On Wed, May 29, 2002 at 07:16:13PM -0400, Michael J. Masin wrote: > > Randomness is good and an extra space or two inserted randomly > (e.g. spambait @ somedomain.com) might help (I don't think it says that > the email address has to be machine-readable anywhere...)
Why is randomness good? What exactly do you think it will achieve? Do you think that putting a space in there is something that spammers aren't going to be able to figure out? Perhaps they'll notice that their harvesting software is missing OpenSRS domains, they'll throw up their hands and exclaim "Lo, there are spaces in this email address. This whole game has become too difficult, I think I'll just be off and shoot myself." Spammers are clever, wily little gremlins. They know their business. Their evil is practised, honed, and applied without hesitation or remorse. And they're pretty good at pattern recognition. If you pipe addresses through `sed 's/@/ @ /g'`, you can be sure they'll pipe 'em through `sed 's/ +@ +/@/g'`. If you reorder contact records, they'll continue to match *all* of them. No matter what you do, you can't change the fact that whois is a cleartext protocol, and an email address consists of characters surrounding an @ sign, with the stuff on the right hand side being a resolvable domain name. With this basic understanding, spammers will foil your every attempt to thwart them. Anything OpenSRS can do to obfuscate the whois output can be recognized and countered by the spammers. The only way for this strategy to be effective is to have the output formats changed regularly in new ways that haven't been used before. But there's only so much you can do in ASCII. It's a losing battle. The more time and energy spent foiling spammers in this way, the less time is spent building products that will let us provide better services to our customers. And I *have* spam control measures in place. I don't need OpenSRS to halfheartedly break a protocol I'm using in a fruitless attempt to inconvenience spammers. Let OpenSRS focus on what it's good at. I'll continue to run my spam filters, and they'll continue to be infinitely more effective than inconsistent whois data. </rant> -- Paul Chvostek <[EMAIL PROTECTED]> Operations / Development / Abuse / Whatever vox: +1 416 598-0000 it.canada http://www.it.ca/
