| gabriel rosenkoetter on 3 Feb 2004 14:44:02 -0000 |
|
Both of you, John and Dayton:
On Tue, Feb 03, 2004 at 09:24:42AM -0500, John Lavin wrote:
> I've been getting a lot of them recently - I posted to debian-boot -
> spammers are spoofing your e-mail address and any bounces go back to
> you.
On Tue, Feb 03, 2004 at 09:16:29AM -0500, Dayton Gray wrote:
> The best solution to this problem would be to check your e-mail in Linux..
> C'mon now, put the Linux back into PLUG!
have missed the point of Brad's post:
On Tue, Feb 03, 2004 at 08:59:07AM -0500, Bradley Molnar wrote:
> Now, I don't have Mydoom, but, the e-mail it was sent to is the one I only
^^^^^^
> use for this mailing list. Since the virus scans your inbox (and isn't
^^^^^^^^^^^^^^^^^^^^^^^^^
> itself a spam harvestor) there is a strong possibility that someone on the
> list has this virus.
His point is that the address that the virus spoofed (brad-plug@litech.org)
is one that no one could have except by having an email from him, to
PLUG, in their inbox at the time of infection.
> If anyone has a dsl from coltfrance.com, you might want to run a virus
> scanner.
Brad's right, and it shouldn't be hard for the infected party to
recognize this. (Assuming that the /^Received: from/ headers on the
message included in the bounce back to you are valid may be a bit
of a stretch, Brad, but they might very well be, so it's helpful.)
Brad wasn't asking the "How'd this come from my address?" question (he
understands, as everyone who uses SMTP should, and as has been
mentioned plenty frequently on this mailing list, that /^From /
headers are easy to spoof), nor was he asking to be reprimanded (or
to have the infected party reprimanded) for their entirely personal
choice of mail user agents.
On the point of that reprimand: it's unfair. There are certainly
circumstances (in corporate environments particularly) where the
only permitted mail user agent is Outlook. That's no reason these
people should be booted from PLUG. Even outside of that,
participation in a LUG mailing list neither implies nor requires
Linux usage. (As it happens, I'm a prime example of this, though my
operating system of choice isn't Windows either.)
On Tue, Feb 03, 2004 at 09:21:13AM -0500, Chris wrote:
> Since I am new to this list I'm not sure how you guys work this but are
> these archives on the inet site? If they are all of our email addresses are
> subject to crawling spambots.
This has been done to death here already.
I'm of the firm opinion that "spam-blocking" mailing list archives
is a Bad Idea. Concisely:
1. It doesn't work anyway. (If you algorithmically obscure email
addresses in any non-destructive way, they can algorithmically
un-obscure them.)
2. Altering the content of archived messages is Wrong. It's
ethically wrong without the express permission of the author of the
message, and, less nebulously, it breaks PGP signatures. (Note that
obscuring just the headers of a message is insufficient to
spam-block mailing list archives; think signature.)
It is not PLUG's responsibility to protect you from spam. PLUG is a
public forum: anyone (including spammers) can subscribe, and what
you say here is public, not private. If you're not comfortable with
that, then you can unsubscribe. If you just want to spam block your
email address in the archives, Mailman makes that very easy.
(Subscribe from a bogus address in addition to your real address.
Activate the "nomail" option for the bogus address so that list mail
doesn't go to it and bounce. Only post from the bogus address.)
I'd be open to the idea of running PLUG email through something like
SpamAssassin or Spamprobe before relaying it out to the mailing list
so that the headers would be tagged without effort on the
recipient's end. I'd even do the leg work for that.
If you want to argue with me (or anyone else; say MCT, on whose
system the mail archives reside) about these points, please do so
privately. We don't need to have a public fight about this a third
time in a year.
--
gabriel rosenkoetter
gr@eclipsed.net
Attachment:
pgpml8iVAmVgn.pgp
|
|