I posted my brand new address on WebWord on one occassion. A few days later a rich Nigerian wanted my money.

A web site has a responsibility to take at least modest protective measures for the personal information I give it. If not, the web site shouldn't be asking me for information it has no intention of protecting. Why is it we place 100% of the responsibility on users?

Posted by: Daddy Warbucks on April 22, 2003 09:43 AM

---

 

John, if you update your MovableType installation to the latest version, you'll find spambot protection is built-in.

Daddy Warbucks, are you sure this is the only place you posted it? Many mailing lists have public archives that can be scraped for email addresses. Also, many spammers do "directory" attacks on common names combined with domain names.

Posted by: MadMan on April 22, 2003 10:09 AM

---

 

It was a harvester combing WebWord because WebWord was the _only_ place I used the address at that time (a freebie address from one of the major portals), and no dictionary attack would get my username. I receive about 5 spams a month now, 1 of 5 is a Nigerian scam. I now alter my address (@nospam.hotmail.com, etc.) when posting to a web site.

I reply to the Nigerians because I know a human reads them, but so far they have rejected my invitations to my house party. They seem to be a most inhospitable people.

I don't really care; I'll dump the address when I tire of it.

Posted by: Daddy Warbucks on April 22, 2003 06:31 PM

---

 

I've had my address harvested from here too - I have a wildcard setup so always use site-specific addresses when posting to blogs. Don't bother to post it anymore, don't see the point.

Posted by: Boyink on April 23, 2003 03:46 PM

---

 

I use an anonymizing service called "Sneakemail" (http://www.sneakemail.com) that allows you to generate email addresses unique to each location you want to post an email address to (for example, 1qk3O863@sneakemail.com). Any mail sent to these addresses is forwarded to the real address or addresses you specify. The mail "from" block and header contain the identification of the site on which the email address was posted, thereby allowing you to see where the address was harvested from so that you can send an email to the site administrator asking him to block spam harvesters from his site. The service not only has basic allow/deny-type blocking, but also allows you to create rule-based filters. When an address starts getting spam, you can delete it and all subsequent mail will be denied. They have a free basic service that allows a maximum message size of 150k, a maximum monthly bandwidth usage of 10MB, and unlimited addresses. For $2/month, you get a maximum message size of 500k, a maximum monthly bandwidth usage of 50MB, unlimited addresses, and some other nifty bells and whistles. I can't say enough good things about this service.

Posted by: PaulG on April 24, 2003 11:14 PM

---

 

Yeah, I've had my address harvested from here, and Amazon.com sends you a FLOOD of spam even if you opt-out of everything during sign up. I had an address from a former ISP that I had never used before and within a week I had 4-5 spam mails daily. At least I never check that account.

Posted by: Lydia on April 25, 2003 01:44 PM

---