Re: OT: offending sig + headers
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday, May 18 at 10:36 AM, quoth Derek Martin:
> On Fri, May 18, 2007 at 12:36:50AM -0600, Kyle Wheeler wrote:
>> Mmm, I guess it all rests on the specific definition of "people I care
>> about receiving mail from", and in your case, it requires that people
>> find a way to contact you in non-private-email (or non-email) form
>> first, to request the secret address.
>
> It doesn't though. Right in my sig is all the information you need to
> find a way to send me a private e-mail. And it will take you all of
> about 5 seconds, if you have any idea how to use a web search engine.
Actually, gpg --recv-key was sufficient. (Though, to be honest, I'd be
kinda surprised if those aren't filtered; at least one of my friends
has a gpg-key-only email address (he likes tracking where spammers
cull his email from), and he gets a surprising amount of spam to that
address.)
> [admittedly, the first address you find no longer works, due to it
> getting spammed to death, but the second one you'll find does work.]
You mean the contact address for rssh, or the ones in your pgp key? My
brief forays into google revealed no email addresses for you that
seemed credible. Plus, I'd be shocked if any address so easily found
doesn't get spammed to death. (Though I suppose stranger things have
happened.)
> Two weeks ago, a buddy of mine sent me an invitation to go hiking.
> He sent it from an address I'd had no previous knowledge of.
> Using my method, I saw his mail immediately, and added a rule to
> sort it appropriately. No problem.
Fair enough; but I don't consider that situation a major problem for a
whitelist-based system. I maintain several mailing lists that are
subscriber-only lists. And several times a month I see members who
attempt to post from an address they didn't subscribe with. Almost
without exception, they figure it out and post from the correct
address thirty seconds later. If your friend is at least as
computer-literate as the folks on my lists (and I have no doubt he is,
given the nature of some of my lists), he'll do the same, and notify
you of his new address.
This is equivalent to the spam-control features of most IM systems.
The only people who can contact both you and me are people who are on
our "approved" lists (i.e. whitelists).
>> Given how you've criticized such filtering as potentially losing
>> mail, I don't see that this is a valid way to address the problem
>> of "people on mailing-list X wish to contact you".
>
> What you're missing is, I DON'T WANT THEM TO CONTACT ME.
Ahh, I see. This is a bit different than what you have said before,
and what is indicated by your sig. Rather than throwing out the
red-herring of suggesting that spammers are to blame, and that if only
they would go away you would be happy to entertain anyone's private
email, you could simply (and more honestly) say "Please do not attempt
to contact me off-list. I do not wish to speak to you privately."
>> Posting your IM screen name so that you can send each other your
>> respective email addresses is roughly the same as posting your
>> phone number to mailing list for the same purpose.
>
> Not at all. My MSN ID is kraiteredman. To IM me, you'll need my
> approval. Which I won't give, unless I can identify you from your
> screen name. And maybe not then. ;-) If I deny your request, you can
> never bother me again. It's actually really great.
You can do the exact same thing with email. It's really not hard.
>>> irc private message,
>>
>> Which is equivalent to IM, only it requires a slightly older and less
>> popular communication protocol.
>
> Not at all. Private IRC messages are not logged,
...oookay, so don't log your IM messages. Tada!
> no one can see them except the sender and recipient.
Which is identical to IM (ICQ, for example, has direct messaging, as
does Jabber).
> There is no possibility of having the address culled from such a
> message.
I didn't say there was, I just said it was equivalent to IM. The one
point you can make here is that IRC screen names are not permanent,
and can be changed at will---which is not significantly different from
telling someone "contact me at 139084u5ljkbdcyqjkb345c@xxxxxxxxxxxx
(email address only valid for the next half-hour)" because both
methods require effort from you (the recipient) to enable contact.
>> And my point is that they boil down to either providing some
>> permanent email-alternative (which can then be potentially
>> exploited by spammers of some variety) or a temporary mechanism
>> (url, email, what-have-you) which requires significantly more
>> effort.
>
> And your point is mistaken.
I'm not seeing how. What method of contact can you suggest that does
not fit into either of those two categories?
~Kyle
- --
A wise man changes his mind, a fool never.
-- Spanish proverb
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!
iD8DBQFGTcicBkIOoMqOI14RArZ7AKCxvnftJ6k7Dco2aKCGTefjPaivKQCgj6qo
FkLPzlNVTIp+Ysk8PK6+aj0=
=f1+H
-----END PGP SIGNATURE-----