.freeserve.co.uk

    The good part: when I start getting spam to a particular address I just setup a filter that sends all mail to that address to /dev/null It also lets you know where your email address was harvested from. So when I get spam turning up on slashdot.org@myaccountname.freeserve.co.uk I know it was slashdot who sold my email address to the evil spammers ;-)

    If I want to receive mail from slashdot again I just change my email on slashdot to slashdot.org2@myaccountname.freeserve.co.uk

    Interestingly most of the spam I get comes in to the email address ebay.co.uk@myaccountname.freeserve.co.uk

    This has worked very well for me for several years.

    1. Re:use multiple disposable email addresses by CritterNYC · · Score: 3, Informative

      Years ago I setup a Freeserve account which allows me to receive email to anything@myaccountname.freeserve.co.uk

      Whenever I need to put my email address somewhere public (i.e. mailing lists and websites) I make up a new email address of the form mailinglistname@myaccountname.freeserve.co.uk or websitename@myaccountname.freeserve.co.uk e.g. the email address I gave slashdot is slashdot.org@myaccountname.freeserve.co.uk

      This will work great... right up until the point that your domain is subject to a dictionary attack by a spammer. You'll suddenly see your spam load go through the roof. And you won't be able to setup filters for each new iteration fast enough. And if it's your own server or you pay for bandwidth, your costs just keep rising.

      You're better off creating real aliases for each new account and letting the server respond with a 550 invalid user for all others.

      If you haven't been dictionary attacked yet... just wait... it'll happen... sooner or later.

      --
      Portable versions of Firefox, GIMP, LibreOffice, etc
  4. Spamgourmet by Justin+Ames · · Score: 4, Informative

    use a spamgourmet.com address for anything that may ever become public. It's free, and after a specicified number of emails it blocks the address. You just sign up, and everytime you give out an email, you make up on the spot a keyword.numberofemails.username@spamgourmet.com email address, and spam gourmet automatically blocks after that number, you can then allow trusted domains through forever if you want.

    1. Re:Spamgourmet by pancakeunicorn · · Score: 3, Informative

      I second the recommendation. Excellent service.

      The same user name is good for multiple domains as well, i.e., slashdot.4.johndoe@spamgourmet.com would be interchangeable with slashdot.4.johndoe@neverbox.com. I don't remember the other domains off hand.

      If you don't like making a different address for each use, despammed.com has an effective filter and you can opt to forward it on to another address.

  5. Run your own mail server! by uslinux.net · · Score: 3, Informative

    One more reason why running your own mailserver is the way to go. Sendmail, for instance, easily supports virtual user tables (virtusertable) - aliases, basically. Use a rule like:

    USERNAME+%2@yourdomain.com USERNAME

    Which will deliver all mail in the form of bob+amazon@hisdomain.com to bob@hisdomain.com. Use a different name on each site, but you don't need to create aliases for each user. When you start getting spam to that address, just add a line *before* the one above of

    USERNAME+SOMESITE@yourdomain.com error:nouser User has been removed because of SPAM

    I only wish I had started doing this before my primary addresses had been harvested :-(