RE: SPAM: dealing with it

From: dr d b karron (karron@casi.net)
Date: Sun May 19 2002 - 19:28:03 MDT


Spam from public mailing lists is getting so bad that I lurk much more than
I prefer to
because after every posting I get a new volly of spam.
I have heavy filtering on my inbox, and basically I don't see mail (right
away, I do look
at my junk mail box every once and a while) except if I know the person
sending it to me and they
send it from a known host.

Easily I am seeing 20:1 spam to valid messages, so much so I can't download
my mail using a slow air modem
any more. I plan on setting up my own domain SMTP with heavy spam
filtering. My ISP is joining a spam service
so that known spam is not propgated from unknown hosts, open relays, or
hosts from suspect domains (.ru, .kr are the worst).

Some large middle east ISP are also exceptionally horrid, and I have
corresponded with the postmasters there but they
just shrug and seem to feel if their users pay for the account, they can
spam away.

I do monitor this group, and occasionally forward interesting notes to my
class (I teach CS at a local university).
I think we need closed groups, or groups hosted on specal hosts that can do
somthing about people trolling for new
addresses on anything sent to a group. Possibly some members are really
dummies, where mailing list trolls join groups just compile mailing
addresses.

Oh well, I should be working anyway...

Dr. K

-----Original Message-----
From: owner-extropians@extropy.org
[mailto:owner-extropians@extropy.org]On Behalf Of Christian Weisgerber
Sent: Sunday, May 19, 2002 6:35 PM
To: extropians@extropy.org
Subject: Re: SPAM: dealing with it

Robert J. Bradbury <bradbury@aeiveos.com> wrote:

> It gave me a *lot* of pleasure to switch my SPAMREPLY
> code from the test mode to the mode where the messages
> get bounced and their ISP's get notified... :-;

I advise against bouncing spam. The bounce will not get back to
the spammer. It may be undeliverable, just disappear somewhere,
or end up at another victim.

Similar caution needs to be exercised when identifying the point
of origin for further action. The only information you can trust
is the Received stamp from the last host you consider trustworthy.
Typically, it will mention the IP address of the machine that
delivered the message. All preceding Received lines, envelope
addresses, and the normal header can be entirely fictitious. Be
very, very careful that you don't shoot an innocent person.

> So, I'm now saving time by not having to sort the messages
> myself though the downside is that I need to review
> multiple folders for email (there ought to be meta-folder
> with the folders with unread mail according to some
> priority system -- anyone know of an email system that
> has this, esp. for Linux?).

Personally, I feed all mailing lists to a mail-to-news gateway that
posts the messages to local newsgroups which I read along with a
bit of USENET news. Newsreaders have been optimized to deal with
lots of traffic. There is enough legitimate but just as annoying
crap on public lists and in newsgroups that it drowns out spam
there.

Only personal messages and spam addressed to me still end up in my
mailbox.

> What I have discovered is that there is a *lot* of spam
> traffic out there and it seems to be increasing.

Yes.

> I'm up to getting 2-3 copies a day of the same message from
> different sources in some cases. I wasn't aware of this
> last year because I was using the sendmail Black List
> code to block the receipt of most of this.

Oh, the upstream servers that accept my mail all employ a variety
of basic filtering mechanisms such as subscribing to the RBL and
similar services. This is elementary. I don't know how much of
the tide it stems.

--
Christian "naddy" Weisgerber                          naddy@mips.inka.de


This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:14:13 MST