And I'll add that one of my personal email accounts that has never been shown in any public place or archive to my knowledge, gets a dozen spams a day that make it thru my provider's spam filter (Spamassassin). Considering that I get fewer than one message per day of legit traffic on that account, the S/N ratio is pretty annoying. (I'm considering abandoning that account and just using gmail.)
I have another address that I use in very selective ways, and it also gets spam. Anyway, the answer to Mimi's question is regrettably "very naive", I think because brute-force namespace attacks now seem to be as common as harvesting addresses from public pages, list archives, etc. If you send to an arbitrary string of characters at an arbitrary domain, and don't get a bounce, you (the spammer) have just found a valid address to continue spamming. -teg On Fri, 21 Jul 2006, Oren Sreebny wrote: > Mimi and all - > > Our experience here at the UW, running email for something greater than 50k > users, is that, as of last month, 65% of the incoming messages are scored by > our spam filter (PureMessage) as having a >50% chance of being spam. We're > processing more than fifteen spam messages per second, on average. > > Those figures are somewhat lower than I heard reported by the folks who run > one of the huge free public web-mail services last month. > > - Oren > > On Jul 19, 2006, at 10:59 AM, Mimi Yin wrote: > > > I have 5 personal email addresses that I never give out to any web services > > / on-line retailers, with perhaps 3 exceptions...and I basically don't get > > any SPAM. > > > > 2 of these addresses I've had for a couple of months. 1 of the email > > addresses (gmail), I've had for a almost 1.5 years? 1 email address I've had > > for almost 7 years. The last email address, I've had for over 10 years. I > > know that the 10 year-old email address has been submitted at least 10 times > > to various websites by friends: nyt.com, evite, networking sites, etc. > > > > I don't have whitelists, blacklists, special filters or anything. Is it just > > the magic server-side SPAM filters? > > > > I have 2 spammy email addresses (yahoo and hotmail). I get 'spam' from > > online etailers where I've signed up for accounts using these email > > addresses. But I don't get much 'unsolicited' spam. > > > > My OSAF email I get tons of spam, even though I've never intentionally > > handed it out, but it's publicly available through our mailing list archive? > > > > How naive is it to hope that the email addresses we provide for shared > > collections could escape SPAM the way my personal email addresses seem to > > have escaped SPAM? (It seems unlikely that users will use their > > [EMAIL PROTECTED] email address to sign up for accounts > > on web sites.) > > > > Is ' we don't have resources to implement an effective server-side SPAM > > solution' an argument for shifting the burden of preventing/managing SPAM > > onto the user in the short-term? > > > > What are other people's experiences with email accounts and SPAM? > > > > Mimi > > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > > > > Open Source Applications Foundation "Design" mailing list > > http://lists.osafoundation.org/mailman/listinfo/design > > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > > Open Source Applications Foundation "Design" mailing list > http://lists.osafoundation.org/mailman/listinfo/design _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Open Source Applications Foundation "Design" mailing list http://lists.osafoundation.org/mailman/listinfo/design
