--On 25 August 2009 21:02:01 +0000 Julian Mehnle <jul...@mehnle.net> wrote:
Bob Puff wrote:
You are presuming too much on spammers as a whole. I've dealt with a
couple spammers, and they just used some tools they got online that
search for usern...@domain.something. Everything else is ignored.
I don't for a minute doubt that the advanced spammers will snag
anything and everything no matter how strange it is obfusticated (sp?).
But there are a LOT of low-tech spammers still out there, and there is
enough "low hanging fruit" for them that this little bit we are
discussing can be over their head.
It's not. Spammers usually don't do address harvesting themselves
nowadays, but outsource it to botnets (just like they outsource the
spamming itself to botnets) that are running kind of "off the shelf"
software tailored to the task. Today, as a spammer you go out and buy
those services in online shops, paying by credit card. And parsing
"localpart at domain" is among the most trivial things current harvester
modules do.
Any wanna-be spammers who still run their garage business with self
written tools are pretty much meaningless in terms of magnitude.
If anything, this kind of obfuscation is an inconvenience to legitimate
users, but certainly not to spammers.
-Julian
There's recently published research which suggests that simple obfuscation
can be effective. Concealment, presumably, is more effective. At
<http://www.ceas.cc/> you can download "Spamology: A Study of Spam Origins"
<http://www.ceas.cc/papers-2009/ceas2009-paper-18.pdf>
They say "Surprisingly, even simple email obfuscation approaches are still
sufficient today to prevent spammers from harvesting emails." and
"Commonly-used email obfuscation techniques are offering protection (for
now). It is common practice to replace the conventional @ in email
addresses by an AT in order to defeat email harvesting. We found that the
spammers are still not parsing simple obfuscations as of now. However, one
should not count on the protection offered by such simple obfuscation
schemes, for they are trivial to defeat."
Of course, list posts hang around for a long time, and may be mirrored (eg
by Google caching). Therefore, concealment seems more sensible than
obfuscation. Perhaps a captcha could be used to reveal sender addresses,
for example.
The paper might be more interesting for its discussion of techniques for
detecting (eg with honeypots) and defeating harvesters.
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
_______________________________________________
Mailman-Developers mailing list
Mailman-Developers@python.org
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives:
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9