On Mon, Jun 22, 2009 at 02:37:16PM -0700, Steve Atkins wrote:
Also any actual usage of an email address leads to it being in a mailbox
on a Windows machine. That, in turn, leads to it being sprayed all over
the internet by viruses, and hence harvested by spammers.
I have lots of uniquely created addresses that were provably not guessed
that get a lot of spam via that route.
Precisely correct, and worth emphasizing. I've gone so far as to
deliberately embed non-guessable addresses in the headers of single
messages sent to single recipients -- and have subsequently received spam
at some of them. And of course addresses used repeatedly with multiple
recipients tend to attract spam much quicker, since such usage increases
the probability that the addresss will show up on a compromised system.
It's no longer possible to keep any email address that's actually
used out of the hands of spammers, at least not for long. (I often
find it ironic how many people using obfuscated domain registration,
putatively to keep addresses away from spammers, are running Windows on
their desktops or laptops, and thus are either (a) already compromised or
(b) going to be compromised.)
---Rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg