Re: Gmane address encryption

[NoOp <gl...@sbcglobal.net>]

On 08/24/2011 02:27 PM, Michael Stahl wrote:
> On 24.08.2011 22:39, Larry Gusaas wrote:
>> 
>> On 2011-08-24 11:42 AM  Michael Stahl wrote:
>>> On 23.08.2011 21:25, Dennis E. Hamilton wrote:
>>>> How about the mangling of the To address?  When I get one of
>>>> these, I cannot use any rules because the To address that my mail
>>>> client sees is not that of ooo-dev but some hacked-up pseudo
>>>> gmane address.
>>> when signing up a mailing list at Gmane there is a checkbox whether
>>> the mail addresses (as seen by Gmane users) should be mangled or
>>> not; this feature is intended to prevent address harvesting and
>>> thus deter spammers.
>> Can that feature be changed? Is it necessary?
> 
> it seems there is a form on the Gmane site where the list information
> can be edited, including the mangling (it is called "encryption").
> 
> but before changing it we should ensure that posters on this list are
> not concerned about potentially getting more spam.

First off, thank you very much for making this list available via
gmane.org. I subscribe to well over 20 lists & would never be able to
browse/post to them were I directly inundated with emails from all.
Using gmane.org nntp I can easily check the one's I wish, search thread
headers, etc., without a single list email hitting my inbox.

If the concern is about gmane.org forwarding spam, you'll find that they
have pretty good filtering & processes in place to help prevent that.
The gmane.org subscriber must first verify that their email address is
real via a reply process:

> Subject: gmane.comp.apache.incubator.ooo.devel: Authorization required
> You have sent a message to be posted on the
> gmane.comp.apache.incubator.ooo.devel newsgroup.
> 
> Before the message is posted on the newsgroup, you have
> to confirm that you exist.  Just reply to this message, and
> the message will be posted.
> 
> 
> You have to respond within one week.
> 
> -- Your friendly autoauthorizer at Gmane.org http://gmane.org/ 

and after the user responds:

> Subject: Re: Authorization required to post to
gmane.comp.apache.incubator.ooo.devel (edb1c67b746078ba5662f0416f5b412a)
> You are now authorized to post to the
> gmane.comp.apache.incubator.ooo.devel newsgroup.
> 
> The original message you sent to the newsgroup will be
> posted within ten minutes.
> 
> If you have any questions, they are most likely answered
> in the FAQ: <URL: http://gmane.org/faq.php>.
> 
> -- Your friendly autoauthorizer at Gmane.org http://gmane.org/ 

Further, each gmane.org header includes an 'Archived at:' with a link to
the message. Example:
Archived-At:
<http://permalink.gmane.org/gmane.comp.apache.incubator.ooo.devel/3511>
If the msg is a spam you only need to go to the URL and 'Report as
spam'. gmane.org takes a look at each one to ensure that someone isn't
simply reporting as spam to be vindictive etc.:

http://gmane.org/spam-control.php

> 
> (haven't checked whether any of the various other sites that archive
> this list expose the mail addresses to scraping by spammers)

Overall, the OOo users list gets very few spams from gmane.org:
<http://gmane.org/output-rate.php?group=gmane.comp.openoffice.questions>

> 
>> None of the OOo or LibreOffice lists that I follow with Gmane have
>> mangled addresses. Nor do the other lists I follow.

The only one that I'm aware of is the "un-official" virtualbox list:
gmane.comp.emulators.virtualbox.user

As for list-bots scrapping addresses; they can do that with this list
already. For example, the 'RAW' versions of this list contain all the
info needed:

<http://mail-archives.apache.org/mod_mbox/incubator-ooo-dev/201108.mbox/raw/%3C015b01cc629b$cdbeaca0$693c05e0$@acm.org%3E>

and of course when list users fail to remove the email address in the
response itself (see the above link where Simon included it in 'Säger
<snipped> wrote:'.

So I think if someone is determined enough they can scrape list email
addresses anyway. IMO I'd much rather just forgo the gmane.org email
address encryption. Further, it will avoid the '[Discussion]
dev@openoffice.org' issue & also easily allow
folks on the list to take a discussion/flame/whatever off list.

> 
> of the LO lists that i look at occasionally only the main development
> list seems to have the mangling enabled, the other ones not.
> 
> regards,
>  michael
> 
> 

Gary Lee (NoOp) glgxg@sbcglobal.net

RE: Gmane address encryption

["Dennis E. Hamilton" <de...@acm.org>]

I don't see any encryptions in the messages as forwarded on the ooo-dev @ i.a.o list.

-----Original Message-----
From: NoOp [mailto:glgxg@sbcglobal.net] 
Sent: Wednesday, August 24, 2011 18:00
To: ooo-dev@incubator.apache.org
Subject: Re: Gmane address encryption

On 08/24/2011 05:45 PM, NoOp wrote:
...
> 
> Gary Lee (NoOp) glgxg@sbcglobal.net
> 
> 

Added note: that would be glgxg @ sbcglobal.net (no spaces) without the
encryption.

Re: Gmane address encryption

[NoOp <gl...@sbcglobal.net>]

On 08/24/2011 05:45 PM, NoOp wrote:
...
> 
> Gary Lee (NoOp) glgxg@sbcglobal.net
> 
> 

Added note: that would be glgxg @ sbcglobal.net (no spaces) without the
encryption.