Security Basics mailing list archives

SF archives (was: RE: Majordomo Could Mean Major Spam)

From: Kelly Martin <kel () securityfocus com>
Date: Tue, 9 Sep 2003 16:12:10 -0600 (MDT)

On Tue, 9 Sep 2003, David wrote:

Folks, if you use this list and use a real email address (kinda impossible
not to, eh?) then you end up in Bugtraq's web page BY EMAIL ADDRESS anytime
you post. Spammers obviously spider the web site regularly. I get an average
of 80 subject related emails a day from the two lists on bugtraq I want. I
average 10-20 spams, mostly viagra, loan, pharmaceutical, and "I've go a
couple million here in Nigeria, and I need your help"s.


Bugtraq's official archives are on the SecurityFocus Web page at
http://www.securityfocus.com/archive/1. Note that several other websites
archive Bugtraq as well as other SF lists (including Security-Basics)
for public access. You can even find offsite RSS feeds if you want them.
SecurityFocus has always run Bugtraq since the very beginning.

I don't see how they can have the archives safe from spiders unless:

Bugtraq starts saving their archives as JPGs or such.


We already changed the way we archive messages for all mailing lists
(including Security-Basics and Bugtraq) which makes it extremely difficult
for email addresses to be spidered now. We removed all the @ and . symbols
within all identifiable email addresses, both in the header and body of
all messages. This is effective throughout the entire SecurityFocus set of
archives, from its early inception to present. Check out any of the
archives and you'll see what I mean.

I personally love the idea. Bugtraq will hate it because:

They don't get the spam. They would have to convert the mess to pictures.
Wasted time in their minds.


We get boat loads of spam here at SecurityFocus, rest assured. We also
procession millions and millions of messages a day. The JPG conversion
isn't practical because the text no longer becomes easily searchable.

I'd LOVE it.

Moderator, whats the official stand of bugtraq?


I'm the moderator for Security-Basics, not Bugtraq, although the above
comments about the archive apply to both. We consider Bugtraq to be the
cornerstone of the security community. Can you please post further
questions about Bugtraq on the Bugtraq mailing list?

Regards,

-- Kelly Martin <kel () securityfocus com>

---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

Fwd: [ISN] Majordomo Could Mean Major Spam Jay Woody (Sep 08)
- Re: Fwd: [ISN] Majordomo Could Mean Major Spam Kelly Martin (Sep 08)
- RE: [ISN] Majordomo Could Mean Major Spam David (Sep 09)
  - SF archives (was: RE: Majordomo Could Mean Major Spam) Kelly Martin (Sep 09)
  - Re: [ISN] Majordomo Could Mean Major Spam Ansgar Wiechers (Sep 10)
  - Re: [ISN] Majordomo Could Mean Major Spam N407ER (Sep 12)
- <Possible follow-ups>
- RE: [ISN] Majordomo Could Mean Major Spam Brian Dunbar (Sep 09)