procmail
[Top] [All Lists]

Re: Plussed addresses (Re: Passing RCPT_TO value to procmail)

2001-12-13 20:56:54


On Thu, 13 Dec 2001, Bart Schaefer wrote:

Be careful with this.  Based on the unknown-user notices that come to the
postmaster here, it's a farily common "address scrubbing" botch for
spammers to either drop the plus sign and mash the two parts of the
address together, or to use only what's to the right of it.  So if you
don't choose the plussed part carefully, you'll just direct the spam to
somebody else.

Good :-)

I had a real address that was 'nospam(_at_)myisp(_dot_)net' which allowed 
plussed
addresses which I created for mailing lists, etc.

I found that spammers were removing the 'nospam+' which worked very well
indeed.


I've even seen some legitimate mailing lists get confused by plussed
addresses, probably because they're using web-based list maintenance tools
and the plus gets treated as if it were in a URL.  (Try putting a plussed
address in a mailto: link and then clicking on it from IE5).

Yeah, there are quite a few "put your email address" web forms that choke
on plus signs


TjL



_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>