Last time I looked, EFF allowed people to sign-up for newsletters without verifying the email address first. It's not inconceivable that they are, therefore, sending unsolicited emails to people who didn't sign up.
Agreed. The EFF is not well known for being on top of server security. Remember the John Gilmore vs Verio case?
I'd really be willing to accept either explanation.
I KNOW for a fact that many of the razor users are truly terrible about their spamtraps. I've had many cases where confirmed-opt-in and paying customer only lists have gotten hit by razor.
And strangely the most common ones I have problems with are tech industry newsletters that IT pros might intentionally subscribe to (I'm a programmer by trade mind you, so this intersection is smaller than you think)... I just very much seems like it's common practice to put old email address into the spamtrap after they've been dormant for a couple months.
Pyzor I can't speak to, as I've not used it. However, I am seeing a noticeable number of bad hits in the hash engines I do use, namely dcc and razor.. Some of it is badly maintained lists that will auto-subscribe anyone in a viruses forged "from" header, but some of it also seems to be unmonitored spamtraps.
How many on the list have checked the contents of your spamtrap in the past week? If so, congratulations, you're probably one of the few. What about the past month? Has it been over a year?....
