Re: Vendors spamming NANOG attendees

[Mike Hammett <nanog () ics-il net>]

I'm still not sure people understand the situation. There's an attendee list, but that list doesn't have e-mail 
addresses. It didn't come from the mailing list. The person looked up who went to the conference and then found their 
e-mail address elsewhere. I also don't think the above is wrong in any way and people should just get on with their 
lives. 




----- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

----- Original Message -----

From: tim () pelican org 
To: "NANOG" <nanog () nanog org> 
Sent: Tuesday, June 20, 2017 8:37:09 AM 
Subject: Re: Vendors spamming NANOG attendees 

On Tuesday, 20 June, 2017 14:26, "Rod Beck" <rod.beck () unitedcablecompany com> said: 

> And how do you tell if an address was scraped or not? There are databases and 
> zillions of other ways of gaining addresses. 
>
>
> I doubt you can distinguish the source with any real reliability. 

Depending on whether you're registered with personal or corporate email, and how much control you have over the 
platform in question, you can distinguish the source with fairly high reliability. Just generate a new 'bob+nanog70 () 
bobsdomain org' style address for every event you register for, every website that requires a contact address, every 
mailing list, ... 

If you're concerned that people will twig, and use the naked 'bob@' address, you could work with multiple names 
including a hash that look like internal nonsense, e.g. 'bob34adf@', or block the un-plussed 'bob@' entirely and use 
e.g. 'robert@' for people you trust to have your real, non-circumstance-specific email address. 

I know people who do this, it really depends how much you care about being able to trace and block people who are 
either scraping or re-selling your details. 

Regards, 
Tim.