Please use the Apache issue tracking system for new NetBeans issues ( !!
Bug 33201 - [spam] email address obfuscation in mailing list web archives ?
[spam] email address obfuscation in mailing list web archives ?
Product: www
Classification: Unclassified
Component: Admin
All Linux
: P1 with 3 votes (vote)
Assigned To: Jan Pirek
Depends on:
  Show dependency treegraph
Reported: 2003-04-23 22:46 UTC by David Strupl
Modified: 2011-12-19 08:00 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description David Strupl 2003-04-23 22:46:58 UTC
What is even worse when I check the mailing list
archives (on URL like this
there is my real e-mail address! I am making this
P1 since displaying my real e-mail instead of or the full name is clearly
unacceptable for me - that is spam source par
excellence! Do I have to change my e-mail address
because of this bug?
Comment 1 jcatchpoole 2003-04-24 15:32:22 UTC
I am not sure what the $summary means here, can you clarify ?

About displaying email addresses in mailing archives - this 
is not new behaviour, as you probably know ... "obfuscating" 
or hiding emails has never been done on  Also I 
can't see how it wouldt be possible to display your address in place of real addr, as the www
archives are just mirrors of the real lists, and you can 
post to the real lists from any - and multiple - email 

Dropping priority as there is nothing (newly) critical here,
though leaving as a P2 enhancement since spam is getting out
of control.  Also a fix might be quick and simple.

David, Collab, what kind of address hiding/obfuscation would 
you suggest ?
Comment 2 Unknown 2003-04-24 19:47:12 UTC
Accepting issue & researching issue.
I will update this issue by 
Comment 3 David Strupl 2003-04-25 09:44:42 UTC


1. Go to the archive for nbdev April 2003.
2. Compare how my name is displayed with the others. E.g. Jesse Glick
is displayed as "Jesse Glick", I am displayed as ""
(I have provided the URL link in the previous comment). I did not mean
the individula message, I mean the page where you see all the messages.

Summary: It means there is no place on the whole site where can I
specify that my name is "David Strupl". I might have overlooked it -
can you please provide me an URL and we can close this issue.

Also this is not an old issue - I used to be displayed as David Strupl
when I was a SUN employee - some magic going on here? ;-)
Comment 4 jcatchpoole 2003-04-25 17:12:13 UTC
No magic - this comes from your local mail client 
configuration :-)  The www archives really are just a mirror
of what happens on the regular email lists.  The msgs 
displayed there are copies of original email msgs - if I 
look in my mail client at recent nbdev msgs, I see your msgs 
coming from "Sender :" - which is exactly 
what the www archival script sees and displays.  Presumably 
you have somewhere in your mail client either configured 
your "Real Name" as david@sol..., or maybe left it blank.

HTH with the name issue; leaving this issue open to address
the spam/address obfuscation query.  BTW David note that 
even if your full name is displayed on the "index" page of
the msg archive, the full address is displayed on an 
individual mail msg, eg at
Libor's email is still visible; so changing your mail client
config will not remove the spam concern.  Maybe this issue
can eventually address that.
Comment 5 Unknown 2003-04-25 21:31:44 UTC
Hi Jack,

Can you give me some details about the spam/address 
obfuscation query issue?
I am just not exactly sure what you mean by 


Comment 6 David Strupl 2003-04-27 23:15:02 UTC
Aha. I apologize for making so much noise with this. I did not know
that the whole system does not know my identity while posting to the
news group. I thought that the www login process is somehow connected
to the news groups which is apparanently not the case. So sorry for
bringing this issue. I have decreased the priority to P3 and leaving
for you to decide whether to close the issue. Only a rhetorical
question in the end: shouldn't the whole site (www, newsgroups, cvs,
...) use one identity database? Or is there an enhancement request for
this - maybe for the new version of SourceCast?
Comment 7 jcatchpoole 2003-04-28 10:02:05 UTC
Eric : address obfuscation = somehow hiding email addresses
on web pages from spam harvester type bots, usually by 
automatically converting them into something a human can
read and understand and edit (eg jcatchpoole-remove-this-, but a bot can not.  
There are also more interesting types of obfuscation.

David : Hrm, in theory yes, but remember there is no way
for the mailing list/NNTP server to ID you via your mail 
client, which is your primary means of posting to it - 
except by completely fakeable "real name" or email address.
I don't see how to get around that ....

