E-Mail harvesting on PGP key servers can be done with such commands:
http://www.google.com/search?q=site%3Akeyserver.fabbione.net+pks+uid
I already receive spam because i decided to upload my public key years ago. I
know its the source, because the same spam message arrived on all accounts
belonging to one key withing seconds.
Those results could be prevented if server administrators would place such a
robots.txt file in their webroot:
User-agent: *
Disallow: /pks/
WOW, i found a PGP Server that already has the file:
http://keyserver.hadiko.de/robots.txt
It would be great if every PGP Server would do this, but how many of them are
out there? Is it possible to contact every administrator?
The homepage of a common PGP Server software is: http://minskyprimus.net/sks/. They have
a pool status page at: http://sks-keyservers.net/status/ . About 30-60 Servers here.
Asking google, there might be 99 servers out there:
http://www.google.com/search?q="%2Fpks%2Flookup%3Fop%3Dstats" .
Hmm, there are hundreds. But not thousands.
Perhaps it is still worth a try, since keys can never ever be deleted. Once
your key leaked out to a public key server its spreaded all over the world.
Thanks google, its ready to get spammed then.
Could sks suggest setting up such a robots.txt file? What do you think?