I have started to receive spam on my email address dedicated to gentoo (ML and Bugs).
Since I have only given this emaild to Gentoo, it means that your email database have been stolen and you have a security issue.
Contact me if you want spamples of spam.
Steps to Reproduce:
1. wait for spam :)
Any email you use in our bugzilla becomes public. Your email is available to crawlers on this page for example. I'll still relay this report to the correct page for the right people to respond however they want. This report has nothing to do with handling human resources: Developer Relations: For handling human resources excluding recruiting.
Email addresses in bugzilla will be invisible for unregistered users as soon as we've done the migration to bugzilla-3.
Addresses from mailinglists are available via gmane, archives etc. as Petteri already wrote.
Also we will change our mail system soonish and that will reduce the spam a lot more than now.
bug 249123, bug 251204
Crawlers pick up email addresses from every site they visit, and gentoo.org is no exception. We're working to obfuscate email addresses, but this won't be perfect. The only suggestion I can make is that you utilize spam filtering in your MTA and MUA.
Thanks for your answer.
As it is a security issue but not related to a product, I did'nt where to post it ?
As said by Christian, you should'nt disclose emails in the first place (or give the user the option to hide it event to registered users who are not admins).
Spamassassin is far from bullet proof and they missed this one.
For the time being, I have to close and blacklist this mails :( until you migrate to Bugzilla 3.
Keep this account for now, until Bugzie3 comes out, unless you don't plan on filing any bugs at all.
It does show up in Google as well.