[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Groff] Offtopic: any possibility this lists spam issue might be fixed?
|
From: |
Bruno Hertz |
|
Subject: |
[Groff] Offtopic: any possibility this lists spam issue might be fixed? |
|
Date: |
29 May 2004 12:41:11 +0200 |
Hi
I know this has been subject of previous discussion but I wonder wether
it's actually been resolved.
As others reported, I too get spam through this list, albeit it doesn't
seem to appear in the archive.
Particularly annoying are spam mails which use list member name as fake
sender addresses. Recently, this happened several times with Ted's mail
address.
Without being a mail geek, from looking at the headers, spam mails seem
to go through the same processing as legitimate mails, i.e. you have
lines like
Received: from 212.72.72.97 (HELO ffii.org) (212.72.72.97) by
mta118.mail.scd.yahoo.com with SMTP; Fri, 28 May 2004 20:08:23 -0700
Received: (qmail 12539 invoked from network); 29 May 2004 03:08:17 -0000
Received: from unknown (HELO genba) (127.0.0.1) by localhost with SMTP;
29 May 2004 03:08:17 -0000
Delivered-To: address@hidden
Received: (qmail 11297 invoked by uid 64014); 29 May 2004 03:07:18 -0000
Received: from address@hidden by genba by uid 64011 with
qmail-scanner-1.16 29 May 2004 03:07:18 -0000
X-Spam-Status: No, hits=0.0 required=5.0
Received: from unknown (HELO fencepost.gnu.org) (199.232.76.164) by
genba.ffii.org with SMTP; 29 May 2004 03:07:15 -0000
This is a partial header taken from one of Ted's mails. You see a
delivery chain
fencepost.gnu.org -> genba -> list -> ffi.org -> yahoo.com
where fencepost is on Ted's and yahoo on my side. Also, there seems
to happen some internal processing like spam checking on genba.
Now the same lines taken from a spam mail
Received: from 212.72.72.97 (HELO ffii.org) (212.72.72.97) by
mta131.mail.scd.yahoo.com with SMTP; Fri, 28 May 2004 17:33:17 -0700
Received: (qmail 21173 invoked from network); 29 May 2004 00:33:14 -0000
Received: from unknown (HELO genba) (127.0.0.1) by localhost with SMTP;
29 May 2004 00:33:14 -0000
Delivered-To: address@hidden
Received: (qmail 21005 invoked by uid 64014); 29 May 2004 00:32:12 -0000
Received: from address@hidden by genba by uid 64011 with
qmail-scanner-1.16 29 May 2004 00:32:12 -0000
X-Spam-Status: Yes, hits=5.5 required=5.0
Received: from unknown (HELO 212.72.72.97) (219.95.212.1) by
genba.ffii.org with SMTP; 29 May 2004 00:32:09 -0000
Two things catch the eye: the host connecting to genba 219.95.212.1
lies about it's ip address in HELO, and there's a X-Spam-Status entry
with value 5.5, which classifies this mail as spam. Plus, if you do an
nslookup on the sender's host 219.95.212.1 it will fail.
Correct me if I'm wrong, but to me this looks like
(1) genba does not a reverse DNS lookup on connecting hosts
(2) although there is internal spam checking on genba, it does not
prevent spam mails from being forwarded.
Summary question hence: if the above observations are correct, can
they be fixed?
Thanks, Bruno.
- [Groff] Offtopic: any possibility this lists spam issue might be fixed?,
Bruno Hertz <=