TLUG spam

Tyler Aviss tjaviss-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Thu Sep 13 22:10:12 UTC 2007 

Hmmm, how many of these are coming up with invalid domains? If that
was the case, then perhaps we could just ignore mail that comes up
with a host-not-found for the reverse-DNS?

Of course, that would break mailservers which don't have a proper
reverse-DNS, but at least there's nothing to say we must require the
reverse-DNS actually resolves to the @someserver.com of the sender...

Alternately, perhaps it could check against a listing of users that
are known to have PGP keys (and require such), that would prevent
spammers from at least using those addresses.

On 9/13/07, CLIFFORD ILKAY <clifford_ilkay-biY6FKoJMRdBDgjK7y7TUQ at public.gmane.org> wrote:
> Lennart Sorensen wrote:
> > On Wed, Sep 12, 2007 at 06:13:36PM -0400, Dave Mason wrote:
> >> Is this the result of TLUG accepting posting from the world?  Or is
> >> someone here running Windows and thier computer is infected?  I suspect
> >> the former based on the only apparently useful header:
> >>
> >>     X-Originating-IP: 234.239.150.212 by smtp.201.17.187.101;  Wed, 12 Sep 2007 17:48:28 -0500
> >>
> >> For those IPs I get:
> >>     ; host 234.239.150.212
> >>     Host 212.150.239.234.in-addr.arpa not found: 3(NXDOMAIN)
> >>     ; host 201.17.187.101
> >>     101.187.17.201.in-addr.arpa domain name pointer c911bb65.bhz.virtua.com.br.
> >>
> >> Can we make the list so only people on the list can email to the list?  Please???
> >
> > I think someone discovered that drew-lxSQFCZeNF4 at public.gmane.org as your From: address will
> > allow posting anything you want to the mailing list.  Perhaps the mail
> > server should be more picky about where it thinks drew can send mail
> > from.  On the other hand the mailing list is expecting to receive
> > incoming mail from subscribers (which i am sure drew-lxSQFCZeNF4 at public.gmane.org is), and
> > forward it to all members of the list.
> >
> > So simply messages sent with a fake From: address which the mailing list
> > accepts.
> >
> > Any spammer that uses a forged from address of any subscriner to the
> > list would be able to do what this spammer is doing, and I am not sure
> > what you can do about it.
>
> Is there is a way to configure a list server to accept only PGP signed
> messages? That way, even if someone spoofs the email address of a
> subscriber, it would not do him any good unless he also has the PGP key
> of the subscriber.
> --
> Regards,
>
> Clifford Ilkay
> Dinamis Corporation
> 1419-3266 Yonge St.
> Toronto, ON
> Canada  M4N 3P6
>
> <http://dinamis.com>
> +1 416-410-3326
> --
> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list