On the note of hiding e-mail addresses: Yahoo! Groups, a fully featured user group and mailing list has taken steps to prevent malicious users harvesting new e-mail addresses to add to spam list databases. They (Yahoo) cut the e-mail address on the website, so harvesting becomes impossible by only showing the user side of the e-mail address. Example "[EMAIL PROTECTED]".
On the note of mailing lists and user groups having its own unique (back-end off list) spam: I have also noticed Yahoo!s own resident hax0rs, spammers, whatever you wish to label them as, actually use Yahoo! users to create bot yahoo accounts (by sending them a carefully crafted url, which relays via google and queries the malicious webpage, which looks like a legitimate Yahoo! word verification page) to later broadcast out to Yahoo! users of Yahoo! Mail and Yahoo! Groups. So, in some instances, mailing lists and user groups can have its internal scams going on (if the network is big enough, which yahoo (mail and groups) We could take Yahoo!s e-mail hiding idea, but take it a step further: I was thinking, why are all e-mail addresses not encrypted as soon as they leave the authors mail client, surely this would stop anyone seeing the address, apart from the mail client at the other end the message was intended for. And when a user mails a mailing list the e-mail address could be read by the mailing list software, but stays encrypted for the broadcast out to the subscribers of the list. All you need to do to stop spam is have e-mail addresses encrpyted and only readable by the person they were sent to. perhaps to make it nicer, leave the user@ side of the e-mail address showing, but encrypt the @domain side of the e-mail address. Don't tell me, this has already been thought of and i'm the last to think of it, oh well nevermind! This would at least stop the malicious spammers harvesting new addresses on mailing lists and the third party sites where mailing list threads are published, example: seclists.org. I'm sure encrpyting the domain side of e-mail addresses has its pitfalls and flaws. Its just something I thought about on top of my head, I haven't researched fully the pro's and con's (at least yet). Thanks, [EMAIL PROTECTED] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html