20050822

Doing well difficult things

I'm glad to report that thanks to the sheer idiocy of google, this is now the top hit for "Doing difficult things well", significantly beating Data Connection and their wiley slogans. Incidentally, DC are currently on a hiring binge, so if you can stomach the prospect then now would be the time to submit yourself to their hilarious psychometric profiling and testing.

However, this seems to have dropped off the radar for "webartoffer", the dodgy outfit that apparently tried to nick money from me. On the plus side, their website does appear to be kaput, which I'd like to think is in someway due to my inactions.

So meantime, here's a new web-related hijink to relate. I operate a private internet domain which, let's say, is called www.anchor.org. This has the nice feature that any mail to x@anchor.org gets to me, where x can be any arbitrary string. Hence, I have got in the habit of giving out custom made addresses to different people. Amazon get to email me at amazon@anchor.org, other people get jerseyelectric@anchor.org, dirtydvds@anchor.org etc. I recently started getting spam sent to my address, but the headers revealed that the mailing address was actually mybank@anchor.org. Where, of course, mybank is my bank. This irritated me: how had my bank allowed my address to leak out?

The point being, that this address has been given out to noone else, appears on no webpage (including this one), and has no other purpose. And although I receive spam to non-existent addresses like "admin@anchor.org" or "info@anchor.org", mybank is sufficiently non-standard that it seems very highly unlikely that anyone would have guessed it, given that I've never received spam addressed to "someotherbank@anchor.org".

So I contacted mybank about this, and asked them what was going on. And they replied... that they didn't know. They claimed that they'd never passed on personal details, etc. etc., and so... well, what can you do? I didn't give out the email address. And the bank claim they didn't. So that leaves... some hacker snooping on the email sent from my bank to me. Which seems a bit extreme, you wouldn't have thought that they would need to go to that much effort.

So I throw it open to you: anyone got any better ideas how my clean address could have fallen into the hands of the evil spammers? The point being, I don't really care all that much about it: if it gets out of hand, then I'll procmail all email to that address to /dev/null, and configure a new one for mybank (and see how long before that starts receiving spam). I'm just curious how, for what should have been
a closed system, somehow this fell into the hands of the spammers while expedia@anchor.org, computerstore@anchor.org, or cheapthaibrides@anchor.org have all remained spam-free so far.

No comments: