Giving an exempt for Spamgourmet domains #21
Comments
|
Kickbox suggests that this domain is disposable. See here I have added a feature that enables consumers of the library to add / remove domains from the list of disposable domains. |
|
I've actually went ahead and approached Kickbox. They said unlike you they're a reporting service and not a blocking one. This statement suggests they don't mind stepping into gray areas and let someone else decide whether to use this info for blocking or not. But your case is different because you take an active stand. If a domain is on your list, it's game over for it. Sure, now you let add/remove domains, but I think we can safely assume it's not like thousands of admins out there will know to start whitelisting Spamgourmet. Actually, even if they did, they'll need to register and sign in to Spamgourmet to even know which domains to whitelist other than the main one. And then sign in every time there's a new domain... |
|
I am one of the maintainers of spamgourmet. This is not a disposable domain. This is a spam filter. Sure, you can register an account and never use it again, but that's also true for GMail and other online services. So why is spamgourmet penalized? Once you have created an account in spamgourmet, you can use tags to identify intended recipients. This is exactly the same as GMail allowing you to register an account (joeblow @ gmail) and then specify a tag for all github email (joeblow+github @ gmail). The one difference is that GMail does not allow you to use tags for anything but searches, whereas spamgourmet lets you block a tagged address that has been abused. So please make an exemption for spamgourmet. Thank you! |
|
I sustain this request, there is nothing "disposable" about Spamgourmet. |
|
Spamgourmet should be treated as a disposable email because users are empowered to abuse the "1 user 1 real email" rule. The important factor here is that the email address is disposable even though the account on Spamgourmet is not. |
|
Hello AgentCosmic, I am a spamgourmet developer and admin. What you are saying is true, but it also can be applied to numerous other email providers. As an example, Gmail encourages users to supply suffixes after a So by that yardstick, GMail should be blacklisted. It is not. Why apply a different rule to spamgourmet? We are with the good guys in the fight against abuse. And we do it for free. So please support us. |
|
I too support this request for the full 100%. |
|
Spamgourmet is also invaluable for traceability. For example, I routinely buy old books from specialty and used book stores, who unfortunately lack resources to police their IT and cannot keep their PCs exempt from viruses. Twice in recent months, I purchased a book from a mom-and-pop store, giving them a custom email address. A few days later, I started seeing spam coming to the custom address. Since I only ever used the address for the store, I was able to contact the store and prove that the store keeper's PC had been compromised. Obviously, the credit card used for the transaction was cancelled. The store owner was able to remove his virus and thanked me. Of course, there is also the case of the "American Trade" stock trading company (name slightly obfuscated) who had an insider leaking client's email address and sending them pump-and-dump spam messages. The whole affair came to light because of a client that started getting such spam on an address exclusively used by the trading company. This is why spamgourmet deserves help. |
|
This project is grossly misrepresenting itself. The statement of purpose is: "a library that allows applications to check for users signup with disposable email addresses." [sic] Meanwhile, it reports spamgourmet domains as disposable, which is, plainly, a lie. Perhaps it was an honest mistake two years ago, but the maintainers have had so much time to correct their mistake that there is no longer a valid excuse for failing to do so. Spamgourmet is a forwarding service, not a disposable address service. Everything about it is designed to deliver legitimate email to real users, consistently and reliably. If anything, spamgourmet addresses are more likely to reach real users than gmail or other addresses, because our inboxes are not overrun with junk mail. We give out a spamgourmet address specifically because we want to read the incoming messages. Sadly, lists like this one have led quite a few web sites to refuse signups to legitimate users, or worse yet, to silently discard outgoing messages to legitimate addresses. Congratulations. You're encouraging broken web sites, lost information, failed communications, increased spam, a lot of frustration, and just plain bad user experiences. I strongly suggest you rethink this. Please stop being irresponsible, and fix it. Remove all of the following domains from your list, and start exercising at least minimal competence at screening domains in the future. Until you do, your service will remain little more than a denial-of-service attack on a lot of people's communications; one that should be shut down. |
|
@foresto Please consider removing that list of domains from your previous post! |
|
@zzynx The domains I listed are already in this project's blacklist. The damage here was already done. |
In a list of 2000 domains it is not clear which ones belong to spamgourmet. |
I don't follow your thinking. Are you afraid that someone is going to grovel through bug reports so they can single out spamgourmet with some kind of spitefully targeted custom blacklist, rather than simply using the list that's already prepared? If you know of a plausible incentive for someone to do such a thing, then please share it. Otherwise, I intend to leave my comment in place so that the blacklist maintainer knows which domains to remove. I'll be happy to redact my comment as soon as that is done. |
I believe the meaning was that Google and other search engines' crawlers will make the Spamgourmet list public because of your comment, making it even easier for services such as this one to block Spamgourmet (if for example they decide this service's global list is too wide).
