mouss wrote: > KLaM Postmaster a écrit : > >> /dev/rob0 wrote: >> >>> On Sun February 22 2009 16:05:09 KLaM Postmaster wrote: >>> >>> >>>> Is this mailing list closed (or fairly closed), I only ask because if >>>> it is then there does not seem to any good reason to munge addresses, >>>> domain names etc. >>>> If it open (that is publicly readable) then there is. >>>> >>>> >>> http://www.google.com/search?q=klam+postmaster+%22postfix-users%22 >>> should have your answer. >>> >>> Note: munging individual email addresses is often a good idea because >>> of spam harvesters. Munging domain names is generally a BAD idea, >>> especially if the problem concerns mail routing or other features which >>> depend on domain names. >>> >>> >> Its amazing just how large a footprint one leaves. >> What you say makes sense. After all, if I am posting from the domain >> that I am asking questions about it does not take a genius to work out >> the "whatever.com" is probably the same domain as my email address. It >> also makes it a little easier to thwart the address harvester as >> provided I am consistent (provided?) then addresses used in posts can be >> added to a block list. >> Which makes munging, both easier and harder at the same time, less needs >> doing but I need to be more accurate/thorough. >> > > > well, the only way to guard your fully guard your secrets is to have no > secrets at all. > > A more realistic approach is to "poison" the situation. add enough noise > to the truth. (examples: create fake addresses, fake relays, ... etc) > > but whatever you do, it's a "battle". (if you look at crime stories, > you'll find that the hardest ones are those involving "inconsistent" > criminals, that is, ones with a "variable" signature). > An alternative is to put up a decoy address. One for which email appears to be accepted, but where it is dropped, preferably while tar-pitting the sender. I don't know if this is possible, but one can dream. At the moment I think my approach will be to create series of addresses for munging and add them to my blacklist, probably munge01 - 99.
JLA
