[linux-elitists] e-mail scriptrollas

Adam Kessel adam@bostoncoop.net
Fri Sep 12 16:17:56 PDT 2003


On Fri, Sep 12, 2003 at 04:10:15PM -0700, Nick Moffitt wrote:
> > Good point, I should have thought of that. I suppose you'd then want a
> > whitelist of either email addresses or URL domain names. Maybe it gets
> > too complicated to be worth the trouble.
> E-mail whitelists have always been useless, since e-mail
> headers are inherently forgeable.

Maybe not for the limited purpose of deciding when to follow links in
incoming email for caching linked articles for offline reading. Although
I receive plenty of email with forged headers, looking back over the last
couple of weeks, I don't see any examples where this sort of whitelist
would have failed.

In any case, the worst case scenario if a spammer forges the address of
someone in your whitelist is that you happen to cache whatever page
they've linked in their message to you. At this point, as I receive
sometimes hundreds of spam messages a day, I'm not sure it really matters
whether I've "confirmed" my existence as a live email address or not.
-- 
Adam Kessel
http://bostoncoop.net/adam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030912/b36d9fe7/attachment.pgp 


More information about the linux-elitists mailing list