Keyserver and spam
eocsor at gmail.com
Wed Dec 22 05:18:50 CET 2004
I suppose its time for my two cents:
I'm sure someone will rebuke me for what I did, though I was curious
as to this keyserver spam issue as well. So I uploaded a key with a
spamgourmet disposible email address, that email address was solely
for the purpose of checking if spammers harvested addresses from
If your familar with how spamgourmet works, youll know by default that
email address is only capable of recieving three emails before they
just get dropped into the intarweb ether.
I did get 3 articles of spam, sent to that address, the first one came
the day after key upload, then 2 more the day (or was it the two
days?) after that.
So, you see, I myself am fairly confident spammers do harvest
keyservers for emails, (and if they didnt I'd be surprised, if I were
a spammer I would..) but at the same time the convenience they offer
me far out weighs the problems. So far gmail's been doing pretty damn
well at sorting spam from none spam, so well infact that spam isnt a
problem to me, I couldnt care less.
(Key was uploaded to subkeys.pgp.net btw)
On Wed, 22 Dec 2004 01:44:04 -0000, Greg Sabino Mullane
<greg at turnstep.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> > Whats the current state of play with keyservers and spammers? Is it
> > technically possible for them to harvest addresses from keyservers, and
> > does anybody know if its a problem?
> Yes it's possible, and no, it's not a problem. While possible, it is very
> unlikely, as there are so many other easier ways to get email addresses.
> However, your email may be scraped by keyservers or keyserver-related
> applications that put your key information on a web page. But I seriously
> doubt that a spammer has ever gotten email addresses directly from a keyserver.
> - --
> Greg Sabino Mullane greg at turnstep.com
> PGP Key: 0x14964AC8 200412212044
> -----BEGIN PGP SIGNATURE-----
> -----END PGP SIGNATURE-----
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
More information about the Gnupg-users