emacs-orgmode
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: On the protection of emails in the archives


From: Tim Cross
Subject: Re: On the protection of emails in the archives
Date: Fri, 09 Apr 2021 16:58:12 +1000
User-agent: mu4e 1.5.11; emacs 28.0.50

Kyle Meyer <kyle@kyleam.com> writes:

> Guillaume MULLER writes:
>
>> Hi all,
>>
>> I recently sent an email on this mailing list (see
>> https://orgmode.org/list/b1e778c5-acbf-8a17-c9bf-dcb6693e9845@univ-st-etienne.fr/
>> )
>>
>> Since then, I'm receiving spams on the email address I used to send
>> the message.
>>
>> After some research, it seems that this email address only appears on
>> 2 websites, notably this orgmode.org mailing list archive.
>
> Your email address can also be harvested from the lists.gnu.org
> archives.  Inspect the output of
>
>   $ curl -fSsL 
> https://lists.gnu.org/archive/html/emacs-orgmode/2020-07/msg00125.html
>   $ curl -fSsL https://lists.gnu.org/archive/mbox/emacs-orgmode/2020-07
>
>> Would it be possible to configure the archive to obfuscate / hide the
>> email addresses inorder to protect its users?
>
> <https://orgmode.org/list> and its upstream source
> <https://yhetil.org/orgmode> are public-inbox
> (<https://public-inbox.org/>) archives.  There's an option (disabled by
> default) to configure address obfuscation.  However, in my view email
> obfuscation is giving you a false sense of security.  Ignoring other
> ways spammers get your address, you're posting to a public space, and
> your address can be harvested (and, as shown above, not just from these
> public-inbox archives).
>
> And this isn't something specific to Org mode's archives.  Just as some
> examples, take a look at <https://lore.kernel.org/git/>,
> <https://issues.guix.gnu.org/>,
> <https://lists.sr.ht/~sircmpwn/sr.ht-discuss/>, or
> <https://lists.gnu.org/archive/html/emacs-devel/2021-04/msg00285.html>.
>
> Anyway, that being said and despite my opinion on this, I'm considering
> turning on obfuscation at <https://orgmode.org/list> and
> <https://yhetil.org/orgmode>.  There's at least one issue that'd need to
> be fixed before doing so though:
> <https://public-inbox.org/meta/87a6q8p5qa.fsf@kyleam.com/>.

I totally agree. I have no issue if 'hiding' email addresses can be done
and has no other unfortunate side effects, but I don't believe it
actually achieves much, so don't care if the default is not changed.

I think you have to accept that the email address you use in public mail
lists is going to be harvested and as others have mentioned, a lot of
email harvesting occurs when someone who has your address in their
address book has their system compromised.

The only sane action is good spam filtering. While I know a lot of
people complain about the Google gmail spam filtering, for me it is
remarkably accurate. It is unusual for me to see even a couple of spam
messages in my inbox every few months. My spam/junk box usually gets
around 10-15 messages a day and occasional messages flagged as spam
which are not (usually because the sender's mail server isn't doing SPF
or any of the other spam prevention headers correctly). Takes me about 1
minute to scan and 'delete forever' each day, so no big problem.  
-- 
Tim Cross



reply via email to

[Prev in Thread] Current Thread [Next in Thread]