[tex-live] Catalogue sources

Manuel Pégourié-Gonnard mpg at elzevir.fr
Sat Aug 29 13:18:03 CEST 2009


CTAN maintainer Jim Hefferon a écrit :
>> Are you concerned about spam bots getting a bunch a fresh email
>> addresses from the Catalogue sources? AFAIK, the bots don't crawl SVN
>> repos yet...
> 
> We've been here a long time (well, anyway, Rainer has) and hope to still
> be here some time in the future.  :-)
> 
Well, even if bots start crawling SVN repos in the future (which I doubt, as
long as they have easier targets to concentrate on), I doubt they'll understand
an XML syntax such as <author localpart="mpg" domain="elzevir.fr" />. If your
concern is bots, there is simple but quite effective protections such as setting
a password and giving publicly it as the answer to a question (like "What's the
first name of the creator of TeX?").

> The difference with the Catalogue, to my mind, is that *we* author it.
> 
I understand this point. However, if your main concern is spam robots, there are
 many ways of protecting the addresses (and currently or in the next few years I
can't imagine a robot getting to them).

OTOH, if you are concerned about other information that email addresses, or by
public availability of some information to humans and not only robots, this is a
different problem. But I can't see which information in the catalogue seems so
sensitive.

> I have had authors fill in the upload email field with a bogus address
> and then I tracked them down, and they expressed concern about spam--
> they are afraid that the announcement will contain their address.  A
> person may well consider that concern overblown (I do) but it is
> different to my mind for them to expose the address than it is for us to
> do that.
> 
I agree. But if you assure authors that precautions are taken so that his
address will not be visible by spam bots? You could add a line about it in the
upload form.

Manuel.


More information about the tex-live mailing list