Re: [PLUG] Does someone have a virus?

Dayton Gray on 3 Feb 2004 15:34:02 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Does someone have a virus?

From: "Dayton Gray" <dgray@omnio.com>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] Does someone have a virus?

Date: Tue, 3 Feb 2004 10:34:37 -0500

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

On Tue, 3 Feb 2004 09:43:51 -0500, gabriel rosenkoetter wrote > Both of you, John and Dayton: > > On Tue, Feb 03, 2004 at 09:24:42AM -0500, John Lavin wrote: > > I've been getting a lot of them recently - I posted to debian-boot - > > spammers are spoofing your e-mail address and any bounces go back to > > you. > > On Tue, Feb 03, 2004 at 09:16:29AM -0500, Dayton Gray wrote: > > The best solution to this problem would be to check your e-mail in Linux.. > > C'mon now, put the Linux back into PLUG! > > have missed the point of Brad's post: > > On Tue, Feb 03, 2004 at 08:59:07AM -0500, Bradley Molnar wrote: > > Now, I don't have Mydoom, but, the e-mail it was sent to is the one I only > > ^^^^^^ > > use for this mailing list. Since the virus scans your inbox (and isn't > ^^^^^^^^^^^^^^^^^^^^^^^^^ > > itself a spam harvestor) there is a strong possibility that someone on the > > list has this virus. > > His point is that the address that the virus spoofed (brad- > plug@litech.org) is one that no one could have except by having an > email from him, to PLUG, in their inbox at the time of infection. > > > If anyone has a dsl from coltfrance.com, you might want to run a virus > > scanner. > > Brad's right, and it shouldn't be hard for the infected party to > recognize this. (Assuming that the /^Received: from/ headers on the > message included in the bounce back to you are valid may be a bit > of a stretch, Brad, but they might very well be, so it's helpful.) > > Brad wasn't asking the "How'd this come from my address?" question > (he understands, as everyone who uses SMTP should, and as has been > mentioned plenty frequently on this mailing list, that /^From / > headers are easy to spoof), nor was he asking to be reprimanded (or > to have the infected party reprimanded) for their entirely personal > choice of mail user agents. > > On the point of that reprimand: it's unfair. There are certainly > circumstances (in corporate environments particularly) where the > only permitted mail user agent is Outlook. That's no reason these > people should be booted from PLUG. Even outside of that, > participation in a LUG mailing list neither implies nor requires > Linux usage. (As it happens, I'm a prime example of this, though my > operating system of choice isn't Windows either.) > > On Tue, Feb 03, 2004 at 09:21:13AM -0500, Chris wrote: > > Since I am new to this list I'm not sure how you guys work this but are > > these archives on the inet site? If they are all of our email addresses are > > subject to crawling spambots. > > This has been done to death here already. > > I'm of the firm opinion that "spam-blocking" mailing list archives > is a Bad Idea. Concisely: > > 1. It doesn't work anyway. (If you algorithmically obscure email > addresses in any non-destructive way, they can algorithmically > un-obscure them.) > > 2. Altering the content of archived messages is Wrong. It's > ethically wrong without the express permission of the author of the > message, and, less nebulously, it breaks PGP signatures. (Note that > obscuring just the headers of a message is insufficient to > spam-block mailing list archives; think signature.) > > It is not PLUG's responsibility to protect you from spam. PLUG is a > public forum: anyone (including spammers) can subscribe, and what > you say here is public, not private. If you're not comfortable with > that, then you can unsubscribe. If you just want to spam block your > email address in the archives, Mailman makes that very easy. > (Subscribe from a bogus address in addition to your real address. > Activate the "nomail" option for the bogus address so that list mail > doesn't go to it and bounce. Only post from the bogus address.) > > I'd be open to the idea of running PLUG email through something like > SpamAssassin or Spamprobe before relaying it out to the mailing list > so that the headers would be tagged without effort on the > recipient's end. I'd even do the leg work for that. > > If you want to argue with me (or anyone else; say MCT, on whose > system the mail archives reside) about these points, please do so > privately. We don't need to have a public fight about this a third > time in a year. > > -- > gabriel rosenkoetter > gr@eclipsed.net I apologize for the language used in my e-mail. I did not mean to 'reprimand' anyone for not running Linux. It was meant to be taken light-heartedly. I am in fact (not by choice) using an M$ OS to type this e-mail from the place of my employment. Thank you for the clarification Gabriel. -Dayton ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

[PLUG] Does someone have a virus?
From: "Bradley Molnar" <brad-plug@litech.org>

Re: [PLUG] Does someone have a virus?
From: John Lavin <jlavin@linuxtech.com>

RE: [PLUG] Does someone have a virus?
From: "Chris" <chris@chrisbovasso.com>

Re: [PLUG] Does someone have a virus?
From: "Dayton Gray" <dgray@omnio.com>

Re: [PLUG] Does someone have a virus?
From: gabriel rosenkoetter <gr@eclipsed.net>

Prev by Date: Re: [PLUG] Does someone have a virus?

Next by Date: Re: [PLUG] verizon DSL

Previous by thread: Re: [PLUG] Does someone have a virus?

Next by thread: RE: [PLUG] Does someone have a virus?

Index(es):

Date

Thread