@pamaca @themactep@fosstodon.org @jalvarez I should also mention that every git commit potentially has an email address on it. My git config has a different forwarding alias for every repo which I only exposed through git pushes. One of those unique addresses is now getting spam. I'm guessing the attacker simply did a "git clone" to get the address.