Dear Jean, > > I'm quite surprised to find that the tickets are online on the web > > site, including E-mail addresses ... This always leads to more spam, > > often within a day. Could you please refrain from publishing E-mail > > addresses or construct an archive bots can't access? > > This is how open software development works. ?? I don't think it's normal netiquette to publish someone's E-mail address on a web site, without the person in question knowing, in any circles. OK, it happens, but by people not knowing about these things. I don't expect that here ... > You posted on our public website (and right now, to our publicly > archived mailing list), you published your e-mail address to the public > on your own. If you didn't want it to be known to the public, then you > should have refrained from adding it to the support ticket when you > created it, sorry. There is something very wrong with procedures here, I'll explain: - I had a simple user question and followed the 'Contact and Support' link. - At this page (now called 'Feedback and Support') I simply followed directions under 'Support Ticket'. There it says: "Note: In order to get rid of spammers, we had to block anonymous creation and edition of support tickets. We created a fake account you have to use instead. First log in with name "ticket" and password "need help" (in one word), then you can create a new ticket and later edit it. Put to CC: your mail please!" - So nothing there which warns me I'll be publishing my E-mail address, quite the contrary: you seem aware of the risk of spammers. The urgent request: "Put to CC: your mail please!" (in bold) is not explained(!), but seems logical: I'll get a copy myself and you know to which address to answer. - I got an answer by E-mail (thanks :) which even contains the line "* cc: boyd2006 at sociamedia.nl (removed)" - At this point my message is already up on a wiki page, with my address! - By replying to your answer, I automatically post to your mailing list and to a public archive, again publishing my E-mail address. And again there is no way to know that. There simply is a 'reply to:' address (lm-sensors at lm-sensors.org) in the header. - Only when I would be very suspicious (why? no reason up to now) I would examine the address lm-sensors at lm-sensors.org via a web search, to find out it's a mailing list address. And I 'could have read' a blurb on mailing lists on the 'Feedback and Support' page and maybe could have noticed from memory (...) this could be the address I'm automatically replying to. Quite a long shot, isn't it? And I did not read that, I did not want to subscribe, I just had a question, so moved on to the 'Support Ticket' blurb on the page. Besides this, I'm also very surprised to find you publish all addresses of posters in the public mailing list archive too. Subscribers don't need these addresses, they already see them in the mail. And what's more: the version of Mailman you're using, makes it very simple to remove (machine) readable addresses from the web archive (feature added by 'public demand') ... Now I'm quite prepared for these things happening as you can see from my disposable address. (Most people are not, just having one address with their provider). Still I'd like to restrict the harvesting of my addresses to not preventable cases, like infected PC's :) I also hope to convince you to take action for other reasons: Fighting spam with 'software filtering' (I guess you do that extensively, since mailing lists are even open to non subscribers) is very 'old school' these days. As you will know there are days when over 90% of E-mail traffic are spam and viruses. This means the infrastructure and servers need 10 times the capacity they would need to just handle normal E-mail, and you need overhead to run heavy filtering software. Any idea what this means for energy use and climate change? In the US already 1.2% of all electricity is used by internet servers (and their cooling) only! So fighting spam and viruses should be done by prevention as much as possible (like using images of E-mail addresses with mailto scripts and refusing most spam and virusses 'at the front door'). It works and saves money too. Many years back our P166 server (30-41 watt) with loads of web sites, mailing lists and E-mail addresses was already choking during spam waves. Since we implemented preventive actions, it's running over 95% idle again most of the time. No need to upgrade, w're even 'downgrading' to a more energy efficient server :) All the best, Boyd Noorda
