You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openoffice.apache.org by Michael Stahl <ms...@openoffice.org> on 2011/08/24 23:27:46 UTC
Gmane address encryption (was: Re: [What?] Why and How did this reach
my inbox?)
On 24.08.2011 22:39, Larry Gusaas wrote:
>
> On 2011-08-24 11:42 AM Michael Stahl wrote:
>> On 23.08.2011 21:25, Dennis E. Hamilton wrote:
>>> How about the mangling of the To address? When I get one of
>>> these, I cannot use any rules because the To address that my mail
>>> client sees is not that of ooo-dev but some hacked-up pseudo
>>> gmane address.
>> when signing up a mailing list at Gmane there is a checkbox whether
>> the mail addresses (as seen by Gmane users) should be mangled or
>> not; this feature is intended to prevent address harvesting and
>> thus deter spammers.
> Can that feature be changed? Is it necessary?
it seems there is a form on the Gmane site where the list information
can be edited, including the mangling (it is called "encryption").
but before changing it we should ensure that posters on this list are
not concerned about potentially getting more spam.
(haven't checked whether any of the various other sites that archive
this list expose the mail addresses to scraping by spammers)
> None of the OOo or LibreOffice lists that I follow with Gmane have
> mangled addresses. Nor do the other lists I follow.
of the LO lists that i look at occasionally only the main development
list seems to have the mangling enabled, the other ones not.
regards,
michael
RE: Gmane address encryption (was: Re: [What?] Why and How did this reach my inbox?)
Posted by "Dennis E. Hamilton" <de...@acm.org>.
Right.
I don't have access to those techniques in my e-mail client. Nor in my news reader.
- Dennis
[Please everyone: no suggestions for what software would do that. I'm not changing over my infrastructure for this one situation.]
-----Original Message-----
From: Daniel Shahaf [mailto:d.s@daniel.shahaf.name]
Sent: Wednesday, August 24, 2011 15:12
To: ooo-dev@incubator.apache.org
Subject: Re: Gmane address encryption (was: Re: [What?] Why and How did this reach my inbox?)
Dennis E. Hamilton wrote on Wed, Aug 24, 2011 at 14:55:15 -0700:
> Here's a mangled To: address that is obfuscated and defies my inbox
> rules. Is this what you are talking about? Can we turn that off?
> Can we get it to user our accurate list address? It almost seems that
> our list is being BCCed.
>
FWIW, filtering list traffic by the list headers (eg, List-Id), or by
using a unique address to subscribe to the list and then filtering by
the BCC-delivered-to address, work around that.
I know not everyone uses these techniques.
> From: Bjoern Michaelsen [mailto:redacted]
> Sent: Sunday, August 21, 2011 02:48
> To: public-ooo-dev-d1GL8uUpDdXTxqt0kkDzDmD2FQJk+8+b@plane.gmane.org
> Subject: Re: OpenOffice.org Improvement Program, Apache Migration and Privacy Policy
>
> - Dennis
>
> -----Original Message-----
> From: Michael Stahl [mailto:mst@openoffice.org]
> Sent: Wednesday, August 24, 2011 14:28
> To: ooo-dev@incubator.apache.org
> Subject: Gmane address encryption (was: Re: [What?] Why and How did this reach my inbox?)
>
> On 24.08.2011 22:39, Larry Gusaas wrote:
> >
> > On 2011-08-24 11:42 AM Michael Stahl wrote:
> >> On 23.08.2011 21:25, Dennis E. Hamilton wrote:
> >>> How about the mangling of the To address? When I get one of
> >>> these, I cannot use any rules because the To address that my mail
> >>> client sees is not that of ooo-dev but some hacked-up pseudo
> >>> gmane address.
> >> when signing up a mailing list at Gmane there is a checkbox whether
> >> the mail addresses (as seen by Gmane users) should be mangled or
> >> not; this feature is intended to prevent address harvesting and
> >> thus deter spammers.
> > Can that feature be changed? Is it necessary?
>
> it seems there is a form on the Gmane site where the list information
> can be edited, including the mangling (it is called "encryption").
>
> but before changing it we should ensure that posters on this list are
> not concerned about potentially getting more spam.
>
> (haven't checked whether any of the various other sites that archive
> this list expose the mail addresses to scraping by spammers)
>
> > None of the OOo or LibreOffice lists that I follow with Gmane have
> > mangled addresses. Nor do the other lists I follow.
>
> of the LO lists that i look at occasionally only the main development
> list seems to have the mangling enabled, the other ones not.
>
> regards,
> michael
>
Re: Gmane address encryption (was: Re: [What?] Why and How did
this reach my inbox?)
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Dennis E. Hamilton wrote on Wed, Aug 24, 2011 at 14:55:15 -0700:
> Here's a mangled To: address that is obfuscated and defies my inbox
> rules. Is this what you are talking about? Can we turn that off?