It's not always guaranteed the edit right will be there forever. |
If your hypothetical person who thinks the global list is too wide finds my comment through a google search, they will immediately learn that spamgourmet et al. don't belong on any such list, and leave it alone. That would be a good thing. Also, if we expect the maintainers to correct their list, they need to know what corrections to make. Let's not make it difficult for them. Finally, remember that this is a publicly visible revision control system. Every edit, including the diff when spamgourmet domains are eventually removed, is permanently visible to both web crawlers and humans. In other words, the information I posted was already available. (And correlated, in multiple places other than here; I checked before posting.) That ship has already sailed. Rather than fooling ourselves into thinking we can revoke the information, let's try to correct the misunderstandings that encourage people to misuse it. |
|
To the dev running disposable_email_checker you are the cancer behind why after 15 years of using spamgourmet services effectively and successfully it is now rejected on a growing number of places. I sincerely hate for being that thick and incompetent. Relying on a third party provider for your library is not a smart move, specially when touching something as central as email and registration. This third party provider kickbox has clearly stated that spamgourmet is on their list not on technical reason but due to an arbitrary decision. they know this is a legitimate privacy and spam protection services but chose to blacklist anyway for fear that that their blacklisting of disposable address services would cause people to work around their blacklisting by registering and using a spamgourmet account. By this logic you would have to blacklist yahoo, gmail and pretty much any free registration email provider, but for some reason the arbitrarily chose to not apply the same policy to them. Hopefully at some point you'll came to your senses and ditch kickbox for being too broad and raising a lot of false positives, impacting the online life of people. Or fix their broken filter by adding a default whitelist to fix their shortcomings. |
|
I 100% support removing all spamgourmet domains from this list, but I have 0% hope that it will ever happen. The devs behind The real problem about this is that as more and more websites use this service, they silently stop sending me emails (although my spamgourmet email has worked for years with that website). Sometimes I can't even change my email address, because that would require me to click a confirmation link that the website never sends because spamgourmet.com is on this block list. I try my best to email the website devs and alert them to the problem, and to fight the cancer that |
That rule cannot be the scope of this or any other sane library as users can easily register multiple accounts at various free email providers like gmx.net, gmail.com, web.de, etc. EDIT: When can we expect this issue to be resolved? |
|
As a spamgourmet.com user, I'm going to chime in. And I'm going to try very hard not to use bad words. Web developers blocking the use of spamgourmet.com email service -- which is an excellent service -- is wrong. Plain wrong. If I want to control all of the (bad word I thought removed) spam trying to flood into my e-mail box I have the right to do so! The Spamgourmet service does a single thing -- it puts me in control of my e-mail. If sombody starts abusing my e-mail address, not only do I know who is abusing it, I can quickly and easily shut them off. So -- by blocking spamgourmet.com service, web developers are stating that they want to be able to spam me at any time, sell my address for any reason, and violate my personal space. This service SHOULD NOT be blocked! It is a legitimate e-mail service, and I had to register with spamgourmet.com to get access to the service. There is no difference in me using spamgourmet or me using gmail -- they are both legitimate e-mail services and deserve to be treated equally. In fact, any web developer or service that chooses to block spamgourmet.com is nothing but a (another bad word I thought removed). I'm sorry to be so harsh, but I get really sick of sites that block my spamgourmet.com e-mail addresses. Then I have to use other much more difficult workarounds to keep spammers out of my inbox. |
I entirely disagree! With the spamgourmet address, 1 user gives 1 email address. That follows the rule! The ONLY thing spamgourmet allows users to do is "dispose" the address if the marketing people start abusing the e-mail by sending spam. There is NO violation of the 1 user to 1 e-mail address rule. None at all. The whole point of the service is to have a trackable e-mail address that can be provided to a given service, and to be able to shut down ONLY that service if they start abusing the fact that they have your e-mail. In fact, almost every person these days have multiple e-mail addresses. I personally have 6 addresses. Does that mean I'm violating the 1-user 1-address rule because I have a gmail account, an outlook account, two personal domain accounts, a spamgourmet.com account, and a work account? No, it does not. Your argument here is simply not logical. |
|
Lets not forget that this "1 user 1 email" so-called rule is just
another vehicle for tracking and identifying users. So it is in the
interest of empire and its surveillance.
It is also in the interest of all the crooks who abuse stolen address
/ password pairs.
Nothing will change...
Am 05.10.22 um 20:30 schrieb inaun - ***@***.***:
… Spamgourmet should be treated as a disposable email because
users are empowered to abuse the "1 user 1 real email" rule. The
important factor here is that the email *address* is disposable
even though the account on Spamgourmet is not.
That rule cannot be the scope of this or any other sane library as
users can easily register multiple accounts at various free email
providers like gmx.net, gmail.com, web.de, etc.
EDIT: When can we expect this issue to be resolved?
I entirely disagree! With the spamgourmet address, 1 user gives 1 email
address. That follows the rule! The ONLY thing spamgourmet allows users
to do "dispose" the address if the marketing people start abusing the
e-mail by sending spam.
There is NO violation of the 1 user to 1 e-mail address rule. None at
all. The whole point of the service is to have a trackable e-mail
address that can be provided to a given service, and to be able to shut
down ONLY that service if they start abusing the fact that they have
your e-mail.
In fact, almost every person these days have multiple e-mail addresses.
I personally have 5 addresses. Does that mean I'm violating the 1-user
1-address rule because I have a gmail account, an outlook account, two
personal domain accounts, and a work account? No, it does not.
Your argument here is simply not logical.
—
Reply to this email directly, view it on GitHub
<#21 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABS3NPIZL66MC62IOWEG2W3WBXCLXANCNFSM4F6KTHEA>.
You are receiving this because you commented.Message ID:
***@***.***>
--
Christian Gnägi
gnasch gmbh
Ipsachstr. 16
CH-2563 Ipsach
|
That notion is completely asinine. Internet email has no such rule, and never has. Imposing such a rule would have no purpose except to violate people's privacy. |
|
@vboctor , if that's OK with you, I can send a PR for exempting the spamgourmet domains from the list. BTW, spamgourmet is an OSS project available here. A quick look at the doc will show you that it is by no means an attempt at defrauding websites. |
https://www.spamgourmet.com is not your standard "launch and forget" disposable service, as:
It's meant to stop websites from selling your addresses to a third party, not from you to get mail at all.
As a result, projects like Mantis Bug Tracker don't allow the Spamgourmet users to participate in trackers, while having every intention to get the trackers' replies, just not being affected in case the trackers should expose addresses.
Will you consider giving an exempt for Spamgourmet domains?
The text was updated successfully, but these errors were encountered: