Keyserver spam example

MFPA expires2010 at ymail.com
Thu Jun 10 17:29:18 CEST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Thursday 10 June 2010 at 3:35:34 PM, in
<mid:201006101635.36328.joke at seiken.de>, Joke de Buhr wrote:


> I've never gotten any keyserver related spam so far and
> my public keys with a valid mail address were published
> year ago.

In order to *know* you have never received any keyserver-related spam,
I take it the valid address on the key you published has never
received any spam at all.

I have a key with a valid (but unused) address that I published as a
test three months ago. Since the address has never been used at all
for any purpose, anybody using that address could only have got it
from a keyserver. So far it has received no incoming messages at all.

I have another key on the servers that shows a genuine address and has
been there at least 18 months. I do use that address, but not for
mailing lists, groups, etc. Spam typically comes in at the rate of
about two or three messages a month. I have no reason to suspect the
spammers harvested the address from a keyserver, but no way of knowing
they didn't.

David's example with the spammer saying where they got the address is
very unusual, to say the least.



> I think it's more likely you will get spam because you
> are posting to a mailing list which does have a html
> archive (liks this one).

No comment on probabilities, but I should have thought going to the
web interface of a keyserver and searching on "2010" (for example)
would be a more efficient place to harvest email addresses than
trawling through mailing list archives.



> If you want to get rid of most spam, just filter
> everything sent from dynamic ip addresses and you're
> fine.

Only if you consider sacrificing some legitimate incoming mail to be
"fine."



- --
Best regards

MFPA                    mailto:expires2010 at ymail.com

There is no job so simple that it cannot be done wrong
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTBEExqipC46tDG5pAQpJcQQAiip5avz//ftrN9jlY1v0rppjyTo4c9Mg
kmP0uGH+T4RFY4iCn9zt2p+TllYFrUp10cQae3g3tk7EG/d0QGoqps9QSQS2tkiP
/O38HFJ+/snJ6uNT6bxnaFfMBmKQfVZzmhYFt/rYEfF2/zRZuOZabUkUyEhIHZ5I
BLtFsgletuo=
=WpLL
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list