Forum: RForum Emails are harvested by spammers

I use a unique email for almost every website (possible since I own the 
domain). I now know for a fact that spammers are harvesting email 
addresses from ruby-forum.com. It would be nice if rforum could hide 
email addresses by default.

Yes.. I wanted to suggest this as well.. this is very bad.. I expected 
my address never to be shown, but they are ... at least when somebody 
replies to my post.. then it says David Krmpotic (david..... @ 
there.com) wrote.. (see?) baad.

Carl Johnson wrote:
> I use a unique email for almost every website (possible since I own the 
> domain). I now know for a fact that spammers are harvesting email 
> addresses from ruby-forum.com. It would be nice if rforum could hide 
> email addresses by default.

D. Krmpotic wrote:
> Yes.. I wanted to suggest this as well.. this is very bad.. I expected 
> my address never to be shown, but they are ... at least when somebody 
> replies to my post.. then it says David Krmpotic (david..... @ 
> there.com) wrote.. (see?) baad.
> 
> Carl Johnson wrote:
>> I use a unique email for almost every website (possible since I own the 
>> domain). I now know for a fact that spammers are harvesting email 
>> addresses from ruby-forum.com. It would be nice if rforum could hide 
>> email addresses by default.

not only nice, i'd say a basic human right to privacy...
it's triply crap that you can't change your email either
....................................

Carl Johnson wrote:
> I use a unique email for almost every website (possible since I own the 
> domain). I now know for a fact that spammers are harvesting email 
> addresses from ruby-forum.com. It would be nice if rforum could hide 
> email addresses by default.

can somebody please install the hivelogic email enkoder
http://hivelogic.com/narrative/articles/enkoder_plugin

that's a rails plugin to encode email-adresses so spammers can't harvest 
them. exactly what would be needed here. takes 10minutes to implement in 
Rforum.
But it looks like we are on our own, since the last update on RForum was 
in 2005.
see http://rubyforge.org/projects/rforum/

Matthias Tarasiewicz wrote:
> Carl Johnson wrote:
>> I use a unique email for almost every website (possible since I own the 
>> domain). I now know for a fact that spammers are harvesting email 
>> addresses from ruby-forum.com. It would be nice if rforum could hide 
>> email addresses by default.
> 
> can somebody please install the hivelogic email enkoder
> http://hivelogic.com/narrative/articles/enkoder_plugin
> 
> that's a rails plugin to encode email-adresses so spammers can't harvest 
> them. exactly what would be needed here. takes 10minutes to implement in 
> Rforum.
> But it looks like we are on our own, since the last update on RForum was 
> in 2005.
> see http://rubyforge.org/projects/rforum/

who is responsible for admin accounts?

Xia __ wrote:
> who is responsible for admin accounts?

Usually on rubyforge, the other admins can create a new admin. in this 
case http://rubyforge.org/users/andreas/

Matthias Tarasiewicz wrote:
> Carl Johnson wrote:
>> I use a unique email for almost every website (possible since I own the 
>> domain). I now know for a fact that spammers are harvesting email 
>> addresses from ruby-forum.com. It would be nice if rforum could hide 
>> email addresses by default.
> 
> can somebody please install the hivelogic email enkoder
> http://hivelogic.com/narrative/articles/enkoder_plugin
> 
> that's a rails plugin to encode email-adresses so spammers can't harvest 
> them. exactly what would be needed here. takes 10minutes to implement in 
> Rforum.

That wouldn't solve anything. RForum DOES NOT display email addresses. 
Only if you post to a mailing list forum (like the Ruby forum) your 
email address will be in the From header, because that is how mailing 
lists work.

> But it looks like we are on our own, since the last update on RForum was 
> in 2005.
> see http://rubyforge.org/projects/rforum/

No, see http://rforum.andreas-s.net.

Andreas Schwarz wrote:
>> can somebody please install the hivelogic email enkoder
>> http://hivelogic.com/narrative/articles/enkoder_plugin
>> [..] snip
> 
> That wouldn't solve anything. RForum DOES NOT display email addresses. 
> Only if you post to a mailing list forum (like the Ruby forum) your 
> email address will be in the From header, because that is how mailing 
> lists work.

no offense, but this would solve something. if the message text gets 
written out via javascript (the form enkoder) the whole spamming stuff 
would stop. it's not so hard to just push email-adresses through the 
enkoder via regex, if you don't want to encode the whole message body.
the fact is, that spam harvesting is happening here - and it could be 
fixed.

>> But it looks like we are on our own, since the last update on RForum was 
>> in 2005.
>> see http://rubyforge.org/projects/rforum/
> 
> No, see http://rforum.andreas-s.net

aha, thanks for the pointer.
when can we expect the next release on rubyforge?

greets,
matthias

Matthias Tarasiewicz wrote:
> Andreas Schwarz wrote:
>>> can somebody please install the hivelogic email enkoder
>>> http://hivelogic.com/narrative/articles/enkoder_plugin
>>> [..] snip
>> 
>> That wouldn't solve anything. RForum DOES NOT display email addresses. 
>> Only if you post to a mailing list forum (like the Ruby forum) your 
>> email address will be in the From header, because that is how mailing 
>> lists work.
> 
> no offense, but this would solve something. if the message text gets 
> written out via javascript (the form enkoder) the whole spamming stuff 
> would stop. it's not so hard to just push email-adresses through the 
> enkoder via regex, if you don't want to encode the whole message body.
> the fact is, that spam harvesting is happening here - and it could be 
> fixed.
> 
>>> But it looks like we are on our own, since the last update on RForum was 
>>> in 2005.
>>> see http://rubyforge.org/projects/rforum/
>> 
>> No, see http://rforum.andreas-s.net
> 
> aha, thanks for the pointer.
> when can we expect the next release on rubyforge?
> 
> greets,
> matthias

Spammers are also using ruby-forum to send Revlon and Lubriderm free
samples to all us lucky rails developers:

http://groups.google.com/group/rubyonrails-talk/br...

I registered yesterday (17/06/2007) at 18:22 and had received my first 
spam email by 15:43 today (18/06/2007) - a message from one Mr. Thompson 
Brown who will of course be receiving my bank account details asap.

Receiving the spam surprised me given that I'm a member of a number of 
forums and have not even vaguely had this problem before.

Reading this post, there's mention of a "mailing list forum". Could 
someone please confirm that posting to the Ruby area of forums 
(http://www,ruby-forum.com) does not result in the topic being sent to a 
mailing list.

Thanks.

Steph

Stephan Dale wrote:
> Reading this post, there's mention of a "mailing list forum". Could 
> someone please confirm that posting to the Ruby area of forums 
> (http://www,ruby-forum.com) does not result in the topic being sent to a 
> mailing list.

It does, as you can see in the text above the reply/post form:

"Please read before posting

This forum is connected to a mailing list..."

Andreas Schwarz wrote:
> Stephan Dale wrote:
>> Reading this post, there's mention of a "mailing list forum". Could 
>> someone please confirm that posting to the Ruby area of forums 
>> (http://www,ruby-forum.com) does not result in the topic being sent to a 
>> mailing list.
> 
> It does, as you can see in the text above the reply/post form:
> 
> "Please read before posting
> 
> This forum is connected to a mailing list..."

Oh yes. I remember that message. I assumed that my post could be read by 
thousands of people because I was posting it on a public forum. I did 
not assume that my email address would be given away to everyone.

I'm clearly not the only one either.

In my opinion the admins need to make it very very clear, before signup 
as well as before posting on a "mailing list forum".