Date: Tue, 09 Feb 2016 15:03:23 +0100 From: Michelle Sullivan <michelle@sorbs.net> To: qjail1 <qjail1@a1poweruser.com> Cc: Kurt Jaeger <lists@opsec.eu>, ports@freebsd.org, portmgr@freebsd.org Subject: Re: port maintainer address Message-ID: <56B9F1AB.1080208@sorbs.net> In-Reply-To: <56B80099.3070606@a1poweruser.com> References: <56B56114.1000401@a1poweruser.com> <20160206063406.GP46096@home.opsec.eu> <56B80099.3070606@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
qjail1 wrote: > Kurt Jaeger wrote: >> Hi! >> >>> A year ago I was receiving loads of spam email on the maintainer >>> email addresses used in the ports makefile. I created bug tickets to >>> change the user name part of the email address for all the ports I >>> maintain, but some how I missed the qjail2 port. Now that port says >>> its maintained by ports@FreeBSD.org and the spam email has stopped. >>> >>> Since bugzilla uses the port maintainer email address as the way to >>> identify the port maintainer, I no longer can post updates to qjail2 >>> port. >> >> We'll understand that the patch comes from you, so just submit it. >> >>> Why has Freebsd NOT done something to protect their port maintainers >>> from spam. >> >> Because if you think that not having the email addresses in the port >> protects you from spam, this probably will not scale. Spam defense is >> not a task the FreeBSD project can also take on, in addition >> to all the others. >> > > In todays world the normal, customary, and prudent methodology is to > protect a users email address from public view so its increasingly > more difficult for it to be harvested for targets of spam. I ask WHY > is the Freebsd ports system using a very old methodology that was > designed over 20 years ago, before the birth of spam. The majority of > customer websites and programming development websites all have > protected their user email addresses, WHY NOT FREEBSD? Actually that's the very reason I am a port maintainer > > It's way past the time that this problem gets the attention it deserves. > Lets at least create a project to analyze the ports system "Maintainer > email address" to see just what would be involved in populating it > with a dummy value so every place it is viewable to the public the > real content is masked, this includes the down loadable ports tree. > I'd rather give people email addresses to use and keep the real ones in the tree easily scrape-able. Michelle -- Michelle Sullivan http://www.mhix.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56B9F1AB.1080208>