--- Begin Message ---
Subject: |
Re: [Savannah-help-public] Fw: [Groff] Spam |
Date: |
Tue, 4 Jul 2006 15:08:18 +0200 |
User-agent: |
Mutt/1.5.11+cvs20060403 |
Well, Mailman's authentication model is very weak, that's the problem.
The FSF sysadmins have been working on something better for spam. This
may mitigate the problem - when it's done.
Else, you can moderate all posts on your list. Or set address@hidden as a
moderated member.
Else, you can write a new feature in Mailman to check for GPG
signatures, and have every subscriber sign their mail.
I don't see much else to do... :/
--
Sylvain
On Sun, Jul 02, 2006 at 11:30:31PM +0200, Werner LEMBERG wrote:
>
> Perhaps you can add some comments...
>
>
> Werner
> X-Mailer: XFMail 1.3-alpha-031298 [p0] on Linux
> Date: Sun, 02 Jul 2006 16:50:49 +0100 (BST)
> From: Ted Harding <address@hidden>
> To: walter harms <address@hidden>
> Subject: RE: [Groff] Spam
> Cc: address@hidden
>
> On 01-Jul-06 walter harms wrote:
> > hi people,
> > i get a bunch of spam since a few days via this list.
> >
> > Am i the only one or have some more people seen spam also ?
> >
> > re,
> > wh
>
> I should think everyone has. And not just the last few days.
> Last Thu-Fri (22-23 June) I got 12 such messages.
> Then Tue-Wed (27-28 June) I got 17 of them.
>
> I also received a number later in the week but simply deleted
> them without inspection.
>
> All the above-itemised emails were sent to the list with "From:"
> addresses like
>
> Williams <address@hidden>
>
> with various other names also in place of "Williams", like
> "Darla", "Dave", "Molly", "Harriet" ... , but they all have
> "address@hidden".
>
> Of course, "address@hidden" is our Werner Lemberg, which is why
> these messages were allowed through to the list, since Werner
> is of course subscribed to the list.
>
> These "From:" addresses are of course forged, and no blame
> whatsoever can be attributed to Werner.
>
> But this forgery also means that it is impossible to prevent
> them coming through to the list -- unless perhaps (in view of
> their content) they could be trapped by a spam-filter. Whether
> that is a reasonable option is something for the list managers
> at gnu.org to consider.
>
> For what it's worth, during the second phase (27-28) above,
> I also received additional copies of some of these directly to
> my email address (i.e. not via the list). For example:
>
> From: Cecile <address@hidden>
> To: address@hidden
> Subject: [Groff] prOblems with meds expencies, you Are On right way
>
> From: Cecile <address@hidden>
> To: address@hidden
> Subject: prOblems with meds expencies, you Are On right way
>
> Note the interesting comparison between the two "From:" addrsses.
> And there is no such user as TNkX on nessie.mcc.ac.uk
>
> They were received directly by gnu.org from some 16 different IP
> addresses (the ones sent directly to me also being from these
> addresses), and the typical relevant header is:
>
> Received: from [253.21.8.247] (port=3275 helo=253.21.8.247)
> by gnu.org with esmtp
> Received: from [253.21.8.247] (port=9752 helo=253.21.8.247)
> by gnu.org with esmtp
>
> etc., so it looks as though gnu.org is allowing them in
> without attempting a reverse DNS lookup -- and indeed, though
> I have not checked every case, the 6 or so I have checked do
> not resolve.
>
> Hence, I wonder if this amouts to gnu.org acting as an open
> relay?
>
> Best wishes to all,
> Ted.
>
> --------------------------------------------------------------------
> E-Mail: (Ted Harding) <address@hidden>
> Fax-to-email: +44 (0)870 094 0861
> Date: 02-Jul-06 Time: 16:50:39
> ------------------------------ XFMail ------------------------------
--- End Message ---