On Thu, 26 Jun 1997, Doug Sewell wrote:
> Just a thought, only tangentially related to Exim:
>
> It's already been noted that Cyber Promotions is removing ".nospam" and
> the like from e-mail addresses it culls from the internet.
>
> Any temporary address that is based on real-name-plus-suffix could just
> as easily be subverted, I'm afraid )-:
>
> for example, doug-97191 (2 weeks from today) being translated to doug,
> what would stop Spamford from doing the same thing (ie just drop every-
> thing after the - ?)
I had a similar thought. That is why what I implemented (but have
currently cut out of the source) allows you to specify a regular
expression to extract the timestamp from the local part. It isn't
therefore a simple suffix or prefix but can be interwoven in complex
ways, and they can be different for different sites. For example,
you could set up a regular expression to operate on a local part like
lip-3006.i.97ph and turn it into a date string 97-0630 and a "real"
local part "philip". The idea is that unpicking something like that
would be harder for spammers to do - though one of my colleagues is not
convinced by this argument.
I am saddened to learn that Cyber Promotions is removing ".nospam". What
do they expect to gain from doing that? The existence of ".nospam" on an
address is pretty good evidence that the owner of the address doesn't
want any spam, is not going to respond to it, and may do things that are
detrimental to Cyber Promotions, like try to get them closed down. There
seems no logic in this unless they are paid by the number of email
addresses they claim to be mailing to.
Philip
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714