Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Address harvesting of EDUCAUSE?

From: Kevin Shalla <kshalla () UIC EDU>
Date: Mon, 28 Feb 2005 11:28:48 -0600
Would it be a good idea to require a login (and you're required to
subscribe to get a login) to search the archives?

At 01:28 PM 2/26/2005, Steve Bernard wrote:

Matthew Dalton wrote:

I would be curious to know if anyone that has not posted to the list
before has received spam.  Through a very simple script in UNIX, I was
able to get 84 addresses from the mailing list archive.  It seems that
the spammer wouldn't necessarily need to be a member of the list.  They
only need a web browser.  By the way, I ran the script from my home
machine, just to be sure that it was accessible from outside of .edu
sites.  Perhaps at the least these archives should be restricted to only
members.

lynx -dump
'http://listserv.educause.edu/cgi-bin/wa.exe?A1=ind0502&L=security&apos; |
grep 'From:' | awk '{print $NF}' | sort -u


Good example. Email address harvesting from public listservs, forums,
and websites has been going on for a long time. It seems that this list
hasn't been targeted before. At least not noticeably. It's a good way to
find live email addresses for directed marketing and other less
honorable purposes. Given the audience I'm a bit surprised that so many
seem to be experiencing this phenomena for the first time.


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.
Previous By Date Next
Previous By Thread Next

Current thread: