Someone has harvested my address

David Shaw dshaw at
Tue Sep 9 00:22:00 CEST 2008

On Sun, Sep 07, 2008 at 11:26:31PM +0100, Phil Reynolds wrote:
> Quoting "Bill Royds" <apple at>:
>  > If you have added that address to a public PGP key server, that will 
> > be the reason. spammers have been harvesting key servers within the 
> > domain for several years.
> I haven't - and I was aware of that harvesting.
> > As well, anything sent to a public list like this may be archived on 
> > web pages, inviting harvest for spam.
> Yes, that was another thing I knew could happen. It just strikes me
> as a little strange that this one was the first hit.

There are (alas) many other ways for an address like that to leak.  If
anyone on the list has a compromised box, the malware often takes
copies of addresses from email on the box to send spam to.

My favorite example of this is a list I run for members of my family.
There are only 14 people on it, it's not archived anywhere, and the
list isn't even visible on the list server box.  A few months back, a
cousin got hit with some malware... and now the list gets dozens of
spams a day from around the world.


More information about the Gnupg-users mailing list