Keyserver spam example
expires2010 at ymail.com
Thu Jun 10 17:29:18 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
On Thursday 10 June 2010 at 3:35:34 PM, in
<mid:201006101635.36328.joke at seiken.de>, Joke de Buhr wrote:
> I've never gotten any keyserver related spam so far and
> my public keys with a valid mail address were published
> year ago.
In order to *know* you have never received any keyserver-related spam,
I take it the valid address on the key you published has never
received any spam at all.
I have a key with a valid (but unused) address that I published as a
test three months ago. Since the address has never been used at all
for any purpose, anybody using that address could only have got it
from a keyserver. So far it has received no incoming messages at all.
I have another key on the servers that shows a genuine address and has
been there at least 18 months. I do use that address, but not for
mailing lists, groups, etc. Spam typically comes in at the rate of
about two or three messages a month. I have no reason to suspect the
spammers harvested the address from a keyserver, but no way of knowing
David's example with the spammer saying where they got the address is
very unusual, to say the least.
> I think it's more likely you will get spam because you
> are posting to a mailing list which does have a html
> archive (liks this one).
No comment on probabilities, but I should have thought going to the
web interface of a keyserver and searching on "2010" (for example)
would be a more efficient place to harvest email addresses than
trawling through mailing list archives.
> If you want to get rid of most spam, just filter
> everything sent from dynamic ip addresses and you're
Only if you consider sacrificing some legitimate incoming mail to be
MFPA mailto:expires2010 at ymail.com
There is no job so simple that it cannot be done wrong
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users