Email visible to all

sd superduper3000 at outlook.com
Thu Aug 21 16:16:29 UTC 2014 

I also no dot like my email to be visible in the web mail list. However,
unlike you, I looked and got informed first before I joined the mail
list - then I created a funny email address at outlook.com (which you
can see) that I use only for this list.

Outlook.com blocked this email address once last year. I could see all
my emails and receive emails from this list, but they did not allow me
to send emails (so I could not respond). I  had to go one month over
microsoft email support to get back access. They told me it was somehow
compromised - however there were no emails send from or deleted from it.
I guess someone had guessed the password or something like that given my
initial password was relatively weak.

Once they restored my full access, I changed the password to a random
string of maximum allowed length. My desktop email client remembers the
random password. So it could be that just by using this list your email
gets compromised if you password is weak.

Anyway even if they remove your email from the web, a spammer could in
theory be also a (respectable :) member of this list and can still see
all emails via the email program. The best would the mail list software
does not send the emails at all, but it is too much I think to ask them
change it. The email are also referenced by the email program when you
reply, so your email now ends up also in the message body text (I put
... for your email in the quoted text in this answer :).


On 20/08/14 21:45, Richie Bloss wrote:
> Thanks I will work this from a different angle & try to contact
> someone from the main lists page, perhaps they can remove
> references to my name/email.
>
> Open shouldn't mean avail for spammers to grab your email.
>
>
> On Tue, Aug 19, 2014 at 6:00 PM, ∅ <ca .... @yahoo.com
> <mailto:carsrcoffins23 at yahoo.com>> wrote:
>
>     > I am
>     > concerned that a security hole is present.
>
>     It seems this is not consistent with the definitions one can find,
>     such as:
>     https://en.wikipedia.org/wiki/Security_hole
>
>     > When I did a Google search on my name yesterday an old post to
>     the *mailing
>     > list * dated 7/22/2013 appeared with my gmail id.
>
>     It's obfuscated. Spammers are not likely to make much use out of it.
>
>     If you're trying to hide your email from the Internet, then that may
>     be a problem, but that's totally consistent with the ENTIRETY of
>     Ubuntu's mailing lists. If you have a problem, you need to bring it to
>     Ubuntu as a whole. There are ways around this given the software used
>     (mailman), but it's not Lubuntu's fault. You should look at the main
>     lists page and find some people to contact there:
>     https://lists.ubuntu.com/
>     (yes, all those lists have this problem)
>
>     > Also I can access the The Lubuntu-users Archives without any
>     login process
>     > & my along all other email (gmail) addresses is there for anyone
>     to see.
>     >  This seems like a large breach in security to me.  Am I incorrect?
>
>     This is the default for mailman, actually. Not hard to fix, but it
>     does need to be applied universally and Ubuntu as a whole would need
>     to agree with it.
>
>     Good luck,
>     wxl
>
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/lubuntu-users/attachments/20140821/1b3a7db5/attachment.html>

More information about the Lubuntu-users mailing list