Comment by x______________
8 hours ago
Cool project, but what do you gain from publishing most of an email address in the attack log? This is not public information, you shouldn't hint addresses with partial censoring (forgetting domains are clear text and holding personal information).
I would not attempt to interact with you because of this.
Why not create a fake sender (EG: attacker1,2,3..) per unique account to show individual attempts (keeping the log logic) while protecting your audience`s privacy?
It is customary that one may publish one’s own personal correspondence unless the other party has requested confidentiality.
Maybe this open invitation to the world pushes the boundaries of that definition, but I don’t see where an expectation of privacy comes in here.
You should assume every email you send to another person will be made public, because once you send it you have no control over it. This is especially true if you don’t know or trust the recipient.
Sometimes you just have to hope it won’t be made public.