Great Circle Associates List-Managers
(November 1995)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Cyberangels [FWD from Cypherpunks]
From: Dave Del Torto <ddt @ lsd . com>
Date: Sun, 26 Nov 1995 18:27:54 -0800
To: "E. ALLEN SMITH" <EALLENSMITH @ mbcl . rutgers . edu>
Cc: List Managers List <list-managers @ greatcircle . com>

>Date: Sun, 26 Nov 1995 18:26 EDT
 mbcl .
 rutgers .
>Subject: Cyberangels
>To: cypherpunks @
 toad .
>Some may have already seen this, but the Guardian Angels are trying to
>intrude onto the net... and are doing so in typical clueless newbie
>fashion. See the CUDigest web site for more information; the links to the
>most significant issues are:
> <> and
> <>.
>Some interesting commentary is also in:
> <>.
>Incidentally, one way in which they are displaying cluelessness is in
>taking L.Detweiler seriously.
>	-Allen

Interesting stuff, Allen, even if some of these "horn-blowers" are a bit
clueless, to be sure. There has been some discussion on List-Managers about
these issues. Folks there will find some LM-pertinent material on spam wars
and growing grassroots organization against it in the first URL (search on
"CyberAngels FAQ file" and ": The War Has Started").

An excerpt from cud786's "Attention Spammer" article:

>    a) Improve majordomo and listserv to recognize obviously forged
>    headers and dump the messages.  This is a simple change.  If the
>    supposedly "verified" From: line is non-conforming, trash the
>    message.  Some examples include:
>        . more than one "from" address
>        . totally ridiculous site names, especially where the
>          top-level domain (the last one) isn't one of the "standard"
>          three-letter names or a two-letter country code.
>    b) A further improvement involves actually verifying the From:
>    line before sending the message out again.  This would be more
>    work, but would make the spammer's job much more difficult.  When
>    processing a message, majordomo/listserv should open an SMTP
>    connection to the site shown in the "From:" header.  If that can't
>    be done, the Return-Path and/or Received: headers should be parsed
>    to find a system that _can_ be connected to.
>    If the From: site is "real", majordomo/listserv should go further
>    and verify that a RCPT-TO: will be accepted by the smtpd at that site.
>    If it isn't real, at least verify that the next-site in the
>    return-path is acceptable (RCPT-TO: postmaster @

Of course, the author's definition of "obvious" is really the crux here,
isn't it? :) Well I suppose, it's good that people are at least beginning
to think about this on a wider scale. Any general increase in the use of
gray matter is a positive thing, IMHO. ;)

Anyone have comments on verifying via SMTP? It's probably only viable for
low-volume lists, I'd guess.


"I could be mistaken, maybe it was _another_ bald-headed jigsaw-puzzle-
 tattooed naked guy." --David Duchovny (Agent Fox Mulder on 'The X-Files')

Indexed By Date Previous: Re: Netiquette of mailto: URLs?
From: mcb @ postmodern . com (Michael C. Berch)
Next: Re: Cyberangels [FWD from Cypherpunks]
From: Eric Thomas <ERIC @ SEARN . SUNET . SE>
Indexed By Thread Previous: Re: Netiquette of mailto: URLs?
From: Lazlo Nibble <lazlo @ swcp . com>
Next: Re: Cyberangels [FWD from Cypherpunks]
From: Eric Thomas <ERIC @ SEARN . SUNET . SE>

Search Internet Search