Dayton Gray on 3 Feb 2004 15:34:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Does someone have a virus? 

On Tue, 3 Feb 2004 09:43:51 -0500, gabriel rosenkoetter wrote
> Both of you, John and Dayton:
> 
> On Tue, Feb 03, 2004 at 09:24:42AM -0500, John Lavin wrote:
> > I've been getting a lot of them recently - I posted to debian-boot -
> > spammers are spoofing your e-mail address and any bounces go back to
> > you.
> 
> On Tue, Feb 03, 2004 at 09:16:29AM -0500, Dayton Gray wrote:
> > The best solution to this problem would be to check your e-mail in 
Linux.. 
> > C'mon now, put the Linux back into PLUG!
> 
> have missed the point of Brad's post:
> 
> On Tue, Feb 03, 2004 at 08:59:07AM -0500, Bradley Molnar wrote:
> > Now, I don't have Mydoom, but, the e-mail it was sent to is the one I only
> 
>  ^^^^^^
> > use for this mailing list.  Since the virus scans your inbox (and isn't
>   ^^^^^^^^^^^^^^^^^^^^^^^^^
> > itself a spam harvestor) there is a strong possibility that someone on the
> > list has this virus.
> 
> His point is that the address that the virus spoofed (brad-
> plug@litech.org) is one that no one could have except by having an 
> email from him, to PLUG, in their inbox at the time of infection.
> 
> > If anyone has a dsl from coltfrance.com, you might want to run a virus
> > scanner.
> 
> Brad's right, and it shouldn't be hard for the infected party to
> recognize this. (Assuming that the /^Received: from/ headers on the
> message included in the bounce back to you are valid may be a bit
> of a stretch, Brad, but they might very well be, so it's helpful.)
> 
> Brad wasn't asking the "How'd this come from my address?" question 
> (he understands, as everyone who uses SMTP should, and as has been 
> mentioned plenty frequently on this mailing list, that /^From / 
> headers are easy to spoof), nor was he asking to be reprimanded (or 
> to have the infected party reprimanded) for their entirely personal 
> choice of mail user agents.
> 
> On the point of that reprimand: it's unfair. There are certainly
> circumstances (in corporate environments particularly) where the
> only permitted mail user agent is Outlook. That's no reason these
> people should be booted from PLUG. Even outside of that,
> participation in a LUG mailing list neither implies nor requires
> Linux usage. (As it happens, I'm a prime example of this, though my
> operating system of choice isn't Windows either.)
> 
> On Tue, Feb 03, 2004 at 09:21:13AM -0500, Chris wrote:
> > Since I am new to this list I'm not sure how you guys work this but are
> > these archives on the inet site? If they are all of our email addresses 
are
> > subject to crawling spambots.
> 
> This has been done to death here already.
> 
> I'm of the firm opinion that "spam-blocking" mailing list archives
> is a Bad Idea. Concisely:
> 
> 1. It doesn't work anyway. (If you algorithmically obscure email
> addresses in any non-destructive way, they can algorithmically
> un-obscure them.)
> 
> 2. Altering the content of archived messages is Wrong. It's
> ethically wrong without the express permission of the author of the
> message, and, less nebulously, it breaks PGP signatures. (Note that
> obscuring just the headers of a message is insufficient to
> spam-block mailing list archives; think signature.)
> 
> It is not PLUG's responsibility to protect you from spam. PLUG is a
> public forum: anyone (including spammers) can subscribe, and what
> you say here is public, not private. If you're not comfortable with
> that, then you can unsubscribe. If you just want to spam block your
> email address in the archives, Mailman makes that very easy.
> (Subscribe from a bogus address in addition to your real address.
> Activate the "nomail" option for the bogus address so that list mail
> doesn't go to it and bounce. Only post from the bogus address.)
> 
> I'd be open to the idea of running PLUG email through something like
> SpamAssassin or Spamprobe before relaying it out to the mailing list
> so that the headers would be tagged without effort on the
> recipient's end. I'd even do the leg work for that.
> 
> If you want to argue with me (or anyone else; say MCT, on whose
> system the mail archives reside) about these points, please do so
> privately. We don't need to have a public fight about this a third
> time in a year.
> 
> -- 
> gabriel rosenkoetter
> gr@eclipsed.net

I apologize for the language used in my e-mail. I did not mean to 'reprimand' 
anyone for not running Linux. It was meant to be taken light-heartedly. I am 
in fact (not by choice) using an M$ OS to type this e-mail from the place of 
my employment. Thank you for the clarification Gabriel.

-Dayton

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug