Amps
[Top] [All Lists]

Re: [Amps] Fraudulent email to amps posters

To: "amps@contesting.com" <amps@contesting.com>
Subject: Re: [Amps] Fraudulent email to amps posters
From: David Kirkby <david.kirkby@onetel.net>
Date: Sun, 07 Aug 2005 13:08:28 +0100
List-post: <mailto:amps@contesting.com>
Tony King - W4ZT wrote:
> Anyone else receiving email with fraudulent attempts to gain access to 
> your Ebay and PayPal accounts being sent to the address you use to post 
> to this list?

Yes, I'm sure a lot (myself included) do. They rely on the 0.001% of 
people who are either new to the web, or total idiots.

> It would seem reasonable to expect the list mirror to hide poster's 
> email addresses but it isn't done.

I would agree with you there. Most mailing lists (including this one) 
use Mailman

http://www.gnu.org/software/mailman/

I don't know what features the latest version of that software has, but 
it would sensible that the developers address the spam issue (they may 
have done so).

But the list admin who runs the list could easily alter email addresses 
on archives, so automatic spam gathering software will not be able to 
gather them from archieves.

If this is a test file

---start of test file--

From: g8wrb@somewhere.com
To: peter@else.com
Subject: Changing email addresses is archives.

Hello I am Dave
-----end of test file---

All one needs is to use sed, a standard utility on UNIX hardware (on 
which I assume the webserver is anyway), but available on Windoze too. 
Just the following obscure looking command would work.

sed 's/@/y@/g' < testfile

the output of which is:

---------start of file to be kept on archives---
From: g8wrby@somewhere.com
To: petery@else.com
Subject: Changing email addresses is archives.

Hello I am Dave
----------end of file to be kept on archives---

So all addresses have an extra 'y' in them (g8wrb was turned into 
g8wrby). The bottom of each message should have a link to a page that 
explains how the email addresses are changed, so people reading the 
archives can contact the sender if they wish.

Not 100% perfect, but a whole lot better than the current situation and 
very easy to add if the system is UNIX based.

Here's a message posted at another mailing list, which replaced '@' with 
' AT '.

http://www.febo.com/pipermail/time-nuts/2005-August/001694.html

I think that one is probably a bit easier for automatic email grabbing 
software to work out. There is a balance between usability and security, 
but I would agree with you, storing archives with full email addresses 
is not a good idea.

> Be sure to NEVER respond to those attempts to fraudulently gain access 
> to your Ebay and PayPal accounts.

Sure.

> I'll be blocking all email to this address and resubscribing with a new one.

As sure as eggs are eggs, the problem will sooner or later get you at 
the new address.

-- 
David Kirkby,
G8WRB

Please check out http://www.g8wrb.org/
of if you live in Essex http://www.southminster-branch-line.org.uk/


_______________________________________________
Amps mailing list
Amps@contesting.com
http://lists.contesting.com/mailman/listinfo/amps

<Prev in Thread] Current Thread [Next in Thread>