Discussion:
spamming of ML addresses
p***@piments.com
2017-06-10 08:02:12 UTC
Permalink
Hi,

for the last three weeks I have been getting massive amounts of SPAM
from the address I use for this ML. I am going to have to shut down the
account.

This is presumably because sourceforge mailman service archives this as
a public list exposing contact emails which have been trawled by spammers.

Is there a way to prevent full addresses being exposed in that way?

Are others having this problem?

Peter.
Philipp K. Janert
2017-06-10 14:01:01 UTC
Permalink
On Sat, 10 Jun 2017 09:02:12 +0100
Post by p***@piments.com
Hi,
for the last three weeks I have been getting massive amounts of SPAM
from the address I use for this ML. I am going to have to shut down
the account.
This is presumably because sourceforge mailman service archives this
as a public list exposing contact emails which have been trawled by
spammers.
Is there a way to prevent full addresses being exposed in that way?
Are others having this problem?
No, I haven't (fortunately!). Sorry to hear.

But the other day I got an email, apparently from
Sourceforge, to confirm that I want to be subscribed
to the two gnuplot email lists. I don't recall ever
receiving such an email before, but it looked legit,
and so I confirmed. Have others gotten similar emails?
Post by p***@piments.com
Peter.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
gnuplot-beta mailing list
https://lists.sourceforge.net/lists/listinfo/gnuplot-beta
Mojca Miklavec
2017-06-10 14:39:58 UTC
Permalink
Post by Philipp K. Janert
On Sat, 10 Jun 2017 09:02:12 +0100
Post by p***@piments.com
Hi,
for the last three weeks I have been getting massive amounts of SPAM
from the address I use for this ML. I am going to have to shut down
the account.
This is presumably because sourceforge mailman service archives this
as a public list exposing contact emails which have been trawled by
spammers.
Is there a way to prevent full addresses being exposed in that way?
Are others having this problem?
No, I haven't (fortunately!). Sorry to hear.
I'm getting sufficient spam from all over the place (it ends in
spambox anyway), so generally I wouldn't be able to tell where exactly
the spam originates. (I would need a separate email address for each
mailing list for that.)
Post by Philipp K. Janert
But the other day I got an email, apparently from
Sourceforge, to confirm that I want to be subscribed
to the two gnuplot email lists. I don't recall ever
receiving such an email before, but it looked legit,
and so I confirmed. Have others gotten similar emails?
Yes, I got that one as well.

The list of mailing lists looks OK. So either they have so many
spammers subscribed on various lists that they had to do this to get
rid of spammers. Or some spammers got hold of their complete database
and are now sending emails themselves :) I guess it's the first in
this case, but it would be nice if they wrote this somewhere on the
web page as it looks suspicious in any case. Usually such emails are
phishing attacks, I don't remember getting a similar legitimate email
like that one in the past.

Mojca
p***@piments.com
2017-06-10 17:54:04 UTC
Permalink
Post by Mojca Miklavec
Post by Philipp K. Janert
On Sat, 10 Jun 2017 09:02:12 +0100
Post by p***@piments.com
Hi,
for the last three weeks I have been getting massive amounts of SPAM
from the address I use for this ML. I am going to have to shut down
the account.
This is presumably because sourceforge mailman service archives this
as a public list exposing contact emails which have been trawled by
spammers.
Is there a way to prevent full addresses being exposed in that way?
Are others having this problem?
No, I haven't (fortunately!). Sorry to hear.
I'm getting sufficient spam from all over the place (it ends in
spambox anyway), so generally I wouldn't be able to tell where exactly
the spam originates. (I would need a separate email address for each
mailing list for that.)
Which is exactly what I do ;)

That is how I know the recent flurry is coming from the contact I put on
this ML.

BTW they come in volleys of three identical emails each from different
bogus addresses.

