Someone has harvested my address
David Shaw
dshaw at jabberwocky.com
Tue Sep 9 00:22:00 CEST 2008
On Sun, Sep 07, 2008 at 11:26:31PM +0100, Phil Reynolds wrote:
> Quoting "Bill Royds" <apple at royds.net>:
>
> > If you have added that address to a public PGP key server, that will
> > be the reason. spammers have been harvesting key servers within the
> > pgp.net domain for several years.
>
> I haven't - and I was aware of that harvesting.
>
> > As well, anything sent to a public list like this may be archived on
> > web pages, inviting harvest for spam.
>
> Yes, that was another thing I knew could happen. It just strikes me
> as a little strange that this one was the first hit.
There are (alas) many other ways for an address like that to leak. If
anyone on the list has a compromised box, the malware often takes
copies of addresses from email on the box to send spam to.
My favorite example of this is a list I run for members of my family.
There are only 14 people on it, it's not archived anywhere, and the
list isn't even visible on the list server box. A few months back, a
cousin got hit with some malware... and now the list gets dozens of
spams a day from around the world.
David
More information about the Gnupg-users
mailing list