On Jul 30, 2004, at 10:52 AM, Warren Woodward wrote:
A subscriber of one of our client's lists today noted that his email
address had been farmed by spammers from the list archives. While the
archives are indeed public, they had relied on the security of mailman's
paranthetical email address manipulation -- which obviously works like a
charm -- not noticing that the 'downloadable version' was a straight text
file that contained unaltered addresses. To their credit, I had managed
to overlook this fact for years now, myself.
What do people do to prevent this on their servers? The list owner would
like to keep the archives public while protecting his subscribers. Seems
to me that we should make the "downloadable version" optional, or perhaps
force a zip of its contents to make is less bot friendly? Have I
overlooked some options, as usual?
PUBLIC_MBOX = No ?
-Jeff
------------------------------------------------------ Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
