-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday, May 17 at 06:30 PM, quoth Derek Martin:
> And the comment in my sig is anything but glib.
Oh come now. Given that "glib" means "insincere" (and shallow), and
that I really doubt you expect anyone to give the spammers a heartfelt
thanks, I think "Thank the spammers" is pretty close to the very
definition of glib. "Thank you SO much, Mr. Spammer, sir. I sincerely
appreciate any and all inconvenience you've caused Mr. Martin and any
well-meaning list members interested in contacting him privately." Yes
that's sarcasm, but I'm proving a point here: surely you don't
actually intend people to actually thank the spammers. I'm not
questioning the intent behind the rest of your signature, but "thank
the spammers"? Come on.
I have no doubt that spam and spammers are the reason for your policy.
And saying something like "The spammers have forced my hand." or "I
look forward to a spam-free world." or something similar gets the same
idea across without the flip attitude.
(Not, I wish to point out, that I am personally offended by it; but I
can see that some might.)
>> And one of these is supposed to be less irritating than the other?
>
> The difference is that one is potentially irritating to people *I care
> about receiving mail from*, and the other absolutely is not. I'll let
> you guess which is which... ;-)
Mmm, I guess it all rests on the specific definition of "people I care
about receiving mail from", and in your case, it requires that people
find a way to contact you in non-private-email (or non-email) form
first, to request the secret address. In both the challenge case and
the secret-email-address case, the onus is on the sender to take the
extra steps to make sure their email reaches you. You can be proactive
and make sure that the people you wish to contact have your email
address, but you can also be proactive and make sure that the people
you wish to contact are in your whitelist.
Frankly, I don't see much difference between your current method, and
maintaining a simple whitelist where anyone whose email address isn't
in your whitelist cannot contact you (let's say, email from senders
not in the whitelist get rejected). In fact, if you were to use a
whitelist, that would even allow you to revoke permission to send to
you.
> I've also already stated that I maintain a public address that gets
> heavily filtered.
Given how you've criticized such filtering as potentially losing mail,
I don't see that this is a valid way to address the problem of "people
on mailing-list X wish to contact you". Following the logic of your
other arguments, in this case, their mail may get lost and they'll
never know (I'm presuming that since you've said you hate spending
time reviewing spam decisions, you aren't doing that for this public
address). And, if this address is your solution to the problem of
people you don't know contacting you, why don't you put that address
in your sig?
Since you don't, it seems like a more accurate statement to put in
your sig is:
The sending address of this email is invalid. If I wish to talk to
you privately, I will contact you first. Otherwise, please leave
me alone.
> If I expected mail from you, it wouldn't get lost. A variety of
> other solutions also exist: web page with the address as an image,
This is roughly the same as a temporary URL; requires work, and is
vulnerable to spammers just the same (all you're doing is relying that
spammer OCR technology isn't very good, which may be true for the
moment, but they'd quickly get better if everyone used this
technique).
> IM,
Posting your IM screen name so that you can send each other your
respective email addresses is roughly the same as posting your phone
number to mailing list for the same purpose. (Are the IM anti-spam
techniques that much better than are possible with email? Of course
not.)
> irc private message,
Which is equivalent to IM, only it requires a slightly older and less
popular communication protocol.
> etc. A small amount of thought produces a large number of
> solutions...
And my point is that they boil down to either providing some permanent
email-alternative (which can then be potentially exploited by spammers
of some variety) or a temporary mechanism (url, email, what-have-you)
which requires significantly more effort. It's not that my imagination
is limited here, it's that these methods fit into two basic
categories, and thus listing several is beside the point.
~Kyle
- --
A man cannot be held responsible for what his mind does while he's
asleep.
-- Jean Luc Picard
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!
iD8DBQFGTUmCBkIOoMqOI14RAh/dAJsHjZL8UJbW/YDGOPSN79utWQ7/fgCg5RtG
ON7J6C/EBvzmEkND8dSBns0=
=xec2
-----END PGP SIGNATURE-----
