bbs.spamgourmet.com

[watchman]

(moderator - please delete this thread once the message has been passed on to the spamgourmet developers, to avoid spammers getting ideas).

Once spammers discover spamgourmet or similar sites, they could just simply create endless numbers of random "email addresses" using your base user name.

For example, if your username is "bobpatterson" which forwards email to "bobpatterson@hotmail.com".

Then a spamming programme, once it knows that your username is "bobpatterson" could send emails to the following email addresses:

xyz21381.20.bobpatterson@spamgourmet.com
asdfjl213.20.bobpatterson@spamgourmet.com
sdfds.20.bobpatterson@spamgourmet.com
43430sdfd.20.bobpatterson@spamgourmet.com

Of course - the first part doesn't matter, since spamgourmet recognizes only the "20.bobpatterson@spamgourmet.com" to forward emails to "bobpatterson@hotmail.com". So the spammers only have to make up random characters in the prefix to send spam to bobpatterson@hotmail.com.

What do you guys think?

[lwc]

What we think is you neither read the FAQ nor took a look in the advanced settings. In other words, if a spammer is on to you (which has never happened to me), just use watchwords and/or a prefix.

[watchman]

... I appreciate you letting me know about the advanced features, but you needn't sound so abrupt. I was only trying to help. I really appreciate spamgourmet and only want to make it better. My comment shouldn't be taken as a slight, which judging by the "tone" or your reply you have chosen to receive it as.

[SysKoll]

... I appreciate you letting me know about the advanced features, but you needn't sound so abrupt. I was only trying to help. I really appreciate spamgourmet and only want to make it better. My comment shouldn't be taken as a slight, which judging by the "tone" or your reply you have chosen to receive it as.

Watchman,

Thanks for the remark. It's a proof that you are, to quote the FAQ, using your brain, and that you are understanding both how sg works and how spammers think. That's constructive criticism, and open source projects like our LOVE it.

To answer your objection, you need to factor in that spammers are not ready to write special code just to deal with our paltry 80,000 users. That's a drop in the bucket in terms of user base, there is no economic incentive to spend even five minutes on that small a user base for a professional spammer.

So, while your remark is absolutely true, it describes something we won't see before our user base grows at least another 10-fold and we become a noticeable target. For now at least, the watchword protection is more than adequate for dealing with that scenario. The day we become a million-user site, on another hand, we'll have to rethink that.

[josh]

I was the first spamgourmet user (going back to summer, 2000, before it was public), and I've been very active in the last 6 years (but maybe not as much as some users). I have never used watchwords or a prefix (effectively remaining in "no-brainer" mode) and have never had a problem. Those features have been tested, and work, though .

[watchman]

well, well done on the prefix/watchwords idea - I would never have thought about it. It seems logically sound to me.

[lwc]

Sorry, watchman. I just pointed out one should read the FAQ before asking questions. No point in re-writing the FAQ inside the forum each time someone new comes by.

Also, I have to take back what I said because I'm starting to get spam for the first too.