> Can we get it to user our accurate list address? It almost seems that
> our list is being BCCed.
>
FWIW, filtering list traffic by the list headers (eg, List-Id), or by
using a unique address to subscribe to the list and then filtering by
the BCC-delivered-to address, work around that.
I know not everyone uses these techniques.
> From: Bjoern Michaelsen [mailto:redacted]
> Sent: Sunday, August 21, 2011 02:48
> To: public-ooo-dev-d1GL8uUpDdXTxqt0kkDzDmD2FQJk+8+b@plane.gmane.org
> Subject: Re: OpenOffice.org Improvement Program, Apache Migration and Privacy Policy
>
> - Dennis
>
> -----Original Message-----
> From: Michael Stahl [mailto:mst@openoffice.org]
> Sent: Wednesday, August 24, 2011 14:28
> To: ooo-dev@incubator.apache.org
> Subject: Gmane address encryption (was: Re: [What?] Why and How did this reach my inbox?)
>
> On 24.08.2011 22:39, Larry Gusaas wrote:
> >
> > On 2011-08-24 11:42 AM Michael Stahl wrote:
> >> On 23.08.2011 21:25, Dennis E. Hamilton wrote:
> >>> How about the mangling of the To address? When I get one of
> >>> these, I cannot use any rules because the To address that my mail
> >>> client sees is not that of ooo-dev but some hacked-up pseudo
> >>> gmane address.
> >> when signing up a mailing list at Gmane there is a checkbox whether
> >> the mail addresses (as seen by Gmane users) should be mangled or
> >> not; this feature is intended to prevent address harvesting and
> >> thus deter spammers.
> > Can that feature be changed? Is it necessary?
>
> it seems there is a form on the Gmane site where the list information
> can be edited, including the mangling (it is called "encryption").
>
> but before changing it we should ensure that posters on this list are
> not concerned about potentially getting more spam.
>
> (haven't checked whether any of the various other sites that archive
> this list expose the mail addresses to scraping by spammers)
>
> > None of the OOo or LibreOffice lists that I follow with Gmane have
> > mangled addresses. Nor do the other lists I follow.
>
> of the LO lists that i look at occasionally only the main development
> list seems to have the mangling enabled, the other ones not.
>
> regards,
> michael
>
RE: Gmane address encryption
Posted by "Dennis E. Hamilton" <de...@acm.org>.
I don't see any encryptions in the messages as forwarded on the ooo-dev @ i.a.o list.
-----Original Message-----
From: NoOp [mailto:glgxg@sbcglobal.net]
Sent: Wednesday, August 24, 2011 18:00
To: ooo-dev@incubator.apache.org
Subject: Re: Gmane address encryption
On 08/24/2011 05:45 PM, NoOp wrote:
...
>
> Gary Lee (NoOp) glgxg@sbcglobal.net
>
>
Added note: that would be glgxg @ sbcglobal.net (no spaces) without the
encryption.
Re: Gmane address encryption
Posted by NoOp <gl...@sbcglobal.net>.
On 08/24/2011 05:45 PM, NoOp wrote:
...
>
> Gary Lee (NoOp) glgxg@sbcglobal.net
>
>
Added note: that would be glgxg @ sbcglobal.net (no spaces) without the
encryption.
Re: Gmane address encryption
Posted by NoOp <gl...@sbcglobal.net>.
On 08/24/2011 02:27 PM, Michael Stahl wrote:
> On 24.08.2011 22:39, Larry Gusaas wrote:
>>
>> On 2011-08-24 11:42 AM Michael Stahl wrote:
>>> On 23.08.2011 21:25, Dennis E. Hamilton wrote:
>>>> How about the mangling of the To address? When I get one of
>>>> these, I cannot use any rules because the To address that my mail
>>>> client sees is not that of ooo-dev but some hacked-up pseudo
>>>> gmane address.
>>> when signing up a mailing list at Gmane there is a checkbox whether
>>> the mail addresses (as seen by Gmane users) should be mangled or
>>> not; this feature is intended to prevent address harvesting and
>>> thus deter spammers.
>> Can that feature be changed? Is it necessary?
>
> it seems there is a form on the Gmane site where the list information
> can be edited, including the mangling (it is called "encryption").
>
> but before changing it we should ensure that posters on this list are
> not concerned about potentially getting more spam.
First off, thank you very much for making this list available via
gmane.org. I subscribe to well over 20 lists & would never be able to
browse/post to them were I directly inundated with emails from all.
Using gmane.org nntp I can easily check the one's I wish, search thread
headers, etc., without a single list email hitting my inbox.
If the concern is about gmane.org forwarding spam, you'll find that they
have pretty good filtering & processes in place to help prevent that.
The gmane.org subscriber must first verify that their email address is
real via a reply process:
> Subject: gmane.comp.apache.incubator.ooo.devel: Authorization required
> You have sent a message to be posted on the
> gmane.comp.apache.incubator.ooo.devel newsgroup.
>
> Before the message is posted on the newsgroup, you have
> to confirm that you exist. Just reply to this message, and
> the message will be posted.
>
>
> You have to respond within one week.
>
> -- Your friendly autoauthorizer at Gmane.org http://gmane.org/
and after the user responds:
> Subject: Re: Authorization required to post to
gmane.comp.apache.incubator.ooo.devel (edb1c67b746078ba5662f0416f5b412a)
> You are now authorized to post to the
> gmane.comp.apache.incubator.ooo.devel newsgroup.
>
> The original message you sent to the newsgroup will be
> posted within ten minutes.
>
> If you have any questions, they are most likely answered
> in the FAQ: <URL: http://gmane.org/faq.php>.
>
> -- Your friendly autoauthorizer at Gmane.org http://gmane.org/
Further, each gmane.org header includes an 'Archived at:' with a link to
the message. Example:
Archived-At:
<http://permalink.gmane.org/gmane.comp.apache.incubator.ooo.devel/3511>
If the msg is a spam you only need to go to the URL and 'Report as
spam'. gmane.org takes a look at each one to ensure that someone isn't
simply reporting as spam to be vindictive etc.:
http://gmane.org/spam-control.php
>
> (haven't checked whether any of the various other sites that archive
> this list expose the mail addresses to scraping by spammers)
Overall, the OOo users list gets very few spams from gmane.org:
<http://gmane.org/output-rate.php?group=gmane.comp.openoffice.questions>
>
>> None of the OOo or LibreOffice lists that I follow with Gmane have
>> mangled addresses. Nor do the other lists I follow.
The only one that I'm aware of is the "un-official" virtualbox list:
gmane.comp.emulators.virtualbox.user
As for list-bots scrapping addresses; they can do that with this list
already. For example, the 'RAW' versions of this list contain all the
info needed:
<http://mail-archives.apache.org/mod_mbox/incubator-ooo-dev/201108.mbox/raw/%3C015b01cc629b$cdbeaca0$693c05e0$@acm.org%3E>
and of course when list users fail to remove the email address in the
response itself (see the above link where Simon included it in 'Säger
<snipped> wrote:'.
So I think if someone is determined enough they can scrape list email
addresses anyway. IMO I'd much rather just forgo the gmane.org email
address encryption. Further, it will avoid the '[Discussion]
dev@openoffice.org' issue & also easily allow
folks on the list to take a discussion/flame/whatever off list.
>
> of the LO lists that i look at occasionally only the main development
> list seems to have the mangling enabled, the other ones not.
>
> regards,
> michael
>
>
Gary Lee (NoOp) glgxg@sbcglobal.net
RE: Gmane address encryption (was: Re: [What?] Why and How did this reach my inbox?)
Posted by "Dennis E. Hamilton" <de...@acm.org>.
Here's a mangled To: address that is obfuscated and defies my inbox rules. Is this what you are talking about? Can we turn that off? Can we get it to user our accurate list address? It almost seems that our list is being BCCed.
From: Bjoern Michaelsen [mailto:redacted]
Sent: Sunday, August 21, 2011 02:48
To: public-ooo-dev-d1GL8uUpDdXTxqt0kkDzDmD2FQJk+8+b@plane.gmane.org
Subject: Re: OpenOffice.org Improvement Program, Apache Migration and Privacy Policy
- Dennis
-----Original Message-----
From: Michael Stahl [mailto:mst@openoffice.org]
Sent: Wednesday, August 24, 2011 14:28
To: ooo-dev@incubator.apache.org
Subject: Gmane address encryption (was: Re: [What?] Why and How did this reach my inbox?)
On 24.08.2011 22:39, Larry Gusaas wrote:
>
> On 2011-08-24 11:42 AM Michael Stahl wrote:
>> On 23.08.2011 21:25, Dennis E. Hamilton wrote:
>>> How about the mangling of the To address? When I get one of
>>> these, I cannot use any rules because the To address that my mail
>>> client sees is not that of ooo-dev but some hacked-up pseudo
>>> gmane address.
>> when signing up a mailing list at Gmane there is a checkbox whether
>> the mail addresses (as seen by Gmane users) should be mangled or
>> not; this feature is intended to prevent address harvesting and
>> thus deter spammers.
> Can that feature be changed? Is it necessary?
it seems there is a form on the Gmane site where the list information
can be edited, including the mangling (it is called "encryption").
but before changing it we should ensure that posters on this list are
not concerned about potentially getting more spam.
(haven't checked whether any of the various other sites that archive
this list expose the mail addresses to scraping by spammers)
> None of the OOo or LibreOffice lists that I follow with Gmane have
> mangled addresses. Nor do the other lists I follow.
of the LO lists that i look at occasionally only the main development
list seems to have the mangling enabled, the other ones not.
regards,
michael