Volunteering for OSS == Sign Up for Spam? 94
bckspc asks: "I've been getting pounded by spam lately, so did a Google search on my email address to see where it might appear on the Web. To my horror, it turned up several times in an archive of a Gnome listserv for a project I briefly participated in. While the email address is visibly obscured on the Web pages, it is quite intact in the HTML code. I emailed the list admin about obscuring or removing my email address, but was curtly dismissed. I'm a relative newbie and the experience soured me on participating in other OSS projects. How to Slashdot users deal with this? Must I set up disposable email accounts for every list?"
No real cure to this problem (Score:5, Interesting)
Worse than that, my name and email also appear on one OSS project's discussion board, in full and with really akeward comments from 1997 or so... Kind of embarassing to read them now, especially with potential clients googling anybody's identities 8-)
I don't otherwise sign up my primary email address to any lists of sorts, and I use fake names when signing up for non-essential things; I also use disposable webmail addresses and vanity domains for that purpose. I only clean-up web accounts accounts prior to expecting some sort of comfirmation email, after which the account goes back to the abandoned, spammed-to-death status for another while.
Which is why (Score:2, Interesting)
It's not perfect; you could still trace it to me, or steal the handle if you were so inclined. But a google for that handle won't link it to me - I've checked for that.
New "Mail Returned" tactic (Score:3, Interesting)
This is a major PITA, as whilst I now filter these too it makes it more difficult to see when _my_ real legitimate mail didn't make it somewhere because of a problem.
How long can the spam filters hold all this back !
Re:Yes (Score:4, Interesting)
The parent is 100% right. At this point, it's nuts not to use a restricted email address for mailing lists since so many are archived in various places, and it's well known that spammers crawl these archives for addresses. Some mailing lists are archived on hundreds or even thousands of web sites.
Another option is time-expiring addresses. I do this for usenet since there are no subscription issues. I change addresses every month, and they last for 2, giving a reasonable working time. Again - obscured real address in the sig.
These schemes obviously work best when you control your own domain as you can have custom bounce messages and such. I actually use several domains for different things (and host accounts for family and friends...)
Re:Recent spam (Score:3, Interesting)
I'd stay well clear..
How I've avoided spam... (Score:4, Interesting)
This is entirely by accident, but I've talked to others who have done the same thing, and they've reported similar results.
About 2 years ago, my wife and I set up our own mail server in-house. While we set up the normal "service@domain" addresses for various things, I also had her create a "spam@ourdomain" address for me - something I could use as a generic address for one-time registration pages, that sort of thing. I've been using my "spam@" address pretty regularly since it's been created. More so as time wore on, when something became pretty apparent:
I was getting almost no spam directed to that address.
Now, I've used that address in a number of places, including on Usenet. I get (perhaps) one or two prices of spam per month. The only thing I can figure is that spammers, or folks putting together mailing lists for spammers, have decided that "spam@" just isn't worth sending email to. Maybe I've just been lucky; maybe my "spam@" address will be inundated with spam tomorrow morning. I don't know. I do know that it's worked well enough for me that if I ever end up managing a mail server for another domain, I'm going to make sure that I have a "spam@" address there as well.
Re:How I've avoided spam... (Score:3, Interesting)
Most people when replying will not even look at the actual email address. They will also be the people most likely to have my email address harvested, (virus, chain mail). The power users will ask or drop the .spam part.
The evil spammers, AFAIK just drop all address containing spam, as logical speaking if you have offuscated your email address your not going to respond to a spam and/or your going to report the spammers IP. It works a bit like a double bluff.