spam-proofing my mhonarc archive

[Mark Stosberg <mark@summersault.com>]

Hello,

I just took a couple of measures to spam proof my mhonarc archive
(using 2.5.14). I saw tips like these posted on the list before, but my
solution was a little different, so I thought I'd share it.

In particular, I didn't want to just "XXXX" out the domain name, because
I wanted people to be able to contact the original authors of messages.

1. Protect .mhonarc.db
First, I noticed that my ".mhonarc.db" was web-visible, and it
contained a handy list of e-mail addresses that could be grabbed by a
e-mail harvester. My first task was to move this out of web-space. Mhonarc now
supports this directly. I just had to move the file, and update my
.qmail file to add

	-dbfile /path/to/new/.mhonarc.db

2. Protect new mail
To protect new mail sent to the archive, I used some features built-in
to this version of mhonarc, by updated my mhonarc.rc file for my
list. Here's what I used:

	<!-- ANTI-spam section -->

	<SPAMMODE>

	<!-- update address to look like "user at host dot com"  -->
	<ADDRESSMODIFYCODE>
	s/\@/ at /;
	s/\./ dot /g;
	</ADDRESSMODIFYCODE>

	<!-- update mailto: URLs to look like "userNOSPAM@NOSPAMdomain.com" -->
	<MAILTOURL>
	mailto:$TOADDRNAME$NOSPAM@NOSPAM$TOADDRDOMAIN$
	</MAILTOURL>

	<!-- / ANTI-spam section -->

3. Protect existing mail
The above measure doesn't fix the headers of current messages. For that,
I used a bit of perl to make these address look like "user AT host DOT
com".

	perl -pi -e 's/([-A-Za-z0-9.]+)\@([-A-Za-z0-9.]+)\.([A-Za-z]+)/$1 AT $2 DOT $3/g' *.html

You may wish to update my "recipes" to suit your particular obfuscation
tastes.

To see it in action, my list archive is here:
http://www.skatepark.org/lists/public-parks/

  Mark

--
http://mark.stosberg.com/

---------------------------------------------------------------------
To sign-off this list, send email to majordomo@mhonarc.org with the
message text UNSUBSCRIBE MHONARC-USERS