Date: Sat, 06 Feb 2016 10:57:24 +0800 From: qjail1 <qjail1@a1poweruser.com> To: ports@freebsd.org Subject: port maintainer address Message-ID: <56B56114.1000401@a1poweruser.com>
next in thread | raw e-mail | index | archive | help
A year ago I was receiving loads of spam email on the maintainer email addresses used in the ports makefile. I created bug tickets to change the user name part of the email address for all the ports I maintain, but some how I missed the qjail2 port. Now that port says its maintained by ports@FreeBSD.org and the spam email has stopped. Since bugzilla uses the port maintainer email address as the way to identify the port maintainer, I no longer can post updates to qjail2 port. This is a two sided coin. On one side [no more spam email] but on the other side [blocked from making port updates] to ports I am really the maintainer. Lest look at the big picture. The https://www.freebsd.org/cgi/ports.cgi?query=qjail2&stype=all website displays the maintainer email address for each and every port. A person doesn't have to be a genius to see that this is one of the places where email address are being harvested from. Why has Freebsd NOT done something to protect their port maintainers from spam. Bugzila is now the preferred way to report bugs in ports. There is no longer a need to publicly display the ports maintainer real email address on the ports website. The simple solution is to change the html code of the ports website to replace every where the maintainer's email address is displayed with ports@FreeBSD.org. That way the makefile info stays the same and bugzilla works the same. Your just changing what the public user and harvesters see. There are other places where this info can be obtained, such as //svnweb.freebsd.org/ports/. This is a very large doorway to all the ports maintainer email address. The big picture solution is to NOT carry the maintainer email address in the makefile at all. Have it entered into a secure maintainers database that only bugzilla has access to. You get the general picture here. I am sure there are people with a better understanding of the internal workings who can develop a better concept to prohibit the public from having access the ports maintainer real email address. Its time serious thought is given to this problem. Thanks for letting me stand on my soap box.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56B56114.1000401>