email address anti-spam encoding in portfiles

Ian Eiloart iane at sussex.ac.uk
Thu May 17 04:00:45 PDT 2007 


--On 16 May 2007 17:12:10 -0700 James Berry <jberry at macports.org> wrote:

> Following discussion with several of you, and more thought, my thinking
> is now:
>
> 	(1) Obfuscate plain text email addresses by using the form:
>
> 		- tld/domain/username
> 			user at bar.com ==> com/bar/user

This won't always work (at least, not with simple implementations), since a 
slash is legal in an email local part (though often banned by local 
policy). However, if you used "subdomain.tld/localpart" you'd be OK, since 
the first slash would always be the separator.



> 		- if there are multiple components in the hostname, only the dot before
> the tld is turned into a slash:
> 			user at foo.bar.com ==> com/foo.bar/user
>
> 		- If the domain/tld is macports.org, then it may be dropped:
> 			user at macports.org ==> user
>
> 		Note that this is machine reversible, and also fairly easy for a user
> to produce manually, both of which are important considerations.
>
> 	(2) If a Portfile is submitted with a maintainer email address
> containing an @, we will accept it as such (this is up to the
> submitter/maintainer).
> 	      We're providing a means by which port maintainers may obfuscate
> their address, but not mandating that they do so.
>
> 		Note that this is also a machine detectable situation.
>
> 	(3) There are a number of other cases in which email addresses may show
> up. This doesn't attempt to deal with all of them yet. Small steps.
>
> 		Among these are:
>
> 			- CIA commit pages
> 			- Trac commits and perhaps bug reports too
> 			- Mailing list archives
> 			- irc logs
>
> If I don't hear any contradictory pleas soon, I'm going to move ahead
> with this, perhaps including auto fixing all the portfiles.
>
> James
>
> On May 15, 2007, at 6:25 PM, James Berry wrote:
>
>> I thought I'd run by everybody the novel concept of anti-spam
>> encoding email addresses in portfiles. For all other cases we could
>> obfuscate the address, but with Portfiles we're sortof stuck, since
>> we need to be able to make these available in raw form in various
>> places (svn, mpwa, etc).
>>
>> What if we adopt the convention in the maintainer field of using
>> user/domain instead of user at domain. I have a feeling the spambots
>> won't find that, and it's pretty easy to recognize as a user (or to
>> reconstitute as  a machine).
>>
>> So to be completely clear, I propose that we would encode my email
>> address (jberry at macports.org) as jberry/macports.org
>>
>> Feedback?
>>
>> James
>> _______________________________________________
>> macports-dev mailing list
>> macports-dev at lists.macosforge.org
>> http://lists.macosforge.org/mailman/listinfo/macports-dev
>
> _______________________________________________
> macports-dev mailing list
> macports-dev at lists.macosforge.org
> http://lists.macosforge.org/mailman/listinfo/macports-dev



-- 
Ian Eiloart
IT Services, University of Sussex
x3148

More information about the macports-dev mailing list