One of the advantages of running your own mailserver is the ability to easily and limitlessly add mail aliases. I’ve been doing that for years now for every website I have to sign up for with an email address. When I get spam on any of these aliases, this gives me two advantages:
- I know which website leaked my address, and
- I can stop the spam coming in by simply removing the alias.
Point 1 unfortunately doesn’t tell you whether the website willingly sold their list of email-addresses to spammers or whether they just had a security breach that they didn’t tell us about. But it matters little, it tells me that I can’t trust that particular site.
I don’t see a point in writing to them, in either case they’re not likely to admit to me what happened. But naming and shaming them here at least puts this information out in the open. If a lot of bad press is generated, business websites at least may be enticed into respecting our right to privacy more.
So here they are, the websites who disclosed the email-address I entrusted to them:
- Opus Supplies [ www.opussupplies.nl ]
- Teamdrive [ www.teamdrive.com ]
- Longtail Video [ www.longtailvideo.com ] – the makers of JW Player (surprised me)
- Perry Marshall / Cosmic Fingerprints [ www.cosmicfingerprints.com ] – okay, I could’ve expected this one
- PC Megastore [ www.pcmegastore.nl ] – went bankrupt last August, so they won’t bother anyone anymore