|
Posted by "Richard Lynch" on 01/14/06 00:44
On Fri, January 13, 2006 10:32 am, Stut wrote:
>>However, his rant does present a real issue. Forcing people to use
>> "real"
>>email addresses exposes them to SPAM and abuse. I would suggest, if
>>possible and resources permit, that some sort of
>> aliasing/registration
>>system be deployed where every post is may by "anonABCDEFGH@php.net"
>> and
>>every "ABCDEFGH" is a registered user who's email address is known.
>
> I would have to disagree with this. I've been on lots of 'public'
> mailing lists for quite a while and this is the first time I've ever
> seen a complaint of this nature. I really think the OP should have
> taken
> more care to read the mailing lists page on php.net before signing up.
> It clearly states that there are archives and that they are
> searchable.
> If privacy was a concern then these archives should have been checked
> to
> make sure they obscure email addresses.
I think the anon-XXX solution presented is far too complex / overhead.
The problem, however, is real.
At last count, over a year ago, pre-spam-filter, I'm getting 10,000
emails PER DAY.
~9,900 of them are spam.
I daresay somebody like Rasmus gets WAY more than that, though he may
never have bothered to check the pre-spam-filter number :-)
I am confident that all the PHP net archives listing my email about
50,000 times are a source of a not insignificant portion of these.
And this is certainly not the first time this issue has come up, not
even the first on this list, much less on all the lists I'm on.
Would it really be that hard for the PHP team to push archivists to
use PHP to obfuscate email addresses?
Something as simple as:
$html = str_replace('@', '@', $html);
should not be too onerous to request of archivists.
Last I checked, the spammers had enough harvest yield from
un-obfustcated email addresses that even THAT admittedly simplistic
stupid obfuscation was, in reality, effective.
[Google for, errrm, "Netscape email obfuscation trials" or similar and
you'll find the study, probably]
Obviously, not EVERY archive is going to get obfuscated overnight.
Obviously, the PHP Team cannot be held responsible for irresponsible
archivists.
Obviously, the savvy user will subscribe with a throw-away address or
have significant filtering in-place with the address they subscribe
with.
But, really, do you want to "side" with the spammer or the victim?
Just how tricky would it be to publish an archivists' Standard that
recommends, perhaps even "requires" someday, a reasonable attempt at
email obfuscation given current technology?
This is not about "privacy" per se -- It's about reducing the sheer
amount of automated CRAP flooding our networks / Inboxes.
If some random "real" person out there gets my email and sends me
something, and I objected on the grounds of "privacy", that would be
silly.
But I don't think it's unreasonable to complain, and I hereby add my
voice to that complaint, that the PHP archives *ARE* being harvested
by spammers, and simple effective solutions are available, yet are not
implemented, and probably should be, to the degree that readers of
this post are capable of influencing such decisions.
If you are a PHP mailing list archivist, *PLEASE* obfuscate my email
address! Thank you.
PS 100% agree the legalese sig is ridiculous. That's probably not his
fault, anyway.
--
Like Music?
http://l-i-e.com/artists.htm
[Back to original message]
|