Jini & the rest of the p2tech
community -
Some of you may recall that there was discussion
earlier this week, of a plague of phony e-mails soliciting help in smuggling
embezzled funds out of poor African nations. A couple of us on P2TECH
mentioned that it was quite easy for some unscrupulous spammer to "mine" the
archives of lists like P2TECH in order to obtain a list of e-mail addresses, and
that there was little, short of discontinuing the archives, that could be done
to stop it.
Not a particularly happy conclusion to reach, but hey -
spam happens.
But, leave it to a computer scientist to come up with a
solution that is simple yet effective!
I was recently reviewing list of
publications by a CS researcher at Stanford who had footnoted the contact info
on his personal page. He indicated that users would need to edit his
e-mail by removing a character that he had placed after the @ sign
(like this: scott.butner@+pnl.gov) By
altering his signature line with this deliberate typo in his e-mail, he had
effectively rendered the e-mail unintelligible to the majority of scripts which
use something called regular expressions (text patterns which can be used to
search for specific bits of information in a document or string) to recognize
valid e-mail addresses. Even those
scripts which capture the e-mail address in this form, probably will not
recognize it as an invalid e-mail address, and hence will send any subsequent
spam to an invalid address.
In any event it would be interesting to see whether altering the script which is used to build the P2TECH archives from our messages so that it inserts an extra character into the e-mail address at a predictable spot (for instance, immediately following the @ sign) would cut down on the number of spam messages received by members of this community. It would then be incumbent upon us to remember when browsing the archives that we need to remove the bogus character before sending a message to a poster.
Just a thought. This is admittedly a imperfect fix -- anyone really intent on capturing our e-mails could spot the deception easily enough by visual inspection. But my guess is that most spammers are not paying that much attention.
Another thought: nothing prevents individuals
from implementing this convention unilaterally (and with randomly chosen
characters).
I have yet to see a script that was smart enough to read
a footnote! ;-)
Scott Butner (scott.butner@+pnl.gov)*
* You may
have noticed a "+" in my e-mail address.
I am trying to fool the
spammers. Shhhh! don't tell anyone!
Please remember to remove
the + from the e-mail address before sending mail to
me.