Keyserver spam example

MFPA expires2010 at
Thu Jun 10 17:29:18 CEST 2010

Hash: SHA512


On Thursday 10 June 2010 at 3:35:34 PM, in
<mid:201006101635.36328.joke at>, Joke de Buhr wrote:

> I've never gotten any keyserver related spam so far and
> my public keys with a valid mail address were published
> year ago.

In order to *know* you have never received any keyserver-related spam,
I take it the valid address on the key you published has never
received any spam at all.

I have a key with a valid (but unused) address that I published as a
test three months ago. Since the address has never been used at all
for any purpose, anybody using that address could only have got it
from a keyserver. So far it has received no incoming messages at all.

I have another key on the servers that shows a genuine address and has
been there at least 18 months. I do use that address, but not for
mailing lists, groups, etc. Spam typically comes in at the rate of
about two or three messages a month. I have no reason to suspect the
spammers harvested the address from a keyserver, but no way of knowing
they didn't.

David's example with the spammer saying where they got the address is
very unusual, to say the least.

> I think it's more likely you will get spam because you
> are posting to a mailing list which does have a html
> archive (liks this one).

No comment on probabilities, but I should have thought going to the
web interface of a keyserver and searching on "2010" (for example)
would be a more efficient place to harvest email addresses than
trawling through mailing list archives.

> If you want to get rid of most spam, just filter
> everything sent from dynamic ip addresses and you're
> fine.

Only if you consider sacrificing some legitimate incoming mail to be

- --
Best regards

MFPA                    mailto:expires2010 at

There is no job so simple that it cannot be done wrong


More information about the Gnupg-users mailing list