I also got the renew subscription msg , which I also thought looked
rather phishy, so I did not do anything about it. This prompted me to
consider killing this address and subscribing with a new one, but
chances are the same thing will happen.

Thanks for comments.

Peter.
Post by Mojca Miklavec
Post by Philipp K. Janert
But the other day I got an email, apparently from
Sourceforge, to confirm that I want to be subscribed
to the two gnuplot email lists. I don't recall ever
receiving such an email before, but it looked legit,
and so I confirmed. Have others gotten similar emails?
Yes, I got that one as well.
The list of mailing lists looks OK. So either they have so many
spammers subscribed on various lists that they had to do this to get
rid of spammers. Or some spammers got hold of their complete database
and are now sending emails themselves :) I guess it's the first in
this case, but it would be nice if they wrote this somewhere on the
web page as it looks suspicious in any case. Usually such emails are
phishing attacks, I don't remember getting a similar legitimate email
like that one in the past.
Mojca
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
gnuplot-beta mailing list
Membership management via: https://lists.sourceforge.net/lists/listinfo/gnuplot-beta
Hans-Bernhard Bröker
2017-06-10 20:05:36 UTC
Permalink
Post by p***@piments.com
Post by p***@piments.com
for the last three weeks I have been getting massive amounts of SPAM
from the address I use for this ML.
Strange --- I didn't. But maybe my mail provider's spam filter is
tougher than yours...

And just out of curiosity: what do you consider "massive amounts"?
Post by p***@piments.com
Post by p***@piments.com
This is presumably because sourceforge mailman service archives this
as a public list exposing contact emails which have been trawled by
spammers.
Did you even look at the archives before making such an accusation?
Post by p***@piments.com
Post by p***@piments.com
Is there a way to prevent full addresses being exposed in that way?
Ultimately, no, there isn't. If an address harvester subscribes, they
will get the address of each posted mail, pretty much by necessity.
Post by p***@piments.com
I also got the renew subscription msg , which I also thought looked
rather phishy, so I did not do anything about it.
The message is, to the best I can tell, genuine. Go directly to the
project's Mailing List pages (not via any link from that mail, if you're
worried), and see for yourself.
Daniel J Sebald
2017-06-10 19:58:45 UTC
Permalink
Post by p***@piments.com
Post by Mojca Miklavec
Post by Philipp K. Janert
On Sat, 10 Jun 2017 09:02:12 +0100
Post by p***@piments.com
Hi,
for the last three weeks I have been getting massive amounts of SPAM
from the address I use for this ML. I am going to have to shut down
the account.
This is presumably because sourceforge mailman service archives this
as a public list exposing contact emails which have been trawled by
spammers.
Is there a way to prevent full addresses being exposed in that way?
Are others having this problem?
No, I haven't (fortunately!). Sorry to hear.
I'm getting sufficient spam from all over the place (it ends in
spambox anyway), so generally I wouldn't be able to tell where exactly
the spam originates. (I would need a separate email address for each
mailing list for that.)
If it is actual spam, typically the original source isn't in the email.
Somehow that info can be left out, even though there may be a short list
of several places the email was routed.
Post by p***@piments.com
Which is exactly what I do ;)
That is how I know the recent flurry is coming from the contact I put on
this ML.
BTW they come in volleys of three identical emails each from different
bogus addresses.
These kind of things happen to me on occasion, but after a week or two
they subside when the bot gets no activity. I.e., if you follow links
(never do so with a suspect email), it's a confirmation of a valid
address and the site might get other information like cookies and such.

If I have a suspect email, I'll save it to a separate file (without
viewing the email in an HTML device...which many email viewers are) then
look at it with a generic ASCII editor. If the file is mostly binary
data at the end or I don't recognize the sender/text, I discard it.

For any email that requests logging into some type of account, I don't
follow any direct links from the email. Instead, I go to the site in my
browser by typing the address I know for that site. That avoids going
to some kind of mimic page.

Dan

Loading...