(Close Window)
Topic: Spam
Message: Posted by: omnibozo (Sep 24, 2002 08:36AM)
Someone has been harvesting email addresses from your site. Most recently I received one from a person listing this: http://www.geocities.com/cafecutie21

as their website... nothing came up, though I can guess the content. In addition, someone has scammed my address and is using it to spam people I have never heard of... I keep getting the bounced messages because the sender's mail is virus filled!

While openness is wonderful, perhaps we need to better protect our addresses.
Bob LaRue
Omnibozo
Message: Posted by: Tom Cutts (Sep 24, 2002 11:32AM)
Your returned email issue may have nothing to do with The Cafe.

I had a friend who knew he had the Klez virus but didn't get around to clearing it out for several months. His machine was sending mail using his address list as the sender. I would recieve all sorts of bounced emails from all sorts of places.

Once he cleared the virus, I stopped getting the bounced emails. I'm not sure how much you know about email headers but (if you don't know) viewing the full header information may be of some assistance as to the source.

Hope that helps a little.

Tom
Message: Posted by: Nae Blis (Sep 24, 2002 01:35PM)
Actually Tom, he's right. This is a serious problem and I don't mean the virus.

I have also received emails from Cafécutie21 and I don't appreciate it. Our emails are being harvested by spiders just like google indexes our posts. I don't like getting spammed and there is little you can do about it. There are, however, some solutions.

This should not make us remove all of our emails from other Café members, but what you can do is a little javascript trick that will make the spiders harvest illegal(syntaxually) emails.

<script language="javascript">
function sendmail (address) {
address = address.split("*"); // Change the * to any string for better personalization
address = address.join("@");
window.open ('mailto:'+address,'_blank');
}
</script>

There is an example, but the Café programmers can do it just as simple with php. As soon as the email is pulled from the DB, it's piped off to a function that does a
<script>
convert like above
document.write new email
</script>

Or you can write a sql script to modify all the data in the Db, but that's a bad idea.

Might as well throw the link in there to a reference site in case the admins are interested.

http://www.scriptsearch.com/cgi-bin/jump.cgi?ID=5618

The site even goes on to mention a simple way to catch the people doing the email hunting.....

You're not powerless....if you know who's doing it. Translating an IP address into an ISP is very simple and a phone call to an ISP can go a long way.
Message: Posted by: Gene (Sep 24, 2002 05:47PM)
This is what Mary's email address looks like (as do all others) in the source code generated by the forum on the profile and memberlist pages:

mary&#64;gmbwebworks&#46;com

Unless I'm mistaken - and if I am please feel free to correct me - this would do the same thing as a javascript write, which is to keep the email address out of the source so the spiders can't grab it.

This was the solution when the subject came up months ago, and it avoids using javascript. Those areas (memberlist, profile) are the only places the forum shows email addresses from user profiles, except when somebody puts their email address directly in a signature or a post. The forums don't filter those areas, with the exception of stripping HTML, banned words, and its BBcode functions.

Is it suggested, then, to filter posts and signatures the same way? That concern wasn't raised before.

Then again, there's Mary's "Cafe" email address ... ****@themagiccafe.com ... this has never been posted, used, given to anyone, or otherwise used anywhere at all, but she got the spam email at that address. So, the question is: is this a forum issue, and is there really anything that can be done to stop it?

For what it's worth: My email address is not public on the forum, and I did not post it or include it in my signature at any time. I did not receive the spam email.
Message: Posted by: x-treem (Sep 25, 2002 03:49AM)
I have mine listed in the profile, normally, and have not recieved the spam, but I saw a post about it else where at the cafe that stated it had been moved to a section I do not have access to? Must be The Kitchen!

Here I use a Yahoo! address in order to keep this from coming home. Yahoo has a bulk folder that I never look at when spam comes in.

I did get a spam from that junk Superhandz site though at my Yahoo! email. [i] I appologise to the Superhandz site for this blast it was a misunderstanding. The post came through in my bulk folder but was intended for me in conjunction with my own underground site, again sorry[/i]
Message: Posted by: Nae Blis (Sep 25, 2002 08:49AM)
Yep, I posted my email in a message, that explains why they got it. As a matter of fact can you replace the "@" and the "." with the html special characters, I would appreciate that. Don't need my email propogating everywhere. the link is.
[url=http://www.themagiccafe.com/forums/viewtopic.php?topic=8443&forum=50]Here![/url]

So how did they get emails that have never been posted? That's scary.... Database access? Mary's email is simple and was just generated? random_name@themagiccafe.com would be quite simple to generate. But if she has a complicated email address, sounds like a more serious problem.... Could your ISP be selling you out? Only reasonable thing I can think of.
Message: Posted by: Gene (Sep 25, 2002 11:16AM)
Using ASCII characters to change your email address wouldn't work - the forum strips HTML and shows it as it was typed. I would suggest editing your post yourself and either adding a word after the @ in caps (i.e., REMOVE), or direct the reader to view your profile for your email address.

As for Mary's email address, the one you typed isn't accurate, but that's okay. It's not new, but I can tell you it is nowhere to be found in the database. Our ISP (chartermi.net) would have no clue about email addresses outside their own system (at least ours, anyway), so that can't be it either. We have no idea how her email address was found. It could be as simple a thing as a guess. Who knows?
Message: Posted by: Nae Blis (Sep 25, 2002 02:22PM)
I asked because the topic is locked and I cannot edit my old post displaying my email. It's no big deal, but I'd prefer to reduce my spam in the future. I did make my email available through my profile.
Message: Posted by: Mary B. (Sep 25, 2002 03:19PM)
I edited your post for you, Nae. Kind of like shutting the barn door after the horses have escaped, but it will keep future spiders from picking it up.
Message: Posted by: Gene (Sep 25, 2002 03:51PM)
Sorry Nae, I didn't notice the topic was locked. :(
Message: Posted by: Nae Blis (Sep 25, 2002 11:31PM)
no problem, thx guys. Only a few horses escaped, most of them never noticed the open door.
Message: Posted by: Scott Xavier (Oct 6, 2002 05:26AM)
I have mine posted, and have noticed an increase in junk mail....