If I was in charge of a corporate network, I wouldn't ask my lusers to
provide me with patches and bugfixes for the software running on the
machines, because I was the one running it I would go and sort out any
security problems myself, potential or otherwise.
I believe this analogy holds true even for this small mailing list.
However, I did a bit of legwork... Didn't take me long to find the following
"spamprotect = [ 0 | 1 ]
Set this to On to make hypermail not output real email addresses in the
output HTML but instead it will obfuscate them a little. You can control the
obfuscation with antispamdomain.
antispamdomain = string with invalid domain
By default the spamprotect option only does a small amount of massaging of
email addresses. Use this to completely replace the domain from which a
message originates (everything after the @) with some string to confuse
screen-scraping programs. It is probably wise to make this an invalid mail
antispamdomain = "email.domain.hidden" (disabled by default)"
It's the second option there which caught my eye. Unfortunately the
hypermail site is down at the moment due to hardware failure, coming back on
the 21st apparently, but it's still down as I type this. Here's the Google
cache link if you want to look for yourself:
... Looks like it wouldn't be hard to implement.
> -----Original Message-----
> From: Daniel Stenberg [mailto:daniel_at_rockbox.org]
> Sent: 20 February 2007 20:52
> To: Rockbox
> Subject: RE: FW: [users] Slow Monday -- No Bots?
> On Tue, 20 Feb 2007, christof_at_infinitus.co.uk wrote:
> > I am fully aware spam is here to stay, but changing the
> appearance of
> > the archives imho WOULD make a difference, if only a small
> one - every
> > time a bot scrapes the pages, that's one more list our
> addresses are on.
> Most bots won't get the addresses we show.
> > Take away the email addresses and it won't "unring the bell" as the
> > person in the email is quoted as saying, but surely you agree it's
> > better to be proactive and try your best, whatever you can
> do, to curb
> > the further spread of personal addresses across the web?
> Then please provide the patch/script(s) I asked for and show
> me that you do your best. It is always very easy to ask
> someone else to do their best and ask them to stretch their
> efforts and time a little bit more.
> > The fact is that my email and webspace provider is fairly competent
> > and provides me with a very good service for what I pay; the fact
> > remains that as a site admin running a mailing list with a web
> > interface, to me it's just common sense to obfuscate email
> They are obfuscated. Just not obfuscated enough to fool them all.
> > It affects everyone, not just me, and as a responsible
> admin I would
> > do my best to help protect my list members' addresses from finding
> > their way into the public domain from a private list.
> Then show me the code.
> Daniel Stenberg -- http://www.rockbox.org/ --
Received on 2007-02-21