[ale] Webcrawlers can harvest ALE Archive E-mail Addresses
Fletch
fletch at phydeaux.org
Thu Feb 10 15:52:26 EST 2005
>>>>> "Michael" == Michael Hirsch <mdhirsch at gmail.com> writes:
[...]
Michael> My understanding is that email addresses are so easy to
Michael> harvest right now, that few harvesters bother trying to
Michael> unobfuscate the email addresses. I suspect that even
Michael> something as stupid as replacing all '@' symbols with '
Michael> AT ' in the archives would significantly reduce my spam.
Michael> Doing funky stuff with hex codes might work even better.
Michael> Spammers know that using strange spellings and characters
Michael> can fool many filters. Similarly, I bet the same tricks
Michael> would fool many spammers.
Easy enough to empirically test (and would be interesting to know):
1. Steal underpants, 2. ?, 3. Profit
Wait, sorry. Wrong plan.
* Set up a dummy mail account on a gibberish domain or subdomain; the
account name and domain should be something random enough that it's
not likely to get hit by a 'try this dictionary list @ example.com'
scheme (i.e. embed some numerals in strange places, 't1es1t')
* Sign said account up to the ale list, and post.
* See how long it takes to receive spam at that address.
* Repeat with a different address but post only to a list which tries
to obfuscate whatever public archive.
Be interesting to find out if both get harvested, only the
unobfuscated one gets harvested, or neither; as well as finding out
what the "time to be spammed" is.
--
Fletch | "If you find my answers frightening, __`'/|
fletch at phydeaux.org| Vincent, you should cease askin' \ o.O'
| scary questions." -- Jules =(___)=
| U
More information about the Ale
mailing list