A subscriber of one of our client's lists today noted that his email address had been farmed by spammers from the list archives. While the archives are indeed public, they had relied on the security of mailman's paranthetical email address manipulation -- which obviously works like a charm -- not noticing that the 'downloadable version' was a straight text file that contained unaltered addresses. To their credit, I had managed to overlook this fact for years now, myself.
What do people do to prevent this on their servers? The list owner would like to keep the archives public while protecting his subscribers. Seems to me that we should make the "downloadable version" optional, or perhaps force a zip of its contents to make is less bot friendly? Have I overlooked some options, as usual? -- warren woodward XMission DSL Domo/Mailman [EMAIL PROTECTED] (801) 303-0819 (877) XMISSION "The greatest dangers to liberty lurk in insidious encroachments by men of zeal, well-meaning but without understanding." :- U.S. Supreme Court Justice Louis Brandeis, 1928 "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." :-Benjamin Franklin, Historical Review of Pennsylvania ------------------------------------------------------ Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