Changing issue summary to focus on email add obfuscation
as an anti-spam measure.
Comment 8 Unknown 2003-04-29 19:07:50 UTC
Hi guys,

I opened internal pcn 17299 Request for enhancement.
I will update this issue as soon as I get a resoponse.
Should be by 5/9/03

Comment 9 jcatchpoole 2003-06-19 13:01:04 UTC
More than 1 month after 5/9 - any news ?
Comment 10 Unknown 2003-06-19 18:55:28 UTC
The product manager has not addressed this issue yet. I do see that
other customers are interested in this. 
I just reminded the product manager to take a look at this issue. I
should have his update by 6/24 now.
Comment 11 Unknown 2003-07-08 03:26:56 UTC
I haven't received an update from product management.
I have asked them again if there are any further thoughts on this
request now that we have multiple customer requests concerning this
I will update as soon as I get updated here.

Comment 12 Unknown 2003-07-29 06:27:01 UTC
Our management says that the whole issue of how we could 
deal with spam filtering is being looked into at this time 
and not having any insight into how or when it will be 
addressed. Will update more as soon i get from them.

Comment 13 Unknown 2003-08-06 08:13:38 UTC
Updating whiteboard
Comment 14 ulibube 2003-10-29 16:06:57 UTC
Thought I might add another customer comment. I consider this an 
issue of great importance. I accidentally sent a message to a 
Netbeans list from an account which is not spam-protected (just 
forgot to modify the From: line). Apparently, there is no way to 
have my message removed or altered now that it's in the archives.

To give an idea of the magnitude of this problem, I posted a (test) 
address on a web site for a few months about a year ago to see what 
would happen; now, about 6 months after taking it back off the web 
page, I'm still receiving on the order of 100 spam messages a day 
through that one address; and the only place I used that address was 
on the web site. All my other sources of spam combined are a tiny 
fraction of the number of messages generated from web posting (yes, 
I compared them).

Pity is, my message to the Netbeans list was not sent from a test 
address :(
Comment 15 pgodeau 2003-10-30 07:27:58 UTC
I agree, the priority of this issue should be raised.
Please also note that I started to have this spam problem since I
submitted my adress to the mail-to-news web site, which
forces you to give your real e-mail address :-(
Comment 16 jcatchpoole 2003-10-30 12:33:37 UTC
Patrick - I've just proposed on nbdiscuss that we enable the address
obfuscation scheme that Gmane has, see

This would help I hope.
Comment 17 Unknown 2004-02-19 08:46:45 UTC
The request for email obfuscation in the mailing list archives has 
been considered for Danube Release of Sourcecast

Support will continue monitoring the RFE & will review in the 
corresponding release.

Comment 18 jcatchpoole 2004-08-31 13:40:42 UTC
*** Issue 48106 has been marked as a duplicate of this issue. ***
Comment 19 jcatchpoole 2006-06-14 16:55:22 UTC
We are now on Danube, but this seems to be still not done.  Status ?
Comment 20 Unknown 2007-09-19 13:45:07 UTC
To Crm,This issue has been considered to be fixed in the future release of CEE.Hence marking it as resolved later for
support to track it.

Support operations
Comment 21 Unknown 2007-09-19 13:48:02 UTC
Comment 22 Unknown 2009-01-22 12:45:54 UTC
Re-opening the issue for validating the issue for implementation in a future release.
Comment 23 Unknown 2009-01-26 03:26:30 UTC
This issue has been fixed in CEE 5.2.

Support Operations.
Comment 24 Marian Mirilovic 2009-11-08 02:32:10 UTC
We recently moved out from Collabnet's infrastructure
Comment 25 David Strupl 2009-11-08 13:50:18 UTC
This is still a valid request.
Comment 26 Jiri Kovalsky 2010-06-23 07:33:16 UTC
Any update on this? There are several people complaining about it every week. Thanks!
Comment 27 Vince Kraemer 2011-07-12 16:24:46 UTC
Since Lea doesn't work for Oracle or on Kenai anymore, we might want to reassign this to an actual person that can and might do something to resolve the problem...

I do not know who that person would be...  If I did, these issues would be assigned to them when I committed this comment.
Comment 28 Marian Mirilovic 2011-11-16 12:36:16 UTC
still valid
Comment 29 Jan Pirek 2011-11-29 13:37:00 UTC
Comment 30 Jan Pirek 2011-12-05 07:47:47 UTC
According to associated kenai issue, this has been resolved. I have checked and email addresses are now printed by javascript.
Comment 31 Jan Pirek 2011-12-19 08:00:51 UTC

By use of this website, you agree to the NetBeans Policies and Terms of Use. © 2014, Oracle Corporation and/or its affiliates. Sponsored by Oracle logo