[ale] (no subject) SPAM talk...

Fletch fletch at phydeaux.org
Sat Apr 17 13:30:05 EDT 2004 

>>>>> "ChangingLINKS" == ChangingLINKS com <ChangingLINKS.com> writes:

[...]

    ChangingLINKS> Good. *not* to be a smartass, but please take the
    ChangingLINKS> same amount of effort to write the script Chris
    ChangingLINKS> Farris requested to obfuscate the email addresses.

[...]

    ChangingLINKS> However, you are focused on the ALE
    ChangingLINKS> archives. Spammers are focused on the Internet. The
    ChangingLINKS> difference is that there are millions of sites to
    ChangingLINKS> be concerned with slogging. Moreover there are many
    ChangingLINKS> different ways to obfuscate an email address.  For
    ChangingLINKS> example, many people use user at NOSPAMdomain.com. How
    ChangingLINKS> long would it take you to write a program to
    ChangingLINKS> decipher all of the different methods? 1-1000
    ChangingLINKS> hours?

You miss my point.  If it is programatically obscured it can be
recovered.  You substitute "at" or "(at)" or "( at )", and it's
nothing to undo (c.f. the previous script).


You can put "NOSPAM" on the domain and I can get it with something
like: s/(\S at .*?)(?i:nospam)(.*?\.(?:.{2,3})+)/$1$2/.  You can add an
extra fake domain for foo at yahoo.fake.com and I can rip it out
similarly.  You can intersperse it as "uNsOeSrPnAmMe" and I can just:


s/(.+?)[Nn](.+?)[Oo](.+?)[Ss](.+?)[Pp](.+?)[Aa](.+?)[Mm]@(.+)/$1$2$3$4$5$6@$7/


Or use "REMOVEME" for "RuEsMeOrVnEaMmEe", or any other variation on
the theme.  "&#ddd;" encode all the characters and I just have to pass
it through another function, one more line of code.  No matter what I
could do to an address a determined person will be able to recover it.
Given a reasonable sample (10-15) of obscured addresses, a marginally
skilled regexp writer will be able to undo it fairly easily.  There's
only so many ways you can textually manipulate "foo at domain.com", and
spammers have probably already spent many hours undoing the common
ones.


Not to mention the more elaborate the obfuscation, the more of a pain
it will be for non-harvesters to use as well.  You're attempting to
stop an 18-wheeler rolling down a hill by tossing a twig in front of
it.  By the time you get a big enough obstacle you're going to have
halted legitimate users as well.

-- 
Fletch                | "If you find my answers frightening,       __`'/|
fletch at phydeaux.org   |  Vincent, you should cease askin'          \ o.O'
                      |  scary questions." -- Jules                =(___)=
                      |                                               U

More information about the Ale mailing list