Gmane

Address Obfuscation

Spam is a major annoyance these days. Legislation is the only thing that will bring spam to an end. Some people don't feel like holding their breaths until that happens, and wants spam to stop right now.

One popular, but anti-social way of getting less spam is to never give out the real email address. That doesn't work very well with mailing lists. They really need to know what your address is. Gmane is a mail-to-news gateway, which means that these addresses are exposed. (The web interface obfuscates all mail addresses, but they are in plain text using the news interface.)

For people who really don't want to expose their email addresses, Gmane implements an address encryption scheme, coupled with a challenge/response mail delivery scheme.

Encryption

A list administrator may request that the entire list be encrypted. Each individual user may also do so by putting a X-Archive: encrypt header into their messages.

If either of these things have been done, Gmane will encrypt all addresses in the header, as well as anything that looks like an address in the body of the message.

An address that looks like larsi@gnus.org will become larsi=smP1P7uqpqc@public.gmane.org. This is a real, functional mail address, and mail sent to that address will be delivered.

While the X-Archive header makes all addresses in your message be encrypted, if somebody on the mailing list responds to your message, it's still likely that your real email address will be included in the follow-up. It's probably more useful to switch encryption on for the entire list.

Note that this encryption (most likely) only happens on Gmane. Other mailing list archives commonly do not encrypt addresses, and the mailing lists do not.

Mail Delivery

Any mail sent to an address like larsi=smP1P7uqpqc@public.gmane.org will first be run though virus/spam checking programs. Any messages that fail these tests are just discarded.

Next, any messages that aren't immediately recognized as spam/viruses will undergo a challenge/response scheme courtesy of TMDA. After the sender has verified that she exists, the address will be decrypted, and the message will be forwarded to the real recipient.

In fact, feel free to use your public.gmane.org address anywhere. While it's difficult for me to promise that your encrypted address will work forever, I have no plans for limiting the use of these addresses.

No logs will be kept of mail in transit beyond the normal Exim/TMDA mail logs, and no mail passing through the system will be read by anybody. Undelivered mail will be removed after one week.

Not So Hard Encryption

While a real encryption algorithm is used, it will probably be possible to find the encryption key over time, since the number of encrypted/unencrypted pairs will be somewhat huge after a while. That's not the point -- the point is simply to make it somewhat harder for address gathering robots to get to the mail addresses.