Robots in the WoT (clean version)
Adrian 'Dagurashibanipal' von Bidder
Mon Jun 30 08:10:03 2003
Content-Description: signed data
On Monday 30 June 2003 05:31, David Shaw wrote:
> 2) There are MUCH richer sources of addresses out there. A spammer
> can pull a never-ending stream of addresses from the web and/or
> usenet. Comparatively, the keyservers are worthless.
The difference being that on PGP keys, people tend to use their 'real'=20
addresses, whereas on Usenet they use a throwaway account.
But OTOH, spammers usually are paid per message sent, not per message=20
delivered, so bogus/old addresses don't bother them that much as long as=20
there's an MX for the domain...
In my case, I havre the email address published in probably most of the=20
spammers' address CDs anyway by now, so I don't care much. And I agree with=
you: harvesting from keyservers probably requires too much of a specific=20
effort on the spammers' part. (Hmmmm, but wasn't there a discussion about=20
somebody hammering a keyserver with requests just a month ago or something =
the pgp-keyserver-folk mailing list?)
featured product: GNU Privacy Guard - http://gnupg.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.5&md5sum=5dff868d11843276071b25eb7006da3e