Re: [htdig] KICK THE SPAMMERS OFF ASAP PLEASE


Subject: Re: [htdig] KICK THE SPAMMERS OFF ASAP PLEASE
From: Gilles Detillieux (grdetil@scrc.umanitoba.ca)
Date: Fri Oct 13 2000 - 16:02:29 PDT


According to Peter L. Peres:
> What is the qualitative and quantitative point at which the sky begins to
> fall ? Have you set a limit ? Or is this a 'as you feel' thing. Or is it
> decided democratically by the number of people who scream or unsubscribe ?

I'd say it's a 'collective feel' thing. If enough people felt the problem
had gotten so bad they'd rather drop off the list than stay and endure it,
and told us so, I think the developers would vote to close the lists and
find some alternative means for non-subscribers to post questions.

> Anyway, here are $0.002 of tips about how to improve immunity:
>
> 1. htdig currently accepts postings when it (htdig) is in a cc address. It
> should not, it should only accept postings when it is in the To: field.
> This is a VERY BASIC spamblock that eliminates 95% of spam in my
> experience. All spam travels by bcc or cc. htdig should DEFINITELY NEVER
> accept a message which reached it because it is a recipient in a Bcc list.
> People are not shy about posting to a mailing list, and they must have no
> reasons to keep the posting secret from other recipients.

I'm almost certain that htdig.org's list server does this. I tried a
while ago to simply bounce to the list a message that I had forgotten
to CC to the list, and it was rejected because the list address wasn't
in the headers. I'm pretty sure the spams we had received did indeed
include the list address in their To or Cc header. I can't confirm this
because I didn't save any copies of these spams, the list archives don't
show full headers, and of course we haven't received any new spams in the
past day and a half (crisis? what crisis?) for me to take a closer look.

If this feature has been turned off on our list server recently, I'd agree
that it should be turned back on. Let's just wait and see what the weekend
brings our way.

> 2. A message filter can be implemented, such that any message posted by
> someone who is not subscribed, and does not contain at least one of a few
> keywords (like: htdig htdig.org 3.1.5 or any one of the more meaningfull
> tag names in the config files etc) it will be rejected.

Hmmm. I'm pretty skeptical about message filters, because they can
be pretty indiscriminate. You'd be amazed at how creative users can
be at coming up with alternate spellings of the package name or config
attributes, or alternate version numbering schemes (if they give version
numbers at all), so there's enormous potential for rejecting stuff that
ought to go through.

> None of these requires closing the list, and both can be implemented in 5
> minutes, the first with procmail, the second with a simple Perl script, or
> just procmail too. Once can use a Shell or Perl script to build the
> procmail rule filter from one of the documentation files (which contains
> the tag names).
>
> thank you for your patience,
>
> Peter

Thanks for the feedback. I guess we'd consider filtering if things get
worse, as an alternative to closing the list, if it would fit nicely into
the existing qmail setup.

-- 
Gilles R. Detillieux              E-mail: <grdetil@scrc.umanitoba.ca>
Spinal Cord Research Centre       WWW:    http://www.scrc.umanitoba.ca/~grdetil
Dept. Physiology, U. of Manitoba  Phone:  (204)789-3766
Winnipeg, MB  R3E 3J7  (Canada)   Fax:    (204)789-3930

------------------------------------ To unsubscribe from the htdig mailing list, send a message to htdig-unsubscribe@htdig.org You will receive a message to confirm this. List archives: <http://www.htdig.org/mail/menu.html> FAQ: <http://www.htdig.org/FAQ.html>



This archive was generated by hypermail 2b28 : Fri Oct 13 2000 - 16:07:13 PDT