port maintainer address
qjail1
qjail1 at a1poweruser.com
Sat Feb 6 03:57:16 UTC 2016
A year ago I was receiving loads of spam email on the maintainer email
addresses used in the ports makefile. I created bug tickets to change
the user name part of the email address for all the ports I maintain,
but some how I missed the qjail2 port. Now that port says its maintained
by ports at FreeBSD.org and the spam email has stopped.
Since bugzilla uses the port maintainer email address as the way to
identify the port maintainer, I no longer can post updates to qjail2
port. This is a two sided coin. On one side [no more spam email] but on
the other side [blocked from making port updates] to ports I am really
the maintainer.
Lest look at the big picture. The
https://www.freebsd.org/cgi/ports.cgi?query=qjail2&stype=all
website displays the maintainer email address for each and every port. A
person doesn't have to be a genius to see that this is one of the places
where email address are being harvested from.
Why has Freebsd NOT done something to protect their port maintainers
from spam.
Bugzila is now the preferred way to report bugs in ports. There is no
longer a need to publicly display the ports maintainer real email
address on the ports website. The simple solution is to change the html
code of the ports website to replace every where the maintainer's email
address is displayed with ports at FreeBSD.org. That way the makefile info
stays the same and bugzilla works the same. Your just changing what the
public user and harvesters see.
There are other places where this info can be obtained, such as
//svnweb.freebsd.org/ports/. This is a very large doorway to all the
ports maintainer email address. The big picture solution is to NOT carry
the maintainer email address in the makefile at all. Have it entered
into a secure maintainers database that only bugzilla has access to.
You get the general picture here. I am sure there are people with a
better understanding of the internal workings who can develop a better
concept to prohibit the public from having access the ports maintainer
real email address. Its time serious thought is given to this problem.
Thanks for letting me stand on my soap box.
More information about the freebsd-ports
mailing list