# TUG Email address marked private somehow released



## jerseygirl (Jun 8, 2006)

My profile is set up for private messages only (no email).  Tonight, I received an email from another TUG member (the email included a LOT of other people's email addresses as well, some of which were probably also marked private).

I'm not mad or anything ... just wondering how the sender got my email address.


----------



## Dave M (Jun 8, 2006)

First, there is no way that anyone can access your e-mail address from the BBS records, unless the individual is a moderator or administrator. If you believe that to be the case, please send Doug (“Makai Guy") or me a message with the specifics. 

Second, I suppose that someone to whom you might have sent a message could have passed that on in some way and now it's being used by a third person or, if you ever placed an ad on TUG, it could have been lifted from there. No matter how that person got your address, there is no excuse for passing your e-mail address on to others by including you (without your permission) and others in the same address list. 

A simple way for that person to keep ALL addresses private when sending a mass e-mail message is to put the addresses for ALL recipients in the "Bcc" line instead of the "To" line of the message. By doing that, no one can see who the others are that got the message and, more importantly, that avoids the risk that your and other e-mail addresses might fall into the hands of someone who might use the addresses for spamming purposes.

My suggestion is that you complain to the individual who sent the message and ask him/her where he/she obtained your private address.


----------



## topcop400 (Jun 9, 2006)

I received the same e-mail that she's talking about.  It was directed at those who have a Florida T/S.

I always use the Bcc when sending an e-mail to more than one person.  It would have been nice if this sender would have done the same.  Luckily, this was my "junk" address.  Compared to all those dandy offers from Nigeria, this e-mail was of no real concern.


----------



## Dave M (Jun 9, 2006)

Although I didn't receive the e-mail message initially, I have now seen it and have discussed it with the sender. 

From what the sender says, it appears that many of the e-mail addresses were harvested from the Florida sections of the TUG Classified Ads, including direct exchanges.

Also, the sender is very apologetic about having sent the message in a manner that allowed all recipients to see everyone's e-mail address. He now knows how to avoid making them visible to others.


----------



## Kay H (Jun 9, 2006)

Thanks for the directions, Dave.  Although I was not involved in any way in the specified email, I didn't know that using Bcc would keep the other email addresses private.  I learn something new from Tug almost every day.


----------



## jerseygirl (Jun 9, 2006)

Dave,

My email server is down so I have to thank you publicly for all the work you did to solve the mystery.

I'm really sorry that you went to so much trouble.  I was not at all upset about the message itself, but wanted you and/or Doug to know if there was any chance that someone had accessed Tug's email database.  The size of the distribution list was a little alarming.

In any event -- thank you VERY MUCH for all the effort you put in to solving the issue.  I'm glad to know that it was nothing so sinister as a security breach.

Have a great weekend,
jerseygirl

PS  I was able to read your emails, but everything I try to send is getting hung up.


----------



## TUGBrian (Jun 10, 2006)

There is very little chance of anyone getting the overall TUG member email database...as it isnt stored online.

Chances are someone just farmed the classified ad's for email addresses...as all of them are open to the public within each Ad itself.


----------



## topcop400 (Jun 11, 2006)

So now someone has used that original e-mail (with all those recipients listed) to send THEIR e-mail out.

As previously stated, this is precisely the reason why the use of Bcc is strongly preferred.

Did you receive this subsequent e-mail jersey girl?  Different sender---same list.


----------



## jerseygirl (Jun 11, 2006)

Yes I did.  Exactly what I suspected would happen once I saw the first email.


----------

