[Dshield] Correction

stu secmail at patchsupplier.dyndns.org
Thu Aug 25 02:29:51 GMT 2005



What's the problem with email addresses being posted?
If you don't want it to end up on a spam list get another account for
mailing lists and keep your personal one private?

I've posted to here and bugtraq and don't really receive any abnormal
spam amounts, infact I get quite little (one possibly two Nigerian scam
a week?). 

I started with this account (secmail) for exactly that purpose
securitymail, but has now ended up being my main email account, will get
around to moving it to my proper domain sometime!

Would love to see you get mad when companies sell off your snail mail
address :D



-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of Cefiar
Sent: 25 August 2005 03:07
To: list at lists.dshield.org
Subject: Re: [Dshield] Correction

On Thursday 25 August 2005 11:16, Mike Wydra wrote:
> Mike Wydra (Yup, that's me) wrote:
> >We just had a discussion about "on-line courtesy," yet you chose to
> >post my e-mail addy in the clear.
>
> I made a mistake. "Justin S." DOES post almost everyone's e-mail addy
in
> the clear. In the ONE example that I had looked at - he didn't (that
was a
> quote he took from Cefiar). I should have looked at more examples
before I
> jumped the gun.

 1. He posted that message with a number of replies in it. I'm assuming
he 
therefore replied and wiped all content (auto-comment stuff) clean, and
then 
cut-pasted in his own content.
 2. The behaviour you describe is actually becoming a more common part
of many 
email clients. It can be very useful when you get a number of people on
list 
that have the same name (eg: John Smith, John Smith and John Smith for 
example - which one wrote the original post you're commenting on? - the
only 
unique identifier is their email address).

If you're that worried about it:
 a. Petition the writers of the email clients in question to remove this

behaviour by default.
 b. Email every user that does it off-list and ask them to amend their 
auto-reply settings (most clients with this functionality allow you to
change 
it's behaviour) to remove the email address (it's usually a macro) from
the 
default Reply phrases.

BTW: If you're worried about spam-collection bots on the web getting to
the 
online archives and collecting your address, then perhaps you should
really 
be talking to the list admin (Johannes) about implementing anti-spam
stuff in 
the online archives/forums on the content, and not just the headers. The
only 
issue with this is then email messages with anything that looks like an
email 
address will be munged. This could include snort rules, advisory info,
etc, 
rendering the info available via the web useless. This sort of defeats
the 
purpose of the list, and so I do not expect Johannes to do much about
it. Of 
course, that said, you could reduce the munging to the first text line
of the 
email, which is the usual offender. Meh, I could go back and forth for
hours 
on this subject, but lets stop here before I get booted from the list
for not 
being on-subject. *grin*

Unfortunately, we live in an imperfect world, and while the tools
available 
help, there isn't always a pretty solution.

PS: I'm actually a list administrator for about 12 or so email lists,
running 
on at least 2 different types of email list software, and have
experience 
with a few more pieces of list software besides. I'm also old-school
enough 
to have been around for most of the BBS era, even running my own BBS for
8 
yrs, which I must admit can be very similar to running a mailing list,
except 
the users were no where near as behaved as most people on email lists.
It's 
never easy to get the balance between the users correct, and sometimes
you 
just have to say "This is the way it's going to be" and live with the 
consequences. I understand all the troubles that Johannes has to deal
with as 
a list admin, and he has my utmost thanks for his persistance in
providing 
this list.

-- 
 Stuart Young - aka Cefiar - cef at optus.net

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list