--- David Shaw <[EMAIL PROTECTED]> wrote: > On Mon, Jan 29, 2007 at 05:20:20PM +0100, Werner Koch wrote: > > On Mon, 29 Jan 2007 16:22, [EMAIL PROTECTED] said: > > > > > etc. Nowadays, many spammers aren't using their own bandwidth or > CPU. > > > So why *not* hit the keyservers? It costs them essentially nothing. > > > > OTOH, addresses taken from the addressbook as available on the host > > (== zombie Windows PC) are much more effective than harvesting the web > > or kyeservers. These local addresses are more certain to actually be > > used and even better: the recipient of the spam knows the sender. > > Indeed. It is also possible that the keyservers aren't being targeted > specifically as keyservers, but rather that people have links to > keyserver searches out there, and the spammers are just using a > crawler that happens to follow that link. Some keyservers don't > obfuscate their search results. > > David >
Something to think about when organizing a keysigning too. Avoid putting a participant list on a webpage. Just a keyring maybe. Randy _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
