TLUG spam
Colin McGregor
colinmc151-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Thu Sep 13 22:40:19 UTC 2007
--- Michael Kennedy <michael-FlpYSvOe4ac6W4JZGn+SJw at public.gmane.org> wrote:
> Another approach would be to invalidate mail coming
> from list members
> that have incorrect full names.... As an example,
> the ones that are
> coming in now are supposedly from 'drew-lxSQFCZeNF4 at public.gmane.org', and
> 'drew-lxSQFCZeNF4 at public.gmane.org's
> usual full name is "Drew Sullivan", so if we see a
> message coming in
> from 'drew-lxSQFCZeNF4 at public.gmane.org' with a name like "Selma Hartley",
> then that should
> raise the 'spamosity' metrics of the message and
> push it into the
> teeth of the filter.
>
> Is that doable?
Yes, but it carries another problem, members whose
names change. The most recent example that I can think
of (and there is at least one other examples I could
name) is Leah Cunningham / Kubik . Here we have a case
where Leah Cunningham joined the list, but postings
from that person (thanks to marriage) are now under
the name Leah Kubik. In other words, yes, screening
based on the name the person joined under would help,
but introduce a new set of issues. Which is worse?
Colin McGregor
> MK
>
>
> On 9/13/07, Tyler Aviss <tjaviss-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
> > Hmmm, how many of these are coming up with invalid
> domains? If that
> > was the case, then perhaps we could just ignore
> mail that comes up
> > with a host-not-found for the reverse-DNS?
> >
> > Of course, that would break mailservers which
> don't have a proper
> > reverse-DNS, but at least there's nothing to say
> we must require the
> > reverse-DNS actually resolves to the
> @someserver.com of the sender...
> >
> > Alternately, perhaps it could check against a
> listing of users that
> > are known to have PGP keys (and require such),
> that would prevent
> > spammers from at least using those addresses.
> >
> > On 9/13/07, CLIFFORD ILKAY
> <clifford_ilkay-biY6FKoJMRdBDgjK7y7TUQ at public.gmane.org> wrote:
> > > Lennart Sorensen wrote:
> > > > On Wed, Sep 12, 2007 at 06:13:36PM -0400, Dave
> Mason wrote:
> > > >> Is this the result of TLUG accepting posting
> from the world? Or is
> > > >> someone here running Windows and thier
> computer is infected? I suspect
> > > >> the former based on the only apparently
> useful header:
> > > >>
> > > >> X-Originating-IP: 234.239.150.212 by
> smtp.201.17.187.101; Wed, 12 Sep 2007 17:48:28
> -0500
> > > >>
> > > >> For those IPs I get:
> > > >> ; host 234.239.150.212
> > > >> Host 212.150.239.234.in-addr.arpa not
> found: 3(NXDOMAIN)
> > > >> ; host 201.17.187.101
> > > >> 101.187.17.201.in-addr.arpa domain name
> pointer c911bb65.bhz.virtua.com.br.
> > > >>
> > > >> Can we make the list so only people on the
> list can email to the list? Please???
> > > >
> > > > I think someone discovered that drew-lxSQFCZeNF4 at public.gmane.org as
> your From: address will
> > > > allow posting anything you want to the mailing
> list. Perhaps the mail
> > > > server should be more picky about where it
> thinks drew can send mail
> > > > from. On the other hand the mailing list is
> expecting to receive
> > > > incoming mail from subscribers (which i am
> sure drew-lxSQFCZeNF4 at public.gmane.org is), and
> > > > forward it to all members of the list.
> > > >
> > > > So simply messages sent with a fake From:
> address which the mailing list
> > > > accepts.
> > > >
> > > > Any spammer that uses a forged from address of
> any subscriner to the
> > > > list would be able to do what this spammer is
> doing, and I am not sure
> > > > what you can do about it.
> > >
> > > Is there is a way to configure a list server to
> accept only PGP signed
> > > messages? That way, even if someone spoofs the
> email address of a
> > > subscriber, it would not do him any good unless
> he also has the PGP key
> > > of the subscriber.
> > > --
> > > Regards,
> > >
> > > Clifford Ilkay
> > > Dinamis Corporation
> > > 1419-3266 Yonge St.
> > > Toronto, ON
> > > Canada M4N 3P6
> > >
> > > <http://dinamis.com>
> > > +1 416-410-3326
> > > --
> > > The Toronto Linux Users Group. Meetings:
> http://gtalug.org/
> > > TLUG requests: Linux topics, No HTML, wrap text
> below 80 columns
> > > How to UNSUBSCRIBE:
> http://gtalug.org/wiki/Mailing_lists
> > >
> > --
> > The Toronto Linux Users Group. Meetings:
> http://gtalug.org/
> > TLUG requests: Linux topics, No HTML, wrap text
> below 80 columns
> > How to UNSUBSCRIBE:
> http://gtalug.org/wiki/Mailing_lists
> >
> --
> The Toronto Linux Users Group. Meetings:
> http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text
> below 80 columns
> How to UNSUBSCRIBE:
> http://gtalug.org/wiki/Mailing_lists
>
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list