Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Address harvesting of EDUCAUSE?

From: Stephen Bernard <sbernard () GMU EDU>
Date: Sat, 26 Feb 2005 14:28:10 -0500
Matthew Dalton wrote:

I would be curious to know if anyone that has not posted to the list before has received spam.  Through a very simple script 
in UNIX, I was able to get 84 addresses from the mailing list archive.  It seems that the spammer wouldn't necessarily 
need to be a member of the list.  They only need a web browser.  By the way, I ran the script from my home machine, just to 
be sure that it was accessible from outside of .edu sites.  Perhaps at the least these archives should be restricted to only 
members.

lynx -dump 'http://listserv.educause.edu/cgi-bin/wa.exe?A1=ind0502&L=security&apos; | grep 'From:' | awk '{print $NF}' | 
sort -u

--
**************************************************************************
|Matthew Dalton                     |Phone: (585)273-1721                |
|ITS Security Group                 |Email: Matthew.Dalton () rochester edu |
|University of Rochester            |                                    |
|Rochester, NY 14620                |                                    |
**************************************************************************


Good example. Email address harvesting from public listservs, forums,
and websites has been going on for a long time. It seems that this list
hasn't been targeted before. At least not noticeably. It's a good way to
find live email addresses for directed marketing and other less
honorable purposes. Given the audience I'm a bit surprised that so many
seem to be experiencing this phenomena for the first time.


Steve Bernard
George Mason University
Fairfax, Virginia

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.
Previous By Date Next
Previous By Thread Next

Current thread: